public void service(HttpServletRequest request, HttpServletResponse response)
throws ServletException {
try {
ConnectionPool conPool = getConnectionPool();
if (!realAuthentication(request, conPool)) {
String queryString = request.getQueryString();
if (request.getQueryString() == null) {
queryString = "";
}
// if user is not authenticated send to signin
response.sendRedirect(
response.encodeRedirectURL(URLAUTHSIGNIN + "?" + URLBUY + "?" + queryString));
} else {
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Expires", "0");
response.setHeader("Pragma", "no-cache");
response.setContentType("text/html");
String errorMessage = processRequest(request, response, conPool);
if (errorMessage != null) {
request.setAttribute(StringInterface.ERRORPAGEATTR, errorMessage);
RequestDispatcher rd = getServletContext().getRequestDispatcher(PATHUSERERROR);
rd.include(request, response);
}
}
} catch (Exception e) {
throw new ServletException(e);
}
}
public void service(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
try {
Driver driver = new com.mysql.jdbc.Driver();
DriverManager.registerDriver(driver);
Connection connection =
DriverManager.getConnection("jdbc:mysql://127.0.0.1/school", "root", "password");
PreparedStatement preparedStatement =
connection.prepareStatement("update student set name=?, per=? where roll=?");
preparedStatement.setString(1, request.getParameter("name"));
preparedStatement.setFloat(2, Float.parseFloat(request.getParameter("per")));
preparedStatement.setInt(3, Integer.parseInt(request.getParameter("roll")));
preparedStatement.execute();
preparedStatement.close();
connection.close();
} catch (SQLException e) {
e.printStackTrace();
}
RequestDispatcher requestDispatcher = request.getRequestDispatcher("/Display");
requestDispatcher.forward(request, response);
}
public void doGet(HttpServletRequest request, HttpServletResponse response) {
try {
String comment = request.getParameter("comment");
int answerId = Integer.parseInt(request.getParameter("answer_id"));
Connection connection = GlobalResources.getConnection();
Statement s;
s = connection.createStatement();
PreparedStatement preparedStatement;
PreparedStatement preparedStatement1;
preparedStatement =
connection.prepareStatement("insert into comment(comment,answer_id) values(?,?)");
preparedStatement.setString(1, comment);
preparedStatement.setInt(2, answerId);
preparedStatement.executeUpdate();
preparedStatement.close();
connection.close();
RequestDispatcher requestDispatcher;
requestDispatcher = request.getRequestDispatcher("/studenthome.jsp");
requestDispatcher.forward(request, response);
} catch (Exception e) {
}
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
Integer etat = (Integer) request.getSession().getAttribute("etat");
if (etat == null) {
RequestDispatcher dispatcher = request.getRequestDispatcher("/login.jsp");
dispatcher.forward(request, response);
} else {
try {
String titre = request.getParameter("titre");
String dateSortie = request.getParameter("dateSortie");
String nom = request.getParameter("nom");
String role = request.getParameter("role");
// conversion du parametre dateSortie en SQLDate
Date date;
try {
date = new Date(FormatDate.convertirDate(dateSortie).getTime());
} catch (ParseException e) {
throw new Tp6Exception(
"Format de la date " + dateSortie + " incorrect. AAAA-MM-JJ attendue.");
}
// executer la transaction
GestionTp6 tp6Update = (GestionTp6) request.getSession().getAttribute("tp6Update");
synchronized (tp6Update) {
tp6Update.gestionFilm.ajoutActeurFilm(titre, date, nom, role);
}
RequestDispatcher dispatcher = request.getRequestDispatcher("/WEB-INF/menu.jsp");
dispatcher.forward(request, response);
} catch (Tp6Exception e) {
List<String> listeMessageErreur = new LinkedList<String>();
listeMessageErreur.add(e.toString());
request.setAttribute("listeMessageErreur", listeMessageErreur);
RequestDispatcher dispatcher = request.getRequestDispatcher("/WEB-INF/menu.jsp");
dispatcher.forward(request, response);
} catch (Exception e) {
e.printStackTrace();
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.toString());
}
}
}
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html");
HttpSession session = request.getSession(false);
String reseller = null;
if (session != null && session.getAttribute("reseller") != null)
reseller = "%" + session.getAttribute("reseller") + "%";
List<LicenseData> searchResult = null;
if (reseller != null) {
/* session.setAttribute("fieldsearch", true);
session.removeAttribute("datesearch");*/
if (request.getParameter("so") != null && !request.getParameter("so").isEmpty()) {
log.info(
"Search Fields : Sales Order Search "
+ request.getParameter("so")
+ " for reseller "
+ session.getAttribute("reseller"));
searchResult = getSearchByFieldResults(reseller, request.getParameter("so"), "so");
session.setAttribute("so", request.getParameter("so"));
session.removeAttribute("enduser");
session.removeAttribute("ek");
session.setAttribute("label", "Sales Order");
session.setAttribute("value", request.getParameter("so"));
} else if (request.getParameter("enduser") != null
&& !request.getParameter("enduser").isEmpty()) {
log.info(
"Search Fields : End User Search "
+ request.getParameter("enduser")
+ " for reseller "
+ session.getAttribute("reseller"));
searchResult =
getSearchByFieldResults(reseller, request.getParameter("enduser"), "enduser");
session.setAttribute("enduser", request.getParameter("enduser"));
session.removeAttribute("so");
session.removeAttribute("sno");
session.removeAttribute("ek");
session.setAttribute("label", "End User");
session.setAttribute("value", request.getParameter("enduser"));
} else if (request.getParameter("ek") != null && !request.getParameter("ek").isEmpty()) {
log.info(
"Search Fields : Entitlement Key Search "
+ request.getParameter("ek")
+ " for reseller "
+ session.getAttribute("reseller"));
searchResult = getSearchByFieldResults(reseller, request.getParameter("ek"), "ek");
session.setAttribute("ek", request.getParameter("ek"));
session.removeAttribute("so");
session.removeAttribute("sno");
session.removeAttribute("enduser");
session.setAttribute("label", "Entitlement Key");
session.setAttribute("value", request.getParameter("ek"));
} else if (request.getParameter("sno") != null && !request.getParameter("sno").isEmpty()) {
log.info(
"Search Fields : Serial Number Search "
+ request.getParameter("sno")
+ " for reseller "
+ session.getAttribute("reseller"));
searchResult = getSearchByFieldResults(reseller, request.getParameter("sno"), "sno");
session.setAttribute("sno", request.getParameter("sno"));
session.removeAttribute("ek");
session.removeAttribute("so");
session.removeAttribute("enduser");
request.setAttribute("sno", 1);
session.setAttribute("label", "Serial Number");
session.setAttribute("value", request.getParameter("sno"));
} else if (request.getParameter("po") != null && !request.getParameter("po").isEmpty()) {
log.info(
"Search Fields : Purchase Order Search "
+ request.getParameter("po")
+ " for reseller "
+ session.getAttribute("reseller"));
searchResult = getSearchByFieldResults(reseller, request.getParameter("po"), "po");
session.setAttribute("po", request.getParameter("po"));
session.setAttribute("label", "Purchase Order");
session.setAttribute("value", request.getParameter("po"));
} else if (request.getParameter("hm") != null && !request.getParameter("hm").isEmpty()) {
log.info(
"Search Fields : HM ID Search "
+ request.getParameter("hm")
+ " for reseller "
+ session.getAttribute("hm"));
searchResult = getSearchByFieldResults(reseller, request.getParameter("hm"), "hm");
session.setAttribute("hm", request.getParameter("hm"));
session.setAttribute("label", "Hive Manager ID");
session.setAttribute("value", request.getParameter("hm"));
}
session.setAttribute("fieldSearchList", searchResult);
String nextJSP = "/viewFieldSearchResult.jsp";
RequestDispatcher dispatcher = getServletContext().getRequestDispatcher(nextJSP);
dispatcher.forward(request, response);
} else {
log.info("Search Fields : Reseller Blank ");
String nextJSP = "/login.jsp";
RequestDispatcher dispatcher = getServletContext().getRequestDispatcher(nextJSP);
dispatcher.forward(request, response);
}
}
/** @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
// TODO Auto-generated method stub
boolean isSussed = false;
LogClass RegisterBean = new LogClass(); // 创建javabean模型
request.setAttribute("RegisterBean", RegisterBean); // 将会更新id是userBean的bean
String logname = request.getParameter("sign_name").trim();
String logpassword = request.getParameter("sign_password").trim();
String logpassword2 = request.getParameter("sign_confirm_password").trim();
if (logname == null) logname = "";
if (logpassword == null) logpassword = "";
if (!logpassword.equals(logpassword2)) {
RegisterBean.setBackNews("两次密码不同,注册失败啦!要认真填哦!");
RegisterBean.setSucced(false);
isSussed = false;
RequestDispatcher dispatcher = request.getRequestDispatcher("join.jsp");
dispatcher.forward(request, response); // 转发
return;
}
// 注册信息合法检查
if (logname.length() > 0 && logpassword.length() > 5) { // 信息合法
if (!getConnection.getConnection()) { // 连接数据库失败
RegisterBean.setBackNews("数据库连接失败,数据库现在无法服务哦!!");
RequestDispatcher dispatcher = request.getRequestDispatcher("join.jsp");
dispatcher.forward(request, response); // 转发
return;
}
try {
String insertCondition = "INSERT INTO usr VALUES(?,?,?,?);";
getConnection.prepareStatement(insertCondition);
getConnection.getSql().setString(1, handleString(logname));
getConnection.getSql().setString(2, handleString(logpassword));
getConnection.getSql().setString(3, "user_");
getConnection.getSql().setString(4, "true_");
if (getConnection.getSql().executeUpdate() != 0) {
RegisterBean.setBackNews("注册成功,用户名为:" + handleString(logname) + "密码:" + logpassword);
RegisterBean.setSucced(true);
isSussed = true;
RegisterBean.setName(logname);
RegisterBean.setPassword(logpassword);
}
} catch (SQLException e) {
// TODO Auto-generated catch block
// e.printStackTrace();
RegisterBean.setBackNews("用户名已经存在或格式有问题哟,请重新填写信息!");
RegisterBean.setSucced(false);
isSussed = false;
}
} else if (logname.length() <= 0) {
RegisterBean.setBackNews("用户名长度不够,请重新填写哦!");
RegisterBean.setSucced(false);
isSussed = false;
} else if (logpassword.length() < 6) {
RegisterBean.setBackNews("密码长度不够,请重新填写哦!");
RegisterBean.setSucced(false);
isSussed = false;
} else { // 信息不合法
RegisterBean.setBackNews("信息填写不完整或名字中有非法字,请重新填写哦!");
RegisterBean.setSucced(false);
isSussed = false;
}
if (!isSussed) {
RequestDispatcher dispatcher = request.getRequestDispatcher("join.jsp");
dispatcher.forward(request, response); // 转发
} else {
RequestDispatcher dispatcher = request.getRequestDispatcher("hint.jsp");
dispatcher.forward(request, response); // 转发
}
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.setCharacterEncoding("gb2312");
response.setContentType("text/html; charset=gb2312");
out = response.getWriter();
session = request.getSession();
time = new Time();
str = new Str();
db = new Db();
// 取得
try {
id = Integer.parseInt((String) request.getParameter("id"));
} catch (Exception e) {
id = 0;
}
password = request.getParameter("password");
password = str.inStr(password);
sqlsp = "SELECT * FROM password WHERE employeeid=" + id;
sqlse = "SELECT employeeid FROM eminfo WHERE employeeid=" + id;
sqlu =
"UPDATE password SET time='"
+ time.getYMDHMS()
+ "',password='******' WHERE employeeid="
+ id;
sqli =
"INSERT INTO password(employeeid,password,time) VALUES("
+ id
+ ",'"
+ password
+ "','"
+ time.getYMDHMS()
+ "')";
try {
stmt = db.getStmtread();
rs = stmt.executeQuery(sqlsp);
// 不是第一次设置更新数据库
if (rs.next()) {
db.close();
stmt = db.getStmt();
temp = 0;
temp = stmt.executeUpdate(sqlu);
if (temp > 0) {
request.setAttribute("msg", "设置成功");
} else {
request.setAttribute("msg", "设置失败");
}
db.close();
} else {
// 第一次设置
db.close();
temp = 0;
stmt = db.getStmtread();
rs = stmt.executeQuery(sqlse);
if (rs.next()) {
// id存在
rs.close();
stmt.close();
temp = 0;
stmt = db.getStmt();
temp = stmt.executeUpdate(sqli);
if (temp > 0) {
request.setAttribute("msg", "设置成功");
} else {
request.setAttribute("msg", "设置失败");
}
db.close();
} else {
// id不存在
db.close();
request.setAttribute("msg", "员工序号不存在");
}
}
} catch (SQLException e) {
e.printStackTrace();
} finally {
RequestDispatcher dispatcher = request.getRequestDispatcher("set1.jsp");
dispatcher.forward(request, response);
}
}
/** @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
// TODO Auto-generated method stub
response.setContentType("text/html");
Connection conn = null;
System.out.println("Reached here 1");
String driver = "sun.jdbc.odbc.JdbcOdbcDriver";
String user = "";
String userpass = "";
String strQuery = "";
Statement st = null;
ResultSet rs = null;
HttpSession session = request.getSession(true);
try {
Class.forName(driver);
conn = DriverManager.getConnection("jdbc:odbc:test", "", "");
if (request.getParameter("user") != null
&& request.getParameter("user") != ""
&& request.getParameter("userpass") != null
&& request.getParameter("userpass") != "") {
user = request.getParameter("user").toString();
userpass = request.getParameter("userpass").toString();
strQuery = "select * from register ";
st = conn.createStatement();
System.out.println("Reached here 2");
rs = st.executeQuery(strQuery);
System.out.println("Reached here 3");
String cpass = null;
String name = null;
while (rs.next()) {
if (rs.getString(3).equals(user)) {
name = rs.getString(1);
cpass = rs.getString("pass");
break;
}
}
session.setAttribute("sname", name);
System.out.println("Reached Here 4");
StringBuffer q = pack.calc(userpass);
String q1 = q.toString();
System.out.println("Reached Here 5");
if (cpass.equals(q1)) {
RequestDispatcher rd =
this.getServletConfig().getServletContext().getRequestDispatcher("/home.jsp");
rd.forward(request, response);
} else {
RequestDispatcher rd =
this.getServletConfig().getServletContext().getRequestDispatcher("/login5.jsp");
rd.forward(request, response);
}
}
conn.close();
} catch (Exception e) {
e.printStackTrace();
}
}
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
out = response.getWriter();
HttpSession session;
String connectionURL = USERS_INFO;
Connection connection = null;
ResultSet rs;
String email = "";
String userName = "";
String passwrd = "";
String remoteAddr = "";
response.setContentType("text/html");
int error = 0;
try {
// Load the database driver
Class.forName("com.mysql.jdbc.Driver");
// Get a Connection to the database
connection = DriverManager.getConnection(connectionURL, USERNAME, PASSWORD);
// Add the data into the database
String sql = "SELECT username, email FROM users";
Statement s = connection.createStatement();
s.executeQuery(sql);
rs = s.getResultSet();
while (rs.next()) {
email = rs.getString("email");
userName = rs.getString("username");
if (email.equals(request.getParameter("email"))) {
String message = "Email" + email + "already exists";
request.setAttribute("RegisterMessage", message);
RequestDispatcher view = request.getRequestDispatcher("signup.jsp");
view.forward(request, response);
error = 1;
}
if (userName.equals(request.getParameter("user"))) {
String message = "Username '" + userName + "' already exists";
request.setAttribute("RegisterMessage", message);
RequestDispatcher view = request.getRequestDispatcher("signup.jsp");
view.forward(request, response);
error = 1;
}
if (error == 1) {
break;
}
}
passwrd = request.getParameter("pass");
if (!passwrd.equalsIgnoreCase(request.getParameter("pass2"))) {
String message = "Passwords don't match";
request.setAttribute("RegisterMessage", message);
RequestDispatcher view = request.getRequestDispatcher("signup.jsp");
view.forward(request, response);
error = 1;
}
remoteAddr = request.getRemoteAddr();
// ReCaptchaImpl reCaptcha = new ReCaptchaImpl();
// reCaptcha.setPrivateKey("6LezstoSAAAAAEE9lfB6TR2kEX81_peDt4n03K4l");
// String challenge = request.getParameter("recaptcha_challenge_field");
// String uresponse = request.getParameter("recaptcha_response_field");
// ReCaptchaResponse reCaptchaResponse = reCaptcha.checkAnswer(remoteAddr, challenge,
// uresponse);
/*if (!reCaptchaResponse.isValid()) {
print_wrong_once(error);
out.print("<h2 align=\"center\">Validation code is wrong.</h2>");
error = 1;
}*/
if (error == 1) {
rs.close();
s.close();
return;
} else {
sql =
"INSERT INTO users_info.users (`username`, `password`, `email`) VALUES ('"
+ request.getParameter("user")
+ "', '"
+ request.getParameter("pass")
+ "', '"
+ request.getParameter("email")
+ "')";
s.executeUpdate(sql);
File dir = new File(mainPath + "/" + request.getParameter("user"));
dir.mkdir();
session = request.getSession(true);
session.setAttribute("username", request.getParameter("user"));
response.sendRedirect(response.encodeRedirectURL("XmlParser"));
}
rs.close();
s.close();
connection.close();
} catch (Exception e) {
System.out.println("Unexpected error: " + e);
}
}
private String processRequest(
HttpServletRequest request, HttpServletResponse response, ConnectionPool conPool)
throws Exception {
// getting id parameters
ParameterParser parameter = new ParameterParser(request);
String bookID = parameter.getString(bookInterface.FIELD_ID, null);
String sellerID = parameter.getString(bookInterface.FIELD_SELLERID, null);
String message = parameter.getString(FIELD_MESSAGE, null);
int codeID = parameter.getInt(bookInterface.FIELD_HIDDENID, 0);
// get buyer's user object
User user = (User) request.getSession().getAttribute(StringInterface.USERATTR);
// security feauture:
// if one of ids is missing or incorrect return false
if (bookID == null
|| sellerID == null
|| codeID == 0
|| bookID.length() != booksTable.ID_LENGTH
|| sellerID.length() != usersTable.ID_LENGTH
|| codeID != Math.abs(bookID.hashCode())) {
return "We were unable to find the book you specified! Please make sure that the book id is correct.";
}
if (user.getID().equals(sellerID)) {
return "You may not purchase an item from yourself!";
}
// get connection
Connection con = conPool.getConnection();
try {
booksTable book = generalUtils.getBook(bookID, con);
/*security feauture:
*check seller id == passed hidden id
*book != null
*/
if (book == null || !book.getSellerID().equals(sellerID)) {
return "We were unable to find the book you specified! Please make sure that the book id is correct.";
}
usersTable sellerInfo = userUtils.getUserInfo(sellerID, con);
usersTable buyerInfo = userUtils.getUserInfo(user.getID(), con);
collegeTable college = getCollege(book.getCollegeID() + "", con);
// if still here continue
if (message == null) {
request.setAttribute(ATTR_BOOK, book);
request.setAttribute(ATTR_SELLER, sellerInfo);
request.setAttribute(ATTR_BUYER, buyerInfo);
request.setAttribute(ATTR_COLLEGE, college.getFull());
RequestDispatcher rd = getServletContext().getRequestDispatcher(PATH_BUY_CONFIRM);
rd.include(request, response);
return null;
} else if (buy(book, user, con)) {
// sending email to buyer
request.setAttribute(mailInterface.USERATTR, buyerInfo.getUsername());
request.setAttribute(mailInterface.EMAILATTR, buyerInfo.getEmail());
request.setAttribute(mailInterface.BOOKATTR, book);
request.setAttribute("book_id", bookID);
request.setAttribute("seller_id", sellerID);
RequestDispatcher rd = getServletContext().getRequestDispatcher(PATHBIDCONFIRMATION);
rd.include(request, response);
// sending email to seller
request.setAttribute(ATTR_COLLEGE, college.getFull());
request.setAttribute(mailInterface.USERATTR, sellerInfo.getUsername());
request.setAttribute(mailInterface.EMAILATTR, sellerInfo.getEmail());
request.setAttribute(mailInterface.MESSAGEATTR, message);
request.setAttribute(mailInterface.BOOKATTR, book);
request.setAttribute(mailInterface.MOREATTR, buyerInfo);
request.setAttribute("book_id", bookID);
request.setAttribute("buyer_id", user.getID());
rd = getServletContext().getRequestDispatcher(PATHBOOKUPDATE);
rd.include(request, response);
// showing success message
rd = getServletContext().getRequestDispatcher(PATH_BUY_SUCCESS);
rd.include(request, response);
return null;
} else {
throw new Exception("failed to process with buy");
}
} catch (Exception e) {
throw e;
} finally {
// recycle
conPool.free(con);
con = null;
}
}