import java.io.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class ProcessLogout extends HttpServlet {
public void doGet (HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
doPost(request,response);
}
public void doPost (HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
ServletContext context = getServletContext();
response.setContentType("text/html");
PrintWriter out = response.getWriter();
String cno[] = request.getParameterValues("customerId");
String uAccess[] = request.getParameterValues("uAccess");
String choice[] = request.getParameterValues("choice");
String cartno[] = request.getParameterValues("cartno");
try {
Class.forName("oracle.jdbc.driver.OracleDriver");
} catch(ClassNotFoundException e){
out.println("Error loading the Driver:"+e.getMessage());
return;
}
Connection conn = null;
try {
conn = DriverManager.getConnection (
MyUtilities.CONNECTSTRING,MyUtilities.ID,MyUtilities.PASSWORD);
} catch (SQLException e1) {
out.println("Error connecting to Oracle:"+e1.getMessage());
return;
}
if (conn == null) {
out.println("Null Connection");
return;
}
Statement stmt = null;
try {
stmt = conn.createStatement ();
} catch (SQLException e) {
out.println("createStatement " + e.getMessage());
try {conn.close();} catch (SQLException e2) {};
return;
}
ResultSet rset = null;
String query0 = "select u_access from customers where cno='"+ cno[0]+"'";
try {
rset = stmt.executeQuery(query0);
} catch (SQLException e) {
out.println("executeQuery " + e.getMessage());
return;
}
try {
if (!(rset.next())) {
out.println("Session has already expired!");
return;
}
else if (!(uAccess[0].equals(rset.getString(1)))) {
out.println("Session has already expired!");
return;
}
else { // everything is fine
String sTrack = "select 1440*(sysdate-l_access) from customers where cno='" + cno[0] + "'";
rset = stmt.executeQuery(sTrack);
rset.next();
if (rset.getDouble(1) > 10.0) {
out.println("");
out.println("
");
out.println(" Logout Page");
out.println(" ");
out.println(" ");
int nRows = stmt.executeUpdate("update customers set u_access = null where cno='" + cno[0] + "'");
out.println("Your session has expired!
Please Login again to continue shopping.");
out.println("");
out.println("");
out.println("");
return;
}
int nRows = stmt.executeUpdate("update customers set l_access = sysdate where cno='" + cno[0] + "'");
if (choice[0].equals("CheckOut")) {
//Insert into orders
String query3 = "insert into orders values(o_seq.nextval, " + "'"+ cno[0] + "',sysdate, null)";
nRows = stmt.executeUpdate(query3);
int orderNo = 0;
String query2 = "select o_seq.currval from dual";
rset = stmt.executeQuery(query2);
if (rset.next())
orderNo = rset.getInt(1);
//Insert into odetails
Statement stmt2 = conn.createStatement();
String query4 = "select pno, qty from cart where cno='" + cno[0] + "'";
rset = stmt.executeQuery(query4);
while (rset.next()) {
String query5 = " insert into odetails values(" + orderNo + "," + rset.getInt(1) + "," + rset.getInt(2) + ")";
nRows = stmt2.executeUpdate(query5);
}
//Delete from cart
nRows = stmt.executeUpdate("delete from cart where cno='" + cno[0] + "'");
// Print Invoice (name, address)
String query6 = "select cname, street, city,state, zip from customers where cno='" + cno[0] + "'";
try {
rset = stmt.executeQuery(query6);
} catch (SQLException e) {
out.println("executeQuery2 " + e.getMessage());
return;
}
rset.next();
out.println("");
out.println(" ");
out.println(" Invoice");
out.println(" ");
out.println(" ");
out.println("");
out.println("Invoice for " + rset.getString(1) + "
");
out.println("");
out.println("");
out.println("Shipping Address: | ");
out.println("" + rset.getString(2) + " | ");
out.println("
");
out.println("");
out.println(" | ");
out.println("" + rset.getString(3) + ", " + rset.getString(4) + " "
+ rset.getString(5) + " | ");
out.println("
");
out.println("
");
out.println("
");
out.println("
");
out.println("
");
//Print purchase details
String query7 = "select o.pno, p.pname, o.qty, p.price, o.qty*p.price from odetails o, parts p where o.ono='" + orderNo + "' and o.pno = p.pno";
try {
rset = stmt.executeQuery(query7);
} catch (SQLException e) {
out.println("executeQuery " + e.getMessage());
return;
}
out.println("Order Number: " + orderNo + "
");
double sum = 0.0d;
out.println("");
out.println("");
out.println("PNO | ");
out.println("PNAME | ");
out.println("PRICE | ");
out.println("QTY | ");
out.println("COST | ");
out.println("
");
while (rset.next()) {
out.println("");
out.println("" + rset.getString(1) + " | ");
out.println("" + rset.getString(2) + " | ");
out.println("" + rset.getString(4) + " | ");
out.println("" + rset.getInt(3) + " | ");
out.println("" + rset.getString(5) + " | ");
sum += Double.valueOf(rset.getString(5)).doubleValue();
out.println("
");
}
out.println("");
out.println("Total Cost: | ");
out.println("" + sum + " | ");
out.println("
");
out.println("
");
out.println("
Please print a copy of the invoice for your records");
out.println("");
out.println("");
out.println("");
} else if (choice[0].equals("Save Cart and Logout")) {
out.println("");
out.println(" ");
out.println(" Logout Page");
out.println(" ");
out.println(" ");
nRows = stmt.executeUpdate("update customers set u_access = null where cno='" + cno[0] + "'");
out.println("Your cart has been saved. Logout successful!
Thank You for Shopping with Web Shopping");
out.println("");
out.println("");
out.println("");
} else {
out.println("");
out.println(" ");
out.println(" Logout Page");
out.println(" ");
out.println(" ");
nRows = stmt.executeUpdate("delete from cart where cno='" + cno[0] + "'");
nRows = stmt.executeUpdate("update customers set u_access = null where cno='" + cno[0] + "'");
out.println("Logged Out!
Thank You for Shopping with Web Shopping");
out.println("");
out.println("");
out.println("");
}
}
} catch (SQLException e) {
out.println("executeQuery " + e.getMessage());
return;
}
try {
stmt.close();
conn.close();
} catch (SQLException e) {
out.println("executeQuery " + e.getMessage());
return;
}
out.close();
}
public String getServletInfo() {
return "This Servlet processes Customer Login";
}
}