• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Problem in Login page

 
Ranch Hand
Posts: 622
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator



I have a login page, which directs to Verification.jsp

Login.jsp



EveryThing in Login.jsp and verification.jsp is working fine.

I am having a STAFF table, which contains data of JOURNALIST & REPORTER. So, to differentiate their ID, i have a column STYPE, which contains 'R' for Reporter, and 'J' for journalist.


So, when Reporters logs in, i need 'R' to be generated, so that i can provide STYPE in my Query.

How to do this.?
If i place An attribute 'Id' in radio buttons in Login.jsp, how can i get this Id when the radio button is selected??


Verification.jsp



I Should not include Java code in jsp, But this is just a rough project. After this, i will be converting this project as per MVC architecture
 
author & internet detective
Posts: 41860
908
Eclipse IDE VI Editor Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Moving to our JSP forum since this isn't a database question.
 
Jeanne Boyarsky
author & internet detective
Posts: 41860
908
Eclipse IDE VI Editor Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Kunal Lakhani wrote:If i place An attribute 'Id' in radio buttons in Login.jsp, how can i get this Id when the radio button is selected??


You get the value of the selected radio button when you call request.getParameter(). Did this not work?

Also when you convert to the real project, be sure to use PreparedStatements and binding variables to prevent SQL Injection. Right now someone can delete the contents of the whole database table or login without a proper password.
 
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Also, move the Java code out of a JSP and into a Java class where it belongs. Using a JSP as a stand-in for a Java class is the epitome of poor design and bad practices.
 
Bartender
Posts: 1845
10
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
request.getParameter("r1") obviously won't work directly, because the value of r1 being submitted is "Staff", for both Journalist and Reporter.
It seems that this parameter is being used to figure out which table to query. That whole building up the query with string concatenation leaves you wide open for SQL injection attack as has been mentioned.
You need to change your radio button values so that you can distinguish between them.

Maybe something like the following:



But then of course you won't be able to use the value of r1 for the table name any more.....
So maybe a mapping between these values, and what the table/column values for it are?
reply
    Bookmark Topic Watch Topic
  • New Topic