This is the code:
<%
try
{
String enteredOtp = request.getParameter("otps");
String actualOtp = (String) session.getAttribute("OTP");
if (enteredOtp.equals(actualOtp))
{
String eemail = (String)session.getAttribute("eemail");
Connection con;
Class.forName("com.mysql.jdbc.Driver");
con = DriverManager.getConnection("jdbc:mysql://localhost:3306/mysql","root","12345");
Statement stm = con.createStatement();
String m = "select * from empinfo where EEMailID='"+eemail+"'";
ResultSet rs = stm.executeQuery(m);
while(rs.next()){
if(eemail.equals(rs.getString("EEMailID"))){
String uid = rs.getString("EUsername"); %>
<a href="ChangePassword.jsp?uid=<%=uid%>">Change Password</a>
<%
}
else{
out.println("Enter Registered Email Id only");
}
}
}
else {
out.println("WRONG OTP ENTERED");
}
}
catch(Exception e){
out.println(e);
}
%>
I don’t know why the else statement’s code(
else{
out.println("Enter Registered Email Id only");
}
) is now not at all printing, even though the ‘IF statement’ is false.
What changes can do in the code to solve this error?
2
Answers
The
else
is entered for every non-matching row. If you want the print statement to be triggered only if there are no matches, you would need to move it outside the loop and introduce some variable to track whether any have been matched. But it doesn’t look like you need a loop at all. Why iterate the entire table just to query it again with the ID you already have? You can simplify the flow to a single query and no loops:P.S. Watch out for SQL injection.
you could just add a break statement inside the if statement and that should help with performance optimization too. to do this, just add a break at the end of your while(rs1.next()) and add an if statement that checks for the end of the list so it knows when it can determine whether the email can be found