com.fnc.dao.UserDAO.java Source code

Java tutorial

Introduction

Here is the source code for com.fnc.dao.UserDAO.java

Source

/*
 * To change this license header, choose License Headers in Project Properties.
 * To change this template file, choose Tools | Templates
 * and open the template in the editor.
 */
package com.fnc.dao;

import com.fnc.connection.DBConnection;
import com.fnc.connection.DBErrorNotification;
import com.vaadin.server.VaadinSession;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.logging.Level;
import java.util.logging.Logger;

/**
 *
 * @author jetdario
 */
public class UserDAO {

    public static boolean authenticateLogin(String username_, String password_) {
        Connection conn = DBConnection.connectToDB();
        Statement stmt = null;
        ResultSet rs = null;
        boolean result = false;

        try {
            stmt = conn.createStatement();
            rs = stmt.executeQuery("SELECT userRole FROM user_ " + "WHERE username_ = '" + username_ + "' "
                    + "AND password_ = '" + password_ + "' ");
            while (rs.next()) {
                if (rs.getString("userRole") == null) {
                } else {
                    result = true;
                    VaadinSession.getCurrent().setAttribute("username", username_);
                    VaadinSession.getCurrent().setAttribute("userRole", rs.getString("userRole"));
                }
            }
        } catch (SQLException ex) {
            DBErrorNotification.showLoggedErrorOnWindow(ex.toString());
            Logger.getLogger(UserDAO.class.getName()).log(Level.SEVERE, null, ex);
        } finally {
            try {
                stmt.close();
                rs.close();
                conn.close();
            } catch (SQLException ex) {
                DBErrorNotification.showLoggedErrorOnWindow(ex.toString());
                Logger.getLogger(UserDAO.class.getName()).log(Level.SEVERE, null, ex);
            }
        }

        return result;
    }

}