Log-in

<%@ page language="java" import="java.sql.*, java.io.*, java.util.*, users.databases.*" %> <% /***** VARIABLE DECLARATION and INITIALIZATION *****/ boolean adminMember = false; boolean withError = false, fieldEmpty = false, invalidUser = false, invalidEntry = false; String strPwd1 = "", strEMail1 = "", strMessage = "", strFocus = ""; String strMainDB = "product_pgpClientInfoDB"; String strPageName = ""; // VALUE WILL DEPEND ON THE LOGNAME, ADMIN LOGNAME OR USER LOGNAME String strLogName = ""; byte bytLogStatus = 0; int intUserID = 0; ResultSet rs; strLogName = request.getParameter("lgn"); String strPwd2 = request.getParameter("pwd"); String strEMail2 = request.getParameter("ema"); byte errCounter = Byte.parseByte(request.getParameter("ctr")); /***** END OF VARIABLE DECLARATION *****/ strLogName = strLogName.trim(); strPwd2 = strPwd2.trim(); strEMail2 = strEMail2.trim(); if (strLogName.equals("")) { fieldEmpty = true; invalidUser = true; withError = true; } String SQLstmt = ""; if (fieldEmpty) { // DO NOTHING } else { // NO FIELD IS EMPTY strLogName = strLogName.toLowerCase(); strEMail2 = strEMail2.toLowerCase(); users.connect(strMainDB); SQLstmt = "SELECT Pwd_ID, Usr_Pwd FROM tblUserPwd WHERE Usr_LogName='" + strLogName + "';"; rs = users.listQueryWithDebug(SQLstmt,"123"); while (rs.next()) { intUserID = rs.getInt("Pwd_ID"); strPwd1 = rs.getString("Usr_Pwd"); } if (strPwd1.equals("")) { // USER LOGNAME DOES NOT EXIST invalidUser = true; withError = true; } else { // USER LOGNAME EXISTS if (strPwd1.equals(strPwd2)) { SQLstmt = "SELECT Usr_EMail FROM tblUserPwd JOIN tblUserInfo WHERE " + "Pwd_ID=Usr_ID AND Usr_LogName=\"" + strLogName + "\";"; rs = users.listQueryWithDebug(SQLstmt,"111"); while (rs.next()) { strEMail1 = rs.getString("Usr_EMail"); } if (strEMail1.equals(strEMail2)) { // DO NOTHING } else { // INVALID EMAIL invalidEntry = true; withError = true; } } else { // INVALID PASSWORD invalidEntry = true; withError = true; } } } if (invalidUser==false) { // INCREMENTS ERROR COUNTER ONLY WHEN USER LOGNAME EXISTS errCounter++; strFocus = "fmLogIn.pwd.focus();"; } else { // USER LOGNAME DOES NOT EXIST errCounter = -1; strFocus = "fmLogIn.lgn.focus();"; } if (withError) { if (errCounter >= 5) { // USER WITH EXISTING LOGNAME SUBMITTED INVALID ENTRIES 3 TIMES %> <% } else if (fieldEmpty) { strMessage = "
Please fill up all the fields."; } else if (invalidUser) { strMessage = "
Your USERNAME is INVALID!\n" + "
If you don't have an account yet, please register first as " + "new user. If you registered " + "with us before,\n" + "
please wait first for the ADMIN's response or " + "contact us to follow up your account.\n"; } else { // PASSWORD OR EMAIL IS INVALID strMessage = "
Either the PASSWORD or EMAIL ADDRESS you entered is invalid OR BOTH.\n" + "
Please check if you entered the same values you registered with us before."; } } else { // ALL SUBMITTED ENTRIES ARE VALID SQLstmt = "SELECT LogOnStatus FROM tblLogOn WHERE Usr_ID=" + intUserID + ";"; rs = users.listQueryWithDebug(SQLstmt,"22222"); while (rs.next()) { bytLogStatus = rs.getByte("LogOnStatus"); } if (bytLogStatus != 1) { // LOG CHECK RESULT - LOG-OUT SQLstmt = "INSERT INTO tblLogOn VALUES (" + intUserID + ",1);"; users.updateData(SQLstmt); } SQLstmt = "SELECT * FROM tblAdminGrp;"; rs = users.listQueryWithDebug(SQLstmt,"11111"); while (rs.next()) { String strAdminLogName = rs.getString("Usr_LogName"); if (strAdminLogName.toLowerCase().equals(strLogName)) { adminMember = true; } } if (adminMember) { strPageName = "../admin/admmain.jsp?aid=" + intUserID; } else { int intCompanyID = intUserID; String strStreet = ""; SQLstmt = "SELECT * FROM tblCoHeadOfc WHERE CoHO_ID=" + intUserID + " LIMIT 1;"; rs = users.listQuery(SQLstmt); while (rs.next()) { strStreet = rs.getString("CoHO_StreetAdd"); } if (strStreet.equals("")) { SQLstmt = "SELECT * FROM tblCompanyInfo WHERE Usr_ID=" + intUserID + " ORDER BY Co_ID LIMIT 1;"; rs = users.listQuery(SQLstmt); while (rs.next()) { intCompanyID = rs.getInt("Co_ID"); } } strPageName = "ofcmain.jsp?uid=" + intUserID + "&cid=" + intCompanyID + "&did=1"; } } users.disconnect(); /***** MERGING WITH HTML CODES STARTS HERE *****/ %> Log-in

Member's Login

<% if (withError) { %>

<%= strMessage %>

<% } else { // ALL SUBMITTED ENTRIES ARE VALID %> <% } %>

Copyright © 2001-2003 by Grafikoncepts and Designs, Inc.
A joint project of Grafikoncepts and Designs, Inc. and Digital Management and Solutions, Inc.
Layout by MVMG (VPIT), Digital Management and Solutions, Inc.