struts2 bbs

package ac; import com.opensymphony.xwork2.ActionSupport; import java.sql.*; import java.util.Map; import com.opensymphony.xwork2.ActionContext; import com.opensymphony.xwork2.ActionSupport; public class LoginAction extends ActionSupport { private String username; private String password; public String getUsername() { return username; } public void setUsername(String username) { this.username = username; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } public String execute() throws Exception { ActionContext actionContext = ActionContext.getContext(); Map session = actionContext.getSession(); String url = "jdbc:mysql://localhost:3306/"; String dbName = "ztest"; String driverName = "com.mysql.jdbc.Driver"; String userName = "root"; String passWord = ""; Connection con = null; Statement stmt = null; ResultSet rs = null; try { Class.forName(driverName).newInstance(); con = DriverManager.getConnection(url + dbName, userName, passWord); stmt = con.createStatement(); } catch (Exception e) { System.out.println(e.getMessage()); } stmt = con.createStatement(); String sql = "select * from userinfor where username='" + this.username + "'and password='" + this.password + "'"; rs = stmt.executeQuery(sql); if (!rs.next()) { return INPUT; } else { session.put("USER", this.username); return SUCCESS; } } }