View Javadoc

1   package org.paneris.user.controller;
2   
3   import java.sql.Connection;
4   import java.sql.ResultSet;
5   import java.sql.Statement;
6   import java.util.Enumeration;
7   
8   import javax.servlet.ServletRequest;
9   
10  import org.paneris.jal.model.DBConnectionManager;
11  import org.paneris.jal.model.Email;
12  import org.paneris.messageboard.model.Board;
13  import org.paneris.messageboard.model.Message;
14  import org.paneris.user.model.User;
15  import org.paneris.util.SessionUtil;
16  import org.webmacro.Template;
17  import org.webmacro.servlet.HandlerException;
18  import org.webmacro.servlet.PanerisPage;
19  import org.webmacro.servlet.WebContext;
20  
21  
22  public class EditUser extends PanerisPage {
23  
24    private static final long serialVersionUID = 1L;
25      private static final boolean debug = false;
26      DBConnectionManager connMgr = DBConnectionManager.getInstance();
27  
28      public Template handle(WebContext context) throws HandlerException {
29  
30  
31  // TimP 07/03/2000
32  // FIXME multi-valued parameters are not catered for
33  // see getParameterValues
34  
35          ServletRequest request = context.getRequest();
36          Enumeration en = request.getParameterNames();
37          while (en.hasMoreElements()) {
38              String name = (String) en.nextElement();
39              String value = request.getParameter(name);
40              context.put(name,value);
41          }
42  
43  
44  
45  
46          String db = (String) context.getForm("db");
47          String submit = (String) context.getForm("submit");
48          String id = (String) context.getForm("id");
49          String templateName = null;
50          boolean newUser = false;
51  
52          try {
53              templateName = User.checkLoggedIn("controller", this.getClass().getName(), context, " update messages.");
54          } catch (Exception e) {
55              throw new HandlerException("Could not get user:" + e.toString());
56          }
57          // if we are 1st time in, save the returnURL
58          if (submit == null) {
59            if (context.getCGI().getHTTP_REFERER() != null) 
60              context.getSession().setAttribute("EditUserReturnURL",
61                                            context.getCGI().getHTTP_REFERER());
62          }
63          // set up the return url
64          SessionUtil.setReturnURL("EditUserReturnURL",context);
65          if (templateName == null) {
66              boolean error = false;
67              try {
68                  Connection conn = connMgr.getConnection("EditUser",db);
69                  Statement s = conn.createStatement();
70                  // check we are editing our own record!
71                  User user = new User(db, new Integer(id));
72                  String origEmail = new String(user.getFieldValue("email")).trim();
73                  String origLogin = new String(user.getFieldValue("loginid").trim()).trim();
74                  user.setFromForm(context,null,false);
75                  context.put("user", user);
76                  templateName = User.checkLoggedInForRecord(user, context, " access the Update pages.");
77                  if (templateName == null) {
78                      templateName = (String) context.getForm("wmtemplate");
79                      if (templateName == null) {
80                          if (id.equals("0")) {
81                              templateName = "user/view/NewUser.wm";
82                              newUser = true;
83                          } else {
84                              templateName = "user/view/EditUser.wm";
85                          }
86                      }
87                      if (submit != null) {
88                          user.generateDetails();
89                          if (id.equals("0") || (!user.getFieldValue("email").equalsIgnoreCase(origEmail))) {
90                      // new record - need to test if email and loginid are unique
91                              String sqlString = "SELECT id FROM users WHERE TRIM(";
92                              if (connMgr.getDatabaseEngineType(db) == DBConnectionManager.ACCESS) {
93                                  sqlString += "UCASE";
94                              } else {
95                                  sqlString += "UPPER";
96                              }
97                              sqlString += "(email)) = '" + user.getFieldValue("email").toUpperCase() + "'";
98                              if (debug)
99                                System.err.println("sqlString" + sqlString);
100                             ResultSet rs = s.executeQuery(sqlString);
101                             if (rs.next()) {
102                               // this user exists!
103                                 context.put("error", "emailfound");
104                                 error = true;
105                             }
106                         }
107                         if (!error && (id.equals("0") || (!user.getFieldValue("loginid").equals(origLogin)))) {
108                        // check the loginid
109                             String sqlString = "SELECT id FROM users WHERE TRIM(loginid) = '" + user.getFieldValue("loginid") + "'";
110                             if (debug)
111                               System.err.println("sqlString" + sqlString);
112                             ResultSet rs = s.executeQuery(sqlString);
113                             if (rs.next()) {
114                         // this user exists!
115                                 context.put("error", "loginidfound");
116                                 error = true;
117                             }
118                         }
119                         if (error) {
120                             // reset user
121                             user = new User(db, new Integer(id));
122                             user.setFromForm(context,null,false);
123                             context.put("user", user);
124                         } else {
125                             user.write();
126                             context.put("id",user.getFieldValue("id"));
127 
128                             if (newUser) {
129                                 // now inform the user that they have joined, 
130                                 // also (optionally) inform another messageboard
131                                 User systemuser = User.getSystemUser(db);
132                                 String message = "Thank you for registering with PanEris.";
133                                 message += "\n\nYou can now subscribe to messageboards, or record time against projects.\n";
134                                 message += "\n\nYour details:\n";
135                                 message += "\nLogin Id: " + user.getFieldValue("loginid");
136                                 message += "\nPassword: " + user.getFieldValue("password");
137                                 message += "\n\nPanEris messageboards will ONLY accept email from: " + user.getFieldValue("email");
138                                 message += "\n\nYou can modify your details at http://www.paneris.org/\n";
139 
140                                 Email.send(db, systemuser.getFieldValue("email"), user.getFieldValue("email"), "", "Welcome to PanEris ", message);
141                                 // now inform lurker
142                                 Message m = new Message(db);
143                                 message = "A new user has joined PanEris.";
144                                 message += "\n\nTheir details are:";
145                                 message += "\nName: " + user.getFieldValue("username");
146                                 message += "\nEmail: " + user.getFieldValue("email");
147                                 m.setFieldValue("message", message);
148                                 m.setFieldValue("parent", "0");
149                                 m.setFieldValue("subject", user.getFieldValue("username") +" has registered with paneris");
150                                 m.setFieldValue("board", Board.getLurkerBoard(db));
151                                 if (systemuser != null) {
152                                     m.setFieldValue("author", systemuser.getFieldValue("id"));
153                                 }
154                                 m.write();
155                                 m.distribute();
156                             }
157                             // refresh the session
158                             user.refresh(context);
159                             templateName = (String) context.getForm("wmtemplate");
160                             if (templateName == null) templateName = "user/view/EditUserSuccess.wm";
161                         }
162                     }
163                 }
164                 connMgr.freeConnection(db, conn);
165             } catch (Exception e) {
166                 throw new HandlerException(e.toString());
167             }
168         }
169         // return the appropriate template
170         try {
171             return (Template) context.getBroker().get("template",templateName);
172         } catch (Exception e) {
173             throw new HandlerException("Could not locate template: " + templateName);
174         }
175     }
176 }