• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Please Help me Ranchers

 
Ranch Hand
Posts: 51
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi All;

i am doing a small web application using jsp and sqlserver 2000 using type 4 microsoft jdbc driver.my code includes..


1. a simple "Login.jsp" with fields userid and email

<HTML>
<BODY bgcolor=gray>
<center>
<table>
<FORM METHOD=GET ACTION="LoginValidate.jsp">

<tr>
<td>UserId</td><td> <INPUT TYPE=TEXT NAME=username SIZE=20></td>
</tr>
<tr>
<td>E mail</td><td><INPUT TYPE=TEXT NAME=email SIZE=20></td>
</tr>
<tr>
<td><P><center><INPUT TYPE=SUBMIT value= "Click Me"></center>
</td>
</tr>

</FORM>
</table>
</center>
</BODY>
</HTML>



2. "LoginValidate.jsp" collecting data from "Login.jsp" print, putting them in session object and including another jsp "FromDb.jsp"

<html>
<body bgcolor= coffee>
<center>
<b>Form se</b>
<br>
<br>

<%
String username=request.getParameter("username");
session.setAttribute( "sessuser", username);

String email=request.getParameter("email");
session.setAttribute( "sessmail", email );
%>
welcome
<br>
<br>
<br>
<table>
<tr><td>You are Mr----</td><td> <font color="navy"><%= username %></font></td>
</tr>


<tr>
<td>And Your E-mail id is----</td><td><U><font color=green><%= email %></font></u></td>
</table>
<br>
<br>
<br>
<br>
<br>
<jsp:include page="FromDb.jsp" />
</center>
</body>
</html>



3 "FromDb.jsp" here connecting to the databse and verify the userid and email as entered through Login.jsp in while(rs.next()) loop

<html>
<head><b>Database se</b></head>
<br><br>
<body>
<%@ page import="java.sql.*;" %>
<%
String uid="";
String mailid="";
String pwd="";
String UName="";
boolean b=false;

Class.forName("com.microsoft.jdbc.sqlserver.SQLServerDriver");
Connection conn=DriverManager.getConnection("jdbc:microsoft:sqlserver://localhost;DatabaseName=vendor","sa","sa");
Statement stmt=conn.createStatement();
String squery="select * from test1";
ResultSet rs=stmt.executeQuery(squery);
%>

<% while(rs.next())
{
uid=rs.getString("UserId");
mailid=rs.getString("email");
pwd=rs.getString("pass");
UName=rs.getString("UserName");



if(session.getAttribute( "sessuser").equals(uid) && session.getAttribute( "sessmail").equals(mailid))

{ %>

WELCOME Mr.<%= UName %>

<br>
And Your password is<br><br><font color=red> "<%= pwd %>"</font>


<% b=true; break; } } %>


<% if(b==false) { %>

<br>
<br>Sorry!!!<br><br>
You are not a Registered User.
<a href="register.jsp">Please Register</a>


<% } %>

</body>
</html>

<br>
<br>
<br>
<table>
<tr><td>You are Mr----</td><td> <font color="navy"><%= username %></font></td>
</tr>
<tr>
<td>And Your E-mail id is----</td><td><U><font color=green><%= email %> </font></u></td>
</table>
<br>
<br>
<br>
<br>
<br>
<jsp:include page="FromDb.jsp" />
</center>
</body>
</html>






...and the problem with the first if statement

if(session.getAttribute( "sessuser").equals(uid) && session.getAttribute( "sessmail").equals(mailid))

not executed and control always reaches to 2nd if statement but this code works fine with MS-access databse..Please let me know where i am wrong..as you people always help me...please reply soon.i am learning java myself here is no one for help..ony ranchaers or sdn
[ September 12, 2006: Message edited by: Bear Bibeault ]
 
Anuragk kushwaha
Ranch Hand
Posts: 51
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi all;

reply, i am waiting
 
Rancher
Posts: 13459
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It doesn't look like that piece of code is doing wah t you want it to do. I would change the query to load the username, then use if(rs.next()) rather than while(rs.next())

that is, load a specific record and then look to see whther that record was found and act accordingly.

You get better results on the JavaRanch is you use meaningful subjects, please the link on how to ask questions on the JavaRanch.

regards,
Dave.
 
Anuragk kushwaha
Ranch Hand
Posts: 51
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i am not getting you, if i uses if(rs.next()) then i will step through the whole resultset
 
David O'Meara
Rancher
Posts: 13459
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If you use "select * from test1 where userid=?" you will either get a result or you won't. If you get a result then you can check the rest of the user credentials, if you don't get a result then they are not registered.
 
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Please read this.
 
Ranch Hand
Posts: 93
Mac Objective C Ruby
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Here is a major red flag that jumped out at me:



I would caution you to never do this, because your code will likely break the moment you change your database, AND it will be very hard to debug (which order were those fields in, again?) when something is not working.

Instead, specify your fields:



Some suggestions for your consideration:
1) Name your Primary Key as "id". Longer names become tedious when dealing with relationships (e.g., "WHERE foo.user_id = bar.payment_received_late_id AND abba.band_performer_id = venue.confirm_scheduled_bands_id" versus "WHERE foo.id = bar.id AND abba.id = venue.id").

2) Keep your field names all lowercase. Use underscore ("_") for word boundaries: user_name, personal_email, primary_job_title, etc. Some systems don't care about case, so changing to upper case for the field names is an extra step you'll have to remember (and believe me, you will forget it at least once).

3) Always alias your table and use it in the field list. This is a good habit to get into that will prevent problems later, especially when joining tables. (e.g., "SELECT f.id, b.first_name, a.income, ve.locaiton FROM fooboo f, barboo b, abba a, venue ve ..." )
 
reply
    Bookmark Topic Watch Topic
  • New Topic