fixed most compilation errors
This commit is contained in:
parent
cd24ee74e3
commit
de503bd441
23 changed files with 208 additions and 475 deletions
|
|
@ -26,7 +26,7 @@
|
||||||
|
|
||||||
<servlet>
|
<servlet>
|
||||||
<servlet-name>Content</servlet-name>
|
<servlet-name>Content</servlet-name>
|
||||||
<servlet-class>zall.ZalleryContent</servlet-class>
|
<servlet-class>zall.page.ContentServlet</servlet-class>
|
||||||
</servlet>
|
</servlet>
|
||||||
<servlet-mapping>
|
<servlet-mapping>
|
||||||
<servlet-name>Content</servlet-name>
|
<servlet-name>Content</servlet-name>
|
||||||
|
|
|
||||||
|
|
@ -46,7 +46,7 @@
|
||||||
|
|
||||||
<servlet>
|
<servlet>
|
||||||
<servlet-name>Content</servlet-name>
|
<servlet-name>Content</servlet-name>
|
||||||
<servlet-class>zall.ZalleryContent</servlet-class>
|
<servlet-class>zall.page.ContentServlet</servlet-class>
|
||||||
</servlet>
|
</servlet>
|
||||||
<servlet-mapping>
|
<servlet-mapping>
|
||||||
<servlet-name>Content</servlet-name>
|
<servlet-name>Content</servlet-name>
|
||||||
|
|
|
||||||
|
|
@ -46,7 +46,7 @@
|
||||||
|
|
||||||
<servlet>
|
<servlet>
|
||||||
<servlet-name>Content</servlet-name>
|
<servlet-name>Content</servlet-name>
|
||||||
<servlet-class>zall.ZalleryContent</servlet-class>
|
<servlet-class>zall.page.ContentServlet</servlet-class>
|
||||||
</servlet>
|
</servlet>
|
||||||
<servlet-mapping>
|
<servlet-mapping>
|
||||||
<servlet-name>Content</servlet-name>
|
<servlet-name>Content</servlet-name>
|
||||||
|
|
|
||||||
|
|
@ -55,7 +55,7 @@
|
||||||
<SOURCES />
|
<SOURCES />
|
||||||
</library>
|
</library>
|
||||||
</orderEntry>
|
</orderEntry>
|
||||||
<orderEntry type="library" name="Maven: se.koc:zutil:1.0.0-SNAPSHOT" level="project" />
|
<orderEntry type="library" name="Maven: se.koc:zutil:1.0.1" level="project" />
|
||||||
<orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.2.1" level="project" />
|
<orderEntry type="library" name="Maven: commons-fileupload:commons-fileupload:1.2.1" level="project" />
|
||||||
<orderEntry type="library" name="Maven: commons-io:commons-io:2.5" level="project" />
|
<orderEntry type="library" name="Maven: commons-io:commons-io:2.5" level="project" />
|
||||||
<orderEntry type="library" name="Maven: dom4j:dom4j:1.6.1" level="project" />
|
<orderEntry type="library" name="Maven: dom4j:dom4j:1.6.1" level="project" />
|
||||||
|
|
@ -63,8 +63,8 @@
|
||||||
<orderEntry type="library" name="Maven: org.xerial:sqlite-jdbc:3.8.11.2" level="project" />
|
<orderEntry type="library" name="Maven: org.xerial:sqlite-jdbc:3.8.11.2" level="project" />
|
||||||
<orderEntry type="library" name="Maven: org.hamcrest:hamcrest-core:1.3" level="project" />
|
<orderEntry type="library" name="Maven: org.hamcrest:hamcrest-core:1.3" level="project" />
|
||||||
<orderEntry type="library" name="Maven: com.carrotsearch:junit-benchmarks:0.7.2" level="project" />
|
<orderEntry type="library" name="Maven: com.carrotsearch:junit-benchmarks:0.7.2" level="project" />
|
||||||
<orderEntry type="library" name="Maven: javax.mail:mail:1.3.2" level="project" />
|
<orderEntry type="library" name="Maven: javax.mail:javax.mail-api:1.6.1" level="project" />
|
||||||
<orderEntry type="library" name="Maven: javax.activation:activation:1.0.2" level="project" />
|
<orderEntry type="library" name="Maven: javax.activation:activation:1.1" level="project" />
|
||||||
<orderEntry type="library" name="Maven: mysql:mysql-connector-java:5.1.36" level="project" />
|
<orderEntry type="library" name="Maven: mysql:mysql-connector-java:5.1.36" level="project" />
|
||||||
<orderEntry type="module-library">
|
<orderEntry type="module-library">
|
||||||
<library name="Maven: xuggle:xuggle-xuggler:5.4">
|
<library name="Maven: xuggle:xuggle-xuggler:5.4">
|
||||||
|
|
@ -76,6 +76,5 @@
|
||||||
</library>
|
</library>
|
||||||
</orderEntry>
|
</orderEntry>
|
||||||
<orderEntry type="library" scope="PROVIDED" name="Maven: javax.servlet:javax.servlet-api:3.1.0" level="project" />
|
<orderEntry type="library" scope="PROVIDED" name="Maven: javax.servlet:javax.servlet-api:3.1.0" level="project" />
|
||||||
<orderEntry type="module" module-name="Zutil" />
|
|
||||||
</component>
|
</component>
|
||||||
</module>
|
</module>
|
||||||
Binary file not shown.
8
pom.xml
8
pom.xml
|
|
@ -22,12 +22,12 @@
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>se.koc</groupId>
|
<groupId>se.koc</groupId>
|
||||||
<artifactId>zutil</artifactId>
|
<artifactId>zutil</artifactId>
|
||||||
<version>1.0.0-SNAPSHOT</version>
|
<version>1.0.1</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>javax.mail</groupId>
|
<groupId>javax.mail</groupId>
|
||||||
<artifactId>mail</artifactId>
|
<artifactId>javax.mail-api</artifactId>
|
||||||
<version>1.3.2</version>
|
<version>1.6.1</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>mysql</groupId>
|
<groupId>mysql</groupId>
|
||||||
|
|
@ -52,7 +52,7 @@
|
||||||
|
|
||||||
<build>
|
<build>
|
||||||
<sourceDirectory>src</sourceDirectory>
|
<sourceDirectory>src</sourceDirectory>
|
||||||
<testSourceDirectory>test</testSourceDirectory>
|
<!--<testSourceDirectory>test</testSourceDirectory>-->
|
||||||
|
|
||||||
<plugins>
|
<plugins>
|
||||||
<plugin>
|
<plugin>
|
||||||
|
|
|
||||||
|
|
@ -74,201 +74,6 @@ public class Zallery extends HttpServlet{
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException{
|
|
||||||
DBConnection db = null;
|
|
||||||
try{
|
|
||||||
doGet(request, response, db = getDB());
|
|
||||||
} finally{
|
|
||||||
if(db != null) db.close();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
public void doGet(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws ServletException{
|
|
||||||
try{
|
|
||||||
response.setContentType("text/html");
|
|
||||||
HttpSession session = request.getSession();
|
|
||||||
String page = new File(request.getRequestURI()).getName();
|
|
||||||
request.setAttribute("page", page);
|
|
||||||
User user = (User) session.getAttribute("user");
|
|
||||||
String action = request.getParameter("action");
|
|
||||||
if( action == null ) action = "";
|
|
||||||
UserMessage msgs = UserMessage.getUserMessage(session);
|
|
||||||
|
|
||||||
|
|
||||||
// Verify email address
|
|
||||||
if( action.equalsIgnoreCase("verfemail") ){
|
|
||||||
User verfUser = User.load(db, Long.parseLong(request.getParameter("id")));
|
|
||||||
if (verfUser != null) {
|
|
||||||
if( verfUser.verifyEmail(request.getParameter("hash")) ){
|
|
||||||
ZalleryEmail.sendNewUserRegistrationToAdmin(verfUser, db);
|
|
||||||
verfUser.save(db);
|
|
||||||
msgs.add(MessageType.INFO, "Your email has been successfully verified.");
|
|
||||||
msgs.add(MessageType.WARNING, "The account is waiting account activation by an admin.");
|
|
||||||
}
|
|
||||||
else
|
|
||||||
msgs.add(MessageType.ERROR, "Email verification failed!");
|
|
||||||
}
|
|
||||||
else msgs.add(MessageType.ERROR, "Invalid user id: "+request.getParameter("id"));
|
|
||||||
}
|
|
||||||
// auth with cookie
|
|
||||||
if( user == null ){
|
|
||||||
user = User.loadByCookie(request, db, getCookieValue(request.getCookies(), "sessionHash") );
|
|
||||||
if(user != null){
|
|
||||||
logger.info("Used cookies to auth User: \""+user.getName()+"\".");
|
|
||||||
session.setAttribute("user", user);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if( user == null && ( !page.startsWith("register") && !page.startsWith("login") )){
|
|
||||||
//response.sendRedirect("login?redirect=\""+getUrl(request)+"\"");
|
|
||||||
response.sendRedirect("login");
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
// validate user or Logout
|
|
||||||
if( user != null && ( !user.valid(request) || page.startsWith("logout") )){
|
|
||||||
logger.info("Logging Out User: \""+user.getName()+"\".");
|
|
||||||
session.invalidate();
|
|
||||||
session = request.getSession( true );
|
|
||||||
msgs.setSession( session );
|
|
||||||
user.logout( response );
|
|
||||||
|
|
||||||
if( !user.isEmailVerified() )
|
|
||||||
msgs.add(MessageType.WARNING, "Your email has not been verified!");
|
|
||||||
else if( !user.isEnabled() )
|
|
||||||
msgs.add(MessageType.ERROR, "Your account is disabled! Please contact the website administrator.");
|
|
||||||
else
|
|
||||||
msgs.add(MessageType.WARNING, "Your have been logged out.");
|
|
||||||
user = null;
|
|
||||||
response.sendRedirect("login");
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
//**********************************************************
|
|
||||||
String include_jsp = null;
|
|
||||||
if( user != null ){
|
|
||||||
logger.finest("Valid user: \""+user.getName()+"\"");
|
|
||||||
// Import JSP pages
|
|
||||||
if(page.startsWith("media")){
|
|
||||||
try{
|
|
||||||
if( request.getParameter("id") == null && request.getParameter("type") == null){
|
|
||||||
msgs.add(MessageType.ERROR, "Missing parameters!");
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
int id = Integer.parseInt( request.getParameter("id") );
|
|
||||||
Media media = Media.load(db, request.getParameter("type"), id);
|
|
||||||
|
|
||||||
request.setAttribute("media", media);
|
|
||||||
include_jsp = "media.jsp";
|
|
||||||
}catch(NumberFormatException e){ logger.log(Level.FINE, "", e); }
|
|
||||||
}
|
|
||||||
else if(page.startsWith("login")){
|
|
||||||
include_jsp = "login.jsp";
|
|
||||||
}
|
|
||||||
else if(page.startsWith("profile")){
|
|
||||||
if( request.getParameter("id") != null ){
|
|
||||||
User profile_user = User.load(db, Long.parseLong( request.getParameter("id") ));
|
|
||||||
if( AuthenticationManager.canEdit( user, profile_user )){
|
|
||||||
request.setAttribute("profile_user", profile_user);
|
|
||||||
include_jsp = "profile.jsp";
|
|
||||||
}else{
|
|
||||||
msgs.add(MessageType.ERROR, "You do not have permission to edit this user.");
|
|
||||||
}
|
|
||||||
}else{
|
|
||||||
request.setAttribute("profile_user", user);
|
|
||||||
include_jsp = "profile.jsp";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else if(page.startsWith("users")){
|
|
||||||
List<User> users = User.load(db);
|
|
||||||
request.setAttribute("users", users);
|
|
||||||
include_jsp = "users.jsp";
|
|
||||||
}
|
|
||||||
else if(page.startsWith("upload")){
|
|
||||||
List<Folder> dirList = Folder.load(db, user);
|
|
||||||
request.setAttribute("folders", dirList);
|
|
||||||
include_jsp = "upload.jsp";
|
|
||||||
}
|
|
||||||
else if( page.startsWith("slideshow") ){
|
|
||||||
Image image = Image.load(db, Integer.parseInt( request.getParameter("id") ));
|
|
||||||
request.setAttribute("image", image );
|
|
||||||
List<Image> list = Image.loadFolder(db, image.getFolder());
|
|
||||||
|
|
||||||
request.setAttribute("image", image);
|
|
||||||
request.setAttribute("images", list);
|
|
||||||
|
|
||||||
include_jsp = "slideshow.jsp";
|
|
||||||
}
|
|
||||||
else { // if(page.startsWith("gallery"))
|
|
||||||
Folder folder = null;
|
|
||||||
if(request.getParameter("folder") != null && !request.getParameter("folder").equalsIgnoreCase("null"))
|
|
||||||
folder = Folder.load(db, Long.parseLong(request.getParameter("folder")) );
|
|
||||||
else{
|
|
||||||
folder = Folder.loadRoot(db, user);
|
|
||||||
// Setup new root folder
|
|
||||||
if( folder == null ){
|
|
||||||
folder = Folder.genRoot();
|
|
||||||
folder.save(db);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
List<Media> list = Media.load(db, folder);
|
|
||||||
List<Folder> subFolders = Folder.loadSubFolders(db, folder, user);
|
|
||||||
|
|
||||||
//session.setAttribute("user", user);
|
|
||||||
request.setAttribute("folder", folder);
|
|
||||||
request.setAttribute("subfolders", subFolders);
|
|
||||||
request.setAttribute("media", list);
|
|
||||||
|
|
||||||
include_jsp = "gallery.jsp";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else if(page.startsWith("register")){
|
|
||||||
include_jsp = "register.jsp";
|
|
||||||
}
|
|
||||||
else if(page.startsWith("login")){
|
|
||||||
include_jsp = "login.jsp";
|
|
||||||
}
|
|
||||||
else{
|
|
||||||
//response.sendRedirect("login?redirect=\""+getUrl(request)+"\"");
|
|
||||||
response.sendRedirect("login");
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
include("header.jsp", request, response);
|
|
||||||
if( include_jsp != null )
|
|
||||||
include(include_jsp, request, response);
|
|
||||||
include("footer.jsp", request, response);
|
|
||||||
} catch (Exception e) {
|
|
||||||
logger.severe(e.getMessage());
|
|
||||||
System.out.flush();
|
|
||||||
throw new ServletException(e);
|
|
||||||
} finally{
|
|
||||||
if(db != null) db.close();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException{
|
|
||||||
try {
|
|
||||||
include("ajax", request, response);
|
|
||||||
|
|
||||||
// RequestDispatcher include header read only workaround
|
|
||||||
HttpSession session = request.getSession();
|
|
||||||
User user = (User) session.getAttribute("user");
|
|
||||||
if( user != null ){
|
|
||||||
Cookie c = new Cookie("sessionHash", user.getSessionHash() );
|
|
||||||
c.setMaxAge(5*24*60*60); // 5 days
|
|
||||||
response.addCookie( c );
|
|
||||||
}
|
|
||||||
|
|
||||||
// Do the output
|
|
||||||
doGet(request, response);
|
|
||||||
|
|
||||||
} catch (Exception e) {
|
|
||||||
logger.severe(e.getMessage());
|
|
||||||
throw new ServletException(e);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
public static DBConnection getDB() throws ServletException{
|
public static DBConnection getDB() throws ServletException{
|
||||||
try {
|
try {
|
||||||
return new DBConnection("jdbc/mysql");
|
return new DBConnection("jdbc/mysql");
|
||||||
|
|
@ -277,11 +82,6 @@ public class Zallery extends HttpServlet{
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
protected void include(String url, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException{
|
|
||||||
RequestDispatcher dispatcher = getServletContext().getRequestDispatcher("/"+url);
|
|
||||||
if (dispatcher != null)
|
|
||||||
dispatcher.include(request, response);
|
|
||||||
}
|
|
||||||
|
|
||||||
public static String getCookieValue(Cookie[] cookies, String name) {
|
public static String getCookieValue(Cookie[] cookies, String name) {
|
||||||
if( cookies == null )
|
if( cookies == null )
|
||||||
|
|
|
||||||
|
|
@ -1,87 +0,0 @@
|
||||||
package zall;
|
|
||||||
|
|
||||||
import java.io.BufferedInputStream;
|
|
||||||
import java.io.File;
|
|
||||||
import java.io.FileInputStream;
|
|
||||||
|
|
||||||
import javax.servlet.ServletException;
|
|
||||||
import javax.servlet.http.HttpServlet;
|
|
||||||
import javax.servlet.http.HttpServletRequest;
|
|
||||||
import javax.servlet.http.HttpServletResponse;
|
|
||||||
import javax.servlet.http.HttpSession;
|
|
||||||
|
|
||||||
import org.apache.commons.fileupload.util.Streams;
|
|
||||||
|
|
||||||
import zall.bean.Image;
|
|
||||||
import zall.bean.Media;
|
|
||||||
import zall.bean.User;
|
|
||||||
import zall.bean.Video;
|
|
||||||
import zutil.db.DBConnection;
|
|
||||||
import zutil.io.file.FileUtil;
|
|
||||||
|
|
||||||
public class ZalleryContent extends HttpServlet{
|
|
||||||
private static final long serialVersionUID = 1L;
|
|
||||||
|
|
||||||
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException{
|
|
||||||
DBConnection db = null;
|
|
||||||
try {
|
|
||||||
HttpSession session = request.getSession();
|
|
||||||
User user = (User) session.getAttribute("user");
|
|
||||||
String size = request.getParameter("size");
|
|
||||||
if( size == null ) size = "";
|
|
||||||
|
|
||||||
if( user != null || size.equalsIgnoreCase("small") ){
|
|
||||||
db = Zallery.getDB();
|
|
||||||
Media media;
|
|
||||||
|
|
||||||
if( "video".equals(request.getParameter("type")) )
|
|
||||||
media = Video.load(db, Integer.parseInt(request.getParameter("id")));
|
|
||||||
else
|
|
||||||
media = Image.load(db, Integer.parseInt(request.getParameter("id")));
|
|
||||||
|
|
||||||
if( media != null ){
|
|
||||||
File file = null;
|
|
||||||
if( size.equalsIgnoreCase( "small" ) )
|
|
||||||
file = media.getFile( Media.Size.SMALL );
|
|
||||||
else if( size.equalsIgnoreCase( "medium" ) )
|
|
||||||
file = media.getFile( Media.Size.MEDIUM );
|
|
||||||
else if( size.equalsIgnoreCase( "large" ) )
|
|
||||||
file = media.getFile( Media.Size.LARGE );
|
|
||||||
else
|
|
||||||
file = media.getFile( Media.Size.ORIGINAL );
|
|
||||||
|
|
||||||
if( request.getParameter("download") != null )
|
|
||||||
response.setHeader("Content-disposition", "attachment; filename="+media.getTitle()+"."+FileUtil.getFileExtension(file));
|
|
||||||
|
|
||||||
if( file.exists() ){
|
|
||||||
if( "video".equals(request.getParameter("type")) )
|
|
||||||
response.setContentType("video/"+FileUtil.getFileExtension(file));
|
|
||||||
else
|
|
||||||
response.setContentType("image/"+FileUtil.getFileExtension(file));
|
|
||||||
response.setContentLength( (int)file.length() );
|
|
||||||
|
|
||||||
BufferedInputStream in = new BufferedInputStream( new FileInputStream(file) );
|
|
||||||
Streams.copy(in, response.getOutputStream(), false);
|
|
||||||
in.close();
|
|
||||||
}
|
|
||||||
else
|
|
||||||
response.setStatus( 404 );
|
|
||||||
}
|
|
||||||
else{
|
|
||||||
// Page not found
|
|
||||||
response.setStatus( 404 );
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
else{
|
|
||||||
// Unauthorized
|
|
||||||
response.setStatus( 401 );
|
|
||||||
}
|
|
||||||
|
|
||||||
} catch (Exception e) {
|
|
||||||
throw new ServletException(e);
|
|
||||||
} finally{
|
|
||||||
if(db != null) db.close();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,5 +1,6 @@
|
||||||
package zall;
|
package zall;
|
||||||
|
|
||||||
|
import zall.util.UserMessage;
|
||||||
import zutil.db.DBConnection;
|
import zutil.db.DBConnection;
|
||||||
import zutil.log.LogUtil;
|
import zutil.log.LogUtil;
|
||||||
|
|
||||||
|
|
@ -8,10 +9,16 @@ import javax.servlet.ServletException;
|
||||||
import javax.servlet.http.*;
|
import javax.servlet.http.*;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.sql.SQLException;
|
import java.sql.SQLException;
|
||||||
|
import java.util.Locale;
|
||||||
|
import java.util.PropertyResourceBundle;
|
||||||
|
import java.util.ResourceBundle;
|
||||||
import java.util.logging.Logger;
|
import java.util.logging.Logger;
|
||||||
|
|
||||||
|
import static zall.ZalleryConstant.LANG_BASENAME;
|
||||||
|
|
||||||
public abstract class ZalleryServlet extends HttpServlet {
|
public abstract class ZalleryServlet extends HttpServlet {
|
||||||
private static Logger logger = LogUtil.getLogger();
|
private static Logger logger = LogUtil.getLogger();
|
||||||
|
protected ResourceBundle lang = PropertyResourceBundle.getBundle(LANG_BASENAME, Locale.getDefault());
|
||||||
|
|
||||||
|
|
||||||
public final void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException {
|
public final void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException {
