protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
/*
* only admin user can use this servlet
*/
HttpSession session = request.getSession();
if (SecurityHelper.isAdminLoggedIn(session) == false) {
String destination = "/admin/login.jsp";
request.getRequestDispatcher(destination).forward(request, response);
return;
}
String uname = request.getParameter("uname");
String newUname = request.getParameter("new_uname");
boolean isInputValid = true;
/*
* check if params are null or empty
*/
if (uname == null || newUname == null) {
isInputValid = false;
}
if (uname.length() == 0 || newUname.length() == 0) {
isInputValid = false;
}
/*
* check if params contains dangerous characters
*/
if (SecurityHelper.isContainDangerousChars(uname) == true
|| SecurityHelper.isContainDangerousChars(newUname) == true) {
isInputValid = false;
}
if (isInputValid == false) {
String destination = "/admin/invalid_input.jsp";
request.getRequestDispatcher(destination).forward(request, response);
return;
}
PreparedStatement stat = null;
try {
InitialContext context = new InitialContext();
DataSource source = (DataSource) context.lookup("jdbc/lut2");
Connection connection = source.getConnection();
stat = connection.prepareStatement("UPDATE users SET uname=? where uname=?");
stat.setString(1, newUname);
stat.setString(2, uname);
stat.executeUpdate();
} catch (Exception e) {
e.printStackTrace();
}
request.getRequestDispatcher("/admin/user_management_success.jsp").forward(request, response);
}
public boolean test1() {
Connection conn = null;
try {
conn = ds.getConnection();
System.out.println("test-1() : " + ds.getConnection(conn));
} catch (Exception e) {
return false;
} finally {
try {
if (conn != null) {
conn.close();
}
} catch (Exception e) {
}
}
return true;
}
