Пример #1
0
  public String checkValidLogin(String myUserName, String myPW) {

    try {
      Class.forName(javaSQLDriverPath);
      Connection conn =
          (Connection) DriverManager.getConnection(ConnectionPath, ConnectionUser, ConnectionPW);
      Statement st = conn.createStatement();
      String query = "Select * from User";

      ResultSet rs = st.executeQuery(query);
      while (rs.next()) {
        // return rs.getString("Username");
        if (myUserName.equals(rs.getString("Username"))) {
          if (myPW.equals(rs.getString("Password"))) {
            setUserVariables(myUserName);
            return "success";
          } else {
            return "wrongPassword";
          }
        }
      }

      rs.close();
      st.close();
      conn.close();

      return "userNotFound";
    } catch (Exception e) {

      return e.getMessage();
    }
  }
Пример #2
0
 protected collegeTable getCollege(String id, Connection con) throws SQLException {
   try {
     ResultSet rs = null;
     Statement statement = con.createStatement();
     rs =
         statement.executeQuery(
             "SELECT * FROM "
                 + TABLECOLLEGES
                 + " WHERE "
                 + collegeTable.ID
                 + " = "
                 + id
                 + " LIMIT 1");
     // if found
     if (rs.next()) {
       collegeTable table = new collegeTable();
       table.setID(id);
       table.setShort(rs.getString(collegeTable.SHORTNAME));
       table.setFull(rs.getString(collegeTable.FULLNAME));
       return table;
     } else {
       return null; // not found
     }
   } catch (Exception e) {
     log.writeException(e.getMessage());
     throw new SQLException(e.getMessage());
   }
 } // end getCollege
Пример #3
0
  /**
   * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
   *
   * @param request servlet request
   * @param response servlet response
   * @throws ServletException if a servlet-specific error occurs
   * @throws IOException if an I/O error occurs
   */
  protected void processRequest(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    response.setContentType("text/html;charset=UTF-8");
    PrintWriter out = response.getWriter();
    String username = request.getParameter("username");
    String password = request.getParameter("password");
    Statement stmt;
    ResultSet rs;
    Connection con = null;

    try {
      Class.forName("com.mysql.jdbc.Driver");
      String connectionUrl = "jdbc:mysql://localhost/myflickr?" + "user=root&password=123456";
      con = DriverManager.getConnection(connectionUrl);

      if (con != null) {
        System.out.println("connected to mysql");
      }
    } catch (SQLException e) {
      System.out.println("SQL Exception: " + e.toString());
    } catch (ClassNotFoundException cE) {
      System.out.println("Class Not Found Exception: " + cE.toString());
    }

    try {
      stmt = con.createStatement();

      System.out.println("SELECT * FROM flickrusers WHERE name='" + username + "'");
      rs = stmt.executeQuery("SELECT * FROM flickrusers WHERE name='" + username + "'");

      while (rs.next()) {

        if (rs.getObject(1).toString().equals(username)) {

          out.println("<h1>To username pou epileksate uparxei hdh</h1>");
          out.println("<a href=\"project3.html\">parakalw dokimaste kapoio allo.</a>");

          stmt.close();
          rs.close();
          return;
        }
      }
      stmt.close();
      rs.close();

      stmt = con.createStatement();

      if (!stmt.execute("INSERT INTO flickrusers VALUES('" + username + "', '" + password + "')")) {
        out.println("<h1>Your registration is completed  " + username + "</h1>");
        out.println("<a href=\"index.jsp\">go to the login menu</a>");
        registerListener.Register(username);
      } else {
        out.println("<h1>To username pou epileksate uparxei hdh</h1>");
        out.println("<a href=\"project3.html\">Register</a>");
      }
    } catch (SQLException e) {
      throw new ServletException("Servlet Could not display records.", e);
    }
  }
  /* goodG2B() - use goodsource and badsink */
  private void goodG2B() throws Throwable {
    String data_copy;
    {
      String data;

      java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");

      /* FIX: Use a hardcoded string */
      data = "foo";

      data_copy = data;
    }
    {
      String data = data_copy;

      Logger log2 = Logger.getLogger("local-logger");

      Connection conn_tmp2 = null;
      Statement sqlstatement = null;
      ResultSet sqlrs = null;

      try {
        conn_tmp2 = IO.getDBConnection();
        sqlstatement = conn_tmp2.createStatement();

        /* POTENTIAL FLAW: take user input and place into dynamic sql query */
        sqlrs = sqlstatement.executeQuery("select * from users where name='" + data + "'");

        IO.writeString(sqlrs.toString());
      } catch (SQLException se) {
        log2.warning("Error getting database connection");
      } finally {
        try {
          if (sqlrs != null) {
            sqlrs.close();
          }
        } catch (SQLException e) {
          log2.warning("Error closing sqlrs");
        } finally {
          try {
            if (sqlstatement != null) {
              sqlstatement.close();
            }
          } catch (SQLException e) {
            log2.warning("Error closing sqlstatement");
          } finally {
            try {
              if (conn_tmp2 != null) {
                conn_tmp2.close();
              }
            } catch (SQLException e) {
              log2.warning("Error closing conn_tmp2");
            }
          }
        }
      }
    }
  }
 private void printOutLogs(Connection connection, PrintWriter out) throws SQLException {
   Statement select = connection.createStatement();
   ResultSet result = select.executeQuery("SELECT * FROM LOGGING ORDER BY DATE ASC");
   while (result.next()) {
     Timestamp date = result.getTimestamp("DATE");
     String ip = result.getString("IP");
     String url = result.getString("URL");
     out.println(date + "\t\t" + ip + "\t\t" + url);
   }
 }
  /* goodG2B() - use goodsource and badsink */
  private void goodG2B(HttpServletRequest request, HttpServletResponse response) throws Throwable {
    String dataCopy;
    {
      String data;

      /* FIX: Use a hardcoded string */
      data = "foo";

      dataCopy = data;
    }
    {
      String data = dataCopy;

      Connection dbConnection = null;
      Statement sqlStatement = null;
      ResultSet resultSet = null;

      try {
        dbConnection = IO.getDBConnection();
        sqlStatement = dbConnection.createStatement();

        /* POTENTIAL FLAW: data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection */
        resultSet = sqlStatement.executeQuery("select * from users where name='" + data + "'");

        IO.writeLine(resultSet.getRow()); /* Use ResultSet in some way */
      } catch (SQLException exceptSql) {
        IO.logger.log(Level.WARNING, "Error getting database connection", exceptSql);
      } finally {
        try {
          if (resultSet != null) {
            resultSet.close();
          }
        } catch (SQLException exceptSql) {
          IO.logger.log(Level.WARNING, "Error closing ResultSet", exceptSql);
        }

        try {
          if (sqlStatement != null) {
            sqlStatement.close();
          }
        } catch (SQLException exceptSql) {
          IO.logger.log(Level.WARNING, "Error closing Statement", exceptSql);
        }

        try {
          if (dbConnection != null) {
            dbConnection.close();
          }
        } catch (SQLException exceptSql) {
          IO.logger.log(Level.WARNING, "Error closing Connection", exceptSql);
        }
      }
    }
  }
  public void bad() throws Throwable {
    String data;
    if (IO.staticTrue) {
      /* get environment variable ADD */
      /* POTENTIAL FLAW: Read data from an environment variable */
      data = System.getenv("ADD");
    } else {
      /* INCIDENTAL: CWE 561 Dead Code, the code below will never run
       * but ensure data is inititialized before the Sink to avoid compiler errors */
      data = null;
    }

    if (IO.staticTrue) {
      Connection dbConnection = null;
      Statement sqlStatement = null;
      ResultSet resultSet = null;
      try {
        dbConnection = IO.getDBConnection();
        sqlStatement = dbConnection.createStatement();
        /* POTENTIAL FLAW: data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection */
        resultSet = sqlStatement.executeQuery("select * from users where name='" + data + "'");
        IO.writeLine(resultSet.getRow()); /* Use ResultSet in some way */
      } catch (SQLException exceptSql) {
        IO.logger.log(Level.WARNING, "Error getting database connection", exceptSql);
      } finally {
        try {
          if (resultSet != null) {
            resultSet.close();
          }
        } catch (SQLException exceptSql) {
          IO.logger.log(Level.WARNING, "Error closing ResultSet", exceptSql);
        }

        try {
          if (sqlStatement != null) {
            sqlStatement.close();
          }
        } catch (SQLException exceptSql) {
          IO.logger.log(Level.WARNING, "Error closing Statement", exceptSql);
        }

        try {
          if (dbConnection != null) {
            dbConnection.close();
          }
        } catch (SQLException exceptSql) {
          IO.logger.log(Level.WARNING, "Error closing Connection", exceptSql);
        }
      }
    }
  }
  /* goodG2B1() - use goodsource and badsink by changing first IO.STATIC_FINAL_FIVE==5 to IO.STATIC_FINAL_FIVE!=5 */
  private void goodG2B1() throws Throwable {
    String data;
    if (IO.STATIC_FINAL_FIVE != 5) {
      /* INCIDENTAL: CWE 561 Dead Code, the code below will never run
       * but ensure data is inititialized before the Sink to avoid compiler errors */
      data = null;
    } else {

      /* FIX: Use a hardcoded string */
      data = "foo";
    }

    if (IO.STATIC_FINAL_FIVE == 5) {
      Connection dbConnection = null;
      Statement sqlStatement = null;
      ResultSet resultSet = null;
      try {
        dbConnection = IO.getDBConnection();
        sqlStatement = dbConnection.createStatement();
        /* POTENTIAL FLAW: data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection */
        resultSet = sqlStatement.executeQuery("select * from users where name='" + data + "'");
        IO.writeLine(resultSet.getRow()); /* Use ResultSet in some way */
      } catch (SQLException exceptSql) {
        IO.logger.log(Level.WARNING, "Error getting database connection", exceptSql);
      } finally {
        try {
          if (resultSet != null) {
            resultSet.close();
          }
        } catch (SQLException exceptSql) {
          IO.logger.log(Level.WARNING, "Error closing ResultSet", exceptSql);
        }

        try {
          if (sqlStatement != null) {
            sqlStatement.close();
          }
        } catch (SQLException exceptSql) {
          IO.logger.log(Level.WARNING, "Error closing Statement", exceptSql);
        }

        try {
          if (dbConnection != null) {
            dbConnection.close();
          }
        } catch (SQLException exceptSql) {
          IO.logger.log(Level.WARNING, "Error closing Connection", exceptSql);
        }
      }
    }
  }
Пример #9
0
  public void doGet(HttpServletRequest req, HttpServletResponse res)
      throws ServletException, IOException {
    res.setContentType("text/html");
    PrintWriter toClient = res.getWriter();
    toClient.println("<!DOCTYPE HTML>");
    toClient.println("<html>");
    toClient.println("<head><title>Books</title></head>");
    toClient.println("<body>");
    toClient.println("<a href=\"index.html\">Home</A>");
    toClient.println("<h2>List of books</h2>");

    HttpSession session = req.getSession(false);
    if (session != null) {
      String name = (String) session.getAttribute("name");
      if (name != null) {
        toClient.println("<h2>name: " + name + "</h2>");
      }
    }

    toClient.print("<form action=\"bookOpinion\" method=GET>");
    toClient.println("<table border='1'>");

    String sql = "Select code, title, author FROM books";
    System.out.println(sql);
    try {
      Statement statement = connection.createStatement();
      ResultSet result = statement.executeQuery(sql);
      while (result.next()) {
        toClient.println("<tr>");
        String codeStr = result.getString("code");
        toClient.println(
            "<td><input type=\"radio\" name=\"book" + "\" value=\"" + codeStr + "\"></td>");
        toClient.println("<td>" + codeStr + "</td>");
        toClient.println("<td>" + result.getString("title") + "</td>");
        toClient.println("<td>" + result.getString("author") + "</td>");
        toClient.println("</tr>");
      }
    } catch (SQLException e) {
      e.printStackTrace();
      System.out.println("Resulset: " + sql + " Exception: " + e);
    }
    toClient.println("</table>");
    toClient.println("<textarea rows=\"8\" cols=\"60\" name=\"comment\"></textarea><BR>");
    toClient.println("<input type=submit>");
    toClient.println("</form>");
    toClient.println("</body>");
    toClient.println("</html>");
    toClient.close();
  }
  public void doPost(HttpServletRequest req, HttpServletResponse res) throws IOException {
    try {
      res.setContentType("text/html");
      pw = res.getWriter();
      Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
      con = DriverManager.getConnection("jdbc:odbc:com", "o7it58", "yajiv32737");
      st = con.createStatement();
      pw.println("<html>");
      pw.println("<head><title>Welcome</title></head>");
      pw.println("<body>");

      s = req.getParameter("login");
      if (s.equals("Submit")) {
        uname = req.getParameter("firstname");
        pass = req.getParameter("pwd");
        PrintWriter out = new PrintWriter(new FileWriter("log.txt"), true);
        out.println(uname);
        rs =
            st.executeQuery(
                "select type from login where username='******' and password='******'");
        if (rs.next()) {
          type = rs.getString("type");
        } else {
          pw.println("<center>");
          pw.println("User does not exists");
          pw.println("</center>");
        }
        if (type.equals("admin")) {

          pw.println(
              "<a href=\"http://localhost:8080/servlet/AdminLogin\">Hello Admin.Please Click Here</a>");
        } else if (type.equals("staff")) {
          pw.println(
              "<a href=\"http://localhost:8080/servlet/StaffLogin\">Hello Staff.Please Click Here</a>");
        } else {
          pw.println(
              "<a href=\"http://localhost:8080/servlet/StudentLogin\">Hello Student.Please Click Here</a>");
        }
      }
      pw.println("</body></html>");
    } catch (Exception e) {
    }
  }
Пример #11
0
  @Override
  protected void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {

    // get a connection
    ConnectionPool pool = ConnectionPool.getInstance();
    Connection connection = pool.getConnection();

    String sqlStatement = request.getParameter("sqlStatement");
    String sqlResult = "";
    try {
      // create a statement
      Statement statement = connection.createStatement();

      // parse the SQL string
      sqlStatement = sqlStatement.trim();
      if (sqlStatement.length() >= 6) {
        String sqlType = sqlStatement.substring(0, 6);
        if (sqlType.equalsIgnoreCase("select")) {
          // create the HTML for the result set
          ResultSet resultSet = statement.executeQuery(sqlStatement);
          sqlResult = SQLUtil.getHtmlTable(resultSet);
          resultSet.close();
        } else {
          int i = statement.executeUpdate(sqlStatement);
          if (i == 0) {
            sqlResult = "<p>The statement executed successfully.</p>";
          } else { // an INSERT, UPDATE, or DELETE statement
            sqlResult = "<p>The statement executed successfully.<br>" + i + " row(s) affected.</p>";
          }
        }
      }
      statement.close();
      connection.close();
    } catch (SQLException e) {
      sqlResult = "<p>Error executing the SQL statement: <br>" + e.getMessage() + "</p>";
    } finally {
      pool.freeConnection(connection);
    }

