As an aside, one thing worth noting is that you must have to avoid Java code in JSP-Files. Your Java code must be placed into Servlet and other model classes to handle and process the request. In JSP files, you may use EL (Expression Language) and JSTL . The standard tag library JSTL can do most of the common things that you need scriplets for.

Have a look at good post - How to avoid Java Code in JSP-Files?

In code-snippet, you may add WHERE clause to the SELECT statement :

String username=request.getParameter("txtUsername");
String password=request.getParameter("txtPassword");

Connection cn = DriverManager.getConnection("jdbc:odbc:RentalDB", "", "");
String sql="SELECT * from Member where Email=? and Password=?";
PreparedStatement st = cn.prepareStatement(sql);
st.setString(1,username);
st.setString(2,password);

ResultSet r = st.executeQuery();

if(r.next())
{
   //
}

read this tutorial...... click

Dan Quadrozzi,

Do you think I don't monitor java forums? This could/will be classed as plagiarism if I find any of these suggestions in yours or any of your collegues code. You may want to warn other class mates of this. I can see that this is the second time now.

Regards,

Mark

dear TheQuad,

Do ensure the content you post should Legal

Dan Quadrozzi,

Do you think I don't monitor java forums? This could/will be classed as plagiarism if I find any of these suggestions in yours or any of your collegues code. You may want to warn other class mates of this. I can see that this is the second time now.

Regards,

Mark

@markdixon
Option A) Possible prank from fellow student that just now discovered there are site where people can advice, then you pathetic.
Option B) It is "the" teacher, but then I would be ashamed because why would one teach people DB connectivity from JSP which is bad thing to do. You should look back and reconsider your teaching curriculum, because you are wasting people time and teaching 10 years old techniques that are unwelcome

@TheQuad if you do not copy and paste solution, but based on provided examples workout your own solution you win. Follow also advice provided by adatapost

You try to retrieve the values from the html first and then supply them to the query string and then check whether the email matches with the password or not.Try replacing it as below.............

<%@page import="java.sql.*"%>
<%@page contentType="text/html"%>
<%
    String loginMessage = "";
    String un = "";
    String pw = "";
    String username = "";
    username=request.getParameter("txtUsername");
    String password = "";
    password=request.getParameter("txtPassword");
    Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
    Connection cn = DriverManager.getConnection("jdbc:odbc:RentalDB", "", "");
    Statement st = cn.createStatement();
    ResultSet r = st.executeQuery("SELECT Password FROM Member where email='"+username+"'");
 
    if (request.getParameter("btnLogon") != null) {
 while (r.next()) {
            pw += r.getString("Password");
 
            if (password.equals(pw))) {
                session.setAttribute("Logon", "OK");
                response.sendRedirect("Menu Page.jsp");
                loginMessage = "well done";
 
            } else {
                loginMessage = "Login details incorrect";
                session.setAttribute("Logon", "NOT_OK");
            }
        }
    }
 
    cn.close();
 
%>
 
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Login Page</title>
    </head>
    <body>
        <form method ="post">
            <center>
                <p> Please Log on: <br /></p>
                Username: <input name="txtUsername" type="text" /> Password: <input name="txtPassword" type="password" /> <br/>
 
                <p><input name="btnLogon" type="submit" value="Logon" /> <br/>  </p>
                <p><%=loginMessage%></p>
                <p><%=un%> </p>
            </center>
        </form>
    </body>
</html>