public String forgotPassword() {
    System.out.println("in forgot password...." + email);
    int flag = CheckValidEmail.validity(email);
    if (email.equals("")) {
      addActionError("Please fill email ID");
      return ERROR;
    }
    if (flag == 1) {
      addActionError("Please enter a valid email ID, entered Email is not registered with us");
      return ERROR;
    } else {
      StringBuffer sb = new StringBuffer();
      for (int x = 0; x < 5; x++) {
        sb.append((char) ((int) (Math.random() * 26) + 97));
      }
      System.out.println(sb.toString());
      setFrom("*****@*****.**");
      setSenderPassword("dipRituSuv");
      setBody(
          "Your password is reset to " + sb.toString() + " \nPlease sign in with it the next time");
      try {
        Session session =
            Session.getDefaultInstance(
                properties,
                new javax.mail.Authenticator() {
                  protected PasswordAuthentication getPasswordAuthentication() {
                    return new PasswordAuthentication(from, getSenderPassword());
                  }
                });

        Message message = new MimeMessage(session);
        message.setFrom(new InternetAddress(from));
        message.setRecipients(Message.RecipientType.TO, InternetAddress.parse(email));
        message.setSubject("Forgot Password");
        message.setText(body);
        Transport.send(message);
      } catch (Exception e) {
        e.printStackTrace();
      }
      String encryptedPassword = PasswordEncryption.EncryptPassword(sb.toString());
      try {
        java.sql.Connection con = DBManager.getConnection();
        DBManager.useDataBase(con);
        sqlQuery = "update customer set password =? where userName=?;";
        statement = con.prepareStatement(sqlQuery);
        statement.setString(1, encryptedPassword);
        statement.setString(2, CheckValidEmail.getUserName());
        res = statement.executeUpdate();
      } catch (Exception e) {
        e.printStackTrace();
      }
      return SUCCESS;
    }
  }
  public String successful() {
    if (ActionContext.getContext().getSession().get("userSession") == null) {
      checkExistingEmail = CheckValidEmail.validity(email);
      if (userName.equals("")) {
        addActionError("User name cannot be empty");
        return ERROR;
      } else if (password.equals("")) {
        addActionError("Password cannot be empty");
        return ERROR;
      } else if (firstName.equals("")) {
        addActionError("First Name cannot be empty");
        return ERROR;
      } else if (lastName.equals("")) {
        addActionError("Last Name cannot be empty");
        return ERROR;
      } else if (email.equals("")) {
        addActionError("Email cannot be empty");
        return ERROR;
      } else if (phone.equals("")) {
        addActionError("Phone Number cannot be empty");
        return ERROR;
      } else if (phone.length() < 10) {
        addActionError("Phone Number should be of 10 digits !!!");
        return ERROR;
      }
      /*else if(email.isEmpty()==false){
      	Pattern p = Pattern.compile(".+@.+\\.[a-z]+");
      	 Matcher m = p.matcher(email);
      	 boolean matchFound = m.matches();
      	 if(matchFound==false){
      		 addActionError("Email is invalid !!!");
      		 flag=false;
      	 }

      }
       */

      else if (checkExistingEmail == 0) {
        addActionError("Email address already in use. Please use different email address");
        return ERROR;
      } else {

        if (email.isEmpty() == false) {
          Pattern p = Pattern.compile(".+@.+\\.[a-z]+");
          Matcher m = p.matcher(email);
          boolean matchFound = m.matches();
          if (matchFound == false) {
            addActionError("Email is invalid !!!");
            return ERROR;
          }
        }
        try {
          java.sql.Connection con = DBManager.getConnection();
          DBManager.useDataBase(con);

          sqlQuery = "select userName from customer;";
          statement = con.prepareStatement(sqlQuery);
          rs = statement.executeQuery();
          while (rs.next()) {
            if (rs.getString(1).equals(userName)) {
              addActionError("User Name already exists, Please choose some other user name");
              return ERROR;
            }
          }

          // encryption
          String encryptedPassword = EncryptPassword(password);

          sqlQuery =
              "insert into customer(userName,password,emailId,firstName,middleName,lastName,phone,balance) values(?,?,?,?,?,?,?,?);";
          statement = con.prepareStatement(sqlQuery);
          statement.setString(1, userName);
          statement.setString(2, encryptedPassword);
          statement.setString(3, email);
          statement.setString(4, firstName);
          statement.setString(5, middleName);
          statement.setString(6, lastName);
          statement.setString(7, phone);
          statement.setInt(8, 2000);
          res = statement.executeUpdate();

          try {
            // code to get customerID after the latest insert (above)
            sqlQuery = "SELECT MAX(customerID) FROM customer;";
            statement = con.prepareStatement(sqlQuery);
            rs = statement.executeQuery();
            while (rs.next()) {
              if (rs.getInt(1) > 0) session.put("customerID", rs.getInt(1));
            }
          } catch (Exception e) {
            e.printStackTrace();
          }

        } catch (Exception e) {
          e.printStackTrace();
        }
        session.put("userSession", userName);
        setFrom("*****@*****.**");
        setSenderPassword("dipRituSuv");
        body =
            "Welcome "
                + firstName
                + " to Book My Movie. Now enjoy booking movie tickets online. You are now successfully registerd to our website. ";
        try {
          Session session =
              Session.getDefaultInstance(
                  properties,
                  new javax.mail.Authenticator() {
                    protected PasswordAuthentication getPasswordAuthentication() {
                      return new PasswordAuthentication(from, senderPassword);
                    }
                  });

          Message message = new MimeMessage(session);
          message.setFrom(new InternetAddress(from));
          message.setRecipients(Message.RecipientType.TO, InternetAddress.parse(email));
          message.setSubject("Registration Successul");
          message.setText(body);

          Transport.send(message);
        } catch (Exception e) {

          e.printStackTrace();
        }

        return SUCCESS;
      }
    } else {
      addActionError(
          "You are already signed in as  "
              + ActionContext.getContext().getSession().get("userSession").toString()
              + " Please logout to sign in or register as different user");
      return ERROR;
    }
  }