    HttpSession session = request.getSession();
    session.setAttribute("sqlResult", sqlResult);
    session.setAttribute("sqlStatement", sqlStatement);

    String url = "/index.jsp";
    getServletContext().getRequestDispatcher(url).forward(request, response);
  }
  /* goodG2B() - use goodsource and badsink */
  public void goodG2B_sink(String data, HttpServletRequest request, HttpServletResponse response)
      throws Throwable {

    Logger log2 = Logger.getLogger("local-logger");

    Connection conn_tmp2 = null;
    Statement sqlstatement = null;
    ResultSet sqlrs = null;

    try {
      conn_tmp2 = IO.getDBConnection();
      sqlstatement = conn_tmp2.createStatement();

      /* POTENTIAL FLAW: take user input and place into dynamic sql query */
      sqlrs = sqlstatement.executeQuery("select * from users where name='" + data + "'");

      IO.writeString(sqlrs.toString());
    } catch (SQLException se) {
      log2.warning("Error getting database connection");
    } finally {
      try {
        if (sqlrs != null) {
          sqlrs.close();
        }
      } catch (SQLException e) {
        log2.warning("Error closing sqlrs");
      } finally {
        try {
          if (sqlstatement != null) {
            sqlstatement.close();
          }
        } catch (SQLException e) {
          log2.warning("Error closing sqlstatement");
        } finally {
          try {
            if (conn_tmp2 != null) {
              conn_tmp2.close();
            }
          } catch (SQLException e) {
            log2.warning("Error closing conn_tmp2");
          }
        }
      }
    }
  }
Пример #13
0
 public void doPost(HttpServletRequest request, HttpServletResponse response)
     throws ServletException, IOException {
   Statement question;
   String query;
   ResultSet answer;
   connect();
   try {
     query = "SELECT * FROM PILOT WHERE Address ='" + request.getParameter("city") + "'";
     question = link.createStatement();
     answer = question.executeQuery(query);
     PrintWriter pen;
     response.setContentType("text/html");
     pen = response.getWriter();
     pen.println("<HTML>");
     pen.println("<HEAD> <TITLE> Answer </TITLE> </HEAD>");
     pen.println("<BODY>");
     while (answer.next()) {
       String pN = answer.getString("PilotNumber");
       String lN = answer.getString("LastName");
       String fN = answer.getString("FirstName");
       String ad = answer.getString("Address");
       float sa = answer.getFloat("Salary");
       float pr = answer.getFloat("Premium");
       Date hD = answer.getDate("HiringDate");
       if (answer.wasNull() == false) {
         pen.println("<P><B> Pilot : </B>" + lN + " " + fN);
         pen.println("<P><B> ---Reference : </B>" + pN);
         pen.println("<P><B> ---Address : </B>" + ad);
         pen.println("<P><B> ---Salary : </B>" + sa);
         pen.println("<P><B> ---since : </B>" + hD);
         if (pr > 0) pen.println("<P><B> ---Premium : </B>" + pr);
         else pen.println("<P><B> ---No premium </B>");
       }
     }
     pen.println("</BODY>");
     pen.println("</HTML>");
     answer.close();
     question.close();
     link.close();
   } catch (SQLException e) {
     System.out.println("Connection error: " + e.getMessage());
   }
 }
  /* goodG2B() - use GoodSource and BadSink */
  public void goodG2BSink(HashMap<Integer, String> dataHashMap) throws Throwable {
    String data = dataHashMap.get(2);

    Connection dbConnection = null;
    Statement sqlStatement = null;
    ResultSet resultSet = null;

    try {
      dbConnection = IO.getDBConnection();
      sqlStatement = dbConnection.createStatement();

      /* POTENTIAL FLAW: data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection */
      resultSet = sqlStatement.executeQuery("select * from users where name='" + data + "'");

      IO.writeLine(resultSet.getRow()); /* Use ResultSet in some way */
    } catch (SQLException exceptSql) {
      IO.logger.log(Level.WARNING, "Error getting database connection", exceptSql);
    } finally {
      try {
        if (resultSet != null) {
          resultSet.close();
        }
      } catch (SQLException exceptSql) {
        IO.logger.log(Level.WARNING, "Error closing ResultSet", exceptSql);
      }

      try {
        if (sqlStatement != null) {
          sqlStatement.close();
        }
      } catch (SQLException exceptSql) {
        IO.logger.log(Level.WARNING, "Error closing Statement", exceptSql);
      }

      try {
        if (dbConnection != null) {
          dbConnection.close();
        }
      } catch (SQLException exceptSql) {
        IO.logger.log(Level.WARNING, "Error closing Connection", exceptSql);
      }
    }
  }
Пример #15
0
  public void doGet(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {

    response.setContentType("text/html");
    PrintWriter out = response.getWriter();

    String dbUser = "******"; // enter your username here
    String dbPassword = "******"; // enter your password here

    try {
      OracleDataSource ods = new oracle.jdbc.pool.OracleDataSource();
      ods.setURL("jdbc:oracle:thin:@//w4111b.cs.columbia.edu:1521/ADB");
      ods.setUser(dbUser);
      ods.setPassword(dbPassword);

      Connection conn = ods.getConnection();

      String query = new String();
      Statement s = conn.createStatement();

      query = "select * from events";

      ResultSet r = s.executeQuery(query);
      while (r.next()) {
        out.println("Today's Date: " + r.getString(1) + " ");
      }
      r.close();
      s.close();

      conn.close();

    } catch (Exception e) {
      out.println("The database could not be accessed.<br>");
      out.println("More information is available as follows:<br>");
      e.printStackTrace(out);
    }
  } // end doGet method
Пример #16
0
 public void doPost(HttpServletRequest req, HttpServletResponse res)
     throws IOException, ServletException {
   res.setContentType("text/html");
   PrintWriter out = res.getWriter();
   out.println("vaishali mehta-130050131524");
   out.println("<html>");
   out.println("<body><table border='1'>");
   out.println("<th>name</th>");
   out.println("<th>password</th>");
   try {
     rs = stmt.executeQuery("select *from records");
     while (rs.next()) {
       tn = rs.getString("name");
       tp = rs.getString("password");
       out.println("<tr>");
       out.println("<td>" + tn + "</td>");
       out.println("<td>" + tp + "</td>");
       out.println("</tr>");
     }
   } catch (Exception e) {
     System.out.println(e);
   }
   out.println("</table></body></html>");
 }
Пример #17
0
  @Override
  public void doGet(HttpServletRequest request, HttpServletResponse response)
      throws IOException, ServletException {

    // create the workbook, its worksheet, and its title row
    Workbook workbook = new HSSFWorkbook();
    Sheet sheet = workbook.createSheet("User table");
    Row row = sheet.createRow(0);
    row.createCell(0).setCellValue("The User table");

    // create the header row
    row = sheet.createRow(2);
    row.createCell(0).setCellValue("UserID");
    row.createCell(1).setCellValue("LastName");
    row.createCell(2).setCellValue("FirstName");
    row.createCell(3).setCellValue("Email");

    try {
      // read database rows
      ConnectionPool pool = ConnectionPool.getInstance();
      Connection connection = pool.getConnection();
      Statement statement = connection.createStatement();
      String query = "SELECT * FROM User ORDER BY UserID";
      ResultSet results = statement.executeQuery(query);

      // create spreadsheet rows
      int i = 3;
      while (results.next()) {
        row = sheet.createRow(i);
        row.createCell(0).setCellValue(results.getInt("UserID"));
        row.createCell(1).setCellValue(results.getString("LastName"));
        row.createCell(2).setCellValue(results.getString("FirstName"));
        row.createCell(3).setCellValue(results.getString("Email"));
        i++;
      }
      results.close();
      statement.close();
      connection.close();
    } catch (SQLException e) {
      this.log(e.toString());
    }

    // set response object headers
    response.setHeader("content-disposition", "attachment; filename=users.xls");
    response.setHeader("cache-control", "no-cache");

    // get the output stream
    String encodingString = request.getHeader("accept-encoding");
    OutputStream out;
    if (encodingString != null && encodingString.contains("gzip")) {
      out = new GZIPOutputStream(response.getOutputStream());
      response.setHeader("content-encoding", "gzip");
      // System.out.println("User table encoded with gzip");
    } else {
      out = response.getOutputStream();
      // System.out.println("User table not encoded with gzip");
    }

    // send the workbook to the browser
    workbook.write(out);
    out.close();
  }
Пример #18
0
  /**
   * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
   *
   * @param request servlet request
   * @param response servlet response
   * @throws ServletException if a servlet-specific error occurs
   * @throws IOException if an I/O error occurs
   */
  protected void processRequest(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    response.setContentType("text/html;charset=UTF-8");
    PrintWriter out = response.getWriter();
    String username = request.getParameter("username");
    String password = request.getParameter("password");
    Statement stmt;
    ResultSet rs;

    if (username == null || password == null) {
      out.println("<h1>Invalid Register Request</h1>");
      out.println("<a href=\"register.html\">Register</a>");

      return;
    }
    Connection con = null;

    try {
      Class.forName("com.mysql.jdbc.Driver");
      String connectionUrl = "jdbc:mysql://localhost/project3?" + "user=root&password=marouli";
      con = DriverManager.getConnection(connectionUrl);

      if (con != null) {
        System.out.println("Ola ok me mysql");
      }
    } catch (SQLException e) {
      System.out.println("SQL Exception: " + e.toString());
    } catch (ClassNotFoundException cE) {
      System.out.println("Class Not Found Exception: " + cE.toString());
    }

    try {
      stmt = con.createStatement();

      rs = stmt.executeQuery("SELECT * FROM users WHERE username='******'");
      if (rs.next()) {
        out.println("<h1>Username exists</h1>");
        out.println("<a href=\"register.html\">Register</a>");

        stmt.close();
        rs.close();
        con.close();
        return;
      }
      stmt.close();
      rs.close();

      stmt = con.createStatement();

      if (!stmt.execute("INSERT INTO users VALUES('" + username + "', '" + password + "')")) {
        out.println("<h1>You are now registered " + username + "</h1>");
        out.println("<a href=\"index.jsp\">Login</a>");

        int i;
        for (i = 0; i < listeners.size(); i++) listeners.get(i).UserRegistered(username);
      } else {
        out.println("<h1>Could not add your username to the db</h1>");
        out.println("<a href=\"register.html\">Register</a>");
      }

      stmt.close();
      con.close();
    } catch (SQLException e) {
      throw new ServletException("Servlet Could not display records.", e);
    }
  }
Пример #19
0
  protected void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    // Variable initializations.
    HttpSession session = request.getSession();
    FileItem image_file = null;
    int record_id = 0;
    int image_id;

    // Check if a record ID has been entered.
    if (request.getParameter("recordID") == null || request.getParameter("recordID").equals("")) {
      // If no ID has been entered, send message to jsp.
      response_message =
          "<p><font color=FF0000>No Record ID Detected, Please Enter One.</font></p>";
      session.setAttribute("msg", response_message);
      response.sendRedirect("UploadImage.jsp");
    }

    try {
      // Parse the HTTP request to get the image stream.
      DiskFileUpload fu = new DiskFileUpload();
      // Will get multiple image files if that happens and can be accessed through FileItems.
      List<FileItem> FileItems = fu.parseRequest(request);

      // Connect to the database and create a statement.
      conn = getConnected(drivername, dbstring, username, password);
      stmt = conn.createStatement();

      // Process the uploaded items, assuming only 1 image file uploaded.
      Iterator<FileItem> i = FileItems.iterator();

      while (i.hasNext()) {
        FileItem item = (FileItem) i.next();

        // Test if item is a form field and matches recordID.
        if (item.isFormField()) {
          if (item.getFieldName().equals("recordID")) {
            // Covert record id from string to integer.
            record_id = Integer.parseInt(item.getString());

            String sql = "select count(*) from radiology_record where record_id = " + record_id;
            int count = 0;

            try {
              rset = stmt.executeQuery(sql);

              while (rset != null && rset.next()) {
                count = (rset.getInt(1));
              }
            } catch (SQLException e) {
              response_message = e.getMessage();
            }

            // Check if recordID is in the database.
            if (count == 0) {
              // Invalid recordID, send message to jsp.
              response_message =
                  "<p><font color=FF0000>Record ID Does Not Exist In Database.</font></p>";
              session.setAttribute("msg", response_message);
              // Close connection.
              conn.close();
              response.sendRedirect("UploadImage.jsp");
            }
          }
        } else {
          image_file = item;

          if (image_file.getName().equals("")) {
            // No file, send message to jsp.
            response_message = "<p><font color=FF0000>No File Selected For Record ID.</font></p>";
            session.setAttribute("msg", response_message);
            // Close connection.
            conn.close();
            response.sendRedirect("UploadImage.jsp");
          }
        }
      }

      // Get the image stream.
      InputStream instream = image_file.getInputStream();

      BufferedImage full_image = ImageIO.read(instream);
      BufferedImage thumbnail = shrink(full_image, 10);
      BufferedImage regular_image = shrink(full_image, 5);

      // First, to generate a unique img_id using an SQL sequence.
      rset1 = stmt.executeQuery("SELECT image_id_sequence.nextval from dual");
      rset1.next();
      image_id = rset1.getInt(1);

      // Insert an empty blob into the table first. Note that you have to
      // use the Oracle specific function empty_blob() to create an empty blob.
      stmt.execute(
          "INSERT INTO pacs_images VALUES("
              + record_id
              + ","
              + image_id
              + ", empty_blob(), empty_blob(), empty_blob())");

      // to retrieve the lob_locator
      // Note that you must use "FOR UPDATE" in the select statement
      String cmd = "SELECT * FROM pacs_images WHERE image_id = " + image_id + " FOR UPDATE";
      rset = stmt.executeQuery(cmd);
      rset.next();
      BLOB myblobFull = ((OracleResultSet) rset).getBLOB(5);
      BLOB myblobThumb = ((OracleResultSet) rset).getBLOB(3);
      BLOB myblobRegular = ((OracleResultSet) rset).getBLOB(4);

