user1645434
Reputation: 203
Getting unexpected output in program
Here is code:
String sql_1 = "select emp_id,password from regid";
ResultSet rs = st.executeQuery(sql_1);
while(rs.next())
{
if(((employee.equals(rs.getString("emp_id"))) && (password.equals(rs.getString("password"))))==true)
{
// String sql2="update regid set regid='"+Datastore.regIds.add(regId)+"' where emp_id='"+employee+"'";
// st.executeUpdate(sql2);
System.out.println("2> Employee Id : "+employee+" && Password : "+password);
System.out.println("3> This employee "+employee+" exsists in the database and registration-password id will be Updated");
// resp.setStatus(HttpServletResponse.SC_OK);
resp.setContentType("text/html");
PrintWriter out = resp.getWriter();
out.print("<html><body>");
out.print("<head>");
out.print("<title>Policy Page</title>");
out.print("<link rel='icon' href='../images/favicon.png'/>");
out.print("</head>");
String status = (String) req.getAttribute(ATTRIBUTE_STATUS);
if (status != null)
{
out.print("Status :"+status);
}
List<String> devices = Datastore.getDevices();
if (devices.isEmpty())
{
out.print("<h2>No devices registered!</h2>");
}
else
{
out.print("<h2>" + devices.size() + " device(s) registered!</h2>");
out.print("<form name='form' method='POST' action='sendAll'>");
out.print("<input type='text' name='policy'>");
resp.setStatus(HttpServletResponse.SC_OK);
out.print("<input type='submit' value='Apply Policy'>");
out.print("</form>");
// System.out.println(HTTP_STATUS);
System.out.println(HttpServletResponse.SC_OK);
getServletContext().getRequestDispatcher("/home").forward(req, resp);
}
out.print("</body></html>");
resp.setStatus(HttpServletResponse.SC_OK);
}
else {
resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
System.out.println(HttpServletResponse.SC_BAD_REQUEST);
System.out.println("4> This employee "+employee+" does not exsist in the database");
}
}
// rs.close();
}
But I'm getting output like,but I'm putting the correct emp_id & password(still it's showing 4> + java.lang.illegalstateexception (don't know why ?? :( )):
1> Employee : P1 && Password : ppp
400
4> This employee P1 does not exsist in the database
2> Employee Id : P1 && Password : ppp
3> This employee P1 exsists in the database and registration-password id will be Updated
400
4> This employee P1 does not exsist in the database
any idea.....why it's happening ?
Upvotes: 0
Views: 149
Answers (2)
mprivat
Reputation: 21902
It's happening because you algorithm consists of:
- Iterate through all employees
- If employee matches ID/password, print 2>, else print 4>
So you'll have one 2>, 3> output for the one that matches and all the others will give you the error 400.
Instead, you can iterate through all your employees (although it might be best to add a criteria to your SQL to narrow down the result set by password and employee ID), don't output an error unless you have exhausted all the results and did not find the matching one.
PreparedStatement stmt = null;
try {
stmt = new PreparedStatement("select * from regis where emp_id=? and password=?");
stmt.setString(1, employee);
stmt.setString(2, password);
ResultSet rs = stmt.executeQuery();
if(rs.next()) {
System.out.println("2> Employee Id : "+employee+" && Password : "+password);
System.out.println("3> This employee "+employee+" exsists in the database and
resp.setContentType("text/html");
PrintWriter out = resp.getWriter();
out.print("<html><body>");
out.print("<head>");
out.print("<title>Policy Page</title>");
out.print("<link rel='icon' href='../images/favicon.png'/>");
out.print("</head>");
String status = (String) req.getAttribute(ATTRIBUTE_STATUS);
if (status != null)
{
out.print("Status :"+status);
}
List<String> devices = Datastore.getDevices();
if (devices.isEmpty())
{
out.print("<h2>No devices registered!</h2>");
}
else
{
out.print("<h2>" + devices.size() + " device(s) registered!</h2>");
out.print("<form name='form' method='POST' action='sendAll'>");
out.print("<input type='text' name='policy'>");
resp.setStatus(HttpServletResponse.SC_OK);
out.print("<input type='submit' value='Apply Policy'>");
out.print("</form>");
// System.out.println(HTTP_STATUS);
System.out.println(HttpServletResponse.SC_OK);
getServletContext().getRequestDispatcher("/home").forward(req, resp);
}
out.print("</body></html>");
resp.setStatus(HttpServletResponse.SC_OK);
}
else {
resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
System.out.println(HttpServletResponse.SC_BAD_REQUEST);
System.out.println("4> This employee "+employee+" does not exsist in the database");
}
}
catch(Exception e) {
e.printStackTrace();
}
finally {
try {
stmt.close();
} catch(Exception x) {}
}
Upvotes: 2
Jon Skeet
Reputation: 1500785
Your indentation isn't helping you. You're looping through all the employees, and comparing the username and password for each of them - so sometimes you'll get a match, and sometimes you won't.
There are multiple problems with this code:
- If you're only looking for one result, don't ask the database for all the rows! You should be passing query parameters and doing the filtering in the database. You can then work out whether or not you've got a match just by seeing whether there are any rows in the result or not.
- Your indentation makes it hard to see what's going on
You're using huge numbers of unnecessary brackets and comparisons with
true, e.g.if(((employee.equals(rs.getString("emp_id"))) && (password.equals(rs.getString("password"))))==true)would be better as
if(employee.equals(rs.getString("emp_id") && password.equals(rs.getString("password"))You appear to be using plain text passwords. Don't do this.
Upvotes: 2
Related Questions
- MySQLSyntaxErrorException: Unknown column 'arpit' in 'field list'
- SQL in java return wrong data
- Java SQL exception command not properly ended
- Getting Incorrect return in java accessing sql database
- Java JDBC Incorrect Syntax Error
- How to remove this bug while making jdbc simple program
- Getting SQLException Error in my Java program, not sure why
- Oracle JDBC not giving expected output on Linux
- Java, code works, but exception is still thrown
- What's the problem in the next sequence of Java/SQL code?