public void register(String email, String password, String username) throws SQLException {
Statement stmnt = conn.createStatement();
java.util.Date d = new java.util.Date();
Timestamp ts = new Timestamp(d.getTime());
String created_at = ts.toString();
String updated_at = created_at;
String sql =
"INSERT INTO members (email,encrypted_password,username,created_at,updated_at) VALUES('"
+ email
+ "','"
+ BCrypt.hashpw(password, BCrypt.gensalt())
+ "','"
+ username
+ "','"
+ created_at
+ "','"
+ updated_at
+ "')";
stmnt.execute(sql);
}
public boolean attemptLogin(String email, String password) throws SQLException, IOException {
String db_password = null;
int memberId = -1;
String strSQL = "Select id,encrypted_password From members where email='" + email + "' LIMIT 1";
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery(strSQL);
while (rs.next()) {
memberId = rs.getInt(1);
db_password = rs.getString(2);
System.out.println(db_password);
}
stmt.close();
if (db_password == null || password == null) {
return false;
}
if (BCrypt.checkpw(password, db_password)) {
System.out.println("yes?");
return true;
}
return false;
}
