mysql-jsp链接Mysql数据库,代码问题、求指导

代码mysqljsp数据库

String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>

<code>        <h2>用户登陆</h2>        登陆 ID:<input type="text" name="userid"><br>        登陆密码:<input type="password" name="password"><br>        <input type="submit" value="登陆">        <input type="reset" value="重置"></code>

public static final String DBDRIVER = "com.mysql.jdbc.Driver" ;
public static final String userName = "root"; //登录的用户名
public static final String userPasswd = "root"; //登录mysql密码
public static final String dbName = "test"; //数据库名
public static final String tableName="form1"; //表名
public static final String DBURL = "jdbc:mysql://localhost:3306/"+dbName+"?user="+userName+"&password="+userPasswd;
%>

Connection conn = null ;
PreparedStatement pstmt = null ;
ResultSet rs = null ;
boolean flag = false ; // 表示登陆成功或失败的标记
%>

String userid = request.getParameter("username") ; // 接收表单参数
String password = request.getParameter("password") ; // 接收表单参数
try{
Class.forName(DBDRIVER) ;
conn = DriverManager.getConnection(DBURL) ;
String sql = "SELECT userid,password FROM tuser WHERE userid=? AND password=?" ;
pstmt = conn.prepareStatement(sql) ;
pstmt.setString(1,userid) ;
pstmt.setString(2,password) ;
rs = pstmt.executeQuery() ;
while(rs.next()){
// 如果有内容，则此处执行，表示查询出来，合法用户
flag = true ;
}
}catch(Exception e){
}finally{
try{
conn.close() ; // 连接一关闭，所有的操作都将关闭
}catch(Exception e){}
}
%>
if(flag){ // 登陆成功，应该跳转到success.jsp
%>

}else{ // 登陆失败，跳转到failure.jsp
%>

}
%>