Haiiii
can u please tell me how to encrypt password field in registration form and to compare both password and confirm password fields using jsp???
1)form.jsp:
<html> <body> <form name="userform" method="post" action="encrypt.jsp"> <table> <tr><td>User Name</td><td><input type="text" name="user"></td></tr> <tr><td>Password</td><td><input type="password" name="pass"></td></tr> <tr><td>Confirm Password</td><td><input type="password" name="cpass"></td></tr> <tr><td>Name</td><td><input type="text" name="name"></td></tr> <tr><td>Phone</td><td><input type="text" name="phone"></td></tr> <tr><td>Contact</td><td><input type="text" name="contact"></td></tr> <tr><td><input type="submit" value="Search"></td></tr> </table> </form> </body> </html>
2)encypt.jsp
<%@page import="java.sql.*"%> <%@page import=" java.security.MessageDigest"%> <% String username=request.getParameter("user"); String password=request.getParameter("pass"); String name=request.getParameter("name"); String phone=request.getParameter("phone"); String contact=request.getParameter("contact"); String algorithm=""; int ph=Integer.parseInt(phone); byte[] unencodedPassword = password.getBytes(); MessageDigest md = null; try { md = MessageDigest.getInstance("MD5"); } catch (Exception e) {} md.reset(); md.update(unencodedPassword); byte[] encodedPassword = md.digest(); StringBuffer buf = new StringBuffer(); for (int i = 0; i < encodedPassword.length; i++) { if (((int) encodedPassword[i] & 0xff) < 0x10) { buf.append("0"); } buf.append(Long.toString((int) encodedPassword[i] & 0xff, 16)); } String passw=buf.toString(); String connectionURL = "jdbc:mysql://localhost:3306/test";; Connection con=null; try{ Class.forName("com.mysql.jdbc.Driver"); con = DriverManager.getConnection(connectionURL, "root", "root"); PreparedStatement ps = con.prepareStatement("INSERT INTO register(user,pass,name,phone,contact) VALUES(?,?,?,?,?)"); ps.setString(1,username); ps.setString(2,passw); ps.setString(3,name); ps.setInt(4,ph); ps.setString(5,contact); int i = ps.executeUpdate(); ps.close(); con.close(); } catch(Exception ex){} %>
1)form.jsp:
<html> <body> <form name="userform" method="post" action="encrypt.jsp"> <table> <tr><td>User Name</td><td><input type="text" name="name"></td></tr> <tr><td>Password</td><td><input type="password" name="pass"></td></tr> <tr><td>Address</td><td><input type="text" name="address"></td></tr> <tr><td>Contact No</td><td><input type="text" name="phone"></td></tr> <tr><td><input type="submit" value="Search"></td></tr> </table> </form> </body> </html>
2)encrypt.jsp:
<%@page import="java.sql.*"%> <%@page import=" java.security.*"%> <%@page import="javax.crypto.*"%> <%! private static String algorithm = "DESede"; private static Key key = null; private static Cipher cipher = null; private static byte[] encrypt(String input)throws Exception { cipher.init(Cipher.ENCRYPT_MODE, key); byte[] inputBytes = input.getBytes(); return cipher.doFinal(inputBytes); } %> <%! private static String decrypt(byte[] encryptionBytes)throws Exception { cipher.init(Cipher.DECRYPT_MODE, key); byte[] recoveredBytes = cipher.doFinal(encryptionBytes); String recovered = new String(recoveredBytes); return recovered; } %> <% String name=request.getParameter("name"); String password=request.getParameter("pass"); String address=request.getParameter("address"); String phone=request.getParameter("phone"); int ph=Integer.parseInt(phone); StringBuffer buffer=new StringBuffer(); key = KeyGenerator.getInstance(algorithm).generateKey(); cipher = Cipher.getInstance(algorithm); String input = password; System.out.println("Entered: " + input); byte[] encryptionBytes = encrypt(input); String passw=new String(encryptionBytes); String connectionURL = "jdbc:mysql://localhost:3306/test"; Connection con=null; try{ Class.forName("com.mysql.jdbc.Driver"); con = DriverManager.getConnection(connectionURL, "root", "root"); PreparedStatement ps = con.prepareStatement("INSERT INTO user(name,password,address,telno) VALUES(?,?,?,?)"); ps.setString(1,name); ps.setString(2,passw); ps.setString(3,address); ps.setInt(4,ph); int i = ps.executeUpdate(); ps.close(); } catch(Exception ex){ System.out.println(ex); } try{ Statement st=con.createStatement(); ResultSet rs=st.executeQuery("Select * from user where id='1'"); String str=""; if(rs.next()){ str=rs.getString("password"); } out.println("Your password is: "+decrypt(str.getBytes())); System.out.println("Your password is: "+decrypt(str.getBytes())); } catch(Exception e){} %>
For the above code, we have create a database table:
CREATE TABLE `user` ( `id` bigint(255) NOT NULL auto_increment, `name` varchar(255) default NULL, `password` varchar(255) default NULL, `address` varchar(255) default NULL, `telno` int(255) default NULL, PRIMARY KEY (`id`) );
Ads