1

I have created a login form which contains validations for each field. When i click on submit button function validation() will be invoked to validate all the fields and after successful validation it will redirect to another jsp page where all the details will be inserted in to the Oracle database.

But I'm getting "org.apache.jasper.JasperException: java.lang.NumberFormatException: null" exception. Also "The server encountered an internal error () that prevented it from fulfilling this request" error. I hope you will help me.

Here is the code:

<html>
    <head>
    <script type="text/javascript">
    function validate()
    {

        if(document.frm.username.value=="")
        {
          alert("Please enter Username");
          document.frm.username.focus();
        }

        else if(document.frm.mobile.value=="")
         {       
            alert("Please Enter your contact number");
            document.frm.mobile.focus();
         } 

       else
       {
        window.location = "insert.jsp";
       }
     }
</script>
    </head>

    <body>
    <form name="frm">
    <table>
    <tr><td>User Name:</td><td><input type="text" name="username"></td></tr>
    <tr><td>Contact Number:</td><td><input type="text" name="mobile"></td></tr>
    <tr><td><input type="submit" value="Submit" onclick="validate()"></td><td></td></tr>
    </table>
    </form>
    </body>

insert.jsp:

  <body>
             <%@page import="java.sql.*"%>
             <%@page import="java.util.*"%>
    <%
    Connection con=null;
    int mobile=Integer.parseInt(request.getParameter("mobile"));
    String username=request.getParameter("username");
    try{
         Class.forName("oracle.jdbc.driver.OracleDriver");
        con=DriverManager.getConnection("jdbc:oracle:thin:@localhost:1521:xe","system","manager");

    Statement st=con.createStatement();
    st.executeUpdate("insert into stud values("+mobile+",'"+username+"')");
    out.println("Data is successfully inserted!");

      }

     catch(Exception e)
    {
       System.out.print(e);
    }
    %>
        </body>
Improve this question
3
  • 2
    Surely a mobile number is normally 10+ digits - more than can fit in an integer. This will be even worse with international numbers! Commented Mar 28, 2013 at 10:30
  • 1
    What happens if the username is '); DELETE FROM stud; -- Commented Mar 28, 2013 at 10:32
  • 1
    You should not store telephone numbers in numeric types. A telephone number is not like a mathematical number, that you would for example want to do calculations with. What if a telephone number starts with 0? An int will not remember that. Use a string type instead to store telephone numbers. Commented Mar 28, 2013 at 10:35

4 Answers 4

Reset to default
1

You're redirecting the browser to do a GET on insert.jsp, but you're not supplying the request parameters to that new URL. Thus, your JSP fetches the mobile request parameter, which is null, and then tries to parse that to an integer, yielding the NumberFormatException.

What you could do is append the request parameters to the URL, like so:

window.location = "insert.jsp?mobile=" + document.frm.mobile.value + "&username=" + document.frm.username.value;

But it would be even better to submit those values in a POST request, instead of a GET. I think you could achieve that by adding a action="insert.jsp" attribute to the form tag, changing the onClick attribute to onSubmit and removing the 

 else {
    window.location = "insert.jsp";
 }

because that would allow the browser to resume its normal form submission. If you combine that with an return false; statement after focussing on the empty fields, you'll prevent the browser from submitting the form.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Happy to help, and welcome to Stack Overflow. If this answer or any other one solved your issue, please mark that answer as accepted.
1

So what will happen if your mobile number is blank ?

   int mobile=Integer.parseInt(request.getParameter("mobile"));

You're asking Integer.parseInt() to parse an empty or null string and that's causing your problem.

From the doc:

Throws: NumberFormatException - if the string does not contain a parsable integer.

You need to check that mobile is populated and.or handle the scenario when it's not.

I wouldn't use an Integer to store a mobile number, btw. The number of digits could cause an overflow and/or you may want to maintain structure (e.g. country code and the number) etc.

Improve this answer

1 Comment

I don't think so. This is null input. Because the parameter was not there, he use window.location = "insert.jsp". See my answer for more detail.
0

If you are using parseInt(), you should catch an exception somewhere:

int mobile;
try {
  mobile = Integer.parseInt(request.getParameter("mobile"));
} catch (NumberFormatException e) {
  // do something
}

In your case, request.getParameter("mobile") is probably returning null.

Edit: as nother already noted - storing phone number in an integer may not be a good idea. Try Long instead.

Improve this answer

Comments

0

First, your code is very dangerous. You should check null or empty on the server side! Using PreparedStatement instead of Statement.

Second, the code window.location = "insert.jsp"; will not work as your expectation. Use action="insert.jsp" to make data send to that page. Then, on your js function, return false if it does not pass the condition, otherwise, return true;

Using onSubmit="return validate()" instead of onClick event.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.