Java-如何检查MySQL表中是否已经存在用户名

Question

I want to check whether a username already exists in a database table or not.

Java Code:

if (e.getSource() == jButton2)
{
  U = jTextField1.getText();
  if (jTextField1.getText().trim().equals(""))
  {
    JOptionPane.showMessageDialog(this, "Please Write Username !");
  } 
  else if (jPasswordField1.getText().equals(""))
  {
    JOptionPane.showMessageDialog(this, "Please Write Password !");
  } 
  else
  {
    try {
      String Driver = "com.mysql.jdbc.Driver"; 
      String URL = "jdbc:mysql://localhost:3306/LoginForm"; 
      Class.forName(Driver); 
      Connection Conn = DriverManager.getConnection(URL, "root", "12345");
      Statement S = Conn.createStatement();
      ResultSet RS = S.executeQuery(
          "SELECT * FROM login where username ='" + U + 
          "' and Password ='" + jPasswordField1.getText() + "'");

      while (RS.next()) {
        String Username = RS.getString("Username");
        String Password = RS.getString("Password");
        String Admin = RS.getString("Admin");

        if (Username.equals(U) & Password.equals(jPasswordField1.getText()) &
          Admin.equals("0")) 
        {

          JOptionPane.showMessageDialog(this, "Logged In Successfully !");
          this.dispose();
          NormalUsers NU = new NormalUsers();
          break;

        } 
        else if (Username.equals(U) & 
          Password.equals(jPasswordField1.getText()) & Admin.equals("1"))
        {

          JOptionPane.showMessageDialog(this, 
            "Logged In Successfully , Opening Administration Panel !");

          this.dispose();
          AdminPanel AP = new AdminPanel();
          break;
        }
        else 
        {
          JOptionPane.showMessageDialog(this, "Invalid Username Or Password!");
        }
      }
    } 
    catch (SQLException | ClassNotFoundException ex)
    {
    }
  }
}

The problem is that:

• If there are no rows in the database , then there is no an error message: Invalid Username or Password .
• When I execute the SQL query manually: SELECT * From Login I see the row exists there, but since I filter on password , it doesn't get into the while loop .

How should I use java to check if a username exists in a MySQL table?

Answer 1

For this query type specially, you don't need to loop through the ResultSet.

You're trying to find one determined record. You will not have two records with the same username/password (I'm assuming the primary key of login table is the username), so just a if(rs.next()) it's enough. If it exists, validate to check if it's an admin.

Besides, in the query you're already implying that the record must have the specified username and password, no need to test for it once the result set is returned.

Just test for the user type, if it's admin, display the accordingly message, else, do the proper.

If the rs.next() is not met, then the user doesn't exist, so in the else block, you can display the error message about the user not being found or being invalid.

Answer 2

The thing you need to work on is MySQL query. I think a query with the WHERE clause is what you are looking for.

Also you might want to put that code in a separate class to prevent cooking some spaghetti code .

The link below is an answer that is related to php language, but what you need to look is the MYSQL query and the logic: Check If Username Exists

Try something like this:

public String login(String uname, String password) throws Exception{

    String status=null;
    ConnectionHandler handler=new ConnectionHandler(); //class for connection
    Connection con=handler.createConnection();
    Statement stmt=con.createStatement();
    String query="select * from loginTable where username=" +
      "\""+uname+"\""+";";  //get username

    ResultSet rs=stmt.executeQuery(query); 
    String checkUser=rs.getString(1);
    String checkPass=rs.getString(2);
    if(checkUser.equals(uname) && checkPass.equals(password)){
        status="True";
    }
    else{
        status="False";
    }
    con.close();
    return status;
}

Using this status string I determine if the username validates or not. Have the SQL do the heavy lifting (as it was designed to do) instead of coding it yourself with java.

Answer 3

You could do a SELECT COUNT(*) AS total FROM login where username ... Then resultSet.getInt("total") . If the total is greater than 0 that user already exists. I would also use a PreparedStatement as it is less vulnerable to sql injection attacks. Take a look at this https://www.owasp.org/index.php/Preventing_SQL_Injection_in_Java . Example of sql count ...

ResultSet RS = S.executeQuery("SELECT COUNT(*) AS total FROM login where username ='" + U + "' and Password ='" + jPasswordField1.getText() + "'");
        while (RS.next()) {
            if( RS.getInt("total") > 0 ) {
                // user already exists
            } else {
                // user does not exist
            }
        }

Answer 4

Assuming only one row is returned you can replace the while loop with an if statement. You also don't need to check the username and password after the query has been executed as this is handled by the where clause. So your query could be modified to:

PreparedStatement prest = Conn.prepareStatement("SELECT Admin FROM login WHERE username = ? and Password = ?");
prest.setString(1, U);
prest.setString(2, jPasswordField1.getText());

and then process it using an if statement:

if (rs.next()) {
  //Process user level (Normal or admin)
} else {
  //Incorrect login details
}

Answer 5

我是Java的新手，但我认为您应该检查jPasswordField ，如果它是JTextBox没问题，但是如果它是JPasswordField则getText()返回byte[]而不是string，您需要将byte[]转换为string第一。