我终于得到了密码,查询,按钮和连接,但是为什么它似乎我似乎无法登录?我的Action Handler出了什么问题?请检查我的代码
import java.awt.BorderLayout;
import java.awt.GridLayout;
import java.awt.event.ActionListener;
import java.awt.event.ActionEvent;
import javax.swing.JFrame;
import javax.swing.JOptionPane;
import javax.swing.JLabel;
import javax.swing.JTextField;
import javax.swing.JPasswordField;
import javax.swing.JButton;
import javax.swing.JPanel;
import java.sql.*;
public class Login extends JFrame {
private JLabel label1, label2;
private JButton submit;
private JTextField textfield1;
private JPasswordField passfield;
private JPanel panel;
public Login() {
setSize(300, 100);
setVisible(true);
label1 = new JLabel("User ID:");
textfield1 = new JTextField(15);
label2 = new JLabel("Password:");
passfield = new JPasswordField(15);
submit = new JButton("Submit");
panel = new JPanel(new GridLayout(3, 1));
panel.add(label1);
panel.add(textfield1);
panel.add(label2);
panel.add(passfield);
panel.add(submit);
add(panel, BorderLayout.CENTER);
ButtonHandler handler = new ButtonHandler();
submit.addActionListener(handler);
}// end login constructor
private class ButtonHandler implements ActionListener {
public void actionPerformed(ActionEvent arg0) {
String user = textfield1.getText();
char[] passChars = passfield.getPassword();
Connection conn = Jdbc.dbConn();
PreparedStatement ps = null;
ResultSet rs = null;
String pass = new String(passChars);
if (passChars != null) {
String sql = "SELECT employee_ID,employee_password FROM user where" +
"employee_ID='user' and employee_password=+'pass'";
try {
ps = conn.prepareStatement(sql);
ps.setString(1, user);
ps.setString(2, pass);
rs = ps.executeQuery();
if (rs.next()) {
user = rs.getString("employee_id");
pass = rs.getString("employee_password");
JOptionPane.showMessageDialog(null,"Welcome "+user);
} else {
JOptionPane.showMessageDialog(null, "Wrong Input");
}
} catch (Exception e) {
} finally {
try {
rs.close();
ps.close();
conn.close();
} catch (Exception ee) {
}
}
}// end actionPerformed
}// End ButtonHandler
}// End of class
}
答案 0 :(得分:4)
您有两个PreparedStatement选择,两个都是正确的
1)更改String sql = ....
定义
String sql = "SELECT employee_ID, employee_password FROM
user WHERE employee_ID = ? AND employee_password = ?";
2)直接将变量放入SQL语句
String sql = "SELECT employee_ID, employee_password FROM user WHERE
employee_ID = '" + user + "' AND employee_password = '" + pass + "'";
答案 1 :(得分:2)
更改您的选择
employee_ID=? and employee_password=?
http://www.javaworld.com/javaworld/jw-04-2007/jw-04-jdbc.html 或者您可以使用命名参数
String query = "select * from people where (first_name = :name or last_name
= :name) and address = :address");
NamedParameterStatement p = new NamedParameterStatement(con, query);
p.setString("name", name);
p.setString("address", address);
答案 2 :(得分:0)
请像这样重写你的代码
if (passChars != null) {
String sql = "SELECT employee_ID,employee_password FROM user where
employee_ID=? and employee_password=?";
try {
ps = conn.prepareStatement(sql);
ps.setString(1, user);
ps.setString(2, pass);
rs = ps.executeQuery();
if (rs.next()) {
user = rs.getString("employee_id");
pass = rs.getString("employee_password");
JOptionPane.showMessageDialog(null,"Welcome "+user);
} else {
JOptionPane.showMessageDialog(null, "Wrong Input");
}
} catch (Exception e) {
} finally {
try {
rs.close();
ps.close();
conn.close();
} catch (Exception ee) {
}
}
}