|
|
What this is
This file is included in the DevDaily.com
"Java Source Code
Warehouse" project. The intent of this project is to help you "Learn
Java by Example" TM.
Other links
The source code
/*
* $Header: /cvsroot/mvnforum/mvnforum/src/com/mvnforum/user/MemberWebHandler.java,v 1.71 2005/01/28 19:40:52 minhnn Exp $
* $Author: minhnn $
* $Revision: 1.71 $
* $Date: 2005/01/28 19:40:52 $
*
* ====================================================================
*
* Copyright (C) 2002-2005 by MyVietnam.net
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or any later version.
*
* All copyright notices regarding mvnForum MUST remain intact
* in the scripts and in the outputted HTML.
* The "powered by" text/logo with a link back to
* http://www.mvnForum.com and http://www.MyVietnam.net in the
* footer of the pages MUST remain visible when the pages
* are viewed on the internet or intranet.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
* Support can be obtained from support forums at:
* http://www.mvnForum.com/mvnforum/index
*
* Correspondence and Marketing Questions can be sent to:
* info@MyVietnam.net
*
* @author: Minh Nguyen minhnn@MyVietnam.net
* @author: Mai Nguyen mai.nh@MyVietnam.net
*/
package com.mvnforum.user;
import java.io.*;
import java.sql.Date;
import java.sql.Timestamp;
import java.util.*;
import javax.mail.MessagingException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.mvnforum.*;
import com.mvnforum.auth.*;
import com.mvnforum.common.SendMailUtil;
import com.mvnforum.db.*;
import com.mvnforum.search.member.MemberIndexer;
import freemarker.template.*;
import net.myvietnam.mvncore.exception.*;
import net.myvietnam.mvncore.fileupload.*;
import net.myvietnam.mvncore.filter.DisableHtmlTagFilter;
import net.myvietnam.mvncore.interceptor.InterceptorService;
import net.myvietnam.mvncore.security.*;
import net.myvietnam.mvncore.util.*;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
class MemberWebHandler {
private static Log log = LogFactory.getLog(MemberWebHandler.class);
private OnlineUserManager onlineUserManager = OnlineUserManager.getInstance();
MemberWebHandler() {
}
void prepareAdd(HttpServletRequest request)
throws AssertionException, DatabaseException, AuthenticationException {
Locale locale = I18nUtil.getLocaleInRequest(request);
if (MVNForumConfig.getEnableNewMember() == false) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.AssertionException.cannot_register.new_member_is_disabled");
throw new AssertionException(localizedMessage);
//throw new AssertionException("Cannot register new member because NEW_MEMBER feature is disabled by administrator.");
}
OnlineUser onlineUser = onlineUserManager.getOnlineUser(request);
if (MVNForumConfig.getEnableCaptcha()) {
onlineUser.buildNewCaptcha();
}
}
void processAdd(HttpServletRequest request, HttpServletResponse response)
throws BadInputException, ObjectNotFoundException, CreateException, DatabaseException, InterceptorException,
DuplicateKeyException, ForeignKeyNotFoundException, AssertionException, FloodException, AssertionException,
DatabaseException, AuthenticationException {
Locale locale = I18nUtil.getLocaleInRequest(request);
if (MVNForumConfig.getEnableNewMember() == false) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.AssertionException.cannot_register.new_member_is_disabled");
throw new AssertionException(localizedMessage);
//throw new AssertionException("Cannot register new member because NEW_MEMBER feature is disabled by administrator.");
}
// use for the captcha feature
OnlineUser onlineUser = onlineUserManager.getOnlineUser(request);
MyUtil.saveVNTyperMode(request, response);
String currentIP = request.getRemoteAddr();
try {
FloodControl.ensureNotReachMaximum(MVNForumGlobal.FLOOD_ID_NEW_MEMBER, currentIP);
} catch (FloodException fe) {
//throw new FloodException("You have reached the maximum number of the registering actions for this page. Please try this page later. This is to prevent forum from being flooded.");
Integer maxRegisters = new Integer(FloodControl.getActionsPerHour(MVNForumGlobal.FLOOD_ID_NEW_MEMBER));
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.FloodException.register_too_many_times", new Object[] { maxRegisters });
throw new FloodException(localizedMessage);
}
Timestamp now = DateUtil.getCurrentGMTTimestamp();
String memberName = ParamUtil.getParameterSafe(request, "MemberName", true);// check good name
/** @todo move to a name filter */
if ( memberName.equalsIgnoreCase(MVNForumConfig.getDefaultGuestName()) ||
memberName.equalsIgnoreCase("Guest") ||
memberName.equalsIgnoreCase("Administrator") ||
memberName.equalsIgnoreCase("Moderator") ) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.cannot_register_with_reserved_name", new Object[] {memberName});
throw new BadInputException(localizedMessage);
//throw new BadInputException("Cannot register member with a reserved name : " + memberName);
}
StringUtil.checkGoodName(memberName);
InterceptorService.getInstance().validateLoginID(memberName);
if (memberName.length() > MVNForumGlobal.MAX_MEMBER_LOGIN_LENGTH) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.member_name_too_long");
throw new BadInputException(localizedMessage);
//throw new BadInputException("MemberName cannot be longer than 30 characters.");
}
String memberPassword1 = ParamUtil.getParameterPassword(request, "MemberMatkhau", 3, 0);
String memberPassword2 = ParamUtil.getParameterPassword(request, "MemberMatkhauConfirm", 3, 0);
if (!memberPassword1.equals(memberPassword2)) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.confirmed_password_is_not_match");
throw new BadInputException(localizedMessage);
//throw new BadInputException("Password and confirmed password are not the same, please try again.");
}
String memberPassword = Encoder.getMD5_Base64(memberPassword1);
String memberEmail = ParamUtil.getParameterEmail(request, "MemberEmail");
String memberEmailConfirm = ParamUtil.getParameterEmail(request, "MemberEmailConfirm");
if (!memberEmail.equals(memberEmailConfirm)) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.confirmed_email_is_not_match");
throw new BadInputException(localizedMessage);
//throw new BadInputException("Email and confirmed email are not the same, please try again.");
}
String memberFirstEmail = memberEmail;
if (memberEmail.length() > MVNForumGlobal.MAX_MEMBER_EMAIL_LENGTH) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.member_email_too_long");
throw new BadInputException(localizedMessage);
//throw new BadInputException("MemberEmail cannot be longer than 60 characters.");
}
InterceptorService.getInstance().validateMail(memberFirstEmail);
int memberEmailVisible = ParamUtil.getParameterBoolean(request, "MemberEmailVisible")? MemberBean.MEMBER_EMAIL_VISIBLE : MemberBean.MEMBER_EMAIL_INVISIBLE;
int memberNameVisible = ParamUtil.getParameterBoolean(request, "MemberNameVisible") ? MemberBean.MEMBER_NAME_VISIBLE : MemberBean.MEMBER_NAME_INVISIBLE;
String memberFirstIP = currentIP;
String memberLastIP = currentIP;
Timestamp memberCreationDate= now;
Timestamp memberModifiedDate= now;
Timestamp memberLastLogon = now;// @todo review and support it later
int memberOption = 0;//@todo review and support it later
int memberStatus = 0;// @todo review and support it later, ex: should it be active or not?
