problem in comparision of dropdown value and database vale

Question

shuchi.vishnoi 0 Newbie Poster

15 Years Ago

There is a jsp page on which I have to access the selected value from a dropdown list and then compare it's value with the field 'role' stored in mysql database.
I have to comapre both values to authenticate the user. I can access the role from dropdown list but I am unable to compare it with role stored in database.

This is the source code of jsp page

login.jsp-

<html>
<head><title>Login Page</title>
</head>
<body>
<form name="loginform" method="post" action="Authentication.jsp">
<br><br>
<table align="center"><tr><td><h2>Login Authentication</h2></td></tr></table>
<table width="300px" align="center" style="border:1px solid #000000;background-color:#efefef;">
<tr><td colspan=2></td></tr>
<tr><td colspan=2>&nbsp;</td></tr>
	<tr>
		<td><b>Login Name</b></td>
		<td><input type="text" name="username" value=""></td>
	</tr>
	<tr>
		<td><b>Password</b></td>
		<td><input type="password" name="password" value=""></td>
	</tr>
       

	<tr>
		<td><label>
		  <select name="role" id="select">
		    <option>User</option>
		    <option>Admin</option>
	      </select>
		  </label></td>
	  <td><input type="submit" name="Submit" value="Submit">
		  </td>
      <!--  <td><td width="100"><b>Name</b></td>
 <td>
 	
</td>
	</tr>
	<tr><td colspan=2>&nbsp;</td></tr>
</table>
</form>
<!--<%String option=request.getParameter("role");
if(option==null){
}
else{
out.println("You have selected: <b>"+option+"</b>"+"<br>");
}
%>-->

</body>
</html>

Authentication.jsp---

<%@ page import="java.sql.*" %>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
   "http://www.w3.org/TR/html4/loose.dtd">
<%
String connectionURL = "jdbc:mysql://localhost:3306/user_tbl?user=,password=";
Connection connection = null;
Statement statement = null;
ResultSet rs = null;
response.setContentType("text/html");
%>

<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>JSP Page</title>
    </head>
    <body>
        <%
        String userName=new String("");
        String password=new String("");
        String role = new String("");
        boolean flag = false;

        Class.forName("com.mysql.jdbc.Driver").newInstance();

        connection = DriverManager.getConnection(connectionURL, "root", "1234");
        statement = connection.createStatement();
        statement.executeQuery("select user_name,password,role from login");
        rs = statement.getResultSet();

        
        String role1[] = request.getParameterValues("role");

        while (rs.next()) {
        userName=rs.getString("user_name");
        password=rs.getString("password");
        role = rs.getString("role");
                          
        if(userName.equals(request.getParameter("username")) && password.equals(request.getParameter("password"))&& role.equals(request.getParameterValues("role")))
            flag = true;
        //session.setAttribute("userName",rs.getString(2));
       
}
       
        if(role1!=null){
        for(int i=0; i<role1.length;i++)
        {
            if(role.equals(request.getParameter("role")))
            out.println("you are:"+role1[i]);
            }
        }
        if(flag==true)
            {
            //out.println("User Authenticated");
           response.sendRedirect("welcome.jsp");
            }
        else{
            //out.println("You are not an authentic person");
            response.sendRedirect("error.jsp");
            }
        
              rs.close ();
        statement.close ();
        %>
    </body>
</html>

java-jsp

Edited 15 Years Ago by peter_budo because: Do not use CODE SNIPPED for asking questions. Use THREAD!

4 Contributors
7 Replies
170 Views
3 Days Discussion Span
Latest Post 15 Years Ago Latest Post by Thirusha

javaAddict 900 Nearly a Senior Poster

15 Years Ago

You forgot to add this:

<option [B]value="user"[/B]>User</option>

I haven't read your code; just stopped reading when I reached that part.
This is a site that helped me a lot to learn html and java script:
w3Schools

Also for "select" use this: request.getParameter("role") It is used whenever you submit One value.
Use the one that returns an array when you expect more than one "value" per "name"

Edited 15 Years Ago by javaAddict because: n/a

javaAddict 900 Nearly a Senior Poster

15 Years Ago

First of all start a new thread with your new code. This kind of thread is only for posting working code as an idea of sharing code for educational purposes.
Start a new thread and don't select code snippet.
Post your new code.

Then we will talk

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

shuchi.vishnoi 0 Newbie Poster · Answer 1 · 2009-10-10T10:33:13+00:00

Thanx a lot.
I did exactly what you have written to do, but still I am facing the same problem.
Now I have used code
role.equals(request.getParameter("role")) , not used request.getParameterValues() in line no.97 and I have removed line no.106. But still have same problem.

peter_budo 2,532 Code tags enforcer Team Colleague Featured Poster · Answer 2 · 2009-10-11T20:13:32+00:00

First of all start a new thread with your new code. This kind of thread is only for posting working code as an idea of sharing code for educational purposes.
Start a new thread and don't select code snippet.
Post your new code.
Then we will talk

No need to start new thread, just report it and I can change format from code snipped to thread as I did now. Nevertheless I know your intention was the best.

javaAddict 900 Nearly a Senior Poster Team Colleague Featured Poster · Answer 3 · 2009-10-12T13:02:35+00:00

No need to start new thread, just report it and I can change format from code snipped to thread as I did now. Nevertheless I know your intention was the best.

I am sorry.

peter_budo 2,532 Code tags enforcer Team Colleague Featured Poster · Answer 4 · 2009-10-12T18:21:46+00:00

I am sorry.

Nothing to be sorry about. You had best intentions to help.

Thirusha 20 Posting Whiz · Answer 5 · 2009-10-12T18:57:32+00:00

I was just wondering why do you compare the username, password and role entered by the user by selecting all the records in the database?
I think it would be easier if you just select the record pertaining to the user that has logged in. So you just select the username, password and role from the database matching the username and password provided by the user, then compare the "roles".