protected void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    /*
     * only admin user can use this servlet
     */
    HttpSession session = request.getSession();
    if (SecurityHelper.isAdminLoggedIn(session) == false) {
      String destination = "/admin/login.jsp";
      request.getRequestDispatcher(destination).forward(request, response);
      return;
    }

    String uname = request.getParameter("uname");
    String newUname = request.getParameter("new_uname");

    boolean isInputValid = true;

    /*
     * check if params are null or empty
     */
    if (uname == null || newUname == null) {
      isInputValid = false;
    }
    if (uname.length() == 0 || newUname.length() == 0) {
      isInputValid = false;
    }

    /*
     * check if params contains dangerous characters
     */
    if (SecurityHelper.isContainDangerousChars(uname) == true
        || SecurityHelper.isContainDangerousChars(newUname) == true) {
      isInputValid = false;
    }

    if (isInputValid == false) {
      String destination = "/admin/invalid_input.jsp";
      request.getRequestDispatcher(destination).forward(request, response);
      return;
    }

    PreparedStatement stat = null;

    try {
      InitialContext context = new InitialContext();
      DataSource source = (DataSource) context.lookup("jdbc/lut2");
      Connection connection = source.getConnection();

      stat = connection.prepareStatement("UPDATE users SET uname=? where uname=?");

      stat.setString(1, newUname);
      stat.setString(2, uname);

      stat.executeUpdate();
    } catch (Exception e) {
      e.printStackTrace();
    }

    request.getRequestDispatcher("/admin/user_management_success.jsp").forward(request, response);
  }
예제 #2
0
 public boolean test1() {
   Connection conn = null;
   try {
     conn = ds.getConnection();
     System.out.println("test-1() : " + ds.getConnection(conn));
   } catch (Exception e) {
     return false;
   } finally {
     try {
       if (conn != null) {
         conn.close();
       }
     } catch (Exception e) {
     }
   }
   return true;
 }