Problem Logging Data to Access Database
Hello,
First I'd like to start off by saying I'm totally new to JSP so please excuse my beginner errors.
I found some code which allows me to grab the NT username along with Domain and Machine name from the clients machine.
I plan on using this on a corporate Intranet and everyone uses IE so I shouldn't have problems in that regard.
My issue is, I'd like to log this information into a database.
However, when I try inserting this information to the database, I receive the following error
"org.apache.jasper.JasperException: [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression ''S'. "
I think the ''S' is the beginning value of loggedinuser as my name begins with an S .
If I remove userID and '"+ loggedinuser +"' from my SQL statement, everything works without a problem.
Can anyone give me some advise or point out my errors?
Thanks!
<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*" errorPage="" %>
<!DOCTYPE html PUBLIC"-//W3C//DTD XHTML 1.0 Transitional//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<%@ page import="java.util.*" %>
<%@ pageimport ="java.net.*" %>
<%@ page import="com.primus.ie.parser.nodes.*" %>
<%@ page import="com.primus.ie.requestManager.*" %>
<%@ page import="com.primus.ie.requestManager.util.*" %>
<%@ page import="com.primus.ie.requestManager.client.*" %>
<%@ page import="sun.misc.BASE64Encoder" %>
<%@pageimport ="javax.servlet.*"%>
<%@pageimport ="javax.servlet.http.*"%>
<%@pageimport ="java.sql.*"%>
<%
String auth = request.getHeader("Authorization");
if (auth ==null){
response.setStatus(response.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate","NTLM");
return;
}
if (auth.startsWith("NTLM ")){
byte[] msg =
new sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5));
int off = 0, length, offset;
String s;
if (msg[8] == 1){
off = 18;
byte z = 0;
byte[] msg1 =
{(byte)'N', (byte)'T', (byte)'L', (byte)'M', (byte)'S',
(byte)'S', (byte)'P', z,
(byte)2, z, z, z, z, z, z, z,
(byte)40, z, z, z, (byte)1, (byte)130, z, z,
z, (byte)2, (byte)2, (byte)2, z, z, z, z,//
z, z, z, z, z, z, z, z};
//
response.setStatus(response.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate","NTLM "
+new sun.misc.BASE64Encoder().encodeBuffer(msg1).trim());
return;
}
elseif (msg[8] == 3){
off = 30;
length = msg[off+17]*256 + msg[off+16];
offset = msg[off+19]*256 + msg[off+18];
String hostinfo =new String(msg, offset, length).trim();
out.println(hostinfo +" ");
}
else
return;
length = msg[off+1]*256 + msg[off];
offset = msg[off+3]*256 + msg[off+2];
s =new String(msg, offset, length).trim();
String domain = s;
length = msg[off+9]*256 + msg[off+8];
offset = msg[off+11]*256 + msg[off+10];
s =new String(msg, offset, length).trim();
String loggedinuser = s;
out.println("Hello <span style='position:relative; width:190;"
+" height:10;filter:glow(Color=#009966,Strength=1)'>");
out.println(loggedinuser +"</SPAN>");
String hostinfo = request.getRemoteHost();
String sqlquery ="INSERT INTO ips (IPaddr,userID) VALUES ('" + hostinfo +"','"+ loggedinuser +"')";
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
Connection c = DriverManager.getConnection("jdbc:odbc:gadvisor");
Statement stmt = c.createStatement();
stmt.executeUpdate(sqlquery);
stmt.close();
c.close();
out.println (" " + sqlquery +" ");
}
%>