      // Write the full size image to the blob object.
      OutputStream fullOutstream = myblobFull.getBinaryOutputStream();
      ImageIO.write(full_image, "jpg", fullOutstream);
      // Write the thumbnail size image to the blob object.
      OutputStream thumbOutstream = myblobThumb.getBinaryOutputStream();
      ImageIO.write(thumbnail, "jpg", thumbOutstream);
      // Write the regular size image to the blob object.
      OutputStream regularOutstream = myblobRegular.getBinaryOutputStream();
      ImageIO.write(regular_image, "jpg", regularOutstream);

      // Commit the changes to database.
      stmt.executeUpdate("commit");
      response_message = "<p><font color=00CC00>Upload Successful.</font></p>";
      session.setAttribute("msg", response_message);

      instream.close();
      fullOutstream.close();
      thumbOutstream.close();
      regularOutstream.close();

      // Close connection.
      conn.close();
      response.sendRedirect("UploadImage.jsp");

      instream.close();
      fullOutstream.close();
      thumbOutstream.close();
      regularOutstream.close();

      // Close connection.
      conn.close();
    } catch (Exception ex) {
      response_message = ex.getMessage();
    }
  }
Пример #20
0
  public void doPost(HttpServletRequest req, HttpServletResponse resp)
      throws ServletException, IOException {

    resp.setContentType("text/html");
    PrintWriter out = resp.getWriter();

    Connection con = null; // init DB objects
    PreparedStatement pstmt = null;
    Statement stmt = null;
    ResultSet rs = null;

    try {
      con = dbConn.Connect("demopaul");
    } catch (Exception ignore) {
    }

    String stype_id = req.getParameter("type_id");
    int type_id = 0;

    String sgroup_id = req.getParameter("group_id");
    int group_id = 0;

    String sitem_id = req.getParameter("item_id");
    int item_id = 0;

    try {
      type_id = Integer.parseInt(stype_id);
    } catch (NumberFormatException ignore) {
    }

    try {
      group_id = Integer.parseInt(sgroup_id);
    } catch (NumberFormatException ignore) {
    }

    try {
      item_id = Integer.parseInt(sitem_id);
    } catch (NumberFormatException ignore) {
    }

    out.println(
        "<!-- type_id=" + type_id + ", group_id=" + group_id + ", item_id=" + item_id + " -->");

    out.println("<script>");

    out.println("function load_types() {");
    out.println(" try {document.forms['frmSelect'].item_id.selectedIndex = -1; } catch (err) {}");
    out.println(" document.forms['frmSelect'].group_id.selectedIndex = -1;");
    out.println(" document.forms['frmSelect'].submit();");
    out.println("}");

    out.println("function load_groups() {");
    out.println(" document.forms['frmSelect'].submit();");
    out.println("}");

    out.println("</script>");

    out.println("<form name=frmSelect>");

    // LOAD ACTIVITY TYPES
    out.println("<select name=type_id onchange=\"load_types()\">");

    if (type_id == 0) {

      out.println("<option>CHOOSE TYPE</option>");
    }

    try {

      stmt = con.createStatement();

      rs = stmt.executeQuery("SELECT * FROM activity_types");

      while (rs.next()) {

        Common_Config.buildOption(rs.getInt("type_id"), rs.getString("type_name"), type_id, out);
      }
      stmt.close();

    } catch (Exception exc) {

      out.println("<p>ERROR:" + exc.toString() + "</p>");
    }

    out.println("");
    out.println("</select>");

    // LOAD ACTIVITIES BY GROUP TYPE
    out.println("<select name=group_id onchange=\"load_groups()\">");

    if (type_id == 0) {

      out.println("<option>CHOOSE TYPE</option>");

    } else {

      try {

        stmt = con.createStatement();
        rs =
            stmt.executeQuery(
                "SELECT group_id, group_name FROM activity_groups WHERE type_id = " + type_id);

        rs.last();
        if (rs.getRow() == 1) {
          group_id = rs.getInt("group_id");
          out.println("<!-- ONLY FOUND 1 GROUP -->");
        } else {
          out.println("<option value=\"0\">CHOOSE...</option>");
        }

        rs.beforeFirst();

        while (rs.next()) {

          Common_Config.buildOption(
              rs.getInt("group_id"), rs.getString("group_name"), group_id, out);
        }
        stmt.close();

      } catch (Exception exc) {

        out.println("<p>ERROR:" + exc.toString() + "</p>");
      }
    }

    out.println("");
    out.println("</select>");

    if (group_id > 0) { // || sitem_id != null

      // LOAD ACTIVITIES BY ITEM TYPE
      out.println("<select name=item_id onchange=\"load_times()\">");

      if (group_id == 0) {

        out.println("<option value=\"0\">CHOOSE GROUP</option>");

      } else {

        try {

          stmt = con.createStatement();
          rs =
              stmt.executeQuery(
                  "SELECT item_id, item_name FROM activity_items WHERE group_id = " + group_id);

          rs.last();
          if (rs.getRow() == 1) {
            item_id = rs.getInt("item_id");
            out.println("<!-- ONLY FOUND 1 ITEM -->");
          } else {
            out.println("<option value=\"0\">CHOOSE...</option>");
          }

          rs.beforeFirst();

          while (rs.next()) {

            Common_Config.buildOption(
                rs.getInt("item_id"), rs.getString("item_name"), item_id, out);
          }
          stmt.close();

        } catch (Exception exc) {

          out.println("<p>ERROR:" + exc.toString() + "</p>");
        }
      }

      out.println("");
      out.println("</select>");
    }

    out.println("</form>");

    out.println("<p><a href=\"Member_genrez\">Reset</a></p>");

    try {
      con.close();
    } catch (Exception ignore) {
    }

    out.close();
  }
Пример #21
0
  public void doGet(HttpServletRequest req, HttpServletResponse resp)
      throws ServletException, IOException {

    resp.setContentType("text/html");
    PrintWriter out = resp.getWriter();

    PreparedStatement pstmt = null;
    Statement stmt = null;
    ResultSet rs = null;

    HttpSession session = SystemUtils.verifyMem(req, out); // check for intruder

    if (session == null) return;

    Connection con = Connect.getCon(req); // get DB connection

    if (con == null) {

      resp.setContentType("text/html");

      out.println(SystemUtils.HeadTitle("DB Connection Error"));
      out.println("<BODY><CENTER><BR>");
      out.println("<BR><BR><H3>Database Connection Error</H3>");
      out.println("<BR><BR>Unable to connect to the Database.");
      out.println("<BR>Please try again later.");
      out.println("<BR><BR>If problem persists, contact customer support.");
      out.println("<BR><BR>");
      out.println("<a href=\"javascript:history.back(1)\">Return</a>");
      out.println("</CENTER></BODY></HTML>");
      out.close();
      return;
    }

    //
    // Get needed vars out of session obj
    //
    String club = (String) session.getAttribute("club");
    String user = (String) session.getAttribute("user");
    String caller = (String) session.getAttribute("caller");

    int activity_id = (Integer) session.getAttribute("activity_id");

    int foretees_mode = 0;

    String stype_id = req.getParameter("type_id");
    int type_id = 0;

    String sgroup_id = req.getParameter("group_id");
    int group_id = 0;

    String sitem_id = req.getParameter("item_id");
    int item_id = 0;

    try {
      type_id = Integer.parseInt(stype_id);
    } catch (NumberFormatException ignore) {
    }

    try {
      group_id = Integer.parseInt(sgroup_id);
    } catch (NumberFormatException ignore) {
    }

    try {
      item_id = Integer.parseInt(sitem_id);
    } catch (NumberFormatException ignore) {
    }

    out.println(
        "<!-- type_id=" + type_id + ", group_id=" + group_id + ", item_id=" + item_id + " -->");

    //
    // START PAGE OUTPUT
    //
    out.println(SystemUtils.HeadTitle("Member Acivities"));
    out.println("<style>");
    out.println(".actLink { color: black }");
    out.println(".actLink:hover { color: #336633 }");
    // out.println(".playerTD {width:125px}");
    out.println("</style>");
    out.println(
        "<body bgcolor=\"#CCCCAA\" text=\"#000000\" link=\"#336633\" vlink=\"#8B8970\" alink=\"#8B8970\">");
    SystemUtils.getMemberSubMenu(req, out, caller); // required to allow submenus on this page

    //
    // DISPLAY A LIST OF AVAILABLE ACTIVITIES
    //
    out.println(
        "<p align=center><b><font size=5 color=#336633><BR><BR>Available Activities</font></b></p>");

    out.println(
        "<p align=center><b><font size=3 color=#000000>Select your desired activity from the list below.<br>NOTE: You can set your default activity under <a href=\"Member_services\" class=actLink>Settings</a>.</font></b></p>");

    out.println("<table align=center>");

    try {

      stmt = con.createStatement();

      rs = stmt.executeQuery("SELECT foretees_mode FROM club5 WHERE clubName <> '';");

      if (rs.next()) {
        foretees_mode = rs.getInt(1);
      }

      // if they have foretees then give a link in to the golf system
      if (foretees_mode != 0) {

        out.println(
            "<tr><td align=center><b><a href=\"Member_jump?switch&activity_id=0\" class=linkA style=\"color:#336633\" target=_top>Golf</a></b></td></tr>"); // ForeTees
      }

      // build a link to any activities they have access to
      rs =
          stmt.executeQuery(
              "SELECT * FROM activities " + "WHERE parent_id = 0 " + "ORDER BY activity_name");

      while (rs.next()) {

        out.println(
            "<tr><td align=center><b><a href=\"Member_jump?switch&activity_id="
                + rs.getInt("activity_id")
                + "\" class=linkA style=\"color:#336633\" target=_top>"
                + rs.getString("activity_name")
                + "</a></b></td></tr>");
      }

      stmt.close();

    } catch (Exception exc) {

      out.println("<p>ERROR:" + exc.toString() + "</p>");

    } finally {

      try {
        rs.close();
      } catch (Exception ignore) {
      }

      try {
        stmt.close();
      } catch (Exception ignore) {
      }
    }

    out.println("</table>");

    out.println("</body></html>");

    /*

        out.println("<script>");

        out.println("function load_types() {");
        out.println(" try {document.forms['frmSelect'].item_id.selectedIndex = -1; } catch (err) {}");
        out.println(" document.forms['frmSelect'].group_id.selectedIndex = -1;");
        out.println(" document.forms['frmSelect'].submit();");
        out.println("}");

        out.println("function load_groups() {");
        out.println(" document.forms['frmSelect'].submit();");
        out.println("}");

        out.println("function load_times(id) {");
        out.println(" top.bot.location.href='Member_gensheets?id=' + id;");
        out.println("}");

        out.println("</script>");

        out.println("<form name=frmSelect>");

        // LOAD ACTIVITY TYPES
        out.println("<select name=type_id onchange=\"load_types()\">");

        if (type_id == 0) {

            out.println("<option>CHOOSE TYPE</option>");

        }

        try {

            stmt = con.createStatement();

            rs = stmt.executeQuery("SELECT * FROM activities WHERE parent_id = 0");

            while (rs.next()) {

                Common_Config.buildOption(rs.getInt("activity_id"), rs.getString("activity_name"), type_id, out);

            }
            stmt.close();

        } catch (Exception exc) {

            out.println("<p>ERROR:" + exc.toString() + "</p>");

        }

        out.println("");
        out.println("</select>");


        // LOAD ACTIVITIES BY GROUP TYPE
        out.println("<select name=group_id onchange=\"load_groups()\">");

        if (type_id == 0) {

            out.println("<option>CHOOSE TYPE</option>");

        } else {

            try {

                stmt = con.createStatement();
                rs = stmt.executeQuery("SELECT activity_id, activity_name FROM activities WHERE parent_id = " + type_id);

                rs.last();
                if (rs.getRow() == 1) {
                    group_id = rs.getInt("activity_id");
                    out.println("<!-- ONLY FOUND 1 GROUP -->");
                } else {
                    out.println("<option value=\"0\">CHOOSE...</option>");
                }

                rs.beforeFirst();

                while (rs.next()) {

                    Common_Config.buildOption(rs.getInt("activity_id"), rs.getString("activity_name"), group_id, out);

                }
                stmt.close();

            } catch (Exception exc) {

                out.println("<p>ERROR:" + exc.toString() + "</p>");

            }

        }

        out.println("");
        out.println("</select>");

        boolean do_load = false;

        if (group_id > 0 ) { //|| sitem_id != null

            // LOAD ACTIVITIES BY ITEM TYPE

            try {

                stmt = con.createStatement();
                rs = stmt.executeQuery("SELECT activity_id, activity_name FROM activities WHERE parent_id = " + group_id);

                rs.last();
                if (rs.getRow() == 0) {

                    // no sub groups found
                    do_load = true;
                    item_id = group_id;

                } else if (rs.getRow() == 1) {

                    // single sub group found (pre select it)
                    item_id = rs.getInt("activity_id");
                    out.println("<!-- ONLY FOUND 1 ITEM -->");

                } else {

                    out.println("<select name=item_id onchange=\"load_times(this.options[this.selectedIndex].value)\">");
                    out.println("<option value=\"0\">CHOOSE...</option>");

                }

                if (!do_load) {

                    rs.beforeFirst();

                    while (rs.next()) {

                        Common_Config.buildOption(rs.getInt("activity_id"), rs.getString("activity_name"), item_id, out);

                    }

                }
                stmt.close();

                out.println("");
                out.println("</select>");

            } catch (Exception exc) {

                out.println("<p>ERROR:" + exc.toString() + "</p>");

            }


        }

        out.println("</form>");

        out.println("<p><a href=\"Member_genrez\">Reset</a></p>");

        try {
            con.close();
        } catch (Exception ignore) {}


        if (do_load) out.println("<script>load_times(" + item_id + ")</script>");


        //out.println("<iframe name=ifSheet src=\"\" style=\"width:640px height:480px\"></iframe>");
    */

    out.close();
  }
  /** Business logic to execute. */
  public final Response executeCommand(
      Object inputPar,
      UserSessionParameters userSessionPars,
      HttpServletRequest request,
      HttpServletResponse response,
      HttpSession userSession,
      ServletContext context) {
    String serverLanguageId = ((JAIOUserSessionParameters) userSessionPars).getServerLanguageId();
    Connection conn = null;
    Statement stmt = null;
    try {
      conn = ConnectionManager.getConnection(context);

      // fires the GenericEvent.CONNECTION_CREATED event...
      EventsManager.getInstance()
          .processEvent(
              new GenericEvent(
                  this,
                  getRequestName(),
                  GenericEvent.CONNECTION_CREATED,
                  (JAIOUserSessionParameters) userSessionPars,
                  request,
                  response,
                  userSession,
                  context,
                  conn,
                  inputPar,
                  null));
      java.util.List list = (ArrayList) inputPar;

      HierarItemDiscountVO vo = null;
      ResultSet rset = null;
      stmt = conn.createStatement();
      for (int i = 0; i < list.size(); i++) {
        vo = (HierarItemDiscountVO) list.get(i);
        vo.setDiscountTypeSAL03(ApplicationConsts.DISCOUNT_CUSTOMER);

        // retrieve COMPANY_CODE from progressiveHIE01...
        rset =
            stmt.executeQuery(
                "select COMPANY_CODE_SYS01 from ITM02_ITEM_TYPES where PROGRESSIVE_HIE02 in "
                    + "(select PROGRESSIVE_HIE02 from HIE01_LEVELS where PROGRESSIVE="
                    + vo.getProgressiveHie01SAL05()
                    + ")");
        if (rset.next()) vo.setCompanyCodeSys01SAL03(rset.getString(1));
        else {
          rset.close();
          conn.rollback();
          return new ErrorResponse("Item hierarchy not found.");
        }
        rset.close();

        DiscountBean.insertDiscount(conn, vo);

        stmt.execute(
            "insert into SAL05_ITEM_HIERAR_DISCOUNTS(COMPANY_CODE_SYS01,PROGRESSIVE_HIE01,DISCOUNT_CODE_SAL03) "
                + "values('"
                + vo.getCompanyCodeSys01SAL03()
                + "',"
                + vo.getProgressiveHie01SAL05()
                + ",'"
                + vo.getDiscountCodeSAL03()
                + "')");
      }

      Response answer = new VOListResponse(list, false, list.size());

      // fires the GenericEvent.BEFORE_COMMIT event...
      EventsManager.getInstance()
          .processEvent(
              new GenericEvent(
                  this,
                  getRequestName(),
                  GenericEvent.BEFORE_COMMIT,
                  (JAIOUserSessionParameters) userSessionPars,
                  request,
                  response,
                  userSession,
                  context,
                  conn,
                  inputPar,
                  answer));

      conn.commit();

      // fires the GenericEvent.AFTER_COMMIT event...
      EventsManager.getInstance()
          .processEvent(
              new GenericEvent(
                  this,
                  getRequestName(),
                  GenericEvent.AFTER_COMMIT,
                  (JAIOUserSessionParameters) userSessionPars,
                  request,
                  response,
                  userSession,
                  context,
                  conn,
                  inputPar,
                  answer));

      return answer;
    } catch (Throwable ex) {
      Logger.error(
          userSessionPars.getUsername(),
          this.getClass().getName(),
          "executeCommand",
          "Error while inserting hierarchy item discounts",
          ex);
      try {
        conn.rollback();
      } catch (Exception ex3) {
      }
      return new ErrorResponse(ex.getMessage());
    } finally {
      try {
        stmt.close();
      } catch (Exception ex2) {
      }
      try {
        ConnectionManager.releaseConnection(conn, context);
      } catch (Exception ex1) {
      }
    }
  }
  public void _jspService(
      final javax.servlet.http.HttpServletRequest request,
      final javax.servlet.http.HttpServletResponse response)
      throws java.io.IOException, javax.servlet.ServletException {

    final javax.servlet.jsp.PageContext pageContext;
    javax.servlet.http.HttpSession session = null;
    final javax.servlet.ServletContext application;
    final javax.servlet.ServletConfig config;
    javax.servlet.jsp.JspWriter out = null;
    final java.lang.Object page = this;
    javax.servlet.jsp.JspWriter _jspx_out = null;
    javax.servlet.jsp.PageContext _jspx_page_context = null;

    try {
      response.setContentType("text/html");
      pageContext =
          _jspxFactory.getPageContext(
              this,
              request,
              response,
              "ReportErrorPage.jsp?page=EditTargetReportForm.jsp",
              true,
              8192,
              true);
      _jspx_page_context = pageContext;
      application = pageContext.getServletContext();
      config = pageContext.getServletConfig();
      session = pageContext.getSession();
      out = pageContext.getOut();
      _jspx_out = out;

      out.write("\n");
      out.write("\n");
      out.write("\n");
      out.write("\n");
      out.write("\n");
      org.apache.jasper.runtime.JspRuntimeLibrary.include(
          request, response, "header.jsp", out, false);
      out.write(' ');
      out.write('\n');
      out.write("\n");
      out.write("\n");
      out.write("\n");
      out.write("\t<!-- files for JqxWidget grid  -->\n");
      out.write(
          "    <link rel=\"stylesheet\" href=\"js/jqwidgets/styles/jqx.base.css\" type=\"text/css\" />\n");
      out.write(
          "    <link rel=\"stylesheet\" href=\"js/jqwidgets/styles/jqx.darkblue.css\" type=\"text/css\" />\n");
      out.write(
          "\t<link rel=\"stylesheet\" href=\"js/jqwidgets/styles/jqx.ui-redmond.css\" type=\"text/css\" />\n");
      out.write("\t\n");
      out.write(
          "    <script type=\"text/javascript\" src=\"js/jqwidgets/gettheme.js\"></script>\n");
      out.write("\t<script type=\"text/javascript\" src=\"js/jquery-1.10.2.min.js\"></script>\n");
      out.write("    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxcore.js\"></script>\n");
      out.write("    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxdata.js\"></script>\n");
      out.write(
          "    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxbuttons.js\"></script>\n");
      out.write(
          "    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxscrollbar.js\"></script>\n");
      out.write(
          "    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxlistbox.js\"></script>\n");
      out.write(
          "    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxcalendar.js\"></script>\n");
      out.write(
          "    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxdatetimeinput.js\"></script>\n");
      out.write("    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxgrid.js\"></script>\n");
      out.write(
          "    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxgrid.filter.js\"></script>\n");
      out.write(
          "    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxgrid.selection.js\"></script>\n");
      out.write(
          "    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxgrid.sort.js\"></script>\n");
      out.write(
          "    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxgrid.pager.js\"></script>\n");
      out.write(
          "     <script type=\"text/javascript\" src=\"js/jqwidgets/jqxmenu.js\"></script>\n");
      out.write(
          "    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxlistbox.js\"></script>\n");
      out.write(
          "    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxdropdownlist.js\"></script>\n");
      out.write(
          "    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxdata.export.js\"></script> \n");
      out.write(
          "    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxgrid.export.js\"></script> \n");
      out.write(
          "    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxgrid.aggregates.js\"></script>  \n");
      out.write(
          "    <script type=\"text/javascript\" src=\"js/jqwidgets/jqxgrid.grouping.js\"></script> \n");
      out.write("\n");
      out.write("\n");
      out.write("\t\n");
      out.write("\t");

      session.getAttribute("UserName").toString();
      // System.out.println("session bachka maapping : "+session +" \n user
      // "+session.getAttribute("UserName").toString());

      out.write("\n");
      out.write("\n");
      out.write("\n");
      out.write("<script src=\"js/editCustomer_details.js\"> </script> \n");
      out.write("\n");
      out.write("<script type=\"text/javascript\" src=\"js/popup.js\"></script>\n");
      out.write("<style>\n");
      out.write("hr {\n");
      out.write("color: #f00;\n");
      out.write("background-color: #f00;\n");
      out.write("height: 3px;\n");
      out.write("}\n");
      out.write("#selected_order{\n");
      out.write("width: 40%;\n");
      out.write("max-height: 300px;\n");
      out.write("border: 1px solid black; \n");
      out.write("background-color: #ECFB99;\n");
      out.write("float: right;\n");
      out.write("margin-top: 30px;\n");
      out.write("overflow: auto;\n");
      out.write("margin-right: 2%;\n");
      out.write("padding: 5px;\n");
      out.write("}\n");
      out.write("</style>\n");
      out.write("<script>\n");
      out.write("\t\n");
      out.write("\tfunction checkField(){\n");
      out.write("\t\tif(document.myform.chckall.checked==true){\n");
      out.write("\t\t\tshowHint();\n");
      out.write("\t\t}\n");
      out.write("\t\telse{\t\tvar c_date1,c_date2,u_date2,u_date1;\n");
      out.write("\t\t\t\tif(!($(\"#createDate2\").jqxDateTimeInput('disabled'))){\n");
      out.write("\t\t\t\tc_date1 = $('#createDate1').jqxDateTimeInput('getText');\n");
      out.write("\t\t\t\tc_date2 = $('#createDate2').jqxDateTimeInput('getText');\n");
      out.write("\t\t\t}\n");
      out.write("\t\t\t\n");
      out.write("\t\t\tif(!($(\"#updateDate2\").jqxDateTimeInput('disabled'))){\n");
      out.write("\t\t\t\tu_date1 = $('#updateDate1').jqxDateTimeInput('getText');\n");
      out.write("\t\t\t\tu_date2 = $('#updateDate2').jqxDateTimeInput('getText');\n");
      out.write("\t\t\t}\t    \n");
      out.write("\t\t    showHint();\t\t  \n");
      out.write("\t    }\n");
      out.write("\t}\n");
      out.write("\tfunction showMsg(){\n");
      out.write("\t  \t document.myform.action=\"HomeForm.jsp\";\n");
      out.write("\t   \t document.myform.submit();\n");
      out.write("\t}\n");
      out.write("\tfunction Clear(){\n");
      out.write("\t\t\n");
      out.write("\t\ttry{\n");
      out.write("\t\t\tdocument.getElementById(\"order_number\").focus();\n");
      out.write("\t\t} catch (exp){}\n");
      out.write("\t\t\n");
      out.write("\t\t\n");
      out.write("\t\t\n");
      out.write("\t\tdocument.myform.custCode.value=\"\";\n");
      out.write("\t\tdocument.myform.phonenumber.value=\"\";\n");
      out.write("\t\tdocument.myform.custName.value=\"\";\n");
      out.write("\t\tdocument.myform.nameString.value=\"\";\t\t\n");
      out.write("\t\tdocument.myform.Building.value=\"\";\n");
      out.write("\t\tdocument.myform.Building_no.value=\"\";\n");
      out.write("\t\tdocument.myform.wing.value=\"\";\n");
      out.write("\t\tdocument.myform.block.value=\"\";\n");
      out.write("\t\tdocument.myform.add1.value=\"\";\n");
      out.write("\t\tdocument.myform.add2.value=\"\";\n");
      out.write("\t\tdocument.myform.area.value=\"\";\n");
      out.write("\t\tdocument.myform.station.value=\"\";\n");
      out.write("\t\t\n");
      out.write("\t\tdocument.myform.selmonth.value=\"\";\n");
      out.write("\t\t\n");
      out.write(
          "\t\t$(\"#createDate1\").jqxDateTimeInput({theme:'ui-redmond',width: '250px', height: '25px',max:new Date(),formatString: \"yyyy-MM-dd\"});\n");
      out.write(
          "\t\t$(\"#createDate2\").jqxDateTimeInput({theme:'ui-redmond',width: '250px', height: '25px',min:new Date(),max:new Date(),formatString: \"yyyy-MM-dd\",value:new Date()});\n");
      out.write("\t\t$(\"#createDate2\").jqxDateTimeInput({disabled: true});\n");
      out.write("\t\t\n");
      out.write("\t\t\n");
      out.write(
          "\t\t$(\"#updateDate1\").jqxDateTimeInput({theme:'ui-redmond',width: '250px', height: '25px',max:new Date(),formatString: \"yyyy-MM-dd\"});\n");
      out.write(
          "\t\t$(\"#updateDate2\").jqxDateTimeInput({theme:'ui-redmond',width: '250px', height: '25px',min:new Date(),max:new Date(),formatString: \"yyyy-MM-dd\",value:new Date()});\n");
      out.write("\t\t$(\"#updateDate2\").jqxDateTimeInput({disabled: true});\n");
      out.write("\t\t\n");
      out.write("\t\t$('#createDate1').on('close', function (event) {\n");
      out.write("\t\t // Some code here. \n");
      out.write("\t\t \t$(\"#createDate2\").jqxDateTimeInput({disabled: false});\n");
      out.write(
          "\t\t \t$(\"#createDate2\").jqxDateTimeInput({min: $('#createDate1').jqxDateTimeInput('getDate')});\n");
      out.write(" \t\t}); \t\n");
      out.write(" \t\t\n");
      out.write(" \t\t$('#updateDate1').on('close', function (event) {\n");
      out.write("\t\t // Some code here. \n");
      out.write("\t\t \t$(\"#updateDate2\").jqxDateTimeInput({disabled: false});\n");
      out.write(
          "\t\t \t$(\"#updateDate2\").jqxDateTimeInput({min: $('#updateDate1').jqxDateTimeInput('getDate')});\n");
      out.write(" \t\t}); \t\n");
      out.write("\t\t\n");
      out.write("\t\tfunEnabled();\n");
      out.write("\t}\n");
      out.write("\t\n");
      out.write("function ckeckEmpty(){\n");
      out.write("\tif(document.getElementById(\"order_number\").value == \"\"){\n");
      out.write("\t\talert(\"Please Enter Order Number\");\n");
      out.write("\t\tdocument.getElementById(\"order_number\").focus();\n");
      out.write("\t\treturn false;\n");
      out.write("\t} else {\n");
      out.write("\t\treturn true;\n");
      out.write("\t}\n");
      out.write("}\n");
      out.write("\n");
      out.write("\n");
      out.write("</script>\n");

      String call_type = request.getParameter("call_type");
      if (call_type == null) {
        call_type = "";
      }
      if (call_type.equals("search_payment")) {
        String m = "<< Show List";

        out.write("\n");
        out.write("\t\t\t<div id=\"selected_order\">\n");
        out.write("\t\t\t\t<b>Selected orders</b>\n");
        out.write(
            "\t\t\t\t<form action=\"PrintSelectedCustPayment.jsp\" method=\"get\" id=\"submit_form\">\n");
        out.write(
            "\t\t\t\t<table style=\"width: 100%;border-collapse: collapse;\" border=1 id=\"selected_order_table\">\n");
        out.write("\t\t\t\t<tr>\n");
        out.write("\t\t\t\t\t<th style=\"width: 20%;\">Order Number</th>\n");
        out.write("\t\t\t\t\t<th style=\"width: 35%;\">Cust Name</th>\n");
        out.write("\t\t\t\t\t<th style=\"width: 20%;\">Balance</th>\n");
        out.write("\t\t\t\t\t<th style=\"width: 25%;\">&nbsp;</th>\n");
        out.write("\t\t\t\t</tr>\n");
        out.write("\t\t\t\t</table>\n");
        out.write("\t\t\t\t<table style=\"width: 100%;\" border=1 id=\"insert_table\">\n");
        out.write("\t\t\t\t</table>\n");
        out.write(
            "\t\t\t\t <input type=\"text\" readonly=\"readonly\" name=\"order_count\" id=\"order_count_id\" size=\"3\" value=\"0\" style=\"background-color :#ECFB99 ;\"/> orders selected to print.\n");
        out.write(
            "\t\t\t\t<input type=\"submit\" onclick=\" return printSelectedInformation()\" value=\"Print\" style=\"float: right;\"/>\n");
        out.write("\t\t\t\t</form>\n");
        out.write("\t\t\t</div>\n");
        out.write("\t\t");
      }
      if (!call_type.equals("search_payment") || !call_type.equals("communication")) {

        out.write("\n");
        out.write("<center>\n");
      }
      out.write("\n");
      out.write("<fieldset style=\"width: 55%;\"><legend>\n");

      String msg = request.getParameter("msg");
      if (call_type.equals("receive_payment")) {
        out.print("<h3>Search Customer To Receive Payment</h3>");
      } else if (call_type.equals("search_payment")) {
        out.print("<h3>Search Customer To See Pending</h3>");
      } else if (call_type.equals("communication")) {
        out.print("<h3>Search Customer To Communicate</h3>");
      } else {
        out.print("<h3>Search Customer</h3>");
      }

      out.write("\n");
      out.write("</legend>\n");

      if (call_type.equals("receive_payment")) {

        out.write("\n");
        out.write(
            "\t\t<input type = \"radio\" name = \"radio\" onclick=\"ChangeCriteria('order')\" checked=\"checked\"/>Search By Order Number\n");
        out.write(
            "\t\t<input type = \"radio\" name = \"radio\" onclick=\"ChangeCriteria('cust')\"/>Search By Customer Detail\n");
        out.write("\t");
      }
      if (call_type.equals("receive_payment")) {

        out.write("\n");
        out.write("\t<br/><br/>\n");
        out.write("<form id=\"myform1\" action=\"SearchCustUsingOrderNo.jsp\" method=\"get\">\n");
        out.write("\t");

        if (msg != null) {
          out.print("<i><font color=red>No Matching Record Found</font></i><br/><br/>");
        }

        out.write("\n");
        out.write(
            "\tEnter Order Number :&nbsp;&nbsp;<input type = \"text\" name = \"order_number\" value=\"\" id =\"order_number\" onkeypress=\"return isNumberKey(event)\"/>\n");
        out.write(
            "\t<input type = \"submit\" value=\"Search\" onclick=\"return ckeckEmpty();\"/>\n");
        out.write("\n");
        out.write("<br/>\n");
        out.write("</form>\n");
        out.write("<form name=\"myform\" method=\"post\" id=\"myform\" style=\"display: none\">\n");
      } else {
        out.write("\n");
        out.write("<form name=\"myform\" method=\"post\" id=\"myform\" >\n");
      }
      out.write("\n");
      out.write("\t<table style=\"width: 100%;\">\n");
      out.write("\t\t<tr style=\"width: 100%;\">\n");
      out.write(
          "\t\t\t<td align=\"center\" colspan=3><b><font color=\"blue\">&nbspA</font>ll Customers List &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp\n");
      out.write(
          "\t\t\t<input type=\"CheckBox\" name=\"chckall\" accesskey=\"a\" onClick=\"funEnabled();\"></td>\n");
      out.write("\t\t</tr>\t\t\n");
      out.write("\t\t<tr style=\"width: 100%;\">\n");
      out.write("\t\t\t<td colspan=3>\n");
      out.write("\t\t\t<div id=\"div4\" style=\"width: 100%;\" >\n");
      out.write("\t\t\t\t<table>\t\t\t\t\n");
      out.write("\t\t\t\t\t<tr>\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\">\n");
      out.write("\t\t\t\t\t\t\t<b><font color=\"blue\">C</font>ustomer Code</b>\n");
      out.write("\t\t\t\t\t\t</td>\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write(
          "\t\t\t\t\t\t<td style=\"width: 29%;\"><input style=\"width: 97%;\" type=\"text\" name=\"custCode\" accesskey=\"c\"></td>\n");
      out.write("\t\t\t\t\t\t");
      if (call_type.equals("search_payment") || call_type.equals("communication")) {
        out.write("\n");
        out.write("\t\t\t\t\t\t<td style=\"width: 8%;\" align=\"left\"></td>\n");
        out.write("\t\t\t\t\t\t\n");
        out.write("\t\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\">\n");
        out.write("\t\t\t\t\t\t\t<b>O<font color=\"blue\">r</font>der Number</b>\n");
        out.write("\t\t\t\t\t\t</td>\n");
        out.write("\t\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
        out.write(
            "\t\t\t\t\t\t<td style=\"width: 29%;\"><input style=\"width: 97%;\" type=\"text\" name=\"ordernumber\" accesskey=\"c\"></td>\n");
        out.write("\t\t\t\t\t\t");
      }
      out.write("\n");
      out.write("\t\t\t\t\t</tr>\n");
      out.write("\t\t\t\t\t<tr>\n");
      out.write(
          "\t\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\"><b>Customer <font color=\"blue\">N</font>ame</b></td>\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write(
          "\t\t\t\t\t\t<td style=\"width: 29%;\"><input style=\"width: 97%;\" type=\"text\" name=\"custName\"  align=\"right\" accesskey=\"n\"></td>\n");
      out.write("\t\t\t\t\t\t\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 8%;\" align=\"left\"></td>\n");
      out.write("\t\t\t\t\t\t\n");
      out.write(
          "\t\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\"><b><font color=\"blue\">P</font>hone Number</b></td>\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write(
          "\t\t\t\t\t\t<td style=\"width: 29%;\"><input style=\"width: 97%;\" type=\"text\" name=\"phonenumber\" size=\"22\" align=\"right\" colspan=\"2\" accesskey=\"p\"></td>\n");
      out.write("\t\t\t\t\t\t\n");
      out.write("\t\t\t\t\t</tr>\n");
      out.write("\t\t\t\t\t<tr>\n");
      out.write(
          "\t\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\"><b>M<font color=\"blue\">o</font>bile Number</b></td>\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write(
          "\t\t\t\t\t\t<td><input style=\"width: 97%;\" type=\"text\" name=\"mobilenumber\" size=\"22\" align=\"right\" colspan=\"2\" accesskey=\"o\"></td>\n");
      out.write("\t\t\t\t\t\t\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 8%;\" align=\"left\"></td>\n");
      out.write("\t\t\t\t\t\t\n");
      out.write(
          "\t\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\"><b>Na<font color=\"blue\">m</font>e String</b></td>\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write(
          "\t\t\t\t\t\t<td><input style=\"width: 97%;\" style=\"width: 100%;\" type=\"text\" name=\"nameString\" size=\"22\"  align=\"right\" accesskey=\"m\" colspan=\"2\"></td>\n");
      out.write("\t\t\t\t\t</tr>\n");
      out.write("\t\t\t\t\t<tr>\n");
      out.write(
          "\t\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\"><b><font color=\"blue\">B</font>uilding</b></td>\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write(
          "\t\t\t\t\t\t<td><input style=\"width: 97%;\" type=\"text\" name=\"Building\" accesskey=\"b\" align=\"right\"></b></td>\n");
      out.write("\t\t\t\t\t\t\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 8%;\" align=\"left\"></td>\n");
      out.write("\t\t\t\t\t\t\n");
      out.write(
          "\t\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\"><b>Building <font color=\"blue\">N</font>o.</b></td>\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write(
          "\t\t\t\t\t\t<td><input style=\"width: 97%;\" type=\"text\" name=\"Building_no\"  size=\"22\"  accesskey=\"o\"></b></td>\n");
      out.write("\t\t\t\t\t</tr>\n");
      out.write("\t\t\t\t\t<tr>\n");
      out.write(
          "\t\t\t\t\t    <td style=\"width: 15%;\" align=\"left\"><b><font color=\"blue\">W</font>ing</b></td>\n");
      out.write("\t\t\t\t\t    <td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write(
          "\t\t\t\t\t    <td><input style=\"width: 97%;\" type =\"text\" name=\"wing\" accesskey=\"w\" ></td>\n");
      out.write("\t\t\t\t\t    \n");
      out.write("\t\t\t\t\t    <td style=\"width: 8%;\" align=\"left\"></td>\n");
      out.write("\t\t\t\t\t    \n");
      out.write(
          "\t\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\"><b><font color=\"blue\">F</font>lat No.</b></td>\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write(
          "\t\t\t\t\t\t<td><input style=\"width: 97%;\" type =\"text\" name=\"block\"  size=\"22\" accesskey=\"f\" align=\"right\">\n");
      out.write("\t\t\t\t\t\t</tr>\n");
      out.write("\t\t\t\t\t<tr>\n");
      out.write(
          "\t\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\"><b>Addr<font color=\"blue\">e</font>ss1</b></td>\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write(
          "\t\t\t\t\t\t<td><input style=\"width: 97%;\" type =\"text\" accesskey=\"e\" name=\"add1\"></td>\n");
      out.write("\t\t\t\t\t\t\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 8%;\" align=\"left\"></td>\n");
      out.write("\t\t\t\t\t\t\n");
      out.write(
          "\t\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\"><b>A<font color=\"blue\">d</font>dress2</b></td>\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write(
          "\t\t\t\t\t\t<td><input style=\"width: 97%;\" type =\"text\" accesskey=\"d\" name=\"add2\" size=\"22\"></td>\n");
      out.write("\t\t\t\t\t</tr>\n");
      out.write("\t\t\t\t\t<tr >\n");
      out.write(
          "\t\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\"><b>A<font color=\"blue\">r</font>ea</b></td>\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write("\t\t\t\t\t\t<td>\n");
      out.write("\t\t\t\t\t\t");

      String name;
      try {
        Context initContext = new InitialContext();
        Context envContext = (Context) initContext.lookup("java:/comp/env");
        // DataSource ds = (DataSource)envContext.lookup("jdbc/js");
        DataSource ds = (DataSource) envContext.lookup("jdbc/re");
        Connection conn = ds.getConnection();
        Statement stmt = conn.createStatement();
        ResultSet rs =
            stmt.executeQuery(
                "select value from code_table where category='AREA' order by value asc");

        out.write("\n");
        out.write("\t\t\t\t\t\t\t<SELECT style=\"width: 97%;\" name=\"area\">\n");
        out.write("\t\t\t\t\t\t\t\t<OPTION VALUE=\"\"> Select Area </OPTION>\n");
        out.write("\t\t\t\t\t\t");

        while (rs.next()) {
          name = rs.getString(1);

          out.write("\n");
          out.write("\t\t\t\t\t\t\t\t<OPTION VALUE=\"");
          out.print(name);
          out.write('"');
          out.write('>');
          out.write(' ');
          out.print(name);
          out.write(" </OPTION>\n");
          out.write("\t\t\t\t\t\t");
        }

        out.write("\n");
        out.write("\t\t\t\t\t\t\t</SELECT>\n");
        out.write("\t\t\t\t\t\t</td>\t\n");
        out.write("\t\t\t\t\t\t\n");
        out.write("\t\t\t\t\t\t<td style=\"width: 8%;\" align=\"left\"></td>\n");
        out.write("\t\t\t\n");
        out.write(
            "\t\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\"><b>Payment Type</b></td>\n");
        out.write("\t\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
        out.write("\t\t\t\t\t\t<td>\n");
        out.write("\t\t\t\t\t\t\t<SELECT style=\"width: 97%;\" name=\"payment\" align=\"left\">\n");
        out.write("\t\t\t\t\t\t\t\t<OPTION selected VALUE=\"\"> Select Type </OPTION>\n");
        out.write("\t\t\t\t\t\t\t\t<OPTION VALUE=\"NoType\"> No Type </OPTION>\n");
        out.write("\t\t\t\t\t\t");

        ResultSet rs2 =
            stmt.executeQuery("SELECT payment_type_code, payment_type_desc FROM payment_type");
        while (rs2.next()) {

          out.write("\t\n");
          out.write("\t\t\t\t\t\t\t\t<OPTION VALUE=\"");
          out.print(rs2.getString(1));
          out.write('"');
          out.write('>');
          out.write(' ');
          out.print(rs2.getString(2));
          out.write(" </OPTION>\n");
          out.write("\t\t\t\t\t\t");
        }
        rs2.close();
        stmt.close();
        conn.close();
      } catch (Exception e) {
        e.getMessage();
        e.printStackTrace();
      }

