• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Jeanne Boyarsky
  • Ron McLeod
Sheriffs:
  • Paul Clapham
  • Liutauras Vilda
  • Devaka Cooray
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
Bartenders:

login problem

 
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi all!
i have a question.
i have a standalone java swing program that i use with postgreSQL jdbc. it has a login page which can compare the textfield with the value in database.

this is part of my code:


problem is, when i entered the correct username and password, the "incorrect login and password" warning JOption still pops out!
can you tell me how to fix this? thank you in advance!
 
author and jackaroo
Posts: 12200
280
Mac IntelliJ IDE Firefox Browser Oracle C++ Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Are you storing the password unencrypted in the database?

Generally speaking, selecting * from a table is a bad idea. Similarly getting a value from the resultset based on the index is a bad idea. There is the potential here that you are getting the wrong values. I strongly recommend you change that to (changing field names as appropriate):
 
nasha shaharan
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
yes, it's unencrypted..
ok i will try what you suggested..thanks

edit: i tried that but it didn't solve the problem..can you please tell me whats wrong?
 
Andrew Monkhouse
author and jackaroo
Posts: 12200
280
Mac IntelliJ IDE Firefox Browser Oracle C++ Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Is it possible that you have more than one row in your table? If so, is the display of the dialog in the correct place in your code?
 
nasha shaharan
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
um, yeah i have 3 rows of data in db..
 
Andrew Monkhouse
author and jackaroo
Posts: 12200
280
Mac IntelliJ IDE Firefox Browser Oracle C++ Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
OK, let's assume the 3 records are:
  • user-a/password-a
  • user-b/password-b
  • user-c/password-c


  • Now if you were to enter "user-b/password-b" - what would happen on the very first loop through your code?

    Alternatively, if you had entered "user-a/password-a", what would have happened on the second loop through your code? (Why do you allow a second loop through your code?)

    Which goes back to what I was saying earlier - is your code that displays the "Incorrect login or password" in the right place? Is there a better way of determining whether any of the usernames/passwords matched before showing that?
     
    nasha shaharan
    Greenhorn
    Posts: 22
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    i think i put the if else code in the wrong place..because it iterates my record (i think)..
    this is because when i log in..the incorrect password warning flashes 2 times when i entered user-a/password-a

    can you suggest where i was to put the if else code?
     
    Greenhorn
    Posts: 7
    Eclipse IDE Notepad Java
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    i would suggest change the query to

    ResultSet results = stmt.executeQuery("select * from " + tableName +" where username ='"+login+"'");

    hope...It might help you..
     
    Ranch Hand
    Posts: 246
    Firefox Browser Oracle
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Try this using prepared statement
    PreparedStatement pstmt;

    String sql="Select * from login where username=? and password=?"
    pstmt=conn.prepareStatement(sql);
    pstmt.setString(1,username);
    pstmt.setString(2,password);
    ResultSet rs=pstmt.executeQuery();
     
    nasha shaharan
    Greenhorn
    Posts: 22
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    oh i solved it!
    thanks andrew and venkat!

    anyways this is my code now:

     
    Bartender
    Posts: 2270
    20
    Android Java ME Eclipse IDE Java
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator


    The above code it self will satisfy your purpose, then what is the below code. Why are you checking once again?


    just by doing this your purpose should get solved, with an assumption that username and password forms a unique record

     
    nasha shaharan
    Greenhorn
    Posts: 22
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator

    Swastik Dey wrote:

    The above code it self will satisfy your purpose, then what is the below code. Why are you checking once again?


    just by doing this your purpose should get solved, with an assumption that username and password forms a unique record




    im doing that because i wanna compare if the user inputs the right set of username and password.
    if i follow your suggestion, then how to compare the password part?
     
    Bartender
    Posts: 10336
    Hibernate Eclipse IDE Java
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    I think Swastik is just misreading your SQL - assumign it check by both username and password. If you have already matched your user by username and password in SQL, what extra functionality does your check in Java provide? You only check by username; if you change your SQL to check by both credentials your Java code is redundant.
     
    Swastik Dey
    Bartender
    Posts: 2270
    20
    Android Java ME Eclipse IDE Java
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    Paul is right, I just misread it. It should be



    However it would be better to use PreparedStatement.
     
    Greenhorn
    Posts: 7
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    I must agree with Paul.

    Imagine what would happen if you had 2 users (table row entries) with the same username but different passwords.....
     
    Always look on the bright side of life. At least this ad is really tiny:
    Smokeless wood heat with a rocket mass heater
    https://woodheat.net
    reply
      Bookmark Topic Watch Topic
    • New Topic