import java.io.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class JDBCServlet extends HttpServlet {
  Connection conn; Statement stmt; ResultSet rs;
  public void init () throws ServletException {
    try {
      DriverManager.registerDriver(new 
		oracle.jdbc.driver.OracleDriver());
      String connectStr =
		"jdbc:oracle:thin:@db00.cse.cuhk.edu.hk:1521:db00";
      conn = DriverManager.getConnection(connectStr,"name","password");
	// fill in your login name and password
     } catch (SQLException e) {
       System.out.println(e.getMessage());
     }
  }
public void doGet (HttpServletRequest request,
	HttpServletResponse response)
   throws ServletException, IOException {
  PrintWriter out;
  String title = "Product Table";
  response.setContentType("text/html");    
  out = response.getWriter();
  out.println("<HTML><HEAD><TITLE>"+title+"</TITLE></HEAD>");
  out.println("<BODY><H1>"+title+"</H1>");
  out.println("<form method=POST action=JDBCServlet><p>");
  out.println("<SELECT NAME=field><OPTION VALUE=code>code");
  out.println("<OPTION VALUE=category>category");
  out.println("<OPTION VALUE=name>name</SELECT>");
  out.println("matches <input type=text name=query size=20>");
  out.println("<input type=submit name=lookup value=lookup>");
  out.println("</form>");
  out.println("</BODY></HTML>");
  out.close();
}
public void doPost (HttpServletRequest request,
     HttpServletResponse response)
     throws ServletException, IOException {     
   try {
     String field = request.getParameter("field");
     String query = request.getParameter("query");
     PrintWriter out = response.getWriter();
     String title = "Query Result";
     StringBuffer sqlStmt = new StringBuffer(100);     
     sqlStmt.append("SELECT * FROM PRODUCT WHERE ");
     sqlStmt.append(field + " LIKE '%" + query + "%'");
     stmt = conn.createStatement();
     rs = stmt.executeQuery(sqlStmt.toString());
     response.setContentType("text/html");
     out.println("<HTML><HEAD><TITLE>"+title+"</TITLE>");
     out.println("</HEAD><BODY>");
	out.println("<H1>" + title + "</H1>");
     out.println("<TABLE BORDER=1><TR><TH>Product Code</TH>");
     out.println("<TH>Category</TH><TH>Name</TH>");
     out.println("<TH>Price</TH><TH>Onhand</TH></TR>");
     while (rs.next()) { 
        out.println("<TR><TD>" + rs.getString("code") + "</TD>");
        out.println("<TD>" + rs.getString("category") + "</TD>");
        out.println("<TD>" + rs.getString("name") + "</TD>");
        out.println("<TD>" + rs.getString("price") + "</TD>");
        out.println("<TD>" + rs.getString("on_hand") + "</TR></TR>");
     }
     out.println("</TABLE></BODY></HTML>");
	} catch (SQLException e) {
     System.out.println(e.getMessage());
   }
}
}