<%@ page language="java" import="java.sql.*,javax.naming.InitialContext,javax.sql.DataSource,java.security.*,java.math.*,java.util.*" errorPage="error.jsp" %> <%! String dbuser,dbpass,url,logDir; int flag = 0; %> <% logDir = (String) application.getInitParameter("LogBaseDir"); url = (String) application.getInitParameter("DBResName"); session.setAttribute("Sid","-1"); Connection con = null; ResultSet rs = null; Statement s = null; int flag = 0; String uid,pass,comp; uid = (String) request.getParameter("userid"); pass = (String) request.getParameter("password"); comp = (String) request.getParameter("cmbComp"); try { try { InitialContext cxt = new InitialContext(); DataSource ds = (DataSource) cxt.lookup( "java:/comp/env/"+url); if (ds == null) { throw new Exception("Data source not found!"); } con = ds.getConnection(); } catch(Exception e) { } if(uid == null || uid.trim().length() == 0) { uid = ""; } else { try { session.setAttribute("Sid", session.getId()); try { MessageDigest md = MessageDigest.getInstance("MD5"); md.update(pass.getBytes()); BigInteger hash = new BigInteger(1,md.digest()); pass = hash.toString(16); } catch(NoSuchAlgorithmException e) { } s = con.createStatement(); rs = s.executeQuery("select * from user where userid = '" + uid + "' and password = '" + pass + "' and company = '" + comp + "'"); if(rs.next()) { if(rs.getInt("flag") == 0) { flag = 2; } else { session.setAttribute("Uid",uid); session.setAttribute("Uname",rs.getString("username")); session.setAttribute("Utype",rs.getString("usertype")); session.setAttribute("Company",comp); try { rs.close(); rs = null; s.close(); s = null; con.close(); con = null; } catch(Exception e) { } response.sendRedirect("usrhome.jsp"); } } else { flag = 1; try { rs.close(); rs = null; s.close(); s = null; con.close(); con = null; } catch(Exception e) { } } } catch(SQLException e) { } finally { try { rs.close(); rs = null; s.close(); s = null; con.close(); con = null; } catch(Exception e) { } } } } catch(Exception e) { out.print(e.toString()); } %>

<%@ include file = "header.jsp" %>
	Company <% Statement sp = null; ResultSet rsp = null; try { try { InitialContext cxt = new InitialContext(); DataSource ds = (DataSource) cxt.lookup( "java:/comp/env/"+url); if (ds == null) { throw new Exception("Data source not found!"); } con = ds.getConnection(); } catch(Exception e) { } sp = con.createStatement(); rsp = sp.executeQuery("select distinct customerName from customer order by customerName"); out.print("Select Company"); while(rsp.next()) { if(rsp.getString(1) != null) { out.print("" + rsp.getString(1) + ""); } } } catch(Exception e) { } finally { try { rsp.close(); rsp = null; sp.close(); sp = null; con.close(); con = null; } catch(Exception e) { } } %> User ID Password     <% if(flag == 1) { out.print("Login failed"); } if(flag == 2) { out.print("Account not activated"); } %>       Change Password
<%@ include file = "footer.jsp" %>