@RequestMapping(value = "edit", method = RequestMethod.POST)
public ModelAndView submitEdit(
HttpSession session,
@RequestParam CommonsMultipartFile dp,
@RequestParam String fullname,
@RequestParam String description,
@RequestParam String location,
@PathVariable("userID") Integer userID)
throws IOException {
fullname = xssHandler.makeXSSSafe(fullname);
description = xssHandler.makeXSSSafe(description);
location = xssHandler.makeXSSSafe(location);
String fileNameToLowerCase = dp.getOriginalFilename().toLowerCase();
String fileExtension =
fileNameToLowerCase.substring(
fileNameToLowerCase.indexOf(".") + 1, fileNameToLowerCase.length());
System.out.println("file extension =" + fileExtension);
ImageHandler imageHandler = new ImageHandler();
dao.updateDetails(
userID,
fullname,
description,
location,
new BASE64Encoder().encode(imageHandler.resizeImage(dp.getBytes(), fileExtension, 128)));
return new ModelAndView("redirect:/" + userID);
}
@RequestMapping(value = "tweets/new", method = RequestMethod.POST)
@ResponseBody
public String postTweet(HttpSession session, @RequestParam String tweet_text) {
String tweetText = xssHandler.makeXSSSafe(tweet_text);
return "{ success : "
+ dao.newTweet((Integer) session.getAttribute("userID"), tweetText)
+ ", tweet_text : \""
+ tweet_text
+ "\", user_id:\""
+ (Integer) session.getAttribute("userID")
+ "\"}";
}