即使我的查询正确,ResultSet#next()也返回false

时间:2015-05-17 19:51:59

标签: java jsp jdbc resultset

我在jsp文件中编写了以下代码。基本上它是什么,它检查是否有任何数据具有特定的银行名称,卡号和密码..检查我使用了一个选择查询。 。查询是正确的但结果集返回false ..我甚至分别检查了查询..它的工作正常..这段代码有什么问题吗?请帮助..我使用netbeans作为我的IDE和Derby数据库..

    String URL="jdbc:derby://localhost:1527/Bank Database";
    try{
        Connection cn=DriverManager.getConnection(URL,"Bank","Bank");
        String qry="SELECT * FROM DATABASE WHERE BANK='"+bname+"' AND CARD_NO='"+cname+"' AND PASWORD='"+pswrd+"'";
        Statement sq=cn.createStatement();
        ResultSet rs=sq.executeQuery(qry);
        if(rs.next()){
            if(rs.getString("PASWORD").equals(pswrd))
            {
                cn.close();
                out.println("<script>function redirect(){ window.location=\"scsfl.html\";} setTimeout('redirect()',3000);</script>");  //redirects to another page   
            }
        }
        else{
            cn.close();
            out.println("<script>function redirect(){ window.location=\"failed.html\";} setTimeout('redirect()',3000);</script>");
        }
    }catch(Exception e){ System.out.print(e);}

3 个答案:

答案 0 :(得分:1)

正如评论中所提到的,您的实际代码显示了许多问题:

  1. 您使用的是Statement而不是PreparedStatement哪个更安全,可以阻止某些黑客像SQL注入一样移动,您可以在JDBC Statement vs PreparedStatement – SQL Injection Example中找到更多信息。
  2. 您正在检查Java代码中的密码,而在SQL查询中已经完成了密码,因此查询检查密码是否正确,它将返回结果,否则结果将为空。
  3. 关闭if..else语句中的连接是非常错误的做法,您最好使用try..catch语句在finally块中处理它将分别关闭resultsetprepared statementconnexion
  4. 我尝试改进您的代码,这就是您应该做的事情:

        Connection con = null;
        String URL="jdbc:derby://localhost:1527/Bank Database";
        PreparedStatement ps = null;
        ResultSet rs = null;
        String qry="SELECT * FROM DATABASE WHERE BANK=? AND CARD_NO=? AND PASWORD=?";
        try {
            con = DriverManager.getConnection(URL,"Bank","Bank");
            ps = con.prepareStatement(qry);
    
            //set the parameter
            ps.setString(1, bname);
            ps.setString(2, cname);
            ps.setString(3, pswrd);
            rs = ps.executeQuery();
    
            if (rs.next()) {
                out.println("<script>function redirect(){ window.location=\"scsfl.html\";} setTimeout('redirect()',3000);</script>");  //redirects to another page 
            } else {
                out.println("<script>function redirect(){ window.location=\"failed.html\";} setTimeout('redirect()',3000);</script>");
            }
        } finally {
            if (rs != null)
                rs.close();
            ps.close();
            con.close();
        }
    

答案 1 :(得分:0)

确保您在正确的数据库中,我几次犯了此错误。 查询正确的错误数据库。

答案 2 :(得分:-1)

通常,关闭Connection应自动关闭与该Connection相关联的任何Statements和ResultSet。

在这段代码中,我已经关闭了rs.next()方法中的连接接口引用。这就是JSP引擎无法将其转换为java文件的原因。它显示错误消息。请找到代码和相应的错误消息。

Jsp代码:

Class.forName("oracle.jdbc.driver.OracleDriver");
   Connection con = DriverManager.getConnection("jdbc:oracle:thin:@localhost:1521:XE", "test", "test");
   
   String username = "Anil3";
   String password = "123";
  
  
   PreparedStatement pst = con.prepareStatement("select * from User_Login where userID='"+ username +"'");
   ResultSet rs = pst.executeQuery();
	while(rs.next())
	{
	  if (password.equals(rs.getString("password"))) 
	   {
		 con.close();
		out.print("inside if loop");
	   }
	  
	  else{
		  
		  con.close();
		  out.print("Inside else loop");
	  }
	}

错误讯息:

org.apache.jasper.JasperException: An exception occurred processing JSP page /test.jsp at line 28

25:   
26:    PreparedStatement pst = con.prepareStatement("select * from User_Login where userID='"+ username +"'");
27:    ResultSet rs = pst.executeQuery();
28: 	while(rs.next())
29: 	{
30: 	  if (password.equals(rs.getString("password"))) 
31: 	   {


Stacktrace:
	org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:568)
	org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:455)
	org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390)
	org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:728)


root cause 

javax.servlet.ServletException: java.sql.SQLException: Closed Connection: next
	org.apache.jasper.runtime.PageContextImpl.doHandlePageException(PageContextImpl.java:912)
	org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:841)
	org.apache.jsp.test_jsp._jspService(test_jsp.java:124)
	org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
	org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:432)
	org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390)
	org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:728)


root cause 

java.sql.SQLException: Closed Connection: next
	oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:112)
	oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:146)
	oracle.jdbc.driver.OracleResultSetImpl.next(OracleResultSetImpl.java:181)
	org.apache.jsp.test_jsp._jspService(test_jsp.java:97)
	org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
	org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:432)
	org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390)
	org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:728)

您不应该在ResultSet中关闭连接。请删除代码中的con.close()语句并尝试它。它会起作用。