Results 1 to 18 of 18
Like Tree1Likes
  • 1 Post By kneitzel

Thread: login authentiation with database

  1. #1
    sharmapiyush is offline Member
    Join Date
    Apr 2014
    Posts
    74
    Rep Power
    0

    Default login authentiation with database

    i have build an login form with which a user can login to see next form ,login form is working perfectly but
    when ever a user enters a wrong userid and clicks on login then nothing happens,i want that there a popup will be called and say wrong userid
    however when a user enters correct userid and wrong password then the popup is working but not when the user id itself wrong...

    thanks.

  2. #2
    Norm's Avatar
    Norm is online now Moderator
    Join Date
    Jun 2008
    Location
    SW Missouri
    Posts
    17,401
    Rep Power
    25

    Default Re: login authentiation with database

    Did you have a question about your code? Post the code and the question.
    If you don't understand my response, don't ignore it, ask a question.

  3. #3
    gimbal2 is online now Just a guy
    Join Date
    Jun 2013
    Location
    Netherlands
    Posts
    4,004
    Rep Power
    6

    Default Re: login authentiation with database

    This is like going to a garage and explaining that the left door is not functioning and asking to fix it, without bringing the car.
    "Syntactic sugar causes cancer of the semicolon." -- Alan Perlis

  4. #4
    sharmapiyush is offline Member
    Join Date
    Apr 2014
    Posts
    74
    Rep Power
    0

    Default Re: login authentiation with database

    this is the code

    Java Code:
    package Logindetails;
    
    import Main.MainForm;
    import MyButton.ButtonBean;
    import java.awt.Button;
    import java.awt.Label;
    import java.awt.event.ActionEvent;
    import java.sql.ResultSet;
    import javax.swing.*;
    import utility.DBConnect;
    
    public class Logind extends JFrame {
    
        JButton b1;
        JTextField t1, t2;
        JLabel l1, l2;
        JPanel p1 = new JPanel();
    
        public Logind() {
    
            setSize(500, 500);
            setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
            b1 = new JButton("Login");
            t1 = new JTextField(20);
            t2 = new JPasswordField(20);
            l1 = new JLabel("Enter Userid");
            l2 = new JLabel("password");
            p1.add(l1);
            p1.add(t1);
            p1.add(l2);
            p1.add(t2);
            p1.add(b1);
            getContentPane().add(p1);
            b1.addActionListener(new java.awt.event.ActionListener() {
                @Override
                public void actionPerformed(ActionEvent e) {
                    DBConnect o = new DBConnect();
                    ResultSet rs;
                    String usr = t1.getText();
                    String pass = t2.getText();
                    try {
                        rs = o.queryreturn("SELECT * FROM LOGINTABLE WHERE USERNAME='" + t1.getText() + "'");
                        while (rs.next()) {
                            String uname = String.valueOf(rs.getString("username"));
                            if (uname.isEmpty()) {                                                                                              // this is not working
                                System.out.println("Usernme is not registered with us");                                             //this is not working    
                            } else if (usr.equals(rs.getString("username")) && pass.equals(rs.getString("password"))) {
    
                               System.out.println("Login successfully");
                            } else {
                                System.out.println("Invalid Username & Password");
                            }
                        }
                    } catch (Exception ex) {
                        JOptionPane.showMessageDialog(rootPane, ex);
                    }
    
                }
            });
    
        }
    
        public static void main(String args[]) {
            new Logind().setVisible(true);
        }
    }

    there is a login table from which username and password are retrived and then compared nd if both are correct and login is permitted else invalid username or password is printed,,nut if username is incorrect then "Usernme is not registered with us" should have to print but noting happens
    Last edited by sharmapiyush; 04-22-2014 at 03:22 PM.

  5. #5
    SurfMan's Avatar
    SurfMan is offline Godlike
    Join Date
    Nov 2012
    Location
    The Netherlands
    Posts
    946
    Rep Power
    2

    Default Re: login authentiation with database

    If there are no records, that happens when the username does not exist, the while-loop will never run, since there are no records.
    "It's not fixed until you stop calling the problem weird and you understand what was wrong." - gimbal2 2013

  6. #6
    SurfMan's Avatar
    SurfMan is offline Godlike
    Join Date
    Nov 2012
    Location
    The Netherlands
    Posts
    946
    Rep Power
    2

    Default Re: login authentiation with database

    Better would be:
    Java Code:
    rs = o.queryreturn("SELECT * FROM LOGINTABLE WHERE USERNAME='" + t1.getText() + "'");
    if ( rs.next() ) {
       //records are found, test for password here
    ]
    else {
       //no records found, i.e. username does not exist
    }
    "It's not fixed until you stop calling the problem weird and you understand what was wrong." - gimbal2 2013

  7. #7
    SurfMan's Avatar
    SurfMan is offline Godlike
    Join Date
    Nov 2012
    Location
    The Netherlands
    Posts
    946
    Rep Power
    2

    Default Re: login authentiation with database

    Third, you show your JFrame in the middle of that while-loop (which should be an if-block), but you never clean up your database resources (close ResultSets, Connections etc). Get used to having a finally block with your try/catch blocks, especially with database related code. Database connections are expensive, both time as resource. Use them wisely.
    "It's not fixed until you stop calling the problem weird and you understand what was wrong." - gimbal2 2013

  8. #8
    sharmapiyush is offline Member
    Join Date
    Apr 2014
    Posts
    74
    Rep Power
    0

    Default Re: login authentiation with database

    can i enclosed the while loop in if-else statement

  9. #9
    kneitzel is offline Senior Member
    Join Date
    Feb 2014
    Posts
    447
    Rep Power
    1

    Default Re: login authentiation with database

    I have to continue my shouting here, too :)

    NEVER EVER concatenate SQL queries with user input! You are opening your application for SQL injection attacks that way! Always use parameters if you want to hand over data. That also takes away all the formating and encoding burden from your shoulders!

    With kind regards,

    Konrad
    SurfMan likes this.

  10. #10
    sharmapiyush is offline Member
    Join Date
    Apr 2014
    Posts
    74
    Rep Power
    0

    Default Re: login authentiation with database

    @surfman


    thanks it works..

  11. #11
    SurfMan's Avatar
    SurfMan is offline Godlike
    Join Date
    Nov 2012
    Location
    The Netherlands
    Posts
    946
    Rep Power
    2

    Default Re: login authentiation with database

    Quote Originally Posted by sharmapiyush View Post
    can i enclosed the while loop in if-else statement
    You can, but there is no point. If there is a matching username, there will be only one record (I presume, unless you did something clever there, but I doubt that). Looping over a ResultSet using while is only useful when you get multiple records. Checking a login is only one call to the database and an if should suffice.
    "It's not fixed until you stop calling the problem weird and you understand what was wrong." - gimbal2 2013

  12. #12
    sharmapiyush is offline Member
    Join Date
    Apr 2014
    Posts
    74
    Rep Power
    0

    Default Re: login authentiation with database

    @Kneitzel

    What are you talking about?

  13. #13
    JosAH's Avatar
    JosAH is offline Moderator
    Join Date
    Sep 2008
    Location
    Voorschoten, the Netherlands
    Posts
    13,520
    Blog Entries
    7
    Rep Power
    20

    Default Re: login authentiation with database

    Quote Originally Posted by sharmapiyush View Post
    @Kneitzel

    What are you talking about?
    About this: xkcd: Exploits of a Mom

    kind regards,

    Jos
    cenosillicaphobia: the fear for an empty beer glass

  14. #14
    gimbal2 is online now Just a guy
    Join Date
    Jun 2013
    Location
    Netherlands
    Posts
    4,004
    Rep Power
    6

    Default Re: login authentiation with database

    Quote Originally Posted by sharmapiyush View Post
    @Kneitzel

    What are you talking about?
    Thanks Google:

    SQL injection - Wikipedia, the free encyclopedia
    "Syntactic sugar causes cancer of the semicolon." -- Alan Perlis

  15. #15
    sandhya is offline Member
    Join Date
    Apr 2014
    Posts
    1
    Rep Power
    0

    Default Re: login authentiation with database

    i wan a write java code to send udp packet with sequence no n checksum n receive ack..can anyone help me

  16. #16
    JosAH's Avatar
    JosAH is offline Moderator
    Join Date
    Sep 2008
    Location
    Voorschoten, the Netherlands
    Posts
    13,520
    Blog Entries
    7
    Rep Power
    20

    Default Re: login authentiation with database

    @sandhya: please don't hijack some else's thread but start your own (it's free). See the button near the top/left of the forum threads listing.

    kind regards,

    Jos
    cenosillicaphobia: the fear for an empty beer glass

  17. #17
    kneitzel is offline Senior Member
    Join Date
    Feb 2014
    Posts
    447
    Rep Power
    1

    Default Re: login authentiation with database

    Just to clarify my post:

    Regarding "shouting" - writing things in CAPS often means shouting. In the past I was very active on msdn forums and there was 2 things where I always used caps: concatenation of sql command and not disposing stuff that needed it (something special in .net). It simply shows how important these points was in my eyes.

    Concatenation of SQL commands can be quite bad. Just imagine, that I put something like this in my username: '; - that will close your username string and ends your command. So after that I could write another command e.g. a delete or insert command. But the links regarding this point from jos and gimbal was great already and they covered this point.

    But another problem is the so called encoding. Encoding numbers is an easy example:
    1.234 is which number? The . can be the decimal point so it is just little over 1. In Germany, it would just be a separator to show the thousands....
    Or dates are more complex ... 1/2/12 is which date? You can get headache from this stuff if you are not careful.

    I hope that also clarifies all points of my posting.

    Konrad

  18. #18
    sharmapiyush is offline Member
    Join Date
    Apr 2014
    Posts
    74
    Rep Power
    0

    Default Re: login authentiation with database

    @kneitzl

    thanks for your reply.
    i am using validator/validation for all these type of issues so the the user can only enter that letter that will not affect my sql query.
    or if there is any other way,you can tell me,i will try that .

    Thanks

Similar Threads

  1. Java with MS Access Database User login
    By pateldpk in forum JDBC
    Replies: 2
    Last Post: 04-20-2012, 03:24 PM
  2. Login from database
    By _-Blackhawk-_ in forum JDBC
    Replies: 26
    Last Post: 09-22-2011, 05:19 PM
  3. Database for Login system
    By Chris_X in forum JDBC
    Replies: 1
    Last Post: 11-27-2010, 01:14 AM
  4. Replies: 7
    Last Post: 05-29-2010, 01:57 PM
  5. Replies: 0
    Last Post: 06-25-2008, 12:41 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •