Example #1
0
  @RequestMapping(value = "edit", method = RequestMethod.POST)
  public ModelAndView submitEdit(
      HttpSession session,
      @RequestParam CommonsMultipartFile dp,
      @RequestParam String fullname,
      @RequestParam String description,
      @RequestParam String location,
      @PathVariable("userID") Integer userID)
      throws IOException {
    fullname = xssHandler.makeXSSSafe(fullname);
    description = xssHandler.makeXSSSafe(description);
    location = xssHandler.makeXSSSafe(location);

    String fileNameToLowerCase = dp.getOriginalFilename().toLowerCase();
    String fileExtension =
        fileNameToLowerCase.substring(
            fileNameToLowerCase.indexOf(".") + 1, fileNameToLowerCase.length());
    System.out.println("file extension =" + fileExtension);
    ImageHandler imageHandler = new ImageHandler();
    dao.updateDetails(
        userID,
        fullname,
        description,
        location,
        new BASE64Encoder().encode(imageHandler.resizeImage(dp.getBytes(), fileExtension, 128)));
    return new ModelAndView("redirect:/" + userID);
  }
Example #2
0
  @RequestMapping(value = "tweets/new", method = RequestMethod.POST)
  @ResponseBody
  public String postTweet(HttpSession session, @RequestParam String tweet_text) {

    String tweetText = xssHandler.makeXSSSafe(tweet_text);

    return "{ success : "
        + dao.newTweet((Integer) session.getAttribute("userID"), tweetText)
        + ", tweet_text : \""
        + tweet_text
        + "\", user_id:\""
        + (Integer) session.getAttribute("userID")
        + "\"}";
  }