Source
Source
try {
if (button.equals("Login")) {
String userID = request.getParameter("txtUser");
String password = request.getParameter("txtPass");
//B2: Call method Model
//2.1 new DAO
UsersDAO dao = new UsersDAO();
//2.2 Call method cuar DAO
UsersDTO result = dao.checkLogin(userID, password);
//B3: process result
if (result != null && "AD".equals(result.getRoleID())) {
url = RESULT_PAGE;
HttpSession session = request.getSession();
session.setAttribute("USER", result);
} else {
request.setAttribute("ERROR", "Incorrect UserID and Password");
url = LOGIN_PAGE;
}
}
}
//LogoutServlet//////
HttpSession session = request.getSession(false);
session.invalidate();
response.sendRedirect("login.jsp");
//searchServlet
String searchValue = request.getParameter("txtSearchRoom");
try {
tblRoomsDAO dao = new tblRoomsDAO();
List<tblRoomsDTO> list = dao.SearchValue(searchValue);
if(list != null) {
request.setAttribute("SEARCH_RESULT", list);
request.getRequestDispatcher("roomList.jsp").forward(request,
response);
}
} catch (Exception e) {
}
//SearchDAO
public List<tblRoomsDTO> SearchValue(String name) throws SQLException {
Connection con = null;
PreparedStatement stm = null;
ResultSet rs = null;
String sql = "SELECT id, name, description, price, area, status "
+ "FROM tblRooms "
+ "WHERE name LIKE ? AND status = ?";
List<tblRoomsDTO> list = new ArrayList<>();
try {
con = DBUtils.getConnection();
stm = con.prepareStatement(sql);
stm.setString(1, "%" + name + "%");
stm.setBoolean(2, true);
rs = stm.executeQuery();
while (rs.next()) {
tblRoomsDTO ca = new tblRoomsDTO(rs.getString("id"),
rs.getString("name"),
rs.getString("description"), rs.getDouble("price"),
rs.getDouble("area"), rs.getBoolean("status"));
list.add(ca);
}
} catch (Exception e) {
e.printStackTrace();
} finally {
if (con != null) {
con.close();
}
if (stm != null) {
stm.close();
}
if (rs != null) {
rs.close();
}
}
return list;
}