帮小弟我看一个servletjsp的有关问题

public class Login extends HttpServlet{    public void init(ServletConfig config) throws ServletException{            super.init(config);    }        public void service(HttpServletRequest req,HttpServletResponse resp) throws IOException{                HttpSession session=req.getSession(true);        PrintWriter out = resp.getWriter();        String username=req.getParameter("username");        String pwd=req.getParameter("pwd");        String sql="select * from userinfo where username=? and pwd=?";                Connection conn=db.getConnection();                try{            PreparedStatement pstmt=conn.prepareStatement(sql);                        pstmt.setString(1,username);            pstmt.setString(2,pwd);                        ResultSet rs=pstmt.executeQuery();            Boolean m=rs.next();            if(m==true){                session.setAttribute(username, rs.getString("username"));                session.setAttribute(pwd,rs.getString("pwd"));                                resp.sendRedirect("index.jsp");            }else{                out.println("<SCRIPT LANGUAGE=javascript>");                out.println("alert('用户名或密码错误！');");                out.println("window.location.href='default.jsp'; ");                out.println("</script>");            }            pstmt.close();              conn.close();        }        catch(SQLException e){            e.printStackTrace();        }             }}

public class gl extends HttpServlet{    /**     *      */    private static final long serialVersionUID = 1L;    public void init(ServletConfig config) throws ServletException{            super.init(config);    }        public void service(HttpServletRequest req,HttpServletResponse resp) throws IOException{                HttpSession session=req.getSession(true);        PrintWriter out = resp.getWriter();        String username=null;        String lastip=null;        String sql="select username，lastip from log";                Connection conn=db.getConnection();                try{            PreparedStatement pstmt=conn.prepareStatement(sql);            ResultSet rs=pstmt.executeQuery(sql);            Boolean m=rs.next();            if(m==true){                session.setAttribute(username,rs.getString("username"));                session.setAttribute(lastip,rs.getString("lastip"));                System.out.println(username);            }else{                out.println("<SCRIPT LANGUAGE=javascript>");                out.println("alert('用户名或密码错误！');");                out.println("window.location.href='default.jsp'; ");                out.println("</script>");            }            pstmt.close();              conn.close();        }        catch(SQLException e){            e.printStackTrace();        }             }}

<html>  <head>    <base href="<%=basePath%>">        <title>My JSP 'default.jsp' starting page</title>        <meta http-equiv="pragma" content="no-cache">    <meta http-equiv="cache-control" content="no-cache">    <meta http-equiv="expires" content="0">        <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">    <meta http-equiv="description" content="This is my page">    <!--    <link rel="stylesheet" type="text/css" href="styles.css">    -->  </head>    <body>    This is my JSP page. <br>  <form action="login" name="form1" method="post">  <tr>   <td>用户</td>   <td><input type="text" name="username"></td>  </tr>   <tr>   <td>密码</td>   <td><input type="password" name="pwd"></td>  </tr>  <tr>    <td height="45" colspan="2">        <p align="center">            <input type="submit" value="登 陆">            &nbsp;&nbsp;            <input type="reset" value="取 消">    </td>  </tr>  </form>  </body></html>