0

hi, does anyone know how to do login validation using java...here is my code,bt i cant validate if the username and pw typed are the user in the database.

(The java code that i wrote)

public int Login(Friend fr) throws EventException
	{
		Connection con = null;
		System.out.println("Database connection succeeded");
		String sql = "SELECT * from CUSTOMER WHERE userName =? and password =?";
		PreparedStatement ps = null;
		
		try {
			con = getConnection();
			ps = con.prepareStatement(sql);
			ps.setString(1, fr.getUsername());
			ps.setString(2, fr.getPassword());
			System.out.println("at select statement");
						ps.executeUpdate();
			
		} catch (SQLException e) {
			throw new EventException(e.getMessage());
		}
		finally {
			try {
				if (ps   != null) ps.close();
				if (con  != null) con.close();
			} catch (SQLException e) {}
		}
		return 1;
	}

(The java servlet to link to the java class)

package sg.edu.nyp.fyp;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Servlet implementation class AddUserServlet
 */
public class LoginServlet extends HttpServlet {
	private static final long serialVersionUID = 1L;
       


	protected void processRequest(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
		  
		  	Friend fr = new Friend();
		  	fr.setUsername(request.getParameter("username"));
		  	fr.setPassword(request.getParameter("password"));
		  
			PrintWriter out=response.getWriter();
			
			
			System.out.println("servlet loaded");
			//Get the EmployeeManager object
			EventBL ebl = EventBL.getInstance();
			//Save the newly created EmployeeManager object
			try {
			ebl.Login(fr);
			out.print(" User Sucessfully Found");
			}
			catch(EventException ex) {
				//Handles errors
				out.print("error");	
				return;
			}			 
	  }
			
	  // <editor-fold default state="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
	    /**
	     * Handles the HTTP <code>GET</code> method.
	     * @param request servlet request
	     * @param response servlet response
	     * @throws ServletException if a servlet-specific error occurs
	     * @throws IOException if an I/O error occurs
	     */
	    protected void doGet(HttpServletRequest request, HttpServletResponse response)
	            throws ServletException, IOException {
	        processRequest(request, response);
	    }

	    /**
	     * Handles the HTTP <code>POST</code> method.
	     * @param request servlet request
	     * @param response servlet response
	     * @throws ServletException if a servlet-specific error occurs
	     * @throws IOException if an I/O error occurs
	     */
	    protected void doPost(HttpServletRequest request, HttpServletResponse response)
	            throws ServletException, IOException {
	        processRequest(request, response);
	    }

	    /**
	     * Returns a short description of the servlet.
	     * @return a String containing servlet description
	     */
	    public String getServletInfo() {
	        return "Short description";
	    }// </editor-fold>
	}

can anyone help me check which part did i do wrongly? thanks!!!

2
Contributors
1
Reply
2
Views
8 Years
Discussion Span
Last Post by javaAddict
0

First of all don't do an: ps.executeUpdate() .
You don't update anything to the database, you do a select. So use the method that returns a ResultSet:

ResultSet rs = ps.executeQuery();
if (rs.next) {
  // user found
} else {
  // invalid credentials
}

Don't forget to close the 'rs' at the finally as well.

Also I don't see you creating your Connection:

public int Login(Friend fr) throws EventException
	{
		[B]Connection con = null;[/B]
		System.out.println("Database connection succeeded");

Also at the servlet the method "Login" returns an int. So you need to store that in a variable and with an if statement check if the user has given the correct username nad password

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.