验证用户，电子邮件和密码不起作用

I am having a problem on validating email and password, whether it belongs to a registered member or not. I'm using NetBeans, and created a database with table members. I have set up the connection pool and filled my members table.

我在验证电子邮件和密码时遇到问题,无论它是否属于注册会员。我正在使用NetBeans,并使用表成员创建了一个数据库。我已经设置了连接池并填充了我的成员表。

After having implemented the code, solved errors and watched few videos about NetBeans tutorial, I still can't figure out where I am missing it. I'am Stuck there since 4 days and kinda lost now. Hope you guys could help me with it, thanks in advance.

在实现代码,解决错误并观看了一些关于NetBeans教程的视频之后,我仍然无法弄清楚我在哪里错过它。我坚持了4天,现在有点丢失了。希望你们能帮助我,谢谢你们。

This is my members table data:

这是我的会员表数据:

 # | id |       email     | password |  name
------------------------------------------------
 1 |  1 | what@what.com   |   what   | Number 1 
 2 |  2 | fireup@fire.com |   fire   | Number 2

This is the code for my LoginServlet:

这是我的LoginServlet的代码:

@WebServlet("/login")
public class LoginServlet extends HttpServlet{
    @Resource(name = "jdbc/jed")
    private DataSource dsMembers;

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        String strName = request.getParameter("memberName");
        String strPassword = request.getParameter("memberPassword");
        String strEmail = request.getParameter("memberEmail");
        Connection conn = null;
        Statement stmt = null;
        ResultSet rs = null;

        try {
            conn = dsMembers.getConnection();
            String sql = "SELECT * FROM members";
            stmt = conn.createStatement();
            rs = stmt.executeQuery(sql);

            while (rs.next()){
                if((isValidEmail(strEmail))&& (strEmail.equals(rs.getString("email")))&& (strPassword.equals(rs.getString("password")))&&(strName.equals(rs.getString("name")))){
                    System.out.println("Success");

                   HttpSession session = request.getSession();
                    session.setAttribute("name", strName);
                    session.setAttribute("email", strEmail);
                    response.sendRedirect(this.getServletContext().getContextPath() + "/account.jsp");
                }
                else {
                    request.getSession().invalidate();
                    response.sendRedirect(this.getServletContext().getContextPath());
                }
            }
        } catch (SQLException ex) {
            System.out.println("SQLException: " + ex.getMessage());
        }
    }

    private boolean isValidEmail(String strEmail){
        if(strEmail.matches("^[_A-Za-z0-9-\\+]+(\\.[_A-Za-z0-9-]+)*@" + "[A-Za-z0-9-]+(\\.[A-Za-z0-9-]+)*(\\.[A-Za-z]{2,})$"))
            return true;
        return false;
    }
}

This is the GlassFish Server log I been getting:

这是我得到的GlassFish Server日志:

Info: WEB0671: Loading application [Project] at [/Project]
Info: Project was successfully deployed in 286 milliseconds.
Info: WEB0671: Loading application [Project] at [/Project]
Info: Project was successfully deployed in 247 milliseconds.
Info: Invalid User, Password or Email
Info: Invalid User, Password or Email
Warning: StandardWrapperValve[org.jedlibrary.lola.loan.ValidationServlet]: PWC1406: Servlet.service() for servlet org.jedlibrary.lola.loan.ValidationServlet threw exception java.lang.IllegalStateException at org.apache.catalina.connector.ResponseFacade.sendRedirect(ResponseFacade.java:524)
at org.jedlibrary.lola.loan.ValidationServlet.doPost(ValidationServlet.java:46) at javax.servlet.http.HttpServlet.service(HttpServlet.java:688) at javax.servlet.http.HttpServlet.service(HttpServlet.java:770) at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860) at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757) at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71) at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:745)

信息:WEB0671:在[/ Project]加载应用程序[项目]信息:项目已在286毫秒内成功部署。信息:WEB0671:在[/ Project]加载应用程序[项目]信息:项目已在247毫秒内成功部署。信息:无效的用户,密码或电子邮件信息:无效的用户,密码或电子邮件警告:StandardWrapperValve [org.jedlibrary.lola.loan.ValidationServlet]:PWC1406:Servlet的Servlet.service()org.jedlibrary.lola.loan.ValidationServlet扔了org.apache.catalina.connector.ResponseFacade.sendRedirect(ResponseFacade.java:524)中的异常java.lang.IllegalStateException,位于org.jedlibrary.lola.loan.ValidationServlet.doPost(ValidationServlet.java:46),位于javax.servlet.http .httpServlet.service(HttpServlet.java:688),位于org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)的javax.servlet.http.HttpServlet.service(HttpServlet.java:770)。位于org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)的apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)位于org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline。 java:655)在org.apach的org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595) e.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter。 java:231)at com.sun.enterprise.v3.services.impl.ContainerMapper $ AdapterCallable.call(ContainerMapper.java:317)at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java: 195)at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)at com.sun.grizzly.http.ProcessorTask .process(ProcessorTask.java:1056)位于com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)的com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)位于com.sun。 grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)at com.sun.grizzly.http.H t.sp.grotocolChain.execute(HttpProtocolChain.java:79)at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)at com.sun.grizzly .ContextTask.run(ContextTask.java:71)at com.sun.grizzly.util.AbstractThreadPool $ Worker.doWork(AbstractThreadPool.java:532)at com.sun.grizzly.util.AbstractThreadPool $ Worker.run(AbstractThreadPool.java) :513)at java.lang.Thread.run(Thread.java:745)

1 个解决方案

#1

Of course it does not work, you are checking if the input is the email is email, the password is password and the name is name.

当然它不起作用,你正在检查输入是否是电子邮件是电子邮件,密码是密码,名称是名称。

You should check against the ResultSet items, not constants. So for example, instead of

您应该检查ResultSet项,而不是常量。例如,而不是

strEmail.equals("email")

you should write

你应该写

strEmail.equals(rs.getString("email"))

Edit:

You have missed something else: you do not check the whole ResultSet. The first result does not match your provided data, so you invalidate the session at once. You should only invalidate it, when none of the items are matching.

您错过了其他内容:您不检查整个ResultSet。第一个结果与您提供的数据不匹配,因此您可以立即使会话无效。当没有任何项匹配时,您应该只使其无效。

This would solve your problem:

这可以解决您的问题:

while (rs.next()) {
    if (isValidEmail(strEmail) && strEmail.equals(rs.getString("email")) && strPassword.equals(rs.getString("password")) && strName.equals(rs.getString("name"))) {
        System.out.println("Success");
        HttpSession session = request.getSession();
        session.setAttribute("name", strName);
        session.setAttribute("email", strEmail);
        response.sendRedirect(this.getServletContext().getContextPath() + "/account.jsp");
        return;
    }
}
request.getSession().invalidate();
response.sendRedirect(this.getServletContext().getContextPath());

My final note: you should never implement login this way (even for a homework), selecting the full table, for just one record is simply a waste of resources.

我的最后一点:你永远不应该以这种方式实现登录(即使是作业),选择完整的表格,只需一条记录就是浪费资源。

You should use a PreparedStatement with the statement like select * from members where name = ? and check if there is a result and the password and e-mail are appropriate (I assumed here, that name is unique in the database).

你应该使用PreparedStatement和select * from members where = name这样的语句?并检查是否有结果,密码和电子邮件是否合适(我假设这个名称在数据库中是唯一的)。

#1