java - prb with my json response -
i'm developping web service extract database messages, json response ws take user's password & login, search id , extract user's messages data base:
@get @path("/historiquemethod") @produces("application/json") public msgtabl historique( @queryparam("pseudo") string pseudo, @queryparam("motdepasse") string motdepasse ) { msgtabl tab = new msgtabl(); msgbean ms = new msgbean(); int = 0; int id = 0; // extraire l'id de la personne selon le pseudo & le mot de passe try { resultset rs1 = conn.createstatement().executequery("select id_u utilisateur pseudo='" + pseudo + "'and motdepasse='" + motdepasse + "' "); if (rs1.next()) { id = rs1.getint(1); } } catch (sqlexception ex) { } // extraire les messages et les mettre dans le tableau try { resultset rs2 = conn.createstatement().executequery("select * message iduser='" +id+ "'"); while (rs2.next()) { tab.settest("ok"); string from2 = rs2.getstring("fromm"); string contenu2 = rs2.getstring("contenu"); string dateenvoi2 = rs2.getstring("dateenvoi"); string numexp2 = rs2.getstring("numexp"); ms.setfrommm(from2); ms.setcontenu(contenu2); ms.setdateenvoi(dateenvoi2); ms.setnumexp(numexp2); tab.m[i] = ms; = + 1; } } catch (sqlexception ex) { tab.settest("catch error"); } return tab; } every message "msgbean" contain information ( from, to, content, id, iduser, date...)
and response of ws "msgtabl" object containgin table of msgbean , string,
the problem ws returning last message !! means if user has 3 messages, last message returned 3 times!!
{ "msgtabl": { "m": [ { "contenu": 3333333333, "dateenvoi": 3333333333, "frommm": 333333333, "id": 3, "idu": 1, "numexp": 33333333333 }, { "contenu": 3333333333, "dateenvoi": 3333333333, "frommm": 333333333, "id": 3, "idu": 1, "numexp": 33333333333 }, { "contenu": 3333333333, "dateenvoi": 3333333333, "frommm": 333333333, "id": 3, "idu": 1, "numexp": 33333333333 } ], "test": "ok" } } could tell me please error ??? prb code?? also, know why msgtabl present inside json response?? mean why dont
{ "m": [ { "contenu": 3333333333, "dateenvoi": 3333333333, "frommm": 333333333, "id": 3, "idu": 1, "numexp": 33333333333 }, { "contenu": 3333333333, "dateenvoi": 3333333333, "frommm": 333333333, "id": 3, "idu": 1, "numexp": 33333333333 }, { "contenu": 3333333333, "dateenvoi": 3333333333, "frommm": 333333333, "id": 3, "idu": 1, "numexp": 33333333333 } ], "test": "ok" } directly ?
the problem code creates 1 msgbean ms object, , inserts same on , on array. that's why 3 times same data, you're in fact displaying same object 3 times. need move instantiation of object inside loop, this:
while (rs2.next()) { tab.settest("ok"); string from2 = rs2.getstring("fromm"); string contenu2 = rs2.getstring("contenu"); string dateenvoi2 = rs2.getstring("dateenvoi"); string numexp2 = rs2.getstring("numexp"); // fresh ms per iteration msgbean ms = new msgbean(); ms.setfrommm(from2); ms.setcontenu(contenu2); ms.setdateenvoi(dateenvoi2); ms.setnumexp(numexp2); tab.m[i] = ms; = + 1; } next, looks class msgtabl (class names should start capital, better rename msgtabl) contains array, may preferrable replace array arraylist, when length of list variable.
regarding john gardner's statement sql injections - stringing query string indeed extremely dangerous - see http://bobby-tables.com/ good, understandable explanation of why 1 day will hacked or vandalized if don't address problem. it's quite simple solve using preparedstatement:
preparedstatement statement = conn.preparestatement("select id_u utilisateur pseudo= ? , motdepasse= ?"); statement.setstring(1,pseudo); statement.setstring(2,motdepasse); resultset rs1 = statement.executequery();
Comments
Post a Comment