Cory Singer
Reputation: 11
Why does my validation method return true no matter what?
I have created a method that runs a select query on a database and returns a Boolean true if an email already exists in a database and false if the email does not exist. The problem is that it returns true regardless of if the email exists or not.
Here is my Servlet
@WebServlet(name = "EmailListServlet")
public class EmailListServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String url = "/index.html";
String action = request.getParameter("action");
if (action ==null){
action = "join";
}
if (action.equals("join")){
url = "/index.html";
} else if (action.equals("add")){
String firstName = request.getParameter("firstName");
String lastName = request.getParameter("lastName");
String email = request.getParameter("email");
User user = new User(firstName,lastName,email);
UserDB.doesEmailExist(user);
if (false) {
UserDB.insert(user);
System.out.println(user.getEmail() + " has joined.");
} else {
//input an alert here
System.out.println("email already taken");
}
url = "/index.html";
} else if (action.equals("delete")){
String firstName = request.getParameter("firstName");
String lastName = request.getParameter("lastName");
String email = request.getParameter("email");
User user = new User(firstName,lastName,email);
UserDB.delete(user);
url = "/index.html";
} else if (action.equals("select")){
String firstName = request.getParameter("firstName");
String lastName = request.getParameter("lastName");
String email = request.getParameter("email");
User u1 = new User(firstName,lastName,email);
UserDB.selectUsers(u1);
ArrayList<User> users = UserDB.selectUsers(u1);
request.setAttribute("users",users);
url= "/update.jsp";
} else if (action.equals("update")){
String firstName = request.getParameter("firstName");
String lastName = request.getParameter("lastName");
String email = request.getParameter("email");
String id = request.getParameter("id");
User user = new User(firstName,lastName,email, id);
UserDB.update(user);
url = "/update.jsp";
}
getServletContext().getRequestDispatcher(url).forward(request,response);
}
Here is the DB Class that has the select statement and the validation method
public class UserDB {
public static int insert(User user) {
Connection conn;
PreparedStatement ps = null; //Prepared statement is a way to protect from code injection
String insertQuery = "insert into email_user(email_user_firstname, email_user_lastname, email_user_email) " +
"values (?,?,?)";
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/email_list", "root", "mysql");
ps = conn.prepareStatement(insertQuery);
ps.setString(1, user.getFirstName());
ps.setString(2, user.getLastName());
ps.setString(3, user.getEmail());
return ps.executeUpdate();
} catch (SQLException e) {
e.printStackTrace();
return 0;
} catch (ClassNotFoundException e) {
e.printStackTrace();
return 0;
} finally {
DBUtil.closePreparedStatement(ps);
}
}
public static int delete(User user){
Connection conn;
PreparedStatement ps = null; //Prepared statement is a way to protect from code injection
String deleteQuery = "delete from email_user where email_user_email = ?";
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/email_list", "root", "mysql");
ps = conn.prepareStatement(deleteQuery);
ps.setString(1, user.getEmail());
return ps.executeUpdate();
} catch (SQLException e) {
e.printStackTrace();
return 0;
} catch (ClassNotFoundException e) {
e.printStackTrace();
return 0;
} finally {
DBUtil.closePreparedStatement(ps);
}
}
public static ArrayList<User> selectUsers(User u1) {
Connection conn;
PreparedStatement ps = null;
String selectAll = "select * from email_user";
ResultSet rs = null;
ArrayList<User> users = new ArrayList();
{
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/email_list", "root", "mysql");
ps = conn.prepareStatement(selectAll);
//User u1 = new User();
//ps.setString(1, u1.getEmail());
String queryEmail = u1.getEmail();
//System.out.println("Your email is " + queryEmail);
rs = ps.executeQuery();
while (rs.next()){
User user = new User();
user.setFirstName(rs.getString("email_user_firstname"));
user.setLastName(rs.getString("email_user_lastname"));
user.setEmail(rs.getString("email_user_email"));
user.setId(rs.getString(1));
users.add(user);
}
ArrayList<User> singleUser = new ArrayList<>();
for (int i = 0; i < users.size(); i++){
if (queryEmail.equals(users.get(i).getEmail())){
singleUser.add(users.get(i));
System.out.println(queryEmail + " : They matched");
}
}
return singleUser;
} catch (SQLException | ClassNotFoundException e) {
e.printStackTrace();
return null;
}finally {
DBUtil.closePreparedStatement(ps);
}
}
}
public static int update(User user){
Connection conn;
PreparedStatement ps = null; //Prepared statement is a way to protect from code injection
String updateQuery = "update email_user set email_user_firstname = ?, email_user_lastname = ?, email_user_email = ? where idemail_user = ?";
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/email_list", "root", "mysql");
ps = conn.prepareStatement(updateQuery);
ps.setString(1, user.getFirstName());
ps.setString(2, user.getLastName());
ps.setString(3, user.getEmail());
ps.setString(4, user.getId());
return ps.executeUpdate();
} catch (SQLException e) {
e.printStackTrace();
return 0;
} catch (ClassNotFoundException e) {
e.printStackTrace();
return 0;
} finally {
DBUtil.closePreparedStatement(ps);
}
}
public static boolean doesEmailExist(User user){
Connection conn;
PreparedStatement ps = null; //Prepared statement is a way to protect from code injection
String selectQuery = "select email_user_email from email_user where email_user_email = ?";
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/email_list", "root", "mysql");
ps = conn.prepareStatement(selectQuery);
ps.setString(1, user.getEmail());
return ps.execute();
} catch (SQLException e) {
e.printStackTrace();
return false;
} catch (ClassNotFoundException e) {
e.printStackTrace();
return false;
} finally {
DBUtil.closePreparedStatement(ps);
}
}
}
Upvotes: 1
Views: 102
Answers (2)
rudfish
Reputation: 41
You have hard-coded the false condition:
UserDB.doesEmailExist(user);
if (false) {
UserDB.insert(user);
System.out.println(user.getEmail() + " has joined.");
} else {
//input an alert here
System.out.println("email already taken");
}
I would use
if (UserDB.doesEmailExist(user)) {
UserDB.insert(user);
System.out.println(user.getEmail() + " has joined.");
} else {
//input an alert here
System.out.println("email already taken");
}
Upvotes: 4
José Ripoll
Reputation: 554
Right here, "if" is not checking if email already exists.
UserDB.doesEmailExist(user);
if (false) {
UserDB.insert(user);
System.out.println(user.getEmail() + " has joined.");
} else {
//input an alert here
System.out.println("email already taken");
}
Put UserDB.doesEmailExist(user) inside the if.
Upvotes: 0
Related Questions
- Why does this method always return false?
- java validate() method doesnt work properly
- Boolean logic for validation is failing
- My java class validation is not working why?
- Java code always returns error message (valid never equals true)
- Can't verify data on Java
- why doesn't the valid method work?
- validating if statement not working properly
- Simple Java Validation
- validation function problem