Hey guys I have a weird problem , if I enter my correct credentials from my database I GET AN ERROR, if I enter the wrong credentials everything is okay.
Exception in thread "main" java.sql.SQLException: Column 'username' not found.
This error occurs when I enter the correct credentials
Also I have another problem, my passwords are encrypted with MD5 and I have no idea how to write that into my SELECT , tried this but without any success.
resultSet = statement.executeQuery("SELECT password FROM cards.username WHERE username = '" + username + "' && password = 'MD5(" + password + ")'");
So this is my class
public void readDataBase() throws Exception {
//Scanners
Scanner in = new Scanner(System.in);
System.out.print("Username: ");
String username = in.nextLine();
System.out.print("Password: ");
String password = in.nextLine();
System.out.println(" ");
//---------------------
String databaseUsername = "";
String databasePassword = "";
try {
// this will load the MySQL driver, each DB has its own driver
Class.forName("com.mysql.jdbc.Driver");
// setup the connection with the DB.
connect = DriverManager
.getConnection("jdbc:mysql://localhost/cards?"
+ "user=root&password=password");
// statements allow to issue SQL queries to the database
statement = connect.createStatement();
resultSet = statement.executeQuery("SELECT password FROM cards.username WHERE username = '" + username + "' && password = '" + password + "'");
//writeResultSet(resultSet);
while (resultSet.next()) {
databaseUsername = resultSet.getString("username");
databasePassword = resultSet.getString("password");
}
if (username.equals(databaseUsername) && password.equals(databasePassword))
System.out.println("Success !! ");
else
System.out.println(" Failure ");
//---
//--------------------------------------------------------------------------------------------------
// resultSet gets the result of the SQL query
// resultSet = statement.executeQuery("select * from FEEDBACK.COMMENTS");
//
// writeResultSet(resultSet);
//
// // preparedStatements can use variables and are more efficient
// preparedStatement = connect
// .prepareStatement("insert into FEEDBACK.COMMENTS values (default, ?, ?, ?, ? , ?, ?)");
// "myuser, webpage, datum, summary, COMMENTS from FEEDBACK.COMMENTS");
// parameters start with 1
// preparedStatement.setString(1, "Test");
// preparedStatement.setString(2, "TestEmail");
// preparedStatement.setString(3, "TestWebpage");
// preparedStatement.setDate(4, new java.sql.Date(2009, 12, 11));
// preparedStatement.setString(5, "TestSummary");
// preparedStatement.setString(6, "TestComment");
// preparedStatement.executeUpdate();
// preparedStatement = connect
// .prepareStatement("SELECT myuser, webpage, datum, summary, COMMENTS from FEEDBACK.COMMENTS");
// resultSet = preparedStatement.executeQuery();
// writeResultSet(resultSet);
//
// // remove again the insert comment
// preparedStatement = connect
// .prepareStatement("delete from FEEDBACK.COMMENTS where myuser= ? ; ");
// preparedStatement.setString(1, "Test");
// preparedStatement.executeUpdate();
//
// resultSet = statement
// .executeQuery("select * from FEEDBACK.COMMENTS");
// writeMetaData(resultSet);
//
//---------------------------------------------------------------------------------------------------------
} catch (Exception e) {
throw e;
} finally {
close();
}
}
And this is another class where I call this method
package mysqltryouts;
import java.util.Scanner;
import mysqltryouts.MySQLtryouts;
public class main {
public static void main(String[] args) throws Exception {
MySQLtryouts dao = new MySQLtryouts();
dao.readDataBase();
}
}
This is my simple DB with only 1 table :
I am kinda new with this mySQL and Java stuff, any help would be really appreciated
*EDIT #1 Fixed the main problem, but I still don't know how to make the MD5 thing, I mean when I enter my password in java, it gets itself crypted, I've used this method in VB.NET and tried an equivalent but with no success. :
Dim SqlQuery As String = "SELECT COUNT(*) From users1 WHERE username = @Username AND password = MD5(@Password); "
My java attempt:
resultSet = statement.executeQuery("SELECT * FROM cards.username WHERE username = '" + username + "' AND password = ('MD5(" + password + ")'");
my password field is varchar(10) and I just add MD5 when I manually add the data from phpmyadmin or from my app
While retrieving from the table too, apply MD5
on your password
input value to compare with database field value.
SQL statement :
select count(*) > 0 as match_found
from table_name
where username = ?
and password = md5( ? )
In JAVA :
Use PreparedStatement
for value binding with the statement.
PreparedStatement pst = con.prepareStatement( sqlQuery );
pst.setString( 1, userName );
pst.setString( 2, password );
ResultSet rs = pst.executeQuery();
boolean loginSuccess = false;
if( rs.next() ) {
loginSuccess = rs.getBoolean( "match_found" );
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.