?? formprocess.java
字號:
package sjservlets;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.sql.*;
import java.util.*;
import java.util.Date;
/** A main and most important servlet that use to
* process all the HTML form.
* <P>
* © 2002 Song Jing; may be freely used or adapted.
*/
public class FormProcess extends ConnectionPoolServlet {
private boolean debug = false;
private boolean debug_user_delete = false;
private boolean printParameter = false;
private boolean printParameter2 = false;
public void doGet(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
HttpSession session = request.getSession(true);
PrintWriter out = response.getWriter();
Form form = (Form)session.getAttribute("form");
Login login=(Login)session.getAttribute("login");
User user = (User)session.getAttribute("user");
User staff = (User)session.getAttribute("staff");
LibraryItem libraryitem = (LibraryItem)session.getAttribute("libraryitem");
DBProcess dbprocess = (DBProcess)session.getAttribute("dbprocess");
BorrowRec borrowrec = (BorrowRec)session.getAttribute("borrowrec");
ReserveRec reserverec = (ReserveRec)session.getAttribute("reserverec");
dbprocess.resetVariable();
session.setAttribute("dbprocess", dbprocess);
String formName = form.getFormName();
String formType = form.getFormType();
String query="";
ResultSet myResultSet=null;
if(debug){
response.setContentType("text/html");
response.setHeader("Pragma", "no-cache"); // HTTP 1.0
response.setHeader("Cache-Control", "no-cache"); // HTTP 1.1
String title = "Connection Pool Test";
out.println(ServletUtilities.headWithTitle(title) +
"<BODY BGCOLOR=\"#FDF5E6\">\n" +
"<CENTER>\n");
}
if (printParameter2) {
gotoPage("/servlet/sjservlets.ShowParameters", request, response);
}
if( (debug) || (printParameter) ){
out.println(
"<TABLE BORDER=1 ALIGN=CENTER>\n" +
"<TR BGCOLOR=\"#FFAD00\">\n" +
"<TH>Parameter Name<TH>Parameter Value(s)");
Enumeration paramNames = request.getParameterNames();
while(paramNames.hasMoreElements()) {
String paramName = (String)paramNames.nextElement();
out.print("<TR><TD>" + paramName + "\n<TD>");
String[] paramValues = request.getParameterValues(paramName);
if (paramValues.length == 1) {
String paramValue = paramValues[0];
if (paramValue.length() == 0)
out.println("<I>No Value</I>");
else
out.println(paramValue);
} else {
out.println("<UL>");
for(int i=0; i<paramValues.length; i++) {
out.println("<LI>" + paramValues[i]);
}
out.println("</UL>");
}
}
out.println("</TABLE><BR>");
}
if(debug){
out.println("Form Session Variables<br>");
out.println("formName: " + formName +"<br>");
out.println("formType: " + formType +"<br>");
out.println("<HR>");
out.println("Now Having <b>" +formType +"</b> Operatioin for <b>" +formName +"</b><BR><BR>");
}
char formOperationCode;
if (formType.equals("add")) {
formOperationCode = 'a';
} else if (formType.equals("edit")){
formOperationCode = 'e';
} else if (formType.equals("delete")){
// Do something for delete existing user
formOperationCode = 'd';
}else if (formType.equals("borrow")) {
formOperationCode = 'b';
}else if (formType.equals("return")) {
formOperationCode = 'r';
}else{
return;
}
if( formName.equals("user")){
String orgUserID = user.getUserID();
String orgUserPassword = user.getUserPassword();
switch(formOperationCode) {
case 'a':
user.setPropertyFromRequestParameter(request);
if(debug) out.println("user+a");
if(checkDuplicateUserID(user.getUserID())){
dbprocess.setDBName("jsp_library");
dbprocess.setTblName("user");
