|
1
24
25 package edu.rice.rubbos.servlets;
26
27 import java.io.IOException  ;
28 import java.sql.Connection ;
29 import java.sql.PreparedStatement ;
30 import java.sql.ResultSet ;
31 import java.sql.SQLException ;
32
33 import javax.servlet.ServletException ;
34 import javax.servlet.http.HttpServletRequest ;
35 import javax.servlet.http.HttpServletResponse ;
36
37
41 public class StoreStory extends RubbosHttpServlet
42 {
43
44 public int getPoolSize()
45 {
46 return Config.BrowseCategoriesPoolSize;
47 }
48
49 private void closeConnection(PreparedStatement stmt, Connection conn)
50 {
51 try
52 {
53 if (stmt != null)
54 stmt.close(); }
56 catch (Exception ignore)
57 {
58 }
59
60 try
61 {
62 if (conn != null)
63 releaseConnection(conn);
64 }
65 catch (Exception ignore)
66 {
67 }
68
69 }
70
71
72 public void doGet(HttpServletRequest request, HttpServletResponse response)
73 throws IOException , ServletException
74 {
75
76 ServletPrinter sp = null;
77 PreparedStatement stmt = null;
78 Connection conn = null;
79
80 String categoryName, nickname, title, body, category, table;
81 String password = null;
82 int userId, access;
83 ResultSet rs = null;
84 int updateResult;
85
86 sp = new ServletPrinter(response, "StoreStory");
87
88 nickname = request.getParameter("nickname");
89 password = request.getParameter("password");
90 title = request.getParameter("title");
91 body = request.getParameter("body");
92 category = request.getParameter("category");
93
94 if (title == null)
95 {
96 sp.printHTML("You must provide a story title!<br>");
97 return;
98 }
99
100 if (body == null)
101 {
102 sp.printHTML("<h3>You must provide a story body!<br></h3>");
103 return;
104 }
105
106 if (category == null)
107 {
108 sp.printHTML("<h3>You must provide a category!<br></h3>");
109 return;
110 }
111
112 sp.printHTMLheader("RUBBoS: Story submission result");
113
114 sp.printHTML("<center><h2>Story submission result:</h2></center><p>\n");
115
116 userId = 0;
118 access = 0;
119
120 conn = getConnection();
121
122 if ((nickname != null) && (password != null))
123 {
124 try
125 {
126 stmt = conn
127 .prepareStatement("SELECT id,access FROM users WHERE nickname=\""
128 + nickname + "\" AND password=\"" + password + "\"");
129 rs = stmt.executeQuery();
130 }
131 catch (Exception e)
132 {
133 sp.printHTML("ERROR: Authentification query failed" + e);
134 closeConnection(stmt, conn);
135 return;
136 }
137 try
138 {
139 if (rs.first())
140 {
141 userId = rs.getInt("id");
142 access = rs.getInt("access");
143 }
144 stmt.close();
145 }
146 catch (Exception e)
147 {
148 sp.printHTML("Exception storing story " + e + "<br>");
149 closeConnection(stmt, conn);
150 return;
151 }
152 }
153
154 table = "submissions";
155 if (userId == 0)
156 sp.printHTML("Story stored by the 'Anonymous Coward'<br>\n");
157 else
158 {
159 if (access == 0)
160 sp.printHTML("Story submitted by regular user " + userId + "<br>\n");
161 else
162 {
163 sp.printHTML("Story posted by author " + userId + "<br>\n");
164 table = "stories";
165 }
166 }
167
168
170 try
171 {
172 stmt = conn.prepareStatement("INSERT INTO " + table
173 + " VALUES (NULL, \"" + title + "\", \"" + body + "\", NOW(), \""
174 + userId + "\", " + category + ")");
175
176 updateResult = stmt.executeUpdate();
177 if (updateResult != 1)
178 {
179 sp.printHTML(" ERROR: Failed to insert new story in database. Number of rows updated == " + updateResult +".");
180 closeConnection(stmt, conn);
181 return;
182 }
183 }
184 catch (SQLException e)
185 {
186 sp.printHTML("Failed to execute Query for StoreStory: " + e);
187 closeConnection(stmt, conn);
188 return;
189 }
190
191 closeConnection(stmt, conn);
192
193 sp.printHTML("Your story has been successfully stored in the " + table
194 + " database table<br>\n");
195
196 sp.printHTMLfooter();
197
198 }
199
200 public void doPost(HttpServletRequest request, HttpServletResponse response)
201 throws IOException , ServletException
202 {
203 doGet(request, response);
204 }
205
206 }
207 |
Popular Tags |
Java API By Example, From Geeks To Geeks.