[英]Servlet login with prepared statement
I try to find out, where is Error in my Code below: 我尝试找出以下代码中的错误在哪里:
public void service(HttpServletRequest request, HttpServletResponse response){
try{
user1 = request.getParameter("nameLog");
pass1 = request.getParameter("passLog");
String userid = null;
String passdb = null;
String query = "select user, pass from login where `user` = ? and `pass`=?";
PreparedStatement pst = conn.prepareStatement(query);
ResultSet rs = pst.executeQuery();
pst.setString(1, user1);
pst.setString(2, pass1);
while(rs.next()){
userid = rs.getString("user1");
passdb = rs.getString("pass1");
pst.executeQuery();
}
if(userid.equals(user1)&& passdb.equals(pass1)){
response.sendRedirect("/WebContent/login/Main.html");
}
}catch(Exception ex){
ex.printStackTrace();
}
}
I try to log in to my application (db Column names are user
and pass
) but i get an Error: 我尝试登录到我的应用程序(数据库列名称为
user
和pass
),但出现错误:
java.sql.SQLException: No value specified for parameter 1
in this row 在这一行
ResultSet rs = pst.executeQuery();
How can I get rid of this error and log into my Page? 如何摆脱此错误并登录到我的页面?
Thanks 谢谢
Order matters! 订单很重要! You need to pass the parameters before you call
executeQuery
, like so: 您需要在调用
executeQuery
之前传递参数,如下所示:
PreparedStatement pst = conn.prepareStatement(query);
pst.setString(1, user1);
pst.setString(2, pass1);
ResultSet rs = pst.executeQuery();
You are executing the query before setting the values. 您正在执行查询,然后再设置值。 It should be:
它应该是:
PreparedStatement pst = conn.prepareStatement(query);
pst.setString(1, user1);
pst.setString(2, pass1);
ResultSet rs = pst.executeQuery();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.