hello! i am a beginner in java.
i have this jsp's that can log in and register and saves the data to mysql.
now my problem is the change password i dont really get it. can u guys help me?
here are my codes.
there is an error in change.jsp
database
CREATE TABLE `members` ( `id` int(10) unsigned NOT NULL auto_increment, `first_name` varchar(45) NOT NULL, `last_name` varchar(45) NOT NULL, `email` varchar(45) NOT NULL, `uname` varchar(45) NOT NULL, `pass` varchar(45) NOT NULL, `regdate` date NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
index.jsp
<%@page contentType="text/html" pageEncoding="UTF-8"%> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>JSP Example</title> </head> <body> <form method="post" action="login.jsp"> <center> <table border="1" width="30%" cellpadding="3"> <thead> <tr> <th colspan="2">Login Here</th> </tr> </thead> <tbody> <tr> <td>User Name</td> <td><input type="text" name="uname" value="" /></td> </tr> <tr> <td>Password</td> <td><input type="password" name="pass" value="" /></td> </tr> <tr> <td><input type="submit" value="Login" /></td> <td><input type="reset" value="Reset" /></td> </tr> <tr> <td colspan="2">Yet Not Registered!! <a href="reg.jsp">Register Here</a></td> </tr> </tbody> </table> </center> </form> </body> </html>
login.jsp
<%@ page import ="java.sql.*" %> <% String userid = request.getParameter("uname"); String pwd = request.getParameter("pass"); Class.forName("com.mysql.jdbc.Driver"); Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/users", "root", ""); Statement st = con.createStatement(); ResultSet rs; rs = st.executeQuery("select * from members where uname='" + userid + "' and pass='" + pwd + "'"); if (rs.next()) { session.setAttribute("userid", userid); //out.println("welcome " + userid); //out.println("<a href='logout.jsp'>Log out</a>"); response.sendRedirect("success.jsp"); } else { out.println("Invalid password <a href='index.jsp'>try again</a>"); } %>
reg.jsp
<%@page contentType="text/html" pageEncoding="UTF-8"%> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Registration</title> </head> <body> <form method="post" action="registration.jsp"> <center> <table border="1" width="30%" cellpadding="5"> <thead> <tr> <th colspan="2">Enter Information Here</th> </tr> </thead> <tbody> <tr> <td>First Name</td> <td><input type="text" name="fname" value="" /></td> </tr> <tr> <td>Last Name</td> <td><input type="text" name="lname" value="" /></td> </tr> <tr> <td>Email</td> <td><input type="text" name="email" value="" /></td> </tr> <tr> <td>User Name</td> <td><input type="text" name="uname" value="" /></td> </tr> <tr> <td>Password</td> <td><input type="password" name="pass" value="" /></td> </tr> <tr> <td><input type="submit" value="Submit" /></td> <td><input type="reset" value="Reset" /></td> </tr> <tr> <td colspan="2">Already registered!! <a href="index.jsp">Login Here</a></td> </tr> </tbody> </table> </center> </form> </body> </html>
registration.jsp
<%@ page import ="java.sql.*" %> <% String user = request.getParameter("uname"); String pwd = request.getParameter("pass"); String fname = request.getParameter("fname"); String lname = request.getParameter("lname"); String email = request.getParameter("email"); Class.forName("com.mysql.jdbc.Driver"); Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/users", "root", ""); Statement st = con.createStatement(); ResultSet rs; int i = st.executeUpdate("insert into members(first_name, last_name, email, uname, pass, regdate) values ('" + fname + "','" + lname + "','" + email + "','" + user + "','" + pwd + "', CURDATE())"); if (i > 0) { //session.setAttribute("userid", user); response.sendRedirect("welcome.jsp"); // out.print("Registration Successfull!"+"<a href='index.jsp'>Go to Login</a>"); } else { response.sendRedirect("index.jsp"); } %>
changepass.jsp
<title>Change Password</title> <h1>Change Password</h1> <form method="post" action="change.jsp"> <table> <tr><td>Current Password</td><td><input type="password" name="current" ></td></tr> <tr><td>New Password</td><td><input type="password" name="new"></td></tr> <tr><td>Confirm Password</td><td><input type="password" name="confirm"></td></tr> <tr><td><input type="submit" value="Change Password"></td></tr> </table> </form>
change.jsp there is something wrong here
<%@page import="java.sql.*"%> <%@page import="java.io.*"%> <% String userid = request.getParameter("uname"); String pwd=request.getParameter("pass"); String Newpass=request.getParameter("new"); String conpass=request.getParameter("confirm"); String connectionURL = "jdbc:mysql://localhost:3306/users";;; Connection con=null; String pass=""; int id=0; try{ Class.forName("com.mysql.jdbc.Driver"); con = DriverManager.getConnection(connectionURL, "root", ""); Statement st=con.createStatement(); ResultSet rs=st.executeQuery("select * from members where pass='" + pwd + "'"); while(rs.next()){ id=rs.getInt(1); pass=rs.getString(3); } out.println(userid+ " "+pass); if(pwd.equals(conpass)){ Statement st1=con.createStatement(); int i=st1.executeUpdate("update members set pass='"+Newpass+"' where uname='"+userid+"'"); out.println("Password changed successfully"); st1.close(); con.close(); } else{ out.println("Invalid Current Password"); } } catch(Exception e){ out.println(e); } %>
logout.jsp
<% session.setAttribute("userid", null); session.invalidate(); response.sendRedirect("index.jsp"); %>