package zall;
import java.io.File;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import zall.bean.Folder;
import zall.bean.Image;
import zall.bean.Media;
import zall.bean.User;
import zall.util.Email;
import zall.util.facebook.FBUser;
import zall.util.facebook.FacebookConnect;
import zall.util.msg.UserMessage;
import zall.util.msg.UserMessage.MessageType;
import zutil.db.DBConnection;
import zutil.db.bean.DBBean;
import zutil.log.LogUtil;
public class Zallery extends HttpServlet{
private static Logger logger = LogUtil.getLogger();
private static final long serialVersionUID = 1L;
public static String WEBSITE_NAME = "Example.com";
public static String WEBSITE_URL = "http://example.com";
public static String THEME = "";
public static String ROOT_PATH = "";
public static String DATA_PATH = "";
/**
* Config Options:
*
- WEBSITE_NAME
*
- WEBSITE_URL
*
- SMTP_HOST
*
- DATA_PATH
*
- THEME
*
- FB_APPID
*
- FB_APPSEC
*/
public void init(ServletConfig config) throws ServletException {
super.init(config);
ROOT_PATH = config.getServletContext().getRealPath("/");
if( config.getInitParameter("WEBSITE_NAME") != null )
WEBSITE_NAME = config.getInitParameter("WEBSITE_NAME");
if( config.getInitParameter("WEBSITE_URL") != null ){
WEBSITE_URL = config.getInitParameter("WEBSITE_URL");
if( WEBSITE_URL.charAt(WEBSITE_URL.length()-1) != '/')
WEBSITE_URL += "/";
}
if( config.getInitParameter("SMTP_HOST") != null )
Email.setServer( config.getInitParameter("SMTP_HOST") );
if( config.getInitParameter("DATA_PATH") != null )
DATA_PATH = config.getInitParameter("DATA_PATH");
else
throw new ServletException("Missing DATA_PATH parameter!");
if( config.getInitParameter("THEME") != null )
THEME = config.getInitParameter("THEME");
if( config.getInitParameter("FB_APPID") != null &&
config.getInitParameter("FB_APPID") != null)
FacebookConnect.setApplicationID(
config.getInitParameter("FB_APPID"),
config.getInitParameter("FB_APPSEC"));
LogUtil.setLevel("zall", Level.FINEST);
//LogUtil.setLevel("zutil", Level.FINEST);
}
public void destroy(){
DBBean.cancelGBC();
}
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException{
DBConnection db = null;
try{
doGet(request, response, db = getDB());
} finally{
if(db != null) db.close();
}
}
public void doGet(HttpServletRequest request, HttpServletResponse response, DBConnection db) throws ServletException{
try{
response.setContentType("text/html");
HttpSession session = request.getSession();
String page = new File(request.getRequestURI()).getName();
request.setAttribute("page", page);
User user = (User) session.getAttribute("user");
FacebookConnect fbc = (FacebookConnect) session.getAttribute("facebook");
if( fbc == null )
fbc = FacebookConnect.getConnection( request.getCookies() );
String action = request.getParameter("action");
if( action == null ) action = "";
UserMessage msgs = UserMessage.getUserMessage(session);
// Take care of facebook open graph
if( request.getHeader("User-Agent").startsWith("facebookexternalhit/1.1") && page.startsWith("media") ){
PrintWriter out = response.getWriter();
out.print(""+
""+
""+
""+
""+
""+
""+
""+
"");
return;
}
// Verify email address
if( action.equalsIgnoreCase("verfemail") ){
User verfuser = User.load(db, Long.parseLong(request.getParameter("id")));
if( verfuser.verifyEmail(request.getParameter("hash")) ){
ZalleryAjax.sendEmailNewUserToAdmin(verfuser, db);
verfuser.save(db);
msgs.add(MessageType.INFO, "Your email has been successfully verified.");
msgs.add(MessageType.WARNING, "The account is waiting account activation by an admin.");
}
else
msgs.add(MessageType.ERROR, "Email verification failed!");
}
// auth with facebook
if( user == null ){
if( fbc != null ){
FBUser fb_user = fbc.getUser();
user = User.loadByFacebook(request, response, db, fb_user.getUID() );
// New user?
if( user == null ){
logger.info("Creating new user from Facebook login.");
user = new User();
user.setFacebookUid( fb_user.getUID() );
user.setName( fb_user.getName() );
user.setEmail( "" );
user.registerOnHost(request, response, db, false );
ZalleryAjax.sendEmailNewUserToAdmin(user, db);
msgs.add(MessageType.INFO, "Your account has successfully been created. The account is waiting account activation by an admin.");
}
logger.info("Used Facebook to auth User: \""+user.getName()+"\".");
user.registerOnHost(request, response, db, false );
session.setAttribute("user", user);
session.setAttribute("facebook", fbc);
user.save(db);
//if( page.startsWith("login") )
response.sendRedirect( "gallery" );
//else
// response.sendRedirect( page );
return;
}
}
// auth with cookie
if( user == null ){
user = User.loadByCookie(request, db, getCookieValue(request.getCookies(), "sessionHash") );
if(user != null){
logger.info("Used cookies to auth User: \""+user.getName()+"\".");
session.setAttribute("user", user);
}
}
if( user == null && ( !page.startsWith("register") && !page.startsWith("login") )){
//response.sendRedirect("login?redirect=\""+getUrl(request)+"\"");
response.sendRedirect("login");
return;
}
// validate user or Logout
if( user != null && ( !user.valid(request) || page.startsWith("logout") )){
logger.info("Logging Out User: \""+user.getName()+"\".");
session.invalidate();
session = request.getSession( true );
msgs.setSession( session );
if( fbc != null ) fbc.logout( response );
user.logout( response );
if( !user.isEmailVerified() )
msgs.add(MessageType.ERROR, "Your email has not been verified!");
else if( !user.isEnabled() )
msgs.add(MessageType.ERROR, "Your account is disabled! Please contact the website administrator.");
else
msgs.add(MessageType.WARNING, "Your have been logged out.");
user = null;
response.sendRedirect("login");
return;
}
//**********************************************************
String include_jsp = null;
if( user != null ){
logger.finest("Valid user: \""+user.getName()+"\"");
// Register facebook on user
if( user.getFacebookUid() == null && fbc != null){
FBUser fb_user = fbc.getUser();
user.setFacebookUid( fb_user.getUID() );
msgs.add(MessageType.INFO, "Facebook connected to your account.");
}
// Import JSP pages
if(page.startsWith("media")){
try{
if( request.getParameter("id") == null && request.getParameter("type") == null){
msgs.add(MessageType.ERROR, "Missing parameters!");
return;
}
int id = Integer.parseInt( request.getParameter("id") );
Media media = Media.load(db, request.getParameter("type"), id);
request.setAttribute("media", media);
include_jsp = "media.jsp";
}catch(NumberFormatException e){ logger.log(Level.FINE, "", e); }
}
else if(page.startsWith("login")){
include_jsp = "login.jsp";
}
else if(page.startsWith("profile")){
if( request.getParameter("id") != null ){
User profile_user = User.load(db, Long.parseLong( request.getParameter("id") ));
if( user.canEdit( profile_user )){
request.setAttribute("profile_user", profile_user);
include_jsp = "profile.jsp";
}else{
msgs.add(MessageType.ERROR, "You do not have permission to edit this user.");
}
}else{
request.setAttribute("profile_user", user);
include_jsp = "profile.jsp";
}
}
else if(page.startsWith("users")){
List users = User.load(db);
request.setAttribute("users", users);
include_jsp = "users.jsp";
}
else if(page.startsWith("upload")){
List dirList = Folder.load(db, user);
request.setAttribute("folders", dirList);
include_jsp = "upload.jsp";
}
else if( page.startsWith("slideshow") ){
Image image = Image.load(db, Integer.parseInt( request.getParameter("id") ));
request.setAttribute("image", image );
List list = Image.loadFolder(db, image.getFolder());
request.setAttribute("image", image);
request.setAttribute("images", list);
include_jsp = "slideshow.jsp";
}
else { // if(page.startsWith("gallery"))
Folder folder = null;
if(request.getParameter("folder") != null && !request.getParameter("folder").equalsIgnoreCase("null"))
folder = Folder.load(db, Long.parseLong(request.getParameter("folder")) );
else{
folder = Folder.loadRoot(db);
// Setup new root folder
if( folder == null ){
folder = Folder.genRoot();
folder.save(db);
}
}
List list = Media.load(db, folder);
List subFolders = Folder.loadSubFolders(db, folder.getId());
//session.setAttribute("user", user);
request.setAttribute("folder", folder);
request.setAttribute("subfolders", subFolders);
request.setAttribute("media", list);
include_jsp = "gallery.jsp";
}
}
else if(page.startsWith("register")){
include_jsp = "register.jsp";
}
else if(page.startsWith("login")){
include_jsp = "login.jsp";
}
else{
//response.sendRedirect("login?redirect=\""+getUrl(request)+"\"");
response.sendRedirect("login");
return;
}
include("header.jsp", request, response);
if( include_jsp != null )
include(include_jsp, request, response);
include("footer.jsp", request, response);
} catch (Exception e) {
logger.severe(e.getMessage());
System.out.flush();
throw new ServletException(e);
} finally{
if(db != null) db.close();
}
}
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException{
try {
include("ajax", request, response);
// RequestDispatcher include header read only workaround
HttpSession session = request.getSession();
User user = (User) session.getAttribute("user");
if( user != null ){
Cookie c = new Cookie("sessionHash", user.getSessionHash() );
c.setMaxAge(5*24*60*60); // 5 days
response.addCookie( c );
}
// Do the output
doGet(request, response);
} catch (Exception e) {
logger.severe(e.getMessage());
throw new ServletException(e);
}
}
public static DBConnection getDB() throws ServletException{
try {
return new DBConnection("jdbc/mysql");
} catch (Exception e) {
throw new ServletException(e);
}
}
protected void include(String url, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException{
RequestDispatcher dispatcher = getServletContext().getRequestDispatcher(THEME+"/"+url);
if (dispatcher != null)
dispatcher.include(request, response);
}
public static String getCookieValue(Cookie[] cookies, String name) {
if( cookies == null )
return null;
for(Cookie cookie : cookies) {
if ( name.equals(cookie.getName()) )
return cookie.getValue();
}
return null;
}
public static String getWebsiteName() {
return WEBSITE_NAME;
}
public static String getWebsiteURL() {
return WEBSITE_URL;
}
// /mywebapp/servlet/MyServlet/a/b;c=123?d=789
public static String getUrl(HttpServletRequest req) {
String reqUri = req.getRequestURI().toString();
String queryString = req.getQueryString(); // d=789
if (queryString != null) {
reqUri += "?"+queryString;
}
return reqUri;
}
}