问题
//dopost methode
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String password = null;
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
String parm;
parm=request.getParameter("user_name");
String User_name=parm;
parm=request.getParameter("National");
int National_ID=Integer.parseInt(parm);
try{
Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
con=DriverManager.getConnection("jdbc:sqlserver://localhost:1433;databaseName=My_Project;integratedSecurity=true;applicationName=WebApplication2;");
String sqlquery="select * from Users where First_Name='" + User_name + "'and National_ID='" +National_ID + "'";
PreparedStatement ps=con.prepareStatement(sqlquery);
rs=ps.executeQuery();
if(rs.next()){
password=rs.getString(9);
}
}catch(SQLException e){} catch (ClassNotFoundException ex) {
Logger.getLogger(Forget.class.getName()).log(Level.SEVERE, null, ex);
}
//ds.ss(User_name, National_ID);
//String password=ds.password;
// String password=new DataBase().(User_name,National_ID);
/* TODO output your page here. You may use following sample code. */
out.println("<!DOCTYPE html>");
out.println("<html>");
out.println("<head>");
out.println("<title>Servlet Forget</title>");
out.println("</head>");
out.println("<body>");
out.println("<h1>Your Password " + password + "</h1>");
out.println("</body>");
out.println("</html>");
}
// result still null
回答1:
If you only need the Password, there's no need to select * from Users.... Just select Password from Users....
And use a PreparedStatement, to avoid SQL injection.
回答2:
That's because, you statement password=rs.getString(9); never gets executed and while creating statement (i guess), it throws exception and hence you see default initialized value of password being printed.
You should try finding the cause of exception.
Note apart, Make use of PreparedStatement as it will avoid SQL injection vulnerability that you have now.
回答3:
First of all I would like to tell you, please stick to proper java conventions when you code. And when you post, please post it with proper formatting. use exception handling with proper exception messages or stacktrace to identify the issues.
I just changed your post method. Use it and see whether it works. Note: I assume your JDBC connection works pretty well without any isse:
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = null;
String password = null;
String userName = request.getParameter("user_name");
String nationalVal = request.getParameter("National");
int national=0;
if(national != null && !national.isEmpty()){
national = Integer.parseInt(nationalVal);
}
ResultSet rs= null;
Statement st=null;
Connection con = null;
try{
out = response.getWriter();
Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
con=DriverManager.getConnection("jdbc:sqlserver://localhost:1433;databaseName=My_Project;integratedSecurity=true;applicationName=WebApplication2;");
String sqlQuery="select password from Users where First_Name='"+ User_name +"' and National_ID=" +National_ID ;
st = con.createStatement();
rs = st.executeQuery(sqlQuery);
if(rs.next()){
password = rs.getString(9);
}
}catch(SQLException e){
e.printStackTrace();
}
out.println("<!DOCTYPE html>");
out.println("<html>");
out.println("<head>");
out.println("<title>Servlet Forget</title>");
out.println("</head>");
out.println("<body>");
out.println("<h1>Your Password " + password + "</h1>");
out.println("</body>");
out.println("</html>");
}let me know your progress !
来源:https://stackoverflow.com/questions/28914778/i-want-to-retrieve-password-from-database-but-when-program-run-result-be-null-i