This week's book giveaways are in the Refactoring and Agile forums.
We're giving away four copies each of Re-engineering Legacy Software and Docker in Action and have the authors on-line!
See this thread and this one for details.
Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

small problem with query

 
gayathri reddy
Greenhorn
Posts: 17
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I wrote one html file and one servlet and login table.when the user enters the username and password and press submit button it will call CheckLogin servlet.I wrote this servlet to check the username/password.but it is giving me sql exception.could any one correcr my error.
import java.io.*;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.sql.*;
public class CheckLogin extends HttpServlet {
public void doPost(HttpServletRequest req,HttpServletResponse res)
throws IOException, ServletException
{
Connection con;
Statement stmt;
String url="jdbc dbc rajava";
res.setContentType("Text/Html");
PrintWriter out=res.getWriter();
try
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver").newInstance();
out.println("Registered the driver");
}
catch(java.lang.ClassNotFoundException e)
{
out.println("Class not found exception:");
out.println(e.getMessage());
}
catch(Exception e)
{
out.println("Exception:");
out.println(e.getMessage());
}
try
{
con=DriverManager.getConnection(url,"SYSTEM","MANAGER");
out.println("<br> Connection succes");
if(con!=null)
{
stmt=con.createStatement();
String s=req.getParameter("username");
String s1=req.getParameter("password");
stmt.executeQuery("SELECT * FROM login where username ='"+ req.getParameter("username")+"' and password='"+req.getParameter("password")+"'");
System.out.println(s + " Welcome to our site ");

}
out.println("<br> Success Login/password");
}
catch(SQLException e)
{
out.println("SQL Exception occured in query");
}
}

}
 
Saran Vel
Ranch Hand
Posts: 111
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
Try with excuting the query, which u get form the servlet code, directly with db..
Make sure u r getting not null values for the variables under where condition ..
Then u can figure out u'r problem easily..
Saran
 
gayathri reddy
Greenhorn
Posts: 17
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi saran,
when i check in the database it id working.but not in the servlet.could u check my ' and ".May be i did mistake in this.
thanks
-greddy
 
maha anna
Ranch Hand
Posts: 1467
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Gayathri,
I think you may have to add a backslash before ' to include this ' in your SQL statement itself. Give it a try. Here is a sample code which I use. I use StringBuffer for performance.
Finally you write stmt.executeQuery(sqlBuff.toString());
regds
maha anna
 
Saran Vel
Ranch Hand
Posts: 111
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Gayathri,
Now i got it...
In your query..
("SELECT * FROM login where username =' " + req.getParameter( " username")+"' and password='"+req.getParameter("password")+"'");
Check the qoutes.. the one started near username=' ends before the next username, (bolded ones) where it should not be..
If u display the string got from u'r query , u can find this error..
Change u'r query like this..
("SELECT * FROM login where username ='"+ s +"' and password='"+ s1 +"'");
Where u have stored the values for s and s1 already..
Hope now u will get it..
Saran
------------------
Saran
Sun Certified Java2 Programmer
[This message has been edited by Saran Vel (edited April 18, 2001).]
 
gayathri reddy
Greenhorn
Posts: 17
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi saran,maha
thanks for your help.Now i got it.its working.Thing is i did mistake in ' and " .
thanks,
-greddy
 
Andrew Shafer
Ranch Hand
Posts: 338
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

I was wondering why you stored the values in s, s1 and then didn't use them in the query.
I get to see alot of SQL errors (hallelujiah) and the first thing I do is change the stmt.executeQuery(query) into out.println(query) or <%=query%> so I can get some idea what I'm trying to feed to the DB.
Usually this will shed light on the situation. (Although there was the one time when I had put stmt.executeQuery("query")-notice the quotes, cause I didn't, for a long and very frustrating time -and couldn't for the life of me see anything wrong with my <%=query%> )
One thing I know for sure, you do not need to escape ' to use it in strings (at least not it Java).
I'm not sure your problem is the query.
The way your try/catch block is set up, you get the same error if you have a problem connecting to the DB or if the query has problems. (Even though the way it is written it "says" it is a problem with the query.) I suspect you may have a problem establishing the connection. Try rewritting the connection and query in seperate try/catch blocks and you will know for sure.
Also even though you are writing a servlet, your question is really about JDBC. That might be a better forum to get the best answer.
You gotta love the JavaRanch
 
maha anna
Ranch Hand
Posts: 1467
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Andrew,
Yes. You are right. I am not sure from where this idea got into my mind that I should escape the single quote.
May be from here!
(Java Language Spec)
http://java.sun.com/docs/books/jls/second_edition/html/lexical.doc.html#101089
Because I used to dig into JLS for everything when started with Java years back. So somehow I got the idea of escaping single,double and backslashes with a backslash.

regds
maha anna
[This message has been edited by maha anna (edited April 18, 2001).]
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic