diff --git a/trunk/html/clientes.html b/trunk/html/clientes.html new file mode 100644 index 00000000..d893a717 --- /dev/null +++ b/trunk/html/clientes.html @@ -0,0 +1,33 @@ + + + + + + + + + + + + + + + + + + +
   os nossos serviços
+ + + + + + + + + + +
CLIENTES
+

+ + diff --git a/trunk/html/contactos.html b/trunk/html/contactos.html new file mode 100644 index 00000000..6a0e59b8 --- /dev/null +++ b/trunk/html/contactos.html @@ -0,0 +1,33 @@ + + + + + + + + + + + + + + + + + + +
   os nossos serviços
+ + + + + + + + + + +
CONTACTOS
+

+ + diff --git a/trunk/html/error.html b/trunk/html/error.html new file mode 100644 index 00000000..1e3533e9 --- /dev/null +++ b/trunk/html/error.html @@ -0,0 +1,27 @@ + + + + + SIPRP + + + + + + + + + + + + + +
Template de erro!
$!msg
+ + \ No newline at end of file diff --git a/trunk/index.html b/trunk/html/index.html similarity index 100% rename from trunk/index.html rename to trunk/html/index.html diff --git a/trunk/html/links.html b/trunk/html/links.html new file mode 100644 index 00000000..e4b18b21 --- /dev/null +++ b/trunk/html/links.html @@ -0,0 +1,33 @@ + + + + + + + + + + + + + + + + + + +
   os nossos serviços
+ + + + + + + + + + +
LINKS
+

+ + diff --git a/trunk/html/main.html b/trunk/html/main.html new file mode 100644 index 00000000..43a8fcf2 --- /dev/null +++ b/trunk/html/main.html @@ -0,0 +1,103 @@ + + + + + SIPRP + + + + + + + + + + + + + + + + + + +
+
+
+ SIPRP +
+
+
+
+
+ Utilizador
+

+ Password
+


+ +
+ + #if ($userRole) + #if ($userRole == "manager") + Lista de Empresas

+ #else + Lista de Estabelecimentos

+ #end + #end + Logout

+ 		+
+ #if ($msg) + $msg

+ #end + + #if ($query) + + #if ($query == "empresas") + #foreach( $element in $v1 ) + #set ( $counter = $velocityCount - 1 ) + $v2.get($counter)
+ #end + #end + + #if ($query == "estabelecimentos") + #foreach( $element in $v1 ) + #set ( $counter = $velocityCount - 1 ) + $v2.get($counter)
+ #end + #end + + #if ($query == "trabalhadores") + #foreach( $element in $v1 ) + #set ( $counter = $velocityCount - 1 ) + $v2.get($counter)
+ #end + #end + + #if ($query == "trabalhador") + #foreach( $element in $v1 ) + #set ( $counter = $velocityCount - 1 ) + $element: $v2.get($counter)
+ #end + +
+

+ + +
+ + #end + + #end + + + +
+ + \ No newline at end of file diff --git a/trunk/html/servicos.html b/trunk/html/servicos.html new file mode 100644 index 00000000..c4c02860 --- /dev/null +++ b/trunk/html/servicos.html @@ -0,0 +1,33 @@ + + + + + + + + + + + + + + + + + + +
   os nossos serviços
+ + + + + + + + + + +
+

+ + diff --git a/trunk/html/servicos_text.html b/trunk/html/servicos_text.html new file mode 100644 index 00000000..f76d5182 --- /dev/null +++ b/trunk/html/servicos_text.html @@ -0,0 +1,10 @@ + + + + + + + + SERVIÇOS
SERVIÇOS
SERVIÇOS
SERVIÇOS
SERVIÇOS
+ + diff --git a/trunk/html/siprp.html b/trunk/html/siprp.html new file mode 100644 index 00000000..9f1b8efd --- /dev/null +++ b/trunk/html/siprp.html @@ -0,0 +1,54 @@ + + + + + + + + + + + + + + + + + + + + + + +
   os nossos serviços
+ + + + + + + + + + + +
+


+ -Higiene e Segurança
+ -Medicina do Trabalho
+ -Politica de Qualidade e Tratamento da Vertente Burocratica
+ -Serviços Complementares +
+ + diff --git a/trunk/html/user.html b/trunk/html/user.html new file mode 100644 index 00000000..d815d8da --- /dev/null +++ b/trunk/html/user.html @@ -0,0 +1,271 @@ + + + + + SIPRP + + + + + + + + + + +

+ + + + + + + + + + + + + + + +
a SIPRPserviçosclientescontactoslinks 
+ + + + + + + + + +
+ + + + + + + + + + + + + + + + + + + #if( $query == "estabelecimentos" ) + #set( $listaTitle = "Estabelecimentos" ) + #elseif( $query == "trabalhadores" ) + #set( $listaTitle = "Funcionários" ) + #else ##( $query == "trabalhador" ) + #set( $listaTitle = "" ) + #end + + + + + + + + + + + + + + + + + + +
   acesso restrito
+ + + + + + + + + + + + + + +
+ #if( $userRole == "manager" ) + Empresa: $!empresa_nome + #else + Empresa: $empresa_nome + #end + + $userName   
+ Logout »   
+
+ #if( $estabelecimento_id ) + Estabelecimento: $!estabelecimento_nome + #else + Estabelecimento: + #end +
+ #if( $query == "trabalhador" ) + Funcionário: $v2.get( 0 ) Nº: $v2.get( 1 ) + #else + Funcionário: + #end + + #if( $query == "trabalhador" ) + + #end +
+ +
+
   $listaTitle
+ #if ($query == "trabalhador") + + + + + + + +
Último ExameRealizadoPróximo ExameÚltima ConsultaRealizadaPróxima ConsultaMarcação
$v2.get( 2 ) $v2.get( 3 ) $v2.get( 4 ) $v2.get( 5 ) $v2.get( 6 ) $v2.get( 7 )  
+ ##
+ ## + ## + ##
+ #else + #foreach( $element in $v1 ) + #set ( $counter = $velocityCount - 1 ) + $v2.get($counter)
+ #end + #end +
+
Site optimizado para 800x600 - Todos os direitos reservados Sociedade Ibérica de Prevenção de Riscos Profissionais  
Desenvolvido por Evolute - Consultoria Informática e 2/3 Design  
+
+ + diff --git a/trunk/siprp/pagina/doGetListaEmpresas.java b/trunk/siprp/pagina/doGetListaEmpresas.java new file mode 100644 index 00000000..aeb04cd5 --- /dev/null +++ b/trunk/siprp/pagina/doGetListaEmpresas.java @@ -0,0 +1,106 @@ +package siprp.pagina; + +import com.evolute.utils.arrays.*; +import com.evolute.utils.strings.*; +import java.io.*; +import java.util.*; +import java.sql.*; +import java.lang.reflect.Array; +import javax.servlet.*; +import javax.servlet.http.*; +import org.apache.velocity.*; +import org.apache.velocity.app.*; + +public class doGetListaEmpresas extends siprpServlet{ + + /** Creates a new instance of doGetListaEmpresas */ + public doGetListaEmpresas(HttpServletRequest req, HttpServletResponse res) + throws IOException + { + ServletOutputStream out = res.getOutputStream(); + Connection con = null ; + Statement stmt = null ; + ResultSet2DArray rs; + StringBuffer dbQuery; + String userRole="", temp=""; + HttpSession session = req.getSession(false); + Vector links = new Vector(); + Vector desc = new Vector(); + try + { + userRole = (String)session.getAttribute(super.sessionUserRole); + + if (userRole == null) + { + throw new IllegalStateException(); + } + + if ( userRole.equals ( super.superUserRole ) ) + { + Class.forName(super.bdDriver); + con = DriverManager.getConnection( bdUrl, bdUsername, bdPassword ); + dbQuery = new StringBuffer(); + dbQuery.append( "SELECT "+super.bdEmpresaIdRef+" , "+super.bdEmpresaNomeRef+" FROM empresas order by "+super.bdEmpresaNomeRef); + stmt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); + rs = new ResultSet2DArray( stmt.executeQuery( dbQuery.toString()) ); + + int index=0; + int max = rs.columnLength(); + + while ( index < max ) + { + temp=""+rs.get(index,0); // converter de int para String + dbQuery = new StringBuffer(); + dbQuery.append("/"+super.servletName+"/?"+temp); // contruir url + links.add(dbQuery.toString()); + desc.add((String)rs.get(index,1)); + ++index; + } + stmt.close(); + con.close(); + + +session.setAttribute( sessionEstabelecimentoId, null ); + +HashMap hmValues = new HashMap(); +hmValues.put( "empresa_nome", session.getAttribute( sessionCompanyName ) ); +hmValues.put( "empresa_id", session.getAttribute( sessionEmpresaId ) ); +hmValues.put( "estabelecimento_id", session.getAttribute( sessionEstabelecimentoId ) ); +hmValues.put( "userRole", userRole ); +hmValues.put( "userName", session.getAttribute( sessionUser ) ); +hmValues.put( msgTemplate , super.msgListaEmpresas ) ; +hmValues.put( templateUserRole, userRole); +hmValues.put( templateQuery, super.queryStringEmpresas ); +hmValues.put( templateVector1,links); +hmValues.put( templateVector2,desc); +hmValues.put( templateVector3,null); +out.println( mergeTemplate( hmValues, super.authenticatedUserTemplate)); + + + //out.println( mergeTemplate( super.msgListaEmpresas, userRole, super.queryStringEmpresas, links, desc, null, super.authenticatedUserTemplate) ); + + } + else + { + out.println( mergeTemplate( super.msgAcessoNegado , userRole, super.errorTemplate) ); + } + + } + catch ( IllegalStateException e ) // session timeout + { + e.printStackTrace(); + out.println( mergeTemplate(msgSessionTimeout, super.errorTemplate) ); + } + catch ( SQLException e ) + { + e.printStackTrace(); + out.println( mergeTemplate( super.msgErroBd , super.errorTemplate) ); + } + catch ( Exception e ) + { + e.printStackTrace(); + out.println( mergeTemplate( super.msgGenericError , userRole, super.errorTemplate) ); + } + } + +} diff --git a/trunk/siprp/pagina/doGetListaEstabelecimentos.java b/trunk/siprp/pagina/doGetListaEstabelecimentos.java new file mode 100644 index 00000000..f911cc23 --- /dev/null +++ b/trunk/siprp/pagina/doGetListaEstabelecimentos.java @@ -0,0 +1,104 @@ +package siprp.pagina; + +import com.evolute.utils.arrays.*; +import com.evolute.utils.strings.*; +import java.io.*; +import java.util.*; +import java.sql.*; +import java.lang.reflect.Array; +import javax.servlet.*; +import javax.servlet.http.*; +import org.apache.velocity.*; +import org.apache.velocity.app.*; + +public class doGetListaEstabelecimentos extends siprpServlet{ + + /** Creates a new instance of doGetListaEstabelecimentos */ + public doGetListaEstabelecimentos(HttpServletRequest req, HttpServletResponse res) + throws IOException + { + ServletOutputStream out = res.getOutputStream(); + Connection con = null ; + Statement stmt = null ; + ResultSet2DArray rs; + StringBuffer dbQuery, sBuffer; + String userRole, empresaId, temp; + HttpSession session = req.getSession(false); + Vector links = new Vector(); + Vector desc = new Vector(); + try + { + userRole = (String)session.getAttribute(super.sessionUserRole); + empresaId = (String)session.getAttribute(super.sessionEmpresaId); + + if ( userRole.equals ( super.superUserRole ) || userRole.equals ( empresaId ) ) + { + Class.forName(super.bdDriver); + con = DriverManager.getConnection( super.bdUrl, super.bdUsername, super.bdPassword ); + dbQuery = new StringBuffer(); + dbQuery.append( " SELECT "+super.bdEstIdRef+" , "+super.bdEstNomeRef+" FROM estabelecimentos WHERE empresa_id = '"+empresaId+"' order by "+super.bdEstNomeRef); + stmt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); + rs = new ResultSet2DArray( stmt.executeQuery( dbQuery.toString()) ); + + int index=0; + int max = rs.columnLength(); + + while ( index < max ) + { + temp=""+rs.get(index,0); // converter de int para String + dbQuery = new StringBuffer(); + dbQuery.append("/"+super.servletName+"/?"+empresaId+"/"+temp); // contruir url + links.add(dbQuery.toString()); + desc.add((String)rs.get(index,1)); + ++index; + } + sBuffer = new StringBuffer(); + sBuffer.append(""+super.nomeEmpresa(con,empresaId)+""); + +if( userRole.equals( "manager" ) ) +{ + session.setAttribute( sessionCompanyName, nomeEmpresa( con, ( String ) session.getAttribute( sessionEmpresaId ) ) ); +} +else +{ + session.setAttribute( sessionCompanyName, nomeEmpresa( con, userRole ) ); +} + +session.setAttribute( sessionEstabelecimentoId, null ); + +HashMap hmValues = new HashMap(); +hmValues.put( "empresa_nome", session.getAttribute( sessionCompanyName ) ); +hmValues.put( "empresa_id", session.getAttribute( sessionEmpresaId ) ); +hmValues.put( "estabelecimento_id", session.getAttribute( sessionEstabelecimentoId ) ); +hmValues.put( "userRole", userRole ); +hmValues.put( "userName", session.getAttribute( sessionUser ) ); +hmValues.put( msgTemplate , sBuffer.toString() ) ; +hmValues.put( templateUserRole, userRole); +hmValues.put( templateQuery, super.queryStringEstabelecimentos ); +hmValues.put( templateVector1,links); +hmValues.put( templateVector2,desc); +hmValues.put( templateVector3,null); +out.println( mergeTemplate( hmValues, super.authenticatedUserTemplate)); + +// out.println( mergeTemplate( sBuffer.toString(), userRole, super.queryStringEstabelecimentos, links, desc, null, super.authenticatedUserTemplate) ); + stmt.close(); + con.close(); + } + else + { + out.println( mergeTemplate( super.msgAcessoNegado , userRole, super.errorTemplate) ); + } + } + catch ( SQLException e ) + { + e.printStackTrace(); + out.println( mergeTemplate( super.msgErroBd , super.errorTemplate) ); + } + catch ( Exception e ) + { + e.printStackTrace(); + out.println( mergeTemplate( super.msgGenericError , super.errorTemplate) ); + } + } + +} diff --git a/trunk/siprp/pagina/doGetListaTrabalhadores.java b/trunk/siprp/pagina/doGetListaTrabalhadores.java new file mode 100644 index 00000000..6b429f7d --- /dev/null +++ b/trunk/siprp/pagina/doGetListaTrabalhadores.java @@ -0,0 +1,106 @@ +package siprp.pagina; + +import com.evolute.utils.arrays.*; +import com.evolute.utils.strings.*; +import java.io.*; +import java.util.*; +import java.sql.*; +import java.lang.reflect.Array; +import javax.servlet.*; +import javax.servlet.http.*; +import org.apache.velocity.*; +import org.apache.velocity.app.*; + +public class doGetListaTrabalhadores extends siprpServlet{ + + /** Creates a new instance of doGetListaTrabalhadores */ + public doGetListaTrabalhadores(HttpServletRequest req, HttpServletResponse res) + throws IOException + { + ServletOutputStream out = res.getOutputStream(); + Connection con = null ; + Statement stmt = null ; + ResultSet2DArray rs; + StringBuffer dbQuery, sBuffer; + String userRole, empresaId, estabelecimentoId, temp; + HttpSession session = req.getSession(false); + Vector links = new Vector(); + Vector desc = new Vector(); + Vector descAdicional = new Vector(); + try + { + userRole = (String)session.getAttribute(super.sessionUserRole); + empresaId = (String)session.getAttribute(super.sessionEmpresaId); + estabelecimentoId = (String)session.getAttribute(super.sessionEstabelecimentoId); + + if ( userRole.equals ( super.superUserRole ) || userRole.equals ( empresaId ) ) + { + Class.forName(super.bdDriver); + con = DriverManager.getConnection( super.bdUrl, super.bdUsername, super.bdPassword ); + if ( super.verificaEstabelecimento(con, empresaId, estabelecimentoId) ) // estabelecimento pertence à empresa ?? + { + //Class.forName(super.bdDriver); + //con = DriverManager.getConnection( super.bdUrl, super.bdUsername, super.bdPassword ); + dbQuery = new StringBuffer(); + dbQuery.append( " SELECT "+super.bdTrabIdRef+" , "+super.bdTrabNomeRef+" FROM trabalhadores WHERE estabelecimento_id = '"+estabelecimentoId+"' ORDER BY "+super.bdTrabNomeRef); + stmt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); + rs = new ResultSet2DArray( stmt.executeQuery( dbQuery.toString()) ); + + int index=0; + int max = rs.columnLength(); + + while ( index < max ) + { + temp=""+rs.get(index,0); // converter de int para String + dbQuery = new StringBuffer(); + dbQuery.append("/"+super.servletName+"/?"+empresaId+"/"+estabelecimentoId+"/"+temp); // contruir url + links.add(dbQuery.toString()); + desc.add((String)rs.get(index,1)); + ++index; + } + stmt.close(); + + sBuffer = new StringBuffer(); + sBuffer.append(""+super.nomeEmpresa(con,empresaId)+"

" + +super.nomeEstabelecimento(con, estabelecimentoId)+"" ); + +HashMap hmValues = new HashMap(); +hmValues.put( "empresa_nome", session.getAttribute( sessionCompanyName ) ); +hmValues.put( "empresa_id", session.getAttribute( sessionEmpresaId ) ); +hmValues.put( "estabelecimento_nome", super.nomeEstabelecimento( con, estabelecimentoId ) ); +hmValues.put( "estabelecimento_id", estabelecimentoId ); +hmValues.put( "userRole", userRole ); +hmValues.put( "userName", session.getAttribute( sessionUser ) ); +hmValues.put( msgTemplate , sBuffer.toString() ) ; +hmValues.put( templateUserRole, userRole); +hmValues.put( templateQuery, super.queryStringTrabalhadores ); +hmValues.put( templateVector1,links); +hmValues.put( templateVector2,desc); +hmValues.put( templateVector3,null); +out.println( mergeTemplate( hmValues, super.authenticatedUserTemplate)); +// out.println( mergeTemplate( sBuffer.toString(), userRole, super.queryStringTrabalhadores, links, desc, null, super.authenticatedUserTemplate) ); + } + else // est não pertence à empresa + { + out.println( mergeTemplate( super.msgLinkFormatError , userRole, super.errorTemplate) ); + } + con.close(); + } + else // Role não permite ver esta informação + { + out.println( mergeTemplate( super.msgAcessoNegado , userRole, super.errorTemplate) ); + } + } + catch ( SQLException e ) + { + e.printStackTrace(); + out.println( mergeTemplate( super.msgErroBd , super.errorTemplate) ); + } + catch ( Exception e ) + { + e.printStackTrace(); + out.println( mergeTemplate( super.msgGenericError , super.errorTemplate) ); + } + } + +} diff --git a/trunk/siprp/pagina/doGetTrabalhador.java b/trunk/siprp/pagina/doGetTrabalhador.java new file mode 100644 index 00000000..fb871ea5 --- /dev/null +++ b/trunk/siprp/pagina/doGetTrabalhador.java @@ -0,0 +1,126 @@ +package siprp.pagina; + +import com.evolute.utils.arrays.*; +import com.evolute.utils.strings.*; +import java.io.*; +import java.util.*; +import java.sql.*; +import java.lang.reflect.Array; +import javax.servlet.*; +import javax.servlet.http.*; +import org.apache.velocity.*; +import org.apache.velocity.app.*; + +public class doGetTrabalhador extends siprpServlet +{ + + /** Creates a new instance of doGetTrabalhador */ + public doGetTrabalhador(HttpServletRequest req, HttpServletResponse res) + throws IOException + { + ServletOutputStream out = res.getOutputStream(); + Connection con = null ; + Statement stmt = null ; + ResultSet2DArray rs; + StringBuffer dbQuery, sBuffer; + String userRole, empresaId, estabelecimentoId, trabalhadorId, temp; + HttpSession session = req.getSession(false); + Vector names = new Vector(); + Vector values = new Vector(); + + try + { + userRole = (String)session.getAttribute(super.sessionUserRole); + empresaId = (String)session.getAttribute(super.sessionEmpresaId); + estabelecimentoId = (String)session.getAttribute(super.sessionEstabelecimentoId); + trabalhadorId = (String)session.getAttribute(super.sessionTrabalhadorId); + + Class.forName(super.bdDriver); + con = DriverManager.getConnection( super.bdUrl, super.bdUsername, super.bdPassword ); + + if ( ( userRole.equals ( super.superUserRole ) || userRole.equals ( empresaId ) ) + && super.verificaEstabelecimento(con, empresaId, estabelecimentoId) + && super.verificaTrabalhador(con, estabelecimentoId, trabalhadorId) ) + { + + dbQuery = new StringBuffer(); + dbQuery.append( " SELECT * FROM trabalhadores where id='"+trabalhadorId+"'"); + stmt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); + rs = new ResultSet2DArray( stmt.executeQuery( dbQuery.toString()) ); + int index=0; + int max = super.trabalhadorDescFields.length; + + while ( index < max ) + { + dbQuery = new StringBuffer(); + dbQuery.append( " SELECT "+super.trabalhadorDescFields[index][1]+" FROM trabalhadores where id='"+trabalhadorId+"'"); + stmt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); + rs = new ResultSet2DArray( stmt.executeQuery( dbQuery.toString()) ); + names.add(trabalhadorDescFields[index][0]); + + if (rs.get(0,0) == null ) + { + values.add(super.bdNullString); + } + else + { +// values.add(rs.get(0,0).toString()); + temp=rs.get(0,0).toString(); + + if ( temp.equals("n") ) + { + temp="n\u00E3o"; + } + else if ( temp.equals("y") ) + { + temp="sim"; + } + values.add(temp); } + + ++index; + + } + stmt.close(); + + sBuffer = new StringBuffer(); + sBuffer.append(""+super.nomeEmpresa(con,empresaId)+"

" + +super.nomeEstabelecimento(con, estabelecimentoId)+"" ); + +HashMap hmValues = new HashMap(); +hmValues.put( "empresa_nome", session.getAttribute( sessionCompanyName ) ); +hmValues.put( "empresa_id", session.getAttribute( sessionEmpresaId ) ); +hmValues.put( "estabelecimento_nome", super.nomeEstabelecimento( con, estabelecimentoId ) ); +hmValues.put( "estabelecimento_id", estabelecimentoId ); +hmValues.put( "userRole", userRole ); +hmValues.put( "userName", session.getAttribute( sessionUser ) ); +hmValues.put( msgTemplate , sBuffer.toString() ) ; +hmValues.put( templateUserRole, userRole); +hmValues.put( templateQuery, super.queryStringTrabalhador ); +hmValues.put( templateVector1,names); +hmValues.put( templateVector2,values); +hmValues.put( templateVector3,null); +out.println( mergeTemplate( hmValues, super.authenticatedUserTemplate)); + +// out.println( mergeTemplate( sBuffer.toString(), userRole, super.queryStringTrabalhador, names, values, null, super.authenticatedUserTemplate) ); + + } + else + { + out.println( mergeTemplate( super.msgLinkFormatError , userRole, super.errorTemplate) ); + } + con.close(); + } + catch ( SQLException e ) + { + e.printStackTrace(); + out.println( mergeTemplate( super.msgErroBd , super.errorTemplate) ); + } + catch ( Exception e ) + { + e.printStackTrace(); + out.println( mergeTemplate( super.msgGenericError , super.errorTemplate) ); + } + + } + +} diff --git a/trunk/siprp/pagina/doPostLogin.java b/trunk/siprp/pagina/doPostLogin.java new file mode 100644 index 00000000..5bb3b55a --- /dev/null +++ b/trunk/siprp/pagina/doPostLogin.java @@ -0,0 +1,119 @@ +package siprp.pagina; + +import com.evolute.utils.arrays.*; +import com.evolute.utils.strings.*; +import java.io.*; +import java.util.*; +import java.sql.*; +import java.lang.reflect.Array; +import javax.servlet.*; +import javax.servlet.http.*; +import org.apache.velocity.*; +import org.apache.velocity.app.*; + +public class doPostLogin extends siprpServlet +{ + + /** Creates a new instance of doPostLogin */ + public doPostLogin(HttpServletRequest req, HttpServletResponse res) + throws IOException + { + ServletOutputStream out = res.getOutputStream(); + StringBuffer dbQuery; + ResultSet2DArray rs; + Connection con = null ; + Statement stmt = null ; + String user, userRole, password; + + try + { + user = req.getParameter("user"); + password = req.getParameter("password"); + + if (user.equals("")) + { + out.println( mergeTemplate( msgErroNoUser, errorTemplate) ); + } + else + { + Class.forName(bdDriver); + con = DriverManager.getConnection( bdUrl, bdUsername, bdPassword ); + dbQuery = new StringBuffer(); + dbQuery.append( "SELECT password FROM users WHERE username = '"+user+"'"); + + stmt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); + rs = new ResultSet2DArray( stmt.executeQuery( dbQuery.toString()) ); + + + if ( password.equals((String)rs.get(0,0))) + { + // Obter Role + + dbQuery = new StringBuffer(); + dbQuery.append( "SELECT role FROM roles WHERE username = '"+user+"'"); + stmt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); + + rs = new ResultSet2DArray( stmt.executeQuery( dbQuery.toString()) ); + userRole = (String)rs.get(0,0); + + // UPDATE HTTP SESSION + HttpSession session = req.getSession(true); + session.setMaxInactiveInterval(sessionTimeout); + + session.setAttribute(sessionUser, user); + session.setAttribute(sessionUserRole, userRole); + session.setAttribute(sessionPassword, password); + +HashMap hmValues = new HashMap(); +session.setAttribute( sessionEmpresaId, userRole ); +if( userRole.equals( "manager" ) ) +{ + session.setAttribute( sessionCompanyName, nomeEmpresa( con, "" + session.getAttribute( sessionEmpresaId ) ) ); + session.setAttribute( sessionEstabelecimentoId, null ); +hmValues.put( templateQuery, super.queryStringEmpresas ); +} +else +{ + session.setAttribute( sessionCompanyName, nomeEmpresa( con, userRole ) ); + session.setAttribute( sessionEstabelecimentoId, "-1" ); +hmValues.put( templateQuery, super.queryStringEstabelecimentos ); +} + + + stmt.close(); + con.close(); + +hmValues.put( "empresa_nome", session.getAttribute( sessionCompanyName ) ); +hmValues.put( "empresa_id", session.getAttribute( sessionEmpresaId ) ); +hmValues.put( "estabelecimento_id", session.getAttribute( sessionEstabelecimentoId ) ); +hmValues.put( "userRole", userRole ); +hmValues.put( "userName", user ); +out.println( mergeTemplate( hmValues, super.authenticatedUserTemplate)); + + //out.println( mergeTemplate( user, userRole, super.authenticatedUserTemplate)); + } + else + { + out.println( mergeTemplate( msgErroAuthFail, super.errorTemplate) ); + } + } + + } + catch ( SQLException e ) + { + e.printStackTrace(); + out.println( mergeTemplate( msgErroBd , super.errorTemplate) ); + } + catch ( IllegalStateException e ) // session timeout + { + e.printStackTrace(); + out.println( mergeTemplate(msgSessionTimeout, super.errorTemplate) ); + } + catch ( Exception e ) + { + e.printStackTrace(); + out.println( mergeTemplate( msgGenericError , super.errorTemplate) ); + } + } + +} diff --git a/trunk/siprp/pagina/siprpServlet.java b/trunk/siprp/pagina/siprpServlet.java new file mode 100644 index 00000000..69820d51 --- /dev/null +++ b/trunk/siprp/pagina/siprpServlet.java @@ -0,0 +1,505 @@ +package siprp.pagina; + +import com.evolute.utils.arrays.*; +import com.evolute.utils.strings.*; +import java.io.*; +import java.util.*; +import java.sql.*; +import java.lang.reflect.Array; +import javax.servlet.*; +import javax.servlet.http.*; +import org.apache.velocity.*; +import org.apache.velocity.app.*; + +public class siprpServlet extends HttpServlet +{ + // MSG + public static final String msgErroNoUser = "Tem de especificar um utilizador"; + public static final String msgErroAuthFail = "Utilizador inexistente e/ou Password errada"; + public static final String msgErroBd = "Erro na liga\u00E7\u00E3o \u00E0 base de dados"; + public static final String msgGenericError = "Erro"; + public static final String msgListaEmpresas = "Empresas"; + public static final String msgAcessoNegado = "Acesso Negado"; + public static final String msgLinkFormatError ="URL inv\u00E1lido"; + public static final String msgLogin = "Login"; + public static final String msgNovaPasswordErrada="Erro ao criar a nova password, nova password inv\u00E1lida"; + public static final String msgButtonNotSuported = "funcionalidade ainda n\u00E3o suportada" ; + public static final String msgSessionTimeout = "Sess\u00E3o expirou, por favor fa\u00E7a login de novo"; + + // Templates - Nomes e valores + //public static final String loginTemplate = "login.html"; + +public static final String indexTemplate = "index.html"; +public static final String authenticatedUserTemplate = "user.html"; +public static final String errorTemplate = "error.html"; + + public static final String mainTemplate = "main.html"; + //public static final String criticalErrorTemplate = "critical.html"; + public static final String templateVector1 ="v1"; + public static final String templateVector2 ="v2"; + public static final String templateVector3 ="v3"; + public static final String templateUserRole ="userRole"; + public static final String msgTemplate ="msg"; + public static final String templateQuery ="query"; + public static final String buttonPressedTemplate ="buttonPressed"; + + // Query Strings , usadas para na template do velocity saber o que mostar + public static final String queryStringEmpresas = "empresas"; + public static final String queryStringEstabelecimentos="estabelecimentos"; + public static final String queryStringTrabalhadores ="trabalhadores"; + public static final String queryStringTrabalhador ="trabalhador"; + + //Botoes, saber qual o botao escholido, campo value dos forms + public static final String botaoLogin = "Entrar"; + public static final String botaoMarcarProximoExame = "Marcar Exame"; + + // Var da Session + public static final String sessionUser="user"; + public static final String sessionUserRole="userRole"; + public static final String sessionPassword="password"; + public static final String sessionEmpresaId="empresaId"; + public static final String sessionEstabelecimentoId="estabelecimentoId"; + public static final String sessionTrabalhadorId="trabalhadorId"; + public static final String sessionCompanyName = "sessionCompanyName"; + public static final int sessionTimeout =300; // segundos + + public static final String servletName="siprpServlet"; + public static final String superUserRole="manager"; + + // BD + public static final String bdHost = "127.0.0.1"; + public static final String bdPort = "5436"; + public static final String bdUsername = "siprp"; + public static final String bdPassword = ""; + public static final String bdDriver = "org.postgresql.Driver"; + public static final String bdUrl = "jdbc:postgresql://" + bdHost + ":" + bdPort + "/siprp"; + + public static final String bdEmpresaIdRef = "id"; // campo que contem id da empresa + public static final String bdEmpresaNomeRef = "designacao_social"; // campo que contem nome da empresa + public static final String bdEstIdRef = "id"; // campo que contem nome do estabelecimento + public static final String bdEstNomeRef = "nome"; // campo que contem nome do estabelecimento + public static final String bdTrabIdRef = "id"; // campo que contem id do trabalhador + public static final String bdTrabNomeRef = "nome"; // campo que contem nome do trabalhador + public static final String bdNullString = ""; // String a mostrar quando o campo lido da BD é null + + + // Arrays + public static final String[][] trabalhadorDescFields = new String [][] + { // nome que o user ve, nome do campo na tabela + {"Nome", "nome"}, + {"Nº", "numero_mecanografico",}, + {"\u00DAltimo Exame", "ultimo_exame"}, + {"Realizado", "realizado"}, + {"Pr\u00F3ximo Exame", "proximo_exame"}, + {"\u00DAltima Consulta", "ultima_consulta"}, + {"Realizada", "realizada"}, + {"Pr\u00F3xima Consulta", "proxima_consulta"} + }; + + public void init() + { + + try { + + String TEMPLATE_DIR = this.getServletContext().getRealPath( "/" ) + "html/"; + Properties props = new Properties(); + props.setProperty( "file.resource.loader.path", TEMPLATE_DIR ); + Velocity.init( props ); + Class.forName(bdDriver); + } + catch( Exception e ) + { + e.printStackTrace(); + } + } + + public void doGet( HttpServletRequest req, HttpServletResponse res ) + throws IOException + { + String queryString = req.getQueryString(); + String backUri = req.getRequestURI(); + ServletOutputStream out = res.getOutputStream(); + res.setContentType( "text/html" ); + try + { + HttpSession session = req.getSession(true); + session.setMaxInactiveInterval(sessionTimeout); + + if ( queryString == null ) // Reload, 1º vez, etc ... + { + session.invalidate(); + out.println( mergeTemplate ( msgLogin, indexTemplate ) ) ; + } + else if ( session.isNew() ) // session timeout + { + session.invalidate(); + throw new IllegalStateException(); + } + else if ( queryString.equals(queryStringEmpresas) ) // Listar Empresas + { + new doGetListaEmpresas(req,res); + } + else // interpretar query string + { + String empresa = null, estabelecimento=null, trabalhador=null; + int checkInt; + + StringTokenizer sToken = new StringTokenizer(queryString,"/") ; + empresa = sToken.nextToken(); // empresa ID + checkInt = Integer.parseInt(empresa); // check int, NumberFormatException + + if (sToken.hasMoreElements()) + { + estabelecimento = sToken.nextToken(); // estabelecimento ID + checkInt = Integer.parseInt(estabelecimento); // check int, NumberFormatException + if (sToken.hasMoreElements()) + { + trabalhador = sToken.nextToken(); // trabalhador ID + checkInt = Integer.parseInt(trabalhador); // check int, NumberFormatException + } + } + + if ( estabelecimento == null ) // empresa query + { + session.setAttribute(sessionEmpresaId, empresa); // update HTTP Session + + new doGetListaEstabelecimentos(req,res); + + //out.println( mergeTemplate ( empresa, loginTemplate ) ) ; + } + else if ( trabalhador == null ) // estabelecimento query + { + session.setAttribute(sessionEmpresaId, empresa); // update HTTP Session + session.setAttribute(sessionEstabelecimentoId, estabelecimento); + + new doGetListaTrabalhadores(req,res); + + //out.println( mergeTemplate ( " chama oGetListaTrabalhadores", loginTemplate ) ) ; + } + else // trabalhador query + { + session.setAttribute(sessionEmpresaId, empresa); // update HTTP Session + session.setAttribute(sessionEstabelecimentoId, estabelecimento); + session.setAttribute(sessionTrabalhadorId, trabalhador); + + new doGetTrabalhador(req,res); + + //out.println( mergeTemplate ( trabalhador, loginTemplate ) ) ; + } + } + } + catch ( NumberFormatException e ) // argumentos invalidos + { + e.printStackTrace(); + out.println( mergeTemplate( msgLinkFormatError, backUri, errorTemplate) ); + } + catch ( IllegalStateException e ) // session timeout + { + e.printStackTrace(); + out.println( mergeTemplate(msgSessionTimeout, errorTemplate) ); + } + catch ( Exception e ) + { + e.printStackTrace(); + out.println( mergeTemplate( msgGenericError , backUri, errorTemplate ) ); + } + } + + public void doPost(HttpServletRequest req, HttpServletResponse res) + throws IOException + { + ServletOutputStream out = res.getOutputStream(); + //StringBuffer dbQuery; + //ResultSet2DArray rs; + //Connection con = null ; + //Statement stmt = null ; + //String user, userRole, password; + String buttonPressed = req.getParameter("form"); + + try + { + if ( buttonPressed.equals(botaoLogin)) + { + new doPostLogin(req,res); + } + else + { + out.println( mergeTemplate( msgButtonNotSuported, errorTemplate) ); + } + } + /*catch ( SQLException e ) + { + e.printStackTrace(); + out.println( mergeTemplate( msgErroBd , criticalErrorTemplate) ); + }*/ + catch ( IllegalStateException e ) // session timeout + { + e.printStackTrace(); + out.println( mergeTemplate(msgSessionTimeout, errorTemplate) ); + } + catch ( Exception e ) + { + e.printStackTrace(); + out.println( mergeTemplate( msgGenericError , errorTemplate) ); + } + } + + + public String mergeTemplate( HashMap values, String template ) + { + VelocityContext context = new VelocityContext(); + StringWriter output = new StringWriter(); + + try + { + for( Iterator i = values.keySet().iterator(); i.hasNext(); ) + { + String key = ( String ) i.next(); + context.put ( key, values.get( key ) ) ; + } + + Velocity.mergeTemplate(template, Velocity.ENCODING_DEFAULT, context, output ); + return output.toString(); + } + catch( Exception e ) + { + e.printStackTrace(); + } + return null; + } + + + + public String mergeTemplate (String msg, String template ) // #1 + { + + VelocityContext context = new VelocityContext(); + StringWriter output = new StringWriter(); + + try + { + context.put ( msgTemplate , msg ) ; + Velocity.mergeTemplate(template, Velocity.ENCODING_DEFAULT, context, output ); + return output.toString(); + } + catch( Exception e ) + { + e.printStackTrace(); + } + return null; + } + + public String mergeTemplate (String msg, String userRole, String template ) // #1 + { + + VelocityContext context = new VelocityContext(); + StringWriter output = new StringWriter(); + + try + { + context.put ( msgTemplate , msg ) ; + context.put ( templateUserRole, userRole); + Velocity.mergeTemplate(template, Velocity.ENCODING_DEFAULT, context, output ); + return output.toString(); + } + catch( Exception e ) + { + e.printStackTrace(); + } + return null; + } + + public String mergeTemplate ( String msg, String userRole, String querySelected, Vector vector1, Vector vector2, Vector vector3, String template ) // #2 + { + + VelocityContext context = new VelocityContext(); + StringWriter output = new StringWriter(); + + try + { + context.put ( msgTemplate , msg ) ; + context.put ( templateUserRole, userRole); + context.put ( templateQuery, querySelected ); + context.put ( templateVector1,vector1); + context.put ( templateVector2,vector2); + context.put ( templateVector3,vector3); + Velocity.mergeTemplate(template, Velocity.ENCODING_DEFAULT, context, output ); + return output.toString(); + } + catch( Exception e ) + { + e.printStackTrace(); + } + return null; + } + + public void destroy() + { + } + + public void handleSessionTimeout(HttpServletResponse res, String template) + throws IOException + { + ServletOutputStream out = res.getOutputStream(); + try + { + out.println( mergeTemplate( msgSessionTimeout, template) ); + } + catch ( Exception e ) + { + e.printStackTrace(); + + } + } + + public boolean verificaEstabelecimento(Connection con, java.lang.String empresaId, java.lang.String estabelecimentoId) + // verifica se o establecimento pertence à empresa + { + //Connection con = null ; + Statement stmt = null ; + ResultSet2DArray rs; + StringBuffer dbQuery; + try + { + //con = DriverManager.getConnection( bdUrl, bdUsername, bdPassword ); + dbQuery = new StringBuffer(); + dbQuery.append( "SELECT empresa_id FROM estabelecimentos where id='"+estabelecimentoId+"'"); + stmt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); + rs = new ResultSet2DArray( stmt.executeQuery( dbQuery.toString()) ); + String temp=""+rs.get(0,0); // converter de int para String + stmt.close(); + if ( empresaId.equals(temp) ) // estabelecimento pertence à empresa + { + return true; + } + else + { + return false; + } + } + catch ( Exception e ) + { + e.printStackTrace(); + } + return false; + } + + public boolean verificaTrabalhador(Connection con, java.lang.String estabelecimentoId, java.lang.String trabalhadorId) + // verifica se o trabalhador pertence ao estabelecimento + { + //Connection con = null ; + Statement stmt = null ; + ResultSet2DArray rs; + StringBuffer dbQuery; + try + { + //con = DriverManager.getConnection( bdUrl, bdUsername, bdPassword ); + dbQuery = new StringBuffer(); + dbQuery.append( "SELECT estabelecimento_id FROM trabalhadores where id='"+trabalhadorId+"'"); + stmt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); + rs = new ResultSet2DArray( stmt.executeQuery( dbQuery.toString()) ); + String temp=""+rs.get(0,0); // converter de int para String + stmt.close(); + if ( estabelecimentoId.equals(temp) ) // estabelecimento pertence à empresa + { + return true; + } + else + { + return false; + } + } + catch ( Exception e ) + { + e.printStackTrace(); + } + return false; + } + + public void closeSqlCon(Connection con) + { + try + { + if (con != null ) con.close(); + } + catch ( Exception e ) + { + e.printStackTrace(); + } + + } + + public String nomeEmpresa(Connection con, String empresaId) + { + Statement stmt = null ; + ResultSet2DArray rs; + StringBuffer dbQuery; + String returnString; + + try + { + dbQuery = new StringBuffer(); + dbQuery.append( "SELECT "+bdEmpresaNomeRef+" FROM empresas WHERE "+bdEmpresaIdRef+" ='"+empresaId+"'"); + stmt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); + rs = new ResultSet2DArray( stmt.executeQuery( dbQuery.toString()) ); + returnString = (String)rs.get(0,0); + stmt.close(); + return returnString; + } + catch ( Exception e ) + { + e.printStackTrace(); + } + return null; + } + + public String nomeEstabelecimento(Connection con, java.lang.String estabelecimentoId) + { + Statement stmt = null ; + ResultSet2DArray rs; + StringBuffer dbQuery; + String returnString; + + try + { + dbQuery = new StringBuffer(); + dbQuery.append( "SELECT "+bdEstNomeRef+" FROM estabelecimentos WHERE "+bdEstIdRef+" ='"+estabelecimentoId+"'"); + stmt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); + rs = new ResultSet2DArray( stmt.executeQuery( dbQuery.toString()) ); + returnString = (String)rs.get(0,0); + stmt.close(); + return returnString; + } + catch ( Exception e ) + { + e.printStackTrace(); + } + return null; + } + + public String nomeTrabalhador(Connection con, java.lang.String trabalhadorId) + { + Statement stmt = null ; + ResultSet2DArray rs; + StringBuffer dbQuery; + String returnString; + + try + { + dbQuery = new StringBuffer(); + dbQuery.append( "SELECT "+bdTrabNomeRef+" FROM trabalhadores where id='"+trabalhadorId+"'"); + stmt = con.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); + rs = new ResultSet2DArray( stmt.executeQuery( dbQuery.toString()) ); + returnString = (String)rs.get(0,0); + stmt.close(); + return returnString; + } + catch ( Exception e ) + { + e.printStackTrace(); + } + return null; + } + +} +