Question
I have jsp page which will display records from database. Only when username=admin and password=admin, edit and delete buttons are enabled and for other users the edit and delete buttons are disabled. Now when I enter login.jsp with admin credentials, the buttons are disabled right after edit/update or delete record. This is because the username and password inside the update and delete block are getting null values. If I can retain the value of login, then it works fine but I dont know how to make it happen
How can I retain the username and password within update and delete method in the servlet after user login.
Here is my servlet code
https://stackoverflow.com/questions/23654395
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
{
HttpSession session = request.getSession(false);
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
String query;
Connection conn;
Statement stmt;
ResultSet res;
DatabaseConnection dbconn;
List lst=new ArrayList();
String id ;
String username="";
String hiddenname = request.getParameter("hiddenname");
username = request.getParameter("username");
String password = request.getParameter("password");
session.setAttribute("uname", username);
session.setAttribute("upass", password);
Connection con = dbconnection.getCon();
PreparedStatement statemt = null;
if ("login".equals(hiddenname))
{
try {
statemt = con.prepareStatement("select User_name,Password from login_details where User_name = ? and Password = ?");
statemt.setString(1, username);
statemt.setString(2, password);
ResultSet rs = statemt.executeQuery();
if (rs.next() == false)
{
out.write("Invalid user name or password. Please press back button to login again");
}
else
{
try
{
String login_name=(String) session.getAttribute("uname");
String login_password=(String) session.getAttribute("upass");
request.setAttribute("UserName", login_name);
request.setAttribute("UserPassword", login_password);
dbconn=new DatabaseConnection();
conn=dbconn.setConnection();
stmt=conn.createStatement();
query="select * from mpi";
res=dbconn.getResultSet(query, conn);
while(res.next())
{
lst.add(res.getString("UniqueID"));
lst.add(res.getString("Phylum"));
lst.add(res.getString("Family"));
lst.add(res.getString("Genus"));
lst.add(res.getString("NCBI_Taxnomy_ID"));
lst.add(res.getString("16s_Sanger_seq"));
lst.add(res.getString("Genome_Sequencing_Batch"));
lst.add(res.getString("Stock_number"));
lst.add(res.getString("Stock_Location"));
lst.add(res.getString("Soil_batch"));
lst.add(res.getString("Host"));
lst.add(res.getString("Operator"));
lst.add(res.getString("GPS_coordinates"));
lst.add(res.getString("Greenhouse_or_Natural_sites"));
lst.add(res.getString("Isolation_procedure"));
lst.add(res.getString("Date_of_isolation"));
lst.add(res.getString("Previous_Ids"));
lst.add(res.getString("Compartment"));
lst.add(res.getString("Publication"));
lst.add(res.getString("Strain_Derivatives"));
lst.add(res.getString("Growth_conditions"));
lst.add(res.getString("Natural_antibiotic_resistance"));
lst.add(res.getString("Colony_morphology"));
}
res.close();
}
catch(Exception e)
{
e.printStackTrace();
}
finally
{
request.setAttribute("UserData", lst);
RequestDispatcher rd=request.getRequestDispatcher("/displayrecord.jsp");
rd.forward(request, response);
lst.clear();
out.close();
}
}
con.close();
}
catch (SQLException e)
{
e.printStackTrace();
}
}
else if("update".equals(hiddenname))
{
String UniqueID,Phylum,Family,Genus,NCBI_Taxnomy_ID,s16_Sanger_seq,Genome_Sequencing_Batch,Stock_number,
Stock_Location,Soil_batch,Host,Operator,GPS_coordinates,Greenhouse_or_Natural_sites,
Isolation_procedure,Date_of_isolation,Previous_Ids,Compartment,Publication,Strain_Derivatives,Growth_conditions,
Natural_antibiotic_resistance,Colony_morphology,Comments;
response.setContentType("text/html;charset=UTF-8");
String login_name=(String) session.getAttribute("uname");
String login_password=(String) session.getAttribute("upass");
request.setAttribute("UserName", login_name);
request.setAttribute("UserPassword", login_password);
try{
dbconn=new DatabaseConnection();
conn=dbconn.setConnection();
UniqueID=request.getParameter("UniqueID").toString();
Phylum=request.getParameter("Phylum");
Family=request.getParameter("Family");
Genus=request.getParameter("Genus");
NCBI_Taxnomy_ID=request.getParameter("NCBI_Taxnomy_ID");
s16_Sanger_seq=request.getParameter("s16_Sanger_seq");
Genome_Sequencing_Batch=request.getParameter("Genome_Sequencing_Batch");
Stock_number=request.getParameter("Stock_number");
Stock_Location=request.getParameter("Stock_Location");
Soil_batch=request.getParameter("Soil_batch");
Host=request.getParameter("Host");
Operator=request.getParameter("Operator");
GPS_coordinates=request.getParameter("GPS_coordinates");
Greenhouse_or_Natural_sites=request.getParameter("Greenhouse_or_Natural_sites");
Isolation_procedure=request.getParameter("Isolation_procedure");
Date_of_isolation=request.getParameter("Date_of_isolation");
Previous_Ids=request.getParameter("Previous_Ids");
Compartment=request.getParameter("Compartment");
Publication=request.getParameter("Publication");
Strain_Derivatives=request.getParameter("Strain_Derivatives");
Growth_conditions=request.getParameter("Growth_conditions");
