From df529650d03296bf03ade8c0eed4a2fcc404a041 Mon Sep 17 00:00:00 2001
From: Ugnich Anton
Date: Fri, 21 Jun 2013 00:16:11 +0700
Subject: Bugfix
---
nbproject/build-impl.xml | 2 --
nbproject/genfiles.properties | 6 +++---
nbproject/project.properties | 5 ++---
nbproject/project.xml | 4 ----
src/java/com/juick/api/Main.java | 2 +-
src/java/com/juick/api/Users.java | 36 ++++++++++++++++++++++--------------
src/java/com/juick/api/Utils.java | 2 +-
7 files changed, 29 insertions(+), 28 deletions(-)
diff --git a/nbproject/build-impl.xml b/nbproject/build-impl.xml
index 00a25390..c6dd50e7 100644
--- a/nbproject/build-impl.xml
+++ b/nbproject/build-impl.xml
@@ -693,7 +693,6 @@ exists or setup the property manually. For example like this:
-
@@ -701,7 +700,6 @@ exists or setup the property manually. For example like this:
-
diff --git a/nbproject/genfiles.properties b/nbproject/genfiles.properties
index fd5f8a0b..0b047451 100644
--- a/nbproject/genfiles.properties
+++ b/nbproject/genfiles.properties
@@ -1,8 +1,8 @@
-build.xml.data.CRC32=0970a525
+build.xml.data.CRC32=649ef84a
build.xml.script.CRC32=2226508e
build.xml.stylesheet.CRC32=651128d4@1.33.1.1
# This file is used by a NetBeans-based IDE to track changes in generated files such as build-impl.xml.
# Do not edit this file. You may delete it but then the IDE will never regenerate such files for you.
-nbproject/build-impl.xml.data.CRC32=0970a525
-nbproject/build-impl.xml.script.CRC32=76130e45
+nbproject/build-impl.xml.data.CRC32=649ef84a
+nbproject/build-impl.xml.script.CRC32=3499afe6
nbproject/build-impl.xml.stylesheet.CRC32=0cbf5bb7@1.33.1.1
diff --git a/nbproject/project.properties b/nbproject/project.properties
index f54b89b4..5d65b1aa 100644
--- a/nbproject/project.properties
+++ b/nbproject/project.properties
@@ -34,7 +34,6 @@ j2ee.platform.classpath=${j2ee.server.home}/lib/catalina-ant.jar:${j2ee.server.h
j2ee.server.type=Tomcat
jar.compress=false
javac.classpath=\
- ${libs.MySQLDriver.classpath}:\
${reference.com_juick.jar}:\
${reference.com_juick_server.jar}:\
${reference.com_juick_json.jar}
@@ -85,7 +84,7 @@ source.root=src
src.dir=${source.root}/java
test.src.dir=test
war.content.additional=
-war.ear.name=com.juick.http.api.war
-war.name=com.juick.http.api.war
+war.ear.name=com.juick.api.war
+war.name=com.juick.api.war
web.docbase.dir=web
webinf.dir=web/WEB-INF
diff --git a/nbproject/project.xml b/nbproject/project.xml
index 72915234..6d66c021 100644
--- a/nbproject/project.xml
+++ b/nbproject/project.xml
@@ -6,10 +6,6 @@
com.juick.api
1.6.5
-
- ${libs.MySQLDriver.classpath}
- WEB-INF/lib
-
${reference.com_juick.jar}
WEB-INF/lib
diff --git a/src/java/com/juick/api/Main.java b/src/java/com/juick/api/Main.java
index d32a00aa..ebbeb103 100644
--- a/src/java/com/juick/api/Main.java
+++ b/src/java/com/juick/api/Main.java
@@ -125,7 +125,7 @@ public class Main extends HttpServlet {
response.setHeader("Access-Control-Allow-Origin", "*");
String callback = request.getParameter("callback");
- if (callback.length() > 64 || !callback.matches("a-zA-Z0-9\\-")) {
+ if (callback != null && (callback.length() > 64 || !callback.matches("[a-zA-Z0-9\\-]+"))) {
callback = null;
}
diff --git a/src/java/com/juick/api/Users.java b/src/java/com/juick/api/Users.java
index 5810ddba..2c60a95f 100644
--- a/src/java/com/juick/api/Users.java
+++ b/src/java/com/juick/api/Users.java
@@ -21,17 +21,21 @@ public class Users {
}
public void doGetUserRead(HttpServletRequest request, HttpServletResponse response, int vuid) throws ServletException, IOException {
- int uid = vuid;
- String paramUID = request.getParameter("user_id");
- if (paramUID != null) {
- try {
- uid = Integer.parseInt(paramUID);
- } catch (NumberFormatException e) {
+ int uid = 0;
+ String uname = request.getParameter("uname");
+ if (uname == null) {
+ uid = vuid;
+ } else {
+ if (UserQueries.checkUserNameValid(uname)) {
+ com.juick.User u = UserQueries.getUserByNick(sql, uname);
+ if (u != null && u.UID > 0) {
+ uid = u.UID;
+ }
}
}
if (uid > 0) {
- ArrayList uids = UserQueries.getUserRead(sql, vuid);
+ ArrayList uids = UserQueries.getUserRead(sql, uid);
if (uids.size() > 0) {
ArrayList users = UserQueries.getUsersByID(sql, uids);
if (users.size() > 0) {
@@ -45,17 +49,21 @@ public class Users {
}
public void doGetUserReaders(HttpServletRequest request, HttpServletResponse response, int vuid) throws ServletException, IOException {
- int uid = vuid;
- String paramUID = request.getParameter("user_id");
- if (paramUID != null) {
- try {
- uid = Integer.parseInt(paramUID);
- } catch (NumberFormatException e) {
+ int uid = 0;
+ String uname = request.getParameter("uname");
+ if (uname == null) {
+ uid = vuid;
+ } else {
+ if (UserQueries.checkUserNameValid(uname)) {
+ com.juick.User u = UserQueries.getUserByNick(sql, uname);
+ if (u != null && u.UID > 0) {
+ uid = u.UID;
+ }
}
}
if (uid > 0) {
- ArrayList uids = UserQueries.getUserReaders(sql, vuid);
+ ArrayList uids = UserQueries.getUserReaders(sql, uid);
if (uids.size() > 0) {
ArrayList users = UserQueries.getUsersByID(sql, uids);
if (users.size() > 0) {
diff --git a/src/java/com/juick/api/Utils.java b/src/java/com/juick/api/Utils.java
index b325b19a..cac5612d 100644
--- a/src/java/com/juick/api/Utils.java
+++ b/src/java/com/juick/api/Utils.java
@@ -75,7 +75,7 @@ public class Utils {
try {
BASE64Decoder dec = new BASE64Decoder();
String loginpassw[] = new String(dec.decodeBuffer(auth.substring(6))).split(":", 2);
- if (loginpassw.length == 2 && loginpassw[0].length() > 1 && loginpassw[0].length() < 16 && loginpassw[0].matches("a-zA-Z0-9\\-") && !loginpassw[1].isEmpty()) {
+ if (loginpassw.length == 2 && loginpassw[0].length() > 1 && loginpassw[0].length() < 16 && loginpassw[0].matches("[a-zA-Z0-9\\-]+") && !loginpassw[1].isEmpty()) {
return UserQueries.checkPassword(sql, loginpassw[0], loginpassw[1]);
}
} catch (IOException e) {
--
cgit v1.2.3