Login / Registration Servlet with MySQL

Question

I am having issues getting my registration servlet to add rows to my mySQL table. That being said, the servlet CAN see if a user is already in my table, and will redirect accordingly (so I know my connection is there). I have also tested my query string, and it appears to be right. I am not sure what I am doing wrong, or how I can see exactly what messages my mySQL server is seeing / how it responds to the registration request.

Well, here is my code:

index.jsp

                    <div id="loginDiv">

                <form action="LoginHandler" method="post" id="1">
                Login Here! -->
                    Username: <input type="text" name="username" required="required"> </input>
                    Password: <input type="password" name="password" required="required"> </input>
                <input type="submit" value="Login"> </input> 
                </form>
                </div>

                <div id="registerDiv">
                <form action="RegistrationHandler" method="post" id="2">
                Register Here! -->
                    Username: <input type="text" name="username" required="required"> </input>
                    Password: <input type="password" name="password" required="required"> </input>
                <input type="submit" value="Register"> </input>
                </form>
                </div>

loginHandler.java :

public class RegistrationHandler extends HttpServlet {

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
        throws ServletException, IOException {
    response.setContentType("text/html;charset=UTF-8");
    PrintWriter out = response.getWriter();
    //get username & pass from jsp login
        String userName = request.getParameter("username");
        String passWord = request.getParameter("password");
    //pass username & pass to mysql query
    Connection conn = null;
    String url = "jdbc:mysql://localhost:8888/";
    String dataBase = "usersdb";
    String driver = "com.mysql.jdbc.Driver";
    String dBUserName = "admin";
    String dBPassword = "xxxx";
    RequestDispatcher rd = null;

    try{

        Class.forName(driver).newInstance();
        conn = (Connection) DriverManager.getConnection(url+dataBase,dBUserName,dBPassword);
        String strQuery = "select * from playerinfo where usrname='" + userName + "'" + ";" ;
        Statement st = (Statement) conn.createStatement();
        ResultSet rs = st.executeQuery(strQuery);

        if(rs.next())
        //username already exists
        {
        request.setAttribute("userName", userName);
        RequestDispatcher requestDispatcher = request
            .getRequestDispatcher("/registrationError.jsp");
        requestDispatcher.forward(request,response);
        }

        else
        //create new user in database
        {
        String createUserQuery = "insert into playerinfo values ('" + userName + "','" + passWord + "'," + 100 + "," + 100 + "," + 100 + "," + "NULL" + "," + "NULL" + ") ;" ;
        Statement create = (Statement) conn.createStatement();
        rs = st.executeQuery(createUserQuery);

        RequestDispatcher requestDispatcher = request
            .getRequestDispatcher("/userHome.jsp");
        requestDispatcher.forward(request,response);
        }
    //close connection
    rs.close();
    st.close();
    }
    catch (ClassNotFoundException | InstantiationException | IllegalAccessException | SQLException e){
    }
}

}

The rs.next() conditional function will work correctly ie if there is a user with a username already in my db, it will redirect to the error page correctly.

But, if they aren't in the table then it will not add them, or redirect to the proper page.

So I think I am improperly telling mySQL to add a new user to my table. Is this correct? If so, where did I go wrong?

THANK YOU!

EDIT :

These are the changes I have made to my servlet, but still no luck in getting it to work :(

public class RegistrationHandler extends HttpServlet {

@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response)
        throws ServletException, IOException {
    response.setContentType("text/html;charset=UTF-8");
    PrintWriter out = response.getWriter();
    //get username & pass from jsp login
        String userName = request.getParameter("username");
        String passWord = request.getParameter("password");
    //pass username & pass to mysql query
    Connection conn = null;
    Connection conn2 = null;
    String url = "jdbc:mysql://localhost:8888/";
    String dataBase = "usersdb";
    String driver = "com.mysql.jdbc.Driver";
    String dBUserName = "admin";
    String dBPassword = "xxxx";
    RequestDispatcher rd = null;

    try{

        Class.forName(driver).newInstance();
        conn = (Connection) DriverManager.getConnection(url+dataBase,dBUserName,dBPassword);
        String strQuery = "select * from playerinfo where usrname='" + userName + "'"  ;
        Statement st = (Statement) conn.createStatement();
        ResultSet rs = st.executeQuery(strQuery);

        if(rs.next())
        //username already exists
        {
        request.setAttribute("userName", userName);
        RequestDispatcher requestDispatcher = request
            .getRequestDispatcher("/registrationError.jsp");
        requestDispatcher.forward(request,response);
        }

        else
        //create new user in database
        {
        register(userName, passWord);

        RequestDispatcher requestDispatcher = request
            .getRequestDispatcher("/userHome.jsp");
        requestDispatcher.forward(request,response);
        }
    //close connection
    rs.close();
    st.close();
    }
    catch (ClassNotFoundException | InstantiationException | IllegalAccessException | SQLException e){
    }



        }
private static void register(String username, String password){
    Connection conn = null;
    String url = "jdbc:mysql://localhost:8888/";
    String dataBase = "usersdb";
    String driver = "com.mysql.jdbc.Driver";
    String dBUserName = "admin";
    String dBPassword = "xxxx";

    try{

        Class.forName(driver).newInstance();
        conn = (Connection) DriverManager.getConnection(url+dataBase,dBUserName,dBPassword);
        String strQuery = "insert into playerinfo values ('" + username + "','" + password + "'," + 100 + "," + 100 + "," + 100 + "," + "NULL" + "," + "NULL" + ") " ;
        Statement st = (Statement) conn.createStatement();
        st.executeQuery(strQuery);

    }
    catch(ClassNotFoundException | InstantiationException | IllegalAccessException | SQLException e){

    }
  }
}

Any hints or clues as to why I cannot successfully query mysql to add this new user to the table?

Answer 1

In the else block, where you actually want to add the user to the database, you are still calling the first statement. Not the one you newly created. This might be what's causing the problem.

That being said, you might also want to look at the Hibernate framework. It will let you get rid of doing all this stuff yourself and instead you can just code Java instead of actual SQL. Makes life a lot easier I found.