1

I've made a javaFx login form connected with MySQL connection works fine but when i try to login I get wrong name And Password I will provide my code and screenshot of MySQL so anyone who tries to help will not get confuse

package sample;

import javafx.application.Application;
import javafx.geometry.Insets;
import javafx.scene.Group;
import javafx.scene.Scene;
import javafx.scene.control.*;
import javafx.scene.layout.BorderPane;
import javafx.scene.layout.HBox;
import javafx.scene.layout.VBox;
import javafx.scene.paint.Color;
import javafx.scene.shape.Rectangle;
import javafx.scene.text.Font;
import javafx.stage.Stage;


import java.sql.*;
import java.util.logging.Level;
import java.util.logging.Logger;

public class DataBaseProject1 extends Application {

    Connection conn;
    PreparedStatement pst = null;
    ResultSet rs = null;

    @Override
    public void start(Stage primaryStage) throws Exception
    {
        //GUIS a = new GUIS();
        //a.createConnection();
        //a.display();
        DataBaseProject1 d = new DataBaseProject1();
        d.createConnection();

        primaryStage.setTitle("Retrive Database Values Into CheckBox");

        //primaryStage.getIcons().add(new Image("file:user-icon.png"));
        BorderPane layout = new BorderPane();
        Scene newscene = new Scene(layout, 1200, 700, Color.rgb(0, 0, 0, 0));

        Group root = new Group();
        Scene scene = new Scene(root, 320, 200, Color.rgb(0, 0, 0, 0));
        scene.getStylesheets().add(getClass().getResource("Style.css").toExternalForm());

        Color foreground = Color.rgb(255, 255, 255, 0.9);

        //Rectangila Background
        Rectangle background = new Rectangle(320, 250);
        background.setX(0);
        background.setY(0);
        background.setArcHeight(15);
        background.setArcWidth(15);
        background.setFill(Color.rgb(0 ,0 , 0, 0.55));
        background.setStroke(foreground);
        background.setStrokeWidth(1.5);

        VBox vbox = new VBox(5);
        vbox.setPadding(new Insets(10,0,0,10));

        Label label = new Label("Label");
        //label.setTextFill(Color.WHITESMOKE);
        label.setFont(new Font("SanSerif", 20));

        TextField username = new TextField();
        username.setFont(Font.font("SanSerif", 20));
        username.setPromptText("Username");
        username.getStyleClass().add("field-background");

        PasswordField password =new PasswordField();
        password.setFont(Font.font("SanSerif", 20));
        password.setPromptText("Password");
        password.getStyleClass().add("field-background");

        Button btn = new Button("Login");
        btn.setFont(Font.font("SanSerif", 15));
        btn.setOnAction(e ->{
            try{
                String user = username.getText();
                String pass = password.getText();
                String query = "SELECT * FROM userdatabasetable Where UserName = " + "'" + user + "'" + " AND Password = " + "'" +pass + "'" + " ";

                rs = pst.executeQuery(query);

                if(rs.next()){
                    label.setText("Login Successful");
                    primaryStage.setScene(newscene);
                    primaryStage.show();
                }else{
                    label.setText("Login Failed");
                }
                username.clear();
                password.clear();
                pst.close();
                rs.close();
            }catch(Exception e1){
                label.setText("SQL Error");
                System.out.println("Wrong UserName Or Password");
                //System.err.println(e1);
            }
        });

        vbox.getChildren().addAll(label, username, password, btn);
        root.getChildren().addAll(background, vbox);

        primaryStage.setScene(scene);
        primaryStage.show();
    }

    public static void main(String[] args)
    {
        launch(args);
    }

    Connection createConnection ()
    {
        try
        {
            //Class.forName("com.mysql.jdbc.Driver");
            Class.forName("com.mysql.cj.jdbc.Driver");
            Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/UserDataBase","yusof","1234");
            System.out.println("DataBase Connected Successfully");

            //con.close();
        }
        catch (ClassNotFoundException | SQLException ex)
        {
            Logger.getLogger(DataBaseProject1.class.getName()).log(Level.SEVERE, null, ex);
        }
        return null;
    }
}

OUTPUT:

DataBase Connected Successfully Wrong UserName Or Password

SCREENSHOT FOR MySQL:enter image description here

Improve this question
2
  • Please post the actual exception stacktrace, not your own error message. Use e1.printStackTrace(). Commented Jul 5, 2020 at 9:51
  • @MarkRotteveel Thanks man but I already found a solution to my Problem thanks again for your effort Commented Jul 5, 2020 at 13:13

2 Answers 2

Reset to default
1

you did not intitialize the PreparedStatement variable , just declared with null value PreparedStatement pst = null;

so when the statement rs = pst.executeQuery(query); executing then throwing an error. and in your catch block you have written only System.out.println("Wrong UserName Or Password");. so you are getting error "Wrong UserName Or Password"

but actual error is you did not initialize the PreparedStatement pst variable before executing the query.

so initialize the pst variable to resolve your problem

if you want to know how to use prepared statement then you can see from here with example

and i have resolved the all issues of your code, so simply you can copy and paste the below code , hope it will be helpful for you

package sample;

import javafx.application.Application;
import javafx.geometry.Insets;
import javafx.scene.Group;
import javafx.scene.Scene;
import javafx.scene.control.*;
import javafx.scene.layout.BorderPane;
import javafx.scene.layout.HBox;
import javafx.scene.layout.VBox;
import javafx.scene.paint.Color;
import javafx.scene.shape.Rectangle;
import javafx.scene.text.Font;
import javafx.stage.Stage;


import java.sql.*;
import java.util.logging.Level;
import java.util.logging.Logger;

public class DataBaseProject1 extends Application {

    Connection conn;
    PreparedStatement pst = null;
    ResultSet rs = null;

