Error in either if statement or in query

Question

All I want to know is weather my problem resides in my "if" statement or in my query... If you want to be generous and help me further than that it would be appreciated but as a beginner I feel its good for me to trouble shoot for myself.

My problem is that no matter what value I put into the editText box the result is returning true(taking me to the next screen of my app). Unless I leave it blank which it is then doing what it is supposed to which is showing a text saying "You did not enter a password" Can someone please tell me where my problem lies?

public void buttonWork() {
        button_credCheck.setOnClickListener(new View.OnClickListener() {

        @Override
       public void onClick(View v) {
        Integer rpq = regPwdQuery();
            String isEnteredStr = editText_pwdInput.getText().toString();
            if (TextUtils.isEmpty(isEnteredStr)) {
                Toast.makeText(LogInActivity.this, "You did not enter a password!", Toast.LENGTH_LONG).show();
            }
            else if
                (rpq.equals(1)) {
                Intent myIntent = new Intent(LogInActivity.this, FindInfoActivity.class);
                startActivity(myIntent);
            }
            else {
                Toast.makeText(LogInActivity.this, "Incorrect Password", Toast.LENGTH_LONG).show();
            }
        }
    });
}

public Integer regPwdQuery() {
    int count = 0;
    String regPwdData = editText_pwdInput.getText.toString();
    String regQuery = "SELECT COUNT(*) AS COUNT FROM UsrPass_table WHERE Pwrd ='" + regPwdData + "'";
    SQLiteDatabase uDB = usrDB.getReadableDatabase();
    Cursor cursor = uDB.rawQuery(regQuery, null);
    while (cursor.moveToNext()){
       count = cursor.getCount();
    }
    cursor.close();
    return count;
}

EDIT: I have tried changing my else if to: rpq.equals(2) since I was told that getCount will always return 1. This caused the all passwords (even correct ones, verified to exist in DB) to be blocked saying incorrect password.. so if I leave my if statement to check for a 1 then it doesn't block incorrect passwords and if I set my if statement to check for 2 then it blocks everything.. my assumption is that the error is in my query somewhere... maybe I need a way to add 1 to "cnt" if the query returns true... I tried adding a cnt++ in a few different places of my regPwdQuery but no luck.. can anyone help me?

it is a problem of order. you call `regPwdQuery` way before your user actually inputs anything (it is called as soon as you create the listener). Move that in the onClick — njzk2, Aug 25 '15 at 20:00
I just tried this and Its still allowing Incorrect passwords — thatdude1087, Aug 25 '15 at 20:06
@Blackbelt String regPwdData = editText_pwdInput.toString(); He updates value to check against db here in this statement right. — Ramesh, Aug 25 '15 at 20:16
@Blackbelt so you're saying String regPwdData = editText_pwdInput.toString(); doesn't change the value? — thatdude1087, Aug 25 '15 at 20:17
I didn't noticed that, *sorry*. Still `editText_pwdInput.toString();` is wrong. It should be `editText_pwdInput.getText().toString();` — Blackbelt, Aug 25 '15 at 20:18
On a sidenote, i dont think you need to get writableDatabase. you can query readableDatabase as you are not performing any writes. — Ramesh, Aug 25 '15 at 20:24
I've tried all your guys responses both separate and in all combinations... still the same results.. thanks for trying :/ — thatdude1087, Aug 25 '15 at 20:43
BTW: even if it works correctly, entering the password `' OR ''='` will always find one record. You should use [parameters](http://stackoverflow.com/questions/1296180/android-quotes-within-an-sql-query-string). — CL., Aug 26 '15 at 07:15
Put a toast inside `regPwdQuery()` to check that it runs at the correct time. — CL., Aug 26 '15 at 07:16
Your cursor always has exactly one row and `getCount()` returns 1. — laalto, Aug 26 '15 at 18:42
@laalto so it will return 1 even though nothing matches the query? — thatdude1087, Aug 26 '15 at 20:48
@thatdude1087 Exactly. Look for a column value using e.g. `getInteger()`, not row count. — laalto, Aug 27 '15 at 04:54
@thatdude1087 i have edited my answer. can you please try and see if the last line works for you — Ramesh, Sep 01 '15 at 10:51
@Ramesh now I'm getting this error in my logcat: Caused by: android.database.CursorIndexOutOfBoundsException: Index 1 requested, with a size of 1 — thatdude1087, Sep 02 '15 at 16:25

Ramesh · Accepted Answer · 2015-09-01T10:31:07.857

you are trying to check the password with database while setting on click listener not inside the onclick function!! Move

String rpq = regPwdQuery().toString();

inside onclick function.

and as pointed out by @Blackbelt, inside regPwdQuery() get text from edittext using

editText_pwdInput.getText().toString().

Side Note:

get readableDatabase whenever you are not writing anything to database.

Isn't better to directly compare integers. I dont see why it needs to be converted to strings to be compared. you can

replace

rpq.equals("1")

with

if (regPwdQuery() == 1)

Db is not closed. check if it is intended.

Get rid of AS COUNT in your query since you are not doing any group by query.

Wrong assumption taht getCount returns 1 by default. It gives 0 in case no records are matching. Since you are consistently getting 1 as result, no matter what, you always have one record matching.

this one record is the one which consists of count as its value. so you need to query it to get count. (In case your count is 0 also you have one cursor record to give the result as 0)

finally please try following code. Instead of

count = cursor.getCount();

Can you try with this ?

count= cursor.getInt(0);

I just tried this and Its still allowing Incorrect passwords — thatdude1087, Aug 25 '15 at 20:06
changing it to getInt throws an index out of bounds exception: — thatdude1087, Sep 02 '15 at 16:23
nevermind this works... i somehow managed to slip an extra semicolon in my while — thatdude1087, Sep 02 '15 at 17:12

score 1 · Answer 2 · answered Aug 25 '15 at 20:07

1

is it because in onClick you are checking the value of rpq rather than isEnteredStr? (You are checking isEnteredStr to see if it contains anything, but not when you are checking for the value)

answered Aug 25 '15 at 20:07

FredK

4,094
1
9
11

isEnteredStr doesn't query the db for the value put into the db... rpq does.. I'm just not understanding why it's finding values that don't exist – thatdude1087 Aug 25 '15 at 20:20

score 0 · Answer 3 · answered Aug 25 '15 at 20:15

0

Call regPwdQuery method in onClikc method after checking if entered string is not empty, implement if else logic there to handle successful or failure in authentication there.

answered Aug 25 '15 at 20:15

Shahid Farooq

104
2
10

score -3 · Answer 4 · answered Aug 25 '15 at 20:02

-3

Strange that you're converting from an Integer to a String and then checking if it is equal to "1". It would be easier if you just kept is as an integer. But as it is, try this:

else if (riq.equalsIgnoreCase("1")) {
    //your code here
}

answered Aug 25 '15 at 20:02

Chris

1,180
1
9
17

1

How is that going to help? – khelwood Aug 25 '15 at 20:03
Because if you call "equals" on a String it will look to see if the object is the same one in memory. To compare two string values, you should be using equalsIgnoreCase. – Chris Aug 25 '15 at 20:12
1

None of what you just said is correct. `equals` and `equalsIgnoreCase` both compare the content of the string, but `equalsIgnoreCase` is case insensitive. In this case, using `equalsIgnoreCase` instead of `equals` makes no difference. – khelwood Aug 25 '15 at 20:18

Error in either if statement or in query

4 Answers4

Linked