String memberActivateCode = "";// not activated
int memberMessageOption = 0;// @todo review and support it later
int memberPostsPerPage = ParamUtil.getParameterInt(request, "MemberPostsPerPage", 10);
if (memberPostsPerPage < 5) {
memberPostsPerPage = 5;
}
String memberTitle = "";
int memberTimeZone = ParamUtil.getParameterTimeZone(request, "MemberTimeZone");
String memberSkin = "";
String memberLanguage = ParamUtil.getParameterSafe(request, "MemberLanguage", false);
String memberFirstname = ParamUtil.getParameterSafe(request, "MemberFirstname", true);
String memberLastname = ParamUtil.getParameterSafe(request, "MemberLastname", true);
int memberGender = ParamUtil.getParameterBoolean(request, "MemberGender") ? 1 : 0;
//Date memberBirthday = ParamUtil.getParameterDate(request, "MemberBirthday");
Date memberBirthday = ParamUtil.getParameterDate(request, "day", "month", "year");
/** @todo : rewrite this code */
/*
long nowtime = System.currentTimeMillis();
long oldest = nowtime - 100*DateUtil.YEAR;
long youngest = nowtime - 10*DateUtil.YEAR;
long age = (nowtime - memberBirthday.getTime())/DateUtil.YEAR;
if (memberBirthday.getTime() > youngest || memberBirthday.getTime() < oldest) {
log.debug("age = " + age + " date = " + memberBirthday + " gettime = " + memberBirthday.getTime());
throw new BadInputException("Your age is not allow: " + age);
}*/
String memberAddress = ParamUtil.getParameterSafe(request, "MemberAddress", false);
String memberCity = ParamUtil.getParameterSafe(request, "MemberCity", false);
String memberState = ParamUtil.getParameterSafe(request, "MemberState", false);
String memberCountry = ParamUtil.getParameterSafe(request, "MemberCountry", false);
String memberPhone = ParamUtil.getParameterSafe(request, "MemberPhone", false);
String memberMobile = ParamUtil.getParameterSafe(request, "MemberMobile", false);
String memberFax = ParamUtil.getParameterSafe(request, "MemberFax", false);
String memberCareer = ParamUtil.getParameterSafe(request, "MemberCareer", false);
String memberHomepage = ParamUtil.getParameterUrl(request, "MemberHomepage");
String memberYahoo = ParamUtil.getParameterSafe(request, "MemberYahoo", false);
String memberAol = ParamUtil.getParameterSafe(request, "MemberAol", false);
String memberIcq = ParamUtil.getParameterSafe(request, "MemberIcq", false);
String memberMsn = ParamUtil.getParameterSafe(request, "MemberMsn", false);
String memberCoolLink1 = ParamUtil.getParameterUrl(request, "MemberCoolLink1");
String memberCoolLink2 = ParamUtil.getParameterUrl(request, "MemberCoolLink2");
// Now check the captcha
if (MVNForumConfig.getEnableCaptcha()) {
String captchaResponse = ParamUtil.getParameterSafe(request, "CaptchaResponse", false);
onlineUser.ensureCorrectCaptchaResponse(captchaResponse);
}
Timestamp memberExpireDate = memberCreationDate;// equal Creation Date mean no expiration
if (MVNForumConfig.getEnableCompany()) {
memberExpireDate = DateUtil.getCurrentGMTTimestampExpiredDay(MVNForumConfig.getExpireDateTutor());
}
DAOFactory.getMemberDAO().create(memberName, memberPassword, memberFirstEmail,
memberEmail, memberEmailVisible, memberNameVisible,
memberFirstIP, memberLastIP, 0/*memberViewCount*/,
0/*memberPostCount*/, memberCreationDate, memberModifiedDate, memberExpireDate,
memberLastLogon, memberOption, memberStatus,
memberActivateCode, ""/*memberTempPassword*/, 0/*memberMessageCount*/,
memberMessageOption, memberPostsPerPage, 0/*memberWarnCount*/,
0/*memberVoteCount*/, 0/*memberVoteTotalStars*/, 0/*memberRewardPoints*/,
memberTitle, memberTimeZone, ""/*memberSignature*/,
""/*memberAvatar*/, memberSkin, memberLanguage,
memberFirstname, memberLastname, memberGender,
memberBirthday, memberAddress, memberCity,
memberState, memberCountry, memberPhone,
memberMobile, memberFax, memberCareer,
memberHomepage, memberYahoo, memberAol,
memberIcq, memberMsn, memberCoolLink1,
memberCoolLink2);
// Now, create 4 default folders for each member
int memberID = 0;
try {
memberID = DAOFactory.getMemberDAO().getMemberIDFromMemberName(memberName);
} catch (ObjectNotFoundException e) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.membername_not_exists", new Object[] {memberName});
throw new ObjectNotFoundException(localizedMessage);
}
int folderStatus = 0;
int folderOption = 0;
int folderType = 0;
DAOFactory.getMessageFolderDAO().create(MVNForumConstant.MESSAGE_FOLDER_INBOX, memberID, 0/*order*/, folderStatus, folderOption, folderType, now, now);
DAOFactory.getMessageFolderDAO().create(MVNForumConstant.MESSAGE_FOLDER_DRAFT, memberID, 1/*order*/, folderStatus, folderOption, folderType, now, now);
DAOFactory.getMessageFolderDAO().create(MVNForumConstant.MESSAGE_FOLDER_SENT, memberID, 2/*order*/, folderStatus, folderOption, folderType, now, now);
DAOFactory.getMessageFolderDAO().create(MVNForumConstant.MESSAGE_FOLDER_TRASH, memberID, 3/*order*/, folderStatus, folderOption, folderType, now, now);
FloodControl.increaseCount(MVNForumGlobal.FLOOD_ID_NEW_MEMBER, currentIP);
if (MVNForumConfig.getEnableCaptcha()) {
onlineUser.destroyCurrentCaptcha();
}
// Add member to the lucene index
MemberBean memberBean = null;
try {
memberBean = DAOFactory.getMemberDAO().getMember_forPublic(memberID);
} catch(ObjectNotFoundException ex) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.memberid_not_exists", new Object[] {new Integer(memberID)});
throw new ObjectNotFoundException(localizedMessage);
}
MemberIndexer.scheduleAddMemberTask(memberBean);
request.setAttribute("MemberBean", memberBean);
// now, if require activation, then we will send mail
if (MVNForumConfig.getRequireActivation()) {
String serverName = ParamUtil.getServerPath();//ParamUtil.getServer2(request);
try {
SendMailUtil.sendActivationCodeEmail(memberID, serverName);
} catch (Exception ex) {
log.error("Cannot send mail after registration!", ex);
request.setAttribute("mvnforum.mail.failed", "Cannot send activation email after registration!");
//@todo: save the error message to displayed later
}
}
// Begin for Company
String companySpaceName = ParamUtil.getParameterSafe(request, "CompanySpaceName", false);
if (companySpaceName.length() > 0) {
try {
int companyID = DAOFactory.getCompanyDAO().getCompanyIDFromCompanySpaceName(companySpaceName);
CompanyBean companyBean = DAOFactory.getCompanyDAO().getCompany(companyID);
int privilege = 0;
DAOFactory.getMemberGroupDAO().create(companyBean.getGroupID(), memberName, privilege,
now/*creationDate*/, now/*modifiedDate*/);
int isActive = 0;
int relationType = 0;
int relationOption = 0;
int relationStatus = 0;
Timestamp expireDate = new Timestamp(now.getTime() + DateUtil.DAY * 90);
DAOFactory.getMemberCompanyDAO().create(memberID, memberName, companyID,
now/*creationDate*/, expireDate, isActive,
relationType, relationOption, relationStatus);
} catch (ObjectNotFoundException ex) {
// Cannot find company with the space name, just ignore
}
}
// End for Company
}
void processUpdate(HttpServletRequest request, HttpServletResponse response)
throws BadInputException, ObjectNotFoundException, DatabaseException, AuthenticationException, AssertionException {
OnlineUser onlineUser = onlineUserManager.getOnlineUser(request);
MVNForumPermission permission = onlineUser.getPermission();
permission.ensureIsAuthenticated();
MyUtil.saveVNTyperMode(request, response);
int memberID = onlineUser.getMemberID();
Timestamp now = DateUtil.getCurrentGMTTimestamp();
// column(s) to update
int memberEmailVisible = ParamUtil.getParameterBoolean(request, "MemberEmailVisible")? MemberBean.MEMBER_EMAIL_VISIBLE : MemberBean.MEMBER_EMAIL_INVISIBLE;
int memberNameVisible = ParamUtil.getParameterBoolean(request, "MemberNameVisible") ? MemberBean.MEMBER_NAME_VISIBLE : MemberBean.MEMBER_NAME_INVISIBLE;
int memberOption = 0;//ParamUtil.getParameterInt(request, "MemberOption");
int memberStatus = 0;//@todo review and support it later
int memberMessageOption = 0;//ParamUtil.getParameterInt(request, "MemberMessageOption");
int memberPostsPerPage = ParamUtil.getParameterInt(request, "MemberPostsPerPage");
if (memberPostsPerPage < 5) {
memberPostsPerPage = 5;
}
int memberTimeZone = ParamUtil.getParameterTimeZone(request, "MemberTimeZone");
String memberSkin = ParamUtil.getParameterSafe(request, "MemberSkin", false);
String memberLanguage = ParamUtil.getParameterSafe(request, "MemberLanguage", false);
String memberFirstname = ParamUtil.getParameterSafe(request, "MemberFirstname", true);
String memberLastname = ParamUtil.getParameterSafe(request, "MemberLastname", true);
int memberGender = ParamUtil.getParameterBoolean(request, "MemberGender")? 1 : 0;
Date memberBirthday = ParamUtil.getParameterDate(request, "MemberBirthday");
String memberAddress = ParamUtil.getParameterSafe(request, "MemberAddress", false);
String memberCity = ParamUtil.getParameterSafe(request, "MemberCity", false);
String memberState = ParamUtil.getParameterSafe(request, "MemberState", false);
String memberCountry = ParamUtil.getParameterSafe(request, "MemberCountry", false);
String memberPhone = ParamUtil.getParameterSafe(request, "MemberPhone", false);
String memberMobile = ParamUtil.getParameterSafe(request, "MemberMobile", false);
String memberFax = ParamUtil.getParameterSafe(request, "MemberFax", false);
String memberCareer = ParamUtil.getParameterSafe(request, "MemberCareer", false);
String memberHomepage = ParamUtil.getParameterUrl(request, "MemberHomepage");
String memberYahoo = ParamUtil.getParameterSafe(request, "MemberYahoo", false);
String memberAol = ParamUtil.getParameterSafe(request, "MemberAol", false);
String memberIcq = ParamUtil.getParameterSafe(request, "MemberIcq", false);
String memberMsn = ParamUtil.getParameterSafe(request, "MemberMsn", false);
String memberCoolLink1 = ParamUtil.getParameterUrl(request, "MemberCoolLink1");
String memberCoolLink2 = ParamUtil.getParameterUrl(request, "MemberCoolLink2");
DAOFactory.getMemberDAO().update(memberID, // primary key
memberEmailVisible, memberNameVisible, now/*memberModifiedDate*/,
memberOption, memberStatus, memberMessageOption,
memberPostsPerPage, memberTimeZone, memberSkin,
memberLanguage, memberFirstname, memberLastname,
memberGender, memberBirthday, memberAddress,
memberCity, memberState, memberCountry,
memberPhone, memberMobile, memberFax,
memberCareer, memberHomepage, memberYahoo,
memberAol, memberIcq, memberMsn,
memberCoolLink1, memberCoolLink2);
// now, update the new displayed language option
onlineUser.reloadProfile();
MemberBean justAddedMemberBean = null;
try {
justAddedMemberBean = DAOFactory.getMemberDAO().getMember_forPublic(memberID);
} catch(ObjectNotFoundException ex) {
Locale locale = I18nUtil.getLocaleInRequest(request);
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.memberid_not_exists", new Object[] {new Integer(memberID)});
throw new ObjectNotFoundException(localizedMessage);
}
MemberIndexer.scheduleUpdateMemberTask(justAddedMemberBean);
}
/*
* @todo: use new method of WebHelper
*/
void prepareEditEmail(HttpServletRequest request)
throws DatabaseException, ObjectNotFoundException, AuthenticationException, AssertionException {
OnlineUser onlineUser = onlineUserManager.getOnlineUser(request);
MVNForumPermission permission = onlineUser.getPermission();
permission.ensureIsAuthenticated();
int memberID = onlineUser.getMemberID();
MemberBean memberBean = DAOFactory.getMemberDAO().getMember_forViewCurrentMember(memberID);
request.setAttribute("MemberEmail", memberBean.getMemberEmail());
}
void processUpdateEmail(HttpServletRequest request)
throws BadInputException, ObjectNotFoundException, DatabaseException, InterceptorException,
DuplicateKeyException, AuthenticationException, AssertionException, MessagingException,IOException, TemplateException {
OnlineUser onlineUser = onlineUserManager.getOnlineUser(request);
MVNForumPermission permission = onlineUser.getPermission();
permission.ensureIsAuthenticated();
Locale locale = I18nUtil.getLocaleInRequest(request);
int memberID = onlineUser.getMemberID();
// column(s) to update
String memberEmail = ParamUtil.getParameterEmail(request, "MemberEmail");
String memberEmailConfirm = ParamUtil.getParameterEmail(request, "MemberEmailConfirm");
if (memberEmail.length() > MVNForumGlobal.MAX_MEMBER_EMAIL_LENGTH) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.member_email_too_long");
throw new BadInputException(localizedMessage);
//throw new BadInputException("MemberEmail cannot be longer than 60 characters.");
}
InterceptorService.getInstance().validateMail(memberEmail);
// now check the password
MyUtil.ensureCorrectCurrentPassword(request);
if (!memberEmail.equals(memberEmailConfirm)) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.confirmed_email_is_not_match");
throw new BadInputException(localizedMessage);
//throw new BadInputException("Email and confirmed email are not the same, please try again.");
}
// invalidate the activate status
DAOFactory.getMemberDAO().updateActivateCode(memberID, "");
DAOFactory.getMemberDAO().updateEmail(memberID, memberEmail);
// now reload the permission if this online user change email (not activated now)
onlineUser.reloadPermission();
// now, if require activation, then we will send mail
if (MVNForumConfig.getRequireActivation()) {
String serverName = ParamUtil.getServerPath();//ParamUtil.getServer2(request);
SendMailUtil.sendActivationCodeEmail(memberID, serverName);
}
}
void processUpdatePassword(HttpServletRequest request)
throws BadInputException, ObjectNotFoundException, DatabaseException,
AuthenticationException, AssertionException {
OnlineUser onlineUser = onlineUserManager.getOnlineUser(request);
MVNForumPermission permission = onlineUser.getPermission();
permission.ensureIsAuthenticated();
int memberID = onlineUser.getMemberID();
Locale locale = I18nUtil.getLocaleInRequest(request);
// now check the password
MyUtil.ensureCorrectCurrentPassword(request);
/*
// NOTE: that we dont use getParameterPassword here since it will not forward-compatible
String memberOldPassword = ParamUtil.getParameter(request, "MemberOldMatkhau", true);
String oldEncodedPassword = Encoder.getMD5_Base64(memberOldPassword);
String currentPassword = DAOFactory.getMemberDAO().getPassword(memberID);
if (!currentPassword.equals(oldEncodedPassword)) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.wrong_password");
throw new BadInputException(localizedMessage);
//throw new BadInputException("You have typed the wrong current password, please try again.");
}*/
// column(s) to update
String memberPassword1 = ParamUtil.getParameterPassword(request, "MemberMatkhau", 3, 0);
String memberPassword2 = ParamUtil.getParameterPassword(request, "MemberMatkhauConfirm", 3, 0);
if (!memberPassword1.equals(memberPassword2)) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.confirmed_password_is_not_match");
throw new BadInputException(localizedMessage);
//throw new BadInputException("Password and confirmed password are not the same, please try again.");
}
String memberPassword = Encoder.getMD5_Base64(memberPassword1);
String currentPassword = DAOFactory.getMemberDAO().getPassword(memberID);
if (currentPassword.equals(memberPassword)) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.old_password_and_new_password_cannot_equal");
throw new BadInputException(localizedMessage);
//throw new BadInputException("Old password and new password cannot equal, please try again.");
}
DAOFactory.getMemberDAO().updatePassword(memberID, // primary key
memberPassword);
}
void prepareView_forCurrentMember(HttpServletRequest request)
throws DatabaseException, ObjectNotFoundException, AuthenticationException, AssertionException {
OnlineUser onlineUser = onlineUserManager.getOnlineUser(request);
MVNForumPermission permission = onlineUser.getPermission();
permission.ensureIsAuthenticated();
// always update the number of new private message count in this case
onlineUser.updateNewMessageCount(true);
int memberID = onlineUser.getMemberID();
MemberBean memberBean = DAOFactory.getMemberDAO().getMember_forViewCurrentMember(memberID);
request.setAttribute("MemberBean", memberBean);
}
void prepareEdit_forCurrentMember(HttpServletRequest request)
throws DatabaseException, ObjectNotFoundException, AuthenticationException, AssertionException {
OnlineUser onlineUser = onlineUserManager.getOnlineUser(request);
MVNForumPermission permission = onlineUser.getPermission();
permission.ensureIsAuthenticated();
int memberID = onlineUser.getMemberID();
MemberBean memberBean = DAOFactory.getMemberDAO().getMember_forEditCurrentMember(memberID);
request.setAttribute("MemberBean", memberBean);
}
/*
* @todo: use new method of WebHelper
*/
void prepareEditSignature(HttpServletRequest request)
throws DatabaseException, ObjectNotFoundException, AuthenticationException, AssertionException {
OnlineUser onlineUser = onlineUserManager.getOnlineUser(request);
MVNForumPermission permission = onlineUser.getPermission();
permission.ensureIsAuthenticated();
boolean isPreviewing = ParamUtil.getParameterBoolean(request, "preview");
if (isPreviewing) {
String signature = ParamUtil.getParameter(request, "MemberSignature");
if (signature.length() > 250) {
signature = signature.substring(0, 250);// ensure no more than 250 char (should check in javascript ??)
}
request.setAttribute("MemberSignature", signature);
} else {
int memberID = onlineUser.getMemberID();
MemberBean memberBean = DAOFactory.getMemberDAO().getMember_forViewCurrentMember(memberID);
request.setAttribute("MemberSignature", memberBean.getMemberSignature());
}
}
void processUpdateSignature(HttpServletRequest request, HttpServletResponse response)
throws ObjectNotFoundException, DatabaseException, AuthenticationException, AssertionException {
OnlineUser onlineUser = onlineUserManager.getOnlineUser(request);
MVNForumPermission permission = onlineUser.getPermission();
permission.ensureIsAuthenticated();
MyUtil.saveVNTyperMode(request, response);
int memberID = onlineUser.getMemberID();
// column(s) to update
String memberSignature = ParamUtil.getParameter(request, "MemberSignature");
memberSignature = DisableHtmlTagFilter.filter(memberSignature);
DAOFactory.getMemberDAO().updateSignature(memberID, // primary key
memberSignature);
}
/*
* @todo: use new method of WebHelper
*/
void prepareEditAvatar(HttpServletRequest request)
throws DatabaseException, ObjectNotFoundException, AuthenticationException, AssertionException {
Locale locale = I18nUtil.getLocaleInRequest(request);
if (MVNForumConfig.getEnableAvatar() == false) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.AssertionException.avatar_is_disabled");
throw new AssertionException(localizedMessage);
//throw new AssertionException("Cannot use avatar because AVATAR feature is disabled by administrator.");
}
OnlineUser onlineUser = onlineUserManager.getOnlineUser(request);
MVNForumPermission permission = onlineUser.getPermission();
permission.ensureIsAuthenticated();
permission.ensureCanUseAvatar();
int memberID = onlineUser.getMemberID();
MemberBean memberBean = DAOFactory.getMemberDAO().getMember_forViewCurrentMember(memberID);
request.setAttribute("MemberBean", memberBean);
}
/**
* Change picture from our predefined picture
* NOTE: this method will delete uploaded image (if any) of the member
*/
void updateMemberAvatar(HttpServletRequest request)
throws ObjectNotFoundException, DatabaseException, AuthenticationException, AssertionException {
if (MVNForumConfig.getEnableAvatar() == false) {
throw new AssertionException("Cannot use avatar because AVATAR feature is disabled by administrator.");
}
OnlineUser onlineUser = onlineUserManager.getOnlineUser(request);
MVNForumPermission permission = onlineUser.getPermission();
permission.ensureIsAuthenticated();
permission.ensureCanUseAvatar();
int memberID = onlineUser.getMemberID();
String memberName = onlineUser.getMemberName();
// first, we delete uploaded image if there is one
StringBuffer bufferPicFile = new StringBuffer(128);
bufferPicFile.append(MVNForumConfig.getAvatarDir());
