Пример #1
0
 public User loadUser(String login, String password) {
   try {
     String sql = "SELECT * FROM Funcionario WHERE login=?";
     PreparedStatement stmt = conn.prepareStatement(sql);
     stmt.setString(1, login);
     ResultSet rs = stmt.executeQuery();
     if (!rs.next() || !rs.getString("senha").equals(Crypto.md5String(password))) {
       return null;
     } else {
       User user = new User(conn);
       user.setNome(rs.getString("nome"));
       user.setLogin(rs.getString("login"));
       user.setLogado(true);
       switch (rs.getInt("permissao")) {
         case 0:
           user.setPapel(Constants.Role.ADMIN);
           break;
         case 1:
           user.setPapel(Constants.Role.SAUDE);
           break;
         case 2:
           user.setPapel(Constants.Role.ATENDENTE);
           break;
       }
       currentUser = user;
       return currentUser;
     }
   } catch (SQLException e) {
     return null;
   }
 }
Пример #2
0
 public boolean saveUser(User user) {
   try {
     // Verifica se o usuário já existe
     String firstSql = "SELECT cpf FROM Funcionario WHERE cpf=?";
     PreparedStatement firstStmt = conn.prepareStatement(firstSql);
     firstStmt.setString(1, user.getCpf());
     ResultSet rs = firstStmt.executeQuery();
     if (rs.next()) {
       String sql =
           "UPDATE Funcionario"
               + " SET nome=?, cpf=?, endereco=?, telefone=?, email=?, login=?, especialidade=?, registro=?, permissao=?"
               + " WHERE cpf=?";
       PreparedStatement stmt = conn.prepareStatement(sql);
       stmt.setString(1, user.getNome());
       stmt.setString(2, user.getCpf());
       stmt.setString(3, user.getEndereco());
       stmt.setString(4, user.getTelefone());
       stmt.setString(5, user.getEmail());
       stmt.setString(6, user.getLogin());
       stmt.setString(7, user.getEspecialidade());
       stmt.setString(8, user.getRegistro());
       stmt.setInt(9, user.getPapel().getRole());
       stmt.setString(10, user.getCpf());
       stmt.executeUpdate();
     } else {
       String sql =
           "INSERT INTO Funcionario (nome, cpf, endereco, telefone, email, login, especialidade, registro, permissao)"
               + " VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)";
       PreparedStatement stmt = conn.prepareStatement(sql);
       stmt.setString(1, user.getNome());
       stmt.setString(2, user.getCpf());
       stmt.setString(3, user.getEndereco());
       stmt.setString(4, user.getTelefone());
       stmt.setString(5, user.getEmail());
       stmt.setString(6, user.getLogin());
       stmt.setString(7, user.getEspecialidade());
       stmt.setString(8, user.getRegistro());
       stmt.setInt(9, user.getPapel().getRole());
       stmt.executeUpdate();
     }
     if (user.getSenha() != null) {
       String pwdSql = "UPDATE Funcionario SET senha=? WHERE cpf=?";
       PreparedStatement pwdStmt = conn.prepareStatement(pwdSql);
       pwdStmt.setString(1, Crypto.md5String(user.getSenha()));
       pwdStmt.setString(2, user.getCpf());
       pwdStmt.executeUpdate();
     }
   } catch (SQLException e) {
     System.out.println("Erro ao gravar usuário no banco de dados. " + e);
     return false;
   }
   return true;
 }