|
||||||
|
|
|
||||||
|
|
@ -1,42 +0,0 @@
|
||||||
package zall.action;
|
|
||||||
|
|
||||||
import java.io.PrintWriter;
|
|
||||||
import java.sql.SQLException;
|
|
||||||
import java.util.logging.Logger;
|
|
||||||
|
|
||||||
import javax.servlet.http.HttpServletRequest;
|
|
||||||
import javax.servlet.http.HttpServletResponse;
|
|
||||||
import javax.servlet.http.HttpSession;
|
|
||||||
|
|
||||||
import zall.bean.User;
|
|
||||||
import zall.util.UserMessage;
|
|
||||||
import zall.util.UserMessage.MessageType;
|
|
||||||
import zutil.db.DBConnection;
|
|
||||||
import zutil.log.LogUtil;
|
|
||||||
|
|
||||||
public class LoginAction extends ZalleryAction{
|
|
||||||
|
|
||||||
private static final Logger logger = LogUtil.getLogger();
|
|
||||||
|
|
||||||
public LoginAction() {
|
|
||||||
super("login");
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void handleRequest(DBConnection db, HttpServletRequest request, HttpServletResponse response, HttpSession session,
|
|
||||||
PrintWriter out, User user, UserMessage msgs) throws SQLException {
|
|
||||||
|
|
||||||
user = User.load(request, response, db, request.getParameter("email"), request.getParameter("password") );
|
|
||||||
if( user != null ){
|
|
||||||
logger.info("Used user input to auth \""+user.getName()+"\"");
|
|
||||||
session.setAttribute("user", user);
|
|
||||||
if( out != null )
|
|
||||||
out.println("{ }");
|
|
||||||
}
|
|
||||||
else if(out != null) out.println("{ \"error\":\"Wrong username or password!\"}");
|
|
||||||
else msgs.add(MessageType.ERROR, "Wrong username or password!");
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
@ -1,51 +0,0 @@
|
||||||
package zall.action;
|
|
||||||
|
|
||||||
import java.io.IOException;
|
|
||||||
import java.io.PrintWriter;
|
|
||||||
import java.sql.SQLException;
|
|
||||||
import java.util.logging.Logger;
|
|
||||||
|
|
||||||
import javax.servlet.http.HttpServletRequest;
|
|
||||||
import javax.servlet.http.HttpServletResponse;
|
|
||||||
import javax.servlet.http.HttpSession;
|
|
||||||
|
|
||||||
import zall.bean.User;
|
|
||||||
import zall.util.ZalleryEmail;
|
|
||||||
import zall.util.UserMessage;
|
|
||||||
import zall.util.UserMessage.MessageType;
|
|
||||||
import zutil.db.DBConnection;
|
|
||||||
import zutil.log.LogUtil;
|
|
||||||
|
|
||||||
public class RegisterAction extends ZalleryAction{
|
|
||||||
private static final Logger logger = LogUtil.getLogger();
|
|
||||||
|
|
||||||
public RegisterAction() {
|
|
||||||
super("register");
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void handleRequest(DBConnection db, HttpServletRequest request, HttpServletResponse response, HttpSession session,
|
|
||||||
PrintWriter out, User user, UserMessage msgs) throws SQLException, IOException {
|
|
||||||
|
|
||||||
if( request.getParameter("email") == null ){
|
|
||||||
msgs.add(MessageType.ERROR, "Please provide a valid email!");
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
if(User.load(db, request.getParameter("email")) != null){
|
|
||||||
msgs.add(MessageType.ERROR, "An account with that email already exists!");
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
user = new User();
|
|
||||||
user.setEmail( request.getParameter("email") );
|
|
||||||
user.setPassword( request.getParameter("password") );
|
|
||||||
user.setName( request.getParameter("name") );
|
|
||||||
user.save(db);
|
|
||||||
ZalleryEmail.sendVerificationEmail( user );
|
|
||||||
logger.info("Registered new user: "+user.getName()+".");
|
|
||||||
session.setAttribute("user", user);
|
|
||||||
if(out != null) out.println("{ \"id\":"+user.getId()+" }");
|
|
||||||
else msgs.add(MessageType.INFO, "Your account has successfully been created. A verification email has been sent to your email, please click the link to continue.");
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
@ -39,7 +39,7 @@ public class ModifyUserStatusAction extends ZalleryAction{
|
||||||
if( target_user.getPassword() == null )
|
if( target_user.getPassword() == null )
|
||||||
target_user.setPassword( request.getParameter("password") );
|
target_user.setPassword( request.getParameter("password") );
|
||||||
else if( request.getParameter("oldPassword") != null )
|
else if( request.getParameter("oldPassword") != null )
|
||||||
if( target_user.equalsPassword(request.getParameter("oldPassword")) )
|
if( target_user.getPassword().equals(request.getParameter("oldPassword")) )
|
||||||
target_user.setPassword( request.getParameter("password") );
|
target_user.setPassword( request.getParameter("password") );
|
||||||
else{
|
else{
|
||||||
if(out != null) out.println("{ \"error\": \"Wrong password!\"}");
|
if(out != null) out.println("{ \"error\": \"Wrong password!\"}");
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,19 @@
|
||||||
error.email_exsists=An account with that email already exists!
|
error.incorrect.user_or_pass=Wrong username or password!
|
||||||
error.first_name_missing="Please provide a valid First Name!"
|
info.sent.email.verification=A verification email has been sent, please click the link to continue.
|
||||||
info.verification_email_sent="A verification email has been sent, please click the link to continue."
|
info.created.account=Your account has successfully been created.
|
||||||
info.account_created="Your account has successfully been created."
|
info.modify.folder.is.private=Folder is now private (not visible to other users).
|
||||||
|
info.modify.folder.is.public=Folder is now public (can be viewed by other users).
|
||||||
|
error.not.found.folder=The folder does not exist!
|
||||||
|
error.not.allowed.edit.folder=You are not authorize to edit this folder!
|
||||||
|
error.not.found.parameter=Parameter missing!
|
||||||
|
info.modify.successfully=Changes were saved successfully.
|
||||||
|
error.not.found.media=The media does not exist!
|
||||||
|
error.not.allowed.edit.media=You are not authorize to modify this media!
|
||||||
|
info.created.comment=Comment saved.
|
||||||
|
error.not.allowed.edit.user=You do not have permission to edit the user.
|
||||||
|
error.not.found.first.name=Please provide a valid first name!
|
||||||
|
error.not.found.last.name=Please provide a valid last name!
|
||||||
|
error.not.found.email=Please provide a valid email!
|
||||||
|
error.not.found.password=Please provide a valid password!
|
||||||
|
error.incorrect.password.matching=Provided passwords do not match!
|
||||||
|
error.email_exists=An account with that email already exists!
|
||||||
|
|
@ -10,9 +10,12 @@ import zutil.db.DBConnection;
|
||||||
import zutil.log.LogUtil;
|
import zutil.log.LogUtil;
|
||||||
|
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
import javax.servlet.http.HttpSession;
|
||||||
import java.sql.SQLException;
|
import java.sql.SQLException;
|
||||||
import java.util.logging.Logger;
|
import java.util.logging.Logger;
|
||||||
|
|
||||||
|
import static zall.ZalleryConstant.SESSION_KEY_USER;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
@ -38,6 +41,19 @@ public class AuthenticationManager {
|
||||||
return authenticatedUser;
|
return authenticatedUser;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return the User associated with the provided session.