      out.write("\n");
      out.write("\t\t\t\t\t\t\t</SELECT>\n");
      out.write("\t\t\t\t\t\t</td>\n");
      out.write("\t\t\t\t\t</tr>\n");
      out.write("\t\t\t\t\t<tr>\n");
      out.write(
          "\t\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\"><b>Create<font color=\"blue\">D</font>ate</b></td>\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write("\t\t\t\t\t\t<td>\n");
      out.write(
          "\t\t\t\t\t\t\t<!-- <input type =\"text\" accesskey=\"d\" name=\"c_date1\" size=\"15\" style=\"width: 79%;\">\n");
      out.write(
          "\t\t\t\t\t\t\t<input type=\"button\" onClick=\"c1.popup('c_date1');\" value=\"...\" style=\"width: 15%;\"/> -->\n");
      out.write("\t\t\t\t\t\t\t<div id='createDate1'></div>\n");
      out.write("\t\t\t\t\t\t</td>\n");
      out.write("\t\t\t\t\t\t\t\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 8%;\" align=\"left\"></td>\n");
      out.write("\t\t\t\t\t\t\t\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\"><b>And</b></td>\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write("\t\t\t\t\t\t<td> \n");
      out.write(
          "\t\t\t\t\t\t\t<!-- <input type =\"text\" name=\"c_date2\" size=\"15\" style=\"width: 79%;\">\n");
      out.write(
          "\t\t\t\t\t\t\t<input type=\"button\" onClick=\"c1.popup('c_date2');\" value=\"...\" style=\"width: 15%;\"/> -->\n");
      out.write("\t\t\t\t\t\t\t<div id='createDate2'></div>\n");
      out.write("\t\t\t\t\t\t\t\n");
      out.write("\t\t\t\t\t\t</td>\n");
      out.write("\t\t\t\t\t</tr>\n");
      out.write("\t\t\t\t\t<tr>\n");
      out.write(
          "\t\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\"><b><font color=\"blue\">U</font>pdate Date</b></td>\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write("\t\t\t\t\t\t<td>\n");
      out.write(
          "\t\t\t\t\t\t\t<!-- <input type =\"text\" accesskey=\"u\" name=\"u_date1\" size=\"15\" style=\"width: 79%;\"/>\n");
      out.write(
          "\t\t\t\t\t\t\t<input type=\"button\" onClick=\"c1.popup('u_date1');\" value=\"...\" style=\"width: 15%;\"/> -->\n");
      out.write("\t\t\t\t\t\t\t<div id=\"updateDate1\"></div>\n");
      out.write("\t\t\t\t\t\t</td>\n");
      out.write("\t\t\t\t\t\t\t\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 8%;\" align=\"left\"></td>\n");
      out.write("\t\t\t\t\t\t\t\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\"><b>And</b></td>\n");
      out.write("\t\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write("\t\t\t\t\t\t<td> \n");
      out.write(
          "\t\t\t\t\t\t\t<!-- <input type =\"text\" name=\"u_date2\" size=\"15\" style=\"width: 79%;\"/>\n");
      out.write(
          "\t\t\t\t\t\t\t<input type=\"button\" onClick=\"c1.popup('u_date2');\" value=\"...\" style=\"width: 15%;\"/> -->\n");
      out.write("\t\t\t\t\t\t\t<div id='updateDate2'></div>\n");
      out.write("\t\t\t\t\t\t</td>\n");
      out.write("\t\t\t\t\t</tr>\n");
      out.write("\t\t\t\t\t<tr>\n");
      out.write(
          "\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\"><b><font color=\"blue\">S</font>tation</b></td>\n");
      out.write("\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write(
          "\t\t\t\t\t<td><input style=\"width: 97%;\" type =\"text\"  size=\"22\" accesskey=\"d\" name=\"station\"></td>\n");
      out.write("\t\t\t\t\t\t\n");
      out.write("\t\t\t\t\t<td style=\"width: 8%;\" align=\"left\"></td>\n");
      out.write("\t\t\t\t\t\t\n");
      out.write("\t\t\t\t\t<td style=\"width: 15%;\" align=\"left\"><b>Last Order Days</b></td>\n");
      out.write("\t\t\t\t\t<td style=\"width: 1%;\" align=\"left\">:</td>\n");
      out.write(
          "\t\t\t\t\t<td><input style=\"width: 97%;\" type=\"text\" name=\"selmonth\"/></td></tr>\n");
      out.write("\t\t\t\t</table></div>\n");
      out.write("\t\t\t</td>\n");
      out.write("\t\t</tr>\n");
      out.write("\t\t\t\n");
      out.write("\t\t<tr>\n");
      out.write("\t\t\t<td align=\"center\" colspan=4>\n");
      out.write(
          "\t\t\t\t<input type=\"submit\" name=\"search\"  title=\"Press <Enter>\" value=\"Search <Enter>\" accesskey=\"s\" onclick=\"checkField();return false;\"/>\n");
      out.write(
          "\t\t\t\t<input type=\"reset\" name=\"clear\" title=\"Press <Alt+c>\" tabindex=\"1\" value=\"Clear <Alt+c>\" accesskey=\"c\" onclick=\"document.getElementById('txtHint').innerHTML='';\"/>\n");
      out.write(
          "\t\t\t\t<INPUT type=BUTTON value=\"Cancel <Alt+c>\" accesskey=\"c\" onClick=\"showMsg();\"/></center>\n");
      out.write("\t\t\t</td>\n");
      out.write("\t\t</tr>\n");
      out.write("\t</table>\n");
      out.write("\t</fieldset>\n");
      out.write("\t<input  type=\"hidden\" name=\"hchckall\" value=\"1\">\n");
      out.write("\t<input type=\"hidden\" name=\"call_type\" value=\"");
      out.print(call_type);
      out.write("\"/>\n");
      out.write("<script>\n");
      out.write("function funEnabled(){\n");
      out.write("\t    if (document.myform.chckall.checked==true){\n");
      out.write("\t\t\tdocument.getElementById('div4').style.visibility=\"hidden\";\n");
      out.write("\t\t\tdocument.myform.hchckall.value=1;\t\t\n");
      out.write("\t\t\t$(\"#createDate2\").jqxDateTimeInput({disabled: true});\n");
      out.write("\t\t\t$(\"#updateDate2\").jqxDateTimeInput({disabled: true});\n");
      out.write("\t\t\t\n");
      out.write("\t\t}\n");
      out.write("\t\telse{\n");
      out.write("\t\t\tdocument.getElementById('div4').style.visibility=\"visible\";\n");
      out.write("\t\t\tdocument.myform.hchckall.value=0;\t\t\t\n");
      out.write("\t\t}\n");
      out.write("\t}\n");
      out.write("window.onload =Clear;\n");
      out.write("\n");
      out.write("function ChangeCriteria(str){\n");
      out.write("\tif(str == \"cust\"){\n");
      out.write("\t\tdocument.getElementById(\"myform\").style.display='block';\n");
      out.write("\t\tdocument.getElementById(\"myform1\").style.display='none';\n");
      out.write("\t}else if(str == \"order\"){\n");
      out.write("\t\tdocument.getElementById(\"myform\").style.display='none';\n");
      out.write("\t\tdocument.getElementById(\"myform1\").style.display='block';\n");
      out.write("\t\tdocument.getElementById(\"txtHint\").innerHTML=\"\";\n");
      out.write("\t\tdocument.getElementById(\"order_number\").focus();\n");
      out.write("\t\tdocument.getElementById(\"order_number\").value=\"\";\n");
      out.write("\t}\n");
      out.write("}\n");
      out.write("function isNumberKey(evt) {\n");
      out.write("\tvar charCode = (evt.which) ? evt.which : event.keyCode;\n");
      out.write("\tif (charCode != 46 && charCode > 31 && (charCode < 48 || charCode > 57))\n");
      out.write("\t\treturn false;\n");
      out.write("\telse\n");
      out.write("\t\treturn true;\n");
      out.write("}\n");
      out.write("</script>\n");
      out.write(
          "\t<hr><center><div id=\"txtHint\" class=\"ddm1\" style=\"background-color: white;width: 100%;max-height: 400px;overflow: auto;\"></div></center>\n");
      out.write("\t<br><br>\n");
      out.write(
          "\t<p><h1><center><div id=\"waitMessage\"  style=\"cursor: sw-resize;\"></center></div></h1></p>\n");

      String fromFromName = "";
      if (request.getParameter("fromForm") != null) fromFromName = request.getParameter("fromForm");
      // CustPmtHstry

      out.write("\n");
      out.write("\t<input type=\"hidden\" name=\"fromForm\" value=\"");
      out.print(fromFromName);
      out.write("\">\n");
      out.write("</form>\n");
      out.write("\n");
      out.write(
          "<div id=\"dispdiv\" align=\"center\" style=\"border:1px solid black; padding:25px; text-align:center; display:none; background-color:#FFF; overflow:auto; height:300px; width=200px;\"> </div>\n");
      out.write("</body>\n");
      out.write("</html>\n");
    } catch (java.lang.Throwable t) {
      if (!(t instanceof javax.servlet.jsp.SkipPageException)) {
        out = _jspx_out;
        if (out != null && out.getBufferSize() != 0)
          try {
            out.clearBuffer();
          } catch (java.io.IOException e) {
          }
        if (_jspx_page_context != null) _jspx_page_context.handlePageException(t);
        else throw new ServletException(t);
      }
    } finally {
      _jspxFactory.releasePageContext(_jspx_page_context);
    }
  }
Пример #24
0
  public void _jspService(HttpServletRequest request, HttpServletResponse response)
      throws java.io.IOException, ServletException {

    PageContext pageContext = null;
    HttpSession session = null;
    ServletContext application = null;
    ServletConfig config = null;
    JspWriter out = null;
    Object page = this;
    JspWriter _jspx_out = null;
    PageContext _jspx_page_context = null;

    try {
      response.setContentType("text/html; charset=ISO-8859-1");
      pageContext = _jspxFactory.getPageContext(this, request, response, null, true, 8192, true);
      _jspx_page_context = pageContext;
      application = pageContext.getServletContext();
      config = pageContext.getServletConfig();
      session = pageContext.getSession();
      out = pageContext.getOut();
      _jspx_out = out;
      _jspx_resourceInjector =
          (org.glassfish.jsp.api.ResourceInjector)
              application.getAttribute("com.sun.appserv.jsp.resource.injector");

      out.write("\n");
      out.write("    \n");
      out.write("    \n");
      out.write("    \n");
      Class.forName("com.mysql.jdbc.Driver");
      out.write("\n");
      out.write("    \n");
      out.write("    \n");
      out.write(
          "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n");
      out.write("<html>\n");
      out.write("<head>\n");
      out.write(" <link href=\"css/bootstrap.min.css\" rel=\"stylesheet\">\n");
      out.write("        <!-- Bootstrap css online -->\n");
      out.write(
          "        <link rel=\"stylesheet\" href=\"http://netdna.bootstrapcdn.com/bootstrap/3.0.3/css/bootstrap.min.css\">\n");
      out.write("        <link  href=\"css/customcss.css\" rel=\"stylesheet\">\n");
      out.write(
          "        <script type=\"text/javascript\" src=\"js/jquery-1.10.2.min.js\"></script>\n");
      out.write("        <script src=\"js/bootstrap.min.js\"></script>\n");
      out.write("\n");
      out.write("<meta http-equiv=\"Content-Type\" content=\"text/html; charset=ISO-8859-1\">\n");
      out.write("<title>Analysis of Algorithms : D.B.Phatak</title>\n");
      out.write("</head>\n");
      out.write("<body>\n");
      out.write("\n");
      out.write("<!--Header-->\n");
      out.write("\n");
      out.write("  ");

      String name = (String) session.getAttribute("pass");

      out.write("\n");
      out.write("    <div class=\"container\">\n");
      out.write("             <br>\n");
      out.write("            <!--HEADER -->\n");
      out.write("            <div class=\"header\">\n");
      out.write(
          "                <a href=\"index.jsp\" style=\"color: #000;\"> <ul class=\"nav nav-pills pull-left\" >\n");
      out.write(
          "                    <li id=\"brand_icon\">       <img src=\"Images/mic_logo.png\" alt=\"\" width=\"80px\" height=\"80px\"/></li>\n");
      out.write(
          "                    <li id=\"brand_name\"> <p class=\"title\"><span style=\"font-size: 70px;\">|</span> iClass <strong>Forum</strong></p></li>\n");
      out.write("\n");
      out.write("                </ul></a>\n");
      out.write(
          "                <!--   <p class=\"title1\">iClass</p>&nbsp;&nbsp;<p class=\"title2\">Forum</p> \n");
      out.write("                -->\n");
      out.write("                <form action=\"Login\" method=\"post\">\n");
      out.write("\n");
      out.write(
          "                    <ul class=\"nav nav-pills pull-right\" style=\"margin-top: 35px\">\n");
      out.write("                        <li><a href=\"index.jsp\">Home</a></li>\n");
      out.write("                        <li><a href=\"contactus.jsp\">Contact Us</a></li>\n");
      out.write("\n");
      out.write("                        ");
      if (name != null) {
        try {
          out.write("\n");
          out.write("\n");
          out.write("                        <li><a href=\"logout.jsp\">Logout</a></li>\n");
          out.write("                        <li style=\"margin-top: 10px\">Welcome ");
          out.print(name);
          out.write("</li>\n");
          out.write("\n");
          out.write("                        ");
        } catch (Exception e) {

          System.out.println("Problem :" + e);
        }

      } else {

        out.write("\n");
        out.write("\n");
        out.write("                        <li><a href=\"signup.jsp\">Login</a></li>\n");
        out.write("\n");
        out.write("                        ");
      }
      out.write("\n");
      out.write("\n");
      out.write("                    </ul>\n");
      out.write("                </form>\n");
      out.write("\n");
      out.write("\n");
      out.write("            </div>\n");
      out.write("\n");
      out.write("\n");
      out.write("\n");
      out.write("            <br>\n");
      out.write("         \n");
      out.write("      \n");
      out.write("\n");
      out.write("        <!-- MODAL -->\n");
      out.write("        <form action=\"\" name=\"batti\" method=\"post\">\n");
      out.write("\n");
      out.write(
          "        <div class=\"modal fade\" id=\"myModal\" tabindex=\"-1\" role=\"dialog\" aria-labelledby=\"myModalLabel\" aria-hidden=\"true\">\n");
      out.write("          <div class=\"modal-dialog\">\n");
      out.write("            <div class=\"modal-content\">\n");
      out.write("              <div class=\"modal-header\">\n");
      out.write(
          "                <button type=\"button\" class=\"close\" data-dismiss=\"modal\" aria-hidden=\"true\">&times;</button>\n");
      out.write("                <h4 class=\"modal-title\" id=\"myModalLabel\">Answer here</h4>\n");
      out.write("              </div>\n");
      out.write("              <div class=\"modal-body\">\n");
      out.write("                                <div class=\"input-group input-group-lg\">\n");
      out.write("                                <span class=\"input-group-addon\">\n");
      out.write(
          "                                <span class=\"glyphicon glyphicon-pencil\"></span>\n");
      out.write("                                </span>\n");
      out.write(
          "                                <textarea class=\"form-control\" id=\"currentans\" name=\"mainanswer\" rows=\"10\" style=\"resize: vertical;\">\n");
      out.write("                                </textarea>\n");
      out.write("                                </div>\n");
      out.write("              </div>\n");
      out.write("              <div class=\"modal-footer\">\n");
      out.write(
          "              <input type=\"text\" id=\"hidden\" name=\"maindata\" value=\"JAI HO\"/>\n");
      out.write(
          "                <button type=\"button\" class=\"btn btn-primary\" onClick=\"saveAns()\">Save Answer</button>\n");
      out.write("              </div>\n");
      out.write("            </div>\n");
      out.write("          </div>\n");
      out.write("        </div>\n");
      out.write("\n");
      out.write("\n");
      out.write("\n");
      out.write("    </form>\n");
      out.write("    <!-- MODAL ENDS HERE -->\n");
      out.write("\n");
      out.write("<div class=\"page1\" >          \n");
      out.write("                <center>\n");
      out.write("\n");
      out.write(
          "                    <font face=\"myFontThin\" size=\"6\" class=\"title\">Department of  </font><font face=\"myFontThick\" size=\"8\"><b>Computer Science</b></font>\n");
      out.write("                <br>\n");
      out.write("                   <font face=\"myFontThick\" size=\"5\">Prof. sunil</font>\n");
      out.write("                \n");
      out.write("                </center>\n");
      out.write(
          "                <br> <br>  <font face=\"myFontThick\" size=\"6\"><b> bbbbbb </b></font>\n");
      out.write("<br><br><br>\n");
      out.write("                        \n");
      out.write("\n");
      out.write("\n");
      out.write("            ");

