my dog learned polymorphism*
The moose likes JSP and the fly likes Problem in Login page Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "Problem in Login page" Watch "Problem in Login page" New topic
Author

Problem in Login page

Kunal Lakhani
Ranch Hand

Joined: Jun 05, 2010
Posts: 622



I have a login page, which directs to Verification.jsp

Login.jsp



EveryThing in Login.jsp and verification.jsp is working fine.

I am having a STAFF table, which contains data of JOURNALIST & REPORTER. So, to differentiate their ID, i have a column STYPE, which contains 'R' for Reporter, and 'J' for journalist.


So, when Reporters logs in, i need 'R' to be generated, so that i can provide STYPE in my Query.

How to do this.?
If i place An attribute 'Id' in radio buttons in Login.jsp, how can i get this Id when the radio button is selected??


Verification.jsp



I Should not include Java code in jsp, But this is just a rough project. After this, i will be converting this project as per MVC architecture


kunal
Jeanne Boyarsky
internet detective
Marshal

Joined: May 26, 2003
Posts: 30123
    
150

Moving to our JSP forum since this isn't a database question.


[Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Blogging on Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, OCAJP, OCPJP beta, TOGAF part 1 and part 2
Jeanne Boyarsky
internet detective
Marshal

Joined: May 26, 2003
Posts: 30123
    
150

Kunal Lakhani wrote:If i place An attribute 'Id' in radio buttons in Login.jsp, how can i get this Id when the radio button is selected??

You get the value of the selected radio button when you call request.getParameter(). Did this not work?

Also when you convert to the real project, be sure to use PreparedStatements and binding variables to prevent SQL Injection. Right now someone can delete the contents of the whole database table or login without a proper password.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60782
    
  65

Also, move the Java code out of a JSP and into a Java class where it belongs. Using a JSP as a stand-in for a Java class is the epitome of poor design and bad practices.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Stefan Evans
Bartender

Joined: Jul 06, 2005
Posts: 1016
request.getParameter("r1") obviously won't work directly, because the value of r1 being submitted is "Staff", for both Journalist and Reporter.
It seems that this parameter is being used to figure out which table to query. That whole building up the query with string concatenation leaves you wide open for SQL injection attack as has been mentioned.
You need to change your radio button values so that you can distinguish between them.

Maybe something like the following:



But then of course you won't be able to use the value of r1 for the table name any more.....
So maybe a mapping between these values, and what the table/column values for it are?
 
jQuery in Action, 2nd edition
 
subject: Problem in Login page
 
Similar Threads
Setting session to true and then invalidating
Unable to compile class for JSP
Error displaying parameter
How this code can be improved?
how to control redirect of j_servlet_check