Java 在程序中获取意外输出
以下是代码:Java 在程序中获取意外输出,java,exception,jdbc,Java,Exception,Jdbc,以下是代码: String sql_1 = "select emp_id,password from regid"; ResultSet rs = st.executeQuery(sql_1); while(rs.next()) { if(((employee.equals(rs.getString("emp_id"))) && (password.equals(rs.getString("password"))))==true) {
String sql_1 = "select emp_id,password from regid";
ResultSet rs = st.executeQuery(sql_1);
while(rs.next())
{
if(((employee.equals(rs.getString("emp_id"))) && (password.equals(rs.getString("password"))))==true)
{
// String sql2="update regid set regid='"+Datastore.regIds.add(regId)+"' where emp_id='"+employee+"'";
// st.executeUpdate(sql2);
System.out.println("2> Employee Id : "+employee+" && Password : "+password);
System.out.println("3> This employee "+employee+" exsists in the database and registration-password id will be Updated");
// resp.setStatus(HttpServletResponse.SC_OK);
resp.setContentType("text/html");
PrintWriter out = resp.getWriter();
out.print("<html><body>");
out.print("<head>");
out.print("<title>Policy Page</title>");
out.print("<link rel='icon' href='../images/favicon.png'/>");
out.print("</head>");
String status = (String) req.getAttribute(ATTRIBUTE_STATUS);
if (status != null)
{
out.print("Status :"+status);
}
List<String> devices = Datastore.getDevices();
if (devices.isEmpty())
{
out.print("<h2>No devices registered!</h2>");
}
else
{
out.print("<h2>" + devices.size() + " device(s) registered!</h2>");
out.print("<form name='form' method='POST' action='sendAll'>");
out.print("<input type='text' name='policy'>");
resp.setStatus(HttpServletResponse.SC_OK);
out.print("<input type='submit' value='Apply Policy'>");
out.print("</form>");
// System.out.println(HTTP_STATUS);
System.out.println(HttpServletResponse.SC_OK);
getServletContext().getRequestDispatcher("/home").forward(req, resp);
}
out.print("</body></html>");
resp.setStatus(HttpServletResponse.SC_OK);
}
else {
resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
System.out.println(HttpServletResponse.SC_BAD_REQUEST);
System.out.println("4> This employee "+employee+" does not exsist in the database");
}
}
// rs.close();
}
你知道……为什么会这样吗?之所以会这样,是因为你的算法包括:
2>,3>PreparedStatement stmt = null;
try {
stmt = new PreparedStatement("select * from regis where emp_id=? and password=?");
stmt.setString(1, employee);
stmt.setString(2, password);
ResultSet rs = stmt.executeQuery();
if(rs.next()) {
System.out.println("2> Employee Id : "+employee+" && Password : "+password);
System.out.println("3> This employee "+employee+" exsists in the database and
resp.setContentType("text/html");
PrintWriter out = resp.getWriter();
out.print("<html><body>");
out.print("<head>");
out.print("<title>Policy Page</title>");
out.print("<link rel='icon' href='../images/favicon.png'/>");
out.print("</head>");
String status = (String) req.getAttribute(ATTRIBUTE_STATUS);
if (status != null)
{
out.print("Status :"+status);
}
List<String> devices = Datastore.getDevices();
if (devices.isEmpty())
{
out.print("<h2>No devices registered!</h2>");
}
else
{
out.print("<h2>" + devices.size() + " device(s) registered!</h2>");
out.print("<form name='form' method='POST' action='sendAll'>");
out.print("<input type='text' name='policy'>");
resp.setStatus(HttpServletResponse.SC_OK);
out.print("<input type='submit' value='Apply Policy'>");
out.print("</form>");
// System.out.println(HTTP_STATUS);
System.out.println(HttpServletResponse.SC_OK);
getServletContext().getRequestDispatcher("/home").forward(req, resp);
}
out.print("</body></html>");
resp.setStatus(HttpServletResponse.SC_OK);
}
else {
resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
System.out.println(HttpServletResponse.SC_BAD_REQUEST);
System.out.println("4> This employee "+employee+" does not exsist in the database");
}
}
catch(Exception e) {
e.printStackTrace();
}
finally {
try {
stmt.close();
} catch(Exception x) {}
}
PreparedStatement stmt=null;
试一试{
stmt=新的PreparedStatement(“从regis中选择*,其中emp_id=?和password=?”;
stmt.setString(1名员工);
stmt.setString(2,密码);
ResultSet rs=stmt.executeQuery();
如果(rs.next()){
