0

I am trying to call a page when a user validates as "Admin" or "User" but there seems to be a problem.

private void validateLogin() {
    if (getFieldData() == true) {
        username = txtname.getText();
        String password = new String(txtpassword.getPassword());
        Object type = cbType.getSelectedItem();
        //validate login and password here. 
        //validity will be done by sending login/password to the database
        String sql = "select  count(*) from usermanagement where UserName='" 
                + username + "' and " + "Password='" + password + "'";
        ResultSet rs = datacon.queryTable(sql);
        try {
            rs.next();
            if (rs.getInt(1) > 0) {
                if (type.equals("Admin")) {
                    MainMenu mainmenu = new MainMenu();
                    this.dispose();
                    mainmenu.setVisible(true);
                } else {
                    UserMenu usermenu = new UserMenu();
                    this.dispose();
                    usermenu.setVisible(true);
                }
            } else {
                JOptionPane.showMessageDialog(this, 
                        "Incorrect username or password or user category", 
                        "Error", JOptionPane.ERROR_MESSAGE);
                clearField();
                txtname.requestFocusInWindow();
                cbType.setSelectedIndex(0);
            }
        } catch (SQLException ex) {
            ex.printStackTrace();
        }
    }
}
mKorbel
  • 109,525
  • 20
  • 134
  • 319
reggea
  • 11
  • 4
    what is the problem ?? – anshulkatta Jun 12 '13 at 06:39
  • 1
    1) For better help sooner, post an [SSCCE](http://sscce.org/). 2) Please use code formatting for code, input/output & structured documents like HTML or XML. To do that, select the sample and click the `{}` button above the messaged posting/editing form. 3) *"here seems to be a problem.."* What problem? – Andrew Thompson Jun 12 '13 at 06:39
  • What is the problem ? – AllTooSir Jun 12 '13 at 06:40
  • thnks andrew New Idiot and Anshulkatta --> after i have entered the validations according to my databasei.e User Category "Admin"or "User" Username "timo" and Password "timo123" its not calling the next page which is either Mainmenu or Usermenu,,,myt it be wrong declaration on 'rs.next()' and 'if(rs.getInt(1)>0)' – reggea Jun 12 '13 at 06:47
  • can you add exception report? – Zapateus Jun 12 '13 at 06:48
  • @reggea post sop in the blocks if and else and check if its going in those blocks or not – anshulkatta Jun 12 '13 at 06:49
  • 1
    [The Use of Multiple JFrames, Good/Bad Practice?](http://stackoverflow.com/questions/9554636/the-use-of-multiple-jframes-good-bad-practice) – MadProgrammer Jun 12 '13 at 06:54
  • zapateus its there "ex.printStackTrace();" but all its bringing is an error am new to java and trying to devlop a simole app.. – reggea Jun 12 '13 at 06:59
  • @anshulkatta hehehe i havent understood what u mean by "post sop in the blocks" am still learning java and from my back end db the connection is gud....MAdProgrammer let me check it out thnks – reggea Jun 12 '13 at 07:02
  • @reggea System.out.println("print something") , put it in if and else , and check if it is going in those blocks , may be they are not going in those blocks instead !! – anshulkatta Jun 12 '13 at 07:05
  • @reggea moreover , i see that you are not checking the user from the results from database , u r just getting the records number , if its greater than 0 then check for admin , this is totally not good approach :) – anshulkatta Jun 12 '13 at 07:06
  • *"after i have entered the validations according to my database"* This is relevant information that should be [edited into the question](http://stackoverflow.com/posts/17059060/edit). Use code formatting where appropriate. – Andrew Thompson Jun 12 '13 at 07:14
  • @andrew am trying to put all the codes but its giving an error,,,@anshulkatta when am using rs.getInt(1)>0 it checks in the database whether a user has any Idno matching the userdetails wat dyu suggest...? – reggea Jun 12 '13 at 09:44
  • *"am trying to put all the codes"* Why? I recommended you post an SSCCE. *"but its giving an error"* ..what is the error? Pretend for a moment I am neither psychic nor sitting behind you, looking over your shoulder. – Andrew Thompson Jun 12 '13 at 09:46
  • @Andrew i have posted the codes its saying excess codes inset i have tried the SSCCE guide,sory.. – reggea Jun 12 '13 at 12:04
  • *"excess codes"* I managed to fit over 600 lines of code into the Q&A on the [File Browser GUI](http://codereview.stackexchange.com/questions/4446/file-browser-gui). Given that 600 LOC is too long to be called an 'S'SCCE, I can only conclude that what you tried to post is ..not an SSCCE. In any case, good luck with it.. – Andrew Thompson Jun 12 '13 at 12:25

1 Answers1

0

I am not seeing the your inputs here, username and password. It would be best to attach your logs to get a glimpse of what the Exception states about your problem.

From what I see in code here are my suggestions,

  • You should refrain from using this UserName='"+username +"' on your sqls, this is appalling for special Charaters can break your sql. I suggest you adhere to something like PreparedStatement http://docs.oracle.com/javase/tutorial/jdbc/basics/prepared.html

  • It's better to adhere if(rs.next()) to check if record exists. it's not safe to access rs.getInt(1) , If you're not having any matching records, it can break your application.

Njax3SmmM2x2a0Zf7Hpd
  • 1,354
  • 4
  • 22
  • 44
  • thnks @Macon, when it brings that error the username tab gives the number the user is in the database eg timo is number 3... i have my users with each having an Id...that is why am using the rs.getInt(1) letme try what u have suggested on UserName='"+username +"'.. – reggea Jun 12 '13 at 07:14
  • @reggea I suggest you use something like if(rs.next() && (rs.getInt(1)>0)) – Njax3SmmM2x2a0Zf7Hpd Jun 12 '13 at 08:09
  • @Macon ts still giving th same error,,thnks bdw instead of using UserName='"+username +"'what dyu suggest i use,,to reference the username textbox – reggea Jun 12 '13 at 09:43
  • @reggea Pls share the Exception stacktrace – Njax3SmmM2x2a0Zf7Hpd Jun 12 '13 at 09:52
  • @Macon what it is really bringing is "Incorrect username or password or user category","Error" as error,its neither giving any Exceptions of which i have specified it,,,think this "if(rs.getInt(1)>0)" is what is bringing an error to call the MainMenu or UserMenu – reggea Jun 12 '13 at 11:57
  • @reggea change your '"if(rs.getInt(1)>0)"' to 'if(rs.next() && (rs.getInt(1)>0))' – Njax3SmmM2x2a0Zf7Hpd Jun 12 '13 at 16:10
  • @reggea Have you removed the standalone line rs.next() ? – Njax3SmmM2x2a0Zf7Hpd Jun 13 '13 at 08:34