Beispiel #1
0
 private void handleLogin(
     HttpServletRequest request, HttpServletResponse response, HttpSession session)
     throws UnsupportedEncodingException, IOException {
   Boolean isAuthorized;
   String username = request.getParameter("login-username");
   String password = request.getParameter("login-password");
   if (Security.isSafeUsername(username) && Security.isSafePassword(password)) {
     session.setAttribute(Attribute.IS_SAFE.toString(), true);
     isAuthorized = DatabaseApi.isAuthorized(username, password);
     session.setAttribute(Attribute.IS_AUTHORIZED.toString(), isAuthorized);
     if (isAuthorized) { // Take the user to the projects page.
       int accountId = DatabaseApi.getAccountId(username);
       session.setAttribute(
           Attribute.USERNAME.toString(), DatabaseApi.getAccountUsername(accountId));
       session.setAttribute(Attribute.PASSWORD.toString(), password);
       session.setAttribute(Attribute.EMAIL.toString(), DatabaseApi.getAccountEmail(accountId));
       session.setAttribute(Attribute.NAME.toString(), DatabaseApi.getAccountName(accountId));
       session.setAttribute(Attribute.IS_FIRST_SIGN_IN.toString(), false);
       session.removeAttribute(
           Attribute.IS_SAFE.toString()); // Cleared so as to not interfere with any other form.
       response.sendRedirect("projects.jsp");
     } else {
       response.sendRedirect("index.jsp"); // Keep the user on the same page.
     }
   } else {
     session.setAttribute(Attribute.IS_SAFE.toString(), false);
     session.setAttribute(Attribute.IS_AUTHORIZED.toString(), false);
     response.sendRedirect("index.jsp");
   }
 }
Beispiel #2
0
  private void handleEditUserNameEmail(
      HttpServletRequest request, HttpServletResponse response, HttpSession session)
      throws UnsupportedEncodingException, IOException {
    String username = (String) session.getAttribute(Attribute.USERNAME.toString());
    String newName = request.getParameter("new-name");
    String newEmail = request.getParameter("new-email");
    if (Security.isSafeName(newName) && Security.isSafeEmail(newEmail)) {
      User updateUser = new User(username, "", newName, newEmail, "", "");
      Boolean editSuccessfully = DatabaseApi.editAccount(updateUser);
      session.setAttribute(Attribute.EDIT_NAME_SUCCESSFULLY.toString(), editSuccessfully);
      session.setAttribute(Attribute.EMAIL.toString(), newEmail);
      session.setAttribute(Attribute.NAME.toString(), newName);

    } else {
      session.setAttribute(Attribute.EDIT_NAME_SUCCESSFULLY.toString(), false);
    }
    response.sendRedirect("account.jsp");
  }