I am building a online community as my 4th year college project.

I am using Apache Tomcat as my server, and MySQL as my database server and JDBC as my database connection.

I am able to send the data entered in my registration form( in HTML) to MySQL using a JSP page called "Sign".

My database is called "project", and the table is called "form" containing "loginid" and "password" fields.

But the problem i am having is that i am not being able to validate the user i.e to see that the user account is there in my database or not!

But in my code only the first condition is being executed(i.e the "if" part only in the HTML section), please i would be very thankful if anyone helps me in modifying the code.


the code is:


<%@ page import="java.util.*" %>

<%@ page import="java.sql.*" %>
<%
String connectionURL = "jdbc:mysql://localhost:3306/project?user=root&password=fedora";
Connection connection = null;
Statement statement = null;
ResultSet rs = null;

String username = request.getParameter("loginid")!=null?request.getParameter("loginid"):"";
String pwrd = request.getParameter("password")!=null?request.getParameter("password"):"";
String redirect = "";
%>

<%Class.forName("com.mysql.jdbc.Driver").newInstance();

String loginid = "";
String password = "";
int count = 0;
try
{
connection = DriverManager.getConnection(connectionURL, "root", "fedora");
statement = connection.createStatement();
rs = statement.executeQuery("SELECT * FROM useraccounts WHERE loginid = '" + username + "' and password = '" + pwrd + "'");

while (rs.next()) {
loginid = rs.getString("username");
password = rs.getString("pwrd");
count++;
}
connection.close();
} catch (Exception ex)
{
ex.printStackTrace();
} finally
{
}


%>

<html>
<head>

<title> joencom </TITLE>
</head>
<body>
<%
if(!pwrd.equals(password)){
%>
<% out.println("1.You entered a wrong password! Please "); %>
<a href="Welcome2008.jsp">log-in again!</a>

<%} else if((username.equalsIgnoreCase(loginid)) && (pwrd.equalsIgnoreCase(password) && count>0)){%>
<jsp:forward page="profile.jsp"/>
<%}else if ((username.equals("")) || (pwrd.equals(""))){%>
<% out.println("Please input the required fields "); %>
<a href="Welcome2008.jsp">log-in again!</a>
<% }else if (!username.equals(loginid)){ %>
<% out.println("2.You have entered a wrong username! Please "); %>
<a href="Welcome2008.jsp">log-in again!</a>
<% } else{%>
<% out.println("Invalid user!"); %>
<a href="Welcome2008.jsp">log-in again!</a>
<% }%>



</body>
</html>

 

<hrml>
<body bgcolor="#CCFFFF">
<%@ page language="java" import="java.sql.*" %>
<%


Connection connection = null;
ResultSet rs = null;
Statement statement = null;


String loginid = request.getParameter("loginid");
String password = request.getParameter("password");


int flag=0;
PreparedStatement stat;

try{
Class.forName("com.mysql.jdbc.Driver");
connection =
DriverManager.getConnection( "jdbc:mysql://localhost/project" , "root", "fedora" );
stat= connection.prepareStatement("select * FROM form ");


stat.setString(1,loginid);
rs=stat.executeQuery();
if(rs.next())
{
flag=1;
%>
<Script language = "Javascript">
alert("loginid doesnot exist");
location.href="Welcome2008.jsp";
</script>
<%
}
if(flag==0)
{
stat= connection.prepareStatement("select * from form values where loginid =? and password =?");


stat.setString(1,loginid);
stat.setString(2,password);

stat.executeQuery();
flag=0;
response.sendRedirect("profile.jsp");
}
}
catch(Exception E)
{
out.println("Error inserting values" +E);
}
finally
{
if(rs!=null)
rs.close();
if(connection!=null)
connection.close();
}

%>
</body>
</html>


it is giving error:

Error inserting valuesjava.sql.SQLException: Parameter index out of range (1 > number of parameters, which is 0)

can anyone explain why is it so!

 

i will be glad if someone make out my mistake!

 

<hrml>
<body bgcolor="#CCFFFF">
<%@ page language="java" import="java.sql.*" %>
<%


Connection connection = null;
ResultSet rs = null;
Statement statement = null;


String loginid = request.getParameter("loginid");
String password = request.getParameter("password");

int count =0;
int flag=0;
PreparedStatement stat;

try{
Class.forName("com.mysql.jdbc.Driver");
connection = DriverManager.getConnection( "jdbc:mysql://localhost/project" , "root", "fedora" );
stat=connection.prepareStatement("select loginid, password FROM form where loginid= ? and password=?");



stat.setString(1,loginid);
stat.setString(2,password);


rs=stat.executeQuery("select loginid, password FROM form");

rs.getString(1);
rs.getString(2);

if(rs.next())
{
flag=1;
if (loginid.length() == 0) {
%>
<script language ="javascript">
alert("invalid userid/password. Please re-enter");
location.href="Welcome2008.html"
</script>
<%
}
else if (request.getParameter("password").length() == 0) {
%>
<script language ="javascript">
alert("invalid userid/password. Please re-enter");
location.href="Welcome2008.html"
</script>
<%
}
else{%>
<jsp:forward page="profile.jsp"/>
<%}
}

if(flag==0)
{
%>
<jsp:forward page="profile.jsp"/>
<%}
}
catch(Exception E)
{
out.println("Error inserting values" +E);
}
finally
{
if(rs!=null)
rs.close();
if(connection!=null)
connection.close();
}

%>
</body>
</html>


and it gives an error:
Error inserting valuesjava.sql.SQLException

 

<html>
<head><title>JSP check</title>
</head>
<body>
<%@ page language ="java" %>
<%@ page import ="java.sql.*" %>
<%
PreparedStatement ps = null;
Connection con = null;
ResultSet rs = null;
int m = 0;
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
con = DriverManager.getConnection("jdbc:mysql://localhost/project" , "root", "fedora");
String id = request.getParameter("id");
String passwd = request.getParameter("passwd");
ps = con.prepareStatement("select count(*) from userid where loginid=? and password=?");
ps.setString(1,id);
ps.setString(2,passwd);
rs=ps.executeQuery();
if(rs.next())
m=Integer.parseInt(rs.getString(1));
if(m==0)
{
out.println("Invalid user");
}
if(m>0)
{
out.println("<form action='profile.jsp'>");
}
%>
</form>
</body>
</html>

and shows only!
Invalid user

i am going mad, haha

 

..................................

 

Sorry we weren't able to provide any help. Speaking for myself, I don't know much about interfacing with SQL via JSP. Judging by the dearth of replies, the other people in this forum don't either. Congratulations to you that you were able to figure things out!

 

I am uploading my code in the pdf format, thought it might help somebody else.

 

now i am trying hard to send and bring messages from the database, is there any help for it?