Results 1 to 8 of 8

Thread: servlet issue

  1. #1
    tjhodge is offline Member
    Join Date
    Feb 2009
    Posts
    7
    Rep Power
    0

    Default servlet issue

    I am running this program but instead of redirecting to the next page, the servlet LoginServlet just opens a blank page. Can anyone spot where i may have gone wrong? The servlet is in a package called Login.

    Java Code:
    <%@page contentType="text/html" pageEncoding="UTF-8"%>
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
       "http://www.w3.org/TR/html4/loose.dtd">
    
    <html>
    
    
        <body bgcolor="blue">
            <form name="f1" method="post" action="LoginServlet">
                <table>
                    <tr>
                        <td>Username</td>
                        <td><input type="text" name="t1" ></td>
                    </tr>
                    <tr>
                        <td>Password</td>
                        <td><input type="password" name="t2"></td>
                    </tr>
                    <tr>
                        <td></td>
                        <td><input type="submit" name="b1" value="LOGIN"></td>
                    </tr>
                </table>
            </form>
        </body>
    </html>
    Java Code:
    package Login;
    
    import java.io.*;
    import javax.servlet.*;
    import javax.servlet.http.*;
    import java.sql.*;
    
    public class LoginServlet extends HttpServlet {
    
        @Override
        protected void doPost(HttpServletRequest request, HttpServletResponse response)
                throws ServletException, IOException {
    
            PrintWriter pw = response.getWriter();
            response.setContentType("text/html");
            String name = request.getParameter("t1");
            String password = request.getParameter("t2");
    
            try {
    
                
                Connection con = DBConnect.DbConnection.getConnection();
                Statement st = con.createStatement();
                ResultSet rs = st.executeQuery("SELECT username, password "
                        + "FROM users "
                        + "WHERE username = " + name + " "
                        + "AND password = " + password);
    
                if (rs != null) {
                    HttpSession session = request.getSession();
                    session.setAttribute("username", name);
                    response.sendRedirect("next.jsp");
                } else {
                    response.sendRedirect("elogin.jsp");
                }
    
    
            } catch (Exception e) {
                e.getMessage();
            }
        }
    }

  2. #2
    r035198x is offline Senior Member
    Join Date
    Aug 2009
    Posts
    2,388
    Rep Power
    7

    Default

    Check the logs to see what exceptions were thrown.

  3. #3
    tjhodge is offline Member
    Join Date
    Feb 2009
    Posts
    7
    Rep Power
    0

    Default

    I seem to have it working now, the only issue i am having is the redirecting to the error page. There are no errors but its not redirecting. It redirects if the details are correct but if they are wrong it does not .

    Java Code:
     Connection con = DBConnect.DbConnection.getConnection();
                    Statement st = con.createStatement();
    
                    String user = request.getParameter("t1");
                    String pass = request.getParameter("t2");
                    String strSQL = "SELECT username, password FROM users "
                            + "WHERE username = '" + user + "' "
                            + "AND password = '" + pass + "'";
                    ResultSet rs = st.executeQuery(strSQL);
                    String username, password;
                    HttpSession session = request.getSession();
    
                    while (rs.next()) {
                        username = rs.getString("username");
                        password = rs.getString("password");
    
                        if (user.equals(username) && pass.equals(password)) {
    
                            response.sendRedirect("next.jsp");
                        } else {
                            response.sendRedirect("errorlogin.jsp");
                        }
                    }

  4. #4
    r035198x is offline Senior Member
    Join Date
    Aug 2009
    Posts
    2,388
    Rep Power
    7

    Default

    Is the name of the JSP correct? Is it in the same folder as the next.jsp?
    You should still have got an error message somewhere not just a blank page.

    P.S Hopefully you are closing the connections in some finally block that you have not posted.

  5. #5
    Tolls is offline Moderator
    Join Date
    Apr 2009
    Posts
    11,861
    Rep Power
    19

    Default

    Your logic's wrong.

    First off:
    Java Code:
            } catch (Exception e) {
                e.getMessage();
            }
    This is just eating an exception. You should be doing e.printStackTrace().

    Second:
    Java Code:
                    while (rs.next()) {
                        username = rs.getString("username");
                        password = rs.getString("password");
    
                        if (user.equals(username) && pass.equals(password)) {
    
                            response.sendRedirect("next.jsp");
                        } else {
                            response.sendRedirect("errorlogin.jsp");
                        }
                    }
    If the username and password aren't in the db the resultset will be empty, so rs.next() will be false. So the code is never entered.

    There's no point rechecking the username/password against what was enetered since the SQL has already done that. So you want to do an "if" not a "while", and the else will be your error login page.

  6. #6
    Tolls is offline Moderator
    Join Date
    Apr 2009
    Posts
    11,861
    Rep Power
    19

    Default

    In fact why are you getting the result from the db based on "t1" and "t2" and then comparing the returned values against "username" and "password"?

  7. #7
    tjhodge is offline Member
    Join Date
    Feb 2009
    Posts
    7
    Rep Power
    0

    Default

    Thanks for the help, i removed the comparison between username and password and used the if statement and it works great! You help was much appreciated!! Thanks again

  8. #8
    Tolls is offline Moderator
    Join Date
    Apr 2009
    Posts
    11,861
    Rep Power
    19

    Default

    No probs.
    At least you did the check in the SQL.
    You won't believe the number of people who simply get a resultset from the user table and have Java cycle through it all checking for username and password.

Similar Threads

  1. Replies: 1
    Last Post: 09-27-2009, 03:36 AM
  2. Replies: 2
    Last Post: 07-24-2009, 01:26 PM
  3. how can i link html+servlet+xml to form servlet
    By balachandarr in forum Java Servlet
    Replies: 0
    Last Post: 04-15-2009, 04:06 PM
  4. Replies: 1
    Last Post: 12-02-2008, 12:23 AM
  5. Replies: 1
    Last Post: 08-07-2007, 03:47 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •