import java.io.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;

public class ProcessLogout extends HttpServlet {
    
  public void doGet (HttpServletRequest request,
                     HttpServletResponse response)
      throws ServletException, IOException {

    doPost(request,response);
  }

  public void doPost (HttpServletRequest request,
                     HttpServletResponse response)
      throws ServletException, IOException {

    ServletContext context = getServletContext();
	response.setContentType("text/html");
	PrintWriter out = response.getWriter();
     

    String cno[] = request.getParameterValues("customerId");	
    String uAccess[] = request.getParameterValues("uAccess");	
    String choice[] = request.getParameterValues("choice");	
    String cartno[] = request.getParameterValues("cartno");	

	try {
	  Class.forName("oracle.jdbc.driver.OracleDriver");
    } catch(ClassNotFoundException e){
	    out.println("Error loading the Driver:"+e.getMessage()); 
        return;
	  }
	
	Connection conn = null;
	
	try {
	  conn = DriverManager.getConnection (
         MyUtilities.CONNECTSTRING,MyUtilities.ID,MyUtilities.PASSWORD);
	} catch (SQLException e1) {
	    out.println("Error connecting to Oracle:"+e1.getMessage()); 
        return;
	  }
    if (conn == null) {
      out.println("Null Connection");
      return;
    }
	
	Statement stmt = null;
	try {
	  stmt = conn.createStatement ();
	} catch (SQLException e) {
	    out.println("createStatement " + e.getMessage());
        try {conn.close();} catch (SQLException e2) {};
        return;
	  }
	
	ResultSet rset = null;
	
    String query0 = "select u_access from customers where cno='"+ cno[0]+"'";
	try {
	    rset = stmt.executeQuery(query0);
	} catch (SQLException e) {
	    out.println("executeQuery " + e.getMessage());
        return;
      }
	try {
	  if (!(rset.next())) {
        out.println("Session has already expired!");
        return;
      }
      else if (!(uAccess[0].equals(rset.getString(1)))) {
          out.println("Session has already expired!");
          return;
        }
      else { // everything is fine
        String sTrack = "select 1440*(sysdate-l_access) from customers where cno='" + cno[0] + "'";
        rset = stmt.executeQuery(sTrack);
        rset.next();
        if (rset.getDouble(1) > 10.0) {
                      out.println("<html>");
            out.println("  <head>");
            out.println("    <title>Logout Page</title>");
            out.println("  </head>");
            out.println("  <body>");

            int nRows = stmt.executeUpdate("update customers set u_access = null where cno='" + cno[0] + "'");
            out.println("Your session has expired!<BR> Please Login again to continue shopping.");
            out.println("</center>");
            out.println("</body>");
            out.println("</html>");
            return;
         }
                               
         int nRows = stmt.executeUpdate("update customers set l_access = sysdate where cno='" + cno[0] + "'");


        if (choice[0].equals("CheckOut")) {
//Insert into orders
        String query3 = "insert into orders values(o_seq.nextval, " + "'"+ cno[0] + "',sysdate, null)";
        nRows = stmt.executeUpdate(query3);
        int orderNo = 0;
        String query2 = "select o_seq.currval from dual";
        rset = stmt.executeQuery(query2);
        if (rset.next())
          orderNo = rset.getInt(1);

//Insert into odetails
        Statement stmt2 = conn.createStatement();
        String query4 = "select pno, qty from cart where cno='" + cno[0] + "'";
        rset = stmt.executeQuery(query4);
        while (rset.next()) {
          String query5 = " insert into odetails values(" + orderNo + "," + rset.getInt(1) + "," + rset.getInt(2) + ")";
          nRows = stmt2.executeUpdate(query5);
        }

//Delete from cart
        nRows = stmt.executeUpdate("delete from cart where cno='" + cno[0] + "'");                                                                        

