import java.io.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class UpdateProfile extends HttpServlet {
public static Connection conn;
public static Statement stmt;
public void doGet (HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
doPost(request, response);
}
public void doPost (HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("
Customer Menu");
out.println("");
String cno[] = request.getParameterValues("customerId");
String uAccess[] = request.getParameterValues("uAccess");
try {
Class.forName("oracle.jdbc.driver.OracleDriver");
} catch(ClassNotFoundException e){
out.println("Error loading the Driver:"+e.getMessage());
return;
}
Connection conn = null;
try {
conn = DriverManager.getConnection (
MyUtilities.CONNECTSTRING,MyUtilities.ID,MyUtilities.PASSWORD);
} catch (SQLException e1) {
out.println("Error connecting to Oracle:"+e1.getMessage());
return;
}
if (conn == null) {
out.println("Null Connection");
return;
}
Statement stmt = null;
try {
stmt = conn.createStatement ();
} catch (SQLException e) {
out.println("createStatement " + e.getMessage());
try {conn.close();} catch (SQLException e2) {};
return;
}
ResultSet rset = null;
String query0 = "select u_access from customers where cno='"+ cno[0]+"'";
try {
rset = stmt.executeQuery(query0);
} catch (SQLException e) {
out.println("executeQuery " + e.getMessage());
return;
}
try {
if (!(rset.next())) {
out.println("1You are not authorized to access this page");
return;
}
else if (!(uAccess[0].equals(rset.getString(1)))) {
out.println("2You are not authorized to access this page");
return;
}
else { // everything is fine
String sTrack = "select 1440*(sysdate-l_access) from customers where cno='" + cno[0] + "'";
rset = stmt.executeQuery(sTrack);
rset.next();
if (rset.getDouble(1) > 10.0) {
out.println("");
out.println(" ");
out.println(" Logout Page");
out.println(" ");
out.println(" ");
int nRows = stmt.executeUpdate("update customers set u_access = null where cno='" + cno[0] + "'");
out.println("Your session has expired!
Please Login again to continue shopping.");
out.println("");
out.println("");
out.println("");
return;
}
int nRows = stmt.executeUpdate("update customers set l_access = sysdate where cno='" + cno[0] + "'");
String password = null, state = null, zip = null, phone = null;
String cname = null, street = null, city = null, email = null;
String check = "select cname, street, city, state, zip," +
" phone, email, password" +
" from customers" +
" where cno = '" + cno[0] + "'";
rset = stmt.executeQuery(check);
rset.next();
cname = rset.getString(1);
street = rset.getString(2);
city = rset.getString(3);
state = rset.getString(4);
zip = rset.getString(5);
phone = rset.getString(6);
email = rset.getString(7);
password = rset.getString(8);
out.println("");
out.println("Update Profile
");
out.println("");
out.println("");
out.println("");
out.println("");
}
} catch (SQLException e) {
out.println("executeQuery3 " + e.getMessage());
return;
}
try {
stmt.close();
conn.close();
} catch (SQLException e) {
}
out.close();
}
public String getServletInfo() {
return "This Servlet processes UpdateProfile ";
}
}