File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes JSP and the fly likes user validation page Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "user validation page" Watch "user validation page" New topic
Author

user validation page

Harshal Gurav
Ranch Hand

Joined: May 29, 2008
Posts: 151
Hi , I am trying to develop Login page. In validateuser.jsp page i am comparing the two input parameter received from my index.jsp page with data in my user table with column emailed and password respectively.
Validateuser.jsp page runs with giving sel exception like:
javax.servlet.ServletException: com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: Unknown column 'description' in 'field list' Unable to connect to database.here is an index.jsp page
<blockquote>code:
<pre name="code" class="core">
<html>
<head>
<title>IGIDR</title>
<link REL="stylesheet" TYPE="text/css" HREF="/igidr/web/Styles.css">
</head>
<body>
<table width="100%" cellspacing="0" cellpadding="0" border="0">
<tr>
<td width="100%" valign="top">
<table width="100%" cellspacing="0" cellpadding="0" border="1" borderColor=#000066>
<tr>
<td width="80%"> 




<form name="abc" action="validateuser.jsp" method="POST">


<table width="40%" border="1" cellspacing="0" cellpadding="3" align="center" borderColor="#000066">
<tr>
<td colspan="3" align="center" class="StripColor">
<font class="FontGeneralBoldWhite">Log In</font>
</td>
</tr>
<tr class="CellColor">
<td>User Name </td>
<td class="CellColor" width="1%">
:
</td>
<td class="CellColor">
<input type="text" name="userid" size="25" value="">
</td>
</tr>
<tr class="CellColor">
<td> Password * </td>
<td class="CellColor" width="1%">
:
</td>
<td class="CellColor">
<input type="password" name="pass" size="25" value="">
</td>
</tr>
<tr class="CellColor">
<td class="CellColor" colspan="3" align="center">
<input type="submit" name="tn1" value="Submit" >
   
<input type="reset" name="tn2" value="Reset">
</td>
</tr>
</table>
</form>






</td>
</tr></table>
</td></tr>
</table>
</body>
</html>
</pre>
</blockquote>
and here is an validatruser.jsp
<blockquote>code:
<pre name="code" class="core">
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<%@ page language ="java" %>
<%@ page import="java.sql.*, javax.sql.*, javax.naming.*,java.io.*,java.util.*" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>STUDENT</title>
</head>
<body>
<%
String userid=request.getParameter("userid");
String password=request.getParameter("pass");

try {

Connection connection = null;
Statement st = null;
ResultSet rs = null;
Class.forName("com.mysql.jdbc.Driver");
connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/mynewdatabase","root", "root123");
st=connection.createStatement();



rs=st.executeQuery("select userid from user where emailid='"+userid+"' and password='"+password+"'");
out.println("Valid=="+rs);
rs.next();
String UserID = rs.getString("userid");
rs.close();
if (UserID==null )
{
out.println("Invalid User");

%>

<jsp:forward page="/AccessDenied.jsp" />

<%
}
else
{
out.println("Valid User");
}
%>
<jsp:forward page="/main.jsp" />
<%

rs.close();
st.close();
connection.close();
} catch (Exception ex) {
out.println(ex.getMessage());

%>
<%
out.println("Unable to connect to database.");
}
%>

</body>
</html>

</pre>
</blockquote>
Any suggestion is highly appreciated
Thanks and Regards
Harshal
winay Kumar
Ranch Hand

Joined: Aug 13, 2007
Posts: 34
Hi Harshal,

Sql query systax is wrong.
Do you have any field with name userid in your user table?
if you have only two columns emailed and password then query should be like this
rs=st.executeQuery("select emailid from user where emailid='"+userid+"' and password='"+password+"'"); or rs=st.executeQuery("select emailid as userid from user where emailid='"+userid+"' and password='"+password+"'");


Winay Kumar<br />SCJP 5.0
Harshal Gurav
Ranch Hand

Joined: May 29, 2008
Posts: 151
Thank for your post.
I have the column userid in the table. so when user type username and password then jsp page check whether such password have any userid or not.
if userid is null then such user is not authorised user.It now showing the error like :Illegal operation on empty result set.
Here is an updated code:
<blockquote>code:
<pre name="code" class="core">
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<%@ page language ="java" %>
<%@ page import="java.sql.*, javax.sql.*, javax.naming.*,java.io.*,java.util.*" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>STUDENT</title>
</head>
<body>
<%
String userid=request.getParameter("userid");
String password=request.getParameter("pass");
out.println("userid="+userid);
try {

