java - JDBC 5 + MYSQL 4 error on select -


i'm new in java world , i'm trying create userexist method check if user exists. well, i'm getting error: java.sql.sqlexception: resultset update. no data.

this error happens when login or password doesn't exist. , next returns false.

i'm using mysql jdbc 5 mysql 4

the code:

    public boolean userexist(user entereduser) {      try {          boolean userexist = false;          preparedstatement connquery = this.connection.preparestatement("select codigo, nome, login, senha funcionario login='"+entereduser.getlogin()+"' , senha='"+entereduser.getsenha()+"'");         resultset result = connquery.executequery();          if(result.next()) {              if((result.getstring("login") == entereduser.getlogin())&&(result.getstring("senha") == entereduser.getsenha())) {                  entereduser.setid(result.getint("codigo"));                 entereduser.setnome(result.getstring("nome"));                  userexist = true;              }          }          connquery.close();          return userexist;      } catch (sqlexception error) {          throw new runtimeexception(error);      }   }

edited.

i changed code, i'm getting error in second time tried log on application. can logical error?

public boolean userexist(user entereduser) {      try {          boolean userexist = false;          preparedstatement query = this.connection.preparestatement("select codigo, nome, login, senha funcionario login=? , senha=?");         query.setstring(1,entereduser.getlogin());         query.setstring(2,entereduser.getsenha());          resultset result = query.executequery();          if(result.next()) {              if((result.getstring("login").equals(entereduser.getlogin()))&&(result.getstring("senha").equals(entereduser.getsenha()))) {                  entereduser.setcodigo(result.getint("codigo"));                 entereduser.setnome(result.getstring("nome"));                  userexist = true;              }          }          result.close();         query.close();          return userexist;      } catch (sqlexception error) {          throw new runtimeexception(error);      }   }

thank you,

although above method isn't straightforwardly vulnerable sql injection, damn close. try parameters:

preparedstatement connquery = this.connection.preparestatement("select codigo, nome, login, senha funcionario login=? , senha=?"); connquery.setstring(1,entereduser.getlogin()); connquery.setstring(2,entereduser.getsenha());

also, try declaring result set , prepared statement outside try block can close them in block.

as actual question, i'd try running execute instead of executequery


Comments

Post a Comment

Popular posts from this blog

android - Get AccessToken using signpost OAuth without opening a browser (Two legged Oauth) -

i using signpost oauth access data magento server. have read various tutorials on same , reach point open browser user can enter credentials. however, per requirement have automate part. hence, user should not browser page. have set-up done on server side ( magento ), hit url , returned call page. same through program in android. i have tried below, consumer = new commonshttpoauthconsumer(key, secret); provider = new commonshttpoauthprovider(oauth_init_url,access_token_url, authorize_url); try { provider.retrieverequesttoken(consumer, oauth.out_of_band); log.d("tokens" , consumer.gettoken() + " -- " + consumer.gettokensecret()); } and request tokens. dont know how bypass next step. tried directly accessing accesstoken (stupid of me) provider.retrieveaccesstoken(consumer, "mycallback://callback"); no luck, ends in oauth.signpost.exception.oauthnotauthorizedexception: authorization failed (server replied 401). ...
Read more

org.mockito.exceptions.misusing.InvalidUseOfMatchersException: mockito -

getting error org.mockito.exceptions.misusing.invaliduseofmatchersexception: invalid use of argument matchers! 1 matchers expected, 2 recorded. exception may occur if matchers combined raw values: //incorrect: somemethod(anyobject(), "raw string"); when using matchers, arguments have provided matchers. example: //correct: somemethod(anyobject(), eq("string matcher")); at when( getprogramservice .callservice(any(getprogramtype.class))) .thenreturn(jaxbresponse); please explain error , possible resolution the code posted looks fine; don't see problem it. code before or above causing exception. key here: invalid use of argument matchers! 1 matchers expected, 2 recorded. any , used above, doesn't return "special kind of null" or "special kind of getprogramtype"; don't exist. instead, returns null , side effect puts matcher on stack. whe...
Read more

google shop client API returns 400 bad request error while adding an item -

i'm working on solution add items in google shopping market java application. following tutorial real mess because of missing classes of laste release, after setting 1.5-beta maven managed make base example typecheck correctly classes. still can make simple task of adding 1 item. instead of posting whole code i'm posting part creates product feed. private product createproduct(string id) { product product = new product(); product.title = "red wool sweater"; product.content = new content( "text", "comfortable , soft, sweater keep warm on " + "cold winter nights. red , blue stripes."); product.appcontrol = new appcontrol(); product.appcontrol.addrequireddestination("productads"); product.externalid = id; product.lang = "it"; product.country = "it"; product.condition = "nuovo"; product.price = new price("eu...
Read more