There is a jsp page on which I have to access the selected value from a dropdown list and then compare it's value with the field 'role' stored in mysql database.
I have to comapre both values to authenticate the user. I can access the role from dropdown list but I am unable to compare it with role stored in database.

This is the source code of jsp page

login.jsp-

<html>
<head><title>Login Page</title>
</head>
<body>
<form name="loginform" method="post" action="Authentication.jsp">
<br><br>
<table align="center"><tr><td><h2>Login Authentication</h2></td></tr></table>
<table width="300px" align="center" style="border:1px solid #000000;background-color:#efefef;">
<tr><td colspan=2></td></tr>
<tr><td colspan=2>&nbsp;</td></tr>
	<tr>
		<td><b>Login Name</b></td>
		<td><input type="text" name="username" value=""></td>
	</tr>
	<tr>
		<td><b>Password</b></td>
		<td><input type="password" name="password" value=""></td>
	</tr>
       

	<tr>
		<td><label>
		  <select name="role" id="select">
		    <option>User</option>
		    <option>Admin</option>
	      </select>
		  </label></td>
	  <td><input type="submit" name="Submit" value="Submit">
		  </td>
      <!--  <td><td width="100"><b>Name</b></td>
 <td>
 	
</td>
	</tr>
	<tr><td colspan=2>&nbsp;</td></tr>
</table>
</form>
<!--<%String option=request.getParameter("role");
if(option==null){
}
else{
out.println("You have selected: <b>"+option+"</b>"+"<br>");
}
%>-->

</body>
</html>

Authentication.jsp---

<%@ page import="java.sql.*" %>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
   "http://www.w3.org/TR/html4/loose.dtd">
<%
String connectionURL = "jdbc:mysql://localhost:3306/user_tbl?user=,password=";
Connection connection = null;
Statement statement = null;
ResultSet rs = null;
response.setContentType("text/html");
%>

<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>JSP Page</title>
    </head>
    <body>
        <%
        String userName=new String("");
        String password=new String("");
        String role = new String("");
        boolean flag = false;

        Class.forName("com.mysql.jdbc.Driver").newInstance();

        connection = DriverManager.getConnection(connectionURL, "root", "1234");
        statement = connection.createStatement();
        statement.executeQuery("select user_name,password,role from login");
        rs = statement.getResultSet();

        
        String role1[] = request.getParameterValues("role");

        while (rs.next()) {
        userName=rs.getString("user_name");
        password=rs.getString("password");
        role = rs.getString("role");
                          
        if(userName.equals(request.getParameter("username")) && password.equals(request.getParameter("password"))&& role.equals(request.getParameterValues("role")))
            flag = true;
        //session.setAttribute("userName",rs.getString(2));
       
}
       
        if(role1!=null){
        for(int i=0; i<role1.length;i++)
        {
            if(role.equals(request.getParameter("role")))
            out.println("you are:"+role1[i]);
            }
        }
        if(flag==true)
            {
            //out.println("User Authenticated");
           response.sendRedirect("welcome.jsp");
            }
        else{
            //out.println("You are not an authentic person");
            response.sendRedirect("error.jsp");
            }
        
              rs.close ();
        statement.close ();
        %>
    </body>
</html>

You forgot to add this:

<option [B]value="user"[/B]>User</option>

I haven't read your code; just stopped reading when I reached that part.
This is a site that helped me a lot to learn html and java script:
w3Schools

Also for "select" use this: request.getParameter("role") It is used whenever you submit One value.
Use the one that returns an array when you expect more than one "value" per "name"

Thanx a lot.
I did exactly what you have written to do, but still I am facing the same problem.
Now I have used code
role.equals(request.getParameter("role")) , not used request.getParameterValues() in line no.97 and I have removed line no.106. But still have same problem.

First of all start a new thread with your new code. This kind of thread is only for posting working code as an idea of sharing code for educational purposes.
Start a new thread and don't select code snippet.
Post your new code.

Then we will talk

First of all start a new thread with your new code. This kind of thread is only for posting working code as an idea of sharing code for educational purposes.
Start a new thread and don't select code snippet.
Post your new code.

Then we will talk

No need to start new thread, just report it and I can change format from code snipped to thread as I did now. Nevertheless I know your intention was the best.

No need to start new thread, just report it and I can change format from code snipped to thread as I did now. Nevertheless I know your intention was the best.

I am sorry.

I am sorry.

Nothing to be sorry about. You had best intentions to help.

I was just wondering why do you compare the username, password and role entered by the user by selecting all the records in the database?
I think it would be easier if you just select the record pertaining to the user that has logged in. So you just select the username, password and role from the database matching the username and password provided by the user, then compare the "roles".

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.