帮小弟我看一个servletjsp的有关问题

public class Login extends HttpServlet{

    public void init(ServletConfig config) throws ServletException{
            super.init(config);
    }
    
    public void service(HttpServletRequest req,HttpServletResponse resp) throws IOException{
        
        HttpSession session=req.getSession(true);
        PrintWriter out = resp.getWriter();
        String username=req.getParameter("username");
        String pwd=req.getParameter("pwd");
        String sql="select * from userinfo where username=? and pwd=?";
        
        Connection conn=db.getConnection();
        
        try{
            PreparedStatement pstmt=conn.prepareStatement(sql);
            
            pstmt.setString(1,username);
            pstmt.setString(2,pwd);
            
            ResultSet rs=pstmt.executeQuery();
            Boolean m=rs.next();
            if(m==true){
                session.setAttribute(username, rs.getString("username"));
                session.setAttribute(pwd,rs.getString("pwd"));
                
                resp.sendRedirect("index.jsp");
            }else{
                out.println("<SCRIPT LANGUAGE=javascript>");
                out.println("alert('用户名或密码错误！');");
                out.println("window.location.href='default.jsp'; ");
                out.println("</script>");
            }
            pstmt.close();
              conn.close();
        }
        catch(SQLException e){
            e.printStackTrace();
        } 
        
    }
}

public class gl extends HttpServlet{

    /**
     * 
     */
    private static final long serialVersionUID = 1L;

    public void init(ServletConfig config) throws ServletException{
            super.init(config);
    }
    
    public void service(HttpServletRequest req,HttpServletResponse resp) throws IOException{
        
        HttpSession session=req.getSession(true);
        PrintWriter out = resp.getWriter();
        String username=null;
        String lastip=null;
        String sql="select username，lastip from log";
        
        Connection conn=db.getConnection();
        
        try{
            PreparedStatement pstmt=conn.prepareStatement(sql);
            ResultSet rs=pstmt.executeQuery(sql);
            Boolean m=rs.next();
            if(m==true){
                session.setAttribute(username,rs.getString("username"));
                session.setAttribute(lastip,rs.getString("lastip"));
                System.out.println(username);
            }else{
                out.println("<SCRIPT LANGUAGE=javascript>");
                out.println("alert('用户名或密码错误！');");
                out.println("window.location.href='default.jsp'; ");
                out.println("</script>");
            }
            pstmt.close();
              conn.close();
        }
        catch(SQLException e){
            e.printStackTrace();
        } 
        
    }
}

<html>
  <head>
    <base href="<%=basePath%>">
    
    <title>My JSP 'default.jsp' starting page</title>
    
    <meta http-equiv="pragma" content="no-cache">
    <meta http-equiv="cache-control" content="no-cache">
    <meta http-equiv="expires" content="0">    
    <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
    <meta http-equiv="description" content="This is my page">
    <!--
    <link rel="stylesheet" type="text/css" href="styles.css">
    -->

  </head>
  
  <body>
    This is my JSP page. <br>
  <form action="login" name="form1" method="post">
  <tr>
   <td>用户</td>
   <td><input type="text" name="username"></td>
  </tr>
   <tr>
   <td>密码</td>
   <td><input type="password" name="pwd"></td>
  </tr>
  <tr>
    <td height="45" colspan="2">
        <p align="center">
            <input type="submit" value="登 陆">
            &nbsp;&nbsp;
            <input type="reset" value="取 消">
    </td>
  </tr>
  </form>
  </body>
</html>