|
||||||
|
*/
|
||||||
|
public static User getUserSession(HttpSession session) {
|
||||||
|
return (User) session.getAttribute(SESSION_KEY_USER);
|
||||||
|
}
|
||||||
|
public static void setUserSession(User user, HttpSession session) {
|
||||||
|
session.setAttribute(SESSION_KEY_USER, user);
|
||||||
|
}
|
||||||
|
public static void rmUserSession(HttpSession session) {
|
||||||
|
session.removeAttribute(SESSION_KEY_USER);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return true if the user has a valid authentication session
|
* @return true if the user has a valid authentication session
|
||||||
*/
|
*/
|
||||||
|
|
@ -49,13 +65,13 @@ public class AuthenticationManager {
|
||||||
if(user.getSessionHash() == null || user.getSessionHash().isEmpty() )
|
if(user.getSessionHash() == null || user.getSessionHash().isEmpty() )
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
switch( user.getAuthBy() ){
|
switch(user.getAuthBy()){
|
||||||
case USER_INPUT:
|
case USER_INPUT:
|
||||||
if (!user.isEmailVerified()) return false;
|
if (!user.isEmailVerified()) return false;
|
||||||
case COOKIE:
|
case COOKIE:
|
||||||
String cookieHash = Zallery.getCookieValue(request.getCookies(), ZalleryConstant.SESSION_KEY_AUTH_HASH);
|
String cookieHash = Zallery.getCookieValue(request.getCookies(), ZalleryConstant.SESSION_KEY_AUTH_HASH);
|
||||||
return user.getSessionHash().equals(cookieHash) &&
|
return user.getSessionHash().equals(cookieHash) &&
|
||||||
user.getIpHost().equals( request.getRemoteAddr() );
|
user.getIpHost().equals(request.getRemoteAddr());
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
@ -87,4 +103,5 @@ public class AuthenticationManager {
|
||||||
user.setSessionHash(null);
|
user.setSessionHash(null);
|
||||||
user.save(db);
|
user.save(db);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
76
src/zall/page/ContentServlet.java
Executable file
76
src/zall/page/ContentServlet.java
Executable file
|
|
@ -0,0 +1,76 @@
|
||||||
|
package zall.page;
|
||||||
|
|
||||||
|
import java.io.BufferedInputStream;
|
||||||
|
import java.io.File;
|
||||||
|
import java.io.FileInputStream;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.sql.SQLException;
|
||||||
|
|
||||||
|
import javax.servlet.ServletException;
|
||||||
|
import javax.servlet.annotation.WebServlet;
|
||||||
|
import javax.servlet.http.HttpServlet;
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
import javax.servlet.http.HttpServletResponse;
|
||||||
|
import javax.servlet.http.HttpSession;
|
||||||
|
|
||||||
|
import org.apache.commons.fileupload.util.Streams;
|
||||||
|
|
||||||
|
import zall.Zallery;
|
||||||
|
import zall.ZalleryServlet;
|
||||||
|
import zall.bean.Image;
|
||||||
|
import zall.bean.Media;
|
||||||
|
import zall.bean.User;
|
||||||
|
import zall.bean.Video;
|
||||||
|
import zall.manager.AuthenticationManager;
|
||||||
|
import zutil.db.DBConnection;
|
||||||
|
import zutil.io.file.FileUtil;
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* A headless page that provides media content.
|
||||||
|
*/
|
||||||
|
@WebServlet({"/image", "/video"})
|
||||||
|
public class ContentServlet extends ZalleryServlet {
|
||||||
|
private static final long serialVersionUID = 1L;
|
||||||
|
|
||||||
|
public void doGet(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws ServletException, SQLException, IOException {
|
||||||
|
String size = request.getParameter("size");
|
||||||
|
|
||||||
|
Media media = null;
|
||||||
|
String contentType = "";
|
||||||
|
switch (request.getServletPath()){
|
||||||
|
case "/video":
|
||||||
|
media = Video.load(db, Integer.parseInt(request.getParameter("id")));
|
||||||
|
contentType = "video";
|
||||||
|
break;
|
||||||
|
case "/image":
|
||||||
|
media = Image.load(db, Integer.parseInt(request.getParameter("id")));
|
||||||
|
contentType = "image";
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (media != null) {
|
||||||
|
File file;
|
||||||
|
if (size == null)
|
||||||
|
file = media.getFile(Media.Size.ORIGINAL);
|
||||||
|
else
|
||||||
|
file = media.getFile(Media.Size.valueOf(size.toUpperCase()));
|
||||||
|
|
||||||
|
if (request.getParameter("download") != null)
|
||||||
|
response.setHeader("Content-disposition", "attachment; filename=" + media.getTitle() + "." + FileUtil.getFileExtension(file));
|
||||||
|
|
||||||
|
if (file.exists()) {
|
||||||
|
response.setContentType(contentType + "/" + FileUtil.getFileExtension(file));
|
||||||
|
response.setContentLength((int) file.length());
|
||||||
|
|
||||||
|
BufferedInputStream in = new BufferedInputStream(new FileInputStream(file));
|
||||||
|
Streams.copy(in, response.getOutputStream(), false);
|
||||||
|
in.close();
|
||||||
|
} else
|
||||||
|
response.setStatus(404);
|
||||||
|
} else {
|
||||||
|
// Page not found
|
||||||
|
response.setStatus(404);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -3,6 +3,8 @@ package zall.page;
|
||||||
import zall.ZalleryServlet;
|
import zall.ZalleryServlet;
|
||||||
import zall.bean.Folder;
|
import zall.bean.Folder;
|
||||||
import zall.bean.Media;
|
import zall.bean.Media;
|
||||||
|
import zall.bean.User;
|
||||||
|
import zall.manager.AuthenticationManager;
|
||||||
import zall.util.UserMessage;
|
import zall.util.UserMessage;
|
||||||
import zutil.db.DBConnection;
|
import zutil.db.DBConnection;
|
||||||
import zutil.log.LogUtil;
|
import zutil.log.LogUtil;
|
||||||
|
|
@ -20,9 +22,13 @@ import java.util.logging.Logger;
|
||||||
public class GalleryServlet extends ZalleryServlet {
|
public class GalleryServlet extends ZalleryServlet {
|
||||||
private static Logger logger = LogUtil.getLogger();
|
private static Logger logger = LogUtil.getLogger();
|
||||||
|
|
||||||
|
public static final String JSP_FILE = "gallery.jsp";
|
||||||
|
|
||||||
|
|
||||||
public void doGet(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws SQLException, IOException, ServletException {
|
public void doGet(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws SQLException, IOException, ServletException {
|
||||||
|
User user = AuthenticationManager.getUserSession(request.getSession());
|
||||||
Folder folder;
|
Folder folder;
|
||||||
|
|
||||||
if (request.getParameter("folder") != null && !request.getParameter("folder").equalsIgnoreCase("null"))
|
if (request.getParameter("folder") != null && !request.getParameter("folder").equalsIgnoreCase("null"))
|
||||||
folder = Folder.load(db, Long.parseLong(request.getParameter("folder")));
|
folder = Folder.load(db, Long.parseLong(request.getParameter("folder")));
|
||||||
else {
|
else {
|
||||||
|
|
@ -33,6 +39,7 @@ public class GalleryServlet extends ZalleryServlet {
|
||||||
folder.save(db);
|
folder.save(db);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
List<Media> list = Media.load(db, folder);
|
List<Media> list = Media.load(db, folder);
|
||||||
List<Folder> subFolders = Folder.loadSubFolders(db, folder, user);
|
List<Folder> subFolders = Folder.loadSubFolders(db, folder, user);
|
||||||
|
|
||||||
|
|