      Connection connection =
          DriverManager.getConnection("jdbc:mysql://localhost/aakash", "root", "lavikothari");
      Statement statement = connection.createStatement();
      ResultSet resultset = statement.executeQuery("select * from qa27;");

      int i = 0, no, ct = 0;
      String qid, bid, ansdivid, buttonid, delbuttonid, userid, answerid;

      while (resultset.next()) {
        ct++;
        no = resultset.getInt(1);
        if (i < no) {
          i = no;
        }
        qid = "q" + no;
        ansdivid = "ans" + no;
        bid = "b" + no;
        buttonid = "button" + no;
        delbuttonid = "delbutton" + no;
        userid = "user" + no;
        answerid = "answer" + no;

        out.write("\n");
        out.write("        <!--  <form action=\"\" method=\"get\" name=\"batti\" > -->\n");
        out.write("\t    \n");
        out.write("\t<div class=\"panel panel-default\">\n");
        out.write("            <div class=\"panel-heading\">\n");
        out.write("                <h3 class=\"panel-title\">\n");
        out.write("                <div id=");
        out.print(userid);
        out.write(
            " style=\"font-style:bold ;font-size:15px; padding-left:0.5px ;text-shadow: 2px 2px 8px #6E6E6E\">\n");
        out.write("\t    \t");
        out.print(resultset.getString(4));
        out.write("\n");
        out.write("                </div>\n");
        out.write("                </h3>\n");
        out.write("            </div>\n");
        out.write("            <div class=\"panel-body\">\n");
        out.write("                <div id=");
        out.print(qid);
        out.write(" style=\"text-align:left ;font-size:20px;font-style:italic\">\n");
        out.write("\t\t\t");
        out.print(resultset.getString(2));
        out.write("<br><br>\n");
        out.write("\t\t</div>\n");
        out.write("\t    \t<div class=\"panel panel-default\" id=");
        out.print(ansdivid);
        out.write(" >\n");
        out.write("  \t\t\t\t<div class=\"panel-body\" >\n");
        out.write("   \t\t\t \t\t<p id=");
        out.print(answerid);
        out.write('>');
        out.print(resultset.getString(3));
        out.write("</p>\n");
        out.write(" \t\t \t\t</div>\n");
        out.write("\t\t</div>\n");
        out.write("\t\t<div id=");
        out.print(bid);
        out.write(" >\n");
        out.write("\t\t\t ");
        String condition = (String) session.getAttribute("pass");
        String prof1 = (String) session.getAttribute("Prof");
        String prof2 = (String) session.getAttribute("Prof2");

        // out.println("Lec="+condition);

        // out.println("prof1="+prof1);
        // out.println("prof2="+prof2);
        // System.out.println("Lec="+condition);
        if (condition != null && prof1.equals(prof2)) {

          out.write("       \n");
          out.write("\n");
          out.write(
              "                                <input type=\"button\" class=\"btn btn-primary btn-sm\" style=\"float:right;display:inline\" value=\"Delete\" onClick=\"delQues(this.id)\" id=");
          out.print(delbuttonid);
          out.write(" />\n");
          out.write(
              "                                <input type=\"button\" class=\"btn btn-primary btn-sm\" style=\"float:left;display:inline\" data-toggle=\"modal\" value=\"Answer\" data-target=\"#myModal\" onClick=\"myfunc(this.id)\" id=");
          out.print(buttonid);
          out.write(" />\n");
          out.write("                                ");
        }

        out.write("\n");
        out.write("         \n");
        out.write("\t\t</div>\n");
        out.write("            </div>\n");
        out.write("        </div>\n");
        out.write("\t\n");
        out.write("\t   \n");
        out.write("\t\t\n");
        out.write("        ");
      }
      out.write("\n");
      out.write("\n");
      out.write(
          "               <form action=\"\" name=\"delform\" method=\"post\" style=\"visibility:hidden\">\n");
      out.write("\n");
      out.write(
          "               <input type=\"text\" id= \"delfieldid\" name=\"delfield\" value=\"Namastey\" />\n");
      out.write(
          "               <input type=\"text\" id= \"futureid\" name=\"futurefield\" value=\"London\" />\n");
      out.write("               </form>\n");
      out.write("\n");
      out.write("\n");
      out.write("        <span id =\"debug\" style=\"visibility:hidden\">Hello </span>\n");
      out.write("\n");
      out.write("    </div>\n");
      out.write("</div>    \n");
      out.write("\t    \n");
      out.write(" \n");
      out.write("</div>\n");
      out.write(" \n");
      out.write(" </div>\n");
      out.write("        \n");
      out.write(" \n");
      out.write(" <script type=\"text/javascript\">\n");
      out.write("\t count=");
      out.print(ct);
      out.write(";\n");
      out.write("\t debugging=document.getElementById(\"debug\");\n");
      out.write("\t debugging.innerHTML=\"Count is\"+count;\n");
      out.write("\t hid=document.getElementById(\"hidden\");\n");
      out.write("\t hid.style.display='none';\n");
      out.write("\t \n");
      out.write("\t for (x=1;x<=count;x++)\n");
      out.write("\t {\t\n");
      out.write("\t\t y=document.getElementById(\"answer\"+x);\n");
      out.write("\t\t debug.innerHTML+=y.innerHTML;\n");
      out.write("\t\t z=document.getElementById(\"button\"+x);\n");
      out.write("\t\t if(y!=null && y.innerHTML==\"\")\n");
      out.write("\t\t {\n");
      out.write("\t\t document.getElementById(\"ans\"+x).style.display='none';\n");
      out.write("\t\t }\n");
      out.write("\t\t \n");
      out.write("\t\t else\n");
      out.write("\t\t\t {\n");
      out.write("\t\t\t if(z!=null){\n");
      out.write("\t\t\t z.value=\"Edit Answer\";\n");
      out.write("\t\t\t }\n");
      out.write("\t\t\t }\n");
      out.write("\t }\n");
      out.write("\n");
      out.write("\t function myfunc(clicked_id){\n");
      out.write("\t\t \n");
      out.write("\t\t hid.value=clicked_id;\n");
      out.write("\t\t quesid=clicked_id.replace(\"button\",\"q\");\n");
      out.write("\t\t ansid=clicked_id.replace(\"button\",\"answer\");\n");
      out.write("\t\t \n");
      out.write("\t\t question=document.getElementById(quesid).innerHTML;\n");
      out.write("\t\t answer=document.getElementById(ansid).innerHTML;\n");
      out.write("\t\t \n");
      out.write("\t\t answer.replace(\"  \",\"\");\n");
      out.write("\t\t question.replace(\"  \",\"\");\n");
      out.write("\t\t \n");
      out.write("\t\t document.getElementById(\"myModalLabel\").innerHTML=question;\n");
      out.write("\t\t document.getElementById(\"currentans\").value=answer;\n");
      out.write("\t\t \n");
      out.write("\t }\n");
      out.write("\t \n");
      out.write("\t\n");
      out.write("\t function saveAns()\n");
      out.write("\t {\n");
      out.write("\t\t document.batti.submit();\n");
      out.write("\t\t \n");
      out.write("\t\t ");

      String clid = request.getParameter("maindata");
      if (clid != null) {
        String tobeanswered = clid.replace("button", "");
        System.out.println(tobeanswered);
        String answer = request.getParameter("mainanswer");

        Statement stmt = connection.createStatement();
        String query = "update qa27 set ans ='" + answer + "' where id='" + tobeanswered + "';";

        stmt.executeUpdate(query);

        response.sendRedirect("lec.jsp#user" + tobeanswered);
      }

      out.write("\n");
      out.write("\t }\n");
      out.write("\t \n");
      out.write("\t \n");
      out.write("\n");
      out.write("\t function delQues(clicked_id)\n");
      out.write("\t {\n");
      out.write("\t\t \n");
      out.write("\t\t document.getElementById(\"delfieldid\").value=clicked_id;\n");
      out.write("\t\t \n");
      out.write("\t\t \n");
      out.write("\t\t\t document.getElementById(\"futureid\").value=\"yesssssssss\";\n");
      out.write("\t\t  v=parseInt(clicked_id.replace(\"delbutton\",\"\"))+1;\n");
      out.write("\t\t while(document.getElementById(\"user\"+v)==null && v<count)\n");
      out.write("\t\t\t {\n");
      out.write("\t\t\t v++;\n");
      out.write("\t\t\t document.getElementById(\"futureid\").value=\"user\"+v;\n");
      out.write("\t\t\t }\n");
      out.write("\t\t if(clicked_id==\"delbutton\"+count)\n");
      out.write("\t\t\t {\n");
      out.write("\t\t\t v=parseInt(clicked_id.replace(\"delbutton\",\"\"))-1;\n");
      out.write("\t\t\t }\n");
      out.write("\t\tdocument.getElementById(\"futureid\").value=\"user\"+v;\n");
      out.write("\t\t\t \n");
      out.write("\t\t document.delform.submit();\n");
      out.write("\t\t \n");
      out.write("\t\t ");

      String delid = request.getParameter("delfield");
      if (delid != null) {
        String tobedel = delid.replace("delbutton", "");
        System.out.println("Deleting " + tobedel);

        Statement stmt1 = connection.createStatement();
        String query1 = "delete from qa27 where id='" + tobedel + "';";

        stmt1.executeUpdate(query1);
        String futid = request.getParameter("futurefield");
        response.sendRedirect("lec.jsp#" + futid);
      }

      out.write("\n");
      out.write("\t\t \n");
      out.write("\t }\n");
      out.write("\t \n");
      out.write("\t \n");
      out.write("\t </script>\n");
      out.write("\t\n");
      out.write("\n");
      out.write("</body>\n");
      out.write("</html> \n");
    } catch (Throwable t) {
      if (!(t instanceof SkipPageException)) {
        out = _jspx_out;
        if (out != null && out.getBufferSize() != 0) out.clearBuffer();
        if (_jspx_page_context != null) _jspx_page_context.handlePageException(t);
        else throw new ServletException(t);
      }
    } finally {
      _jspxFactory.releasePageContext(_jspx_page_context);
    }
  }
Пример #25
0
  public void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    request.setCharacterEncoding("gb2312");
    response.setContentType("text/html; charset=gb2312");
    out = response.getWriter();
    session = request.getSession();
    time = new Time();
    str = new Str();
    db = new Db();

    // 取得
    try {
      id = Integer.parseInt((String) request.getParameter("id"));
    } catch (Exception e) {
      id = 0;
    }
    password = request.getParameter("password");
    password = str.inStr(password);
    sqlsp = "SELECT * FROM password WHERE employeeid=" + id;
    sqlse = "SELECT employeeid FROM eminfo WHERE employeeid=" + id;
    sqlu =
        "UPDATE password SET time='"
            + time.getYMDHMS()
            + "',password='******' WHERE employeeid="
            + id;
    sqli =
        "INSERT INTO password(employeeid,password,time) VALUES("
            + id
            + ",'"
            + password
            + "','"
            + time.getYMDHMS()
            + "')";
    try {
      stmt = db.getStmtread();
      rs = stmt.executeQuery(sqlsp);
      // 不是第一次设置更新数据库
      if (rs.next()) {
        db.close();
        stmt = db.getStmt();
        temp = 0;
        temp = stmt.executeUpdate(sqlu);
        if (temp > 0) {
          request.setAttribute("msg", "设置成功");
        } else {
          request.setAttribute("msg", "设置失败");
        }
        db.close();
      } else {
        // 第一次设置
        db.close();
        temp = 0;
        stmt = db.getStmtread();
        rs = stmt.executeQuery(sqlse);
        if (rs.next()) {
          // id存在
          rs.close();
          stmt.close();
          temp = 0;
          stmt = db.getStmt();
          temp = stmt.executeUpdate(sqli);
          if (temp > 0) {
            request.setAttribute("msg", "设置成功");
          } else {
            request.setAttribute("msg", "设置失败");
          }
          db.close();
        } else {
          // id不存在
          db.close();
          request.setAttribute("msg", "员工序号不存在");
        }
      }
    } catch (SQLException e) {
      e.printStackTrace();
    } finally {
      RequestDispatcher dispatcher = request.getRequestDispatcher("set1.jsp");
      dispatcher.forward(request, response);
    }
  }
Пример #26
0
  /** @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */
  protected void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    // TODO Auto-generated method stub
    response.setContentType("text/html");

    Connection conn = null;
    System.out.println("Reached here 1");
    String driver = "sun.jdbc.odbc.JdbcOdbcDriver";
    String user = "";
    String userpass = "";
    String strQuery = "";

    Statement st = null;
    ResultSet rs = null;
    HttpSession session = request.getSession(true);

    try {
      Class.forName(driver);

      conn = DriverManager.getConnection("jdbc:odbc:test", "", "");

      if (request.getParameter("user") != null
          && request.getParameter("user") != ""
          && request.getParameter("userpass") != null
          && request.getParameter("userpass") != "") {
        user = request.getParameter("user").toString();
        userpass = request.getParameter("userpass").toString();
        strQuery = "select * from register ";

        st = conn.createStatement();
        System.out.println("Reached here 2");

        rs = st.executeQuery(strQuery);

        System.out.println("Reached here 3");
        String cpass = null;
        String name = null;
        while (rs.next()) {
          if (rs.getString(3).equals(user)) {
            name = rs.getString(1);
            cpass = rs.getString("pass");
            break;
          }
        }
        session.setAttribute("sname", name);

        System.out.println("Reached Here 4");

        StringBuffer q = pack.calc(userpass);
        String q1 = q.toString();
        System.out.println("Reached Here 5");
        if (cpass.equals(q1)) {

          RequestDispatcher rd =
              this.getServletConfig().getServletContext().getRequestDispatcher("/home.jsp");
          rd.forward(request, response);

        } else {
          RequestDispatcher rd =
              this.getServletConfig().getServletContext().getRequestDispatcher("/login5.jsp");
          rd.forward(request, response);
        }
      }

      conn.close();

    } catch (Exception e) {
      e.printStackTrace();
    }
  }
Пример #27
0
  private List<LicenseData> getSearchByFieldResults(
      String reseller, String parameter, String type) {

    List<LicenseData> list = new ArrayList<LicenseData>();
    Connection con = null;
    try {

      Statement pst = null;
      con = getConnectiontoDB();

      StringBuffer sql = new StringBuffer();
      if (type.equalsIgnoreCase("sno")) {
        sql.append(
            " select distinct ib.item,o.orderkey,'1',so_header.so_number,so_header.end_user,TO_CHAR(TO_TIMESTAMP(so_header.ship_date/1000), 'YYYY-MM-DD'), ");
      } else {
        sql.append(
            " select distinct so_item.item,so_item.entitlementkey,so_item.quantity,so_header.so_number,so_header.end_user,TO_CHAR(TO_TIMESTAMP(so_header.ship_date/1000), 'YYYY-MM-DD'), ");
      }
      sql.append(
          "o.hmid,	CASE TO_CHAR(TO_TIMESTAMP(o.substartdate/1000), 'YYYY-MM-DD') WHEN '1969-12-31' THEN '' WHEN TO_CHAR(TO_TIMESTAMP(o.subenddate/1000), 'YYYY-MM-DD') THEN '' ELSE TO_CHAR(TO_TIMESTAMP(o.substartdate/1000), 'YYYY-MM-DD') END, ");
      sql.append(
          "CASE TO_CHAR(TO_TIMESTAMP(o.subenddate/1000), 'YYYY-MM-DD') WHEN '1969-12-31' THEN ''  WHEN TO_CHAR(TO_TIMESTAMP(o.substartdate/1000), 'YYYY-MM-DD') THEN '' ELSE TO_CHAR(TO_TIMESTAMP(o.subenddate/1000), 'YYYY-MM-DD') END, so_header.po_check_number,so_header.reseller, ");
      sql.append(
          " CASE WHEN so_item.producttype='Support' THEN TO_CHAR(TO_TIMESTAMP(o.startdate/1000), 'YYYY-MM-DD') ELSE '' END, ");
      sql.append(
          " CASE WHEN so_item.producttype='Support' THEN TO_CHAR(TO_TIMESTAMP(o.enddate/1000), 'YYYY-MM-DD') ELSE '' END  ");
      if (type.equalsIgnoreCase("sno")) {
        sql.append(" ,ib.serialnumber");
        sql.append(
            "  from ns.so_header so_header  inner join ns.ib ib on ib.salesordernumber =so_header.so_number ");
        sql.append("  inner join orderkey_information o  on so_header.entitlement_key=o.orderkey");
        sql.append(
            " inner join ns.temp_so_item so_item on so_header.entitlement_key=so_item.entitlementkey");
      } else {
        sql.append(
            " from ns.so_header so_header inner join ns.temp_so_item so_item on so_header.entitlement_key=so_item.entitlementkey ");
        sql.append(" inner join orderkey_information o on so_header.entitlement_key=o.orderkey ");
      }

      if (type.equalsIgnoreCase("sno"))
        sql.append(" where ib.serialnumber ILIKE '%" + parameter.trim() + "%' ");
      if (type.equalsIgnoreCase("so"))
        sql.append("where so_header.so_number='" + parameter.trim() + "' ");
      if (type.equalsIgnoreCase("enduser"))
        sql.append(
            "where so_header.end_user ILIKE '%" + parameter.trim().replace("'", "''") + "%'");
      if (type.equalsIgnoreCase("ek"))
        sql.append("where so_header.entitlement_key ILIKE '%" + parameter.trim() + "%'");
      if (type.equalsIgnoreCase("po"))
        sql.append("where so_header.po_check_number ILIKE '%" + parameter.trim() + "%'");
      if (type.equalsIgnoreCase("hm"))
        sql.append("where o.hmid ILIKE '%" + parameter.trim() + "%'");
      if (reseller != null && !reseller.isEmpty() && !reseller.equalsIgnoreCase("%admin%"))
        sql.append(" and so_header.reseller ILIKE '" + reseller.trim() + "'");
      if (type.equalsIgnoreCase("sno")) sql.append(" order by so_header.so_number desc ");
      pst = con.createStatement();
      ResultSet rs = pst.executeQuery(sql.toString());

      log.info("Search Fields : SQL Query " + sql);

      while (rs.next()) {
        LicenseData data = new LicenseData();
        data.setEntitlementKey(rs.getString(2));
        data.setSku(rs.getString(1));
        data.setQuantity(rs.getString(3));
        data.setSoNumbber(rs.getString(4));
        ;
        data.setEndUser(rs.getString(5));
        data.setShipDate(rs.getString(6));
        data.setHmId(rs.getString(7));
        data.setLicenseStartDate(rs.getString(8));
        data.setLicenseEndDate(rs.getString(9));
        data.setPoNumber(rs.getString(10));
        data.setNumber(rs.getString(4));
        data.setBillingCustomer(rs.getString(11));
        data.setSupportStartDate(rs.getString(12));
        data.setSupportEndDate(rs.getString(13));
        if (type.equalsIgnoreCase("sno")) data.setSerialNumber(rs.getString(14));
        list.add(data);
      }

    } catch (Exception e) {
      // TODO Auto-generated catch block
      e.printStackTrace();
    } finally {
      try {
        con.close();
      } catch (SQLException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
      }
    }

    return list;
  }
  public void bad() throws Throwable {
    String data_copy;
    {
      String data;

      Logger log_bad = Logger.getLogger("local-logger");

      data = ""; /* init data */

      /* read user input from console with readLine*/
      BufferedReader buffread = null;
      InputStreamReader instrread = null;
      try {
        instrread = new InputStreamReader(System.in);
        buffread = new BufferedReader(instrread);
        data = buffread.readLine();
      } catch (IOException ioe) {
        log_bad.warning("Error with stream reading");
      } finally {
        /* clean up stream reading objects */
        try {
          if (buffread != null) {
            buffread.close();
          }
        } catch (IOException ioe) {
          log_bad.warning("Error closing buffread");
        } finally {
          try {
            if (instrread != null) {
              instrread.close();
            }
          } catch (IOException ioe) {
            log_bad.warning("Error closing instrread");
          }
        }
      }

      data_copy = data;
    }
    {
      String data = data_copy;

      Logger log2 = Logger.getLogger("local-logger");

      Connection conn_tmp2 = null;
      Statement sqlstatement = null;
      ResultSet sqlrs = null;

      try {
        conn_tmp2 = IO.getDBConnection();
        sqlstatement = conn_tmp2.createStatement();

        /* POTENTIAL FLAW: take user input and place into dynamic sql query */
        sqlrs = sqlstatement.executeQuery("select * from users where name='" + data + "'");

        IO.writeString(sqlrs.toString());
      } catch (SQLException se) {
        log2.warning("Error getting database connection");
      } finally {
        try {
          if (sqlrs != null) {
            sqlrs.close();
          }
        } catch (SQLException e) {
          log2.warning("Error closing sqlrs");
        } finally {
          try {
            if (sqlstatement != null) {
              sqlstatement.close();
            }
          } catch (SQLException e) {
            log2.warning("Error closing sqlstatement");
          } finally {
            try {
              if (conn_tmp2 != null) {
                conn_tmp2.close();
              }
            } catch (SQLException e) {
              log2.warning("Error closing conn_tmp2");
            }
          }
        }
      }
    }
  }
  public void doGet(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    response.setContentType("text/html");
    PrintWriter out = response.getWriter();

    HttpSession session = request.getSession(true);

    try {
      Object accountObject = session.getValue(ACCOUNT);

      // If no account object was put in the session, or
      // if one exists but it is not a hashtable, then
      // redirect the user to the original login page

      if (accountObject == null)
        throw new RuntimeException("You need to log in to use this service!");

      if (!(accountObject instanceof Hashtable))
        throw new RuntimeException("You need to log in to use this service!");

      Hashtable account = (Hashtable) accountObject;

      String userName = (String) account.get("name");

      //////////////////////////////////////////////
      // Display Messages for the user who logged in
      //////////////////////////////////////////////
      out.println("<HTML>");
      out.println("<HEAD>");
      out.println("<TITLE>Contacts for " + userName + "</TITLE>");
      out.println("</HEAD>");
      out.println("<BODY BGCOLOR='#EFEFEF'>");
      out.println("<H3>Welcome " + userName + "</H3>");

      out.println("<CENTER>");

      Connection con = null;
      Statement stmt = null;
      ResultSet rs = null;
      try {
        Class.forName("com.mysql.jdbc.Driver").newInstance();
        con =
            DriverManager.getConnection(
                "jdbc:mysql://localhost/contacts?user=kareena&password=kapoor");

        stmt = con.createStatement();
        rs =
            stmt.executeQuery(
                "SELECT * FROM contacts WHERE userName='******' ORDER BY contactID");

        out.println("<form name='deleteContactsForm' method='post' action='deleteContact'>");

        out.println("<TABLE BGCOLOR='#EFEFFF' CELLPADDING='2' CELLSPACING='4' BORDER='1'>");
        out.println("<TR BGCOLOR='#D6DFFF'>");
        out.println("<TD ALIGN='center'><B>Contact ID</B></TD>");
        out.println("<TD ALIGN='center'><B>Contact Name</B></TD>");
        out.println("<TD ALIGN='center'><B>Comment</B></TD>");
        out.println("<TD ALIGN='center'><B>Date</B></TD>");
        out.println("<TD ALIGN='center'><B>Delete Contacts</B></TD>");
        out.println("</TR>");

        int nRows = 0;
        while (rs.next()) {
          nRows++;
          String messageID = rs.getString("contactID");
          String fromUser = rs.getString("contactName");
          String message = rs.getString("comments");
          String messageDate = rs.getString("dateAdded");

          out.println("<TR>");
          out.println("<TD>" + messageID + "</TD>");
          out.println("<TD>" + fromUser + "</TD>");
          out.println("<TD>" + message + "</TD>");
          out.println("<TD>" + messageDate + "</TD>");
          out.println(
              "<TD><input type='checkbox' name='msgList' value='" + messageID + "'> Delete</TD>");
          out.println("</TR>");
        }

        out.println("<TR>");
        out.println(
            "<TD COLSPAN='6' ALIGN='center'><input type='submit' value='Delete Selected Contacts'></TD>");
        out.println("</TR>");

        out.println("</TABLE>");
        out.println("</FORM>");
      } catch (Exception e) {
        out.println("Could not connect to the users database.<P>");
        out.println("The error message was");
        out.println("<PRE>");
        out.println(e.getMessage());
        out.println("</PRE>");
      } finally {
        if (rs != null) {
          try {
            rs.close();
          } catch (SQLException ignore) {
          }
        }
        if (stmt != null) {
          try {
            stmt.close();
          } catch (SQLException ignore) {
          }
        }
        if (con != null) {
          try {
            con.close();
          } catch (SQLException ignore) {
          }
        }
      }

      out.println("</CENTER>");
      out.println("</BODY>");
      out.println("</HTML>");

    } catch (RuntimeException e) {
      out.println("<script language=\"javascript\">");
      out.println("alert(\"You need to log in to use this service!\");");
      out.println("</script>");

      out.println("<a href='index.html'>Click Here</a> to go to the main page.<br><br>");

      out.println(
          "Or Click on the button to exit<FORM><INPUT onClick=\"javascipt:window.close()\" TYPE=\"BUTTON\" VALUE=\"Close Browser\" TITLE=\"Click here to close window\" NAME=\"CloseWindow\" STYLE=\"font-family:Verdana, Arial, Helvetica; font-size:smaller; font-weight:bold\"></FORM>");

      log(e.getMessage());
      return;
    }
  }
Пример #30
0
	public void doPost (HttpServletRequest req,HttpServletResponse res) throws ServletException, IOException
	{
		Connection con=null;
		pw=res.getWriter();
		Statement stmt=null;
		ResultSet rr=null;
		ResultSetMetaData rsmd;
		res.setContentType("text/html");
		
		try
		{
		Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
		con=DriverManager.getConnection("jdbc:odbc:sri","scott","tiger");
		stmt=con.createStatement();
		String inm="'"+req.getParameter("txtinm")+"'";
		String q="'"+req.getParameter("txtq")+"'";
		String t=req.getParameter("txtr");
		char type=t.charAt(0);
                                System.out.println((char)type);
		pw.println("Item name "+inm);
                                pw.println("Quantity "+q);
		pw.println("Item Type "+t);
		pw.println((char)type);
		String qry1=null;
		switch(type)
		{
			case 'H':
			case 'h':
				qry1="select rate,iname from hware where iname="+inm;
				pw.println(qry1);
				// rr=stmt.executeQuery("select rate from hware where iname="+inm);
				rr=stmt.executeQuery(qry1);
				pw.println("Query is Executed...");
				break;
			case 'S':
			case 's':      qry1="select rate,iname from sware where iname="+inm;
				pw.println(qry1);
				break;
			
			case 'M':
			case 'm':   rr=stmt.executeQuery("select rate,title from music where title="+inm);
				break;
			
			case 'B':
			case 'b': rr=stmt.executeQuery("select rate,title from books where title="+inm);
				break;
			default:
				{
				pw.println("Invalid choice");
				 myflag='n';
				}
                                                           
		}
		        pw.println("Concerned Statement Prepared and Executed...");
						
                                pw.println((char)type+" Valid item type "+myflag);
		
		/*rsmd=rr.getMetaData();
                                int col=rsmd.getColumnCount();
                                pw.println("The Above Query has fetched "+col+ " Columns");*/
		String name="";
		while(rr.next())	
                                {
		String rate=rr.getString(1);
		int amount=Integer.parseInt(rate);
                                name=rr.getString(2);
                                  System.out.println(" "+rate+" "+name);
		pw.println(" "+amount+" "+name);
		pw.println("\n"+myflag);
		System.out.println("Valid item name "+rr.getString(2)+"     "+myflag);
		}
		pw.println(" "+myflag);
                                 if(myflag=='y')
                                  {
			pw.println("\nOK");
		pw.println("Valid item name "+name+"     "+myflag);
		if(rr==null)
		{
			pw.println("Not a valid item");
			myflag='n';
		}
		pw.println("Valid item name "+name+"     "+myflag);
                                  if(myflag=='y')
                                  {
                                        pw.println(" "+inm+" "+q);
                                       rr=stmt.executeQuery("select * from reges where flag='y'");
		if(rr==null)
		{
			pw.println("\nSign in first");
			//System.exit(0);
                                                 myflag='n';
		}
		pw.println("Signed in "+rr.getString(1)+"     "+myflag);
                                    if(myflag=='y')
                                   {
		String data="'"+rr.getString(1)+"'";	
		String qry="insert into cart values("+inm+","+q+","+data+")";
		pw.println("Query is "+qry);
		int rs=stmt.executeUpdate(qry);
		pw.println("1 row inserted");
                          } 
                           }  
                            }
	           	}		

		catch(ClassNotFoundException e){}
		catch(SQLException e){}
	}