• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Liutauras Vilda
  • Ron McLeod
Sheriffs:
  • Jeanne Boyarsky
  • Devaka Cooray
  • Paul Clapham
Saloon Keepers:
  • Scott Selikoff
  • Tim Holloway
  • Piet Souris
  • Mikalai Zaikin
  • Frits Walraven
Bartenders:
  • Stephan van Hulst
  • Carey Brown

user authentication

 
Ranch Hand
Posts: 168
Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have a user table that contains three columns: username, password, and fullname. The fullname will be used to greet the user. The password is hashed before put in the table. Which one is the better way:

Method 1:
The query is
If the query doesn't return a row it means the username given is wrong.
If it does, then we compare the password we get from the database with the one given by user.

OR

Method 2:
The query is
If the query doesn't return a row it means either the username or the password are wrong.

?
[ May 16, 2005: Message edited by: Yosi Hendarsjah ]
 
Ranch Hand
Posts: 54
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
yosi!

even though either of them will work, the second seems to be more effective as the username-pw combination needs to be matched

cheers
 
author & internet detective
Posts: 42056
926
Eclipse IDE VI Editor Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Yosi,
I agree that option 2 is better. There is less network traffic.

Even better is to use a PreparedStatement so the sql is only compiled once.
 
Yosi Hendarsjah
Ranch Hand
Posts: 168
Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Amarender and Jeanne!
Your opinion is the same as I thought. I even use the PreparedStatement.

yosi
 
I brought this back from the farm where they grow the tiny ads:
Smokeless wood heat with a rocket mass heater
https://woodheat.net
reply
    Bookmark Topic Watch Topic
  • New Topic