Natural_antibiotic_resistance=request.getParameter("Natural_antibiotic_resistance");
Colony_morphology=request.getParameter("Colony_morphology");
stmt=conn.createStatement();
query="update mpi set Phylum='"+Phylum+"',Family='"+Family+"',Genus='"+Genus+"',NCBI_Taxnomy_ID='"+NCBI_Taxnomy_ID+"',16s_Sanger_seq='"+s16_Sanger_seq+"',Genome_Sequencing_Batch='"+Genome_Sequencing_Batch+"',Stock_number='"+Stock_number+"',Stock_Location='"+Stock_Location+"',Soil_batch='"+Soil_batch+"',Host='"+Host+"',Operator='"+Operator+"',GPS_coordinates='"+GPS_coordinates+"',Greenhouse_or_Natural_sites='"+Greenhouse_or_Natural_sites+"',Date_of_isolation='"+Date_of_isolation+"',Isolation_procedure='"+Isolation_procedure+"',Previous_Ids='"+Previous_Ids+"',Compartment='"+Compartment+"',Publication='"+Publication+"',Strain_Derivatives='"+Strain_Derivatives+"',Growth_conditions='"+Growth_conditions+"',Natural_antibiotic_resistance='"+Natural_antibiotic_resistance+"',Colony_morphology='"+Colony_morphology+"' where UniqueID='"+UniqueID+"'";
int i=stmt.executeUpdate(query);
query="select * from mpi";
res=dbconn.getResultSet(query, conn);
while(res.next())
{
lst.add(res.getString("UniqueID"));
lst.add(res.getString("Phylum"));
lst.add(res.getString("Family"));
lst.add(res.getString("Genus"));
lst.add(res.getString("NCBI_Taxnomy_ID"));
lst.add(res.getString("16s_Sanger_seq"));
lst.add(res.getString("Genome_Sequencing_Batch"));
lst.add(res.getString("Stock_number"));
lst.add(res.getString("Stock_Location"));
lst.add(res.getString("Soil_batch"));
lst.add(res.getString("Host"));
lst.add(res.getString("Operator"));
lst.add(res.getString("GPS_coordinates"));
lst.add(res.getString("Greenhouse_or_Natural_sites"));
lst.add(res.getString("Isolation_procedure"));
lst.add(res.getString("Date_of_isolation"));
lst.add(res.getString("Previous_Ids"));
lst.add(res.getString("Compartment"));
lst.add(res.getString("Publication"));
lst.add(res.getString("Strain_Derivatives"));
lst.add(res.getString("Growth_conditions"));
lst.add(res.getString("Natural_antibiotic_resistance"));
lst.add(res.getString("Colony_morphology"));
}
res.close();
}
catch(Exception e)
{
e.printStackTrace();
}
finally
{
request.setAttribute("UserData", lst);
RequestDispatcher rd=request.getRequestDispatcher("/displayrecord.jsp");
rd.forward(request, response);
lst.clear();
out.close();
}
}
else {
try
{
dbconn=new DatabaseConnection();
conn=dbconn.setConnection();
stmt=conn.createStatement();
query="select * from mpi";
res=dbconn.getResultSet(query, conn);
String login_name=(String) session.getAttribute("uname");
String login_password=(String) session.getAttribute("upass");
request.setAttribute("UserName", login_name);
request.setAttribute("UserPassword", login_password);
while(res.next())
{
lst.add(res.getString("UniqueID"));
lst.add(res.getString("Phylum"));
lst.add(res.getString("Family"));
lst.add(res.getString("Genus"));
lst.add(res.getString("NCBI_Taxnomy_ID"));
lst.add(res.getString("16s_Sanger_seq"));
lst.add(res.getString("Genome_Sequencing_Batch"));
lst.add(res.getString("Stock_number"));
lst.add(res.getString("Stock_Location"));
lst.add(res.getString("Soil_batch"));
lst.add(res.getString("Host"));
lst.add(res.getString("Operator"));
lst.add(res.getString("GPS_coordinates"));
lst.add(res.getString("Greenhouse_or_Natural_sites"));
lst.add(res.getString("Isolation_procedure"));
lst.add(res.getString("Date_of_isolation"));
lst.add(res.getString("Previous_Ids"));
lst.add(res.getString("Compartment"));
lst.add(res.getString("Publication"));
lst.add(res.getString("Strain_Derivatives"));
lst.add(res.getString("Growth_conditions"));
lst.add(res.getString("Natural_antibiotic_resistance"));
lst.add(res.getString("Colony_morphology"));
}
res.close();
}
catch(Exception e)
{
e.printStackTrace();
}
finally
{
request.setAttribute("UserData", lst);
RequestDispatcher rd=request.getRequestDispatcher("/displayrecord.jsp");
rd.forward(request, response);
lst.clear();
out.close();
}
}
}
}
The login.jsp is given below:
<form name="frm" action="DisplayData" method="post" onsubmit="return Validate()">
<table align="center">
<tr>
<td align="left">UserName:</td>
<td><input type="text" name="username" value=""></input></td>
</tr>
<tr>
<td align="left">Password:</td>
<td><input type="password" name="password" value=""></input> </td>
</tr>
</table>
<%
String name = request.getParameter("username");
String password = request.getParameter("password");
session.setAttribute("name",name);
session.setAttribute("pass", password);
%>
<table align="center">
<tr>
<input type="hidden" name="hiddenname" value="login">
<td><input align="middle" type="submit" name="Sign_in" value="Sign_in" onclick="return Validate()"></input></td>
<td><input type="button" value="Signup" onClick="javascript:window.location='Signup.jsp';"></input></td>
</tr>
</table>
</form>
Solution
Once after logging in through the login page , you are redirecting into servlet right
In servlet,
set a attribute , something like flag variable
For Admin,
boolean flagVar=true;
request.setAttribute("flag" , flagVar);
Get the variable in the jsp page that is being forwarded from the servlet and Enable/Disable the button using jquery
Hope this helps !!
