Jsp getting started Tutorial: User Login Password judgment code

Jsp getting started Tutorial: User Login Password judgment code

<% @ Page contentType = "text/html; charset = gb2312" language = "java" import = "java. SQL. *" errorPage = "" %>
<% @ Include file = "../DB. jsp" %>
<Jsp: useBean id = "loginMD5" scope = "page" class = "ITstudy_cn.tool.MD5"/>

<! DOCTYPE html PUBLIC "-// W3C // dtd xhtml 1.0 Transitional // EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<Html xmlns = "http://www.w3.org/1999/xhtml">
<Head>
<Meta name = "robots" content = "noindex, nofollow"/>
<Meta http-equiv = "Content-Type" content = "text/html; charset = gb2312"/>
<Title> logon check </title>
</Head>

<Body>
<%
String UserName = request. getParameter ("admin ");
String UserPwd = request. getParameter ("UserPassword ");
UserPwd = loginMD5.getMD5ofStr (UserPwd );
String rand = (String) session. getAttribute ("rand ");
String CheckCode = request. getParameter ("CheckCode ");
// String sel = request. getParameter ("sel_admin ");

Statement stmt_Check = conn. createStatement (ResultSet. TYPE_SCROLL_SENSITIVE, ResultSet. CONCUR_UPDATABLE );
String SQL = "select * from hl_admin where fPassword = '" + UserPwd + "' and fUserName = '" + UserName + "'";
ResultSet RsLoginCheck = stmt_Check.executeQuery (SQL );

If (RsLoginCheck. next ()){
If (rand. equals (CheckCode )){
// Out. print ("successful ");
Session. setAttribute ("AdminName", UserName );
Session. setAttribute ("Aforder", RsLoginCheck. getString ("forder "));
// If (sel. equals ("2 ")){
// Response. sendRedirect ("../enadmin/Ad_Index.jsp ");
//} Else {
Response. sendRedirect ("Ad_Index.jsp ");
//}
}
Else
{
Out. print ("the confirmation code you entered is inconsistent with the one generated by the system. Please enter it again. ");
}
}
Else
{
Out. print ("the user name or password is incorrect !!! ");
}
%>

<Br/>
========================

</Body>
</Html>
</Body>
</Html>
<%
RsLoginCheck. close ();
Stmt_Check.close ();
Conn. close ();
%>