@RequestMapping(value = "edit", method = RequestMethod.POST) public ModelAndView submitEdit( HttpSession session, @RequestParam CommonsMultipartFile dp, @RequestParam String fullname, @RequestParam String description, @RequestParam String location, @PathVariable("userID") Integer userID) throws IOException { fullname = xssHandler.makeXSSSafe(fullname); description = xssHandler.makeXSSSafe(description); location = xssHandler.makeXSSSafe(location); String fileNameToLowerCase = dp.getOriginalFilename().toLowerCase(); String fileExtension = fileNameToLowerCase.substring( fileNameToLowerCase.indexOf(".") + 1, fileNameToLowerCase.length()); System.out.println("file extension =" + fileExtension); ImageHandler imageHandler = new ImageHandler(); dao.updateDetails( userID, fullname, description, location, new BASE64Encoder().encode(imageHandler.resizeImage(dp.getBytes(), fileExtension, 128))); return new ModelAndView("redirect:/" + userID); }
@RequestMapping(value = "tweets/new", method = RequestMethod.POST) @ResponseBody public String postTweet(HttpSession session, @RequestParam String tweet_text) { String tweetText = xssHandler.makeXSSSafe(tweet_text); return "{ success : " + dao.newTweet((Integer) session.getAttribute("userID"), tweetText) + ", tweet_text : \"" + tweet_text + "\", user_id:\"" + (Integer) session.getAttribute("userID") + "\"}"; }