Connection connection = null;
Statement st = null;
ResultSet rs = null;
Class.forName("com.mysql.jdbc.Driver");
connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/mynewdatabase","root", "root123");
st=connection.createStatement();



rs=st.executeQuery("select userid from user where emailid='"+userid+"' and password='"+password+"'");
out.println("Valid=="+rs);
rs.next();
String UserID = rs.getString("userid");
rs.close();
if (UserID==null )
{
out.println("Invalid User");

%>

<jsp:forward page="/AccessDenied.jsp" />

<%
}
else
{
out.println("Valid User");
}
%>
<jsp:forward page="/main.jsp" />
<%


st.close();
connection.close();
} catch (Exception ex) {
out.println(ex.getMessage());

%>
<%
out.println("Unable to connect to database.");
}
%>

</body>
</html>
</pre>
</blockquote>
Any suggestion
Thanks and Regards
Harshal
[ July 16, 2008: Message edited by: Harshal Gurav ]
Sagar Rohankar
Ranch Hand

Joined: Feb 19, 2008
Posts: 2902
    
    1

The problem is in this code :

<blockquote>code:
<pre name="code" class="core"> rs=st.executeQuery("select userid from user where emailid='"+userid+"' and password='"+password+"'");
out.println("Valid=="+rs);
rs.next();
String UserID = rs.getString("userid");
rs.close();
</pre>
</blockquote>

when there are no user id and password matches in any of the DB entries , it returns the empty result set, and on this empty result set you are trying to access the row, by using rs.getXXX(),

so better idea ll be :

<blockquote>code:
<pre name="code" class="core"> rs=st.executeQuery("select userid from user where emailid='"+userid+"' and password='"+password+"'");
out.println("Valid=="+rs);
if(rs.next()) // check , is there any row fetched !!
{
String UserID = rs.getString("userid");
}
else
{
show("Invalid User /Password JSP page");
}
rs.close();
</pre>
</blockquote>

Hope this help !


[LEARNING bLOG] | [Freelance Web Designer] | [and "Rohan" is part of my surname]
Harshal Gurav
Ranch Hand

Joined: May 29, 2008
Posts: 151
Thanks for your post.
I had try as you suggested code but it showing many error.
can you post me an related code.
Here is an code:
<blockquote>code:
<pre name="code" class="core">
%@page contentType="text/html" pageEncoding="UTF-8"%>
<%@ page language ="java" %>
<%@ page import="java.sql.*, javax.sql.*, javax.naming.*,java.io.*,java.util.*" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>JSP Page</title>
</head>
<body>
<%
String userid=request.getParameter("userid");
String password=request.getParameter("pass");

try {

Connection connection = null;
Statement st = null;
ResultSet rs = null;
Class.forName("com.mysql.jdbc.Driver");
connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/mynewdatabase","root", "root123");
st=connection.createStatement();



rs=st.executeQuery("select userid from user where emailid='"+userid+"' and password='"+password+"'");
out.println("Valid=="+rs);
if(rs.next())
{
String UserID = rs.getString("userid");
out.println("Valid user="+UserID);
%>
<jsp:forward page="/main.jsp" />

<%
}
else
{
out.println("Invalid user");

%>
<jsp:forward page="/AccessDenied.jsp" />
}
rs.close();
} catch (Exception ex) {
out.println(ex.getMessage());


<%
out.println("Unable to connect to database.");
}
%>

</body>
</html>
</pre>
</blockquote>

Thanks and regards
Harshal
Sagar Rohankar
Ranch Hand

Joined: Feb 19, 2008
Posts: 2902
    
    1

I dont know whats the eorror you are getting and wher ?

But the error may be because of this :

<blockquote>code:
<pre name="code" class="core"> <%
}
else
{
out.println("Invalid user");

%>
<jsp:forward page="/AccessDenied.jsp" />
}
rs.close(); // close this stmt with <% %>
} catch (Exception ex) {
out.println(ex.getMessage());


<%
out.println("Unable to connect to database.");
}
%>
</pre>
</blockquote>

close scriptlet properly !!
Harshal Gurav
Ranch Hand

Joined: May 29, 2008
Posts: 151
Hi ROhan,
The error is at:
<blockquote>code:
<pre name="code" class="core">
<%
String userid=request.getParameter("userid");
String password=request.getParameter("pass");

try {

Connection connection = null;
</pre>
</blockquote>
showing as try without catch or finally.
Thanks and Regards
Harshal
Sagar Rohankar
Ranch Hand

Joined: Feb 19, 2008
Posts: 2902
    
    1

replace you existing code with this one :

<blockquote>code:
<pre name="code" class="core"> %@page contentType="text/html" pageEncoding="UTF-8"%>
<%@ page language ="java" %>
<%@ page import="java.sql.*, javax.sql.*, javax.naming.*,java.io.*,java.util.*" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>JSP Page</title>
</head>
<body>
<%
String userid = request.getParameter("userid");
String password = request.getParameter("pass");

try
{

Connection connection = null;
Statement st = null;
ResultSet rs = null;
Class.forName("com.mysql.jdbc.Driver");
connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/mynewdatabase", "root", "root123");
st = connection.createStatement();



rs = st.executeQuery("select userid from user where emailid='" + userid + "' and password='" + password + "'");
out.println("Valid==" + rs);
if (rs.next())
{
String UserID = rs.getString("userid");
out.println("Valid user=" + UserID);
%>
<jsp:forward page="/main.jsp" />

<%
} else
{
out.println("Invalid user");

%>
<jsp:forward page="/AccessDenied.jsp" />
<%
}
rs.close();
} catch (Exception ex)
{
out.println(ex.getMessage());



out.println("Unable to connect to database.");
}
%>

</body>
</html>
</pre>
</blockquote>

Try this out !
Harshal Gurav
Ranch Hand

Joined: May 29, 2008
Posts: 151
Hi Rohan,
as per you suggested code the page works fine for the unauthorised user but for the authorised user(user who has name in table) it gives me an exception as:
javax.servlet.ServletException: com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: Unknown column 'description' in 'field list' Unable to connect to database.
In my table user i have four column :userid,groupid,emailid and password.
Waiting for your sugeestion.
Thanks and Regards
Harshal
Rajkumar balakrishnan
Ranch Hand

Joined: May 29, 2008
Posts: 445

Do post your table structure too.... And please try to learn JDBC concepts... We felt frustrated by telling this to you for a number of times... Then i think the problem relies with your database only..


Never try to be a hard-worker. Be a smart-worker.
My Blog
Harshal Gurav
Ranch Hand

Joined: May 29, 2008
Posts: 151
Hi Rajkumar,
Here is an my table structure of table name :user

table column are:
[*]userid
[*]emailid [*]password [*]groupid
I am really sorry but i am learning jdbc as you told me
Thanks and Regards
Harshal
Sagar Rohankar
Ranch Hand

Joined: Feb 19, 2008
Posts: 2902
    
    1

Originally posted by Harshal Gurav:
Hi Rohan,
as per you suggested code the page works fine for the unauthorised user but for the authorised user(user who has name in table) it gives me an exception as:
javax.servlet.ServletException: com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: Unknown column 'description' in 'field list' Unable to connect to database.


Firstly, the exception is not coming from this page , I guess , because,
of this :

javax.servlet.ServletException: com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: Unknown column 'description' in 'field list' Unable to connect to database.


As per us DB schema , you do not have any column named 'description'.

So search other pages/servlets , which are directly , indirectly related to your validation page , search it in your project ..

And , my name is Sagar,
Rohan , part of my surname
Matteo Di Furia
Ranch Hand

Joined: Jun 20, 2008
Posts: 102
What is there in /main.jsp ? It seems you're getting an error while executing the block in the IF statement (I assume you got no problem connecting to the DB, since you said the code is working correctly for the unauthorized users).
Only lines in the IF block are

<blockquote>code:
<pre name="code" class="core">
String UserID = rs.getString("userid");
out.println("Valid user=" + UserID);
</pre>
</blockquote>

which seems to cause no error, and then the forward to /main.jsp
Maybe the error is right there ("description" field does not appear in this page).

Try to post /main.jsp content too ?

P.S. The design of this page is kinda the worst I've seen from ages, I hope for your sake you'll adjust things after you get them to work somehow.
[ July 17, 2008: Message edited by: Matteo Di Furia ]
Harshal Gurav
Ranch Hand

Joined: May 29, 2008
Posts: 151
Hi Sagar and matteo,
Thanks for your co-operation.
The error is in my main.jsp page and now i eliminated it.
Sagar,thanks for your patience.
Regards
Harshal
Sagar Rohankar
Ranch Hand

Joined: Feb 19, 2008
Posts: 2902
    
    1

Hi Harsahl ,

Pl note what Matteo suggest you,

P.S. The design of this page is kinda the worst I've seen from ages, I hope for your sake you'll adjust things after you get them to work somehow.


The java code in JSP , is considered as a bad thing, Its view part of any web apps, and let the java code far from that. Use JSP to show results and for taking inputs . The same DB coding and validation you can perform in Servlet , and that`s the real use of them!

Lastly, Burn MVC structure in your mind ! :thumb:
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: user validation page
 
Similar Threads
Validate() method of ActionForm
Problem with syntax?
stylesheet effect are not showing in jsp page
inserting data to a table
Sending Email from jsp page