Retrieving text from a password field

Question

Retrieving text from a password field

Hello, I am trying to create a login form in the java netbeans IDE. My goal is to create multiple user IDs and their corresponding passwords. I gave text fields for userID and passwordField for passwords to get the values, but the problem is that I want to get the text from the password field and I can not get it to show some error. I think there is some problem with the syntax that my research as follows might be some kind of solution? I need your help.

private void lb_loginMouseClicked(java.awt.event.MouseEvent evt) { DBUtil util = new DBUtil(); String value1=tb_uid.getText(); String value2=tb_pwd.getPassword(); String user1=""; String pass1=""; try { Connection con = util.getConnection(); PreparedStatement stmt = con.prepareStatement("SELECT * FROM login where username='"+value1+"' && password='"+value2+"'"); ResultSet res = stmt.executeQuery(); res = stmt.executeQuery(); while (res.next()) { user1 = res.getString("username"); pass1 = res.getString("password"); } if (value1.equals(user1) && value2.equals(pass1)) { JOptionPane.showMessageDialog(this,"correct"); } else{ JOptionPane.showMessageDialog(this,"Incorrect login or password","Error",JOptionPane.ERROR_MESSAGE); } JOptionPane.showMessageDialog(null, "COMMITED SUCCESSFULLY!"); } catch (Exception ex) { JOptionPane.showMessageDialog(null, ex.getMessage()); } }

+4

java

Sumeet gavhale Jan 4 '13 at 17:50

source share

5 answers

 String pwd = new String(jPasswordField1.getPassword());

Option 1:

 jTextField1.setText(""+pwd);

Option 2:

 System.out.println(""+pwd);

+6

Vishav Jeet Singh Sodhi Dec 20 '16 at 18:02

source share

Use this code:

 String password = String.valueOf(jPasswordField.getPassword());

JPasswordField encrypted, but if you use String.valueOf , it converts Char to String.

+3

Richard Flores Dec 22 '14 at 8:56

source share

From http://docs.oracle.com/javase/1.4.2/docs/api/java/lang/String.html#equals%28java.lang.Object%29 :

equally
public boolean equals (Object anObject)
Compares this string to the specified object. The result is true if and only if the argument is not null and is a String object that represents the same sequence of characters as this object.

Your code:

 char[] value2=tb_pwd.getPassword(); ... String pass1=""; ... ...&& value2.equals(pass1)...

It looks like you want to convert the char array to String, and then repeat the conversion. If you still receive an error message, send it along with the appropriate input so that we can see what is received.

0

Grambot Jan 4 '13 at 17:55

source share

You want to convert char[] to String . When you call tb_pwd.getPassword (), char [] (an array of characters) is returned. If you want to compare this password, you must convert it to String, and for this you can use this method:

 String final_pass = ""; for(char x : passwordAsChar[]) { final_pass += x; }

As for comparing passwords in databases, you should never store them in text, unencrypted form. You can save the MD5 string in your database and convert your user-entered password to String, and then include the following method in it. Then compare the returned row with one of the database. If they match, the user entered the correct password.

Example:

 char[] pass = tb_pwd.getPassword(); String final_pass = ""; for (char x : pass) { final_pass += x; } String md5_encrypted_pass_userInput = encrypt(final_pass); if (md5_encrypted_pass.equals(pass1)) { /* pass1 = the password from the database */ // Correct password }

Usage method for encrypting strings for MD5:

 public static final String encrypt(String md5) { try { java.security.MessageDigest md = java.security.MessageDigest.getInstance("MD5"); byte[] array = md.digest(md5.getBytes()); StringBuffer sb = new StringBuffer(); for (int i = 0; i < array.length; ++i) { sb.append(Integer.toHexString((array[i] & 0xFF) | 0x100).substring(1,3)); } return sb.toString(); } catch (java.security.NoSuchAlgorithmException e) {} return null; }

0

MAA Jan 4 '13 at 20:46

source share

Reimeus · Accepted Answer · 2013-01-04T17:55:40+0000

value2 is a char array, so concatenating String will result in a String representation of the array, and not the contents of the String , which ends in SQL. You can replace

 PreparedStatement stmt = con.prepareStatement("SELECT * FROM login where username='"+value1+"' && password='"+value2+"'");

with

 PreparedStatement stmt = con.prepareStatement("SELECT * FROM login where username='"+value1+"' AND password='" + new String(value2) + "'");

Similarly

 if (value1.equals(user1) && value2.equals(pass1)) {

should be

 if (value1.equals(user1) && pass1.equals(new String(value2)) {

It is better to use PreparedStatement placeholders, however, to protect against SQL injection :

 PreparedStatement stmt = con.prepareStatement("SELECT * FROM login where username=? AND password=?); stmt.setString(1, value1); stmt.setString(2, new String(value2));

Note. This is not a safe way to find a password; hashed comparisons will be relatively safe.

Retrieving text from a password field

More articles: