我正在尝试使用MySQL验证用户名和密码。但它不起作用。我找不到问题。有人可以帮我解决吗?
private void jButton2ActionPerformed(java.awt.event.ActionEvent evt) {
String user = jTextField1.getText();
char[] pass = jPasswordField1.getPassword();
try
{
Class.forName("com.mysql.jdbc.Driver");
con = DriverManager.getConnection("jdbc:mysql://localhost:3306/JEREN","root","");
Statement stat = con.createStatement();
String sql = "Select * from tbl_User Where username='" + user + "' and password='"+pass+"'";
rs = stat.executeQuery(sql);
while (rs.next())
{
if (user.equals(rs.getString("username")))
{
if (pass.equals(rs.getString("password")))
{
JOptionPane.showMessageDialog(null,"Login Successfully");
main.getWindows();
}
else
{
JOptionPane.showMessageDialog(null,"Incorrect Password");
}
else
{
JOptionPane.showMessageDialog(null,"Incorrect Login");
}
}
stat.close();
con.close();
}
catch (SQLException | HeadlessException e)
{
//e.printStackTrace();
JOptionPane.showMessageDialog(null,"PROBLEM OCCURED !!!! ");
}
catch (ClassNotFoundException ex) {
Logger.getLogger(Users.class.getName()).log(Level.SEVERE, null, ex);
}
// TODO add your handling code here:
}
实际上我认为它不是用数据库中的用户名和密码来检查企业。我是对的吗?
答案 0 :(得分:1)
首先,按username选择,然后哈希用户输入的密码,检查它是否与数据库中的哈希密码匹配。我建议像SHA-2
我还建议您编写处理代码的类,即User类。
您也忘了关闭ResultSet
还有一件事,请使用PreparedStatement
答案 1 :(得分:1)
您正在检查密码和用户名匹配2次。
String sql = "Select * from tbl_User Where username='" + user + "' and password='"+pass+"'";
在那里你已经检查了密码和用户,首先你要检查密码是否未存储为MD5或任何其他哈希类型
在那个sql之后你只需要检查它是否返回像@Prabhakaran所说的任何行
答案 2 :(得分:0)
这样做
Statement stat = con.createStatement();
user = user.toLowerCase();
pass = pass.toLowerCase();
String sql = "Select * from tbl_User Where LOWER(username)='" + user + "' and LOWER(password)='"+pass+"'";
rs = stat.executeQuery(sql);
if(rs.next())
{
JOptionPane.showMessageDialog(null,"Login Successfully");
main.getWindows();
}
else
{
JOptionPane.showMessageDialog(null,"Incorrect Login");
}
答案 3 :(得分:0)
检查写入的代码是否连接到数据库,密码不在下面的代码中
con = DriverManager.getConnection("jdbc:mysql://localhost:3306/JEREN","root","");
其次是检查用户,并且传递变量是从动作事件中获取值。
答案 4 :(得分:0)
第一件事。
代码将仅用于验证错误。因此,您必须粘贴程序触发的错误。
由于我们没有足够的信息来解决问题,因此我将尽力帮助您。
1-似乎您的连接变量缺少“连接”,请尝试以下操作:
Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/"DATABASENAME"?useTimezone=true&serverTimezone=UTC","USERNAME","PASSWORD");
2-您已经在开始时对查询进行了if语句,因此您不必从头开始,只需键入:
if (rs.next()) {
}然后进行例外部分
else
{
JOptionPane.showMessageDialog(null,"Incorrect Password");
}
这是代码:
try
{
Class.forName("com.mysql.jdbc.Driver");
Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/JEREN","root","");
Statement stat = con.createStatement();
String sql = "Select * from tbl_User Where username='" + user + "' and password='"+pass+"'";
rs = stat.executeQuery(sql);
if (rs.next())
{
JOptionPane.showMessageDialog(null,"Login Successfully");
main.getWindows();
}
else
{
JOptionPane.showMessageDialog(null,"Incorrect Password");
}
else
{
JOptionPane.showMessageDialog(null,"Incorrect Login");
}
stat.close();
con.close();
}
catch (SQLException | HeadlessException e)
{
//e.printStackTrace();
JOptionPane.showMessageDialog(null,"PROBLEM OCCURED !!!! ");
}
catch (ClassNotFoundException ex) {
Logger.getLogger(Users.class.getName()).log(Level.SEVERE, null, ex);
}
// TODO在这里添加您的处理代码: }`