Java & MySQL - Create a login authentication -
i have connected java app mysql, , want user input username , password. send query mysql , spot username, , compare password given, password in database. , part, works. let's username "abc" , password "def". if when prompted username, , typed "abc def" saying successful, same password of "def a". believe problem rs.next(), , checking text before space.
any ideas solutions?
string databaseusername = ""; string databasepassword = ""; // check username , password system.out.print("enter username: "); string name = sc.next(); system.out.print("enter password: "); string password = sc.next(); // create sql query statement stmt = connection.createstatement(); string sql = "select * users users_name='" + name + "' && users_password='" + password+ "'"; resultset rs = stmt.executequery(sql); // check username , password while (rs.next()) { databaseusername = rs.getstring("users_name"); databasepassword = rs.getstring("users_password"); } if (name.equals(databaseusername) && password.equals(databasepassword)) { system.out.println("successful login!\n----"); } else { system.out.println("incorrect password\n----"); }
if resultset returns row, username , password have been checked sql statement. not need check again. additionally, should put in place system same username can not used more once. (make unique or key on in database)
also, use prepared statements , hashed passwords avoid injection , other attacks.
Comments
Post a Comment