is there a any validation API in java

this is a small registration aplication

this is the index.jsp file

this is a servlet

package voter.servlet;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class WelcomeProcessor extends GenericProcessors {
	
       
   
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		this.doGet(request, response);
	}

protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		
		/*if(!isUserPresent(request)){
			response.sendRedirect("error.jsp");
		}
		*/
		PrintWriter out=response.getWriter();
		out.println("DOPOST");
		
		String action=request.getParameter("action");
		
		out.println("DOPOST "+action);
		
		if(action.equals("New")){
			
			String name=request.getParameter("name");
			String age=request.getParameter("age");
			String city=request.getParameter("city");
			String course=request.getParameter("course");
			String username=request.getParameter("username");
			String password=request.getParameter("password");
			
			dbHandler.addStudent(name, age, city, course, username, password);
		}
	}

}

this is a database connector

package voter.db;

import java.sql.*;

public class DbHandler {
	
	Connection connection;

public DbHandler() {
		establishConnection();
	}

private void establishConnection(){
		try {
			
			Class.forName("com.mysql.jdbc.Driver");
			connection = DriverManager.getConnection(
					"jdbc:mysql://localhost:3306/form", "root","");
			
		} catch (ClassNotFoundException e) {			
			e.printStackTrace();
		} catch (SQLException e) {			
			e.printStackTrace();
		}
		
	}
	
	public void addStudent(String name,String age,String city,String course,String username,String password){
		
		try {
			
			PreparedStatement prepare=connection.prepareStatement("Insert Into " +
							"Student Values(?,?,?,?,?,?)");
			
			prepare.setString(1, name);
			prepare.setString(2, age);
			prepare.setString(3, city);
			prepare.setString(4, course);
			prepare.setString(5, username);
			prepare.setString(6, password);
			
			prepare.executeUpdate();
			prepare.close();
			
		} catch (SQLException e) {
			
			e.printStackTrace();
		}
		
	}
}

this is a abstract class

package voter.servlet;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import voter.db.DbHandler;
import voter.util.Constants;

public abstract class  GenericProcessors extends HttpServlet {
	
	
	protected DbHandler dbHandler=null;; 
	
	public void init(){
		
		Object dbHandlerObject=getServletContext().getAttribute(Constants.DB_HANDLER_ATTRIB_NAME);
		if(dbHandlerObject==null){
			dbHandlerObject=new DbHandler();
			getServletContext().setAttribute(Constants.DB_HANDLER_ATTRIB_NAME, dbHandlerObject);
		}
		this.dbHandler=(DbHandler)dbHandlerObject;
		
	}
  
	protected boolean isUserPresent(HttpServletRequest request){		
		return(request.getSession().getAttribute(Constants.AUTH_USAER_ATTRIB_NAME)!=null);		
	}
	
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		
	}

protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		
	}

}

my question is how to validate the user inputs
As a example how guarantee that name doesn't include any numbers.....age only include numbers?
is there a any validation API in java?

You can validate it in Java, of course, but as it's a Server side language you will have to send the info to the server, validate it in Java and then send to the browser the appropiate data (registration succeed or not succeed or whatever). Fos simple validations you can use javascript, before submitting validate that the age is a number and is not !@rt, for example.

i am not familior with javascript.can you give me the good link for javascript validation?

http://tinyurl.com/yccuk45

;)

Be aware that JavaScript validation on the client is not a suitable replacement for validation on the server. Your data must always be validated on the server regardless of whether you perform client-side validation or not.

As this is primarily a query regarding validation libraries, I've moved it to the Open Source Projects forum.

now i edit the code.

this is the index.jsp

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
    pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>

<body>
<form action="welcome" method="post">
<table align="left">
 <tr><td>Name<input type="text" name="name"></td></tr>
 <tr><td>Age<input type="text" name="age"></td></tr>
 <tr><td>City<input type="text" name="city"></td></tr>
 <tr><td>Course<input type="text" name="course"></td></tr>
<tr><td>username<input type="text" name="username"></td></tr>
<tr><td>password<input type="text" name="password"></td></tr>
<tr><td><input type="submit" name="action" value="New" width=50/></td></tr> 
</table>
</form>

<form action="welcome" method="post">
<table align="right">
<tr><td>username<input type="text" name="username"></td></tr>
<tr><td>password<input type="text" name="password"></td></tr>
<tr><td><input type="submit" name="action" value="Old" width=50/></td></tr> 
</table>
</form>

</body>
</html>

this is the abstract class

package voter.servlet;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import voter.db.DbHandler;
import voter.util.Constants;

public abstract class  GenericProcessors extends HttpServlet {
	
	
	protected DbHandler dbHandler=null;; 
	
	public void init(){
		
		Object dbHandlerObject=getServletContext().getAttribute(Constants.DB_HANDLER_ATTRIB_NAME);
		if(dbHandlerObject==null){
			dbHandlerObject=new DbHandler();
			getServletContext().setAttribute(Constants.DB_HANDLER_ATTRIB_NAME, dbHandlerObject);
		}
		this.dbHandler=(DbHandler)dbHandlerObject;
		