dbprocess.setSQLQuery(query);
dbprocess.setProcessResult("<font color='RED'><B>Record ADD Error</B></font>");
dbprocess.setProcessMsg("<font color='RED'>Duplicate User ID: " +user.getUserID() +"</font>");
dbprocess.setProcessAction("<a href='" +form.getFormURL() +"'>" +
"<img src='/JavaLibrary/images/common/back_arrow.gif' width='38' height='21' border='0'>BACK</a>");
dbprocess.setProcessComplete(false);
//user.setUserID(orgUserID);
}else{
query = "INSERT INTO user (" +
"userID, userPassword, userType, userFirstName, userLastName, userGender, userEmail, " +
"userICNumber, userAddress1, userAddress2, userCity, userState, userPostCode, userCountry, " +
"userOccupation, userContactNumber, userTotQuota, userQuotaAvailable, userTotReservation, userReserveAvailable) VALUES (" +
"'" +user.getUserID() +"', PASSWORD('" +user.getUserPassword() +"'), '" +user.getUserType() +
"', '" +user.getUserFirstName() +"', '" +user.getUserLastName() +"', '" +user.getUserGender() +
"', '" +user.getUserEmail() +"', '" +user.getUserICNumber() +"', '" +user.getUserAddress1() +
"', '" +user.getUserAddress2() +"', '" +user.getUserCity() +"', '" +user.getUserState() +
"', '" +user.getUserPostCode() +"', '" +user.getUserCountry() +"', '" +user.getUserOccupation() +
"', '" +user.getUserContactNumber() +"', " +user.getUserTotQuota() +", " +user.getUserQuotaAvailable() +
", " +user.getUserTotReservation() +", " +user.getUserReserveAvailable() +")";
myResultSet = formDatabaseOperation(query);
user.resetVariable();
session.setAttribute("user", user);
dbprocess.setDBName("jsp_library");
dbprocess.setTblName("user");
dbprocess.setSQLQuery(query);
dbprocess.setProcessResult("<B>User Record success added</B>");
dbprocess.setProcessMsg("");
dbprocess.setProcessAction("<a href='/JavaLibrary/mainmenu/mainmenu.jsp'>[Main Menu]</a> " +
"<a href='/JavaLibrary/user/user_add.jsp'>[Add another user record]</a>");
dbprocess.setProcessComplete(true);
}
break;
case 'e':
user.setPropertyFromRequestParameter(request);
if(debug) out.println("user+e");
if( (!(orgUserID.equals(user.getUserID()))) && (checkDuplicateUserID(user.getUserID()))){
dbprocess.setDBName("jsp_library");
dbprocess.setTblName("user");
dbprocess.setSQLQuery(query);
dbprocess.setProcessResult("<font color='RED'><B>Record EDIT Error</B></font>");
dbprocess.setProcessMsg("<font color='RED'>Duplicate User ID: " +user.getUserID() +"</font>");
dbprocess.setProcessAction("<a href='" +form.getFormURL() +"'>" +
"<img src='/JavaLibrary/images/common/back_arrow.gif' width='38' height='21' border='0'>BACK</a>");
dbprocess.setProcessComplete(false);
user.setUserID(orgUserID);
}else{
String setPasswordCondition;
if (orgUserPassword.equals(user.getUserPassword()))
setPasswordCondition = "', userPassword='" +user.getUserPassword() +"'";
else
setPasswordCondition = "', userPassword=PASSWORD('" +user.getUserPassword() +"')";
query = "UPDATE user SET userID='" +user.getUserID() +setPasswordCondition +
", userType='" +user.getUserType() +"', userFirstName='" +user.getUserFirstName() +
"', userLastName='" +user.getUserLastName() +"', userGender='" +user.getUserGender() +
"', userEmail='" +user.getUserEmail() +"', userICNumber='" +user.getUserICNumber() +
"', userAddress1='" +user.getUserAddress1() +"', userAddress2='" +user.getUserAddress2() +
"', userCity='" +user.getUserCity() +"', userState='" +user.getUserState() +
"', userPostCode='" +user.getUserPostCode() +"', userCountry='" +user.getUserCountry() +
