Reset password, if anyone forgot his password [closed]

Question

Closed. This question needs details or clarity. It is not currently accepting answers.

---

Want to improve this question? Add details and clarify the problem by editing this post.

Closed 8 years ago.

Improve this question

I am trying to create reset password in html. When i submit reset button, it will go to ResetPasswordServlet. Then the controller will go from servlet to CustomerDAO. There, it need to update the database. I created database connection also. I tested it but it is not working (not updated in the database.) I know that there is something wrong with my code but i am unable to figure it out.

Here is my code. Can anybody help me to figure it out where i am doing wrong. Thank You so much.

ResetPasswordServlet

package com.dao;
   
/**
 * @see HttpServlet#HttpServlet()
 */
public ResetPasswordServlet() {
    super();
    // TODO Auto-generated constructor stub
}

/**
 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
 */
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    // TODO Auto-generated method stub
    
    PrintWriter out = response.getWriter();
    
    out.println("<html><body>");
    out.println("<center><h2>Reset your password</h2></center>");
    out.println("<form action=ResetPassword method=post>");
    out.println("Enter your username <input type=text name=LoginId><br> ");
    out.println("Enter your new Password<input type=password name=password><br>");
    out.println("Confirm your new Password <input type=password  name=confirm><br>");
    out.println("<input type=submit value=RESET>");
    out.println("</form>");
    out.println("</body></html>");
    
}

/**
 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
 */
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    // TODO Auto-generated method stub
    CustomerDAO customerDAO = new CustomerDAO();
    String loginId = request.getParameter("LoginId");
    String loginPassword = request.getParameter("password");
    String confirmPassword = request.getParameter("confirm");
    
    Login login = customerDAO.resetPassword(loginId, loginPassword, confirmPassword);
}

}

CustomerDAO

public Login resetPassword(String loginId, String loginPassword, String confirmPassword) {
    Login login = null;
    try {
        BaseDAO baseDAO = new BaseDAO();
        Connection c =baseDAO.getConnection();
        String query = "update test.Customer set LoginPassword=?, ConfirmPassword=? where LoginId=?" ; 
        PreparedStatement ps = c.prepareStatement(query);
        ps.setString(1, loginId);
        ps.setString(2, loginPassword);
        ps.setString(3, confirmPassword);
        System.out.println(loginId);
        System.out.println(loginPassword);
        System.out.println(confirmPassword);
        
        int i = ps.executeUpdate();
        if(i==1) {
            System.out.println("record updated successfully");
        }else {
            System.out.println("record not updated.");
        }
        c.close();
    }catch(Exception e) {
        e.printStackTrace();
    }
    return login;
}

I did some changes in the code.

When i submit the button, it is not showing any error and also not updated in the database. In CustomerDAO, the else block is executed and the record not updated is printed.

Answer 1

Your problem is in the following code:

    String query = "update test.Customer set LoginPassword=?, ConfirmPassword=? where LoginId=?" ; 
    PreparedStatement ps = c.prepareStatement(query);
    ps.setString(1, loginId);
    ps.setString(2, loginPassword);
    ps.setString(3, confirmPassword);

The order of your placeholders in your SQL query string is:

• LoginPassword
• ConfirmPassword
• LoginId

But the order of parameters is

• LoginId
• LoginPassword
• ConfirmPassword

So you are trying to update the record with LoginId of value ConfirmPassword which is very unlikely to exist.

N.B. Why are you storing the confirm password? Wouldn't it make more sense for the servlet to check that LoginPassword is equal to ConfirmPassword and showing an error if it isn't rather than updating the DB?