So I making this login form where the credentials (username and password) are stored in MYSQL. I want the username and password to be case sentive.
AuthDAO.java
public static int checkUserPass(String username, String password){
int userId = -1;
try{
Class.forName("com.mysql.jdbc.Driver");
cn = DriverManager.getConnection("jdbc:mysql://localhost/b440", "root", "b440");
String q="SELECT userId FROM user WHERE username='"+username+"' AND password='"+password+"'";
Statement st = cn.createStatement();
ResultSet rs = st.executeQuery(q);
while(rs.next()){
userId=Integer.parseInt(rs.getString("userId"));
}
rs.close();
st.close();
}catch(Exception e){
System.err.println(e.getMessage());
e.printStackTrace();
}
DB_close();
if(userId!=-1)
return userId;
return -1;
}
LoginServlet.java
else{
int ID = checkUserPass(username, password, role);
if(ID!=-1 ){ //User Is Legit!!
loggedIn = "true";
HttpSession se = request.getSession();
se.setAttribute("user", getUserById(ID));
se.setAttribute("loggedIn", loggedIn);
url = "/index.jsp";
msg = "Login Successful!";
request.setAttribute("loggedIn", loggedIn);
request.setAttribute("msg", msg);
}
else{
msg = "Invalid Login, please check username or password";
url = "/login.jsp";
loggedIn = "false";
request.setAttribute("loggedIn", loggedIn);
request.setAttribute("msg", msg);
}
By default mysql queries are case-insensitive.
though you can use BINARY like this -
SELECT userId FROM user WHERE BINARY username='"+username+"' AND BINARY password='"+password+"'
Or there are some other ways -
http://dev.mysql.com/doc/refman/5.0/en/case-sensitivity.html