sqlite java login based on username password and position

296
January 07, 2018, at 3:30 PM

I am a new java programmer working in netbeans and I am trying to make a login based on a sqlite database. Inside the database, I have a username column, a password column, and a position column. The purpose of the login is for when a user inputs his username and password and pressed the login button, the program would connect to the sqlite database, access a specific table on the database, check to see if the the username and password field matches, and then depending on their position (Administrator, Manager, or Teacher), they will go to a different jframe. At the moment, I created a code that will take the jtextfield from the login jframe and run it through the sqlite database for any matches, save the the result to a jdialog with jtextfields that is hidden, and then depending if the username and password jtextfield in the jdialog empty or not as well as well depending on which position that username has (Administrator, Manager, or Teacher), the login jframe will close with the respective jframe opening.

This is my code for connecting to the sqlite database

private void loginDatabase(){
    //Checks to see if Login is Administrator and then sends him to his respective location
    String userName1 = Usr1.getText();
    String passWord1 = Pass1.getText();
    try{
        String query1 = "select * from LoginManager where Username='"+userName1+"' and Password='"+passWord1+"' and Position=?";
        PreparedStatement pst1 = conn.prepareStatement(query1);
        ResultSet rs1 = pst1.executeQuery();
        if (rs1.next()){
            String add1 = rs1.getString("Username");
            usernameCon1.setText(add1);
            String add2 = rs1.getString("Password");
            passwordCon1.setText(add2);
            String add3 = rs1.getString("Position");
            positionCon1.setText(add3);
        }
        pst1.close();
        rs1.close();
    }catch(Exception e){
        JOptionPane.showMessageDialog(null, e);
    }
}

This is my code for the actual work (currently, both methods are not attach to a button on enter key press because I'm trying to make them into classes first and then putting them in there)

private void login(){
    loginDatabase();
    if (usernameCon1.getText().matches(regex) &&passwordCon1.getText().matches(Pass1.getText()) && positionCon1.getText().equals("Administrator")){
        Admin();
        usernameCon1.setText("");
        passwordCon1.setText("");
        positionCon1.setText("");
        Usr1.setText("");
        Pass1.setText("");
    }
    else if (!usernameCon1.getText().isEmpty() && !passwordCon1.getText().isEmpty() && positionCon1.getText().equals("Manager")){

    }
    else if (!usernameCon1.getText().isEmpty() && !passwordCon1.getText().isEmpty() && positionCon1.getText().equals("Teacher")){

    }
    else {
        JOptionPane.showMessageDialog(null, "Invalid Login", "Invalid Login", JOptionPane.ERROR_MESSAGE);
    }
}

Ultimately, I'm having trouble with that if else statement.

I apologize for the crazy syntax. When I started this project, I was really new to coding etiquette. I have been trying to change my habit throughout my program and all my other programs will be in proper format.

Thanks again for the help.

EDIT: So I figured it out, I simply removed the extra stuff from the sql statement to only get the information based on the username and password.

String query1 = "select * from LoginManager where Username='"+userName1+"' and Password='"+passWord1+"'";
Answer 1

For a better code structure, use a User class.

public class User{
    public String userName;
    public String passWord;
    public String position;
    public User(String userName,String passWord,String position){
        this.userName = userName;
        this.passWord = passWord;
        this.position = position;
    }
}

To properly use PreparedStatment, prepare the parameters. like this:

String query = "select * from LoginManager where Username=? and Password=?";
PreparedStatement stmt = con.prepareStatement(query);
//Parameters
stmt.setString(1, userName);
stmt.setString(2, passWord);
//Execute
stmt.executeQuery();

loginDatabase method return the user object or null case login failed

public User loginDatabase(String userName,String passWord){
    User user = null;
    String query = "select * from LoginManager where Username=? and Password=?";
    PreparedStatement stmt = con.prepareStatement(query);
    //Parameters
    stmt.setString(1, userName);
    stmt.setString(2, passWord);
    //Execute
    ResultSet res = stmt.executeQuery();
    if(res.next()){
        //You dont need to find userName & passWord, are already exists
        String position = res.getString("position");
        user = new User(userName, passWord, position);
    }
    return user;
}

And finally, to check user position.

public void login(){
    String userName = userNameTF.getText();
    String passWord = passWordTF.getText();
    User user = loginDatabase(userName, passWord);
    if(user != null){
        switch(user.position){
            case "Administrator":
                // ...
                break;
            case "Manager":
                // ...
                break;
            case "Teacher":
                // ...
                break;
        }
    }else{
        // login failed 'Invalid login'
    }
}
Rent Charter Buses Company
READ ALSO
Add property in JAX-RS filter

Add property in JAX-RS filter

I am implementing a java jax-rs rest applicationI use a filter to pre-match requests

209
How to get location in thread?

How to get location in thread?

In my app, I need to get current location during app launchIn my main activity, I want to ensure that firstly I find location, then I replace fragment

261
How to Reload a JFrame?

How to Reload a JFrame?

I have two classes CreateAppointment and DailyViewDailyView calls CreateAppointment using an ActionListener

405
Need to create a system in java RMI that executes all the actions directly in the server. (Server is cmd so no tomcat)

Need to create a system in java RMI that executes all the actions directly in the server. (Server is cmd so no tomcat)

Ok first, of all I got a homework about a client-server program based on Java RMI

222