"', userOccupation='" +user.getUserOccupation() + "', userContactNumber='" +user.getUserContactNumber() +
"', userTotQuota=" +user.getUserTotQuota() +", userQuotaAvailable=" +user.getUserQuotaAvailable() +
", userTotReservation=" +user.getUserTotReservation() +", userReserveAvailable=" +user.getUserReserveAvailable() +
" WHERE userRecNumber ='" +user.getUserRecNumber() +"'";
myResultSet = formDatabaseOperation(query);
// Get back the encrypted user password by perform another query
query = "SELECT * from user where userID='" +user.getUserID() +"'";
myResultSet = formDatabaseOperation(query);
String newEncyptUserPassword=null;
if (myResultSet != null){
try{
while(myResultSet.next()) {
newEncyptUserPassword = myResultSet.getString("userPassword");
}
} catch(SQLException sqle) {
System.err.println("Error connecting: " +sqle);
}
}
user.setUserPassword(newEncyptUserPassword);
// Display the procesing messager
dbprocess.setDBName("jsp_library");
dbprocess.setTblName("user");
dbprocess.setSQLQuery(query);
dbprocess.setProcessResult("<B>Record Update Success</B>");
dbprocess.setProcessMsg("");
dbprocess.setProcessComplete(true);
// update the staff bean if staff edit their own record from my account
if( (login.getUserType().equals("admin")) || (login.getUserType().equals("librarian"))){
if (staff.getUserRecNumber() == (user.getUserRecNumber())){
//if staff update their own record
staff.setPropertyFromOtherUserBean(user);
session.setAttribute("staff", staff);
dbprocess.setProcessAction("<a href='/JavaLibrary/mainmenu/mainmenu.jsp'>[Main Menu]</a>");
}else{
// if staff update other people record
dbprocess.setProcessAction("<a href='/JavaLibrary/mainmenu/mainmenu.jsp'>[Main Menu]</a> " +
"<a href='/JavaLibrary/admin/user_list.jsp'>[Back to User List]</a>");
}
}else{
// if user update their own record
dbprocess.setProcessAction("<a href='/JavaLibrary/mainmenu/mainmenu.jsp'>[Main Menu]</a>");
}
session.setAttribute("user", user);
}
break;
case 'd':
int itemReserve = 0;
int userTotReservation = 0;
int userReserveAvailable = 0;
int totalRecDel = 0;
int totalRecDelErr=0;
int staffRecNumber=staff.getUserRecNumber();
int delRecNumber;
String userType = login.getUserType();
StringBuffer RecDelErrReason= new StringBuffer("");
if(debug) out.println("user+d");
if(request.getParameterValues("del_rec") != null){
String[] paramValues = request.getParameterValues("del_rec");
if(debug_user_delete){
if (paramValues.length == 1) {
String paramValue = paramValues[0];
if (paramValue.length() == 0)
out.println("<I>No Value</I>");
else
out.println(paramValue);
} else {
out.println("<UL>");
for(int i=0; i<paramValues.length; i++) {
out.println("<LI>" + paramValues[i]);
}
out.println("</UL>");
}
}else{
// Only admin right can perform deleteion
if (userType.equals("admin")) {
for (int i=0; i<paramValues.length; i++){
delRecNumber = Integer.parseInt(paramValues[i]);
if (staffRecNumber==delRecNumber) {
totalRecDelErr=totalRecDelErr+1;
RecDelErrReason.append("<li><font color='RED'>U are not allow delete yourself. </font></li>");
// check either the user that delete either still got any item not yet return or not
}else {
// check either user still have item(s) not yet return
int itemBorrow = 0;
int userTotQuota =0;
int userQuotaAvailable=0;
String userID="";
query = "SELECT * FROM user WHERE userRecNumber =" +delRecNumber;
myResultSet = formDatabaseOperation(query);
if (myResultSet != null){
try{
while(myResultSet.next()) {
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -