SCHOOL OF COMPUTER SCIENCE & ENGINEERING

ASSIGNMENT-3
JSP APPLICATION

COURSE CODE: CSI3023

COURSE NAME: ADVANCED SERVER SIDE PROGRAMMING
NAME: SIDDARTH SR PILLAI
REG NO: 21MIC0048
FACULTY: JUSTIN GOPINATH N
SLOT: L53+L54

Page 1 of 19
index.jsp

<%--

Document : index

Created on : 26-Feb-2024, 7:37:01 pm

Author : siddarth

--%>

<%@ page import="java.io.*" %>

<%@ page import="java.sql.*" %>

<%@ page import="java.util.concurrent.ThreadLocalRandom" %>

<%@page contentType="text/html" pageEncoding="UTF-8"%>

Page 2 of 19
<!DOCTYPE html>

<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

<title>Bank Application</title>

</head>

<body>

<h1>BANK LOGIN</h1>

<%String username = request.getParameter("username");

String password = request.getParameter("password");

Integer count=(Integer)session.getAttribute("attemptcount");

if (count == null)

count=new Integer(1);

else

count = new Integer(count.intValue()+1);

session.setAttribute("attemptcount",count);

if (username!=null && !username.isEmpty()) {

try{

Class.forName("com.mysql.cj.jdbc.Driver");

Connection

con=DriverManager.getConnection("jdbc:mysql://localhost:3306/bank","root","4200");

String sql = "select * from credentials where username= ? and

password= ?";

PreparedStatement stmt=con.prepareStatement(sql);

stmt.setString(1,username);

stmt.setString(2,password);

ResultSet rs=stmt.executeQuery();

if(rs.next()){

Page 3 of 19
 con.close();

int otp = ThreadLocalRandom.current().nextInt(100000,1000000);

session.setAttribute("twofactor",otp);

session.setAttribute("username",username);

session.removeAttribute("attemptcount");

response.sendRedirect("authentication.jsp");

else{

if(count<3){

out.println("<h2 style='color:red'>Please enter the correct

credentials!</h2>");

out.println("<h2 style='color:red'>"+count+" more attempts

remaining.</h2>");

else if(count==3){

out.println("<h2 style='color:red'>Please enter the correct

credentials!</h2>");

out.println("<h2 style='color:red'>Last Attempt.</h2>");

else

out.println("<h2 style='color:red'>ACCOUNT BLOCKED!! Try

again

tomorrow.</h2>");

con.close();

catch (Exception e) {

out.println("<h1>Login Failed: "+e.getMessage()+"</h1>");

Page 4 of 19
 %>

<form action="index.jsp" method="post">

<label for="username">Username:</label><br>

<input type="text" name="username" required><br><br>

<label for="password">Password:</label><br>

<input type="password" name="password" required><br><br>

<input type="submit" value="Login"><br>

</form><br>

<a href="register.jsp">New User? Register here</a>

</body>

</html>

register.jsp
<%--

Document : register

Created on : 26-Feb-2024, 7:37:13 pm

Author : siddarth

--%>

<%@ page import="java.sql.*" %>

<%@page contentType="text/html" pageEncoding="UTF-8"%>

<!DOCTYPE html>

<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

<title>Registration</title>

</head>

Page 5 of 19
 <body>

<%String accname = request.getParameter("accountname");

String accno = request.getParameter("accountno");

String acctype = request.getParameter("accounttype");

String branch = request.getParameter("branch");

String city = request.getParameter("city");

String mobile = request.getParameter("mobile");

if (accname!=null && !accname.isEmpty()) {

try{

Class.forName("com.mysql.cj.jdbc.Driver");

Connection

con=DriverManager.getConnection("jdbc:mysql://localhost:3306/bank","root","4200");

String sql = "INSERT INTO accounts(accno,accname, acctype, branch,

city, mobile)

VALUES (?, ?, ?, ?, ?,?)";

PreparedStatement stmt=con.prepareStatement(sql);

stmt.setString(1,accno);

stmt.setString(2,accname);

stmt.setString(3,acctype);

stmt.setString(4,branch);

stmt.setString(5,city);

stmt.setString(6,mobile);

stmt.executeUpdate();

con.close();

catch (Exception e) {

System.out.println("Exception Caught: "+e.getMessage());

out.println("<h1>Registration Failed"+e.getMessage()+"</h1>");

Page 6 of 19
 session.setAttribute("accountnum",accno);

response.sendRedirect("createCredentials.jsp");

%>

<h2>Bank Account Registration</h2>

<form action="register.jsp" method="post">

<label for="accountHolderName">Account Holder Name:</label>

<input type="text" name="accountname" required><br><br>

<label for="accountNumber">Account Number:</label>

<input type="text" name="accountno" required><br><br>

<label for="accountType">Account Type:</label>

<select name="accounttype" required>

<option value="Savings">Savings</option>

<option value="Current">Current</option>

<option value="Fixed Deposit">Fixed Deposit</option>

<option value="Recurring Deposit">Recurring Deposit</option>

<option value="Salary">Salary</option>

<option value="NRI">NRI</option>

</select><br><br>

<label for="branch">Branch:</label>

<input type="text" name="branch" required><br><br>

<label for="city">City:</label>

<input type="text" name="city" required><br><br>

<label for="mobileNumber">Mobile Number:</label>

<input type="text" name="mobile" title="Please enter a valid number!"

pattern="[1-9]{1}[0

9]{9}" required><br><br>

<input type="submit" value="Register">

</form>

Page 7 of 19
 </body>

</html>

authentication.jsp
<%--

Document : authentication

Created on : 26-Feb-2024, 7:37:48 pm

Author : siddarth

--%>

<%@page contentType="text/html" pageEncoding="UTF-8"%>

<!DOCTYPE html>

<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

<title>Authentication</title>

</head>

<body>

<h1>Two-Factor Authentication</h1>

<%Integer otp = (Integer) session.getAttribute("twofactor");

out.println("<h2>OTP: "+otp+"</h2>");

String onetime = request.getParameter("otp");

if (onetime!=null && !onetime.isEmpty()) {

if(onetime.equals(otp.toString())){

session.removeAttribute("twofactor");

response.sendRedirect("displayProfile.jsp");

Page 8 of 19
 else{

out.println("<h2 style='color:red'>Please enter the correct

OTP!</h2>");

%>

<form action="authentication.jsp" method="post">

<label for="otp">Please Enter the OTP: </label>

<input type="text" name="otp" required><br><br>

<input type="submit" value="Submit OTP"><br>

</form>

</body>

</html>

displayProfile.jsp
<%--

Document : displayProfile

Created on : 26-Feb-2024, 7:37:33 pm

Author : siddarth

--%>

<%@ page import="java.sql.*" %>

<%@page contentType="text/html" pageEncoding="UTF-8"%>

<!DOCTYPE html>

<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

Page 9 of 19
 <title>Profile</title>

</head>

<body>

<h1>Bank Account Profile</h1>

<%String username = (String) session.getAttribute("username");

try{

Class.forName("com.mysql.cj.jdbc.Driver");

Connection

con=DriverManager.getConnection("jdbc:mysql://localhost:3306/bank","root","4200");

String sql = "select accounts.accno,accname,acctype,branch,city,mobile

from accounts

inner join credentials "+

"where accounts.accno=credentials.accno and username=?";

PreparedStatement stmt=con.prepareStatement(sql);

stmt.setString(1,username);

ResultSet rs=stmt.executeQuery();

while(rs.next()){

String accno=rs.getString("accno");

String accname=rs.getString("accname");

String acctype=rs.getString("acctype");

String branch=rs.getString("branch");

String city=rs.getString("city");

String mob=rs.getString("mobile");

out.println("<table height=50% width=20% border='1'

style='text-align:left'>");

out.println("<tr><th>Account
Number</th><td>"+accno+"</td></tr><tr><th>Account

Name:</th><td>"+accname+"</td></tr>");

out.println("<tr><th>Account

Page 10 of 19
Type</th><td>"+acctype+"</td></tr><tr><th>Branch</th><td>"+branch+"</td></tr>");

out.println("<tr><th>City</th><td>"+city+"</td></tr><tr><th>Mobile</th><td>"+mob+"</td><
/tr

>");

out.println("</table>");

catch (Exception e) {

System.out.println("Exception Caught: "+e.getMessage());

%>

<br>

<button type="button" onclick="location.href='index.jsp'">Logout</button>

</body>

</html>

createCredentials.jsp
<%--

Document : createCredentials

Created on : 26-Feb-2024, 7:38:03 pm

Author : siddarth

--%>

<%@ page import="java.sql.*" %>

<%@page contentType="text/html" pageEncoding="UTF-8"%>

<!DOCTYPE html>

Page 11 of 19
<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

<title>Create Username</title>

</head>

<body>

<%String nuname = request.getParameter("newusername");

String npsswd = request.getParameter("newpassword");

String accno = (String)session.getAttribute("accountnum");

if (nuname!=null && !nuname.isEmpty()) {

try{

Class.forName("com.mysql.cj.jdbc.Driver");

Connection

con=DriverManager.getConnection("jdbc:mysql://localhost:3306/bank","root","4200");

String sql = "INSERT INTO credentials(username,password,accno)

VALUES (?,?,?)";

PreparedStatement stmt=con.prepareStatement(sql);

stmt.setString(1,nuname);

stmt.setString(2,npsswd);

stmt.setString(3,accno);

stmt.executeUpdate();

con.close();

catch (Exception e) {

System.out.println("Exception Caught: "+e.getMessage());

out.println("<h1>Registration Failed"+e.getMessage()+"</h1>");

session.removeAttribute("accountnum");

response.sendRedirect("index.jsp");

Page 12 of 19
 }

%>

<h1>Create Username & Password</h1>

<form action="createCredentials.jsp" method="post">

<label for="newusername">Create a new Username:</label>

<input type="text" name="newusername" required><br><br>

<label for="newpassword">Create a Strong Password:</label>

<input type="password" name="newpassword" required><br><br>

<input type="submit" value="Create Account"><br>

</form>

</body>

</html>

Login Page

Page 13 of 19
Account Creation Page

Page 14 of 19
Username and Password Creation Page

Page 15 of 19
Two-Factor Authentication Page

Page 16 of 19
Account Details

Wrong Attempts

Page 17 of 19
Page 18 of 19
Database

******************

Page 19 of 19