在程序中获得意外的输出

时间:2012-09-27 13:37:36

标签: java exception jdbc

这是代码:

 String sql_1 = "select emp_id,password from regid";
    ResultSet rs = st.executeQuery(sql_1);

    while(rs.next())
    {

    if(((employee.equals(rs.getString("emp_id"))) && (password.equals(rs.getString("password"))))==true)
    {

//      String sql2="update regid set regid='"+Datastore.regIds.add(regId)+"' where emp_id='"+employee+"'";
//      st.executeUpdate(sql2);
        System.out.println("2> Employee Id : "+employee+" && Password : "+password);
        System.out.println("3> This employee "+employee+" exsists in the database and registration-password id will be Updated");

    //  resp.setStatus(HttpServletResponse.SC_OK);
        resp.setContentType("text/html");
        PrintWriter out = resp.getWriter();
        out.print("<html><body>");
        out.print("<head>");
        out.print("<title>Policy Page</title>");
        out.print("<link rel='icon' href='../images/favicon.png'/>");
        out.print("</head>");
        String status = (String) req.getAttribute(ATTRIBUTE_STATUS);
        if (status != null)
        {
          out.print("Status :"+status);
        }
        List<String> devices = Datastore.getDevices();
        if (devices.isEmpty())
        {
          out.print("<h2>No  devices registered!</h2>");
        } 
        else
        {

         out.print("<h2>" + devices.size() + " device(s) registered!</h2>");
         out.print("<form name='form' method='POST' action='sendAll'>");
         out.print("<input type='text' name='policy'>");
         resp.setStatus(HttpServletResponse.SC_OK);
         out.print("<input type='submit' value='Apply Policy'>");
         out.print("</form>");
//       System.out.println(HTTP_STATUS);
         System.out.println(HttpServletResponse.SC_OK);
         getServletContext().getRequestDispatcher("/home").forward(req, resp);

        }
        out.print("</body></html>");
        resp.setStatus(HttpServletResponse.SC_OK);

    }

    else {
        resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
        System.out.println(HttpServletResponse.SC_BAD_REQUEST);
        System.out.println("4> This employee "+employee+" does not exsist in the database");            
    }

    }

//    rs.close();
    }

但是我得到了输出,但我正在使用正确的emp_id&amp;密码(仍然显示4&gt; + java.lang.illegalstateexception(不知道为什么?? :()):

1> Employee : P1 && Password : ppp
400
4> This employee P1 does not exsist in the database
2> Employee Id : P1 && Password : ppp
3> This employee P1 exsists in the database and registration-password id will be Updated
400
4> This employee P1 does not exsist in the database

任何想法......为什么会这样?

2 个答案:

答案 0 :(得分:2)

这是因为你的算法包括:

  1. 遍历所有员工
  2. 如果员工匹配ID /密码,请打印2&gt;,否则打印4&gt;

    3. 因此,对于匹配的那个输出,您将有一个2>, 3>输出,而其他所有输出都会给出错误400.

    相反,您可以遍历所有员工(尽管最好为SQL添加标准以缩小密码和员工ID的结果集),除非您已经用尽了所有的内容,否则不要输出错误结果并没有找到匹配的。

    PreparedStatement stmt = null;
try {
    stmt = new PreparedStatement("select * from regis where emp_id=? and password=?");
    stmt.setString(1, employee);
    stmt.setString(2, password);

    ResultSet rs = stmt.executeQuery();
    if(rs.next()) {
        System.out.println("2> Employee Id : "+employee+" && Password : "+password);
        System.out.println("3> This employee "+employee+" exsists in the database and                        
        resp.setContentType("text/html");
        PrintWriter out = resp.getWriter();
        out.print("<html><body>");
        out.print("<head>");
        out.print("<title>Policy Page</title>");
        out.print("<link rel='icon' href='../images/favicon.png'/>");
        out.print("</head>");
        String status = (String) req.getAttribute(ATTRIBUTE_STATUS);
        if (status != null)
        {
          out.print("Status :"+status);
        }
        List<String> devices = Datastore.getDevices();
        if (devices.isEmpty())
        {
          out.print("<h2>No  devices registered!</h2>");
        } 
        else
        {

         out.print("<h2>" + devices.size() + " device(s) registered!</h2>");
         out.print("<form name='form' method='POST' action='sendAll'>");
         out.print("<input type='text' name='policy'>");
         resp.setStatus(HttpServletResponse.SC_OK);
         out.print("<input type='submit' value='Apply Policy'>");
         out.print("</form>");
//       System.out.println(HTTP_STATUS);
         System.out.println(HttpServletResponse.SC_OK);
         getServletContext().getRequestDispatcher("/home").forward(req, resp);

        }
        out.print("</body></html>");
        resp.setStatus(HttpServletResponse.SC_OK);

    }

    else {
        resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
        System.out.println(HttpServletResponse.SC_BAD_REQUEST);
        System.out.println("4> This employee "+employee+" does not exsist in the database");            
    }
}
catch(Exception e) {
    e.printStackTrace();
}
finally {
    try {
        stmt.close();
    } catch(Exception x) {}
}

答案 1 :(得分:2)

你的缩进对你没有帮助。您正在遍历所有员工,并比较每个员工的用户名和密码 - 所以有时您会得到一个匹配,有时您不会。

此代码存在多个问题:

  • 如果您只查找一个结果,请不要向数据库询问所有行!您应该传递查询参数并在数据库中进行过滤。然后,您可以通过查看结果中是否有任何行来确定您是否有匹配。
  • 你的缩进很难看出发生了什么

  • 您正在使用大量不必要的括号并与true进行比较,例如

    if(((employee.equals(rs.getString("emp_id"))) && (password.equals(rs.getString("password"))))==true)

    会更好

    if(employee.equals(rs.getString("emp_id") && 
   password.equals(rs.getString("password"))

  • 您似乎使用纯文本密码。 不要这样做。

相关问题
最新问题