Click here to Skip to main content
15,879,490 members
Search within:


Blank page is coming as output
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Java
SQL
HTML
servlet
Quote:
i'm trying to insert employee details in sql database but when i run the program it is showing the registration page after entering details output is not showing as blank page


What I have tried:

web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
    <servlet>
        <servlet-name>CreateServlet</servlet-name>
        <servlet-class>com.sai.CreateServlet</servlet-class>
    </servlet>
    <servlet-mapping>
        <servlet-name>CreateServlet</servlet-name>
        <url-pattern>/CreateServlet</url-pattern>
    </servlet-mapping>
    <session-config>
        <session-timeout>
            30
        </session-timeout>
    </session-config>
</web-app>


public class CreateServlet extends HttpServlet 
{

    
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException 
    {
        response.setContentType("text/html;charset=UTF-8");
        PrintWriter out = response.getWriter(); 
        Connection con=null;
        Statement st=null;
       try
       {
        Class.forName("com.mysql.jdbc.Driver");
        DriverManager.getConnection("jdbc:mysql://localhost:3306/dbemployee","root","");
        con.createStatement();
        String id=request.getParameter("UserName");
        String pwd=request.getParameter("Password");
        String eAdd=request.getParameter("EmpAddress");
        String gender=request.getParameter("MaleorFemale");
        String email=request.getParameter("Email");
        String lang=request.getParameter("languages");
        String nation=request.getParameter("Nationality");
        String date=request.getParameter("RegDate");
        
        String sql="insert into Employee Values ('"+id+"' '"+pwd+"' '"+eAdd+"' '"+gender+"'  '"+email+"'  '"+lang+"'  '"+nation+"' '"+date+"')";
        st.executeUpdate(sql);
        if(id !=null | pwd != null | eAdd!=null | gender !=null |email !=null | lang !=null | nation!=null | date !=null)
        {
            RequestDispatcher rd = request.getRequestDispatcher("/success.html");
            rd.forward(request, response);
        }
        else
        {
            out.println("<font color=red>Please fill all the fields</font>");
            RequestDispatcher rd = request.getRequestDispatcher("/index.html");
            rd.forward(request, response);

        }
        
       }catch(ClassNotFoundException | SQLException  | NullPointerException e)
       {
           e.printStackTrace();
       }
       finally
		{
			try
			{
				if(st!=null) st.close();
				if(con!=null)con.close();
			}
			catch(Exception e)
			{
				e.printStackTrace();
			}
		}
    }

    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /**
     * Handles the HTTP <code>GET</code> method.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /**
     * Handles the HTTP <code>POST</code> method.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /**
     * Returns a short description of the servlet.
     *
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>

}
Posted
Updated 23-Aug-18 21:31pm
Add a Solution

1 solution

Never insert data before checking if all fields are ok.
Java
String sql="insert into Employee Values ('"+id+"' '"+pwd+"' '"+eAdd+"' '"+gender+"'  '"+email+"'  '"+lang+"'  '"+nation+"' '"+date+"')";
st.executeUpdate(sql); // this line
if(id !=null | pwd != null | eAdd!=null | gender !=null |email !=null | lang !=null | nation!=null | date !=null)
{
    // should go here
    RequestDispatcher rd = request.getRequestDispatcher("/success.html");
    rd.forward(request, response);
}
else
{
    out.println("<font color=red>Please fill all the fields</font>");
    RequestDispatcher rd = request.getRequestDispatcher("/index.html");
    rd.forward(request, response);

}


Java
String sql="insert into Employee Values ('"+id+"' '"+pwd+"' '"+eAdd+"' '"+gender+"'  '"+email+"'  '"+lang+"'  '"+nation+"' '"+date+"')";

Not a solution to your question, but another problem you have.
Never build an SQL query by concatenating strings. Sooner or later, you will do it with user inputs, and this opens door to a vulnerability named "SQL injection", it is dangerous for your database and error prone.
A single quote in a name and your program crash. If a user input a name like "Brian O'Conner" can crash your app, it is an SQL injection vulnerability, and the crash is the least of the problems, a malicious user input and it is promoted to SQL commands with all credentials.
SQL injection - Wikipedia[^]
SQL Injection[^]
SQL Injection Attacks by Example[^]
PHP: SQL Injection - Manual[^]
SQL Injection Prevention Cheat Sheet - OWASP[^]
How can I explain SQL injection without technical jargon? - Information Security Stack Exchange[^]
 
Share this answer
 
Posted
Updated 23-Aug-18 21:36pm
v2
Comments
Member 13681858 24-Aug-18 5:57am    
@ppolymorphe i removed single quotes and as per u changed the insert statement n tried.
But same blankpage is coming
Patrice T 24-Aug-18 6:23am    
The single quotes are not the problem, read links from solution.
Member 13681858 24-Aug-18 8:18am    
is there any way to get the output
Patrice T 24-Aug-18 9:19am    
I don't know.
My solution say that your SQL command is dangerous and that it is executed in wrong place.
Member 13681858 24-Aug-18 9:22am    
ok thank you
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
I m not able to find error.output comes as blank page in report.rdlc.
How to eliminate blank page in print page
output not come properly
Hook probelm output screen showing blank no out put
My Webbrowser Newwindow Come blank
Why output coming in infinite
Why my output is not coming as predicted
Crystal Report for VS2010 not showing in deployment. Blank page is coming
Crystal report showing blank page
First page of Crystal report in blank

Advertise
Privacy
Cookies
Terms of Use
Last Updated 24 Aug 2018
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web04 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900