From c37d78969da40f4238573bbee2c533c878ea3844 Mon Sep 17 00:00:00 2001 From: Ugnich Anton Date: Sun, 21 Jul 2013 23:36:07 +0700 Subject: Signup/Login bugfixes --- src/java/com/juick/http/www/FacebookLogin.java | 24 +++++++++++++++++++++++- src/java/com/juick/http/www/Main.java | 23 ++++------------------- src/java/com/juick/http/www/SignUp.java | 6 ++++-- src/java/com/juick/http/www/User.java | 2 +- 4 files changed, 32 insertions(+), 23 deletions(-) diff --git a/src/java/com/juick/http/www/FacebookLogin.java b/src/java/com/juick/http/www/FacebookLogin.java index 8933075b..7f233f04 100644 --- a/src/java/com/juick/http/www/FacebookLogin.java +++ b/src/java/com/juick/http/www/FacebookLogin.java @@ -52,7 +52,7 @@ public class FacebookLogin { response.addCookie(c); response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); - response.setHeader("Location", "https://www.facebook.com/dialog/oauth?client_id=" + FACEBOOK_APPID + "&redirect_uri=" + URLEncoder.encode(FACEBOOK_REDIRECT, "utf-8") + "&state=" + fbstate); + response.setHeader("Location", "https://www.facebook.com/dialog/oauth?scope=publish_stream&client_id=" + FACEBOOK_APPID + "&redirect_uri=" + URLEncoder.encode(FACEBOOK_REDIRECT, "utf-8") + "&state=" + fbstate); return; } @@ -102,6 +102,9 @@ public class FacebookLogin { int uid = getUIDbyFBID(sql, fbID); if (uid > 0) { + if (!updateDB(sql, fbID, token, fbName, fbLink)) { + throw new Exception(); + } Cookie c = new Cookie("hash", UserQueries.getHashByUID(sql, uid)); c.setMaxAge(50 * 24 * 60 * 60); response.addCookie(c); @@ -159,4 +162,23 @@ public class FacebookLogin { } return ret; } + + private boolean updateDB(Connection sql, long fbID, String token, String fbName, String fbLink) { + boolean ret = false; + PreparedStatement stmt = null; + try { + stmt = sql.prepareStatement("UPDATE facebook SET access_token=?,fb_name=?,fb_link=? WHERE fb_id=?"); + stmt.setString(1, token); + stmt.setString(2, fbName); + stmt.setString(3, fbLink); + stmt.setLong(4, fbID); + stmt.executeUpdate(); + ret = true; + } catch (SQLException e) { + System.err.println(e); + } finally { + Utils.finishSQL(null, stmt); + } + return ret; + } } diff --git a/src/java/com/juick/http/www/Main.java b/src/java/com/juick/http/www/Main.java index c84a2f8c..c6c4f1b8 100644 --- a/src/java/com/juick/http/www/Main.java +++ b/src/java/com/juick/http/www/Main.java @@ -36,11 +36,11 @@ import ru.sape.Sape; * @author Ugnich Anton */ @WebServlet(name = "Main", urlPatterns = {"/"}) -public class Main extends HttpServlet implements XmppListener { +public class Main extends HttpServlet { Connection sql; Connection sqlSearch; - XmppConnection xmpp; + Stream xmpp; Blogs blogs; Login login = new Login(); Help help = new Help(); @@ -97,21 +97,6 @@ public class Main extends HttpServlet implements XmppListener { } } - @Override - public void onAuth(String resource) { - log("XMPP AUTH: " + resource); - } - - @Override - public void onAuthFailed(String message) { - log("XMPP AUTH FAILED: " + message); - } - - @Override - public void onConnectionFailed(String message) { - log("XMPP CONNECTION FAILED: " + message); - } - /** * Handles the HTTP GET method. * @param request servlet request @@ -175,7 +160,7 @@ public class Main extends HttpServlet implements XmppListener { } response.sendError(404); } else if (uri.matches("^/[^/]+$")) { - com.juick.User user = com.juick.server.UserQueries.getUserByNick(sql, request.getRequestURI().substring(1)); + com.juick.User user = com.juick.server.UserQueries.getUserByName(sql, request.getRequestURI().substring(1)); if (user != null) { Utils.sendPermanentRedirect(response, "/" + user.UName + "/"); } else { @@ -183,7 +168,7 @@ public class Main extends HttpServlet implements XmppListener { } } else if (uri.matches("^/.+/.*")) { String uriparts[] = uri.split("/"); - com.juick.User user = com.juick.server.UserQueries.getUserByNick(sql, uriparts[1]); + com.juick.User user = com.juick.server.UserQueries.getUserByName(sql, uriparts[1]); if (user != null && user.UName.equals(uriparts[1])) { if (uriparts.length == 2) { // http://juick.com/username/ pagesUser.doGetBlog(sql, sqlSearch, request, response, user); diff --git a/src/java/com/juick/http/www/SignUp.java b/src/java/com/juick/http/www/SignUp.java index 46049451..3761c8d3 100644 --- a/src/java/com/juick/http/www/SignUp.java +++ b/src/java/com/juick/http/www/SignUp.java @@ -151,7 +151,7 @@ public class SignUp { uid = visitor.UID; } - if (uid == 0) { + if (uid <= 0) { response.sendError(HttpServletResponse.SC_FORBIDDEN); return; } @@ -172,8 +172,10 @@ public class SignUp { return; } + // CHECK USERNAME + uid = UserQueries.createUser(sql, username, password, lang); - if (uid == 0) { + if (uid <= 0) { response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); return; } diff --git a/src/java/com/juick/http/www/User.java b/src/java/com/juick/http/www/User.java index 3f1fe4a3..83226089 100644 --- a/src/java/com/juick/http/www/User.java +++ b/src/java/com/juick/http/www/User.java @@ -74,7 +74,7 @@ public class User { int privacy = 0; if (visitor != null) { - if (user.UID == visitor.UID) { + if (user.UID == visitor.UID || visitor.UID == 1) { privacy = -3; } else if (UserQueries.isInWL(sql, user.UID, visitor.UID)) { privacy = -2; -- cgit v1.2.3