• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

session in desktop application?

 
Punit Jain
Ranch Hand
Posts: 1014
2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hello , i create a desktop application, when user run that, a login screen appears, and only after successful login he will get access to that software.
but i want afetr user logged in, if he again run that application he should not get login screen again.
so what can i do for this, sessions are there in desktop applications??
also i want to know my login code is okay or not, here is my login code:



Thank you.
 
Tim Moores
Bartender
Posts: 2895
46
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
also i want to know my login code is okay or not

It's not, it's wide open to SQL injection attacks. Read up on PreparedStatement.
 
Maneesh Godbole
Saloon Keeper
Posts: 11096
13
Android Eclipse IDE Google Web Toolkit Java Mac Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Punit Jain wrote:
so what can i do for this, sessions are there in desktop applications??

No. But you can use the preference API
 
Ranganathan Kaliyur Mannar
Bartender
Posts: 1101
10
Java Netbeans IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Your login code is very poor. You have declared a PreparedStatement and are calling 'prepareStatement' too, but it is a waste because there is nothing there to prepare in the query.

As for session, I don't think your definition of session is correct. Even in a web app, when I open the browser and log in, my 'session' is alive only till my browser is open. If I close the browser and re-open again, my session is lost and I have to re-login again. So, I think the same would apply to desktop too.

If you want the functionality that you have mentioned, you have to write your own logic, but don't call it a 'session'.
 
Punit Jain
Ranch Hand
Posts: 1014
2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
okay i have done changes to my login code, here is what i changed:
 
Punit Jain
Ranch Hand
Posts: 1014
2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
also with my earlier login code i just tried for sql injuction with below login id and password:

user:admin
pass:’ or 1=1–

but it showing me exception only, not giving my user id and password.??
 
Tim Moores
Bartender
Posts: 2895
46
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How about this as a password:

'; drop table AdminLogin; --
 
Punit Jain
Ranch Hand
Posts: 1014
2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
no it's not dropped my table, it showing me one exception:
 
Tim Moores
Bartender
Posts: 2895
46
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, just keep at it and eventually you may succeed.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic