We help IT Professionals succeed at work.

login page using jsp

Medium Priority
618 Views
Last Modified: 2012-05-11
I have written a login page using jsp but doesnt know understand why the problem does not check my if statement but it is going straight to display the message found in else statement...I know for sure that it is checking the username and password in my database but dont know the reasons why it is not displaying the right message when the user is authenticated...These are my codes..

simple form:
<html>
<head>
<title>User Login JSp</title>

</head>

<body>

<form  action="doLogin.jsp" method="post">
User Name <input type="text" name="sUserName" /><br />
Password <input type="password" name="sPwd" /><br />
<input type="submit"  value="Submit" />
</form>
</body>
</html>

Open in new window


ldoLogin.jsp
<%@page import="java.sql.*"%>

<html>
<body bgcolor="pink">
<%
try
{

String user_db=new String("");
String pass_db=new String("");


Connection con=null;
Statement s=null;
ResultSet rs=null;

Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
con=DriverManager.getConnection("Jdbc:Odbc:dB","","");
 s = con.createStatement( );

String sql = "SELECT Username,Password from Users";

s.executeQuery (sql);
rs = s.getResultSet();


while (rs.next())
{
 user_db=rs.getString("Username").toString();
 pass_db=rs.getString("Password").toString();

}
 if
 
 (user_db.equals(request.getParameter("sUserName"))&&
 pass_db.equals(request.getParameter("sPwd")))
       {
       
        out.println("User Authenticated");
       
       }

           else
              {

               out.println("You are not an authentic person");
               out.println("The value of username is:"+sUserName);
              }


rs.close();
s.close();
con.close();

 }

  catch(Exception e)
      {
 System.out.println("Exception is ;"+e);
      }


 %>

</body>
</html>

Open in new window


Thanks
Comment
Watch Question

Gk

Commented:
You have misplaced the bracket.

while (rs.next())
{
 user_db=rs.getString("Username").toString();
 pass_db=rs.getString("Password").toString();

}!!!!!!!!!
 if()......


should be after the if condition!!!!
Gk

Commented:
<%@page import="java.sql.*"%>

<html>
<body bgcolor="pink">
<%
try
{

String user_db=new String("");
String pass_db=new String("");


Connection con=null;
Statement s=null;
ResultSet rs=null;

Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
con=DriverManager.getConnection("Jdbc:Odbc:dB","","");
 s = con.createStatement( );

String sql = "SELECT Username,Password from Users";

s.executeQuery (sql);
rs = s.getResultSet();


while (rs.next())
{
 user_db=rs.getString("Username").toString();
 pass_db=rs.getString("Password").toString();


 if
 
 (user_db.equals(request.getParameter("sUserName"))&&
 pass_db.equals(request.getParameter("sPwd")))
       {
       
        out.println("User Authenticated");
       
       }

           else
              {

               out.println("You are not an authentic person");
               out.println("The value of username is:"+sUserName);
              }
}//moved to here!!!!

rs.close();
s.close();
con.close();

 }

  catch(Exception e)
      {
 System.out.println("Exception is ;"+e);
      }


 %>

</body>
</html>
Gk

Commented:
Shall i suggest a better option to change your query to be
String sql = "SELECT Username,Password from Users";

sUserName = request.getParameter("sUserName");
sPwd = request.getParameter("sPwd");

sql+= "Where Username='"+sUserNam+"' And Password='""+sPwd+"'";

execute and check only whether the 'rs' is NULL or not!.

Author

Commented:
I did all that...When i move the bracket where you are suggesting, the while loop is checking all the rows in the users tables and printing message like:  You are not an authentic person You are not an authentic person You are not an authentic person You are not an authentic person User Authenticated
You are not an authentic person  You are not an authentic person  You are not an authentic person  You are not an authentic person ...you can clearly see that user authenticated message appear but with all the wrong message. It is 9 messages because i have 9 usernames in my users table...

About GK suggestion, i will try it and get back to you...thanks

Guys, I have tried everything from 21h till 6h in the morning but ??????????????????
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION

Author

Commented:
thanks
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.