Example #1
0
  void checkIntWithinRange(
      HttpServletRequest request, String paramName, int min, int max, FormResponse response) {
    String rawValue;
    int value;

    //	First, does this parameter exist in the response?

    rawValue = request.getParameter(paramName);

    if (rawValue == null) {
      response.setAcceptance(false);
      response.addParamResult(paramName, "Field is missing from request.");

      return;
    }

    //	Parse the raw value into an integer

    try {

      value = Integer.parseInt(rawValue);
    } catch (Exception ex) {
      response.setAcceptance(false);
      response.addParamResult(paramName, "Value is not an integer");

      return;
    }

    //	Check to see if the integer is within range.

    if (value > max) {
      response.setAcceptance(false);
      response.addParamResult(paramName, "Value cannot be greater than " + max);

      return;
    }

    if (value < min) {
      response.setAcceptance(false);
      response.addParamResult(paramName, "Value cannot be less than " + min);

      return;
    }

    //	All checks have been cleared

    response.addParamResult(paramName, "");
  }
Example #2
0
  /**
   * Just see if a parameter is present or not, and update the response as appropriate.
   *
   * @param request
   * @param paramName
   * @param response
   */
  void checkIsValidString(
      HttpServletRequest request, String paramName, FormResponse response, boolean canBeBlank) {
    String rawValue;

    rawValue = request.getParameter(paramName);

    if (rawValue == null) {
      response.setAcceptance(false);
      response.addParamResult(paramName, "Field is missing from request.");

      return;
    }

    if (rawValue.trim().length() == 0 && !canBeBlank) {
      response.setAcceptance(false);
      response.addParamResult(paramName, "Value cannot be blank.");
    }

    //	Parameter is present; acccept it.

    response.addParamResult(paramName, "");
  }
Example #3
0
  /** @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */
  protected void addObject(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {

    Connection c;
    PreparedStatement st;
    ResultSet set;

    String objName;
    int objTileSrc;
    int objXOff;
    int objYOff;
    int objWidth;
    int objHeight;
    String objDesc;
    int objId;
    int objAuth;
    Gson Gson;
    FormResponse resp;

    resp = null;

    c = null;
    st = null;
    set = null;

    Gson = new Gson();

    try {

      //	Verify we have authorization to do this! TODO: Set a special response code on authorization
      // failure.

      //	Perform a quick, cursory validation

      resp = validateAddForm(request);

      if (!resp.isAccepted()) {
        resp.setResult("FAIL");

      } else {

        //	Apply parameters

        objName = request.getParameter("title");
        objDesc = request.getParameter("desc");
        objTileSrc = Integer.parseInt(request.getParameter("tileset"));
        objXOff = Integer.parseInt(request.getParameter("objXOff"));
        objYOff = Integer.parseInt(request.getParameter("objYOff"));
        objWidth = Integer.parseInt(request.getParameter("objWidth"));
        objHeight = Integer.parseInt(request.getParameter("objHeight"));
        // objAuth 	= (Integer) request.getSession().getAttribute("userid");
        // TODO: Get the public flag

        System.out.println("Object name: '" + objName + "'");

        //	Generate the query

        c = DBResourceManager.getConnection();

        st = c.prepareStatement(OBJTYPE_INSERT, PreparedStatement.RETURN_GENERATED_KEYS);

        st.setString(1, objName);
        st.setInt(2, objTileSrc);
        st.setInt(3, objXOff);
        st.setInt(4, objYOff);
        st.setInt(5, objWidth);
        st.setInt(6, objHeight);
        st.setString(7, objDesc);

        st.execute();

        set = st.getGeneratedKeys();

        //	Grab the generated key

        if (set.next()) {
          objId = set.getInt(1);

          resp.setResult("OK");
          resp.addParamResult("objId", "VALUEUP:" + objId);

          //	Send the OK. Note that Dojo requires us to wrap the response
          //	in an html doc's text area for max. compatibility.

        } else {

          System.out.println("Failure to create object.");

          resp.setResult("FAIL");
        }
      }

      //	Send the resposne object no matter what

      response
          .getWriter()
          .println("<html><body><textarea>" + Gson.toJson(resp) + "</textarea></html></body>");

    } catch (Exception ex) {
      ex.printStackTrace();

      if (resp == null) {
        resp = new FormResponse();
        resp.setAcceptance(false);
      }

      resp.setResult("FAIL");
      resp.addMessage(ex.toString());

      response
          .getWriter()
          .println("<html><body><textarea>" + ex.toString() + "</textarea></html></body>");

    } finally {

      DataTools.safeCleanUp(c, st, set);
    }
  }