Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package coreservlets;
- import java.io.File;
- import java.io.IOException;
- import java.sql.Connection;
- import java.sql.DriverManager;
- import java.sql.SQLException;
- import java.sql.Statement;
- import java.util.Iterator;
- import java.util.List;
- import java.util.Random;
- import javax.servlet.ServletException;
- import javax.servlet.annotation.WebServlet;
- import javax.servlet.http.HttpServlet;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import javax.servlet.http.HttpSession;
- import net.sf.jmimemagic.Magic;
- import net.sf.jmimemagic.MagicMatch;
- import org.apache.commons.fileupload.FileItem;
- import org.apache.commons.fileupload.disk.DiskFileItemFactory;
- import org.apache.commons.fileupload.servlet.ServletFileUpload;
- /**
- * Servlet implementation class AddProperty
- */
- @WebServlet("/addProperty")
- public class AddProperty extends HttpServlet {
- private static final long serialVersionUID = 1L;
- String uploadStatus = "";
- String msg = "";
- /**
- * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
- */
- protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
- HttpSession session = request.getSession();
- DiskFileItemFactory factory = new DiskFileItemFactory();
- factory.setSizeThreshold(3*1024*1024);//3MB
- factory.setRepository(new File("/tmp"));
- ServletFileUpload upload = new ServletFileUpload(factory);
- upload.setSizeMax(3*1024*1024);//3MB
- boolean isMultiPart = ServletFileUpload.isMultipartContent(request);
- File uploadedFile = null;
- if(isMultiPart)
- {
- try {
- System.out.println("Line:56");
- String title = ""; // title
- String type = ""; // type
- String desc = ""; // item_desc
- String address = ""; // address
- int buy = 0; // buy
- boolean bid = false; // on_bid
- boolean rent = false; // on_rent
- int bidStart = 0; // bid_start
- int bidInc = 0; // bid_inc
- int bidEnd = 0; // bid_end
- String imgcode = ""; // imgCode
- String captcha = session.getAttribute("captcha").toString();
- String imgName = randomKey(5)+"_"+randomKey(10);
- String addProperty;
- String imgProperty = "property.png";
- List fileItems = upload.parseRequest(request);
- Iterator itr = fileItems.iterator();
- while (itr.hasNext())
- {
- FileItem item = (FileItem) itr.next();
- if(item.isFormField())
- {
- String name = item.getFieldName();
- String value = item.getString();
- System.out.println("Line:85");
- try
- {
- if(name.equalsIgnoreCase("title"))
- {
- title = (value.equals(null)||value.equals(""))?"":value;
- System.out.println(name+":"+value);
- }
- else if(name.equalsIgnoreCase("item_desc"))
- {
- desc = (value.equals(null)||value.equals(""))?"":value;
- System.out.println(name+":"+value);
- }
- else if(name.equalsIgnoreCase("type"))
- {
- type = (value.equals(null)||value.equals(""))?"":value;
- System.out.println(name+":"+value);
- }
- else if(name.equalsIgnoreCase("address"))
- {
- address = (value.equals(null)||value.equals(""))?"":value;
- System.out.println(name+":"+value);
- }
- else if(name.equalsIgnoreCase("buy"))
- {
- buy = (value.equals(null)||value.equals(""))?0:Integer.parseInt(value);
- System.out.println(name+":"+value);
- }
- else if(name.equalsIgnoreCase("on_bid"))
- {
- bid = (value.equals(null)||value.equals(""))?false:(value.equals("on")?true:false);
- System.out.println(name+":"+value);
- }
- else if(name.equalsIgnoreCase("on_rent"))
- {
- rent = (value.equals(null)||value.equals(""))?false:(value.equals("on")?true:false);
- System.out.println(name+":"+value);
- }
- else if(name.equalsIgnoreCase("bid_start"))
- {
- bidStart = (value.equals(null)||value.equals(""))?0:Integer.parseInt(value);
- System.out.println(name+":"+value);
- }
- else if(name.equalsIgnoreCase("bid_inc"))
- {
- bidInc = (value.equals(null)||value.equals(""))?0:Integer.parseInt(value);
- System.out.println(name+":"+value);
- }
- else if(name.equalsIgnoreCase("bid_end"))
- {
- bidEnd = (value.equals(null)||value.equals(""))?0:Integer.parseInt(value);
- System.out.println(name+":"+value);
- }
- else if(name.equalsIgnoreCase("imgCode"))
- {
- imgcode = (value.equals(null)||value.equals(""))?"":value.toLowerCase();
- System.out.println(name+":"+value);
- }
- }
- catch(Exception e)
- {
- uploadStatus = "Check form fields."+e;
- session.setAttribute("msgAdd", msg);
- session.setAttribute("uploadStatus", uploadStatus);
- response.sendRedirect("addNew.jsp");
- }
- }
- else if(!item.isFormField())
- {
- System.out.println("Line:154");
- byte[] fileData = item.get();
- MagicMatch match = Magic.getMagicMatch(fileData);
- String mimeType = match.getMimeType();
- String fileType = mimeType.contains("png")?"png":(mimeType.contains("jpeg")?"jpg":(mimeType.contains("bmp")?"bmp":"unknown"));
- if((fileType == "png"||fileType == "jpg"||fileType == "bmp"))
- {
- System.out.println("Line:162");
- String storeFile = imgName+"."+fileType;
- imgProperty = storeFile;
- uploadedFile = new File("C://webapps/example/images/properties/"+storeFile);