System.out.println(“2>员工Id:+Employee+”&&Password:+Password);
System.out.println(“3>此员工”+employee+”存在于数据库中,并且
分别为setContentType(“文本/html”);
PrintWriter out=resp.getWriter();
输出。打印(“”);
输出。打印(“”);
打印(“保单页”);
输出。打印(“”);
输出。打印(“”);
字符串状态=(字符串)请求getAttribute(属性_状态);
如果(状态!=null)
{
打印(“状态:+状态”);
}
List devices=Datastore.getDevices();
if(devices.isEmpty())
{
打印(“未注册设备!”);
}
其他的
{
out.print(“+devices.size()+”已注册设备!”);
输出。打印(“”);
输出。打印(“”);
分别设置状态(HttpServletResponse.SC_OK);
输出。打印(“”);
输出。打印(“”);
//System.out.println(HTTP_状态);
System.out.println(HttpServletResponse.SC_OK);
getServletContext().getRequestDispatcher(“/home”).forward(req,resp);
}
输出。打印(“”);
分别设置状态(HttpServletResponse.SC_OK);
}
否则{
resp.setStatus(HttpServletResponse.SC_BAD_请求);
System.out.println(HttpServletResponse.SC\u BAD\u请求);
System.out.println(“4>此员工”+employee+“在数据库中不存在”);
}
}
捕获(例外e){
e、 printStackTrace();
}
最后{
试一试{
stmt.close();
}捕获(异常x){}
}
2>,3>PreparedStatement stmt = null;
try {
stmt = new PreparedStatement("select * from regis where emp_id=? and password=?");
stmt.setString(1, employee);
stmt.setString(2, password);
ResultSet rs = stmt.executeQuery();
if(rs.next()) {
System.out.println("2> Employee Id : "+employee+" && Password : "+password);
System.out.println("3> This employee "+employee+" exsists in the database and
resp.setContentType("text/html");
PrintWriter out = resp.getWriter();
out.print("<html><body>");
out.print("<head>");
out.print("<title>Policy Page</title>");
out.print("<link rel='icon' href='../images/favicon.png'/>");
out.print("</head>");
String status = (String) req.getAttribute(ATTRIBUTE_STATUS);
if (status != null)
{
out.print("Status :"+status);
}
List<String> devices = Datastore.getDevices();
if (devices.isEmpty())
{
out.print("<h2>No devices registered!</h2>");
}
else
{
out.print("<h2>" + devices.size() + " device(s) registered!</h2>");
out.print("<form name='form' method='POST' action='sendAll'>");
out.print("<input type='text' name='policy'>");
resp.setStatus(HttpServletResponse.SC_OK);
out.print("<input type='submit' value='Apply Policy'>");
out.print("</form>");
// System.out.println(HTTP_STATUS);
System.out.println(HttpServletResponse.SC_OK);
getServletContext().getRequestDispatcher("/home").forward(req, resp);
}
out.print("</body></html>");
resp.setStatus(HttpServletResponse.SC_OK);
}
else {
resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
System.out.println(HttpServletResponse.SC_BAD_REQUEST);
System.out.println("4> This employee "+employee+" does not exsist in the database");
}
}
catch(Exception e) {
e.printStackTrace();
}
finally {
try {
stmt.close();
} catch(Exception x) {}
}
PreparedStatement stmt=null;
试一试{
stmt=新的PreparedStatement(“从regis中选择*,其中emp_id=?和password=?”;
stmt.setString(1名员工);
stmt.setString(2,密码);
ResultSet rs=stmt.executeQuery();
如果(rs.next()){
System.out.println(“2>员工Id:+Employee+”&&Password:+Password);
System.out.println(“3>此员工”+employee+”存在于数据库中,并且
分别为setContentType(“文本/html”);
PrintWriter out=resp.getWriter();
输出。打印(“”);
输出。打印(“”);
打印(“保单页”);
输出。打印(“”);
输出。打印(“”);
字符串状态=(字符串)请求getAttribute(属性_状态);
如果(状态!=null)
{
打印(“状态:+状态”);
}
List devices=Datastore.getDevices();
if(devices.isEmpty())
{
打印(“未注册设备!”);
}
其他的
{
out.print(“+devices.size()+”已注册设备!”);
输出。打印(“”);
输出。打印(“”);
分别设置状态(HttpServletResponse.SC_OK);
输出。打印(“”);
输出。打印(“”);
//System.out.println(HTTP_状态);
System.out.println(HttpServletResponse.SC_OK);
getServletContext().getRequestDispatcher(“/home”).forward(req,resp);
}
输出。打印(“”);
分别设置状态(HttpServletResponse.SC_OK);
}
否则{
resp.setStatus(HttpServletResponse.SC_BAD_请求);
System.out.println(HttpServletResponse.SC\u BAD\u请求);
System.out.println(“4>此员工”+employee+“在数据库中不存在”);
}
}
捕获(例外e){
e、 printStackTrace();
}
最后{
试一试{
stmt.close();
}捕获(异常x){}
}
- 如果只查找一个结果,不要向数据库询问所有行!您应该传递查询参数并在数据库中进行筛选。然后,您可以通过查看结果中是否有行来确定是否匹配
- 你的凹痕让你很难看清发生了什么
- 您使用了大量不必要的括号和与
的比较,例如true
不如if(((employee.equals(rs.getString("emp_id"))) && (password.equals(rs.getString("password"))))==true)if(employee.equals(rs.getString("emp_id") && password.equals(rs.getString("password")) - 您似乎正在使用纯文本密码。不要这样做。