我是Java的新手,正在从事一个项目。我试图使用Netbeans从MS Access检索数据。这一切都很好,直到重新安装我的操作系统。现在我运行代码我得到了这个错误。非常感谢您的帮助和建议
java.sql.SQLException: No data found
at sun.jdbc.odbc.JdbcOdbc.standardError(JdbcOdbc.java:7138)
at sun.jdbc.odbc.JdbcOdbc.SQLDriverConnect(JdbcOdbc.java:3073)
at sun.jdbc.odbc.JdbcOdbcConnection.initialize(JdbcOdbcConnection.java:323)
at sun.jdbc.odbc.JdbcOdbcDriver.connect(JdbcOdbcDriver.java:174)
at java.sql.DriverManager.getConnection(DriverManager.java:582)
at java.sql.DriverManager.getConnection(DriverManager.java:185)
at connect.ConnectDB(connect.java:24)
at StaffLogin.formWindowOpened(StaffLogin.java:125)
at StaffLogin.access$000(StaffLogin.java:13)
at StaffLogin$1.windowOpened(StaffLogin.java:47)
at java.awt.Window.processWindowEvent(Window.java:1859)
at javax.swing.JFrame.processWindowEvent(JFrame.java:279)
at java.awt.Window.processEvent(Window.java:1820)
at java.awt.Component.dispatchEventImpl(Component.java:4630)
at java.awt.Container.dispatchEventImpl(Container.java:2099)
at java.awt.Window.dispatchEventImpl(Window.java:2475)
at java.awt.Component.dispatchEvent(Component.java:4460)
at java.awt.EventQueue.dispatchEvent(EventQueue.java:599)
at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:269)
at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:184)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:174)
at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:169)
at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:161)
at java.awt.EventDispatchThread.run(EventDispatchThread.java:122)
这是代码,我省略了'生成代码'和'外观'。如果需要,请告诉我。感谢。
import java.sql.*;
import javax.swing.*;
public class StaffLogin extends javax.swing.JFrame {
Connection conn = null;
ResultSet rs = null;
PreparedStatement pst = null;
/**
* Creates new form StaffLogin
*/
public StaffLogin() {
initComponents();
}
private void formWindowOpened(java.awt.event.WindowEvent evt) {
// TODO add your handling code here:
conn = connect.ConnectDB();
}
private void cmdloginMouseClicked(java.awt.event.MouseEvent evt) {
// TODO add your handling code here:
conn = connect.ConnectDB();
String u = txtusername.getText();
String p = txtpassword.getText();
String sql = "SELECT * FROM Staff_Table WHERE Firstname='" + u+"' and Password='"+ p+"'";
try{
pst = conn.prepareStatement(sql);
rs = pst.executeQuery();
if (rs.next()){
JOptionPane.showMessageDialog(null,"Correct Password");
Interface i = new Interface();
i.setVisible(true);
}
else
JOptionPane.showMessageDialog(null,"Invalid Username or Password");
}
catch(Exception e){
JOptionPane.showMessageDialog(null, e);
}
}
/**
* @param args the command line arguments
*/
public static void main(String args[]) {
java.awt.EventQueue.invokeLater(new Runnable() {
public void run() {
new StaffLogin().setVisible(true);
}
});
}
// Variables declaration - do not modify
private javax.swing.JButton cmdlogin;
private javax.swing.JLabel jLabel1;
private javax.swing.JLabel jLabel2;
private javax.swing.JPanel jPanel1;
private javax.swing.JPasswordField txtpassword;
private javax.swing.JTextField txtusername;
// End of variables declaration
}
答案 0 :(得分:5)
当您尝试多次读取列的值时,通常会发生这种情况。例如,这可能会抛出“未找到数据”:
ResultSet rs = statement.executeQuery(sql);
while (rs.next()) {
if ("value1".equals(rs.getString("mycolumn")) || "value2".equals(rs.getString("mycolumn"))) {
这种方式很好用:
ResultSet rs = statement.executeQuery(sql);
while (rs.next()) {
String value = rs.getString("mycolumn");
if ("value1".equals(value) || "value2".equals(value)) {
答案 1 :(得分:2)
这不是你问题的核心,但这一行
String sql = "SELECT * FROM Staff_Table WHERE Firstname='" + u+"' and Password='"+ p+"'";
是一个主要的安全漏洞。即使你是"使用" PreparedStatement
s,因为你是" text"使用参数传递值构建字符串,您正在设置SQL注入攻击。
取而代之的是
String sql = "SELECT * FROM Staff_Table WHERE Firstname=? and Password=?"
try{
pst = conn.prepareStatement(sql);
pst.setString(1, u);
pst.setString(2, p);
rs = pst.executeQuery();
if (rs.next()){
JOptionPane.showMessageDialog(null,"Correct Password");
Interface i = new Interface();
i.setVisible(true);
}
else
JOptionPane.showMessageDialog(null,"Invalid Username or Password");
}
catch(Exception e){
JOptionPane.showMessageDialog(null, e);
}
这样,使用"Robert'; DROP TABLE Staff_Table; --"等名称或密码的用户将来不会成为噩梦。
如果你不明白为什么这是一个问题,请考虑上面的情况......罗伯特......"用户存在。
String u = "Robert'; DROP TABLE Staff_Table; --";
String p = "haha";
String sql = "SELECT * FROM Staff_Table WHERE Firstname='" + u+"' and Password='"+ p+"'";
成为
String sql = "SELECT * FROM Staff_Table WHERE Firstname='"
+ "Robert'; DROP TABLE Staff_Table; --"
+ "' and Password='"+ p+"'";
或只是
String sql = "SELECT * FROM Staff_Table WHERE Firstname='Robert'; DROP TABLE Staff_Table; --' and Password='haha';
作为复合SQL语句执行,由三个SQL语句组成
SELECT * FROM Staff_Table WHERE Firstname='Robert';
DROP TABLE Staff_Table;
--' and Password='haha';
(注意最后一行是SQL注释,因为它以--
开头)。
答案 2 :(得分:0)
我最好的猜测是,其他人在您的旧计算机上创建了ODBC数据源,而您尚未在新计算机上创建它。
转到此处:
控制面板 - >系统&安全 - >管理工具 - >数据源(ODBC)