    @Override
    public void start(Stage primaryStage) throws Exception
    {
        //GUIS a = new GUIS();
        //a.createConnection();
        //a.display();
        DataBaseProject1 d = new DataBaseProject1();
        d.createConnection();

        primaryStage.setTitle("Retrive Database Values Into CheckBox");

        //primaryStage.getIcons().add(new Image("file:user-icon.png"));
        BorderPane layout = new BorderPane();
        Scene newscene = new Scene(layout, 1200, 700, Color.rgb(0, 0, 0, 0));

        Group root = new Group();
        Scene scene = new Scene(root, 320, 200, Color.rgb(0, 0, 0, 0));
        scene.getStylesheets().add(getClass().getResource("Style.css").toExternalForm());

        Color foreground = Color.rgb(255, 255, 255, 0.9);

        //Rectangila Background
        Rectangle background = new Rectangle(320, 250);
        background.setX(0);
        background.setY(0);
        background.setArcHeight(15);
        background.setArcWidth(15);
        background.setFill(Color.rgb(0 ,0 , 0, 0.55));
        background.setStroke(foreground);
        background.setStrokeWidth(1.5);

        VBox vbox = new VBox(5);
        vbox.setPadding(new Insets(10,0,0,10));

        Label label = new Label("Label");
        //label.setTextFill(Color.WHITESMOKE);
        label.setFont(new Font("SanSerif", 20));

        TextField username = new TextField();
        username.setFont(Font.font("SanSerif", 20));
        username.setPromptText("Username");
        username.getStyleClass().add("field-background");

        PasswordField password =new PasswordField();
        password.setFont(Font.font("SanSerif", 20));
        password.setPromptText("Password");
        password.getStyleClass().add("field-background");

        Button btn = new Button("Login");
        btn.setFont(Font.font("SanSerif", 15));
        btn.setOnAction(e ->{
            try{
                String user = username.getText();
                String pass = password.getText();
                String query = "SELECT * FROM userdatabasetable Where UserName = " + "'" + user + "'" + " AND Password = " + "'" +pass + "'" + " ";
                d.pst=d.conn.prepareStatement(query);
                rs = d.pst.executeQuery(query);

                if(rs.next()){
                    label.setText("Login Successful");
                    primaryStage.setScene(newscene);
                    primaryStage.show();
                }else{
                    label.setText("Login Failed");
                }
                username.clear();
                password.clear();
                d.pst.close();
                rs.close();
            }catch(Exception e1){
                label.setText("SQL Error");
                System.out.println("Wrong UserName Or Password");
                //System.err.println(e1);
               // e1.printStackTrace();
            }
        });

        vbox.getChildren().addAll(label, username, password, btn);
        root.getChildren().addAll(background, vbox);

        primaryStage.setScene(scene);
        primaryStage.show();
    }

    public static void main(String[] args)
    {
        launch(args);
    }

    Connection createConnection ()
    {
        try
        {
            //Class.forName("com.mysql.jdbc.Driver");
            Class.forName("com.mysql.cj.jdbc.Driver");
            conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/UserDataBase","yusof","1234");
            System.out.println("DataBase Connected Successfully");

            //con.close();
        }
        catch (ClassNotFoundException | SQLException ex)
        {
            Logger.getLogger(DataBaseProject1.class.getName()).log(Level.SEVERE, null, ex);
        }
        return null;
    }
}
Improve this answer
Sign up to request clarification or add additional context in comments.

10 Comments

What about if I do it this way Connection con = null; PreparedStatement pst = null; ResultSet rs = null; String user = username.getText().toString(); String pass = password.getText().toString(); String query = "SELECT * FROM userdatabasetable Where UserName = ? AND Password = ?"; pst = con.prepareStatement(query); pst.setString(1,user); pst.setString(2,pass); rs = pst.executeQuery();
Still the same the exception one
I also tried this way String query = "SELECT * FROM userdatabasetable Where UserName=? AND Password=?"; pst = con.prepareStatement(query); pst.setString(1,user); pst.setString(2,pass); rs = pst.executeQuery();
I am a beginner in MySql that's why I was not able to understand it very fast but in the end, I understand it and I tried it but it didn't work
by the way you did many mistakes in your project, so i check all things and resolve, so use the updated post
|
0

I believe you still have a long way to work with your code. Not only you are lacking basic logic separation between accessing view and a database, but also:

  1. You have a freaking SQL Injection vulnerability here: String query = "SELECT * FROM userdatabasetable Where UserName = " + "'" + user + "'" + " AND Password = " + "'" +pass + "'" + " ";
  2. You are not hashing the password in the database using scrypt, bcrypt or similar.
  3. Your error handing is very poor as others mentioned.

Sorry for the harsh words, but point 1 and 2 are deadly sins in XXI century. Please have them fixed by using https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html and https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html.

Also please update your code once the vulnerabilities are fixed so we don't have examples of vulnerable code lying around for someone to copy and reuse.

Improve this answer

1 Comment

Don't be sorry your words actually motivate me to work harder on myself actually thanks for your honesty man

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.