嘿我正在尝试验证密码是否与他们输入的密码相匹配,我在网上搜索了几个小时的电子邮件,而我尝试的其他所有内容都不起作用这是我到目前为止所做的:
try {
Class.forName(driver).newInstance();
Connection conn = (Connection) DriverManager.getConnection
(url + dbName, userName, password);
PreparedStatement checkUserInfo = (PreparedStatement) conn.prepareStatement
("SELECT password FROM profiles WHERE email = ?");
checkUserInfo.setString(1, emailT); //emailT is email pulled from an editText
//checkUserInfo.setString(2, pass1);
//Statement state = (Statement) conn.createStatement();
//String querychk = "SELECT * FROM profiles WHERE email = '"+emailT+"'";
//ResultSet rs = state.executeQuery(querychk);
ResultSet rs = checkUserInfo.executeQuery();
while (rs.next()){
String pass = rs.getString(2);
if (pass.equals(pass1)) {
return success;
}
}
conn.close();
}
catch (Exception e) {
e.printStackTrace();
}
答案 0 :(得分:0)
只需将SQL查询修改为:
"select * from profiles where email=? and password=?"
了解验证输入字段以防止 SQL注入
为了获取PreparedStatement对象或Connection对象,您不必对其进行外部类型转换,因为它返回的是与分配给它的对象相同的对象。甚至java doc也为PreparedStatement提供了以下声明
PreparedStatement pstmt = con.prepareStatement(Query);