How to change if-else to switch in jsp?

Question

I am new in java there is a piece of code which is written in if-else i want to change this to switch statement but i have no idea to write in switch statement.Here is my code.

<%

    String userid = request.getParameter("username");   
    String pwd = request.getParameter("password");
    Class.forName("com.mysql.jdbc.Driver"); 

 Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/auto_lube","root", "password");

    Statement st = con.createStatement();
    ResultSet rs; `rs = st.executeQuery("select * from users where uname='" + userid + "' and pass='" + pwd + "' and role='users'");`

 if (rs.next()) {


         String username =  rs.getString("uname");
         String email =  rs.getString("email");
       session.setAttribute("customer_name", username); 

int user =  rs.getInt("id");
        session.setAttribute("customer_id", user);
       if(dat.after(date)){ 

MailClient client = new MailClient();
String from="username@gmail.com";
String to = email;
String subject="Please Attention";
String message="Please change your vehicles oil today is expiery date?";  

client.sendMail(from,to,subject,message);}
        //out.println("welcome " + userid);
        //out.println("<a href='logout.jsp'>Log out</a>");
        response.sendRedirect("index.jsp");
    } else {
      response.sendRedirect("invalid.jsp");

    }

`switch` is to avoid the multiple `if-else` blocks why would you want to do that here . as you have a single condition Also remember you need a default condition in switch block — Santhosh, Oct 30 '14 at 09:53
For me it looks like it's not necessary, neither possible to make a switch from this if's — Frozn, Oct 30 '14 at 09:55
In the above if-else statement else statement not work when i enter wrong username and password it cant not redirect to invalid page. — Bala jeet, Oct 30 '14 at 09:56
More broadly: Don't do this inside a JSP. Extract it into testable, manageable code, and either call from the JSP using a taglib or run the code before and inject the results into the JSP. — chrylis -cautiouslyoptimistic-, Oct 30 '14 at 09:57
Kindly tell me what is wrong with else why it not work?thanks — Bala jeet, Oct 30 '14 at 10:00
Another error in your code, use prepared statements, your webapp is vunlerable to SQL injection, all i would have to do to break your webapp would be to send a get request with something like `yourpage.jsp?username=' DROP TABLE users; --`&password=no` and your users table would be deleted. — Zachary Craig, Oct 30 '14 at 14:04

score 0 · Accepted Answer · edited May 23 '17 at 11:49

The real question here is - how can my code divert to the invalid page when the query returns no results.

You should look at this - https://stackoverflow.com/a/6813771/1355930 - which shows a better way of working with result set. Your code should read something like:

if (rs.isBeforefirst()) {
   // do the stuff for logged in user
   response.sendRedirect("index.jsp");
} else {
   response.sendRedirect("invalid.jsp");
}

My guess, though, is that the problem isn't your if statement. Try redirecting to the invalid.jsp in all cases to make sure that you can actually do that redirect.

How to change if-else to switch in jsp?

1 Answers1