/**
** MessageController.java
** Requests related to messages
** @author Jack Wootton
**/
import javax.servlet.http.*;
import javax.servlet.*;
import java.io.IOException;
import java.lang.String;
import java.util.*;
import beans.jw.*;
public class MessageController extends HttpServlet
{
private ServletContext context;
HttpSession session;
public void init(ServletConfig config) throws ServletException
{
super.init(config);
context = getServletContext();
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
{
String strType = request.getParameter("txtAction");
if (strType.equals(context.getInitParameter("ACTION_CODE_REPLY")))
{
int userID = Integer.parseInt(request.getParameter("memberID"));
int threadID = Integer.parseInt(request.getParameter("threadID"));
String msg = request.getParameter("msg");
if(reply(threadID, msg, userID))
{
try {
response.sendRedirect("ThreadController?txtAction=" + context.getInitParameter("ACTION_CODE_VIEW_MESSAGE") + "&ID=" + threadID);
} catch(Exception e) {
System.out.println(e.toString());
}
}
else
{
try {
response.sendRedirect("reply.jsp?ID=" + threadID + "&reason=failed");
} catch(Exception e) {
System.out.println(e.toString());
}
}
}
else if (strType.equals(context.getInitParameter("ACTION_CODE_EDIT_MESSAGE")))
{
int msgID = Integer.parseInt(request.getParameter("msgID"));
session = request.getSession(true);
retrieveMessage(msgID);
try {
response.sendRedirect("/forum/editMessage.jsp");
} catch(Exception e) {
System.out.println(e.toString());
}
}
else if (strType.equals(context.getInitParameter("ACTION_CODE_SAVE_EDIT")))
{
int msgID = Integer.parseInt(request.getParameter("messageID"));
int threadID = Integer.parseInt(request.getParameter("threadID"));
String msg = request.getParameter("msg");
session = request.getSession(true);
if(editMessage(msgID, msg, threadID))
{
try {
response.sendRedirect("ThreadController?txtAction=" + context.getInitParameter("ACTION_CODE_VIEW_MESSAGE") + "&ID=" + threadID);
} catch(Exception e) {
System.out.println(e.toString());
}
}
else
{
try {
response.sendRedirect("/forum/editMessage.jsp?reason=failed");
} catch(Exception e) {
System.out.println(e.toString());
}
}
}
else if (strType.equals(context.getInitParameter("ACTION_CODE_REMOVE_MSG")))
{
int msgID = Integer.parseInt(request.getParameter("ID"));
int threadID = Integer.parseInt(request.getParameter("threadID"));
removeMsg(msgID, threadID);
try {
response.sendRedirect("ThreadController?txtAction=" + context.getInitParameter("ACTION_CODE_VIEW_MESSAGE") + "&ID=" + threadID);
} catch(Exception e) {
System.out.println(e.toString());
}
}
}
public void doGet (HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException
{
doPost(request, response);
}
public String HTML2ASCII(String msg)
{
String ret = "";
ret = msg.replaceAll("<","<");
ret = ret.replaceAll(">",">");
ret = ret.replaceAll("\"",""");
ret = ret.replaceAll("'","'");
return ret;
}
public String return2BR(String msg)
{
String ret;
ret = msg.replaceAll("\n","
");
return ret;
}
public String BR2return(String msg)
{
String ret;
ret = msg.replaceAll("
","\n");
return ret;
}
public boolean reply(int threadID, String msg, int userID)
{
if( !(msg.trim().equals("")) )
{
msg = HTML2ASCII(msg); // convert dangerous HTMl chars to ASCII before inserting them
msg = return2BR(msg); // map textbox formatting to html formatting
SQLResult replies = new SQLResult();
Conn conn = new Conn();
conn.open();
conn.SQLUpdate("INSERT INTO MESSAGE (threadID, dateCreated, timeCreated, member, message)" +
"VALUES (" + threadID + "," +
"SYSDATE()" + "," +
"CURTIME()" + "," +
userID + ",'" +
msg + "')");
replies = conn.SQL2Vec("SELECT REPLIES FROM THREAD WHERE THREADID=" + threadID);
conn.SQLUpdate("UPDATE THREAD SET DATELASTUSED=SYSDATE() , TIMELASTUSED=CURTIME() , " +
"REPLIES=" + (Integer.parseInt(replies.getEntry("REPLIES", 0)) + 1) +
" WHERE THREADID=" + threadID);
conn.close();
return true;
}
return false;
}
public boolean editMessage(int messageID, String msg, int threadID)
{
if(!msg.trim().equals(""))
{
msg = HTML2ASCII(msg);
msg = return2BR(msg);
Conn conn = new Conn();
conn.open();
conn.SQLUpdate("UPDATE MESSAGE SET MESSAGE='" + msg + "' WHERE MESSAGEID=" + messageID);
conn.SQLUpdate("UPDATE THREAD SET DATELASTUSED=SYSDATE() , TIMELASTUSED=CURTIME() WHERE THREADID=" + threadID);
conn.close(); // clean up
return true;
}
return false;
}
public void retrieveMessage(int messageID)
{
Conn conn = new Conn();
SQLResult editMsg = new SQLResult();
Message message = new Message();
conn.open();
editMsg = conn.SQL2Vec("SELECT * FROM MESSAGE WHERE MESSAGEID=" + messageID);
conn.close(); // clean up
message.setMessage( BR2return(editMsg.getEntry("MESSAGE", 0)) );
message.setThreadID( Integer.parseInt(editMsg.getEntry("THREADID", 0)) );
message.setMessageID( Integer.parseInt(editMsg.getEntry("MESSAGEID", 0)) );
message.setMemberID( Integer.parseInt(editMsg.getEntry("MEMBER", 0)) );
message.setDate( editMsg.getEntry("DATE", 0) );
message.setTime( editMsg.getEntry("TIME", 0) );
session.setAttribute("SQLMsg", message);
}
public void removeMsg(int ID, int threadID)
{
Conn conn = new Conn();
SQLResult replies = new SQLResult();
conn.open();
conn.SQLUpdate("DELETE FROM MESSAGE WHERE MESSAGEID=" + ID);
replies = conn.SQL2Vec("SELECT REPLIES FROM THREAD WHERE THREADID=" + threadID);
conn.SQLUpdate("UPDATE THREAD SET REPLIES=" + (Integer.parseInt(replies.getEntry("REPLIES", 0)) - 1) +
" WHERE THREADID=" + threadID);
conn.close(); // clean up
}
}