Customer Menu

import java.io.*; import java.sql.*; import javax.servlet.*; import javax.servlet.http.*; public class UpdateProfile extends HttpServlet { public static Connection conn; public static Statement stmt; public void doGet (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doPost(request, response); } public void doPost (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("Customer Menu"); out.println(""); String cno[] = request.getParameterValues("customerId"); String uAccess[] = request.getParameterValues("uAccess"); try { Class.forName("oracle.jdbc.driver.OracleDriver"); } catch(ClassNotFoundException e){ out.println("Error loading the Driver:"+e.getMessage()); return; } Connection conn = null; try { conn = DriverManager.getConnection ( MyUtilities.CONNECTSTRING,MyUtilities.ID,MyUtilities.PASSWORD); } catch (SQLException e1) { out.println("Error connecting to Oracle:"+e1.getMessage()); return; } if (conn == null) { out.println("Null Connection"); return; } Statement stmt = null; try { stmt = conn.createStatement (); } catch (SQLException e) { out.println("createStatement " + e.getMessage()); try {conn.close();} catch (SQLException e2) {}; return; } ResultSet rset = null; String query0 = "select u_access from customers where cno='"+ cno[0]+"'"; try { rset = stmt.executeQuery(query0); } catch (SQLException e) { out.println("executeQuery " + e.getMessage()); return; } try { if (!(rset.next())) { out.println("1You are not authorized to access this page"); return; } else if (!(uAccess[0].equals(rset.getString(1)))) { out.println("2You are not authorized to access this page"); return; } else { // everything is fine String sTrack = "select 1440*(sysdate-l_access) from customers where cno='" + cno[0] + "'"; rset = stmt.executeQuery(sTrack); rset.next(); if (rset.getDouble(1) > 10.0) { out.println(""); out.println(" "); out.println(" Logout Page"); out.println(" "); out.println(" "); int nRows = stmt.executeUpdate("update customers set u_access = null where cno='" + cno[0] + "'"); out.println("Your session has expired!
Please Login again to continue shopping."); out.println(""); out.println(""); out.println(""); return; } int nRows = stmt.executeUpdate("update customers set l_access = sysdate where cno='" + cno[0] + "'"); String password = null, state = null, zip = null, phone = null; String cname = null, street = null, city = null, email = null; String check = "select cname, street, city, state, zip," + " phone, email, password" + " from customers" + " where cno = '" + cno[0] + "'"; rset = stmt.executeQuery(check); rset.next(); cname = rset.getString(1); street = rset.getString(2); city = rset.getString(3); state = rset.getString(4); zip = rset.getString(5); phone = rset.getString(6); email = rset.getString(7); password = rset.getString(8); out.println(""); out.println("

Update Profile

"); out.println(""); out.println(""); out.println(""); out.println(""); } } catch (SQLException e) { out.println("executeQuery3 " + e.getMessage()); return; } try { stmt.close(); conn.close(); } catch (SQLException e) { } out.close(); } public String getServletInfo() { return "This Servlet processes UpdateProfile "; } }

Name:
Street:
City:
State:
Zip:
Phone:
email:
Password: