1 2 package forum; 3 4 import java.io.*; 5 import javax.servlet.*; 6 import javax.servlet.http.*; 7 import java.sql.*; 8 import java.sql.Connection ; 9 import java.sql.Statement ; 10 import java.sql.ResultSet ; 11 12 13 public class AddThread extends HttpServlet { 14 15 DBConnectie db = new DBConnectie(Variable.getDb(),Variable.getDbLogin(),Variable.getDbPassword()); 16 17 public void doPost (HttpServletRequest request, HttpServletResponse response) 18 throws ServletException, IOException{ 19 PrintWriter out = response.getWriter(); 20 try{ 21 String forum_id = request.getParameter("forum_id"); 22 int lastThread_id = Integer.parseInt(request.getParameter("lastThread_id")); 23 String thread_id = Integer.toString(lastThread_id + 1); 24 25 String title = request.getParameter("title"); 26 27 28 if(title.equals("")){ 29 title = "No title"; 30 }else{ 31 title = Filter.filterAll(title); 32 } 33 34 String message = request.getParameter("message"); 35 message = Filter.filterAll(message); 36 String user = request.getParameter("user"); 37 38 db.connect(); 39 40 db.query( 41 "INSERT INTO forum_threads(forum_id,thread_id,title) "+ 42 "VALUES(\"" + forum_id + 43 "\",\"" + thread_id + 44 "\",\"" + title + "\")"); 45 46 db.query( 47 "INSERT INTO forum_message(forum_id,thread_id,reply_id,message,user,date_time) "+ 48 "VALUES(\"" + forum_id + 49 "\",\"" + thread_id + 50 "\",\"0" + 51 "\",\"" + message + 52 "\",\"" + user + 53 "\",SYSDATE())"); 54 55 db.close(); 56 57 response.sendRedirect(Variable.getForumPath() + "index.jsp?page=thread&forum_id=" + forum_id); 58 59 60 }catch(Exception e){out.println(e);} 61 62 63 } 64 public void doGet (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException{ 66 doPost(request, response); 67 } 68 69 } | Popular Tags |