[英]How to handle if a sql query finds nothing? Using resultset in java
我在这个网站上找到了这个问题的一些答案,但是无法正确应用它。 我正在尝试获取用户输入的用户名和密码,并根据数据库检查它是否正确。 除非输入的用户名不在数据库中,否则一切正常。 在这种情况下,查询找不到任何行。 我在netbeans中用德比做这个。 因此,我认为我在查找使用未知用户名发送查询时遇到问题。 有什么建议么?
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.*;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@WebServlet(name = "MyServlet", urlPatterns ={"/echo"})
public class LoginAction extends HttpServlet {
private ResultSet resultSet;
private Connection con;
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html; charset=UTF-8");
PrintWriter out = response.getWriter();
try {
out.println("<!DOCTYPE html>");
out.println("<html><head>");
out.println("<meta http-equiv='Content-Type' content='text/html; charset=UTF-8'>");
String userName = request.getParameter("username");
String password = request.getParameter("password");
if (userName.length()>0 & password.length()>0){
try{
String url = "jdbc:derby:c:/users/project/.netbeans-derby/";
String db = "loginpass";
String driver = "org.apache.derby.jdbc.EmbeddedDriver";
String user = "user";
String pass = "pass";
Class.forName(driver).newInstance();
con = DriverManager.getConnection(url+db, user, pass);
String statement = "SELECT PASSWORD FROM LOGINPASS WHERE LOGIN = '"+userName+"'";
PreparedStatement prepStatement = con.prepareStatement(statement);
resultSet = prepStatement.executeQuery();
while (resultSet.next()){
if (resultSet.getString("password").equals(password)){
out.println("Login attempt successful!");
out.println("<br><a href='index.jsp'>Back to Login Page</a>");
} else {
out.println("Password incorrect");
out.println("<br><a href='index.jsp'>Back to Login Page</a>");
}
}
con.close();
}catch(Exception e){
out.println("caught...");
e.printStackTrace();
}
} else {
out.println("Login attempt failed");
out.println("<a href='index.jsp'>Back to Login Page</a>");
}
} finally {
out.close();
}
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doGet(request, response);
}
正如您所期望的只有一行,您可以写道:
if (resultSet.next()) {
if (resultSet.getString("password").equals(password)){
out.println("Login attempt successful!");
out.println("<br><a href='index.jsp'>Back to Login Page</a>");
} else {
out.println("Password incorrect");
out.println("<br><a href='index.jsp'>Back to Login Page</a>");
}
} else {
out.println("User doesn't exist");
out.println("<br><a href='index.jsp'>Back to Login Page</a>");
}
并且你最好使用参数来避免sql注入:
String statement = "SELECT PASSWORD FROM LOGINPASS WHERE LOGIN = ?";
PreparedStatement prepStatement = con.prepareStatement(statement);
prepStatement.setString(1, userName);
resultSet = prepStatement.executeQuery();
您可以从ResultSet
对象本身检查它。 ResultSet#isBeforeFirst() :
检索游标是否在此ResultSet对象的第一行之前。
注意:对于结果集类型为TYPE_FORWARD_ONLY的ResultSet,支持isBeforeFirst方法是可选的
返回:
如果光标在第一行之前,则为true;否则为false。 如果光标位于任何其他位置或结果集不包含任何行,则返回false。
if (!resultSet.isBeforeFirst()) {
out.println("no rows fetched");
out.println("User with this password not found");
out.println("<br><a href='index.jsp'>Back to Login Page</a>");
}
在While(resultSet.next())之前,键入if(resultSet!= null)。如果查询没有结果,则resultSet将为null。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.