@ -41,21 +48,19 @@ public class GalleryServlet extends ZalleryServlet {
|
||||||
request.setAttribute("subfolders", subFolders);
|
request.setAttribute("subfolders", subFolders);
|
||||||
request.setAttribute("media", list);
|
request.setAttribute("media", list);
|
||||||
|
|
||||||
include("header.jsp", request, response);
|
include(JSP_FILE, request, response);
|
||||||
include("gallery.jsp", request, response);
|
|
||||||
include("footer.jsp", request, response);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public void doPost(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws SQLException, IOException, ServletException {
|
public void doPost(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws SQLException, IOException, ServletException {
|
||||||
|
User user = AuthenticationManager.getUserSession(request.getSession());
|
||||||
UserMessage msgs = UserMessage.getUserMessage(request.getSession());
|
UserMessage msgs = UserMessage.getUserMessage(request.getSession());
|
||||||
long id = Long.parseLong(request.getParameter("id"));
|
long id = Long.parseLong(request.getParameter("id"));
|
||||||
|
|
||||||
if (request.getParameter("id") == null) {
|
if (request.getParameter("id") == null) {
|
||||||
msgs.add(UserMessage.MessageType.ERROR, "Missing parameters!");
|
msgs.add(UserMessage.MessageType.ERROR, "id" + lang.getString("error.not.found.parameter"));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
long id = Long.parseLong(request.getParameter("id"));
|
|
||||||
Folder folder = Folder.load(db, id);
|
Folder folder = Folder.load(db, id);
|
||||||
|
|
||||||
switch (request.getParameter("action")) {
|
switch (request.getParameter("action")) {
|
||||||
|
|
@ -66,18 +71,20 @@ public class GalleryServlet extends ZalleryServlet {
|
||||||
|
|
||||||
case "private":
|
case "private":
|
||||||
if (folder != null) {
|
if (folder != null) {
|
||||||
if (user.canEdit(folder)) {
|
if (AuthenticationManager.canEdit(user, folder)) {
|
||||||
folder.setPrivate(!folder.isPrivate());
|
folder.setPrivate(!folder.isPrivate());
|
||||||
folder.save(db);
|
folder.save(db);
|
||||||
if (folder.isPrivate())
|
if (folder.isPrivate())
|
||||||
msgs.add(UserMessage.MessageType.INFO, "Folder is now private (not visible to other users).");
|
msgs.add(UserMessage.MessageType.INFO, lang.getString("info.modify.folder.is.private"));
|
||||||
else
|
else
|
||||||
msgs.add(UserMessage.MessageType.INFO, "Folder is now public (can be viewed by other users).");
|
msgs.add(UserMessage.MessageType.INFO, lang.getString("info.modify.folder.is.public"));
|
||||||
} else
|
} else
|
||||||
msgs.add(UserMessage.MessageType.ERROR, "You are not authorize to edit this folder!");
|
msgs.add(UserMessage.MessageType.ERROR, lang.getString("error.not.allowed.edit.folder"));
|
||||||
} else
|
} else
|
||||||
msgs.add(UserMessage.MessageType.ERROR, "The folder does not exist!");
|
msgs.add(UserMessage.MessageType.ERROR, lang.getString("error.not.found.folder"));
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
doGet(request, response, db);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,7 @@ package zall.page;
|
||||||
import zall.ZalleryServlet;
|
import zall.ZalleryServlet;
|
||||||
import zall.bean.User;
|
import zall.bean.User;
|
||||||
import zall.manager.AuthenticationManager;
|
import zall.manager.AuthenticationManager;
|
||||||
|
import zall.util.UserMessage;
|
||||||
import zutil.db.DBConnection;
|
import zutil.db.DBConnection;
|
||||||
import zutil.log.LogUtil;
|
import zutil.log.LogUtil;
|
||||||
|
|
||||||
|
|
@ -14,8 +15,6 @@ import java.io.IOException;
|
||||||
import java.sql.SQLException;
|
import java.sql.SQLException;
|
||||||
import java.util.logging.Logger;
|
import java.util.logging.Logger;
|
||||||
|
|
||||||
import static zall.ZalleryConstant.SESSION_KEY_USER;
|
|
||||||
|
|
||||||
@WebServlet("/login")
|
@WebServlet("/login")
|
||||||
public class LoginServlet extends ZalleryServlet {
|
public class LoginServlet extends ZalleryServlet {
|
||||||
private static Logger logger = LogUtil.getLogger();
|
private static Logger logger = LogUtil.getLogger();
|
||||||
|
|
@ -29,20 +28,21 @@ public class LoginServlet extends ZalleryServlet {
|
||||||
|
|
||||||
|
|
||||||
public void doPost(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws SQLException, ServletException, IOException {
|
public void doPost(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws SQLException, ServletException, IOException {
|
||||||
|
UserMessage msgs = UserMessage.getUserMessage(request.getSession());
|
||||||
User user = AuthenticationManager.authenticate(db,
|
User user = AuthenticationManager.authenticate(db,
|
||||||
request.getParameter("email"),
|
request.getParameter("email"),
|
||||||
request.getParameter("password"));
|
request.getParameter("password"));
|
||||||
|
|
||||||
// Successfull login
|
// Successful login
|
||||||
if (user != null) {
|
if (user != null) {
|
||||||
user.registerOnHost(request, response, db, true );
|
user.registerOnHost(request, response, db, true );
|
||||||
request.getSession().setAttribute(SESSION_KEY_USER, user);
|
AuthenticationManager.setUserSession(user, request.getSession());
|
||||||
|
|
||||||
forward("/", request, response);
|
forward("/", request, response);
|
||||||
}
|
}
|
||||||
// Failed login
|
// Failed login
|
||||||
else {
|
else {
|
||||||
include(JSP_FILE, request, response);
|
msgs.add(UserMessage.MessageType.ERROR, lang.getString("error.incorrect.user_or_pass"));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -11,21 +11,19 @@ import javax.servlet.http.HttpServletResponse;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.sql.SQLException;
|
import java.sql.SQLException;
|
||||||
|
|
||||||
import static zall.ZalleryConstant.SESSION_KEY_USER;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
@WebServlet(urlPatterns = "/logout")
|
@WebServlet(urlPatterns = "/logout")
|
||||||
public class LogoutServlet extends ZalleryServlet {
|
public class LogoutServlet extends ZalleryServlet {
|
||||||
|
|
||||||
public void doGet(HttpServletRequest req, HttpServletResponse resp, DBConnection db) throws SQLException, IOException {
|
public void doGet(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws SQLException, IOException {
|
||||||
User user = (User) req.getSession().getAttribute(SESSION_KEY_USER);
|
User user = AuthenticationManager.getUserSession(request.getSession());
|
||||||
|
|
||||||
AuthenticationManager.reset(db, user);
|
AuthenticationManager.reset(db, user);
|
||||||
req.getSession().removeAttribute(SESSION_KEY_USER);
|
AuthenticationManager.rmUserSession(request.getSession());
|
||||||
|
|
||||||
resp.sendRedirect("/login");
|
response.sendRedirect("/login");
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,8 @@ package zall.page;
|
||||||
import zall.ZalleryServlet;
|
import zall.ZalleryServlet;
|
||||||
import zall.bean.Comment;
|
import zall.bean.Comment;
|
||||||
import zall.bean.Media;
|
import zall.bean.Media;
|
||||||
|
import zall.bean.User;
|
||||||
|
