SQLException:用数据库用户进行Jsp登录验证?

时间:2015-12-15 17:00:52

标签: java mysql sql-server jsp sqlexception

我正在尝试使用JSP创建一个Login表单。我可以成功地将用户添加到数据库表中,但在尝试验证存储在数据库中的用户时,我得到SQLException

Servlet.java:

//Registration
    if(action.equalsIgnoreCase("Register")){

        nme = request.getParameter("username");
        pwd = request.getParameter("password");

        System.out.println("Values From Submmited JSP page:");
        System.out.println("Name = "+nme+"\nPassword = "+pwd);

        Mymodel m1 = new Mymodel();
        m1.setName(nme);
        m1.setPassword(pwd);

        int s = MyService.insertToModel(m1);
        System.out.println("service return"+ s);
        if(s > 0){
            response.sendRedirect("Welcome.jsp");}
        else{
            response.sendRedirect("index.jsp");}
    }//End of Registration




    //Login
        if(action.equalsIgnoreCase("login")){
        nme = request.getParameter("username");
        pwd = request.getParameter("password");

        System.out.println("Values From Submmited JSP page:");
        System.out.println("Name = "+nme+"\nPassword = "+pwd);

        Mymodel m = new Mymodel();
        m.setName(nme);
        m.setPassword(pwd);         

        boolean s = MyService.authenticateLogin(m);
        if(s){
            response.sendRedirect("welcome.jsp");           
        }else{
            response.sendRedirect("Loginfailure.jsp");
        }
        //End of login

service.java:

public static boolean authenticateLogin(Mymodel m){

    try{
        PreparedStatement ps = con.prepareStatement("SELECT Uname,Password FROM user WHERE Uname ='?' AND Password ='?'");
        ps.setString(1, m.getName());
        ps.setString(2, m.getPassword());
        ps.executeQuery();
        return true;

    }catch( Exception e ){
        System.out.println("Unable to select values from the table");
        e.printStackTrace();
        return false;
    }

Eclipse控制台输出:

Connection : com.mysql.jdbc.Connection@6aa5a8d0

成功连接到数据库 无法从表中选择值

java.sql.SQLException: Parameter index out of range (1 > number of parameters, which is 0).
    at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:910)
    at com.mysql.jdbc.PreparedStatement.setInternal(PreparedStatement.java:2715)
    at com.mysql.jdbc.PreparedStatement.setString(PreparedStatement.java:3546)
    at Service.MyService.authenticateLogin(MyService.java:35)
    at MyServlet.MyServlet.doPost(MyServlet.java:68)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:217)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
    at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.lang.Thread.run(Unknown Source)

代码有什么问题,是否有更好的方法为我正在构建的应用程序编写代码?

2 个答案:

答案 0 :(得分:0)

 PreparedStatement ps = con.prepareStatement("SELECT Uname,Password FROM user WHERE Uname ='?' AND Password ='?'");

从上面的代码中删除占位符中的引号,您可以成功连接并能够登录页面 例如

 PreparedStatement ps = con.prepareStatement("SELECT Uname,Password FROM user WHERE Uname =? AND Password =?");

答案 1 :(得分:0)

在查询中删除问号内的撇号:

PreparedStatement ps = con.prepareStatement("SELECT Uname, Password FROM user WHERE Uname = ? AND Password = ?");

对于PreparedStatement类,示例查询也在javadoc中。

相关问题
最新问题