import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
import java.util.*;
import java.sql.*;
import com.brainysoftware.java.StringUtil;
public class RegistrationServlet extends HttpServlet {
private String firstName = "";
private String lastName = "";
private String userName = "";
private String password = "";
public void init() {
try {
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
System.out.println("JDBC driver loaded");
}
catch (ClassNotFoundException e) {
System.out.println(e.toString());
}
}
/**Process the HTTP Get request*/
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
sendPageHeader(response);
sendRegistrationForm(request, response, false);
sendPageFooter(response);
}
/**Process the HTTP Post request*/
public void doPost(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
sendPageHeader(response);
firstName = request.getParameter("firstName");
lastName = request.getParameter("lastName");
userName = request.getParameter("userName");
password = request.getParameter("password");
boolean error = false;
String message = null;
try {
Connection con = DriverManager.getConnection("jdbc:odbc:JavaWeb");
System.out.println("got connection");
Statement s = con.createStatement();
String sql = "SELECT UserName FROM Users" +
" WHERE userName='" + StringUtil.fixSQLFieldValue(userName) + "'";
ResultSet rs = s.executeQuery(sql);
if (rs.next()) {
rs.close();
message = "The user name " + StringUtil.encodeHtmlTag(userName) +
" has been taken. Please select another name.";
error = true;
}
else {
rs.close();
sql = "INSERT INTO Users" +
" (FirstName, LastName, UserName, Password)" +
" VALUES" +
" ('" + StringUtil.fixSQLFieldValue(firstName) + "'," +
" '" + StringUtil.fixSQLFieldValue(lastName) + "'," +
" '" + StringUtil.fixSQLFieldValue(userName) + "'," +
" '" + StringUtil.fixSQLFieldValue(password) + "')";
int i = s.executeUpdate(sql);
if (i==1) {
message = "Successfully added one user.";
}
}
s.close();
con.close();
}
catch (SQLException e) {
message = "Error." + e.toString();
error = true;
}
catch (Exception e) {
message = "Error." + e.toString();
error = true;
}
if (message!=null) {
PrintWriter out = response.getWriter();
out.println("" + message + "
");
out.println("