...

View Full Version : JSP/MySQL user validation



wisner94
01-16-2012, 11:15 PM
I'm new to Java, and I'm writing a website in JSP. When a user attempts to log in, their username and password are sent via post to the page *verify.jsp*:


<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1" errorPage="error.html" isErrorPage="true"%>
<%@ include file="mysql.jsp" %>
<%
String user = request.getParameter("user");
String pass = request.getParameter("pass");
if (session.getAttribute("auth") == "yes") {
response.sendRedirect("http://localhost:8080/armControl/interface.jsp");
} else if (validate(user,pass)) {
session.setAttribute("auth", "yes");
session.setAttribute("username", user);
session.setAttribute("password", pass);
response.sendRedirect("http://localhost:8080/armControl/interface.jsp");
} else {
session.setAttribute("auth", "no");
response.sendRedirect("http://localhost:8080/armControl/index.jsp");
} %>

In verify.jsp, I included the file *mysql.jsp*:


<%@page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1" import="java.sql.*"%>

<%!
public boolean validate(String userGiven, String passGiven) {
String connectionURL = "jdbc:mysql://localhost:3306/arm_db";
Connection connection = null;
Statement statement = null;
ResultSet rs = null;
Class.forName("com.mysql.jdbc.Driver").newInstance();
connection = DriverManager.getConnection(connectionURL,"armuser","3394");
statement = connection.createStatement();
rs = statement.executeQuery("SELECT * FROM `users`");
while (rs.next()) {
String username = rs.getString("username");
String password = rs.getString("password");
if (userGiven.equalsIgnoreCase(username) && passGiven.equals(password)) {
return true;
break;
}
else {
return false;
break;
}
}
rs.close();
} %>

When I try to log in with a username and password stored in the database, I get the following:


type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception

org.apache.jasper.JasperException: Unable to compile class for JSP:

An error occurred at line: 5 in the jsp file: /mysql.jsp
This method must return a result of type boolean
2: pageEncoding="ISO-8859-1" import="java.sql.*"%>
3:
4: <%!
5: public boolean validate(String userGiven, String passGiven) {
6: String connectionURL = "jdbc:mysql://localhost:3306/arm_db";
7: Connection connection = null;
8: Statement statement = null;


An error occurred at line: 11 in the jsp file: /mysql.jsp
Unhandled exception type ClassNotFoundException
8: Statement statement = null;
9: ResultSet rs = null;
10:
11: Class.forName("com.mysql.jdbc.Driver").newInstance();
12: connection = DriverManager.getConnection(connectionURL,"armuser","3394");
13: statement = connection.createStatement();
14: rs = statement.executeQuery("SELECT * FROM `users`");


An error occurred at line: 11 in the jsp file: /mysql.jsp
Unhandled exception type InstantiationException
8: Statement statement = null;
9: ResultSet rs = null;
10:
11: Class.forName("com.mysql.jdbc.Driver").newInstance();
12: connection = DriverManager.getConnection(connectionURL,"armuser","3394");
13: statement = connection.createStatement();
14: rs = statement.executeQuery("SELECT * FROM `users`");


An error occurred at line: 11 in the jsp file: /mysql.jsp
Unhandled exception type IllegalAccessException
8: Statement statement = null;
9: ResultSet rs = null;
10:
11: Class.forName("com.mysql.jdbc.Driver").newInstance();
12: connection = DriverManager.getConnection(connectionURL,"armuser","3394");
13: statement = connection.createStatement();
14: rs = statement.executeQuery("SELECT * FROM `users`");


An error occurred at line: 12 in the jsp file: /mysql.jsp
Unhandled exception type SQLException
9: ResultSet rs = null;
10:
11: Class.forName("com.mysql.jdbc.Driver").newInstance();
12: connection = DriverManager.getConnection(connectionURL,"armuser","3394");
13: statement = connection.createStatement();
14: rs = statement.executeQuery("SELECT * FROM `users`");
15:


An error occurred at line: 13 in the jsp file: /mysql.jsp
Unhandled exception type SQLException
10:
11: Class.forName("com.mysql.jdbc.Driver").newInstance();
12: connection = DriverManager.getConnection(connectionURL,"armuser","3394");
13: statement = connection.createStatement();
14: rs = statement.executeQuery("SELECT * FROM `users`");
15:
16: while (rs.next()) {


An error occurred at line: 14 in the jsp file: /mysql.jsp
Unhandled exception type SQLException
11: Class.forName("com.mysql.jdbc.Driver").newInstance();
12: connection = DriverManager.getConnection(connectionURL,"armuser","3394");
13: statement = connection.createStatement();
14: rs = statement.executeQuery("SELECT * FROM `users`");
15:
16: while (rs.next()) {
17: String username = rs.getString("username");


An error occurred at line: 16 in the jsp file: /mysql.jsp
Unhandled exception type SQLException
13: statement = connection.createStatement();
14: rs = statement.executeQuery("SELECT * FROM `users`");
15:
16: while (rs.next()) {
17: String username = rs.getString("username");
18: String password = rs.getString("password");
19:


An error occurred at line: 17 in the jsp file: /mysql.jsp
Unhandled exception type SQLException
14: rs = statement.executeQuery("SELECT * FROM `users`");
15:
16: while (rs.next()) {
17: String username = rs.getString("username");
18: String password = rs.getString("password");
19:
20: if (userGiven.equalsIgnoreCase(username) && passGiven.equals(password)) {


An error occurred at line: 18 in the jsp file: /mysql.jsp
Unhandled exception type SQLException
15:
16: while (rs.next()) {
17: String username = rs.getString("username");
18: String password = rs.getString("password");
19:
20: if (userGiven.equalsIgnoreCase(username) && passGiven.equals(password)) {
21: return true;


An error occurred at line: 22 in the jsp file: /mysql.jsp
Unreachable code
19:
20: if (userGiven.equalsIgnoreCase(username) && passGiven.equals(password)) {
21: return true;
22: break;
23: }
24: else {
25: return false;


An error occurred at line: 22 in the jsp file: /mysql.jsp
Unreachable code
19:
20: if (userGiven.equalsIgnoreCase(username) && passGiven.equals(password)) {
21: return true;
22: break;
23: }
24: else {
25: return false;


An error occurred at line: 29 in the jsp file: /mysql.jsp
Unhandled exception type SQLException
26: break;
27: }
28: }
29: rs.close();
30: } %>


Stacktrace:
org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:102)
org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:331)
org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:457)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:378)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:353)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:340)
org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:646)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:357)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334)
javax.servlet.http.HttpServlet.service(HttpServlet.java:722)

I'm so confused! Any idea what't up?

alykins
01-17-2012, 04:17 PM
first I think you should change this-


statement = connection.createStatement();
rs = statement.executeQuery("SELECT * FROM `users`");
rs.first();
String username = rs.getString("username");
String password = rs.getString("password");
if (userGiven.equalsIgnoreCase(username) && passGiven.equals(password)) {
rs.close();
return true;
}
else {
rs.close();
return false;
}

the other stuff from my research looks "ok"- i am wondering if the culprit is lying in the breaks as well as the trailing rs.close(). They happen after the return statement and that may be making it fussy. You are sure you have a table named users? Does MySQL have a management studio? (I assume it does) does that query work in your MySQL studio? (ie make sure your query is returning and not bombing)

Edit: The SQL exceptions bother me hence why I said to run query in SQL- But also of concern is it saying that method must return boolean which makes me wonder if it is thinking it is attempting to return something else (could be the exception) also worth noting is that the stack trace has a comment of unreachable code- again my suggestion to alter the code and see if it works.

Edit Edit: also in you connection string code you have hard coded localhost:3306; you are sure that is the port for MySQL? I have not used MySQL before but unless you explicitly tell SQL Server to talk on a spcific port there is no need to call out the port- but that is SQL Server not MySQL.

wisner94
01-18-2012, 04:31 AM
thanks, but I talked with a co-worker today, and he told me the problem was that i needed to create a class for my methods! im pretty new to this whole java/oop thing... ;)



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum