예제 #1
0
  /**
   * Ejecuta una sentencia SQL de insercion La sentencia requiere de parametros en tiempo de
   * ejecuci�n.
   *
   * @param consultaSQL Cadena que contiene una sentencia de insercion SQL: INSERT into table values
   *     (valores)
   * @param parametros Un Iterador de Parametros con los parametros de la insercion.
   * @return falso o verdadero si pudo insertar
   */
  protected boolean ejecutarActualizacionSQL(String comandoSQL, Iterator parametros)
      throws Exception {
    boolean ok;
    if (this.conectar()) {
      // La consulta es preparada porque requiere de parametros
      // por ejemplo:
      // delete from producto where precio=?
      // insert into producto values (?,?,?,?,?)
      // los ? indican parametros ordenados por posicion
      PreparedStatement sql = this.conexión.prepareStatement(comandoSQL);

      // System.err.println(comandoSQL+"-->");
      for (int i = 1; parametros.hasNext(); i++) {
        String parametro = parametros.next().toString();
        sql.setString(i, parametro);
        // System.err.println("param["+i+"]="+parametro);
      }

      ok = sql.executeUpdate() != 0;

      // importante cerrar la conexión
      sql.close();
      sql = null;
      this.desconectar();

      return ok;
    } else return false;
  } // Fin ejecutarSQL
예제 #2
0
  /**
   * Ejecuta una sentencia SQL y regresa como resultado un objeto ResultSet. La Consulta requiere de
   * parametros en tiempo de ejecuci�n.
   *
   * @param consultaSQL Cadena que contiene una sentencia de consulta SQL: SELECT listaCampos FROM
   *     listaTablas WHERE listaCondiciones
   * @param parametros Un Iterador de Parametros con los parametros de la consulta.
   * @return Regresa un objeto ResulSet con el resultado de la consulta
   */
  protected ResultSet ejecutarSQL(String consultaSQL, Iterator parametros) throws Exception {
    if (this.conectar()) {
      PreparedStatement sql = this.conexión.prepareStatement(consultaSQL);

      // System.err.println(consultaSQL+"-->");
      for (int i = 1; parametros.hasNext(); i++) {
        String parametro = parametros.next().toString();
        sql.setString(i, parametro);
        // System.err.println("param["+i+"]="+parametro);
      }

      return sql.executeQuery();
    } else return null;
  } // Fin ejecutarSQL
  public void _jspService(HttpServletRequest request, HttpServletResponse response)
      throws java.io.IOException, ServletException {

    PageContext pageContext = null;
    HttpSession session = null;
    ServletContext application = null;
    ServletConfig config = null;
    JspWriter out = null;
    Object page = this;
    JspWriter _jspx_out = null;
    PageContext _jspx_page_context = null;

    try {
      response.setContentType("text/html");
      pageContext = _jspxFactory.getPageContext(this, request, response, null, true, 8192, true);
      _jspx_page_context = pageContext;
      application = pageContext.getServletContext();
      config = pageContext.getServletConfig();
      session = pageContext.getSession();
      out = pageContext.getOut();
      _jspx_out = out;

      out.write("\n");
      out.write("\n");
      out.write("\n");
      out.write("\n");
      out.write("\n");
      out.write("<!--%@ page errorPage=\"/error.jsp\" %-->\n");

      response.setHeader("Pragma", "no-cache"); // HTTP 1.0
      response.setDateHeader("Expires", 0);
      response.setHeader("Cache-Control", "no-cache"); // HTTP 1.1

      String _adminid = "";
      String _adminname = "";
      String _admintype = "";
      String _admingroup = "";
      String _approval = "";
      String _adminclass = "";
      String _adminmail = "";

      try {

        _adminid = (String) session.getAttribute("adminid");

        if (_adminid == null || _adminid.length() == 0 || _adminid.equals("null")) {
          response.sendRedirect("/admin/login_first.html");
          return;
        }

        _adminname = (String) session.getAttribute("adminname");
        _admintype = (String) session.getAttribute("admintype");
        _admingroup = (String) session.getAttribute("admingroup");
        _approval = (String) session.getAttribute("approval");
        _adminclass = (String) session.getAttribute("adminclass");
        _adminmail = (String) session.getAttribute("admin_email");
        // session.setMaxInactiveInterval(60*60);

      } catch (Exception e) {
        response.sendRedirect("/admin/login_first.html");
        return;
      }

      out.write('\n');
      out.write('\n');
      out.write('\n');

      String password = request.getParameter("password");
      String fromURL = request.getParameter("fromURL");
      String oldPassword = "";

      String sql = "";
      int iCnt = 0;
      boolean isSucceeded = false;
      String strMsg = "";
      Connection conn = null;
      MatrixDataSet matrix = null;
      DataProcess dataProcess = null;
      PreparedStatement pstmt = null;

      String targetUrl = "";

      try {

        if (password.equals("1111")) {
          throw new UserDefinedException(
              "The new password is not acceptable. Change your password.");
        }

        Context ic = new InitialContext();
        DataSource ds = (DataSource) ic.lookup("java:comp/env/jdbc/scm");
        conn = ds.getConnection();
        matrix = new dbconn.MatrixDataSet();
        dataProcess = new DataProcess();

        sql =
            " select  password " + " from    admin_01t " + " where   adminid = '" + _adminid + "' ";

        iCnt = dataProcess.RetrieveData(sql, matrix, conn);

        if (iCnt > 0) {
          oldPassword = matrix.getRowData(0).getData(0);
        } else {
          throw new UserDefinedException("Can't find User Information.");
        }

        if (password.equals(oldPassword)) {
          throw new UserDefinedException(
              "The new password is not acceptable. Change your password.");
        }

        // update ó¸®...
        int idx = 0;
        conn.setAutoCommit(false);

        sql =
            " update  admin_01t "
                + " set     password = ?, pw_date = sysdate() "
                + " where   adminid = ? ";

        pstmt = conn.prepareStatement(sql);
        pstmt.setString(++idx, password);
        pstmt.setString(++idx, _adminid);

        iCnt = pstmt.executeUpdate();

        if (iCnt != 1) {
          throw new UserDefinedException("Password update failed.");
        }

        conn.commit();
        isSucceeded = true;

      } catch (UserDefinedException ue) {
        try {
          conn.rollback();
        } catch (Exception ex) {
        }

        strMsg = ue.getMessage();
      } catch (Exception e) {
        try {
          conn.rollback();
        } catch (Exception ex) {
        }

        System.out.println("Exception /admin/resetAdminPasswd : " + e.getMessage());
        throw e;
      } finally {
        if (pstmt != null) {
          try {
            pstmt.close();
          } catch (Exception e) {
          }
        }

        if (conn != null) {
          try {
            conn.setAutoCommit(true);
          } catch (Exception e) {
          }
          conn.close();
        }
      }

      // °á°ú ¸Þ½ÃÁö ó¸®
      if (isSucceeded) {
        // where to go?
        if (fromURL.equals("menu")) {
          targetUrl = "";
        } else {
          targetUrl = "/admin/index2.jsp";
        }
        strMsg = "The data are successfully processed.";
      } else {
        strMsg = "The operation failed.\\n" + strMsg;
        targetUrl = "/admin/resetAdminPasswdForm.jsp";
      }

      out.write("\n");
      out.write("<html>\n");
      out.write("<head>\n");
      out.write("<title></title>\n");
      out.write("<link href=\"/common/css/style.css\" rel=\"stylesheet\" type=\"text/css\">\n");
      out.write("</head>\n");
      out.write("<body leftmargin='0' topmargin='0' marginwidth='0' marginheight='0'>\n");
      out.write("<form name=\"form1\" method=\"post\" action=\"");
      out.print(targetUrl);
      out.write("\">\n");
      out.write("<input type='hidden' name='fromURL' value='");
      out.print(fromURL);
      out.write("'>\n");
      out.write("</form>\n");
      out.write("<script language=\"javascript\">\n");
      if (targetUrl.length() > 0) {
        out.write("\n");
        out.write("  alert('");
        out.print(strMsg);
        out.write("');\n");
        out.write("  document.form1.submit();\n");
      }
      out.write("\n");
      out.write("</script>\n");
      out.write("<table width='840' border='0' cellspacing='0' cellpadding='0'><tr><td>\n");
      out.write("\n");
      out.write("<table width='99%' border='0' cellspacing='0' cellpadding='0'>\n");
      out.write("<tr>\n");
      out.write("  <td height='15' colspan='2'></td>\n");
      out.write("</tr>\n");
      out.write("<tr>\n");
      out.write("  <td width='3%'><img src='/img/title_icon.gif'></td>\n");
      out.write("  <td width='*' class='left_title'>Password Change</td>\n");
      out.write("</tr>\n");
      out.write("<tr>\n");
      out.write("  <td width='100%' height='2' colspan='2'><hr width='100%'></td>\n");
      out.write("</tr>\n");
      out.write("<tr>\n");
      out.write("  <td height='10' colspan='2'></td>\n");
      out.write("</tr>\n");
      out.write("</table>\n");
      out.write("\n");
      out.write("<table width='90%' border='0' cellspacing='0' cellpadding='0' align='center'>\n");
      out.write("<tr>\n");
      out.write("  <td width='100%' align='center'><img border=\"0\" src=\"/img/pass.jpg\">\n");
      out.write("    <br><br>\n");
      out.write("    <b>The Password has been changed successfully.</b></td>\n");
      out.write("</tr>\n");
      out.write("</table>\n");

      out.println(CopyRightLogo());

      out.write("\n");
      out.write("</tr></td></table>\n");
      out.write("</body>\n");
      out.write("</html>");
    } catch (Throwable t) {
      if (!(t instanceof SkipPageException)) {
        out = _jspx_out;
        if (out != null && out.getBufferSize() != 0)
          try {
            out.clearBuffer();
          } catch (java.io.IOException e) {
          }
        if (_jspx_page_context != null) _jspx_page_context.handlePageException(t);
      }
    } finally {
      _jspxFactory.releasePageContext(_jspx_page_context);
    }
  }