• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How this code can be improved?

 
Kunal Lakhani
Ranch Hand
Posts: 622
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have created a login page. The application has different users. For this, i have created 5 radio buttons.

This code is working fine, but, i need to improve this code.

UserLoginBean.java




UserLoginServlet



UserDao




index.jsp

 
Jan Cumps
Bartender
Posts: 2599
12
C++ Linux Netbeans IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
By not taking the user type from a parameter.
Someone can post a bogus request to your application and set r1 to "Add", and bypass security.
 
Kunal Lakhani
Ranch Hand
Posts: 622
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Jan,its not clear to me. Please elaborate.
 
Kaustubh G Sharma
Ranch Hand
Posts: 1283
Chrome Java Netbeans IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
use some framewoek..it makes flow easy
 
Paul Sturrock
Bartender
Posts: 10336
Eclipse IDE Hibernate Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Use PreparedStatements.
 
Jan Cumps
Bartender
Posts: 2599
12
C++ Linux Netbeans IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Use container security
http://download.oracle.com/javaee/6/tutorial/doc/bnbxj.html
 
Paul Sturrock
Bartender
Posts: 10336
Eclipse IDE Hibernate Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Use a proper logging framework, don't just call printStackTrace();

Change the authenticateUser method so it authenticates the user, rather than returning a ResultSet.

Don't use an int where a boolean variable makes more sense.

Consider returning a 403 code rather then redirecting to a hard coded error JSP (unless you take Jan's much better advice about container managed security).

If you don't want to use container managed security, set your security code in a filter rather than a Servlet.

Don't use tables to positioning elements in your HTML. Use CSS instead.

Don't set the user's credentials in the session.

 
Kaustubh G Sharma
Ranch Hand
Posts: 1283
Chrome Java Netbeans IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I think you'd got less reponses if you asked to fix the problems in your code instead asking only problems
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic