This is my exact code. database is mysql and works fine.
<%//*********************************************************************************************************
//Check if user login sucessfully
//**********************************************************************************************************%>
<%@ page import="java.util.*, java.sql.*, java.text.*" %>
<title>leave page</title>
<%
response.setHeader("Cache-Control","no-cache"); //forces caches to obtain a new copy of the page from the origin server
response.setHeader("Cache-Control","no-store"); //directs caches not to store the page under any circumstance
response.setDateHeader("Expires", 0); //causes the proxy cache to see the page as "stale"
response.setHeader("Pragma","no-cache"); //HTTP 1.0 backward compatibility
String userName = (String) session.getAttribute("User");
if (null == userName) {
request.setAttribute("Error", "Session has ended. Please login.");
RequestDispatcher rd = request.getRequestDispatcher("login.jsp");
rd.forward(request, response);
}
%>
<%//*********************************************************************************************************
//Database Coonection Code
//**********************************************************************************************************%>
<%
Connection con = null;
String dbURL = "jdbc:mysql://localhost/***";
Class.forName("com.mysql.jdbc.Driver");
con = DriverManager.getConnection(dbURL, "***", "***");
%>
<%//*********************************************************************************************************
//Start of
JSP(SQL) code
//**********************************************************************************************************%>
<%
Statement stm=null;
ResultSet rst=null;
stm= con.createStatement();
String query = ("select Name, Leave_Entitlement from tb_employee where emp_ID = '" + userName + "'");
rst = stm.executeQuery(query);
String query1 = "SELECT (A.Leave_Entitlement - B.Duration) AS BALANCE_LEAVE FROM tb_employee A, tb_leavemc B WHERE A.emp_ID=B.emp_ID AND A.emp_ID = ?";
PreparedStatement statement = con.prepareStatement( query1 );
statement.setString(1, userName);
%>
<%//*********************************************************************************************************
//Start of Displaying Results code
//**********************************************************************************************************%>
<%
while (rst.next()){ %>
<%=rst.getString("Name") %>
<%=userName%>
out.println("BALANCE_LEAVE"); //<--------Problem lies here <%=rst.getString("Leave_Entitlement") %>
<%}
%>
<%//*********************************************************************************************************
//End of connection code
//***********************************************************************************************************%>
<%
rst.close();
stm.close();
con.close();
%>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p><a href="secure1.jsp">Secure 1</a>
<br/>
<a href="secure2.jsp">Secure 2</a>
<br/>
<a href="logout.jsp">Logout</a>
<br/>
</p>
<p>
This is Secure1 page. This page is pretended to contain secure information.
</p>