堆栈内存溢出
  简体   繁体   English

Java仪表板登录错误

[英]Java dashboard login error

 原文  2016-12-11 08:31:07       java

问题描述

I have been doing the java project. 我一直在做Java项目。 I am faced with the trouble in dashboard login code. 我在仪表板登录代码中遇到了麻烦。 I have the login code as belows. 我的登录代码如下。 

String fieldtxtname=txtusername.getText();
String fieldtxtpw=txtpassword.getText();
String fieldtxtutype=txttypeof.getText();
try{

    Connection cnn=DriverManager.getConnection("jdbc:mysql://localhost/student","root","");
    Statement stm=cnn.createStatement();

    String sqlQuery="select username,password,typeof from tbl_user";

    ResultSet rs=stm.executeQuery(sqlQuery);

      while(rs.next()){
        String unamedb=rs.getString("username");
        String pworddb=rs.getString("password");
        String tofdb=rs.getString("typeof");
         if(fieldtxtname.equals ("")||fieldtxtpw.equals ("")||fieldtxtutype.equals ("")){
            System.out.println("The fields arenot filled properly");
            }
          else if(fieldtxtname.equals(unamedb)&&fieldtxtpw.equals(pworddb)&&fieldtxtutype.equals(tofdb)){
            System.out.println("Access granted");
            }
         else
            {
            System.out.println("Unknown username"); 
            }


      } 

}
catch(SQLException ex){
    System.out.println(ex);
}

The code works fine except that when the access in granted,it prints as 该代码工作正常,除了在授予访问权限时,它显示为 

 Access granted
    Unknown username
    Unknown username
    Unknown username
    Unknown username

Similar is the case when the fields are empty ie they print five timesvlike belows. 当字段为空时(即,它们打印5次以下vlike),情况类似。 

The fields arenot filled properly
The fields arenot filled properly
The fields arenot filled properly
The fields arenot filled properly
The fields arenot filled properly

.I am not figuring out the cause of the problem.Please help and I would like to thank a lot in advance. 我没有找出问题的原因。请提供帮助,在此先多谢。

4 个解决方案

解决方案1
 0  2016-12-11 08:41:26

Why you don't add your three parameter (fieldtxtname,fieldtxtpw,fieldtxtutype) to your query in where clause as bind variables! 为什么不在where子句中将三个参数(fieldtxtname,fieldtxtpw,fieldtxtutype)添加为查询中的绑定变量! 

 String fieldtxtname=txtusername.getText();
    String fieldtxtpw=txtpassword.getText();
    String fieldtxtutype=txttypeof.getText();
    if(fieldtxtname.equals ("")||fieldtxtpw.equals ("")||fieldtxtutype.equals ("")){
        System.out.println("The fields arenot filled properly");
        return;
    }

    try{

        Connection cnn= DriverManager.getConnection("jdbc:mysql://localhost/student","root","");

        PreparedStatement pstm = cnn.prepareStatement("select username,password,typeof from tbl_user where username= ? and password= ? and typeof  = ?");
        pstm.setString(1, fieldtxtname);
        pstm.setString(2, fieldtxtpw);
        pstm.setString(3, fieldtxtutype);

        ResultSet rs=pstm.executeQuery();

        while(rs.next()){
            System.out.println("Access granted");
            return;
        }

        System.out.println("Access not granted");

    }
    catch(SQLException ex){
        System.out.println(ex);
    }

解决方案2
 0 已采纳  2016-12-11 09:53:15

Adding comments to the current code implementation that you've posted and how you can overcome printing multiple times on the output. 向已发布的当前代码实现添加注释,以及如何克服输出上的多次打印。 

ResultSet rs=stm.executeQuery(sqlQuery); // this is returning 5 elements

while(rs.next()) {
    String unamedb=rs.getString("username");
    String pworddb=rs.getString("password");
    String tofdb=rs.getString("typeof");
    if(fieldtxtname.equals ("")||fieldtxtpw.equals ("")||fieldtxtutype.equals ("")){
        System.out.println("The fields are not filled properly.");
        break;
// you might want to break the loop if the fields are empty in db
    } else if(fieldtxtname.equals(unamedb)&&fieldtxtpw.equals(pworddb)&&fieldtxtutype.equals(tofdb)) {
        System.out.println("Access granted");
        break;
// you might want to break the loop once the username, passwrod is found for access to be granted
    } else {
        System.out.println("Unknown username"); // just to display information
    }
}

PS - Ideally for a unique combination of username and password I would expect it to return just 1 element. PS-理想的用户名和密码的唯一组合,我希望它只返回1个元素。

Edit - For using PreparedStatement to solve the above without using the loop, do look at the answer from @Arvind 编辑-对于使用PreparedStatement而不使用循环来解决上述问题,请查看@Arvind答案

解决方案3
 0  

You must perform validation before authentication , ie before you connect to db check if all mandatory fields are filled by user. 您必须在身份 验证之前执行验证 ,即在连接到db之前,检查是否所有必填字段都由用户填写。 

String fieldtxtname=txtusername.getText();
String fieldtxtpw=txtpassword.getText();
String fieldtxtutype=txttypeof.getText();
//validation
if(fieldtxtname.isEmpty()||fieldtxtpw.isEmpty()||fieldtxtutype.isEmpty()){
  System.err.println("All fields are mandatory !");
}else{
  //authentication
  try{
    Connection cnn=DriverManager.getConnection("jdbc:mysql://localhost/student","root","");

    //just get one row based user input, why to get same column values, when user is gonna give same input?
    String sqlQuery="select 1 from tbl_user where username=? and password=? and typeof=?";

    // Prefer `PreparedStatement` over `Statement`, when you have runtime values for sql queries, this for avoiding SQL injection
    PreparedStatement ps = cnn.prepareStatement(sqlQuery);
    ps.setString(1,fieldtxtname);
    ps.setString(2,fieldtxtpw);
    ps.setString(3,fieldtxtutype);
    ResultSet rs=ps.executeQuery();

    if(rs.next()){//no need of loop
        System.out.println("Access Granted ...");
    }else{
        System.err.println("Access Denied !");
    }

    rs.close();
    ps.close();
    cnn.close();
  }catch(SQLException e){
    e.printStackTrace(System.err);
  }
}

解决方案4
 -1  2016-12-11 08:42:50

You need to use where condition in your query. 您需要在查询中使用where条件。 It will help you to execute your query fast compared to your's, ie without where condition. 与您的查询相比,它将帮助您快速执行查询,即没有条件。 

String fieldtxtname=txtusername.getText();
String fieldtxtpw=txtpassword.getText();
String fieldtxtutype=txttypeof.getText();
    if(fieldtxtname.equals ("")||fieldtxtpw.equals ("")||fieldtxtutype.equals ("")){
        System.out.println("The fields are not filled properly");
    }else{
    try{
        Connection cnn=DriverManager.getConnection("jdbc:mysql://localhost/student","root","");
        Statement stm=cnn.createStatement();
        String sqlQuery="select username,password,typeof from tbl_user where username="+fieldtxtname+",password="+fieldtxtpw+",typeof="+fieldtxtutype;
        ResultSet rs=stm.executeQuery(sqlQuery);
        boolean flag=true;
        while(rs.next()){
            flag=false;
            System.out.println("Access granted");
        } 
        if(flag){
            System.out.println("Unknown username"); 
        }
    }
    catch(SQLException ex){
        System.out.println(ex);
    }
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 仪表板登录屏幕JAVA GUI - Dashboard Login screen JAVA GUI 使用Java登录程序出现错误 - Login program with java with error Java登录错误 - Java login error 登录JAVA时出错 - Error login JAVA Java JDBC swing登录表单错误 - Java JDBC swing login form error 获取java登录servlet的异常错误 - Getting exception error for java login servlet Java Android HTTP POST登录错误 - Java Android HTTP POST login error Java登录错误,无法解析为变量 - Java Login Error, can not be resolved to variable Java smack 4.0.3库Facebook登录错误 - java smack 4.0.3 library facebook login error Java中的hotmail登录错误(IDE:Netbeans) - hotmail login error in java (IDE: Netbeans)
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM