public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { RespObjectProc responseObject = new RespObjectProc(); JSONObject jsonResponseObj = new JSONObject(); ArrayList<Text> arrOkText = new ArrayList<Text>(); ArrayList<Text> arrErrorText = new ArrayList<Text>(); RespConstants.Status responseStatus = RespConstants.Status.ERROR; try { if (!DataSecurityChecker.isInsecureInputResponse(request)) { UserBean loggedInUserBean = (UserBean) request.getSession().getAttribute(Constants.USER_LOGGED_IN_BEAN); if (loggedInUserBean != null && !Utility.isNullOrEmpty(loggedInUserBean.getUserId())) { String sUploadId = ParseUtil.checkNull(request.getParameter("upload_id")); if (!Utility.isNullOrEmpty(sUploadId)) { AccessUsers accessUser = new AccessUsers(); ParentTypeBean parentTypeBean = accessUser.getParentTypeBeanFromUser(loggedInUserBean); if (parentTypeBean != null && parentTypeBean.isUserAVendor()) { UploadRequestBean uploadRequestBean = new UploadRequestBean(); uploadRequestBean.setUploadId(sUploadId); UploadFile uploadFile = new UploadFile(); UploadResponseBean uploadResponseBean = uploadFile.getUploadFileInfo(uploadRequestBean); if (uploadResponseBean != null) { UploadBean uploadBean = uploadResponseBean.getUploadBean(); SharedFilesRequestBean sharedFilesRequestBean = new SharedFilesRequestBean(); sharedFilesRequestBean.setUploadId(sUploadId); AccessSharedFiles accessSharedFiles = new AccessSharedFiles(); SharedFilesBean sharedFilesBean = accessSharedFiles.getSharedFilesFromUploadId(sharedFilesRequestBean); if (sharedFilesBean != null) { sharedFilesRequestBean.setSharedFileId(sharedFilesBean.getSharedFilesId()); Folder folder = new Folder(); boolean isFileDeleted = folder.deleteS3File(uploadBean.getFilename(), uploadBean.getPath()); BuildSharedFiles buildSharedFiles = new BuildSharedFiles(); buildSharedFiles.deleteSharedFiles(sharedFilesRequestBean); jsonResponseObj.put("is_deleted", true); jsonResponseObj.put("deleted_upload_id", sUploadId); Text okText = new OkText("The file was deleted successfully", "status_mssg"); arrOkText.add(okText); responseStatus = RespConstants.Status.OK; } } else { Text errorText = new ErrorText("The file you are trying to delete does not exist.", "err_mssg"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } } else { Text errorText = new ErrorText( "You are not allowed to perform this action. Please contact your support representative.", "err_mssg"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } } else { Text errorText = new ErrorText( "We were unable to delete the file. Please select a valid file", "err_mssg"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } } else { appLogging.info( "Invalid request in Proc Page (loggedInUserBean)" + ParseUtil.checkNullObject(loggedInUserBean)); Text errorText = new ErrorText( "Oops!! We were unable to process your request at this time. Please try again later.(loadFileGroup - 002)", "err_mssg"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } } else { appLogging.info( "Insecure Parameters used in this Proc Page " + Utility.dumpRequestParameters(request).toString() + " --> " + this.getClass().getName()); Text errorText = new ErrorText( "Please use valid parameters. We have identified insecure parameters in your form.", "account_num"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } } catch (Exception e) { appLogging.info( "An exception occurred in the Proc Page " + ExceptionHandler.getStackTrace(e)); Text errorText = new ErrorText( "Oops!! We were unable to process your request at this time. Please try again later.(loadFileGroup - 001)", "err_mssg"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } responseObject.setErrorMessages(arrErrorText); responseObject.setOkMessages(arrOkText); responseObject.setResponseStatus(responseStatus); responseObject.setJsonResponseObj(jsonResponseObj); response.setContentType("application/json"); response.setCharacterEncoding("UTF-8"); response.getWriter().write(responseObject.getJson().toString()); }
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { RespObjectProc responseObject = new RespObjectProc(); JSONObject jsonResponseObj = new JSONObject(); ArrayList<Text> arrOkText = new ArrayList<Text>(); ArrayList<Text> arrErrorText = new ArrayList<Text>(); RespConstants.Status responseStatus = RespConstants.Status.ERROR; try { if (!DataSecurityChecker.isInsecureInputResponse(request)) { UserBean loggedInUserBean = (UserBean) request.getSession().getAttribute(Constants.USER_LOGGED_IN_BEAN); if (loggedInUserBean != null && !Utility.isNullOrEmpty(loggedInUserBean.getUserId())) { String sUserId = ParseUtil.checkNull(loggedInUserBean.getUserId()); String sEventId = ParseUtil.checkNull(request.getParameter("event_id")); String sPageType = ParseUtil.checkNull(request.getParameter("page_type")); if (!Utility.isNullOrEmpty(sEventId) && !Utility.isNullOrEmpty(sPageType)) { EventWebsiteRequestBean eventWebsiteRequestBean = new EventWebsiteRequestBean(); eventWebsiteRequestBean.setEventId(sEventId); AccessEventWebsite accessEventWebsite = new AccessEventWebsite(); EventWebsiteBean eventWebsiteBean = accessEventWebsite.getEventWebsite(eventWebsiteRequestBean); if (eventWebsiteBean != null && !Utility.isNullOrEmpty(eventWebsiteBean.getEventWebsiteId())) { EventWebsitePageBean eventWebsitePageBeanReg = new EventWebsitePageBean(); eventWebsitePageBeanReg.setEventWebsiteId(eventWebsiteBean.getEventWebsiteId()); eventWebsitePageBeanReg.setWebsiteThemeId(eventWebsiteBean.getWebsiteThemeId()); eventWebsitePageBeanReg.setType(sPageType); AccessEventWebsitePage accessEventWebsitePage = new AccessEventWebsitePage(); EventWebsitePageBean eventWebsitePageBean = accessEventWebsitePage.getEventWebsitePageByType(eventWebsitePageBeanReg); if (eventWebsitePageBean != null && !Utility.isNullOrEmpty(eventWebsitePageBean.getEventWebsitePageId())) { EventWebsitePageFeature eventWebsitePageFeature = new EventWebsitePageFeature(); ArrayList<EventWebsitePageFeatureBean> arrMultipleFeatureBean = eventWebsitePageFeature.getMultipleFeatures( eventWebsitePageBean.getEventWebsitePageId()); JSONObject jsonEventWebsitePageFeatures = new JSONObject(); if (arrMultipleFeatureBean != null && !arrMultipleFeatureBean.isEmpty()) { for (EventWebsitePageFeatureBean eventWebsitePageFeatureBean : arrMultipleFeatureBean) { jsonEventWebsitePageFeatures.put( eventWebsitePageFeatureBean.getFeatureName(), eventWebsitePageFeatureBean.getValue()); } } jsonResponseObj.put("event_website_page_feature", jsonEventWebsitePageFeatures); jsonResponseObj.put("event_website_page", eventWebsitePageBean.toJson()); jsonResponseObj.put("page_type", sPageType); jsonResponseObj.put("image_host", Utility.getImageUploadHost()); jsonResponseObj.put("bucket", Utility.getS3Bucket()); EventRequestBean eventRequestBean = new EventRequestBean(); eventRequestBean.setEventId(sEventId); FeatureBean featureBean = new FeatureBean(); featureBean.setEventId(sEventId); featureBean.setFeatureType(FeatureType.image_location); Feature feature = new Feature(); featureBean = feature.getFeature(featureBean); if (featureBean != null && !Utility.isNullOrEmpty(featureBean.getFeatureId())) { jsonResponseObj.put("image_folder_location", featureBean.getValue()); } Text okText = new OkText("Website Themes loaded", "status_mssg"); arrOkText.add(okText); responseStatus = RespConstants.Status.OK; } else { Text errorText = new ErrorText( "Please select a theme for this website. We were unable to load the colors and fonts.", "err_mssg"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } } else { Text errorText = new ErrorText( "Please select a theme for this website. We were unable to load page information.", "err_mssg"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } } else { Text errorText = new ErrorText( "Oops!! We were unable to process your request at this time. Please try again later.(loadWebPageRecords - 003)", "err_mssg"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } } else { appLogging.info( "Invalid request in Proc Page (loggedInUserBean)" + ParseUtil.checkNullObject(loggedInUserBean)); Text errorText = new ErrorText( "Oops!! We were unable to process your request at this time. Please try again later.(loadWebPageRecords - 002)", "err_mssg"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } } else { appLogging.info( "Insecure Parameters used in this Proc Page " + Utility.dumpRequestParameters(request).toString() + " --> " + this.getClass().getName()); Text errorText = new ErrorText( "Please use valid parameters. We have identified insecure parameters in your form.", "account_num"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } } catch (Exception e) { appLogging.info( "An exception occurred in the Proc Page " + ExceptionHandler.getStackTrace(e)); Text errorText = new ErrorText( "Oops!! We were unable to process your request at this time. Please try again later.(loadWebPageRecords - 001)", "err_mssg"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } responseObject.setErrorMessages(arrErrorText); responseObject.setOkMessages(arrOkText); responseObject.setResponseStatus(responseStatus); responseObject.setJsonResponseObj(jsonResponseObj); response.setContentType("application/json"); response.setCharacterEncoding("UTF-8"); response.getWriter().write(responseObject.getJson().toString()); }
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { RespObjectProc responseObject = new RespObjectProc(); JSONObject jsonResponseObj = new JSONObject(); ArrayList<Text> arrOkText = new ArrayList<Text>(); ArrayList<Text> arrErrorText = new ArrayList<Text>(); RespConstants.Status responseStatus = RespConstants.Status.ERROR; try { if (!DataSecurityChecker.isInsecureInputResponse(request)) { String sEmailAddress = ParseUtil.checkNull(request.getParameter("resetEmail")); String sPassword = ParseUtil.checkNull(request.getParameter("resetPassword")); String sConfirmPassword = ParseUtil.checkNull(request.getParameter("resetConfirmPassword")); String sSecureTokenId = ParseUtil.checkNull(request.getParameter("lotophagi")); Validator instance = ESAPI.validator(); if (Utility.isNullOrEmpty(sSecureTokenId)) { appLogging.info("Invalid Link Used " + ParseUtil.checkNull(sSecureTokenId)); Text errorText = new ErrorText( "An invalid link was used. The link was sent to your email.", "err_mssg"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } else if (!instance.isValidInput("resetEmail", sEmailAddress, "Email", 250, false) || Utility.isNullOrEmpty(sPassword) || Utility.isNullOrEmpty(sConfirmPassword)) { appLogging.info( "Invalid Email Address or password used " + ParseUtil.checkNull(sEmailAddress) + " " + ParseUtil.checkNull(sPassword) + " " + ParseUtil.checkNull(sConfirmPassword)); Text errorText = new ErrorText("Please fill in all required fields ", "err_mssg"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } else if (!sPassword.equalsIgnoreCase(sConfirmPassword)) { appLogging.info( "Password do not match" + ParseUtil.checkNull(sPassword) + " " + ParseUtil.checkNull(sConfirmPassword)); Text errorText = new ErrorText("Passwords do not match", "err_mssg"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } else { UserRequestBean userRequestBean = new UserRequestBean(); userRequestBean.setEmail(sEmailAddress); AccessUsers accessUsers = new AccessUsers(); UserBean userBean = accessUsers.getUserByEmail(userRequestBean); if (userBean != null && !Utility.isNullOrEmpty(userBean.getUserId())) { ForgotPassword forgotPassword = new ForgotPassword(sEmailAddress); ForgotPasswordBean forgotPasswordBean = forgotPassword.getForgotPasswordBean(sSecureTokenId, userBean.getUserId()); if (forgotPasswordBean != null && forgotPasswordBean.isUsable() && (DateSupport.getEpochMillis() - forgotPasswordBean.getCreateDate()) < Constants.HOURS24_IN_MILLISEC) { PasswordRequestBean passwordRequestBean = new PasswordRequestBean(); passwordRequestBean.setPassword(sPassword); passwordRequestBean.setUserId(userBean.getUserId()); passwordRequestBean.setPasswordStatus(Constants.PASSWORD_STATUS.ACTIVE); ManageUserPassword manageUserPassword = new ManageUserPassword(); Integer iNumOfRows = manageUserPassword.updatePassword(passwordRequestBean); if (iNumOfRows > 0) { Text okText = new OkText( "Password was reset. Please login with the new password.", "err_mssg"); arrOkText.add(okText); responseStatus = RespConstants.Status.OK; ForgotPasswordData forgotpasswordData = new ForgotPasswordData(); forgotpasswordData.deactivateForgotPassword( forgotPasswordBean); // deactivating the old request for forgot password } else { appLogging.info( "Password cannot be reset " + ParseUtil.checkNullObject(forgotPasswordBean)); Text errorText = new ErrorText( "Oops! You are trying to use an expired link. Please click \'Forgot Password\' and get a new link", "err_mssg"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } } else { appLogging.info( "Password cannot be reset " + ParseUtil.checkNullObject(forgotPasswordBean)); Text errorText = new ErrorText( "Oops! You are trying to use an expired link. Please click \'Forgot Password\' and get a new link", "err_mssg"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } } } } else { appLogging.info( "Insecure Parameters used in this Proc Page " + Utility.dumpRequestParameters(request).toString() + " --> " + this.getClass().getName()); Text errorText = new ErrorText( "Please use valid parameters. We have identified insecure parameters in your form.", "account_num"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } } catch (Exception e) { appLogging.info( "An exception occurred in the Proc Page " + ExceptionHandler.getStackTrace(e)); Text errorText = new ErrorText( "Oops!! We were unable to process your request at this time. Please try again later.(001)", "err_mssg"); arrErrorText.add(errorText); responseStatus = RespConstants.Status.ERROR; } responseObject.setErrorMessages(arrErrorText); responseObject.setOkMessages(arrOkText); responseObject.setResponseStatus(responseStatus); responseObject.setJsonResponseObj(jsonResponseObj); response.setContentType("application/json"); response.setCharacterEncoding("UTF-8"); response.getWriter().write(responseObject.getJson().toString()); }