diff options
Diffstat (limited to 'src/java/com/juick/http/www/Settings.java')
-rw-r--r-- | src/java/com/juick/http/www/Settings.java | 104 |
1 files changed, 0 insertions, 104 deletions
diff --git a/src/java/com/juick/http/www/Settings.java b/src/java/com/juick/http/www/Settings.java deleted file mode 100644 index de37bdd0..00000000 --- a/src/java/com/juick/http/www/Settings.java +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Juick - * Copyright (C) 2008-2013, Ugnich Anton - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ -package com.juick.http.www; - -import java.io.IOException; -import java.io.PrintWriter; -import java.sql.Connection; -import java.sql.PreparedStatement; -import java.sql.SQLException; -import javax.servlet.ServletException; -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -/** - * - * @author Ugnich Anton - */ -public class Settings { - - protected void doGet(Connection sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - com.juick.User visitor = Utils.getVisitorUser(sql, request, response); - - response.setContentType("text/html; charset=UTF-8"); - PrintWriter out = response.getWriter(); - try { - PageTemplates.pageHead(out, "Логин", ""); - PageTemplates.pageNavigation(out, visitor, null); - - out.println("<div id=\"topwrapper\">"); - out.println("<div id=\"wrapper\">"); - out.println("<div id=\"content\">"); - out.println("<form action=\"/login\" method=\"post\">"); - out.println("<p>Имя пользователя: <input type=\"text\" name=\"username\"/></p>"); - out.println("<p>Пароль: <input type=\"password\" name=\"password\"/></p>"); - out.println("<p><input type=\"submit\" value=\" OK \"/></p>"); - out.println("</form>"); - out.println("</div>"); - out.println("</div>"); - out.println("</div>"); // topwrapper - - PageTemplates.pageFooter(request, out, visitor, false); - PageTemplates.pageEnd(out); - } finally { - out.close(); - } - } - - protected void doPost(Connection sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - String username = request.getParameter("username"); - String password = request.getParameter("password"); - if (username == null || password == null || username.length() > 32 || password.isEmpty()) { - response.sendError(400); - return; - } - - int uid = com.juick.server.UserQueries.checkPassword(sql, username, password); - if (uid > 0) { - String hash = com.juick.server.UserQueries.getHashByUID(sql, uid); - Cookie c = new Cookie("hash", hash); - c.setDomain(".juick.com"); - c.setMaxAge(365 * 24 * 60 * 60); - response.addCookie(c); - - - if (uid > 0) { - PreparedStatement stmt = null; - try { - stmt = sql.prepareStatement("DELETE FROM logins WHERE user_id=?"); - stmt.setInt(1, uid); - stmt.executeUpdate(); - } catch (SQLException e) { - System.err.println(e); - } finally { - Utils.finishSQL(null, stmt); - } - } - - String referer = request.getHeader("Referer"); - if (referer != null && referer.startsWith("http://juick.com/") && !referer.equals("http://juick.com/login")) { - response.sendRedirect(referer); - } else { - response.sendRedirect("/"); - } - } else { - response.sendError(403); - } - } -} |