Login (Java Servlet/Database)


DevX Home    Today's Headlines   Articles Archive   Tip Bank   Forums   

Results 1 to 2 of 2

Thread: Login (Java Servlet/Database)

Hybrid View

  1. #1
    Join Date
    Apr 2005
    Posts
    1

    Login (Java Servlet/Database)

    I'm trying to create a login page that will verify users, create a session, and then redirect them to a specific page according to their user_type in the database. Everything seems to be working accept that it will not verify everything that has an "else if" statement. It will verify the user_type in the if and the user_type with the else, but seems to skip over the else if's. I need it to check else if's as well. I'll supply my code. Any suggestions would be appreciated. Thanks in advance.

    Code:
    /* Login verifies username and password, creates session with username, 
     * and directs user to correct page via their usertype. */ 
    import java.sql.*; 
    import java.io.*;
    import oracle.jdbc.*;
    import javax.servlet.*;
    import javax.servlet.http.*;
     
    public class login extends HttpServlet
    { 
         public void doPost (HttpServletRequest request, HttpServletResponse response) 
         throws ServletException, IOException
         {
         
               // Get the requested name and the output writer. 
               PrintWriter out = response.getWriter (); 
               String username = request.getParameter ("username");
               String password = request.getParameter ("password");
               String user = request.getParameter ("username");
               String faculty = "Faculty";
               String hod = "HOD";
               String student = "Student";
               String employee = "Employee";
               String admin = "Administrator";  
     
              //Used to instantiate a connection
               Connection conn = null;
          	   try
    	      {
               // Load Oracle driver to connect to the database. 
               Class.forName ("oracle.jdbc.driver.OracleDriver"); 
     
               // Connect to the database
               conn = DriverManager.getConnection 
    		   ("..."); 
    		   
    		   // Create a statement and a query and get the ResultSet.
               Statement stmt = conn.createStatement (); 
               ResultSet rs = stmt.executeQuery ("...");        
     
     		   /* If it is a valid user: create the session and direct user to 
     		    *correct page. Creates session. Keeps the username name in the 
     		    *session till the browser is close */ 		   
     		   if (rs.next()) {
     		   	
     		   	HttpSession session = request.getSession(true); 
    		   session.setAttribute("user", username); 
     		   	
     		   if(
     		   		(!(username.equals ("null")) && username.equals(rs.getString ("username"))) 
    		   && (!(password.equals ("null")) && password.equals(rs.getString ("password"))) 
    		   && (admin.equals(rs.getString ("user_type")))) 
    		   {
    		   
    		   //Creates session with username and direct to next page.
    		   response.sendRedirect("admin.html");
    		   
               }//Administrator
               
               else if (           
               		 (!(username.equals (null)) && username.equals("rs.getString ('username')")) 
    		   && (!(password.equals (null)) && password.equals("rs.getString ('password')")) 
    		   && (hod.equals("rs.getString ('user_type')"))) 
    		   {
    		   
    		   //Creates session with username and direct to next page.
    		  // HttpSession session = request.getSession(true); 
    		   /session.setAttribute("user", username); 
    		   response.sendRedirect("headofdept.html");
    		   
               }//Head of Department
               
               else if (           
               		 (!(username.equals (null)) && username.equals("rs.getString ('username')")) 
    		   && (!(password.equals (null)) && password.equals("rs.getString ('password')")) 
    		   && (faculty.equals("rs.getString ('user_type')")))
    		   {
    		   
    		   //Creates session with username and direct to next page.
    		   //HttpSession session = request.getSession(true); 
    		   //session.setAttribute("user", username); 
    		   response.sendRedirect("faculty.html");
    		   
               }//Faculty
               
               else if (           
               		 (!(username.equals(null)) && username.equals("rs.getString ('username')")) 
    		   && (!(password.equals (null)) && password.equals("rs.getString ('password')")) 
    		   && (employee.equals("rs.getString ('user_type')"))) 
    		   {
    		   
    		   //Creates session with username and direct to next page.
    		   //HttpSession session = request.getSession(true); 
    		   //session.setAttribute("user", username); 
    		   response.sendRedirect("employee.html");
    		   
               }//Employee
               
               else if (           
               		 (!(username.equals (null)) && username.equals(rs.getString ("username"))) 
    		   && (!(password.equals (null)) && password.equals(rs.getString ("password"))) 
    		   && (student.equals(rs.getString ("user_type")))) 
    		   {
    		   
    		   //Creates session with username and direct to next page.
    		   /*Cookie cookie = new Cookie ("user", rs.getString ("password"));
    		   cookie.setMaxAge (3600); // Set the maximum age to be an hour.
    		   response.addCookie (cookie);
    		   response.sendRedirect("createstudentuser.html");*/
    		   
    		   //HttpSession session = request.getSession(true); 
    		   //session.setAttribute("user", username); 
    		   //out.println ("<h3>Username: " + (String) session.getAttribute ("user") + "<h3>");
    		   response.sendRedirect("student.html");
    		   
               }//Students
               
               else out.println ("<h3>Incorrect login information.</h3>");
               }
              rs.close();
          } //try (For DB load)
       	    
    		//Error handled if Integer is not passed for an int variable type.	  
    	    catch(NumberFormatException e)
    		{
                   out.println("Number Format Exception");
                   return;
            }//catch(NumberFormatException e)
     
    		//Error handled if there is an SQL error.
          	catch(SQLException e)
          	{
             	out.println(e.getMessage());
             	while((e = e.getNextException()) != null)
                	out.println(e.getMessage());
          	}//catch(SQLException e)
    		
    		//Error handled if .class file for HTML action cannot be found.
          	catch(ClassNotFoundException e)
          	{
             out.println(e.getMessage());
          	}//catch(ClassNotFoundException e)
    		
          	finally
          	{
             	//Clean up resources, close the connection.
             	if(conn != null)
             	{
                	try
                	{
                  		 conn.close();
                	}//try
                	catch (Exception ignored) {}
                }//if (conn !=null)
        	} // finally
        } //doGet
    } // End login.java

  2. #2
    Join Date
    Apr 2005
    Posts
    3
    (!(username.equals (null)) && username.equals("rs.getString ('username')"))
    You mistyped quotes, should be:
    Code:
    (!(username.equals (null)) && username.equals(rs.getString ("username")))

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center
 
 
FAQ
Latest Articles
Java
.NET
XML
Database
Enterprise
Questions? Contact us.
C++
Web Development
Wireless
Latest Tips
Open Source


   Development Centers

   -- Android Development Center
   -- Cloud Development Project Center
   -- HTML5 Development Center
   -- Windows Mobile Development Center