0

How can one execute two queries at the same time using mysql and java? I am facing a problem with this login i created.the login works just fine.but when it works in a network if two different uses try to login at the same instance it doesn't work. users can log in individualy.is there a particular method two achieve this?

the code is as follows

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.security.MessageDigest;
import sun.misc.BASE64Encoder;
//import java.sql.ResultSet;
import java.sql.SQLException;

public class userauthentication {

    public static String getuserauthentication(String x,String y){
String column="123",prio_no="0";
//String encrypted=password.encryptSha(x);
try{
DBFacede d=new DBFacede();
 ResultSet r1 = d.fetch("SELECT a.Password FROM login a WHERE a.user_id='"+y+"'");
            r1.last();
            int rows = r1.getRow();
            r1.beforeFirst();

            for(int i=0;i<rows;i++){

                if(r1.next()){
                                  }

            }
column=r1.getString("Password");
 ResultSet r2 = d.fetch("SELECT a.Priority FROM login a WHERE a.user_id='"+y+"'");
            r2.last();
            int rows1 = r2.getRow();
            r2.beforeFirst();

            for(int i=0;i<rows1;i++){

                if(r2.next()){
                                  }

            }
prio_no=r2.getString("Priority");
System.out.println(column+"**********");
      }

     catch (SQLException s){
        System.out.println("SQL statement is not executed!");
      }
           //System.out.println(column);
if(column.equals(x)){
return prio_no;}
else {
return "0";
}
}
Improve this question
7
  • can you please post code of your login stuff. Commented Dec 29, 2010 at 6:41
  • "if two different uses try to login at the same instance it dosnt work." Need to be elaborated, what actually does-not-work? Commented Dec 29, 2010 at 6:45
  • The short answer: Yes. Both the SQL-server and Java supports executing many SQL-statements at the same time. If you rephrase the question or add some source code we may be able to help further. :) Commented Dec 29, 2010 at 6:45
  • ResultSet r1 = d.fetch("SELECT a.Password FROM login a WHERE a.user_id='"+y+"'"); ResultSet r2 = d.fetch("SELECT a.Priority FROM login a WHERE a.user_id='"+y+"'"); these are the 2 queries i use.. it will get the user name which is passed to the method and will get the password related to dat and will check if the password matches with the given password...if yes user can login.. this is the basic idea of how the code works Commented Dec 29, 2010 at 6:55
  • the program runs on tomcat and blazeds is used for reamort objects and the front end is in flex.the code works well as long as two people dont try to login at the same time. once two people try to do so nothing happens.. Commented Dec 29, 2010 at 6:57

1 Answer 1

Reset to default
1

but when it works in a network if two different uses try to login at the same instance it dosnt work

The problem lies somewhere else than in the code posted as far (which is however at its own extremely poor). One possible cause is that you assigned the logged-in user as an application wide (static) variable which is shared among all clients. This way everytime when an user logs in, any previously logged-in user will be overridden with the last logged-in user.

As to your code, there's too much wrong with it that everything needs to be rewritten.

  • It is not directly self-documenting.
  • It is not using the right type for the value.
  • It is unnecessarily firing two queries on the same table instead of one.
  • It is unnecessarily shifting the resultset forth and back.
  • It is prone to SQL injection attacks.
  • It is leaking database resources.
  • It is not handling exceptions on a sensible manner.

Here's a kickoff example of how it should be done:

public int getPriority(String username, String password) throws SQLException {
    Connection connection = null;
    PreparedStatement statement = null;
    ResultSet resultSet = null;
    int priority = 0;

    try {
        connection = database.getConnection();
        statement = connection.prepareStatement("SELECT priority FROM login WHERE username = ? AND password = ?");
        statement.setString(1, username);
        statement.setString(2, password);
        resultSet = statement.executeQuery();
        if (resultSet.next()) {
            priority = resultSet.getInt("priority");
        }
    } finally {
        if (resultSet != null) try { resultSet.close(); } catch (SQLException logOrIgnore) {}
        if (statement != null) try { statement.close(); } catch (SQLException logOrIgnore) {}
        if (connection != null) try { connection.close(); } catch (SQLException logOrIgnore) {}
    }

    return priority;
}

That's it. Here are some tutorials/articles which I strongly recommend you to get yourself through:

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

thank you very much for your advice and ya i am new to coding so my skills are poor.how ever i did change my code after i got the warning about sql injection.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.