aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--nbproject/build-impl.xml2
-rw-r--r--nbproject/genfiles.properties6
-rw-r--r--nbproject/project.properties5
-rw-r--r--nbproject/project.xml4
-rw-r--r--src/java/com/juick/api/Main.java2
-rw-r--r--src/java/com/juick/api/Users.java36
-rw-r--r--src/java/com/juick/api/Utils.java2
7 files changed, 29 insertions, 28 deletions
diff --git a/nbproject/build-impl.xml b/nbproject/build-impl.xml
index 00a253906..c6dd50e75 100644
--- a/nbproject/build-impl.xml
+++ b/nbproject/build-impl.xml
@@ -693,7 +693,6 @@ exists or setup the property manually. For example like this:
</target>
<target depends="init,compile,compile-jsps,-pre-dist,-do-dist-with-manifest,-do-dist-without-manifest" name="do-dist"/>
<target depends="init" if="dist.ear.dir" name="library-inclusion-in-manifest">
- <copyfiles files="${libs.MySQLDriver.classpath}" iftldtodir="${build.web.dir}/WEB-INF" todir="${dist.ear.dir}/lib"/>
<copyfiles files="${reference.com_juick.jar}" iftldtodir="${build.web.dir}/WEB-INF" todir="${dist.ear.dir}/lib"/>
<copyfiles files="${reference.com_juick_server.jar}" iftldtodir="${build.web.dir}/WEB-INF" todir="${dist.ear.dir}/lib"/>
<copyfiles files="${reference.com_juick_json.jar}" iftldtodir="${build.web.dir}/WEB-INF" todir="${dist.ear.dir}/lib"/>
@@ -701,7 +700,6 @@ exists or setup the property manually. For example like this:
<manifest file="${build.web.dir}/META-INF/MANIFEST.MF" mode="update"/>
</target>
<target depends="init" name="library-inclusion-in-archive" unless="dist.ear.dir">
- <copyfiles files="${libs.MySQLDriver.classpath}" todir="${build.web.dir}/WEB-INF/lib"/>
<copyfiles files="${reference.com_juick.jar}" todir="${build.web.dir}/WEB-INF/lib"/>
<copyfiles files="${reference.com_juick_server.jar}" todir="${build.web.dir}/WEB-INF/lib"/>
<copyfiles files="${reference.com_juick_json.jar}" todir="${build.web.dir}/WEB-INF/lib"/>
diff --git a/nbproject/genfiles.properties b/nbproject/genfiles.properties
index fd5f8a0bb..0b0474515 100644
--- a/nbproject/genfiles.properties
+++ b/nbproject/genfiles.properties
@@ -1,8 +1,8 @@
-build.xml.data.CRC32=0970a525
+build.xml.data.CRC32=649ef84a
build.xml.script.CRC32=2226508e
build.xml.stylesheet.CRC32=651128d4@1.33.1.1
# This file is used by a NetBeans-based IDE to track changes in generated files such as build-impl.xml.
# Do not edit this file. You may delete it but then the IDE will never regenerate such files for you.
-nbproject/build-impl.xml.data.CRC32=0970a525
-nbproject/build-impl.xml.script.CRC32=76130e45
+nbproject/build-impl.xml.data.CRC32=649ef84a
+nbproject/build-impl.xml.script.CRC32=3499afe6
nbproject/build-impl.xml.stylesheet.CRC32=0cbf5bb7@1.33.1.1
diff --git a/nbproject/project.properties b/nbproject/project.properties
index f54b89b4c..5d65b1aa0 100644
--- a/nbproject/project.properties
+++ b/nbproject/project.properties
@@ -34,7 +34,6 @@ j2ee.platform.classpath=${j2ee.server.home}/lib/catalina-ant.jar:${j2ee.server.h
j2ee.server.type=Tomcat
jar.compress=false
javac.classpath=\
- ${libs.MySQLDriver.classpath}:\
${reference.com_juick.jar}:\
${reference.com_juick_server.jar}:\
${reference.com_juick_json.jar}
@@ -85,7 +84,7 @@ source.root=src
src.dir=${source.root}/java
test.src.dir=test
war.content.additional=
-war.ear.name=com.juick.http.api.war
-war.name=com.juick.http.api.war
+war.ear.name=com.juick.api.war
+war.name=com.juick.api.war
web.docbase.dir=web
webinf.dir=web/WEB-INF
diff --git a/nbproject/project.xml b/nbproject/project.xml
index 72915234b..6d66c0213 100644
--- a/nbproject/project.xml
+++ b/nbproject/project.xml
@@ -7,10 +7,6 @@
<minimum-ant-version>1.6.5</minimum-ant-version>
<web-module-libraries>
<library dirs="200">
- <file>${libs.MySQLDriver.classpath}</file>
- <path-in-war>WEB-INF/lib</path-in-war>
- </library>
- <library dirs="200">
<file>${reference.com_juick.jar}</file>
<path-in-war>WEB-INF/lib</path-in-war>
</library>
diff --git a/src/java/com/juick/api/Main.java b/src/java/com/juick/api/Main.java
index d32a00aa4..ebbeb103c 100644
--- a/src/java/com/juick/api/Main.java
+++ b/src/java/com/juick/api/Main.java
@@ -125,7 +125,7 @@ public class Main extends HttpServlet {
response.setHeader("Access-Control-Allow-Origin", "*");
String callback = request.getParameter("callback");
- if (callback.length() > 64 || !callback.matches("a-zA-Z0-9\\-")) {
+ if (callback != null && (callback.length() > 64 || !callback.matches("[a-zA-Z0-9\\-]+"))) {
callback = null;
}
diff --git a/src/java/com/juick/api/Users.java b/src/java/com/juick/api/Users.java
index 5810ddba8..2c60a95f8 100644
--- a/src/java/com/juick/api/Users.java
+++ b/src/java/com/juick/api/Users.java
@@ -21,17 +21,21 @@ public class Users {
}
public void doGetUserRead(HttpServletRequest request, HttpServletResponse response, int vuid) throws ServletException, IOException {
- int uid = vuid;
- String paramUID = request.getParameter("user_id");
- if (paramUID != null) {
- try {
- uid = Integer.parseInt(paramUID);
- } catch (NumberFormatException e) {
+ int uid = 0;
+ String uname = request.getParameter("uname");
+ if (uname == null) {
+ uid = vuid;
+ } else {
+ if (UserQueries.checkUserNameValid(uname)) {
+ com.juick.User u = UserQueries.getUserByNick(sql, uname);
+ if (u != null && u.UID > 0) {
+ uid = u.UID;
+ }
}
}
if (uid > 0) {
- ArrayList<Integer> uids = UserQueries.getUserRead(sql, vuid);
+ ArrayList<Integer> uids = UserQueries.getUserRead(sql, uid);
if (uids.size() > 0) {
ArrayList<com.juick.User> users = UserQueries.getUsersByID(sql, uids);
if (users.size() > 0) {
@@ -45,17 +49,21 @@ public class Users {
}
public void doGetUserReaders(HttpServletRequest request, HttpServletResponse response, int vuid) throws ServletException, IOException {
- int uid = vuid;
- String paramUID = request.getParameter("user_id");
- if (paramUID != null) {
- try {
- uid = Integer.parseInt(paramUID);
- } catch (NumberFormatException e) {
+ int uid = 0;
+ String uname = request.getParameter("uname");
+ if (uname == null) {
+ uid = vuid;
+ } else {
+ if (UserQueries.checkUserNameValid(uname)) {
+ com.juick.User u = UserQueries.getUserByNick(sql, uname);
+ if (u != null && u.UID > 0) {
+ uid = u.UID;
+ }
}
}
if (uid > 0) {
- ArrayList<Integer> uids = UserQueries.getUserReaders(sql, vuid);
+ ArrayList<Integer> uids = UserQueries.getUserReaders(sql, uid);
if (uids.size() > 0) {
ArrayList<com.juick.User> users = UserQueries.getUsersByID(sql, uids);
if (users.size() > 0) {
diff --git a/src/java/com/juick/api/Utils.java b/src/java/com/juick/api/Utils.java
index b325b19a8..cac5612d5 100644
--- a/src/java/com/juick/api/Utils.java
+++ b/src/java/com/juick/api/Utils.java
@@ -75,7 +75,7 @@ public class Utils {
try {
BASE64Decoder dec = new BASE64Decoder();
String loginpassw[] = new String(dec.decodeBuffer(auth.substring(6))).split(":", 2);
- if (loginpassw.length == 2 && loginpassw[0].length() > 1 && loginpassw[0].length() < 16 && loginpassw[0].matches("a-zA-Z0-9\\-") && !loginpassw[1].isEmpty()) {
+ if (loginpassw.length == 2 && loginpassw[0].length() > 1 && loginpassw[0].length() < 16 && loginpassw[0].matches("[a-zA-Z0-9\\-]+") && !loginpassw[1].isEmpty()) {
return UserQueries.checkPassword(sql, loginpassw[0], loginpassw[1]);
}
} catch (IOException e) {