Fatal编程技术网
  • java/
  • Java 按结果集从数据库中获取所需的用户和密码

Java 按结果集从数据库中获取所需的用户和密码

java sql

Java 按结果集从数据库中获取所需的用户和密码,java,sql,sql-injection,resultset,Java,Sql,Sql Injection,Resultset,1-我们通过以下方式调用require用户及其密码: String user=usertx.getText(); char[] password=pswdtx.getPassword(); String pswd=String.valueOf(password); \\here is important to put a char password in string. 此代码将仅获取所选用户的行及其行上的信息,并将其设置为(rs) 2-rs.next()的代码: 以下是全

1-我们通过以下方式调用require用户及其密码:

String user=usertx.getText();
    char[] password=pswdtx.getPassword();
    String pswd=String.valueOf(password);   \\here is important to put a char password in string.
此代码将仅获取所选用户的行及其行上的信息,并将其设置为(rs)

2-rs.next()的代码:

以下是全部代码:

while(rs.next()){
     rsuser=rs.getString("NAME");      //get user and set it in rsuser.
     rspswd=rs.getString("PASSWORD");} //get password and set it in rspswd.

if ((user.equals(rsuser)) && (pswd.equals(rspswd))){  //the equevlant statement.
        JOptionPane.showMessageDialog(null, "Username and Password exist");}
        else {
            JOptionPane.showMessageDialog(null, "Please Check Username and Password ");}
        }
我衷心祝愿。

此代码很有可能受到SQL injection.thanx for atention@mikecatw的影响。您的问题是什么?这不是问题,而是问答。请将您的文章分成问题和答案,以分享您的知识。 
while(rs.next()){
     rsuser=rs.getString("NAME");      //get user and set it in rsuser.
     rspswd=rs.getString("PASSWORD");} //get password and set it in rspswd.

if ((user.equals(rsuser)) && (pswd.equals(rspswd))){  //the equevlant statement.
        JOptionPane.showMessageDialog(null, "Username and Password exist");}
        else {
            JOptionPane.showMessageDialog(null, "Please Check Username and Password ");}
        }

private void submitActionPerformed(java.awt.event.ActionEvent evt) {                                       
    try {
        String user=usertx.getText();
        char[] password=pswdtx.getPassword();
        String pswd=String.valueOf(password);

        String rsuser=null;
        String rspswd=null;
        String Q="SELECT * FROM USERS WHERE NAME='"+user+"' AND PASSWORD='"+pswd+"'";
        rs=stmt.executeQuery(Q);

        while(rs.next()){
        rsuser=rs.getString("NAME");
        rspswd=rs.getString("PASSWORD");}
        if ((user.equals(rsuser)) && (pswd.equals(rspswd))){
        JOptionPane.showMessageDialog(null, "Username and Password exist");}
        else {
            JOptionPane.showMessageDialog(null, "Please Check Username and Password ");}
        } 
    catch (SQLException ex) {ex.printStackTrace();}`

}