0

在将输入的用户名和密码与 java 中的用户数据库进行比较后,我想显示错误的用户名和密码。

问题是它对每一行执行 if else 语句,直到它到达正确的行 b4 显示“用户名和密码正确”,但我希望它检查所有内容,如果它不存在,则显示“请检查用户名和密码 ”

注意:请忽略命名约定问题在于while,if和任何其他推荐的循环语句的安排,但我不确定如何组织它以获得我想要的结果

这是我的注释代码

 public void displayUsers(String f, String s) {
        try {
            String queryString = "SELECT SName, SPwd FROM staff";
            ResultSet results = Statement.executeQuery(queryString);

            while (results.next()) {
            String staffname = results.getString("snameeee");
            String password =  results.getString("SPwd");

               if ((f.equals(staffname)) && (s.equals(password))) {

                  JOptionPane.showMessageDialog(null, "Username and Password exist");  
            }else {

             //JOptionPane.showMessageDialog(null, "Please Check Username and Password ");
            }
            results.close();
        } catch (SQLException sql) {

            out.println(sql);
        }
4

6 回答 6

3

不,你的做法是错误的。

加载所有记录不是检查凭据的好习惯。

将参数传递username给您的查询并签入数据库。

1)如果不存在用户,则告诉username不存在。

2)如果用户存在,则检查password现有数据库用户password.

于 2013-11-19T15:02:34.413 回答
2

首先不要以纯文本存储密码。其次加载所有记录是执行上述代码的非常错误的方法。

   public void displayUsers(String f, String s) {
    try {
        String queryString = "SELECT * FROM staff where SName=? and SPwd=?";
        //set this values using PreparedStatement
        ResultSet results = ps.executeQuery(queryString); //where ps is Object of PreparedStatement

        if(!results.next()) {

              JOptionPane.showMessageDialog("Wrong Username and Password.");  
        }

    } catch (SQLException sql) {

        out.println(sql);
    }finally{
      //closing ResultSet,PreparedStatement and Connection object
    }
于 2013-11-19T15:08:12.273 回答
1

使用标志你可以很容易地解决这个问题。像这样..

public void displayUsers(String f, String s) {
    boolean flag = false;
    try {
        String queryString = "SELECT SName, SPwd FROM staff";
        ResultSet results = Statement.executeQuery(queryString);

        while (results.next()) {
        String staffname = results.getString("SName");
        String password =  results.getString("SPwd");

           if ((f.equals(staffname)) && (s.equals(password))) {
              flag = true;
              JOptionPane.showMessageDialog(null, "Username and Password exist");  
        } 
        results.close();
        if(!flag){
               JOptionPane.showMessageDialog(null, "Please Check Username and Password ");
        }
    } catch (SQLException sql) {

        out.println(sql);
    }
于 2013-11-19T15:04:19.307 回答
1 
if (username.length()>0 && password.length()>0)
{
    String query = "Select * from adminlogin Where Username='" + username + "' and Password='" + password + "'";

    rs = sta.executeQuery(query);

   if (rs.next()) 
   {

        home hme=new home();
        this.setVisible(false);
        hme.setVisible(true);
   } 
   else 
   {
       JOptionPane.showMessageDialog(null,"username and password are wrong ");
   }
}
else
{
      JOptionPane.showMessageDialog(null,"please field username and password ");
}
于 2018-04-26T16:53:39.297 回答
0

您可以使用:

    boolean exist = false;
    String queryString = "SELECT SName, SPwd FROM staff";
    ResultSet results = Statement.executeQuery(queryString);
    while (results.next()) {
    String staffname = results.getString("SName");
    String password =  results.getString("SPwd");

       if ((f.equals(staffname)) && (s.equals(password))) {
          exist = true;
          JOptionPane.showMessageDialog(null, "Username and Password exist");  
       }
    } 
    results.close();
    if(!exist){
           JOptionPane.showMessageDialog(null, "Please Check Username and Password ");
    }

但是你应该使用这个:

    String queryString = "SELECT SName, SPwd FROM staff where SName=? and SPwd=?";
    ps = con.prepareStatement(queryString);
    ps.setString(1,f);
    ps.setString(2,s);
    ResultSet results = ps.executeQuery();

    if (results.next()) {
        JOptionPane.showMessageDialog(null, "Username and Password exist");  
    }else{
         JOptionPane.showMessageDialog(null, "Please Check Username and Password ");
    } 
    results.close();
    con.close();
于 2013-11-19T15:22:00.527 回答
0 
        String queryString =" select count(*) as \"exists\" from credit where username=? and password=?";
        //set this values using PreparedStatement
        ps = con.prepareStatement(queryString);
        ps.setString(1,f);
        ps.setString(2,s);
        ResultSet results = ps.executeQuery(); 

        if (results.next()) {
               int i = results.getInt("exists");
          if(i==1)
            {
                JOptionPane.showMessageDialog(null, "Username and Password exist");  
            }
            else{
                 JOptionPane.showMessageDialog(null, "Please Check Username and Password ");
            }
于 2016-07-28T18:03:02.687 回答