accountContoller

1. package edu.hm.muse.controller;
2.  
3. import org.springframework.jdbc.core.JdbcTemplate;
4. import org.springframework.stereotype.Controller;
5. import org.springframework.web.bind.annotation.RequestMapping;
6. import org.springframework.web.bind.annotation.RequestMethod;
7. import org.springframework.web.bind.annotation.RequestParam;
8. import org.springframework.web.servlet.ModelAndView;
9. import javax.annotation.Resource;
10. import javax.servlet.http.HttpSession;
11. import javax.sql.DataSource;
12. import java.util.List;
13. import java.util.Map;
14.  
15.  
16. @Controller
17. public class AccountController {
18.  
19. private JdbcTemplate newJdbcTemplate;
20.  
21. @Resource(name = "dataSource")
22. public void setDataSource(DataSource dataSource) {
23. newJdbcTemplate = new JdbcTemplate(dataSource);
24. }
25.  
26. @RequestMapping(value = "/account.secu", method = RequestMethod.GET)
27. public ModelAndView showAccountPage(HttpSession session) {
28.  
29. if (session.getAttribute("user") == null) {
30. ModelAndView mv = new ModelAndView("newLogIn");
31. mv.addObject("msg", "Bitte loggen Sie sich erst ein, um Ihre Account-Daten einzusehen.");
32. return mv;
33. }
34. String memail = (String) session.getAttribute("user");
35. String sql = String.format("Select * from Members where Email = '%s'", memail);
36. List<User> showUser = newJdbcTemplate.query(sql, new UserMapper());
37. ModelAndView modelAndView = new ModelAndView("account");
38. modelAndView.addObject("showUser", showUser);
39. return modelAndView;
40. }
41.  
42.  
43. @RequestMapping(value = "/account.secu", method = RequestMethod.POST)
44. public ModelAndView changeUserDate(@RequestParam Map<String, String> allRequestParams, HttpSession session) {
45.  
46.  
47. String oldEmail = allRequestParams.get("oldEmail");
48. String newEmail = allRequestParams.get("newEmail");
49. String canResetEmail = allRequestParams.get("emailResetGo");
50. if (canResetEmail == null) {
51. canResetEmail = "";
52. }
53. String newPassword = allRequestParams.get("newPassword");
54. String canResetPassword = allRequestParams.get("passwordResetGo");
55. if (canResetPassword == null) {
56. canResetPassword = "";
57. }
58. String canDeleteAccount = allRequestParams.get("deleteAccountGo");
59. if (canDeleteAccount == null) {
60. canDeleteAccount = "";
61. }
62. String memail = (String) session.getAttribute("user");
63. String sqlQuery;
64.  
65.  
66. if (canResetEmail.equals("go")) {
67. sqlQuery = String.format("UPDATE MEMBERS SET Email = '%s' WHERE Email = '%s'", newEmail, oldEmail);
68. newJdbcTemplate.execute(sqlQuery);
69. sqlQuery = String.format("Select * from Members where Email = '%s'", newEmail);
70. List<User> showUser = newJdbcTemplate.query(sqlQuery, new UserMapper());
71. ModelAndView modelAndView = new ModelAndView("account");
72. modelAndView.addObject(showUser);
73. modelAndView.addObject("showUser", showUser);
74. session.setAttribute("user", newEmail);
75. return modelAndView;
76. }
77. else if (canResetPassword.equals("go")) {
78. sqlQuery = String.format("UPDATE MEMBERS SET Pwd = '%s' WHERE Email = '%s'", newPassword, memail);
79. newJdbcTemplate.execute(sqlQuery);
80. ModelAndView mv = new ModelAndView("newLogIn");
81. mv.addObject("msg", "Bitte loggen Sie sich erst ein, um Ihre Account-Daten einzusehen.");
82. return mv;
83. } else if (canDeleteAccount.equals("go")) {
84. sqlQuery = String.format("DELETE FROM MEMBERS WHERE Email = '%s'", memail);
85. newJdbcTemplate.execute(sqlQuery);
86. session.setAttribute("login", false);
87. ModelAndView mv = new ModelAndView("newLogIn");
88. mv.addObject("msg", "Bitte loggen Sie sich erst ein, um Ihre Account-Daten einzusehen.");
89. return mv;
90. }
91. ModelAndView mv = new ModelAndView("newLogIn");
92. mv.addObject("msg", "Bitte loggen Sie sich erst ein, um Ihre Account-Daten einzusehen.");
93. return mv;
94. }
95.  
96. }