Java &引用;参数索引超出范围“;使用登录表单进行身份验证时出错
我正在尝试从用户(Auth类)获取电子邮件和密码,并使用Customer类检查此电子邮件和密码是否存在。我正在使用HTML、Angular.js、Java和SQL。我正在使用JDBC驱动程序。这是我得到的错误:Java &引用;参数索引超出范围“;使用登录表单进行身份验证时出错,java,sql,angularjs,jdbc,Java,Sql,Angularjs,Jdbc,我正在尝试从用户(Auth类)获取电子邮件和密码,并使用Customer类检查此电子邮件和密码是否存在。我正在使用HTML、Angular.js、Java和SQL。我正在使用JDBC驱动程序。这是我得到的错误: java.sql.SQLException: Parameter index out of range (1 > number of parameters, which is 0) if(auth.getEmail().equals(customer.ge
java.sql.SQLException: Parameter index out of range (1 > number of parameters, which is 0)
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
// customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
这是我为CustomerDAO类编写的java代码:
public boolean authenticated(Auth auth) throws AppException {
Connection con = DBUtil.connectToDB();
PreparedStatement ps = null;
PreparedStatement customerPreparedStatement=null;
ResultSet rs=null;
ResultSet newRs=null;
Customer customer=new Customer();
try {
ps=con.prepareStatement("INSERT INTO auth(EMAIL, PASSWORD) VALUES(?,?)", PreparedStatement.RETURN_GENERATED_KEYS);
//if((customer.getEmail().equals(auth.getEmail())) && (customer.getPassword().equals(auth.getPassword())))
ps.setString(1, auth.getEmail());
ps.setString(2, auth.getPassword());
ps.executeUpdate();
//geting generated key
rs= ps.getGeneratedKeys();
customerPreparedStatement=con.prepareStatement("SELECT customer.EMAIL, customer.PASSWORD, auth.EMAIL, auth.PASSWORD FROM customer,auth WHERE customer.EMAIL=auth.email AND customer.PASSWORD=auth.PASSWORD");
newRs=customerPreparedStatement.executeQuery();
customerPreparedStatement.setString(1, customer.getEmail());
customerPreparedStatement.setString(2, customer.getPassword());
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
public boolean authenticated(Auth auth) throws AppException {
Connection con = DBUtil.connectToDB();
PreparedStatement ps = null;
PreparedStatement customerPreparedStatement=null;
ResultSet rs=null;
ResultSet newRs=null;
Customer customer=new Customer();
try {
ps=con.prepareStatement("INSERT INTO auth(EMAIL, PASSWORD) VALUES(?,?)", PreparedStatement.RETURN_GENERATED_KEYS);
//if((customer.getEmail().equals(auth.getEmail())) && (customer.getPassword().equals(auth.getPassword())))
ps.setString(1, auth.getEmail());
ps.setString(2, auth.getPassword());
ps.executeUpdate();
//geting generated key
rs= ps.getGeneratedKeys();
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
// customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
我应该用什么逻辑
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
// customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
我应该做什么更改?customerPreparedStatement没有参数槽(?符号),但您提供了参数
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
// customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
为获取客户而准备的语句没有参数:
customerPreparedStatement=con.prepareStatement("SELECT customer.EMAIL, customer.PASSWORD, auth.EMAIL, auth.PASSWORD FROM customer,auth WHERE customer.EMAIL=auth.email AND customer.PASSWORD=auth.PASSWORD");
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
// customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
然后执行该查询时不带任何参数(全部正常):
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
// customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
错误就在这里:您向查询提供了参数,但它没有用于这些参数的插槽,并且您得到了一个java.sql.SQLException:
customerPreparedStatement.setString(1, customer.getEmail());
customerPreparedStatement.setString(2, customer.getPassword());
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
// customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
您应该保持customerPreparedStatement不变,不要试图提供它未使用的参数。所以,在这种情况下,您可以在执行customerPreparedStatement.setString时删除这两行,因为它们无法工作。问题已解决。感谢ALain O'Dea,只需添加以下行即可:
customerPreparedStatement=con.prepareStatement("SELECT customer.EMAIL, customer.PASSWORD, auth.EMAIL, auth.PASSWORD FROM customer,auth WHERE customer.EMAIL=? AND customer.PASSWORD=?");
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
// customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
但现在我又犯了一个错误。这是我编辑的代码:
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
// customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
客户道等级:
public boolean authenticated(Auth auth) throws AppException {
Connection con = DBUtil.connectToDB();
PreparedStatement ps = null;
PreparedStatement customerPreparedStatement=null;
ResultSet rs=null;
ResultSet newRs=null;
Customer customer=new Customer();
try {
ps=con.prepareStatement("INSERT INTO auth(EMAIL, PASSWORD) VALUES(?,?)", PreparedStatement.RETURN_GENERATED_KEYS);
//if((customer.getEmail().equals(auth.getEmail())) && (customer.getPassword().equals(auth.getPassword())))
ps.setString(1, auth.getEmail());
ps.setString(2, auth.getPassword());
ps.executeUpdate();
//geting generated key
rs= ps.getGeneratedKeys();
customerPreparedStatement=con.prepareStatement("SELECT customer.EMAIL, customer.PASSWORD, auth.EMAIL, auth.PASSWORD FROM customer,auth WHERE customer.EMAIL=auth.email AND customer.PASSWORD=auth.PASSWORD");
newRs=customerPreparedStatement.executeQuery();
customerPreparedStatement.setString(1, customer.getEmail());
customerPreparedStatement.setString(2, customer.getPassword());
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
public boolean authenticated(Auth auth) throws AppException {
Connection con = DBUtil.connectToDB();
PreparedStatement ps = null;
PreparedStatement customerPreparedStatement=null;
ResultSet rs=null;
ResultSet newRs=null;
Customer customer=new Customer();
try {
ps=con.prepareStatement("INSERT INTO auth(EMAIL, PASSWORD) VALUES(?,?)", PreparedStatement.RETURN_GENERATED_KEYS);
//if((customer.getEmail().equals(auth.getEmail())) && (customer.getPassword().equals(auth.getPassword())))
ps.setString(1, auth.getEmail());
ps.setString(2, auth.getPassword());
ps.executeUpdate();
//geting generated key
rs= ps.getGeneratedKeys();
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
// customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
Alain:删除此项:
customerPreparedStatement=con.prepareStatement("SELECT customer.EMAIL, customer.PASSWORD, auth.EMAIL, auth.PASSWORD FROM customer,auth WHERE customer.EMAIL=? AND customer.PASSWORD=?");
customerPreparedStatement=con.prepareStatement("SELECT customer.EMAIL, customer.PASSWORD, auth.EMAIL, auth.PASSWORD FROM customer,auth WHERE customer.EMAIL=auth.EMAIL AND customer.PASSWORD=auth.PASSWORD");
// error is indicating this line
newRs=customerPreparedStatement.executeQuery();
customerPreparedStatement.setString(1, customer.getEmail());
customerPreparedStatement.setString(2, customer.getPassword());
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
// customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
Alain:插入以下内容:
customerPreparedStatement=con.prepareStatement("SELECT customer.EMAIL, customer.PASSWORD, auth.EMAIL, auth.PASSWORD FROM customer,auth WHERE customer.EMAIL=? AND customer.PASSWORD=?");
customerPreparedStatement=con.prepareStatement("SELECT customer.EMAIL, customer.PASSWORD, auth.EMAIL, auth.PASSWORD FROM customer,auth WHERE customer.EMAIL=auth.EMAIL AND customer.PASSWORD=auth.PASSWORD");
// error is indicating this line
newRs=customerPreparedStatement.executeQuery();
customerPreparedStatement.setString(1, customer.getEmail());
customerPreparedStatement.setString(2, customer.getPassword());
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
// customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
Alain:保留这个:
customerPreparedStatement=con.prepareStatement("SELECT customer.EMAIL, customer.PASSWORD, auth.EMAIL, auth.PASSWORD FROM customer,auth WHERE customer.EMAIL=? AND customer.PASSWORD=?");
customerPreparedStatement=con.prepareStatement("SELECT customer.EMAIL, customer.PASSWORD, auth.EMAIL, auth.PASSWORD FROM customer,auth WHERE customer.EMAIL=auth.EMAIL AND customer.PASSWORD=auth.PASSWORD");
// error is indicating this line
newRs=customerPreparedStatement.executeQuery();
customerPreparedStatement.setString(1, customer.getEmail());
customerPreparedStatement.setString(2, customer.getPassword());
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
// customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
Alain:并删除以下行:
customerPreparedStatement=con.prepareStatement("SELECT customer.EMAIL, customer.PASSWORD, auth.EMAIL, auth.PASSWORD FROM customer,auth WHERE customer.EMAIL=? AND customer.PASSWORD=?");
customerPreparedStatement=con.prepareStatement("SELECT customer.EMAIL, customer.PASSWORD, auth.EMAIL, auth.PASSWORD FROM customer,auth WHERE customer.EMAIL=auth.EMAIL AND customer.PASSWORD=auth.PASSWORD");
// error is indicating this line
newRs=customerPreparedStatement.executeQuery();
customerPreparedStatement.setString(1, customer.getEmail());
customerPreparedStatement.setString(2, customer.getPassword());
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
// customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
Alain:剩下的留着:
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
// customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
CustomerController类:
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
// customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
@POST
@Path("/login")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public AppResponse login(Auth auth, @Context HttpServletRequest request){
AppResponse resp = new AppResponse();
// generating the common msg for successful/ unsuccessful connection
//if successful show list
CustomerDAO customerDAO=new CustomerDAO();
boolean isAuthenticated;
try {
//error is indicating this line
isAuthenticated = customerDAO.authenticated(auth);
//creating session
HttpSession session=request.getSession(true);
session.setAttribute("USER", auth);
if(isAuthenticated){
resp.setMessage("Login is successfull");
}else{
resp.setMessage("Login is failed");
resp.setStatus(AppResponse.ERROR);
}
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
// resp.setPayload(auth);
//customerDAO.getAll();
return resp;
}
这是新的错误是:
if(auth.getEmail().equals(customer.getEmail()) && auth.getPassword().equals(customer.getPassword())){
// if(customerPreparedStatement){
while(rs.next()){
// customer.setId(rs.getInt("ID"));
auth.setEmail(rs.getString("email"));
auth.setPassword(rs.getString("password"));
// System.out.print());
}
return true;
}else {
System.out.print("user doesn't exist");
return false;
}
} catch (SQLException e) {
e.printStackTrace();
throw new AppException("Error in authentication", e.getCause());
}finally{
DBUtil.closeResources(ps, rs, con);
}
}
java.sql.SQLException: No value specified for parameter 1
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:998)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:937)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:926)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:872)
at com.mysql.jdbc.PreparedStatement.checkAllParametersSet(PreparedStatement.java:2253)
at com.mysql.jdbc.PreparedStatement.fillSendPacket(PreparedStatement.java:2233)
at com.mysql.jdbc.PreparedStatement.fillSendPacket(PreparedStatement.java:2163)
at com.mysql.jdbc.PreparedStatement.executeQuery(PreparedStatement.java:1976)
at restaurant.my.dao.CustomerDAO.authenticated(CustomerDAO.java:161)
at restaurant.my.rest.CustomerController.login(CustomerController.java:130)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
阅读错误消息。您认为它可能想告诉您什么?传递的参数数为0。但是为什么呢?我在这里传递参数、电子邮件和密码。不,它不是这么说的。它表示您试图将参数传递到不期望的内容中。@user3443889检查我的答案。我怀疑我已经发现了这个问题。感谢您的回答,但现在我又遇到了另一个错误:java.sql.SQLException:没有为参数指定值1@user3443889堆栈跟踪提到的是哪一行。代码行,因为我没有与行号匹配的文件。@user3443889将此代码重构为多个方法(当然每个准备好的语句一个方法)将真正帮助您隔离问题。您使用的IDE允许您单击堆栈跟踪以访问源代码吗?我想这就是我遇到的问题:customerPreparedStatement.setString(1,customer.getEmail());客户没有得到电子邮件的价值。我必须从auth获得它,并将其与客户进行比较。我在下面给出了我编辑的代码。我不能问新问题,这就是为什么。现在让我们解决下面的问题:)检查我上面的注释。我认为这些步骤会让你克服这个问题。如果你有新问题,请点击按钮提问。如果此问题有助于提供上下文,请包含指向此问题的链接。-@PaulHicks大体上是正确的,完全符合我的建议。OP被阻止提出新问题,可能是因为代表率低。非常感谢您提供此解决方案。我现在没有得到错误,但逻辑上它有一些问题。结果现在显示客户不在数据库中。我认为逻辑不在if语句中。