?
Solved

Can I add another IF statement?

Posted on 2003-03-28
10
Medium Priority
?
151 Views
Last Modified: 2010-04-01
I have an if statement to allow a user access to the web page as long as they have the right password. The second stage is when they successfully login there is another button on that web page that allows a user to search for a buddy, but only "1st" year students, can search (not 2nd or 3rd years), how do i tackle this. My code is below....


Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
java.sql.Connection connection = java.sql.DriverManager.getConnection("jdbc:odbc:Student_db","","");
String query = "SELECT StudentID,FirstName,LastName,UserName, Password FROM Student WHERE UserName=? AND Password=?";
java.sql.PreparedStatement statement = connection.prepareStatement(query);
statement.setString(1,request.getParameter("UserName"));
statement.setString(2,request.getParameter("Password"));
java.sql.ResultSet RS = statement.executeQuery();
%>


<table BORDER WIDTH="100%" >
<tr>
     <td><b>-</b></td>
     <td><b>-</b></td>
     <td><b>-</b></td>
     <td><b>First Name</b></td>
     <td><b>Surname</b></td>
     
</tr>

<%
boolean successfulLogin = false;
String ID = "";
while(RS.next()){
successfulLogin = true;

                    ID = RS.getString("StudentID");    
%>


<tr>
     <td><a href="ViewBuddyForm.jsp?id=<%=ID%>">View</a></td>
     <td><a href="UpdateBuddyForm.jsp?id=<%=ID%>">Update</a></td>
     <td><a href="DeleteBuddyForm.jsp?id=<%=ID%>">Delete</a></td>
     <td><%=RS.getString("FirstName") %></td>
     <td><%=RS.getString("LastName") %></td>
</tr>

<% } %>
<% if (! successfulLogin) {
     response.sendRedirect("yourloginform.jsp");

}
RS.close();
connection.close();
%>

</table>
</td>
  </tr>
 </tr>
<P><p><a href="ThreeSearchesDirectory.jsp">Search for a Buddy</a></p>
     </td>
  </tr>
0
Comment
Question by:gotchi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 11

Expert Comment

by:fargo
ID: 8228374
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
java.sql.Connection connection = java.sql.DriverManager.getConnection("jdbc:odbc:Student_db","","");
String query = "SELECT StudentID,FirstName,LastName,UserName, Password FROM Student WHERE UserName=? AND Password=?";
java.sql.PreparedStatement statement = connection.prepareStatement(query);
statement.setString(1,request.getParameter("UserName"));
statement.setString(2,request.getParameter("Password"));
java.sql.ResultSet RS = statement.executeQuery();
%>


<table BORDER WIDTH="100%" >
<tr>
    <td><b>-</b></td>
    <td><b>-</b></td>
    <td><b>-</b></td>
    <td><b>First Name</b></td>
    <td><b>Surname</b></td>
   
</tr>

<%
boolean successfulLogin = false;
String ID = "";
while(RS.next()){
successfulLogin = true;

                   ID = RS.getString("StudentID");    
%>


<tr>
    <td><a href="ViewBuddyForm.jsp?id=<%=ID%>">View</a></td>
    <td><a href="UpdateBuddyForm.jsp?id=<%=ID%>">Update</a></td>
    <td><a href="DeleteBuddyForm.jsp?id=<%=ID%>">Delete</a></td>
    <td><%=RS.getString("FirstName") %></td>
    <td><%=RS.getString("LastName") %></td>
</tr>

<% } %>
<% if (! successfulLogin) {
<script>
   location.href = "yourloginform.jsp";
</script>
}else{
<script>
   location.href = "ThreeSearchesDirectory.jsp";
</script>
}

RS.close();
connection.close();
%>

</table>
</td>
 </tr>
</tr>
 </td>
 </tr>

moreover, try to close the connection and rs after execution in
try{
}catch(){
}finally{
// close the connection here
}

Hope this helps
happy working
fargo
0
 

Author Comment

by:gotchi
ID: 8228513
i dont think my question was clear enough. My code works, but i need to add in more code to allow or deny furthur access to the user. When the user clicks on the button "Search for a buddy", (look at my code above) I only want "1st" year students to search not 2nd or 3rd, so the code should be able to look at the database under the column "Year", and allow the user to search if they are 1st years.  I hope this is clearer on what I want to achieve
0
 
LVL 2

Expert Comment

by:amit_chauhan
ID: 8228887
I guess, you would be storing student_year (1st yr, 2nd yr or 3rd yr) somewhere in your database. Fetch that along with student_id and name etc. Assuming, its stored in the same table, your query would look like this :

String query = "SELECT StudentID,FirstName,LastName,UserName, Password, student_year FROM Student WHERE UserName=? AND Password=?";

Define a variable String studentYear on the top:

int studentYear = 0;

Add this line where you are getting the student ID:

studentYear = rs.getInt ("student_year");

Lastly, add this line where your 'Search for a buddy' link is :

<%
  if (studentYear == 1)
  {
%>
<a href="ThreeSearchesDirectory.jsp">Search for a Buddy</a>
<%
  }
%>

'Search for a buddy' will not be displayed for students other than 1st year students.

Putting it all together, your code will look like this :

<%

int studentYear = 0

Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
java.sql.Connection connection = java.sql.DriverManager.getConnection("jdbc:odbc:Student_db","","");
String query = "SELECT StudentID,FirstName,LastName,UserName, Password, student_year FROM Student WHERE UserName=? AND Password=?";
java.sql.PreparedStatement statement = connection.prepareStatement(query);
statement.setString(1,request.getParameter("UserName"));
statement.setString(2,request.getParameter("Password"));
java.sql.ResultSet RS = statement.executeQuery();
%>


<table BORDER WIDTH="100%" >
<tr>
    <td><b>-</b></td>
    <td><b>-</b></td>
    <td><b>-</b></td>
    <td><b>First Name</b></td>
    <td><b>Surname</b></td>
   
</tr>

<%
boolean successfulLogin = false;
String ID = "";
while(RS.next()){
successfulLogin = true;

                   ID = RS.getString("StudentID");
                   student_year = RS.getInt ("student_year");
%>


<tr>
    <td><a href="ViewBuddyForm.jsp?id=<%=ID%>">View</a></td>
    <td><a href="UpdateBuddyForm.jsp?id=<%=ID%>">Update</a></td>
    <td><a href="DeleteBuddyForm.jsp?id=<%=ID%>">Delete</a></td>
    <td><%=RS.getString("FirstName") %></td>
    <td><%=RS.getString("LastName") %></td>
</tr>

<% } %>
<% if (! successfulLogin) {
    response.sendRedirect("yourloginform.jsp");

}
RS.close();
connection.close();
%>

</table>
</td>
 </tr>
</tr>
<P>
<%
  if (studentYear == 1)
  {
%>
<p><a href="ThreeSearchesDirectory.jsp">Search for a Buddy</a></p>
<%
  }
%>
    </td>
 </tr>



Hope that helps
Thanks
Amit
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:gotchi
ID: 8235946
That doesnt work. Firstly The "search for a Buddy" button does not appear on the screen, so therefore i cannot test the if statement for "year". Please keep in mind that when the user signs in, and then proceeds to doing a search the program has to coresspond to the same user, meaning it should read it from the users record only.
Thanx :)
0
 
LVL 2

Expert Comment

by:amit_chauhan
ID: 8236845
What exactly do you want to happen ? The code I gave will have 'search for Buddy' button appear only for 1st year students and will not appear for any other year's users.
If this is not the behaviour you want, then what exactly should happen when the user comes to this page after login. If the button is to be displayed for all the users, then should a message be displayed when the user clicks on the button, that hes not allowed to search because hes not a first year student ?

Please specify little more in detail about what kind of behaviour you want.

Thanks
Amit
0
 

Author Comment

by:gotchi
ID: 8237707
Hi,
Im sorry i havent been clear. Yes the second bit of ur comment is what i want the program to do. For all users to see the button, and then have a comment saying he or she can or cannot search the database. Thank you

gotchi
0
 
LVL 4

Expert Comment

by:Binary1
ID: 8240463
Try something like this:

<%=(firstYearStudent==true
    ? "<input type=""button"" value=""Push Here"" onClick=""javascript:alert('You cant search');"">"
    : "<input type=""submit"" value=""Push Here"">")%>

I'm assuming that this button is within a form. You may to change the

0
 
LVL 2

Accepted Solution

by:
amit_chauhan earned 120 total points
ID: 8240658
Hi,
As Binary mentioned, replace these lines in my example :

<%
 if (studentYear == 1)
 {
%>
<p><a href="ThreeSearchesDirectory.jsp">Search for a Buddy</a></p>
<%
 }
%>


with this :

<%
 if (studentYear == 1)
 {
%>
<p><a href="ThreeSearchesDirectory.jsp">Search for a Buddy</a></p>
<%
 }
 else
 {
%>
<p><a href="javascript:alert ('You cannot search for buddy !!')">Search for a Buddy</a></p>
<%
 }
%>


Hope that helps
thanks
Amit
0
 

Author Comment

by:gotchi
ID: 8241583
Thank you amit,
Im sorry that I wasnt clear from the start, but Ive got the results that I wanted. Thank you for your patience and time. You have been helpful. Well done :)
Neks
0
 
LVL 2

Expert Comment

by:amit_chauhan
ID: 8242013
You welcome and thanks for the points.

Amit
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
Hey fellow admins! This time, I have a little fairy tale for you. As many tales do, it starts boring and then gets pretty gory. I hope you like it. TL;DR: It is about an important security matter, you should read it if you run or administer Windows …
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question