	}
  
	protected boolean isUserPresent(HttpServletRequest request){		
		return(request.getSession().getAttribute(Constants.AUTH_USAER_ATTRIB_NAME)!=null);		
	}
	
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		
	}

protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		
	}

}

this si the welcome class

package voter.servlet;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class WelcomeProcessor extends GenericProcessors {
	
       
   
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		this.doGet(request, response);
	}

protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		
		/*if(!isUserPresent(request)){
			response.sendRedirect("error.jsp");
		}
		*/
		PrintWriter out=response.getWriter();
		out.println("DOPOST");
		
		String action=request.getParameter("action");
		
		
		
		if(action.equals("New")){
			out.println("NEWWWWWWWW "+action);
			String name=request.getParameter("name");
			String age=request.getParameter("age");
			String city=request.getParameter("city");
			String course=request.getParameter("course");
			String username=request.getParameter("username");
			String password=request.getParameter("password");
			
			dbHandler.addStudent(name, age, city, course, username, password);
		}
		else if(action.equals("Old")){
			
			out.println("OLDDDDDDD "+action);
			
			String username=request.getParameter("username");
			String password=request.getParameter("password");
			
			boolean checkStudent=dbHandler.checklogin(username, password);
			if(checkStudent){
				out.println("User authenticated");
			}
			else{
				out.println("User not aothenticated");
			}
		}
	}

}

this is the database class

package voter.db;

import java.sql.*;

public class DbHandler {
	
	Connection connection;

public DbHandler() {
		establishConnection();
	}

private void establishConnection(){
		try {
			
			Class.forName("com.mysql.jdbc.Driver");
			connection = DriverManager.getConnection(
					"jdbc:mysql://localhost:3306/form", "root","");
			
		} catch (ClassNotFoundException e) {			
			e.printStackTrace();
		} catch (SQLException e) {			
			e.printStackTrace();
		}
		
	}
	
	public void addStudent(String name,String age,String city,String course,String username,String password){
		
		try {
			
			PreparedStatement prepare=connection.prepareStatement("Insert Into " +
							"Student Values(?,?,?,?,?,?)");
			
			prepare.setString(1, name);
			prepare.setString(2, age);
			prepare.setString(3, city);
			prepare.setString(4, course);
			prepare.setString(5, username);
			prepare.setString(6, password);
			
			prepare.executeUpdate();
			prepare.close();
			
		} catch (SQLException e) {
			
			e.printStackTrace();
		}
		
	}
	
	public boolean checklogin(String username,String password){
		
		boolean login=false;
		
		try {
			Statement statement=connection.createStatement();
			ResultSet result=statement.executeQuery("SELECT * FROM student WHERE username=" + "'" + username + "'");
			//ResultSet rs2 = statement.executeQuery("SELECT * FROM voter_details WHERE NID="	+ "'" + nic + "'");							
			
			while(result.next()){
				
				String pass=result.getString("password");
				if(pass.equals(password)){
					login=true;
					break;
				}
				
			}
			
		} catch (SQLException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		
		return login;
	}
}

Now there is a way to authentication machanism.
now i need these ones
1)how avoid sql injection when login?
2)good encription for password and how to save encripted data in mysql ??
3) is there any other ways to improve the quality of this code?

just create a method private boolean validate(String element) and check that your String doesn't contain any strange character...

1) Be sure to use prepared statements.

2) Hash the password using an MD5 or SHA hash. Store the hashed variant. Hash incoming passwords and compare hashes.

can we write this method using prepared statement?

That's a better question for the JDBC forum.

ok.i will post it.

I have problem on server side validation.
user type his username and password on browser.
so if i use server on encription to password the password hacker can get the password between client machine and server.because client machine to server password goes a normal text.
is it true?

That's why you use SSL.

how can i use SSL in this example?

Setting up SSL on your server has nothing to do with your code. Time to do some research.

ok
i found tutorial.But it says "Create a certificate keystore by executing the following command:"

%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA

i copy this command and past the comand line and run.Error.
how to execute this command.

this is the reference what i try to use?
http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html

If you have questions about errors you're getting, then it would be extremely helpful to know what those errors are. Post them in full, along with detailed information what you're doing.

first i go to the
C:\Program Files\Java\jdk1.6.0\bin using command line .
then i type this on cmd.
keytool -genkey -alias tomcat -keyalg RSA

then it ask the password.I give the password and i give changeit as mentioned in site.
then it ask re type password and i give changeit again.
then it ask "What is your first and last name " ,"What is the name of your organizational unit",What is the name of your organization?................i think it never ends?

anarkali perera wrote:i think it never ends?

So you haven't actually tried completing that process and gave up?

anarkali perera wrote:i think it never ends?

It has an end for sure. It's no funny game.

it is ok.
i uncomment the 8443 also.Now is it ok.How should i check now it support ssl?

<-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->

i did configuration.Is it need to do some thing to index.jsp to active ssl?

...

Try accessing it using HTTPS?