neks
asked on
Storing Passwords in Access Database
Hi,
i have an 'insert form" where students enter their details including their password....
<td><b>Paswword:</b></td>
<td>
<input type="password" name="Password"> Password
</td>
<tr>
</table>
<input type="submit" name="Insert" value="Insert Student">
then the form gets processed i.e. the data is sent to my access database.....
statement.setString(12,req
statement.executeUpdate();
<td width="28%" aligh="right">Password</td
<td width="72%">
<%= request.getParameter("Pass
</td>
</tr>
when the form is processed the password is not encrypted, which is o.k, but when i check my access database, the password has not been inserted in the db? why is that? how can I resolve this matter, and still keep the "input type" as password.
Thanx
i have an 'insert form" where students enter their details including their password....
<td><b>Paswword:</b></td>
<td>
<input type="password" name="Password"> Password
</td>
<tr>
</table>
<input type="submit" name="Insert" value="Insert Student">
then the form gets processed i.e. the data is sent to my access database.....
statement.setString(12,req
statement.executeUpdate();
<td width="28%" aligh="right">Password</td
<td width="72%">
<%= request.getParameter("Pass
</td>
</tr>
when the form is processed the password is not encrypted, which is o.k, but when i check my access database, the password has not been inserted in the db? why is that? how can I resolve this matter, and still keep the "input type" as password.
Thanx
ASKER
Thanx,
yeah it was a typing error. Another thing. When a user logs in (with the right password), their name and surname is revealed, with links to "view", "update" or "delete" their record, if one of these links are clicked on, what code do I use to go back to the previous page where the other links are?
String query = "SELECT StudentID,FirstName,LastNa
java.sql.PreparedStatement
statement.setString(1,requ
statement.setString(2,requ
java.sql.ResultSet RS = statement.executeQuery();
%>
<table BORDER WIDTH="100%" >
<tr>
<td><b>-</b></td>
<td><b>-</b></td>
<td><b>-</b></td>
<td><b>First Name</b></td>
<td><b>Surname</b></td>
</tr>
<%
String ID = "";
while(RS.next())
{
ID = RS.getString("StudentID");
%>
<tr>
<td><a href="ViewBuddyForm.jsp?id
<td><a href="UpdateBuddyForm.jsp?
<td><a href="DeleteBuddyForm.jsp?
<td><%=RS.getString("First
<td><%=RS.getString("LastN
</tr>
sample of the "viewbuddyform"
String query = "SELECT * FROM Student WHERE StudentID = ?";
java.sql.PreparedStatement
statement.setInt(1,Integer
java.sql.ResultSet RS = statement.executeQuery();
%>
<%
while(RS.next())
{
%>
<form method="Post" action="DisplayDetailedRec
<table width="50%" border="1">
<input type="hidden" name="StudentID" value="<%=RS.getString("St
<tr>
<td width="30%"><b>First Name:</b></td>
<td width="70%"><%=RS.getStrin
</tr>
<tr>
<td width="30%"><b>Surname:</b
<td width="70%"><%=RS.getStrin
</tr>
<tr>
<td width="30%"><b>Sex:</b></t
<td width="70%"><%=RS.getStrin
</tr>
<tr>
<td width="30%"><b>Age:</b></t
<td width="70%"><%=RS.getStrin
</tr>
<tr>
<td width="30%"><b>Degree Code:</b></td>
<td width="70%"><%=RS.getStrin
</tr>
<tr>
<td width="30%"><b>Degree Name:</b></td>
<td width="70%"><%=RS.getStrin
</tr>
</table>
so thus, how would I go back to the previous page?
yeah it was a typing error. Another thing. When a user logs in (with the right password), their name and surname is revealed, with links to "view", "update" or "delete" their record, if one of these links are clicked on, what code do I use to go back to the previous page where the other links are?
String query = "SELECT StudentID,FirstName,LastNa
java.sql.PreparedStatement
statement.setString(1,requ
statement.setString(2,requ
java.sql.ResultSet RS = statement.executeQuery();
%>
<table BORDER WIDTH="100%" >
<tr>
<td><b>-</b></td>
<td><b>-</b></td>
<td><b>-</b></td>
<td><b>First Name</b></td>
<td><b>Surname</b></td>
</tr>
<%
String ID = "";
while(RS.next())
{
ID = RS.getString("StudentID");
%>
<tr>
<td><a href="ViewBuddyForm.jsp?id
<td><a href="UpdateBuddyForm.jsp?
<td><a href="DeleteBuddyForm.jsp?
<td><%=RS.getString("First
<td><%=RS.getString("LastN
</tr>
sample of the "viewbuddyform"
String query = "SELECT * FROM Student WHERE StudentID = ?";
java.sql.PreparedStatement
statement.setInt(1,Integer
java.sql.ResultSet RS = statement.executeQuery();
%>
<%
while(RS.next())
{
%>
<form method="Post" action="DisplayDetailedRec
<table width="50%" border="1">
<input type="hidden" name="StudentID" value="<%=RS.getString("St
<tr>
<td width="30%"><b>First Name:</b></td>
<td width="70%"><%=RS.getStrin
</tr>
<tr>
<td width="30%"><b>Surname:</b
<td width="70%"><%=RS.getStrin
</tr>
<tr>
<td width="30%"><b>Sex:</b></t
<td width="70%"><%=RS.getStrin
</tr>
<tr>
<td width="30%"><b>Age:</b></t
<td width="70%"><%=RS.getStrin
</tr>
<tr>
<td width="30%"><b>Degree Code:</b></td>
<td width="70%"><%=RS.getStrin
</tr>
<tr>
<td width="30%"><b>Degree Name:</b></td>
<td width="70%"><%=RS.getStrin
</tr>
</table>
so thus, how would I go back to the previous page?
you can do two things.
1. provide a link that has the link with the main page hard coded (recommended b/c it won't fail)
2. use javascript:
<SCRIPT LANGUAGE="JavaScript"><!--
function back() {
history.go(-1);
}
//--></SCRIPT>
<A HREF="javascript:back()">B
HTH,
CJ
1. provide a link that has the link with the main page hard coded (recommended b/c it won't fail)
2. use javascript:
<SCRIPT LANGUAGE="JavaScript"><!--
function back() {
history.go(-1);
}
//--></SCRIPT>
<A HREF="javascript:back()">B
HTH,
CJ
ASKER
im a new learner when it comes to JSP. If you hard code the page, will it still work if another user uses the same page?
plus can you show me how its done because I have no idea
Thanx
plus can you show me how its done because I have no idea
Thanx
what you should do is store their login information, username in session. so you can retrieve the information for the user who is logged in.
If the session information doesn't exist redirect them to the login page.
If you need help with this let me know, I can post some sample pseudo code for you.
CJ
If the session information doesn't exist redirect them to the login page.
If you need help with this let me know, I can post some sample pseudo code for you.
CJ
ASKER
This is what I have done so far for the login information. I need an if statement somewhere incase the username or password is incorrect, directing them to another page, where would that go in my coding below....
Class.forName("sun.jdbc.od
java.sql.Connection connection = java.sql.DriverManager.get
String query = "SELECT StudentID,FirstName,LastNa
java.sql.PreparedStatement
statement.setString(1,requ
statement.setString(2,requ
java.sql.ResultSet RS = statement.executeQuery();
%>
<table BORDER WIDTH="100%" >
<tr>
<td><b>-</b></td>
<td><b>-</b></td>
<td><b>-</b></td>
<td><b>First Name</b></td>
<td><b>Surname</b></td>
</tr>
<%
String ID = "";
while(RS.next())
{
ID = RS.getString("StudentID");
%>
<tr>
<td><a href="ViewBuddyForm.jsp?id
<td><a href="UpdateBuddyForm.jsp?
<td><a href="DeleteBuddyForm.jsp?
<td><%=RS.getString("First
<td><%=RS.getString("LastN
Class.forName("sun.jdbc.od
java.sql.Connection connection = java.sql.DriverManager.get
String query = "SELECT StudentID,FirstName,LastNa
java.sql.PreparedStatement
statement.setString(1,requ
statement.setString(2,requ
java.sql.ResultSet RS = statement.executeQuery();
%>
<table BORDER WIDTH="100%" >
<tr>
<td><b>-</b></td>
<td><b>-</b></td>
<td><b>-</b></td>
<td><b>First Name</b></td>
<td><b>Surname</b></td>
</tr>
<%
String ID = "";
while(RS.next())
{
ID = RS.getString("StudentID");
%>
<tr>
<td><a href="ViewBuddyForm.jsp?id
<td><a href="UpdateBuddyForm.jsp?
<td><a href="DeleteBuddyForm.jsp?
<td><%=RS.getString("First
<td><%=RS.getString("LastN
ASKER
hello,
I still need help with an IF statement, where and what code I should use if the password or username is incorrect (using the code above). Please help.
neks
I still need help with an IF statement, where and what code I should use if the password or username is incorrect (using the code above). Please help.
neks
do this:
boolean successfulLogin = false;
<%
while (RS.next()) {
successfulLogin = true;
ID = RS.getString("StudentID");
%>
<tr>
<td><a href="ViewBuddyForm.jsp?id
<td><a href="UpdateBuddyForm.jsp?
<td><a href="DeleteBuddyForm.jsp?
<td><%=RS.getString("First
<td><%=RS.getString("LastN
<% } %>
<% if (! successfulLogin) {
response.sendRedirect("you
}
%>
You should store successfulLogin in session so that every page checks for it and redirects to your login form if the user has not logged in.
CJ
boolean successfulLogin = false;
<%
while (RS.next()) {
successfulLogin = true;
ID = RS.getString("StudentID");
%>
<tr>
<td><a href="ViewBuddyForm.jsp?id
<td><a href="UpdateBuddyForm.jsp?
<td><a href="DeleteBuddyForm.jsp?
<td><%=RS.getString("First
<td><%=RS.getString("LastN
<% } %>
<% if (! successfulLogin) {
response.sendRedirect("you
}
%>
You should store successfulLogin in session so that every page checks for it and redirects to your login form if the user has not logged in.
CJ
ASKER
Sorry about this, but Im not sure what you mean by storing "successfulLogin" in session, and i guess thats why an error is coming up saying there is no entity called "succesfulLogin" :(
I mean that the above will work for the login submit page.
But to prevent users from directly accessing urls and not logging in you need to store their logged in status in sessino.
the above code should work without that.
lets first fix the above code, then we can get into session stuff.
CJ
But to prevent users from directly accessing urls and not logging in you need to store their logged in status in sessino.
the above code should work without that.
lets first fix the above code, then we can get into session stuff.
CJ
ASKER
using your code above that you posted brings up an error saying that "there is no entity called successful Login". I have used the exact code... this is my code below;
boolean successfulLogin = false;
<%
String ID = "";
while(RS.next()){
successfulLogin = true;
ID = RS.getString("StudentID");
%>
<tr>
<td><a href="ViewBuddyForm.jsp?id
<td><a href="UpdateBuddyForm.jsp?
<td><a href="DeleteBuddyForm.jsp?
<td><%=RS.getString("First
<td><%=RS.getString("LastN
</tr>
<% } %>
<% if (! successfulLogin) {
response.sendRedirect("you
}
RS.close();
connection.close();
%>
where am i still going wrong then? I have also created a jsp page called "yourloginform"
boolean successfulLogin = false;
<%
String ID = "";
while(RS.next()){
successfulLogin = true;
ID = RS.getString("StudentID");
%>
<tr>
<td><a href="ViewBuddyForm.jsp?id
<td><a href="UpdateBuddyForm.jsp?
<td><a href="DeleteBuddyForm.jsp?
<td><%=RS.getString("First
<td><%=RS.getString("LastN
</tr>
<% } %>
<% if (! successfulLogin) {
response.sendRedirect("you
}
RS.close();
connection.close();
%>
where am i still going wrong then? I have also created a jsp page called "yourloginform"
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks a million you for your help. You were great!
and most of all patient... Its greatly appreciated
Neks
glad I could help and thanx for the "A"
CJ
CJ
one thing I noticed:
your field name is "Password"
but in your code you are retrieving "Paswword"
try this:
statement.setString(12,req
statement.executeUpdate();
CJ