Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 598
  • Last Modified:

login page using jsp

I have written a login page using jsp but doesnt know understand why the problem does not check my if statement but it is going straight to display the message found in else statement...I know for sure that it is checking the username and password in my database but dont know the reasons why it is not displaying the right message when the user is authenticated...These are my codes..

simple form:
<html>
<head>
<title>User Login JSp</title>

</head>

<body>

<form  action="doLogin.jsp" method="post">
User Name <input type="text" name="sUserName" /><br />
Password <input type="password" name="sPwd" /><br />
<input type="submit"  value="Submit" />
</form>
</body>
</html>

Open in new window


ldoLogin.jsp
<%@page import="java.sql.*"%>

<html>
<body bgcolor="pink">
<%
try
{

String user_db=new String("");
String pass_db=new String("");


Connection con=null;
Statement s=null;
ResultSet rs=null;

Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
con=DriverManager.getConnection("Jdbc:Odbc:dB","","");
 s = con.createStatement( );

String sql = "SELECT Username,Password from Users";

s.executeQuery (sql);
rs = s.getResultSet();


while (rs.next())
{
 user_db=rs.getString("Username").toString();
 pass_db=rs.getString("Password").toString();

}
 if
 
 (user_db.equals(request.getParameter("sUserName"))&&
 pass_db.equals(request.getParameter("sPwd")))
       {
       
        out.println("User Authenticated");
       
       }

           else
              {

               out.println("You are not an authentic person");
               out.println("The value of username is:"+sUserName);
              }


rs.close();
s.close();
con.close();

 }

  catch(Exception e)
      {
 System.out.println("Exception is ;"+e);
      }


 %>

</body>
</html>

Open in new window


Thanks
0
ozzyfanta
Asked:
ozzyfanta
  • 4
  • 2
1 Solution
 
GkCommented:
You have misplaced the bracket.

while (rs.next())
{
 user_db=rs.getString("Username").toString();
 pass_db=rs.getString("Password").toString();

}!!!!!!!!!
 if()......


should be after the if condition!!!!
0
 
GkCommented:
<%@page import="java.sql.*"%>

<html>
<body bgcolor="pink">
<%
try
{

String user_db=new String("");
String pass_db=new String("");


Connection con=null;
Statement s=null;
ResultSet rs=null;

Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
con=DriverManager.getConnection("Jdbc:Odbc:dB","","");
 s = con.createStatement( );

String sql = "SELECT Username,Password from Users";

s.executeQuery (sql);
rs = s.getResultSet();


while (rs.next())
{
 user_db=rs.getString("Username").toString();
 pass_db=rs.getString("Password").toString();


 if
 
 (user_db.equals(request.getParameter("sUserName"))&&
 pass_db.equals(request.getParameter("sPwd")))
       {
       
        out.println("User Authenticated");
       
       }

           else
              {

               out.println("You are not an authentic person");
               out.println("The value of username is:"+sUserName);
              }
}//moved to here!!!!

rs.close();
s.close();
con.close();

 }

  catch(Exception e)
      {
 System.out.println("Exception is ;"+e);
      }


 %>

</body>
</html>
0
 
GkCommented:
Shall i suggest a better option to change your query to be
String sql = "SELECT Username,Password from Users";

sUserName = request.getParameter("sUserName");
sPwd = request.getParameter("sPwd");

sql+= "Where Username='"+sUserNam+"' And Password='""+sPwd+"'";

execute and check only whether the 'rs' is NULL or not!.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
ozzyfantaAuthor Commented:
I did all that...When i move the bracket where you are suggesting, the while loop is checking all the rows in the users tables and printing message like:  You are not an authentic person You are not an authentic person You are not an authentic person You are not an authentic person User Authenticated
You are not an authentic person  You are not an authentic person  You are not an authentic person  You are not an authentic person ...you can clearly see that user authenticated message appear but with all the wrong message. It is 9 messages because i have 9 usernames in my users table...

About GK suggestion, i will try it and get back to you...thanks

Guys, I have tried everything from 21h till 6h in the morning but ??????????????????
0
 
GkCommented:
One normal error is when adding the username with fixed size, some extra spaces comes at the end. this may make your comparison wrong. So you add a print also here.

while (rs.next())
{
 user_db=rs.getString("Username").toString();
 pass_db=rs.getString("Password").toString();
. . . . .

out.println("Comparing User: '"+user_db+"' and '"+request.getParameter("sUserName")+"'");
out.println("Comparing Pwd: '"+pass_db+"' and '"+request.getParameter("sPwd")+"'");
......
0
 
ozzyfantaAuthor Commented:
thanks
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now