import zall.manager.AuthenticationManager;
|
||||||
import zall.util.UserMessage;
|
import zall.util.UserMessage;
|
||||||
import zutil.db.DBConnection;
|
import zutil.db.DBConnection;
|
||||||
import zutil.log.LogUtil;
|
import zutil.log.LogUtil;
|
||||||
|
|
@ -20,12 +22,14 @@ import java.util.logging.Logger;
|
||||||
public class MediaServlet extends ZalleryServlet {
|
public class MediaServlet extends ZalleryServlet {
|
||||||
private static Logger logger = LogUtil.getLogger();
|
private static Logger logger = LogUtil.getLogger();
|
||||||
|
|
||||||
|
private static final String JSP_FILE = "media.jsp";
|
||||||
|
|
||||||
|
|
||||||
public void doGet(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws ServletException, SQLException, IOException {
|
public void doGet(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws ServletException, SQLException, IOException {
|
||||||
UserMessage msgs = UserMessage.getUserMessage(request.getSession());
|
UserMessage msgs = UserMessage.getUserMessage(request.getSession());
|
||||||
|
|
||||||
if (request.getParameter("id") == null && request.getParameter("type") == null) {
|
if (request.getParameter("id") == null && request.getParameter("type") == null) {
|
||||||
msgs.add(UserMessage.MessageType.ERROR, "Missing parameters!");
|
msgs.add(UserMessage.MessageType.ERROR, lang.getString("error.not.found.parameter"));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
|
|
@ -37,17 +41,16 @@ public class MediaServlet extends ZalleryServlet {
|
||||||
logger.log(Level.FINE, "", e);
|
logger.log(Level.FINE, "", e);
|
||||||
}
|
}
|
||||||
|
|
||||||
include("header.jsp", request, response);
|
include(JSP_FILE, request, response);
|
||||||
include("media.jsp", request, response);
|
|
||||||
include("footer.jsp", request, response);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public void doPost(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws SQLException {
|
public void doPost(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws SQLException, ServletException, IOException {
|
||||||
UserMessage msgs = UserMessage.getUserMessage(request.getSession());
|
UserMessage msgs = UserMessage.getUserMessage(request.getSession());
|
||||||
|
User user = AuthenticationManager.getUserSession(request.getSession());
|
||||||
long id = Long.parseLong(request.getParameter("id"));
|
long id = Long.parseLong(request.getParameter("id"));
|
||||||
|
|
||||||
if (request.getParameter("id") == null || request.getParameter("type") == null) {
|
if (request.getParameter("id") == null || request.getParameter("type") == null) {
|
||||||
msgs.add(UserMessage.MessageType.ERROR, "Missing parameters!");
|
msgs.add(UserMessage.MessageType.ERROR, lang.getString("error.not.found.parameter"));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -65,7 +68,7 @@ public class MediaServlet extends ZalleryServlet {
|
||||||
media.addComment(cm);
|
media.addComment(cm);
|
||||||
media.save(db);
|
media.save(db);
|
||||||
|
|
||||||
msgs.add(UserMessage.MessageType.INFO, "Comment saved.");
|
msgs.add(UserMessage.MessageType.INFO, lang.getString("info.created.comment"));
|
||||||
break;
|
break;
|
||||||
|
|
||||||
// -----------------------------------------
|
// -----------------------------------------
|
||||||
|
|
@ -74,20 +77,21 @@ public class MediaServlet extends ZalleryServlet {
|
||||||
|
|
||||||
case "modify":
|
case "modify":
|
||||||
if (media != null) {
|
if (media != null) {
|
||||||
if (user.canEdit(media)) {
|
if (AuthenticationManager.canEdit(user, media)) {
|
||||||
media.setTitle(request.getParameter("title"));
|
media.setTitle(request.getParameter("title"));
|
||||||
media.setDescription(request.getParameter("description"));
|
media.setDescription(request.getParameter("description"));
|
||||||
media.save(db);
|
media.save(db);
|
||||||
|
|
||||||
msgs.add(UserMessage.MessageType.INFO, "Item edited successfully.");
|
msgs.add(UserMessage.MessageType.INFO, lang.getString("info.modify.successfully"));
|
||||||
} else
|
} else
|
||||||
msgs.add(UserMessage.MessageType.ERROR, "You are not authorize to modify this item!");
|
msgs.add(UserMessage.MessageType.ERROR, lang.getString("error.not.allowed.edit.media"));
|
||||||
} else
|
} else
|
||||||
msgs.add(UserMessage.MessageType.ERROR, "The item does not exist!");
|
msgs.add(UserMessage.MessageType.ERROR, lang.getString("error.not.found.media"));
|
||||||
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
doGet(request, response, db);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
@ -2,6 +2,7 @@ package zall.page;
|
||||||
|
|
||||||
import zall.ZalleryServlet;
|
import zall.ZalleryServlet;
|
||||||
import zall.bean.User;
|
import zall.bean.User;
|
||||||
|
import zall.manager.AuthenticationManager;
|
||||||
import zall.util.UserMessage;
|
import zall.util.UserMessage;
|
||||||
import zutil.db.DBConnection;
|
import zutil.db.DBConnection;
|
||||||
import zutil.log.LogUtil;
|
import zutil.log.LogUtil;
|
||||||
|
|
@ -18,30 +19,26 @@ import java.util.logging.Logger;
|
||||||
public class ProfileServlet extends ZalleryServlet {
|
public class ProfileServlet extends ZalleryServlet {
|
||||||
private static Logger logger = LogUtil.getLogger();
|
private static Logger logger = LogUtil.getLogger();
|
||||||
|
|
||||||
|
private static final String JSP_FILE = "profile.jsp";
|
||||||
|
|
||||||
public void doGet(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws ServletException{
|
|
||||||
|
public void doGet(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws ServletException, IOException, SQLException {
|
||||||
UserMessage msgs = UserMessage.getUserMessage(request.getSession());
|
UserMessage msgs = UserMessage.getUserMessage(request.getSession());
|
||||||
|
User user = AuthenticationManager.getUserSession(request.getSession());
|
||||||
|
|
||||||
try{
|
if(request.getParameter("id") != null){
|
||||||
if(request.getParameter("id") != null){
|
User profile_user = User.load(db, Long.parseLong( request.getParameter("id") ));
|
||||||
User profile_user = User.load(db, Long.parseLong( request.getParameter("id") ));
|
if(AuthenticationManager.canEdit(user, profile_user)){
|
||||||
if(user.canEdit(profile_user)){
|
request.setAttribute("profile_user", profile_user);
|
||||||
request.setAttribute("profile_user", profile_user);
|
} else {
|
||||||
} else {
|
msgs.add(UserMessage.MessageType.ERROR, lang.getString("error.not.allowed.edit.user"));
|
||||||
msgs.add(UserMessage.MessageType.ERROR, "You do not have permission to edit the user.");
|
}
|
||||||
}
|
} else {
|
||||||
} else {
|
request.setAttribute("profile_user", user);
|
||||||
request.setAttribute("profile_user", user);
|
|
||||||
}
|
|
||||||
|
|
||||||
include("header.jsp", request, response);
|
|
||||||
include("profile.jsp", request, response);
|
|
||||||
include("footer.jsp", request, response);
|
|
||||||
|
|
||||||
} catch (Exception e) {
|
|
||||||
logger.severe(e.getMessage());
|
|
||||||
throw new ServletException(e);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
include(JSP_FILE, request, response);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -12,13 +12,8 @@ import javax.servlet.annotation.WebServlet;
|
||||||
import javax.servlet.http.*;
|
import javax.servlet.http.*;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.sql.SQLException;
|
import java.sql.SQLException;
|
||||||
import java.util.Locale;
|
|
||||||
import java.util.PropertyResourceBundle;
|
|
||||||
import java.util.ResourceBundle;
|
|
||||||
import java.util.logging.Logger;
|
import java.util.logging.Logger;
|
||||||
|
|
||||||
import static zall.ZalleryConstant.LANG_BASENAME;
|
|
||||||
|
|
||||||
@WebServlet("/register")
|
@WebServlet("/register")
|
||||||
public class RegisterServlet extends ZalleryServlet {
|
public class RegisterServlet extends ZalleryServlet {
|
||||||
private static Logger logger = LogUtil.getLogger();
|
private static Logger logger = LogUtil.getLogger();
|
||||||
|
|
@ -38,8 +33,7 @@ public class RegisterServlet extends ZalleryServlet {
|
||||||
|
|
||||||
|
|
||||||
public void doPost(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws SQLException, IOException, ServletException {
|
public void doPost(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws SQLException, IOException, ServletException {
|
||||||
UserMessage msgHandler = UserMessage.getUserMessage(request.getSession());
|
UserMessage msgs = UserMessage.getUserMessage(request.getSession());
|
||||||
ResourceBundle lang = PropertyResourceBundle.getBundle(LANG_BASENAME, Locale.getDefault());
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Check inputs
|
* Check inputs
|
||||||
|
|
@ -52,20 +46,20 @@ public class RegisterServlet extends ZalleryServlet {
|
||||||
String passwordRe = (String)request.getAttribute(INPUT_ID_PASSWORD_REPEATE);
|
String passwordRe = (String)request.getAttribute(INPUT_ID_PASSWORD_REPEATE);
|
||||||
|
|
||||||
if (firstName == null)
|
if (firstName == null)
|
||||||
msgHandler.add(UserMessage.MessageType.ERROR, lang.getString("error.first_name_missing"));
|
msgs.add(UserMessage.MessageType.ERROR, lang.getString("error.not.found.first.name"));
|
||||||
if (lastName == null)
|
if (lastName == null)
|
||||||
msgHandler.add(UserMessage.MessageType.ERROR, lang.getString("error.last_name_missing"));
|
msgs.add(UserMessage.MessageType.ERROR, lang.getString("error.not.found.last.name"));
|
||||||
if (email == null)
|
if (email == null)
|
||||||
msgHandler.add(UserMessage.MessageType.ERROR, lang.getString("error.email_missing"));
|
msgs.add(UserMessage.MessageType.ERROR, lang.getString("error.not.found.email"));
|
||||||
if (password == null)
|
if (password == null)
|
||||||
msgHandler.add(UserMessage.MessageType.ERROR, lang.getString("error.password_missing"));
|
msgs.add(UserMessage.MessageType.ERROR, lang.getString("error.not.found.password"));
|
||||||
if (passwordRe == null)
|
if (passwordRe == null)
|
||||||
msgHandler.add(UserMessage.MessageType.ERROR, lang.getString("error.password_missing"));
|
msgs.add(UserMessage.MessageType.ERROR, lang.getString("error.not.found.password"));
|
||||||
else if (passwordRe.equals(password))
|
else if (passwordRe.equals(password))
|
||||||
msgHandler.add(UserMessage.MessageType.ERROR, lang.getString("error.password_not_matching"));
|
msgs.add(UserMessage.MessageType.ERROR, lang.getString("error.incorrect.password.matching"));
|
||||||
|
|
||||||
if(User.load(db, (String)request.getAttribute(INPUT_ID_EMAIL)) != null){
|
if(User.load(db, (String)request.getAttribute(INPUT_ID_EMAIL)) != null){
|
||||||
msgHandler.add(UserMessage.MessageType.ERROR, lang.getString("error.email_exsists"));
|
msgs.add(UserMessage.MessageType.ERROR, lang.getString("error.email_exists"));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -81,8 +75,8 @@ public class RegisterServlet extends ZalleryServlet {
|
||||||
ZalleryEmail.sendVerificationEmail( user );
|
ZalleryEmail.sendVerificationEmail( user );
|
||||||
request.getSession().setAttribute("user", user);
|
request.getSession().setAttribute("user", user);
|
||||||
logger.info("Registered new user: "+user.getName()+".");
|
logger.info("Registered new user: "+user.getName()+".");
|
||||||
msgHandler.add(UserMessage.MessageType.INFO,
|
msgs.add(UserMessage.MessageType.INFO,
|
||||||
lang.getString("info.account_created") + lang.getString("info.verification_email_sent"));
|
lang.getString("info.created.account") + " " + lang.getString("info.sent.email.verification"));
|
||||||
|
|
||||||
include(JSP_FILE, request, response);
|
include(JSP_FILE, request, response);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -18,6 +18,8 @@ import java.util.logging.Logger;
|
||||||
public class SlideshowServlet extends ZalleryServlet {
|
public class SlideshowServlet extends ZalleryServlet {
|
||||||
private static Logger logger = LogUtil.getLogger();
|
private static Logger logger = LogUtil.getLogger();
|
||||||
|
|
||||||
|
private static final String JSP_FILE = "slideshow.jsp";
|
||||||
|
|
||||||
|
|
||||||
public void doGet(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws ServletException, SQLException, IOException {
|
public void doGet(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws ServletException, SQLException, IOException {
|
||||||
Image image = Image.load(db, Integer.parseInt(request.getParameter("id")));
|
Image image = Image.load(db, Integer.parseInt(request.getParameter("id")));
|
||||||
|
|
@ -27,9 +29,7 @@ public class SlideshowServlet extends ZalleryServlet {
|
||||||
request.setAttribute("image", image);
|
request.setAttribute("image", image);
|
||||||
request.setAttribute("images", list);
|
request.setAttribute("images", list);
|
||||||
|
|
||||||
include("header.jsp", request, response);
|
include(JSP_FILE, request, response);
|
||||||
include("slideshow.jsp", request, response);
|
|
||||||
include("footer.jsp", request, response);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -16,16 +16,15 @@ import java.util.logging.Logger;
|
||||||
|
|
||||||
@WebServlet("/register")
|
@WebServlet("/register")
|
||||||
public class UserListServlet extends ZalleryServlet {
|
public class UserListServlet extends ZalleryServlet {
|
||||||
private static Logger logger = LogUtil.getLogger();
|
private static Logger logger = LogUtil.getLogger();
|
||||||
|
|
||||||
|
private static final String JSP_FILE = "users.jsp";
|
||||||
|
|
||||||
|
|
||||||
public void doGet(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws ServletException, SQLException, IOException {
|
public void doGet(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws ServletException, SQLException, IOException {
|
||||||
List<User> users = User.load(db);
|
List<User> users = User.load(db);
|
||||||
request.setAttribute("users", users);
|
request.setAttribute("users", users);
|
||||||
|
|
||||||
include("header.jsp", request, response);
|
include(JSP_FILE, request, response);
|
||||||
include("users.jsp", request, response);
|
|
||||||
include("footer.jsp", request, response);
|
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue