我在Android中开发了一个登录表单。我在这里使用了验证。我必须填写任何人(用户名或密码),那么我的应用程序应该显示成功!,并应该转移到其他活动。在android中登录表单验证
但是,如果两个字段都为空,则不应显示成功消息,并且应该显示登录失败!。
请帮我这个。
这是我的web服务代码:
public class XcartLogin {
public String authentication(String userName, String password) {
String retrievedUserName = "";
String retrievedPassword = "";
String status = "";
try {
Class.forName("com.mysql.jdbc.Driver");
Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/xcart432-pro", "root", "");
PreparedStatement statement = con.prepareStatement("SELECT * FROM xcart_customers WHERE login = '" + userName + "'");
ResultSet result = statement.executeQuery();
while (result.next()) {
retrievedUserName = result.getString("login");
retrievedPassword = result.getString("password");
}
if (retrievedUserName.equals(userName) && retrievedPassword.equals(password)) {
status = "Success!";
} else {
status = "Login fail!!!";
}
} catch (Exception e) {
e.printStackTrace();
}
return status;
}
}
这是验证了我的Android代码:
if(status.equals("Success!"))
{
// ADD to save and read next time
String strUserName = userName.getText().toString().trim();
String strPassword = userPassword.getText().toString().trim();
if (null == strUserName || strUserName.length() == 0)
{
// showToast("Enter Your Name");
userName.setError("username is required!");
isUserValidated = false;
}
if (null == strPassword || strPassword.length() == 0)
{
// showToast("Enter Your Password");
isPasswordValidated = false;
userPassword.setError("password is required!");
}
}
刚刚脱离主题..上面的代码形式非常容易进行SQL注入,您不应该从数据库中取回密码,而应将其作为参数传递给SQL准备语句 – Harish