// Print Invoice (name, address)
        String query6 = "select cname, street, city,state, zip from customers where cno='" + cno[0] + "'";
        try {
          rset = stmt.executeQuery(query6);
        } catch (SQLException e) {
            out.println("executeQuery2 " + e.getMessage());
            return;
          }
        rset.next();
        out.println("<html>");
        out.println("  <head>");
        out.println("    <title>Invoice</title>");
        out.println("  </head>");
        out.println("  <body>");
        out.println("<center>");
        out.println("<B>Invoice for " + rset.getString(1) + "</B><BR><BR>");
        out.println("<table>");
        out.println("<tr>");
        out.println("<td>Shipping Address: </td>");
        out.println("<td>" + rset.getString(2) + "</td> ");
        out.println("</tr>");
        out.println("<tr>");
        out.println("<td></td>");
        out.println("<td>" + rset.getString(3) + ", " + rset.getString(4) + " "
+ rset.getString(5) + "</td>");
        out.println("</tr>");
        out.println("</table>");
        out.println("<BR>");
        out.println("<BR>");
        out.println("<BR>");

//Print purchase details
        String query7 = "select o.pno, p.pname, o.qty, p.price, o.qty*p.price from odetails o, parts p where o.ono='" + orderNo + "' and o.pno = p.pno";
        try {
          rset = stmt.executeQuery(query7);
        } catch (SQLException e) {
            out.println("executeQuery " + e.getMessage());
            return;
          }
        out.println("Order Number: " + orderNo + "<BR>");
        double sum = 0.0d;
        out.println("<table border=2>");
        out.println("<tr>");
        out.println("<th>PNO</th>");
        out.println("<th>PNAME</th>");
        out.println("<th>PRICE</th>");
        out.println("<th>QTY</th>");
        out.println("<th>COST</th>");
        out.println("</tr>");
        while (rset.next()) {
          out.println("<tr>");
          out.println("<td>" + rset.getString(1) + "</td>");
          out.println("<td>" + rset.getString(2) + "</td>");
          out.println("<td align=\"right\">" + rset.getString(4) + "</td>");
          out.println("<td align=\"right\">" +  rset.getInt(3) + "</td>");
          out.println("<td align=\"right\">" + rset.getString(5) + "</td>");
          sum += Double.valueOf(rset.getString(5)).doubleValue();
          out.println("</tr>");
        }
        out.println("<tr>");
        out.println("<td align=\"right\" colspan=4>Total Cost:</td>");
        out.println("<td align=\"right\">" + sum + "</td>");
        out.println("</tr>");
        out.println("</table><BR><BR>");
        out.println("<BR><BR>Please print a copy of the invoice for your records");
        out.println("</center>");
        out.println("</body>");
        out.println("</html>");                              
        } else if (choice[0].equals("Save Cart and Logout")) {
            out.println("<html>");
            out.println("  <head>");
            out.println("    <title>Logout Page</title>");
            out.println("  </head>");
            out.println("  <body>");

            nRows = stmt.executeUpdate("update customers set u_access = null where cno='" + cno[0] + "'"); 

            out.println("Your cart has been saved. Logout successful!<BR> Thank You for Shopping with Web Shopping");
            out.println("</center>");
            out.println("</body>");
            out.println("</html>");                                             
        } else {
            out.println("<html>");
            out.println("  <head>");
            out.println("    <title>Logout Page</title>");
            out.println("  </head>");
            out.println("  <body>");


            nRows = stmt.executeUpdate("delete from cart where cno='" + cno[0] + "'"); 
            nRows = stmt.executeUpdate("update customers set u_access = null where cno='" + cno[0] + "'"); 

            out.println("Logged Out!<BR> Thank You for Shopping with Web Shopping");
            out.println("</center>");
            out.println("</body>");
            out.println("</html>");                                             
        } 
      }
    } catch (SQLException e) {
         out.println("executeQuery " + e.getMessage());
         return;
      }

	
    try {
      stmt.close();
      conn.close();	
    } catch (SQLException e) {
        out.println("executeQuery " + e.getMessage());
        return;
      }
    
    out.close();
  }
    
    
  public String getServletInfo() {
    return "This Servlet processes Customer Login";
  }
}