aspose file tools*
The moose likes JSP and the fly likes Please Help me Ranchers Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "Please Help me Ranchers" Watch "Please Help me Ranchers" New topic
Author

Please Help me Ranchers

Anuragk kushwaha
Ranch Hand

Joined: Aug 02, 2006
Posts: 51
Hi All;

i am doing a small web application using jsp and sqlserver 2000 using type 4 microsoft jdbc driver.my code includes..


1. a simple "Login.jsp" with fields userid and email

<HTML>
<BODY bgcolor=gray>
<center>
<table>
<FORM METHOD=GET ACTION="LoginValidate.jsp">

<tr>
<td>UserId</td><td> <INPUT TYPE=TEXT NAME=username SIZE=20></td>
</tr>
<tr>
<td>E mail</td><td><INPUT TYPE=TEXT NAME=email SIZE=20></td>
</tr>
<tr>
<td><P><center><INPUT TYPE=SUBMIT value= "Click Me"></center>
</td>
</tr>

</FORM>
</table>
</center>
</BODY>
</HTML>



2. "LoginValidate.jsp" collecting data from "Login.jsp" print, putting them in session object and including another jsp "FromDb.jsp"

<html>
<body bgcolor= coffee>
<center>
<b>Form se</b>
<br>
<br>

<%
String username=request.getParameter("username");
session.setAttribute( "sessuser", username);

String email=request.getParameter("email");
session.setAttribute( "sessmail", email );
%>
welcome
<br>
<br>
<br>
<table>
<tr><td>You are Mr----</td><td> <font color="navy"><%= username %></font></td>
</tr>


<tr>
<td>And Your E-mail id is----</td><td><U><font color=green><%= email %></font></u></td>
</table>
<br>
<br>
<br>
<br>
<br>
<jsp:include page="FromDb.jsp" />
</center>
</body>
</html>



3 "FromDb.jsp" here connecting to the databse and verify the userid and email as entered through Login.jsp in while(rs.next()) loop

<html>
<head><b>Database se</b></head>
<br><br>
<body>
<%@ page import="java.sql.*;" %>
<%
String uid="";
String mailid="";
String pwd="";
String UName="";
boolean b=false;

Class.forName("com.microsoft.jdbc.sqlserver.SQLServerDriver");
Connection conn=DriverManager.getConnection("jdbc:microsoft:sqlserver://localhost;DatabaseName=vendor","sa","sa");
Statement stmt=conn.createStatement();
String squery="select * from test1";
ResultSet rs=stmt.executeQuery(squery);
%>

<% while(rs.next())
{
uid=rs.getString("UserId");
mailid=rs.getString("email");
pwd=rs.getString("pass");
UName=rs.getString("UserName");



if(session.getAttribute( "sessuser").equals(uid) && session.getAttribute( "sessmail").equals(mailid))

{ %>

WELCOME Mr.<%= UName %>

<br>
And Your password is<br><br><font color=red> "<%= pwd %>"</font>


<% b=true; break; } } %>


<% if(b==false) { %>

<br>
<br>Sorry!!!<br><br>
You are not a Registered User.
<a href="register.jsp">Please Register</a>


<% } %>

</body>
</html>

<br>
<br>
<br>
<table>
<tr><td>You are Mr----</td><td> <font color="navy"><%= username %></font></td>
</tr>
<tr>
<td>And Your E-mail id is----</td><td><U><font color=green><%= email %> </font></u></td>
</table>
<br>
<br>
<br>
<br>
<br>
<jsp:include page="FromDb.jsp" />
</center>
</body>
</html>






...and the problem with the first if statement

if(session.getAttribute( "sessuser").equals(uid) && session.getAttribute( "sessmail").equals(mailid))

not executed and control always reaches to 2nd if statement but this code works fine with MS-access databse..Please let me know where i am wrong..as you people always help me...please reply soon.i am learning java myself here is no one for help..ony ranchaers or sdn
[ September 12, 2006: Message edited by: Bear Bibeault ]
Anuragk kushwaha
Ranch Hand

Joined: Aug 02, 2006
Posts: 51
hi all;

reply, i am waiting
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

It doesn't look like that piece of code is doing wah t you want it to do. I would change the query to load the username, then use if(rs.next()) rather than while(rs.next())

that is, load a specific record and then look to see whther that record was found and act accordingly.

You get better results on the JavaRanch is you use meaningful subjects, please the link on how to ask questions on the JavaRanch.

regards,
Dave.
Anuragk kushwaha
Ranch Hand

Joined: Aug 02, 2006
Posts: 51
i am not getting you, if i uses if(rs.next()) then i will step through the whole resultset
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

If you use "select * from test1 where userid=?" you will either get a result or you won't. If you get a result then you can check the rest of the user credentials, if you don't get a result then they are not registered.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61766
    
  67

Please read this.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Rusty Smythe
Ranch Hand

Joined: Aug 09, 2006
Posts: 93

Here is a major red flag that jumped out at me:



I would caution you to never do this, because your code will likely break the moment you change your database, AND it will be very hard to debug (which order were those fields in, again?) when something is not working.

Instead, specify your fields:



Some suggestions for your consideration:
1) Name your Primary Key as "id". Longer names become tedious when dealing with relationships (e.g., "WHERE foo.user_id = bar.payment_received_late_id AND abba.band_performer_id = venue.confirm_scheduled_bands_id" versus "WHERE foo.id = bar.id AND abba.id = venue.id").

2) Keep your field names all lowercase. Use underscore ("_") for word boundaries: user_name, personal_email, primary_job_title, etc. Some systems don't care about case, so changing to upper case for the field names is an extra step you'll have to remember (and believe me, you will forget it at least once).

3) Always alias your table and use it in the field list. This is a good habit to get into that will prevent problems later, especially when joining tables. (e.g., "SELECT f.id, b.first_name, a.income, ve.locaiton FROM fooboo f, barboo b, abba a, venue ve ..." )
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Please Help me Ranchers