• Post Reply Bookmark Topic Watch Topic
  • New Topic

Validation of data in database using resultset  RSS feed

 
Krishnaveni Hanuman
Greenhorn
Posts: 10
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I am doing an Online examination project.( (I have used JNDI for DB)
I have created table exam_id having register number and password as the two columns.
Below is a snippet of the code that has to do validation.

int reg=request.Parameter("register_num");
String pass=request.getParameter("password");//values obtained from web page

Context c=new InitialContext();
DataSource ds=(DataSource) c.lookup("jndi_pool");

Connection con=ds.getConnection();
Statement stmt=con.createStatement();

String s="select password from exam_id where register_number="+reg+"";

ResultSet rs=stmt.executeQuery(s);

My doubt is, if we have a single value say,reg=123 and password="abc", we would do that as :
if(reg==123 && password.equals("abc") {
//redirect to success page
}


but now, i have a resultset which only returns true. how do i perform validation if a user enters a register number and password?
also , if the register number that user entered doesn't exist in DB, how can i come to know that?? or how do i validate that?

Please help me
 
Tim Holloway
Bartender
Posts: 18549
61
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This question has nothing at all to do with Tomcat. I'm moving it to a more appropriate forum.

However, when checking a password, the more secure way to do it is like this:



If the returned value is 0, the password did not match.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!