@RequestMapping(value = "/show-topics.jsp", method = RequestMethod.GET)
public ModelAndView showUserTopics(
@RequestParam("nick") String nick,
@RequestParam(value = "offset", required = false) Integer offset,
@RequestParam(value = "output", required = false) String output,
HttpServletResponse response)
throws Exception {
Connection db = null;
Map<String, Object> params = new HashMap<String, Object>();
try {
response.setDateHeader("Expires", System.currentTimeMillis() + 60 * 1000);
response.setDateHeader("Last-Modified", System.currentTimeMillis());
db = LorDataSource.getConnection();
User user = User.getUser(db, nick);
params.put("ptitle", "Сообщения " + user.getNick());
params.put("navtitle", "Сообщения " + user.getNick());
params.put("user", user);
NewsViewer newsViewer = new NewsViewer();
offset = fixOffset(offset);
newsViewer.setLimit("LIMIT 20" + (offset > 0 ? (" OFFSET " + offset) : ""));
newsViewer.setCommitMode(NewsViewer.CommitMode.ALL);
if (user.getId() == 2) {
throw new UserErrorException("Лента для пользователя anonymous не доступна");
}
newsViewer.setUserid(user.getId());
params.put("messages", newsViewer.getMessagesCached(db));
params.put("offsetNavigation", true);
params.put("offset", offset);
params.put("rssLink", "show-topics.jsp?nick=" + nick + "&output=rss");
if (output != null && output.equals("rss")) {
return new ModelAndView("section-rss", params);
} else {
return new ModelAndView("view-news", params);
}
} finally {
if (db != null) {
db.close();
}
}
}
@RequestMapping(value = "/edit-vote.jsp", method = RequestMethod.POST)
public ModelAndView editVote(
HttpServletRequest request,
@RequestParam("msgid") int msgid,
@RequestParam("id") int id,
@RequestParam("title") String title)
throws Exception {
Template tmpl = Template.getTemplate(request);
if (!tmpl.isModeratorSession()) {
throw new AccessViolationException("Not authorized");
}
Connection db = null;
try {
db = LorDataSource.getConnection();
db.setAutoCommit(false);
User user = User.getUser(db, tmpl.getNick());
user.checkCommit();
Poll poll = new Poll(db, id);
PreparedStatement pstTitle = db.prepareStatement("UPDATE votenames SET title=? WHERE id=?");
pstTitle.setInt(2, id);
pstTitle.setString(1, HTMLFormatter.htmlSpecialChars(title));
pstTitle.executeUpdate();
PreparedStatement pstTopic = db.prepareStatement("UPDATE topics SET title=? WHERE id=?");
pstTopic.setInt(2, msgid);
pstTopic.setString(1, HTMLFormatter.htmlSpecialChars(title));
pstTopic.executeUpdate();
List<PollVariant> variants = poll.getPollVariants(db, Poll.ORDER_ID);
for (PollVariant var : variants) {
String label = new ServletParameterParser(request).getString("var" + var.getId());
if (label == null || label.trim().length() == 0) {
var.remove(db);
} else {
var.updateLabel(db, label);
}
}
for (int i = 1; i <= 3; i++) {
String label = new ServletParameterParser(request).getString("new" + i);
if (label != null && label.trim().length() > 0) {
poll.addNewVariant(db, label);
}
}
logger.info("Отредактирован опрос" + id + " пользователем " + user.getNick());
db.commit();
Random random = new Random();
return new ModelAndView(
new RedirectView("view-message.jsp?msgid=" + msgid + "&nocache=" + random.nextInt()));
} finally {
if (db != null) {
db.close();
}
}
}