QuestionAsk Questions?
santhi
Haiiii
can u please tell me how to encrypt password field in registration form and to compare both password and confirm password fields using jsp???
View Answers
December 3, 2011 at 3:02 PM
1)form.jsp:
<html> <body> <form name="userform" method="post" action="encrypt.jsp"> <table> <tr><td>User Name</td><td><input type="text" name="user"></td></tr> <tr><td>Password</td><td><input type="password" name="pass"></td></tr> <tr><td>Confirm Password</td><td><input type="password" name="cpass"></td></tr> <tr><td>Name</td><td><input type="text" name="name"></td></tr> <tr><td>Phone</td><td><input type="text" name="phone"></td></tr> <tr><td>Contact</td><td><input type="text" name="contact"></td></tr> <tr><td><input type="submit" value="Search"></td></tr> </table> </form> </body> </html>
2)encypt.jsp
<%@page import="java.sql.*"%>
<%@page import=" java.security.MessageDigest"%>
<%
String username=request.getParameter("user");
String password=request.getParameter("pass");
String name=request.getParameter("name");
String phone=request.getParameter("phone");
String contact=request.getParameter("contact");
String algorithm="";
int ph=Integer.parseInt(phone);
byte[] unencodedPassword = password.getBytes();
MessageDigest md = null;
try {
md = MessageDigest.getInstance("MD5");
} catch (Exception e) {}
md.reset();
md.update(unencodedPassword);
byte[] encodedPassword = md.digest();
StringBuffer buf = new StringBuffer();
for (int i = 0; i < encodedPassword.length; i++) {
if (((int) encodedPassword[i] & 0xff) < 0x10) {
buf.append("0");
}
buf.append(Long.toString((int) encodedPassword[i] & 0xff, 16));
}
String passw=buf.toString();
String connectionURL = "jdbc:mysql://localhost:3306/test";;
Connection con=null;
try{
Class.forName("com.mysql.jdbc.Driver");
con = DriverManager.getConnection(connectionURL, "root", "root");
PreparedStatement ps = con.prepareStatement("INSERT INTO register(user,pass,name,phone,contact) VALUES(?,?,?,?,?)");
ps.setString(1,username);
ps.setString(2,passw);
ps.setString(3,name);
ps.setInt(4,ph);
ps.setString(5,contact);
int i = ps.executeUpdate();
ps.close();
con.close();
}
catch(Exception ex){}
%>
December 3, 2011 at 3:03 PM
1)form.jsp:
<html> <body> <form name="userform" method="post" action="encrypt.jsp"> <table> <tr><td>User Name</td><td><input type="text" name="name"></td></tr> <tr><td>Password</td><td><input type="password" name="pass"></td></tr> <tr><td>Address</td><td><input type="text" name="address"></td></tr> <tr><td>Contact No</td><td><input type="text" name="phone"></td></tr> <tr><td><input type="submit" value="Search"></td></tr> </table> </form> </body> </html>
2)encrypt.jsp:
<%@page import="java.sql.*"%>
<%@page import=" java.security.*"%>
<%@page import="javax.crypto.*"%>
<%!
private static String algorithm = "DESede";
private static Key key = null;
private static Cipher cipher = null;
private static byte[] encrypt(String input)throws Exception {
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] inputBytes = input.getBytes();
return cipher.doFinal(inputBytes);
}
%>
<%!
private static String decrypt(byte[] encryptionBytes)throws Exception {
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] recoveredBytes = cipher.doFinal(encryptionBytes);
String recovered = new String(recoveredBytes);
return recovered;
}
%>
<%
String name=request.getParameter("name");
String password=request.getParameter("pass");
String address=request.getParameter("address");
String phone=request.getParameter("phone");
int ph=Integer.parseInt(phone);
StringBuffer buffer=new StringBuffer();
key = KeyGenerator.getInstance(algorithm).generateKey();
cipher = Cipher.getInstance(algorithm);
String input = password;
System.out.println("Entered: " + input);
byte[] encryptionBytes = encrypt(input);
String passw=new String(encryptionBytes);
String connectionURL = "jdbc:mysql://localhost:3306/test";
Connection con=null;
try{
Class.forName("com.mysql.jdbc.Driver");
con = DriverManager.getConnection(connectionURL, "root", "root");
PreparedStatement ps = con.prepareStatement("INSERT INTO user(name,password,address,telno) VALUES(?,?,?,?)");
ps.setString(1,name);
ps.setString(2,passw);
ps.setString(3,address);
ps.setInt(4,ph);
int i = ps.executeUpdate();
ps.close();
}
catch(Exception ex){
System.out.println(ex);
}
try{
Statement st=con.createStatement();
ResultSet rs=st.executeQuery("Select * from user where id='1'");
String str="";
if(rs.next()){
str=rs.getString("password");
}
out.println("Your password is: "+decrypt(str.getBytes()));
System.out.println("Your password is: "+decrypt(str.getBytes()));
}
catch(Exception e){}
%>
For the above code, we have create a database table:
CREATE TABLE `user` (
`id` bigint(255) NOT NULL auto_increment,
`name` varchar(255) default NULL,
`password` varchar(255) default NULL,
`address` varchar(255) default NULL,
`telno` int(255) default NULL,
PRIMARY KEY (`id`)
);
Related Pages:
If you are facing any programming issue, such as compilation errors or not able to find the code you are looking for.
Ask your questions, our development team will try to give answers to your questions.
Tutorial Topics