- item.write(uploadedFile);
- uploadStatus = "Upload successful.";
- }
- else
- {
- System.out.println("Line:172");
- uploadStatus = "JPEG/PNG/BMP less than 3MB only are allowed."+fileType;
- session.setAttribute("msgAdd", msg);
- session.setAttribute("uploadStatus", uploadStatus);
- response.sendRedirect("addNew.jsp");
- }
- }
- }
- if(imgcode != "" && captcha.equals(imgcode))
- {
- System.out.println("Line:184");
- checkText(desc, address);
- if(bid)
- {
- System.out.println("Line:188");
- checkNumber(bidStart);
- checkNumber(bidInc);
- checkNumber(bidEnd);
- addProperty = "INSERT INTO `propertefied`.`items_property` (`desc_item`, `type`, `address`, `buy_price`, `listed_date`, `bid_start`, `bid_inc`, `on_bid`, `owner`, `bid_endDate`, `on_lease`, `title`) VALUES('"
- + desc
- + "', '"
- + type
- + "', '"
- + address
- + "', "
- + buy
- + ", current_timestamp(), "
- + bidStart
- + ", "
- + bidInc
- + ", "
- + bid
- + "', '"
- + session.getAttribute("uname")
- + "', adddate(current_timestamp(),"
- + bidEnd
- +"), "
- + rent + ", '" + title + "')";
- }
- else
- {
- System.out.println("Line:215");
- addProperty = "INSERT INTO `propertefied`.`items_property` (`desc_item`, `type`, `address`, `buy_price`, `listed_date`, `bid_start`, `bid_inc`, `on_bid`, `owner`, `bid_endDate`, `on_lease`, `title`) VALUES('"
- + desc
- + "', '"
- + type
- + "', '"
- + address
- + "', "
- + buy
- + ", current_timestamp(), 0, 0, false, '"
- + session.getAttribute("uname")
- + "', null, false, '" + title + "')";
- }
- if(msg.equals("") || msg == null)
- {
- System.out.println("Line:231");
- Connection con = null;
- Statement stmt = null;
- try
- {
- Class.forName("com.mysql.jdbc.Driver");
- con = DriverManager.getConnection("jdbc:mysql://localhost:3306/propertefied?" +
- "user=root&password=p@$5wd");
- con.setAutoCommit(true);
- stmt = con.createStatement();
- stmt.executeUpdate(addProperty);
- stmt.executeUpdate("UPDATE `propertefied`.`items_property` SET photo='"+imgProperty+"' WHERE owner='"+session.getAttribute("uname")+"'");
- msg = "Added successfully";
- }
- catch(SQLException sqle)
- {
- System.out.println("Line:247"+sqle+":"+addProperty);
- uploadedFile.delete();
- msg = "Error";
- session.setAttribute("msgAdd", msg);
- session.setAttribute("uploadStatus", uploadStatus);
- response.sendRedirect("addNew.jsp");
- }
- catch(Exception e)
- {
- System.out.println("Line:256");
- uploadedFile.delete();
- msg = "Error";
- session.setAttribute("msgAdd", msg);
- session.setAttribute("uploadStatus", uploadStatus);
- response.sendRedirect("addNew.jsp");
- }
- }
- else
- {
- System.out.println("Line:266");
- session.setAttribute("msgAdd", msg);
- session.setAttribute("uploadStatus", uploadStatus);
- response.sendRedirect("addNew.jsp");
- }
- }
- else
- {
- msg = "Image Verification failed. Captcha:"+captcha+" ; imgcode:"+imgcode;
- session.setAttribute("msgAdd", msg);
- session.setAttribute("uploadStatus", uploadStatus);
- response.sendRedirect("addNew.jsp");
- }
- }
- catch(Exception e)
- {
- System.out.println("Line:283");
- uploadStatus = "JPEG/PNG/BMP less than 3MB only are allowed."+e;
- session.setAttribute("msgAdd", msg);
- session.setAttribute("uploadStatus", uploadStatus);
- response.sendRedirect("addNew.jsp");
- }
- }
- else
- {
- uploadStatus = "Not a valid form";
- session.setAttribute("msgAdd", msg);
- session.setAttribute("uploadStatus", uploadStatus);
- response.sendRedirect("addNew.jsp");
- }
- System.out.println("Line:298");
- session.setAttribute("msgAdd", msg);
- session.setAttribute("uploadStatus", uploadStatus);
- response.sendRedirect("addNew.jsp");
- }
- public StringBuffer randomKey(int count)
- {
- Random ran = new Random();
- String chars = "abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ";
- char ch[] = chars.toCharArray();
- StringBuffer sb = new StringBuffer();
- for(int i=0;i<(count==0?1:count);i++)
- {
- char letter = ch[ran.nextInt(62)];
- sb.append(letter);
- }
- return sb;
- }
- public void checkText(String desc, String address)
- {
- String regex = "^[a-zA-Z0-9/,.() -]*$";
- if(desc != null && desc.matches(regex))
- {
- msg = "";
- }
- else if(desc != null && !desc.matches(regex))
- {
- msg = "Invalid characters in description field";
- }
- else if(address != null && address.matches(regex))
- {
- msg = "";
- }
- else if(address != null && !address.matches(regex))
- {
- msg = "Invalid characters in address field";
- }
- else if (address == null)
- {
- msg = "Address field is required";
- }
- else
- {
- msg = "Description field is required";
- }
- }
- public void checkNumber(int number)
- {
- String num = String.valueOf(number);
- String regex = "^[0-9]([0-9]*)$";
- if(num != null && num.matches(regex))
- {
- msg = "";
- }
- else if(num != null && !num.matches(regex))
- {
- msg = "Invalid number field";
- }
- else
- {
- msg = "Required field cannot be left empty";
- }
- }
- }
Add Comment
Please, Sign In to add comment