Carey Brown

Again, this is meant as an *example*. You will have to customize it for your particular application and replace PersistentStorage with some managed database or file.
import java.security.MessageDigest; import java.security.SecureRandom; import java.util.HashSet; import java.util.Scanner; import java.util.Set; public class PinMain { public static void main( String[] args ) { // RandomMD5.randomMD5(); // use once to come up with NULL_MD5 System.out.print( "Enter name (john.doe): " ); String userName = Login.KBD.nextLine(); if( Login.login( userName ) ) { // some debug lines to test System.out.println( "Change pin..." ); Login.changeUserPin( userName ); System.out.println( "Log in with new pin..." ); if( Login.login( userName ) ) { } } } } class Login { public static final Scanner KBD = new Scanner( System.in ); public static final String NULL_MD5 = "66E90EFD6091BA776C903DF6FD0F7088"; public static boolean login( String userName ) { String userHash = PersistentStorage.getHash( userName ); if( userHash == null ) { // means no user by that name was found. // what do you want to do here? } if( userHash.equals( NULL_MD5 ) ) { String pin = createNewPin(); PersistentStorage.update( userName, md5HexString( pin ) ); return true; } else { System.out.print( "Enter pin: " ); String pin = KBD.nextLine(); if( isValid( pin ) && userHash.equals( md5HexString( pin ) ) ) { System.out.println( "Login successful." ); return true; } System.out.println( "Login failed, invalid pin." ); return false; } } private static String createNewPin() { String pin = ""; while( true ) { System.out.print( "Enter new pin: " ); pin = KBD.nextLine(); // TODO some way to say "never mind" ?? if( ! isValid(pin) ) { System.out.println( "The pin you've entered is invalid." ); continue; } System.out.print( "Confirm new pin: " ); String confirmPin = KBD.nextLine(); if( pin.equals( confirmPin ) ) break; System.out.println( "The pin you've entered does not match, start over." ); } return pin; } // Should only be run by an admin. Will force the user to // create a new pin next time. public static void resetUserPin( String userName ) { PersistentStorage.update( userName, NULL_MD5 ); } // Called from a user that has already logged in with a valid pin. public static void changeUserPin( String userName ) { PersistentStorage.update( userName, md5HexString( createNewPin() ) ); } private static boolean isValid( String s ) { return s.matches( "\\d{4}" ); // must be 4 digits long } public static String md5HexString( String s ) { return toHexString( md5( s ) ); } public static byte[] md5( String s ) { try { MessageDigest md = MessageDigest.getInstance( "MD5" ); byte[] buf = s.getBytes(); md.update( buf, 0, buf.length ); return md.digest(); } catch( Exception ex ) { return new byte[16]; } } public static String toHexString( byte[] byteArray ) { final String HEX_CHARS = "0123456789ABCDEF"; // result buffer to hold ASCII character values // to be converted to a String on return. // Length of byteArray times 2. byte[] result = new byte[byteArray.length << 1]; int len = byteArray.length; for( int i = 0 ; i < len ; i++ ) { byte b = byteArray[i]; // next byte from array int lo4 =   b & 0x0F; // lo 4 bits, 0-15 int hi4 = ( b & 0xF0 ) >> 4; // hi 4 bits, 0-15 // Fill result with two ASCII characters, // one for hi 4 bits, and one for lo 4 bits. result[i * 2    ] = (byte)HEX_CHARS.charAt( hi4 ); result[i * 2 + 1] = (byte)HEX_CHARS.charAt( lo4 ); } return new String( result ); // convert result to String } } // Dummy place holder. Should be replaced with database or // file for persistent storage. class PersistentStorage { private static final String VALID_MD5 = "DF3AEBC649F9E3B674EEB790A4DA224E"; // 6357 private static String validHash = VALID_MD5; private static boolean firstTime = true; public static String getHash( String userName ) { if( "john.doe".equals( userName ) ) { // if( firstTime ) // { // firstTime = false; // validHash = Login.NULL_MD5; // } return validHash; } return null; } public static void update( String userName, String hash ) { validHash = hash; } } // For development only. Use once and take the returned hash // and hard code it into the Login class. // Find a random hash that is NOT a hash created by any valid pin // number. Only works for 4 digit pins. class RandomMD5 { public static void randomMD5() { Set<String> validMD5s = new HashSet<>(); SecureRandom random = new SecureRandom(); byte[] bytes = new byte[16]; // 16 is length of MD5 String randomHash; // populate set of valid hashes for( int i=0 ; i < 10_000 ; i++ ) validMD5s.add( Login.md5HexString( String.format("%04d",i) ) ); do { random.nextBytes( bytes ); randomHash = Login.toHexString( bytes ); } while( validMD5s.contains( randomHash ) ); System.out.println( "Random MD5: " + randomHash ); } }

I'm afraid you've posted on a "Java" forum. What you posted is  "JavaScript", not "Java" (aside from the annoying name similarities).

To post your code just cut-n-paste the code. Then drag the cursor over the code so that it is highlighted. Then click on the 'Code' button just above the edit window. To see if it worked click on the 'Preview' button below the edit window. The code should appear in the preview window with line numbers.

symbol:   class Card   location: class FourOfAKind FourOfAKind.java:157: error: cannot find symbol     int leastDesirableCard(Card[] cards)                            ^The arrow points to "Card". Are you compiling your Card.java program as well? Is it in the same package?

When you post error messages, also use Code tags to get the correct character spacing.
FourOfAKind.java:149: error: cannot find symbol     int leastDesirableCard(Card[] cards)                            ^ This saying it can't find your class named "Card". Seeing as how you have an almost identical use on line 139 (which I presume is NOT giving you an error) I'm going to guess that you may have an unprintable character in that line. I suggest deleting 149 and re-typing it.

Ah. Forget that. It looks like you need to declare "leastDesireableCard" as static.

You will get people grumbling about 'static' being used in this manor as a bandaid for not having an object oriented approach. The general rule is that main() should have very few lines of code in it and should primarily be used as a place to create an instance of your class.
public class FourOfAKind {     public static void main( String[] args )     {         FourOfAKind instance = new FourOfAKind();         instance.run();     }     public void run() // call this method anything you like     {         // ... put all your "main" stuff in here     } }

When you post error messages, also use Code tags to get the correct character spacing.
FourOfAKind.java:149: error: cannot find symbol     int leastDesirableCard(Card[] cards)                            ^ This saying it can't find your class named "Card". Seeing as how you have an almost identical use on line 139 (which I presume is NOT giving you an error) I'm going to guess that you may have an unprintable character in that line. I suggest deleting 149 and re-typing it.

Ah. Forget that. It looks like you need to declare "leastDesireableCard" as static.

You will get people grumbling about 'static' being used in this manor as a bandaid for not having an object oriented approach. The general rule is that main() should have very few lines of code in it and should primarily be used as a place to create an instance of your class.
public class FourOfAKind {     public static void main( String[] args )     {         FourOfAKind instance = new FourOfAKind();         instance.run();     }     public void run() // call this method anything you like     {         // ... put all your "main" stuff in here     } }

Which is line 149?
Please re-post your code and this time use the Code tags. To achieve this, first highlight your entire block of code by dragging the mouse. Then click on the 'Code' button just above the editing window. Then click the 'Preview' button below the editing window, this will show you if it worked. If it worked then the code should appear with line numbers.

long len = 0; for( int w=0 ; w < AssemblePDF.size() ; w++ ) {     int tem = AssemblePDF.get(w).length;     len += tem; }          if( len > 20_000_000) {     System.out.println("It is more than 20 MB"); }Seems good to me. I have a few suggestions though:

Clean up your indentation.

Don't use 'l' (lower case 'L') for a variable, it's too easy to mistake for a one.

Use descriptive variable names.

Use the '+=' operator instead of A=A+B.

Use underscores (_) in long numeric constants to make it more readable.

if( Login.login() )         {             // ...         } The "..." means you need to put something there. This would be the code in main() that you'd like to execute if the login is successful.

Some Java bit twiddling. Each input bytes results in two ASCII characters '0' through 'F'.
private static String toHexString( byte[] byteArray ) { final String HEX_CHARS = "0123456789ABCDEF"; // result buffer to hold ASCII character values // to be converted to a String on return. // Length of byteArray times 2. byte[] result = new byte[byteArray.length << 1]; int len = byteArray.length; for( int i = 0 ; i < len ; i++ ) { byte b = byteArray[i]; // next byte from array int lo4 =   b & 0x0F; // lo 4 bits, 0-15 int hi4 = ( b & 0xF0 ) >> 4; // hi 4 bits, 0-15 // Fill result with two ASCII characters, // one for hi 4 bits, and one for lo 4 bits. result[i * 2    ] = (byte)HEX_CHARS.charAt( hi4 ); result[i * 2 + 1] = (byte)HEX_CHARS.charAt( lo4 ); } return new String( result ); // convert result to String }

Martin McNicholas wrote:As two last notes there are two things I would like to ask. The first is I am assuming the login class is left black on purpose correct?

I don't follow this.

What format are your Strings 'a' and 'b' in?

If you want to see if a user entered a pin of 6357 you'd have to compare it with something: a hard coded string in the software, a string in a text file, a string in a serialized file, or even a field in a database. ALL of these are vulnerable to hacking efforts or easily obtained by a system administrator. This is especially insidious if a person happens to use a number that is easy for them to remember for logging in to multiple accounts.

So if you can't store the string 6357, then what do you store?

You want a set of bytes that has a strong relationship to the entered pin (or password), and then store that set of bytes using one of the approaches listed above. Now if someone hacks the storage they only find a meaningless sequence of bytes which does not give them enough info to reverse engineer the pin. The result is that they won't know the pin to use in order to log in to the system.

One approach to getting a string of encoded bytes for a pin is to use a hash function. There are several available. Java comes with an API to generate hashes. One of the easier ones to connect to is the MD5 hash. You take your pin string and pass it to the MD5 methods and it returns an array of 16 seemingly random bytes. For convenience sake, this is often converted to a 32 character hex string for storage and comparison. Note that a hash is not 1 for 1 unique to a pin. That is, multiple pins may hash to the same 16 bytes. This is so rare that it doesn't impact the security because, again, you can't use the hash to reverse engineer the pin.

So, you now have a stored hash instead of a stored pin. Now, how do you verify a pin during log in? It is pretty straight forward. You prompt the user to enter a pin, you hash that pin to come up with the hash value, and then compare that hash value to the one previously stored. If it matches, they've successfully logged in. At no time is the plain text pin sent across the network, or internet, or written to a hard drive.

That's pretty much it in a nutshell.

Please avoid quoting previous post unless it is pertinent to your reply. If you were responding to an older post, for example, quoting the post might make it clearer as to what you are responding to.  Otherwise, quoting just adds bulk with no new information.

You could have a Login class like this. Note I've used the MD5 validation previously mentioned for security. You might just do a string comparison with "6357", but it is not as secure.
import java.security.MessageDigest; import java.util.Scanner; public class PinMain { public static void main( String[] args ) { if( Login.login() ) { // ... } } } class Login { public static final Scanner KBD = new Scanner( System.in ); public static final String VALID_MD5 = "DF3AEBC649F9E3B674EEB790A4DA224E"; // 6357 public static boolean login() { System.out.print( "Enter pin: " ); String pin = KBD.nextLine(); if( isValid( pin ) && VALID_MD5.equals( md5HexString( pin ) ) ) { System.out.println( "Login successful." ); return true; } System.out.println( "Login failed, invalid pin." ); return false; } private static boolean isValid( String s ) { return s.matches( "\\d{4}" ); // must be 4 digits long } private static String md5HexString( String s ) { return toHexString( md5( s ) ); } private static byte[] md5( String s ) { try { MessageDigest md = MessageDigest.getInstance( "MD5" ); byte[] buf = s.getBytes(); md.update( buf, 0, buf.length ); return md.digest(); } catch( Exception ex ) { return new byte[16]; } } private static String toHexString( byte[] byteArray ) { final String HEX_CHARS = "0123456789ABCDEF"; byte[] result = new byte[byteArray.length << 1]; int len = byteArray.length; for( int i = 0 ; i < len ; i++ ) { byte b = byteArray[i]; int lo4 = b & 0x0F; int hi4 = ( b & 0xF0 ) >> 4; result[i * 2] = (byte)HEX_CHARS.charAt( hi4 ); result[i * 2 + 1] = (byte)HEX_CHARS.charAt( lo4 ); } return new String( result ); } }