kizzieb
Posts: 5
|
| Posted: 10/27/2007, 6:42 AM |
|
I have used this forum a few times and nobody seems to respond to the questions. I am going to try once more. I am trying to create a login screen in JSP where the user has only three attempts before redirecting the user to register and also output the fields:
Username required
Password required
when the username and password fields are left blank. I am not using css and really would appreciate your help. I have tried everything, here is the login screen that I am tried to amend.
<%!
String LoginAction(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.http.HttpSession session, javax.servlet.jsp.JspWriter out, String sAction, String sForm, java.sql.Connection conn, java.sql.Statement stat) throws java.io.IOException {
String sLoginErr = "";
try {
final int iloginAction = 1;
final int ilogoutAction = 2;
String transitParams = "";
String sQueryString = "";
String sPage = "";
String sSQL="";
int iAction = 0;
if ( sAction.equals("login") ) iAction = iloginAction;
if ( sAction.equals("logout") ) iAction = ilogoutAction;
switch (iAction) {
case iloginAction: {
// Login action
String sLogin = getParam( request, "Login");
String sPassword = getParam( request, "Password");
java.sql.ResultSet rs = null;
rs = openrs( stat, "select member_id, member_level from members where member_login =" + toSQL(sLogin, adText) + " and member_password=" + toSQL(sPassword, adText));
if ( rs.next() ) {
// Login and password passed
session.setAttribute("UserID", rs.getString(1));
session.setAttribute("UserRights", rs.getString(2));
sQueryString = getParam( request, "querystring");
if ( isEmpty(sQueryString) ) {
sLoginErr = sLoginErr + "The value in field Login and password* is required.<br>";
}
sPage = getParam( request, "ret_page");
if ( ! sPage.equals(request.getRequestURI() ) && ! "".equals(sPage)) {
try {
if ( stat != null ) stat.close();
if ( conn != null ) conn.close();
}
catch ( java.sql.SQLException ignore ) {}
response.sendRedirect(sPage + "?" + sQueryString);
return "sendRedirect";
}
else {
try {
if ( stat != null ) stat.close();
if ( conn != null ) conn.close();
}
catch ( java.sql.SQLException ignore ) {}
response.sendRedirect("Redirect.jsp");
return "sendRedirect";
}
}
else sLoginErr = "Login Failed.";
rs.close();
break;
}
case ilogoutAction: {
// Logout action
session.setAttribute("UserID", "");
session.setAttribute("UserRights", "");
break;
}
}
}
catch (Exception e) { out.println(e.toString()); }
return (sLoginErr);
}
void Login_Show(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.http.HttpSession session, javax.servlet.jsp.JspWriter out, String sLoginErr, String sForm, String sAction, java.sql.Connection conn, java.sql.Statement stat) throws java.io.IOException {
try {
String sSQL="";
String transitParams = "";
String sQueryString = getParam( request, "querystring");
String sPage = getParam( request, "ret_page");
out.println(" <table style=\"\" border=1>");
out.println(" <tr>\n <td style=\"background-color: #5c4f94; text-align: Center; border-style: outset; border-width: 1\" colspan=\"2\"><font style=\"font-size: 10pt; color: #FFFFFF; font-weight: bold\">Enter login and password</font></td>\n </tr>");
if ( sLoginErr.compareTo("") != 0 ) {
out.println(" <tr>\n <td style=\"background-color: #dbe7f7; text-align: Center; border-style: outset; border-width: 1\" colspan=\"2\"><font style=\"font-size: 10pt; color: #FF0000; font-weight: bold\">"+sLoginErr+"</font></td>\n </tr>");
}
sLoginErr="";
out.println(" <form action=\""+sFileName+"\" method=\"POST\">");
out.println(" <input type=\"hidden\" name=\"FormName\" value=\"Login\">");
if ( session.getAttribute("UserID") == null || ((String) session.getAttribute("UserID")).compareTo("") == 0 ) {
// User did not login
out.println(" <tr>\n <td style=\"background-color: #9999CC; border-style: inset; border-width: 0\"><font style=\"font-size: 10pt; color: #000000\">Login</font></td><td style=\"background-color: #FFFFFF; border-width: 1\"><input type=\"text\" name=\"Login\" maxlength=\"50\" value=\""+toHTML(getParam( request, "Login"))+"\"></td>\n </tr>");
out.println(" <tr>\n <td style=\"background-color: #9999CC; border-style: inset; border-width: 0\"><font style=\"font-size: 10pt; color: #000000\">Password</font></td><td style=\"background-color: #FFFFFF; border-width: 1\"><input type=\"password\" name=\"Password\" maxlength=\"50\"></td>\n </tr>");
out.print(" <tr>\n <td colspan=\"2\"><input type=\"hidden\" name=\"FormAction\" value=\"login\"><input type=\"submit\" value=\"Login\">");
out.println("<input type=\"hidden\" name=\"ret_page\" value=\""+sPage+"\"><input type=\"hidden\" name=\"querystring\" value=\""+sQueryString+"\"></td>\n </form>\n </tr>");
}
else {
// User logged in
String sUserID = dLookUp( stat, "members", "member_login", "member_id =" + session.getAttribute("UserID"));
out.print(" <tr><td style=\"background-color: #FFFFFF; border-width: 1\"><font style=\"font-size: 10pt; color: #000000\">"+sUserID+" "+"</font><input type=\"hidden\" name=\"FormAction\" value=\"logout\"/><input type=\"submit\" value=\"Logout\"/>");
out.print("<input type=\"hidden\" name=\"ret_page\" value=\""+sPage+"\"><input type=\"hidden\" name=\"querystring\" value=\""+sQueryString+"\">");
out.println("</td>\n </form>\n </tr>");
}
out.println(" </table>");
}
catch (Exception e) { out.println(e.toString()); }
}
%>
|
 |
 |
Waspman
Posts: 948
|
| Posted: 10/28/2007, 2:38 AM |
|
If it were me - I'd count the failures is a session in the "before show" event. Then after the final attempt hide the login form and show a forgotten password form.
Not tried it, but would be easy to do.
Hope this helps 
Tony
_________________
http://www.waspmedia.co.uk |
|
|
|
|
