Registration Code with MD5

Question

SagarSe7en 0 Junior Poster in Training

11 Years Ago

Hello Friends.

It has been a long time since i posted my codes in the DaniWeb Forum.

I have a problem which is really preventing me from moving ahead in the Project.

My project requires me to develop a small quiz application with a registration functionality.

The registration functionality requires the password to be stored as MD5.

All Help Shall Be Highly Appreciated.

Thanking all the Expert Programmers of DaniWeb in Advance.

The code for the registration is as follows:

Add User Method in the DAO File

public void AddUser(String UserID , String FirstName , String MiddleName , String LastName , String Age , String MobileNumber , String EMail , String Username , String Password , String Course , String Role)
                throws ClassNotFoundException , SQLException
        {
            try
            {
                Statement SQLStatement = getDatabaseConnection();
                String SQLQuery = "INSERT INTO User(FirstName , MiddleName , LastName , Age , MobileNumber , EMail , Username , Password , Course , Role) VALUES ('" + FirstName + "' , '" + MiddleName + "' , '" + LastName +"' , '" + Age + "' , '" + MobileNumber +"' , '" + EMail +"' , '" + Username +"' , '" + Password +"' , '" + Course +"' , '" + Role +"')";
                SQLStatement.executeUpdate(SQLQuery);
                DestroySQLConnection();
            }

            catch (ClassNotFoundException cnfe)
            {
                System.out.println(cnfe);
                throw cnfe;
            }

            catch (SQLException SQLE)
            {
                System.out.println(SQLE);
                throw SQLE;
            }
        }

Add User Servlet which calls the method

package Librarian;

import DataAccessObject.DAO;
import DataAccessObject.OshwalDAO;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.SQLException;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 *
 * @author Sagu Wesker
 */
public class PotentialUserInsert extends HttpServlet {

    /** 
     * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        PrintWriter out = response.getWriter();
        try {

            RequestDispatcher rd = request.getRequestDispatcher("Relay");

            OshwalDAO Dao = DAO.getDAOInterface();

            Dao.AddUser(

                    request.getParameter(""), 

                    request.getParameter("FirstName"), 

                    request.getParameter("MiddleName"), 

                    request.getParameter("LastName"), 

                    request.getParameter("Age"), 

                    request.getParameter("MobileNumber"), 

                    request.getParameter("EMail"), 

                    request.getParameter("Username"), 

                    request.getParameter("Password"), 

                    request.getParameter("Course"), 

                    request.getParameter("Role"));

            HttpSession session = request.getSession();

            String FirstName = request.getParameter("FirstName");

            session.setAttribute("FirstName", FirstName);

            out.println("<html>");

            out.println("<head>");

            out.println("<link rel = 'stylesheet' href='SiteCSS/style.css' type='text/css' />");

            out.println("<title>" + FirstName + " Is Now Part Of The System</title>");

            out.println("</head>");

            out.println("<h3 class='RelayProjectionStyle'>The Record For "+FirstName+" Has Been Inserted Into The Database</h3>");

            out.println("<h3 class='RelayProjectionStyle'>Click <a href='AdminMenu.jsp'>Here<a> To Return To Admin Menu</h3>");

            out.println("</html>");

        }            
        catch (ClassNotFoundException cnfe)
        {
            System.out.println(cnfe);
        }

        catch (SQLException SQLE)
        {

         System.out.println(SQLE);
        }
        finally {                  
         out.close();
        }

                   }

    }

jsp

2 Contributors
6 Replies
2K Views
1 Week Discussion Span
Latest Post 11 Years Ago Latest Post by SagarSe7en

All 6 Replies

peter_budo 2,532 Code tags enforcer

11 Years Ago

Welcome back
Disapointed to see that you are still using old ways (query string as add on of content instead of PreparedStatement, generating HTML inside servlet)

Hashing password simple

private String hashPassword(String password) {
  String hashword = null;
  try {
    MessageDigest md5 = MessageDigest.getInstance("MD5");
    md5.update(password.getBytes());
    BigInteger hash = new BigInteger(1, md5.digest());
    hashword = hash.toString(16);

  } catch (NoSuchAlgorithmException nsae) {
    //Log exception}
  return hashword;
}

PS: I'm not doing web development any more, moved to Android world so I may not be so helpful in future...

Edited 11 Years Ago by peter_budo

peter_budo 2,532 Code tags enforcer

11 Years Ago

How can you have hashed password in database if you inserting with sql query plain text you got from user? (See end of the query)

String SQLQuery = "INSERT INTO Users(FirstName , MiddleName , LastName , Age , MobileNumber , Gender , City , EMail , Username , Password) VALUES ('" + FirstName + "' , '" + MiddleName + "' , '" + LastName + "' , '" + Age +"' , '" + MobileNumber + "' , '" + Gender +"' , '" + City + "' , '" + EMail + "' , '" + Username + "' , '" + Password + "')";

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

SagarSe7en 0 Junior Poster in Training · Answer 1 · 2012-07-21T15:37:01+00:00

Hy Peter Thanks for reply....

Getting an error message called Message Digest Not Available.

Any Ideas what it means?

SagarSe7en 0 Junior Poster in Training · Answer 2 · 2012-07-21T20:04:33+00:00

Hello Everyone... Have made great progress in the code...

But it does not hash the password in the database dont know why. Posting the code so that i may get some expert help on where i am going wrong.

Thanking you in advance

public void AddUser(String UserID , String FirstName , String MiddleName , String LastName , String Age , String MobileNumber , String Gender , String City , String EMail , String Username , String Password , String HashWord)
            throws ClassNotFoundException , SQLException , NoSuchAlgorithmException
    {
        try
        {
            MessageDigest md5 = MessageDigest.getInstance("MD5");

            md5.update(Password.getBytes());

            BigInteger Hash = new BigInteger(1 , md5.digest());

            HashWord = Hash.toString(16);

            Statement myStatement = ConnectToDatabase();

            String SQLQuery = "INSERT INTO Users(FirstName , MiddleName , LastName , Age , MobileNumber , Gender , City , EMail , Username , Password) VALUES ('" + FirstName + "' , '" + MiddleName + "' , '" + LastName + "' , '" + Age +"' , '" + MobileNumber + "' , '" + Gender +"' , '" + City + "' , '" + EMail + "' , '" + Username + "' , '" + Password + "')";

            myStatement.executeUpdate(SQLQuery);


        }

        catch (ClassNotFoundException CNFE)
        {
            System.out.println(CNFE);

            throw CNFE;
        }

        catch (SQLException SQLE)
        {
            System.out.println(SQLE);

            throw SQLE;
        }

        catch (NoSuchAlgorithmException NSAE)
        {
            System.out.println(NSAE);

            throw NSAE;
        }

Registration Servlet

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package Users;

import DataAccessObject.DAO;
import DataAccessObject.DAO_Interface;
import java.io.IOException;
import java.io.PrintWriter;
import java.security.NoSuchAlgorithmException;
import java.sql.SQLException;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 *
 * @author SaguWesker
 */
public class Registration extends HttpServlet {

    /** 
     * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)

            throws ServletException, IOException {

        response.setContentType("text/html;charset=UTF-8");

        PrintWriter out = response.getWriter();

        try 

        {
            RequestDispatcher rd = request.getRequestDispatcher("Relay");

            DAO_Interface Dao = DAO.getDAOInterface();

            Dao.AddUser

                    (

                    request.getParameter(""),

                    request.getParameter("FirstName"), 

                    request.getParameter("MiddleName"), 

                    request.getParameter("LastName"), 

                    request.getParameter("Age"), 

                    request.getParameter("MobileNumber"), 

                    request.getParameter("Gender"), 

                    request.getParameter("City"), 

                    request.getParameter("EMail"), 

                    request.getParameter("Username"), 

                    request.getParameter("Password"), 

                    request.getParameter(""));

            HttpSession Session = request.getSession();

            String FirstName = request.getParameter("FirstName");

            Session.setAttribute("FirstName", FirstName);
        }

        catch (ClassNotFoundException CNFE)
        {
            System.out.println(CNFE);
        }

        catch (SQLException SQLE)
        {
            System.out.println(SQLE);
        }

        catch (NoSuchAlgorithmException NSAE)
        {
            System.out.println(NSAE);
        }

        finally 

        {            
            out.close();
        }
    }

    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /** 
     * Handles the HTTP <code>GET</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Handles the HTTP <code>POST</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Returns a short description of the servlet.
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>
}

SagarSe7en 0 Junior Poster in Training · Answer 3 · 2012-07-22T18:07:40+00:00

Hy peter thank u for the reply. I gt the trick and have finally stored the password as Md5 in the database. I am posting the final result. Also want to thank u for sparing ur quality time to help me in learning something new in jsp. The code works and the login code also accepts the hashword as the password and logs in successfully. Thank u peter. The code is in the next reply :-)

SagarSe7en 0 Junior Poster in Training · Answer 4 · 2012-07-22T18:46:25+00:00

Registration Method

public void AddUser(String UserID , String FirstName , String MiddleName , String LastName , String Age , String MobileNumber , String Gender , String City , String EMail , String Username , String Password , String HashWord)
            throws ClassNotFoundException , SQLException , NoSuchAlgorithmException
    {
        try
        {
            MessageDigest md5 = MessageDigest.getInstance("MD5");

            md5.update(Password.getBytes());

            BigInteger Hash = new BigInteger(1 , md5.digest());

            HashWord = Hash.toString(16);

            Statement myStatement = ConnectToDatabase();

            String SQLQuery = "INSERT INTO Users(FirstName , MiddleName , LastName , Age , MobileNumber , Gender , City , EMail , Username , HashWord) VALUES ('" + FirstName + "' , '" + MiddleName + "' , '" + LastName + "' , '" + Age +"' , '" + MobileNumber + "' , '" + Gender +"' , '" + City + "' , '" + EMail + "' , '" + Username + "' , '" + HashWord + "')";

            myStatement.executeUpdate(SQLQuery);


        }

        catch (ClassNotFoundException CNFE)
        {
            System.out.println(CNFE);

            throw CNFE;
        }

        catch (SQLException SQLE)
        {
            System.out.println(SQLE);

            throw SQLE;
        }

        catch (NoSuchAlgorithmException NSAE)
        {
            System.out.println(NSAE);

            throw NSAE;
        }


    }

Registration Servlet

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package Users;

import DataAccessObject.DAO;
import DataAccessObject.DAO_Interface;
import java.io.IOException;
import java.io.PrintWriter;
import java.security.NoSuchAlgorithmException;
import java.sql.SQLException;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 *
 * @author SaguWesker
 */
public class Registration extends HttpServlet {

    /** 
     * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)

            throws ServletException, IOException {

        response.setContentType("text/html;charset=UTF-8");

        PrintWriter out = response.getWriter();

        try 

        {
            RequestDispatcher rd = request.getRequestDispatcher("Relay");

            DAO_Interface Dao = DAO.getDAOInterface();

            Dao.AddUser

                    (

                    request.getParameter(""),

                    request.getParameter("FirstName"), 

                    request.getParameter("MiddleName"), 

                    request.getParameter("LastName"), 

                    request.getParameter("Age"), 

                    request.getParameter("MobileNumber"), 

                    request.getParameter("Gender"), 

                    request.getParameter("City"), 

                    request.getParameter("EMail"), 

                    request.getParameter("Username"), 

                    request.getParameter("HashWord"), 

                    request.getParameter(""));

            HttpSession Session = request.getSession();

            String FirstName = request.getParameter("FirstName");

            Session.setAttribute("FirstName", FirstName);
        }

        catch (ClassNotFoundException CNFE)
        {
            System.out.println(CNFE);
        }

        catch (SQLException SQLE)
        {
            System.out.println(SQLE);
        }

        catch (NoSuchAlgorithmException NSAE)
        {
            System.out.println(NSAE);
        }

        finally 

        {            
            out.close();
        }
    }

    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /** 
     * Handles the HTTP <code>GET</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Handles the HTTP <code>POST</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Returns a short description of the servlet.
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>
}

Registration Code with MD5

Recommended Answers Collapse Answers

All 6 Replies

Recommended Answers