ResultSet in servlet contains no values

Question

here is my servlet code...

 try {
        HttpSession session=request.getSession(true);
        String FN= (String)session.getAttribute("FN");
        String h1= request.getParameter("h1"); //contains the password value

        if(h1=="" || h1== null)
        {
            response.sendRedirect("PERROR.html");   // if no value in passwrd field

        }

  else{

        Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
        Connection con = DriverManager.getConnection("jdbc:odbc:dsn2");
        Statement st=con.createStatement();

        String UNM= (String)session.getAttribute("uname");
        String query= "select * from img_pwd where uname='"+UNM+"' and pwd='"+h1+"')";
                  // validating from the table img_pwd

        ResultSet r= st.executeQuery(query);

        if(r.next())
        {

            con.close();


            response.sendRedirect("ACCOUNT.jsp");  //success, go to dashboard

        }
        else
        {

            response.sendRedirect("PERROR.html"); // if the password-mismatches

        }



 }


    } finally { 
        out.close();
    }

and the table "img_pwd" is shown below--

1. uname(nvarchar[50])
2. pwd(nvarchar[20])

So i have tried debugging and found that program execution reaches till where the query is stored in a string, but the query is not executed and the progress of the program stops just after storing the QUERY STRING....

i CANT FIGURE OUT THE ERROR, NEED HELP..

Answer 1

Yes remove ")" from

"select * from img_pwd where uname='"+UNM+"' and pwd='"+h1+"')"

Your query string should be like this:

select * from table

Answer 2

You can try the following:

1. Try to change your query to something like select * from table where you are sure there should be some results to ensure your access to the database is working as expected.
2. Trim the 'uname' and password for any spaces at the beginning or the end, this could explain why your query cannot find the values, and make sure the values you test with exist in the database table.
3. depending on your DBMS you may consider using a like operator "%"

Answer 3

well it seems funny...but i have now realised that i wasted my 5 hours just because of a single closing bracket.. )

"select * from img_pwd where uname='"+UNM+"' and pwd='"+h1+"')"

can u figure out the ")"..??? Yes, that was the mistake. after removing it the code is working fine.

Answer 4

may be there is any exception while connecting with database you did not mentioned catch block so put a catch and debug.