Statement stmt = con.createStatement();
String sql="select * from userinfo where name='"+name+"' and password='"+password+"'";
RS=stmt.executeQuery(sql);
if(!RS.next())
response.sendRedirect("pwderr.htm");
else
{
System.out.println(name+" come in!");}