package sample; import java.io.IOException; import java.sql.Connection; import java.sql.DriverManager; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class LoginServlet extends HttpServlet { protected void doPost( HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String nextURL = "/error.jsp"; String user_id = request.getParameter("user_id"); String password = request.getParameter("password"); HttpSession session = request.getSession(true); Connection sqlConnection = null; PreparedStatement statement = null; ResultSet result = null; try { Class.forName("org.postgresql.Driver"); sqlConnection = DriverManager.getConnection( "jdbc:postgresql:sample_data", "sample_data_user", ""); String sql = "SELECT user_id,pass FROM userdata WHERE user_id = ? AND pass = ?"; statement = sqlConnection.prepareStatement(sql); statement.setString(1, user_id); statement.setString(2, password); result = statement.executeQuery(); if (result.next()) { session.setAttribute("user_id", user_id); nextURL = "/sampleapp/member.jsp"; } else { session.setAttribute("errorMessage", "ユーザIDまたはパスワードが間違っています"); nextURL = "/sampleapp/login.jsp"; } response.sendRedirect(nextURL); } catch (ClassNotFoundException e) { e.printStackTrace(response.getWriter()); } catch (SQLException e) { e.printStackTrace(response.getWriter()); } finally { try { if (statement != null) statement.close(); if (sqlConnection != null) sqlConnection.close(); } catch (SQLException e) { e.printStackTrace(); } } } }