API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 10th, 2017
66
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.99 KB | None | 0 0
raw download clone embed print report
  1. //Constructor + class wide variables
  2.  
  3. private final DBConnector dbcon;
  4. Password pass = new Password();
  5.  
  6. /**
  7. * established connection to the database when instantiated.
  8. *
  9. * @throws Exception if anything goes wrong - see DBConnector object for
  10. * details.
  11. */
  12. public DataAccessObjectImpl() throws Exception {
  13. this.dbcon = new DBConnector(); //DBConnector is the first pastebin I sent you.
  14. }
  15.  
  16. //Example on a method to retrieve information from the DB
  17. //Just replace user with book or whatever you feel like you need.
  18. //This is SQL injection safe because of prepareStatement
  19.  
  20. public User getUserByUsername(String username) throws SQLException {
  21. User user = null;
  22. PreparedStatement stmt = null;
  23. try {
  24. stmt = dbcon.getConnection().prepareStatement("SELECT * FROM users WHERE uname = ?;");
  25. stmt.setString(1, username);
  26. ResultSet rs = stmt.executeQuery();
  27. if (rs.next()) {
  28. int UID = rs.getInt("uid");
  29. String usernameRetrieved = rs.getString("uname");
  30. String passwordRetrieved = rs.getString("password");
  31. String saltRetrieved = rs.getString("salt");
  32. String emailRetrieved = rs.getString("email");
  33. String userString = rs.getString("userstring");
  34. String carportRetrieved = rs.getString("carport");
  35.  
  36. user = new User(UID, usernameRetrieved, passwordRetrieved, saltRetrieved, emailRetrieved, userString, carportRetrieved);
  37. }
  38. } finally {
  39. try {
  40. if (stmt != null) {
  41. stmt.close();
  42. }
  43. } catch (Exception e) {
  44. e.printStackTrace();
  45. }
  46. }
  47. return user;
  48. }
  49.  
  50. //Insert into the DB
  51. //This is SQL injection safe because of prepareStatement
  52. //the int parameter in the stmt.setString corresponds with the ? in the insert statement.
  53. //Again replace with whatever you feel necesarry
  54.  
  55. public boolean createUser(String username, String password, String email) throws SQLException, UnsupportedEncodingException {
  56. PreparedStatement stmt = null;
  57. try {
  58. String passSalt = pass.getSaltString();
  59. stmt = dbcon.getConnection().prepareStatement("INSERT INTO users VALUES (default, ?, ?, ?, ?, ?, null)");
  60. stmt.setString(1, username);
  61. stmt.setString(2, email);
  62. stmt.setString(3, pass.get_SHA_512_SecurePassword(password, passSalt));
  63. stmt.setString(4, passSalt);
  64. stmt.setString(5, pass.getSaltString());
  65. int i = stmt.executeUpdate();
  66. } finally {
  67. try {
  68. if (stmt != null) {
  69. stmt.close();
  70. return true;
  71. }
  72. } catch (Exception e) {
  73. e.printStackTrace();
  74. }
  75. }
  76. return false;
  77. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!