Win a copy of Kubernetes in Action this week in the Cloud/Virtualization forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

java .lang .Number Format Error  RSS feed

 
Ranch Hand
Posts: 95
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, this is what i'm trying to do. Its a login page. I have the code below but it does not seem to work. I get the following error Apache Tomcat/4.0.4 - HTTP Status 500 - Internal Server Error. java.lang.NumberFormatException: null.


I think the problem lies here. In constructing mysql database, i'm not sure in

userName -- data type = VARCHAR(20)
password -- data type = VARCHAR(10)
lastLogon -- what data type must i use. Must be large enough to hold System.currentTimeMillis().



<%@ page import="java.sql.*" %>

<%

String userName = request.getParameter("userName");
String password = request.getParameter("password");
String lastLogon = request.getParameter("lastLogon");
long lastLogonForm = Long.parseLong(lastLogon);

Connection con = null;
Statement stmt = null;
ResultSet rs = null;
RequestDispatcher rd = request.getRequestDispatcher("home.jsp"); //forward to home page by default
try {
//Change the next 3 lines to use correct values in your own environment

String dbURL = "jdbc:mysql://localhost:3306/***";
Class.forName("com.mysql.jdbc.Driver");
con = DriverManager.getConnection(dbURL, "***", "***");



stmt = con.createStatement();
rs = stmt.executeQuery("select password, lastLogon from USER where userName = '" + userName + "'");

if (rs.next()) { //query only returns 1 record in the result set

if (rs.getString("password").equals(password)) { //if valid password
long lastLogonDB = rs.getLong("lastLogon");
if (lastLogonForm > lastLogonDB) {
session.setAttribute("User", userName); //Saves user name string in the session object
stmt.executeUpdate("update USER set lastLogon= " + lastLogonForm + " where userName = '" + userName + "'");
}
else {
request.setAttribute("Error", "Session has ended. Please login.");
rd = request.getRequestDispatcher("login.jsp");
}
}
else{ //password does not match,i.e. invalid user password
request.setAttribute("Error", "Invalid password.");
rd = request.getRequestDispatcher("login.jsp");
}
} //no record in the result set,i.e. invalid user name
else {
request.setAttribute("Error", "Invalid user name.");
rd = request.getRequestDispatcher("login.jsp");
}
}
catch (Exception e) { //database problem
request.setAttribute("Error", "Problem accessing security realm.");
rd = request.getRequestDispatcher("login.jsp");
e.printStackTrace();
}
finally {
try {
stmt.close();
con.close();
}
catch (Exception ignore) {
}
}

rd.forward(request, response);

%>
 
Sheriff
Posts: 14691
16
Eclipse IDE Ubuntu VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Your problem seems more about what's in lastLogon, rather than its type.
It seems to be null when you read it.
 
vanan saravanan
Ranch Hand
Posts: 95
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
lastLogon is null when i first create the database. So what value do i enter into the field so that the error would not occur. Also whats the best data type to use for the field. Thank you for your assistance.
 
Ranch Hand
Posts: 536
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator


rs = stmt.executeQuery("select password, lastLogon from USER where userName = '" + userName + "'");

if (rs.next()) { //query only returns 1 record in the result set


ever heard of SQL injection?
 
vanan saravanan
Ranch Hand
Posts: 95
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm sorry but whats sql injection. Is it related to the database field being empty and i cant read from it.
 
Author and ninkuma
Marshal
Posts: 66352
155
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
SInce this is unrelated to JSP, I've moved it to the JDBC forum.
 
Ranch Hand
Posts: 333
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Originally posted by vanan sara:
I'm sorry but whats sql injection. Is it related to the database field being empty and i cant read from it.



"SQL injection" is a classic and very common way of hacking into a web application; your code is a close match to the standard example of how to make yourself a victim of a SQL injection attack.

Use Google or search this forum for more information.
 
vanan saravanan
Ranch Hand
Posts: 95
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have read up and understood whats Sql injection. SQL injection is a hacking technique which attempts to pass SQL commands through a web application for execution by a backend database.

I will look into in on my next coding pratice.


But my problem is lastLogon being null when its first being read. What do i enter into the database field when the field is created. Also what is the best datatype to use for the field.


Thank you for your assistance....
 
Sheriff
Posts: 22968
43
Eclipse IDE Firefox Browser MySQL Database
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, I don't see why this is a difficult question. You say yourself

Must be large enough to hold System.currentTimeMillis().

This is a long value -- that is, it's a number with zero decimal places. And you can find out for yourself, with a one-line test program, how many digits you are going to need.

I also don't see how you're getting errors -- or even reading data at all -- when you don't have the database defined yet. Once you get the database defined properly, you won't have the "null" problem because you will have used a column type that returns long values. You only have that problem because you are implementing things in the wrong order.
 
vanan saravanan
Ranch Hand
Posts: 95
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Managed to solve the problem. I define my field as a 'char' with a start value of '1' It then works. Thank you for all assistance.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!