没有数据发现Java异常

时间:2012-04-17 19:22:15

标签: java sql ms-access netbeans

我是Java的新手,正在从事一个项目。我试图使用Netbeans从MS Access检索数据。这一切都很好,直到重新安装我的操作系统。现在我运行代码我得到了这个错误。非常感谢您的帮助和建议

java.sql.SQLException: No data found
    at sun.jdbc.odbc.JdbcOdbc.standardError(JdbcOdbc.java:7138)
    at sun.jdbc.odbc.JdbcOdbc.SQLDriverConnect(JdbcOdbc.java:3073)
    at sun.jdbc.odbc.JdbcOdbcConnection.initialize(JdbcOdbcConnection.java:323)
    at sun.jdbc.odbc.JdbcOdbcDriver.connect(JdbcOdbcDriver.java:174)
    at java.sql.DriverManager.getConnection(DriverManager.java:582)
    at java.sql.DriverManager.getConnection(DriverManager.java:185)
    at connect.ConnectDB(connect.java:24)
    at StaffLogin.formWindowOpened(StaffLogin.java:125)
    at StaffLogin.access$000(StaffLogin.java:13)
    at StaffLogin$1.windowOpened(StaffLogin.java:47)
    at java.awt.Window.processWindowEvent(Window.java:1859)
    at javax.swing.JFrame.processWindowEvent(JFrame.java:279)
    at java.awt.Window.processEvent(Window.java:1820)
    at java.awt.Component.dispatchEventImpl(Component.java:4630)
    at java.awt.Container.dispatchEventImpl(Container.java:2099)
    at java.awt.Window.dispatchEventImpl(Window.java:2475)
    at java.awt.Component.dispatchEvent(Component.java:4460)
    at java.awt.EventQueue.dispatchEvent(EventQueue.java:599)
    at  java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:269)
    at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:184)
    at  java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:174)
    at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:169)
    at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:161)
    at java.awt.EventDispatchThread.run(EventDispatchThread.java:122)

这是代码,我省略了'生成代码'和'外观'。如果需要,请告诉我。感谢。

import java.sql.*;
import javax.swing.*;

public class StaffLogin extends javax.swing.JFrame {

Connection conn = null;
ResultSet rs = null;
PreparedStatement pst = null;

/**
 * Creates new form StaffLogin
 */
public StaffLogin() {
    initComponents();
}
   private void formWindowOpened(java.awt.event.WindowEvent evt)  {                                  
    // TODO add your handling code here:
    conn = connect.ConnectDB();
}                                 

private void cmdloginMouseClicked(java.awt.event.MouseEvent evt)  {                                      
    // TODO add your handling code here:
    conn = connect.ConnectDB();
   String u = txtusername.getText();
   String p = txtpassword.getText();

    String sql = "SELECT * FROM Staff_Table WHERE Firstname='" + u+"' and Password='"+ p+"'";
    try{
        pst = conn.prepareStatement(sql);
        rs = pst.executeQuery();
        if (rs.next()){
            JOptionPane.showMessageDialog(null,"Correct Password");
            Interface i = new Interface();
            i.setVisible(true);

        }
        else
            JOptionPane.showMessageDialog(null,"Invalid Username or Password");
    }
    catch(Exception e){
        JOptionPane.showMessageDialog(null, e);
    }
}                                     

/**
 * @param args the command line arguments
 */
public static void main(String args[]) {
java.awt.EventQueue.invokeLater(new Runnable() {

        public void run() {
            new StaffLogin().setVisible(true);
        }
    });
}
// Variables declaration - do not modify                     
private javax.swing.JButton cmdlogin;
private javax.swing.JLabel jLabel1;
private javax.swing.JLabel jLabel2;
private javax.swing.JPanel jPanel1;
private javax.swing.JPasswordField txtpassword;
private javax.swing.JTextField txtusername;
// End of variables declaration                   

}

3 个答案:

答案 0 :(得分:5)

当您尝试多次读取列的值时,通常会发生这种情况。例如,这可能会抛出“未找到数据”:

ResultSet rs = statement.executeQuery(sql);
while (rs.next()) {
    if ("value1".equals(rs.getString("mycolumn")) || "value2".equals(rs.getString("mycolumn"))) {

这种方式很好用:

ResultSet rs = statement.executeQuery(sql);
while (rs.next()) {
    String value = rs.getString("mycolumn");
    if ("value1".equals(value) || "value2".equals(value)) {

答案 1 :(得分:2)

这不是你问题的核心,但这一行

String sql = "SELECT * FROM Staff_Table WHERE Firstname='" + u+"' and Password='"+ p+"'";

是一个主要的安全漏洞。即使你是"使用" PreparedStatement s,因为你是" text"使用参数传递值构建字符串,您正在设置SQL注入攻击。

取而代之的是

String sql = "SELECT * FROM Staff_Table WHERE Firstname=? and Password=?"
try{
    pst = conn.prepareStatement(sql);
    pst.setString(1, u);
    pst.setString(2, p);
    rs = pst.executeQuery();
    if (rs.next()){
        JOptionPane.showMessageDialog(null,"Correct Password");
        Interface i = new Interface();
        i.setVisible(true);

    }
    else
        JOptionPane.showMessageDialog(null,"Invalid Username or Password");
}
catch(Exception e){
    JOptionPane.showMessageDialog(null, e);
}

这样,使用"Robert'; DROP TABLE Staff_Table; --"等名称或密码的用户将来不会成为噩梦。

如果你不明白为什么这是一个问题,请考虑上面的情况......罗伯特......"用户存在。

String u = "Robert'; DROP TABLE Staff_Table; --";
String p = "haha";
String sql = "SELECT * FROM Staff_Table WHERE Firstname='" + u+"' and Password='"+ p+"'";

成为

String sql = "SELECT * FROM Staff_Table WHERE Firstname='" 
  + "Robert'; DROP TABLE Staff_Table; --" 
  + "' and Password='"+ p+"'";

或只是

String sql = "SELECT * FROM Staff_Table WHERE Firstname='Robert'; DROP TABLE Staff_Table; --' and Password='haha';

作为复合SQL语句执行,由三个SQL语句组成

SELECT * FROM Staff_Table WHERE Firstname='Robert';
DROP TABLE Staff_Table;
--' and Password='haha';

(注意最后一行是SQL注释,因为它以--开头)。

答案 2 :(得分:0)

我最好的猜测是,其他人在您的旧计算机上创建了ODBC数据源,而您尚未在新计算机上创建它。

转到此处:

控制面板 - >系统&安全 - >管理工具 - >数据源(ODBC)