changePasswordProcessing.jsp
<%--Called from changepassword JSP. Places the password and login name in the database replacing the old--%> <html> <head> <title> NewCompanyProcessing </title> </head> <body bgcolor = AAB6EC> <%@ page import= "java.sql.*" %> <%@ page import= "com.ConnectionPool2" %> <% //Permission is taken from the session object. String permission = (String)session.getAttribute("Permission"); //If the permission is 1 the client does not have permission to change //the passwords and so is forwarded to another page. if(permission.equals("1")) { %><jsp:forward page="PermissionNotGiven.jsp"/><% } String loginName = request.getParameter("LogginName"); String password1 = request.getParameter("Password1"); String password2 = request.getParameter("Password2"); //The two password are checked to see that they are equal and have therfore have been // correctly entered if they are not equal the user is forwarded to the main menu . if(!password1.equals(password2)) { %> <jsp:forward page="MainMenu.jsp"/> <% } Connection connection = ConnectionPool2.getConnection(); String company = (String)session.getAttribute("company"); //Update statement replaces the existing password and login name for the //company at the permission level chosen. System.out.println("chanfgepasswordprocessing"); String query = "UPDATE Login SET Password = '"+password1+"',LoginName = '"+loginName+"'WHERE CompanyName like '"+company+"' AND Permission like '"+permission+"'"; Statement statement = connection.createStatement(); statement.executeUpdate( query ); statement.close(); ConnectionPool2.returnConnection(connection); %> <jsp:forward page="changepassword.jsp"/> </body> </html>