My task is generating random user id and password for user to log in my website. Below are the data that inserted into database.
es_usr_id <t> es_password
A1001 <t> MWKBSP
A1002 <t> MWKBSP
A1003 <t> MWKBSP
A1012 <t> KSOKFN
A1013 <t> KSOKFN
A308 <t> VIJOWC
A309 <t> VIJOWC
A400 <t> VIJOWC
The problem is i can log in using A1001, A1012 and A308 only. The rest user id and password got error and i can't log in with that. How can i log in using the entire user id and password that have been generated?
I include part of my coding:
form name="form1" method="post" action="admin.jsp"
usr_nme = request.getParameter("empname");
passwrd = request.getParameter("pw");
boolean check_user = true;
boolean check_pass = true;
String sql_1 = "SELECT * FROM esaccs "+
"WHERE es_iden <> 'P' AND (es_iden <> 'O' OR es_iden <> 'T') ";
Statement stmt_1 = conn.createStatement();
ResultSet rset_1 = stmt_1.executeQuery(sql_1);
while (rset_1.next()) {
acc_no = rset_1.getString("es_access_no");
usr_id = rset_1.getString("es_usr_id");
passwd = rset_1.getString("es_password");
status = rset_1.getString("es_sts");
identi = rset_1.getString("es_iden");
session.setAttribute("iden", identi);
if ((!usr_nme.equals(usr_id))) {
check_user = false;
} else {
check_user = true;
}
if (!passwrd.equals(passwd)) {
check_pass = false;
} else {
check_pass = true;
}
if (check_user==true && check_pass==true) {
break;
}
}
if (!check_user && check_pass) {
<center><h2>Invalid Login Name!</h2>
} else if (!check_pass && check_user) {
<center><h2>Invalid Password!</h2>
} else if (!check_user && !check_pass) { >
<center><h2>Invalid Login Name and Password!</h2>
< } else {
session.setAttribute("access_no", acc_no);
session.setAttribute("user_name", usr_nme);
session.setAttribute("password", passwrd);
boolean chk = false;
String sql = "SELECT * FROM fcrsdt "+
"WHERE fs_access_no = '"+String.valueOf(session.getAttribute("access_no" ))+"' ";
Statement stmt = conn.createStatement();
ResultSet rset = stmt.executeQuery(sql);
while(rset.next()) {
session.setAttribute("fs_lot_no", rset.getString("fs_lot_no"));
session.setAttribute("fs_access_no", rset.getString("fs_access_no"));
session.setAttribute("fs_name", rset.getString("fs_name"));
session.setAttribute("fs_proj_cde", rset.getString("fs_proj_cde"));
session.setAttribute("fs_phase_num", rset.getString("fs_phase_num"));
chk = true;
}
if (chk == false) {
String sql_2 = "SELECT fp_seq_no, fp_name FROM fcpubl "+
"WHERE fp_seq_no = '"+String.valueOf(session.getAttribute("access_no" ))+"' ";
Statement stmt_2 = conn.createStatement();
ResultSet rset_2 = stmt_2.executeQuery(sql_2);
while (rset_2.next()) {
int seqno;
seqno = rset_2.getInt("fp_seq_no");
String sequenceno="";
sequenceno=Integer.toString(seqno);
session.setAttribute("fp_seq_no",sequenceno);
session.setAttribute("fp_name", rset_2.getString("fp_name"));
}
}
if (check_user && check_pass && (identi.equals("O") || identi.equals("T") || identi.equals("P"))) {>
<h3> </h3>
<META HTTP-EQUIV="refresh" CONTENT="3; URL=admin.jsp">
<h3 align="center"><font color="#000099">Invalid Login!</font></h3>
<h3 align="center"><font color="#000099">You are not administrator, you have no authority to login.</font></h3>
< } else if (check_user && check_pass && identi.equals("A")) {
response.sendRedirect("mainframe.jsp");
}
} >
could not log in (JSP code) 
Linear Mode
