Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /*
- * To change this license header, choose License Headers in Project Properties.
- * To change this template file, choose Tools | Templates
- * and open the template in the editor.
- */
- import java.io.IOException;
- import java.io.PrintWriter;
- import java.sql.Connection;
- import java.sql.DriverManager;
- import java.sql.ResultSet;
- import java.sql.Statement;
- import javax.servlet.ServletException;
- import javax.servlet.annotation.WebServlet;
- import javax.servlet.http.HttpServlet;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import javax.servlet.http.HttpSession;
- /**
- *
- * @author Lívia
- */
- @WebServlet(urlPatterns = {"/admin_rozhr"})
- public class admin_rozhr extends HttpServlet {
- String driver = "com.mysql.jdbc.Driver";
- Connection con = null;
- Statement stmt = null;
- ResultSet rs = null;
- String userName = "root";
- String password = "";
- String URL = "jdbc:mysql://localhost/kelebercova_shop";
- HttpSession session;
- Integer id_usera = 0;
- @Override
- public void init() {
- try {
- super.init();
- Class.forName(driver);
- con = DriverManager.getConnection(URL, userName, password);
- } catch (Exception ex) {
- }
- }
- public int OverUsera(String meno, String heslo) {
- int vysledok = 0;
- try {
- stmt = con.createStatement();
- rs = stmt.executeQuery("select max(id) as iid,count(id) as pocet from pouzivatelia "
- + "where email='" + meno + "' and heslo='" + heslo+"'");
- rs.next();
- if (rs.getInt("pocet") == 1) {
- vysledok = rs.getInt("iid");
- }
- stmt.close();
- } catch (Exception ex) {
- return 0;
- }
- return vysledok;
- }
- public void ZobrazNeopravnenyPristup(PrintWriter out) {
- try {
- out.println("Zadali ste nesprávne prihlasovacie údaje");
- } catch (Exception ex) {
- out.println(ex.toString());
- }
- }
- public void ZapamatajUdajeOUserovi(int id_usera) {
- try {
- stmt = con.createStatement();
- rs = stmt.executeQuery("select meno, priezvisko, zlava from pouzivatelia "
- + "where id='" + id_usera + "'");
- rs.next();
- session.setAttribute("ID", (Integer) id_usera);
- // vlozime meno a priezvisko ako jeden celok :)
- session.setAttribute("meno", rs.getString("meno") + " " + rs.getString("priezvisko"));
- // vlozime zlavu ako cislo
- session.setAttribute("zlava", (Integer) rs.getInt("zlava"));
- // nastavim dlzku platnosti session
- session.setMaxInactiveInterval(600); // 10 minut
- stmt.close();
- } catch (Exception ex) {
- }
- }
- /**
- * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
- * methods.
- *
- * @param request servlet request
- * @param response servlet response
- * @throws ServletException if a servlet-specific error occurs
- * @throws IOException if an I/O error occurs
- */
- public boolean isAdmin(boolean admin){
- try{
- stmt = con.createStatement();
- rs = stmt.executeQuery("SELECT isAdmin FROM `pouzivatelia` WHERE isAdmin = \"admin\" ");
- rs.next();
- if(rs.getString("isAdmin")=="admin"){
- admin = true;
- }else {
- admin = false;
- }
- }catch(Exception e){
- System.out.println(e.toString());
- }
- return false;
- }
- protected void processRequest(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- response.setContentType("text/html;charset=UTF-8");
- try (PrintWriter out = response.getWriter()) {
- /* TODO output your page here. You may use following sample code. */
- session = request.getSession();
- id_usera = (Integer)session.getAttribute("ID");
- //SESSION SECTION
- if (id_usera == null ) {
- if (request.getContentType() == null) {
- ZobrazNeopravnenyPristup(out);
- return;
- }
- String tlacidlo = (request.getParameter("tlacidlo")).substring(0,1);
- if (tlacidlo.equals("P")) {
- //System.out.println("som tu");
- id_usera = OverUsera(request.getParameter("email"),request.getParameter("heslo"));
- if (id_usera == 0) {
- ZobrazNeopravnenyPristup(out);
- return;
- }
- if(isAdmin(false)){
- ZobrazNeopravnenyPristup(out);
- return;
- }
- }
- }
- String meno = (String)session.getAttribute("meno");
- out.println("<p align=right>"+meno);
- // odhlasenie
- out.println(" <a href='logout'>Odhlásenie</a></p>");
- // tlacidlo pre kosik
- out.println("<p align=right><a href='cart'>Košík</a></p>");
- out.println("<br /><br /><hr>");
- out.println("<a href='obj_zoznam'>Zoznam objednávok</a>");
- out.println("</html>");
- }
- }
- // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
- /**
- * Handles the HTTP <code>GET</code> method.
- *
- * @param request servlet request
- * @param response servlet response
- * @throws ServletException if a servlet-specific error occurs
- * @throws IOException if an I/O error occurs
- */
- @Override
- protected void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- processRequest(request, response);
- }
- /**
- * Handles the HTTP <code>POST</code> method.
- *
- * @param request servlet request
- * @param response servlet response
- * @throws ServletException if a servlet-specific error occurs
- * @throws IOException if an I/O error occurs
- */
- @Override
- protected void doPost(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- processRequest(request, response);
- }
- /**
- * Returns a short description of the servlet.
- *
- * @return a String containing servlet description
- */
- @Override
- public String getServletInfo() {
- return "Short description";
- }// </editor-fold>
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement