package siprp.pagina; import com.evolute.utils.arrays.*; import com.evolute.utils.strings.*; import java.io.*; import java.util.*; import java.sql.*; import java.lang.reflect.Array; import javax.servlet.*; import javax.servlet.http.*; import org.apache.velocity.*; import org.apache.velocity.app.*; public class siprpServlet extends HttpServlet { // MSG public static final String msgErroNoUser = "Tem de especificar um utilizador"; public static final String msgErroAuthFail = "Utilizador inexistente e/ou Password errada"; public static final String msgErroBd = "Erro na liga\u00E7\u00E3o \u00E0 base de dados"; public static final String msgGenericError = "Erro"; public static final String msgListaEmpresas = "Empresas"; public static final String msgAcessoNegado = "Acesso Negado"; public static final String msgLinkFormatError ="URL inv\u00E1lido"; public static final String msgLogin = "Login"; public static final String msgNovaPasswordErrada="Erro ao criar a nova password, nova password inv\u00E1lida"; public static final String msgButtonNotSuported = "funcionalidade ainda n\u00E3o suportada" ; public static final String msgSessionTimeout = "Sess\u00E3o expirou, por favor fa\u00E7a login de novo"; // Templates - Nomes e valores //public static final String loginTemplate = "login.html"; public static final String indexTemplate = "index.html"; public static final String authenticatedUserTemplate = "user.html"; public static final String errorTemplate = "error.html"; public static final String mainTemplate = "main.html"; //public static final String criticalErrorTemplate = "critical.html"; public static final String templateVector1 ="v1"; public static final String templateVector2 ="v2"; public static final String templateVector3 ="v3"; public static final String templateUserRole ="userRole"; public static final String msgTemplate ="msg"; public static final String templateQuery ="query"; public static final String buttonPressedTemplate ="buttonPressed"; // Query Strings , usadas para na template do velocity saber o que mostar public static final String queryStringEmpresas = "empresas"; public static final String queryStringEstabelecimentos="estabelecimentos"; public static final String queryStringTrabalhadores ="trabalhadores"; public static final String queryStringTrabalhador ="trabalhador"; //Botoes, saber qual o botao escholido, campo value dos forms public static final String botaoLogin = "Entrar"; public static final String botaoMarcarProximoExame = "Marcar Exame"; // Var da Session public static final String sessionUser="user"; public static final String sessionUserRole="userRole"; public static final String sessionPassword="password"; public static final String sessionEmpresaId="empresaId"; public static final String sessionEstabelecimentoId="estabelecimentoId"; public static final String sessionTrabalhadorId="trabalhadorId"; public static final String sessionCompanyName = "sessionCompanyName"; public static final int sessionTimeout =300; // segundos public static final String servletName="siprpServlet"; public static final String superUserRole="manager"; // BD public static final String bdHost = "127.0.0.1"; public static final String bdPort = "5436"; public static final String bdUsername = "siprp"; public static final String bdPassword = ""; public static final String bdDriver = "org.postgresql.Driver"; public static final String bdUrl = "jdbc:postgresql://" + bdHost + ":" + bdPort + "/siprp"; public static final String bdEmpresaIdRef = "id"; // campo que contem id da empresa public static final String bdEmpresaNomeRef = "designacao_social"; // campo que contem nome da empresa public static final String bdEstIdRef = "id"; // campo que contem nome do estabelecimento public static final String bdEstNomeRef = "nome"; // campo que contem nome do estabelecimento public static final String bdTrabIdRef = "id"; // campo que contem id do trabalhador public static final String bdTrabNomeRef = "nome"; // campo que contem nome do trabalhador public static final String bdNullString = ""; // String a mostrar quando o campo lido da BD é null // Arrays public static final String[][] trabalhadorDescFields = new String [][] { // nome que o user ve, nome do campo na tabela {"Nome", "nome"}, {"Nº", "numero_mecanografico",}, {"\u00DAltimo Exame", "ultimo_exame"}, {"Realizado", "realizado"}, {"Pr\u00F3ximo Exame", "proximo_exame"}, {"\u00DAltima Consulta", "ultima_consulta"}, {"Realizada", "realizada"}, {"Pr\u00F3xima Consulta", "proxima_consulta"} }; public void init() { try { String TEMPLATE_DIR = this.getServletContext().getRealPath( "/" ) + "html/"; Properties props = new Properties(); props.setProperty( "file.resource.loader.path", TEMPLATE_DIR ); Velocity.init( props ); Class.forName(bdDriver); } catch( Exception e ) { e.printStackTrace(); } } public void doGet( HttpServletRequest req, HttpServletResponse res ) throws IOException { String queryString = req.getQueryString(); String backUri = req.getRequestURI(); ServletOutputStream out = res.getOutputStream(); res.setContentType( "text/html" ); try { HttpSession session = req.getSession(true); session.setMaxInactiveInterval(sessionTimeout); if ( queryString == null ) // Reload, 1º vez, etc ... { session.invalidate(); out.println( mergeTemplate ( msgLogin, indexTemplate ) ) ; } else if ( session.isNew() ) // session timeout { session.invalidate(); throw new IllegalStateException(); } else if ( queryString.equals(queryStringEmpresas) ) // Listar Empresas { new doGetListaEmpresas(req,res); } else // interpretar query string { String empresa = null, estabelecimento=null, trabalhador=null; int checkInt; StringTokenizer sToken = new StringTokenizer(queryString,"/") ; empresa = sToken.nextToken(); // empresa ID checkInt = Integer.parseInt(empresa); // check int, NumberFormatException if (sToken.hasMoreElements()) { estabelecimento = sToken.nextToken(); // estabelecimento ID checkInt = Integer.parseInt(estabelecimento); // check int, NumberFormatException if (sToken.hasMoreElements()) { trabalhador = sToken.nextToken(); // trabalhador ID checkInt = Integer.parseInt(trabalhador); // check int, NumberFormatException } } if ( estabelecimento == null ) // empresa query { session.setAttribute(sessionEmpresaId, empresa); // update HTTP Session new doGetListaEstabelecimentos(req,res); //out.println( mergeTemplate ( empresa, loginTemplate ) ) ; } else if ( trabalhador == null ) // estabelecimento query { session.setAttribute(sessionEmpresaId, empresa); // update HTTP Session session.setAttribute(sessionEstabelecimentoId, estabelecimento); new doGetListaTrabalhadores(req,res); //out.println( mergeTemplate ( " chama oGetListaTrabalhadores", loginTemplate ) ) ; } else // trabalhador query { session.setAttribute(sessionEmpresaId, empresa); // update HTTP Session session.setAttribute(sessionEstabelecimentoId, estabelecimento); session.setAttribute(sessionTrabalhadorId, trabalhador); new doGetTrabalhador(req,res); //out.println( mergeTemplate ( trabalhador, loginTemplate ) ) ; } } } catch ( NumberFormatException e ) // argumentos invalidos { e.printStackTrace(); out.println( mergeTemplate( msgLinkFormatError, backUri, errorTemplate) ); } catch ( IllegalStateException e ) // session timeout { e.printStackTrace(); out.println( mergeTemplate(msgSessionTimeout, errorTemplate) ); } catch ( Exception e ) { e.printStackTrace(); out.println( mergeTemplate( msgGenericError , backUri, errorTemplate ) ); } } public void doPost(HttpServletRequest req, HttpServletResponse res) throws IOException { ServletOutputStream out = res.getOutputStream(); //StringBuffer dbQuery; //ResultSet2DArray rs; //Connection con = null ; //Statement stmt = null ; //String user, userRole, password; String buttonPressed = req.getParameter("form"); try { if ( buttonPressed.equals(botaoLogin)) { new doPostLogin(req,res); } else { out.println( mergeTemplate( msgButtonNotSuported, errorTemplate) ); } } /*catch ( SQLException e ) { e.printStackTrace(); out.println( mergeTemplate( msgErroBd , criticalErrorTemplate) ); }*/ catch ( IllegalStateException e ) // session timeout { e.printStackTrace(); out.println( mergeTemplate(msgSessionTimeout, errorTemplate) ); } catch ( Exception e ) { e.printStackTrace(); out.println( mergeTemplate( msgGenericError , errorTemplate) ); } } public String mergeTemplate( HashMap values, String template ) { VelocityContext context = new VelocityContext(); StringWriter output = new StringWriter(); try { for( Iterator i = values.keySet().iterator(); i.hasNext(); ) { String key = ( String ) i.next(); context.put ( key, values.get( key ) ) ; } Velocity.mergeTemplate(template, Velocity.ENCODING_DEFAULT, context, output ); return output.toString(); } catch( Exception e ) { e.printStackTrace(); } return null; } public String mergeTemplate (String msg, String template ) // #1 { VelocityContext context = new VelocityContext(); StringWriter output = new StringWriter(); try { context.put ( msgTemplate , msg ) ; Velocity.mergeTemplate(template, Velocity.ENCODING_DEFAULT, context, output ); return output.toString(); } catch( Exception e ) { e.printStackTrace(); } return null; } public String mergeTemplate (String msg, String userRole, String template ) // #1 { VelocityContext context = new VelocityContext(); StringWriter output = new StringWriter(); try { context.put ( msgTemplate , msg ) ; context.put ( templateUserRole, userRole); Velocity.mergeTemplate(template, Velocity.ENCODING_DEFAULT, context, output ); return output.toString(); } catch( Exception e ) { e.printStackTrace(); } return null; } public String mergeTemplate ( String msg, String userRole, String querySelected, Vector vector1, Vector vector2, Vector vector3, String template ) // #2 { VelocityContext context = new VelocityContext(); StringWriter output = new StringWriter(); try { context.put ( msgTemplate , msg ) ; context.put ( templateUserRole, userRole); context.put ( templateQuery, querySelected ); context.put ( templateVector1,vector1); context.put ( templateVector2,vector2); context.put ( templateVector3,vector3); Velocity.mergeTemplate(template, Velocity.ENCODING_DEFAULT, context, output ); return output.toString(); } catch( Exception e ) { e.printStackTrace(); } return null; } public void destroy() { } public void handleSessionTimeout(HttpServletResponse res, String template) throws IOException { ServletOutputStream out = res.getOutputStream(); try { out.println( mergeTemplate( msgSessionTimeout, template) ); } catch ( Exception e ) { e.printStackTrace(); } } public boolean verificaEstabelecimento(Connection con, java.lang.String empresaId, java.lang.String estabelecimentoId) // verifica se o establecimento pertence à empresa { //Connection con = null ; Statement stmt = null ; ResultSet2DArray rs; StringBuffer dbQuery; try { //con = DriverManager.getConnection( bdUrl, bdUsername, bdPassword ); dbQuery = new StringBuffer(); dbQuery.append( "SELECT empresa_id FROM estabelecimentos where id='"+estabelecimentoId+"'"); stmt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); rs = new ResultSet2DArray( stmt.executeQuery( dbQuery.toString()) ); String temp=""+rs.get(0,0); // converter de int para String stmt.close(); if ( empresaId.equals(temp) ) // estabelecimento pertence à empresa { return true; } else { return false; } } catch ( Exception e ) { e.printStackTrace(); } return false; } public boolean verificaTrabalhador(Connection con, java.lang.String estabelecimentoId, java.lang.String trabalhadorId) // verifica se o trabalhador pertence ao estabelecimento { //Connection con = null ; Statement stmt = null ; ResultSet2DArray rs; StringBuffer dbQuery; try { //con = DriverManager.getConnection( bdUrl, bdUsername, bdPassword ); dbQuery = new StringBuffer(); dbQuery.append( "SELECT estabelecimento_id FROM trabalhadores where id='"+trabalhadorId+"'"); stmt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); rs = new ResultSet2DArray( stmt.executeQuery( dbQuery.toString()) ); String temp=""+rs.get(0,0); // converter de int para String stmt.close(); if ( estabelecimentoId.equals(temp) ) // estabelecimento pertence à empresa { return true; } else { return false; } } catch ( Exception e ) { e.printStackTrace(); } return false; } public void closeSqlCon(Connection con) { try { if (con != null ) con.close(); } catch ( Exception e ) { e.printStackTrace(); } } public String nomeEmpresa(Connection con, String empresaId) { Statement stmt = null ; ResultSet2DArray rs; StringBuffer dbQuery; String returnString; try { dbQuery = new StringBuffer(); dbQuery.append( "SELECT "+bdEmpresaNomeRef+" FROM empresas WHERE "+bdEmpresaIdRef+" ='"+empresaId+"'"); stmt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); rs = new ResultSet2DArray( stmt.executeQuery( dbQuery.toString()) ); returnString = (String)rs.get(0,0); stmt.close(); return returnString; } catch ( Exception e ) { e.printStackTrace(); } return null; } public String nomeEstabelecimento(Connection con, java.lang.String estabelecimentoId) { Statement stmt = null ; ResultSet2DArray rs; StringBuffer dbQuery; String returnString; try { dbQuery = new StringBuffer(); dbQuery.append( "SELECT "+bdEstNomeRef+" FROM estabelecimentos WHERE "+bdEstIdRef+" ='"+estabelecimentoId+"'"); stmt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); rs = new ResultSet2DArray( stmt.executeQuery( dbQuery.toString()) ); returnString = (String)rs.get(0,0); stmt.close(); return returnString; } catch ( Exception e ) { e.printStackTrace(); } return null; } public String nomeTrabalhador(Connection con, java.lang.String trabalhadorId) { Statement stmt = null ; ResultSet2DArray rs; StringBuffer dbQuery; String returnString; try { dbQuery = new StringBuffer(); dbQuery.append( "SELECT "+bdTrabNomeRef+" FROM trabalhadores where id='"+trabalhadorId+"'"); stmt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); rs = new ResultSet2DArray( stmt.executeQuery( dbQuery.toString()) ); returnString = (String)rs.get(0,0); stmt.close(); return returnString; } catch ( Exception e ) { e.printStackTrace(); } return null; } }