如何验证输入的密码是与输入的电子邮件关联的密码?

时间:2014-03-27 02:28:42

标签: java android mysql

嘿我正在尝试验证密码是否与他们输入的密码相匹配,我在网上搜索了几个小时的电子邮件,而我尝试的其他所有内容都不起作用这是我到目前为止所做的:

try {
    Class.forName(driver).newInstance();
    Connection conn = (Connection) DriverManager.getConnection
                      (url + dbName, userName, password);
    PreparedStatement checkUserInfo = (PreparedStatement) conn.prepareStatement
                                      ("SELECT password FROM profiles WHERE email = ?");
    checkUserInfo.setString(1, emailT);  //emailT is email pulled from an editText
    //checkUserInfo.setString(2, pass1);
    //Statement state =  (Statement) conn.createStatement();
    //String querychk = "SELECT * FROM profiles WHERE email = '"+emailT+"'";
    //ResultSet rs = state.executeQuery(querychk);
    ResultSet rs = checkUserInfo.executeQuery();
    while (rs.next()){
        String pass = rs.getString(2);
        if (pass.equals(pass1)) {
            return success;
        }
    }
    conn.close();
}
catch (Exception e) {
    e.printStackTrace();
}

1 个答案:

答案 0 :(得分:0)

只需将SQL查询修改为:

"select * from profiles where email=? and password=?"

了解验证输入字段以防止 SQL注入

为了获取PreparedStatement对象或Connection对象,您不必对其进行外部类型转换,因为它返回的是与分配给它的对象相同的对象。甚至java doc也为PreparedStatement提供了以下声明

PreparedStatement pstmt = con.prepareStatement(Query);