0

我遇到的问题是.equals。我试图检查密码字符串是否等于数据库中密码的值。我的 serlvet 中有密码字符串,它从表单中获取密码。它检查用户名但不检查密码

public boolean acceptCustomer(String username, String password){
CustomerTableClass customer = new CustomerTableClass();
customer.setCustomerUsername(username);
customer.setCustomerPassword(password);
Boolean check = null;
try
{
entityManager = entityManagerFactory.createEntityManager();             
CustomerTableClass customerTest = new CustomerTableClass();
customerTest = entityManager.find(customer.getClass(),username);
if (customerTest!=null)&&(password.equals(customer.getPassword()))){

check= true; 
System.out.println("User found");

}
4

3 回答 3

1

你似乎有一个额外的括号。尝试这个:

(customerTest!=null && password.equals(customer.getPassword() ) )
于 2013-03-29T23:26:45.870 回答
0

您的密码字段可能以某种散列编码。您需要对用户在登录表单中传递的密码进行哈希处理,然后将其与您从数据库中获取的密码进行检查。您的数据库密码也可能有一个salt。如果它有盐,那么您需要将盐附加到用户传入的密码中,然后拥有它,然后将其与数据库中的密码进行比较。

于 2013-03-29T23:27:09.717 回答
0

customer.getPassword() 没有从数据库中获取密码。在.equals 中使用密码之前,我必须先找到并找回密码。它现在完美地工作了代码

    public boolean acceptCustomer(String username, String password){
    CustomerTableClass customer = new CustomerTableClass();
    customer.setCustomerUsername(username);
    customer.setCustomerPassword(password);
    Boolean check = null;

    try 
    {
        entityManager = entityManagerFactory.createEntityManager();             
        CustomerTableClass customerTest = new CustomerTableClass();
        customerTest = entityManager.find(customer.getClass(),username);// .find checks if username aleady exists 
        if (customerTest!=null ){// if user exists
            customer = entityManager.find(customer.getClass(), username);// retrieve user from db
            customer.getPassword();//retrieve password from db
            if (password.equals(customer.getPassword()))//if they are equal 
            {
                System.out.println("user and password correct");
                check= true;    
            }
            else
            {
                System.out.println("user and password not correct");
                check= false;
                entityManager.close();
            }
        }
        else 
        {
            System.out.print("user does not exist");
        }
    }
于 2013-03-30T10:34:13.603 回答