bufferPicFile.append(File.separatorChar).append(memberName).append(".jpg");
String picFile = bufferPicFile.toString();
log.trace("Delete avatar = " + picFile);
log.trace("String length = " + picFile.length());
File file = new File(picFile);
file.delete();// we dont need to check the returned value
// then we update the database with new one
String memberPicture = ParamUtil.getParameter(request, "MemberAvatar");
DAOFactory.getMemberDAO().updateAvatar(memberID, memberPicture);
}
/**
* upload user own avatar
*/
void uploadAvatar(javax.servlet.ServletConfig config, HttpServletRequest request)
throws BadInputException, AuthenticationException, IOException,
AssertionException, ObjectNotFoundException, DatabaseException {
Locale locale = I18nUtil.getLocaleInRequest(request);
if (MVNForumConfig.getEnableAvatar() == false) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.AssertionException.avatar_is_disabled");
throw new AssertionException(localizedMessage);
//throw new AssertionException("Cannot use avatar because AVATAR feature is disabled by administrator.");
}
OnlineUser onlineUser = onlineUserManager.getOnlineUser(request);
MVNForumPermission permission = onlineUser.getPermission();
permission.ensureIsAuthenticated();
permission.ensureCanUseAvatar();
int memberID = onlineUser.getMemberID();
String memberName = onlineUser.getMemberName();
FileUpload fileUpload = new FileUpload();
fileUpload.setSizeMax(60000);//60K
fileUpload.setSizeThreshold(100000);// max memory used = 100K (more than needed)
List fileItems;
try {
fileItems = fileUpload.parseRequest(request);
} catch (FileUploadException ex) {
log.error("Cannot upload", ex);
//@todo : localize me
throw new IOException("Cannot upload. Detailed reason: " + ex.getMessage());
}
// make sure only one file upload
if (fileItems.size() != 1) {
throw new AssertionException("Assertion: Cannot upload more than 1 file while processing upload avatar for Member.");
}
//get the first and only file
FileItem myFile = (FileItem)fileItems.get(0);
if (myFile.isFormField() == true) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.AssertionException.cannot_process_upload_avatar_with_form_field");
throw new AssertionException(localizedMessage);
//throw new AssertionException("Cannot process uploaded avatar with a form field.");
}
// now everything all right, go ahead and create thumbnail
InputStream inputStream = myFile.getInputStream();
StringBuffer bufferPicFile = new StringBuffer(128);
//bufferPicFile.append(config.getServletContext().getRealPath(MVNForumGlobal.UPLOADED_AVATAR_DIR));
//bufferPicFile.append(File.separatorChar).append(memberName).append(".jpg");
bufferPicFile.append(MVNForumConfig.getAvatarDir());
bufferPicFile.append(File.separatorChar).append(memberName).append(".jpg");
String thumbnailFile = bufferPicFile.toString();
//log.trace("uploaded file = " + thumbnailFile);
//log.trace("String length = " + thumbnailFile.length());
//The below method closes the inputStream after it have done its work.
ImageUtil.createThumbnail(inputStream, thumbnailFile, 150/*maxWidth*/, 150/*maxHeight*/);// can throw BadInputException
// now the image has been save, go ahead and update database
//StringBuffer bufferVirtualFile = new StringBuffer(128);
//bufferVirtualFile.append(MVNForumGlobal.UPLOADED_AVATAR_DIR);
//bufferVirtualFile.append("/").append(memberName).append(".jpg");
//String virtualFile = bufferVirtualFile.toString();
//String virtualFile = memberName + ".jpg";
try {
DAOFactory.getMemberDAO().updateAvatar(memberID, MemberBean.MEMBER_AVATAR_USING_UPLOAD);
} catch (DatabaseException ex) {// we dont need to catch ObjectNotFoundException since the memberID is already exits
log.fatal("Assertion in MemberWebHandler.uploadPicture");// we dont want it to be here
// need to delete the file if the above database task failed
FileUtil.deleteFile(thumbnailFile);
throw ex;
}
}
void prepareForgotPassword(HttpServletRequest request)
throws AssertionException, DatabaseException, AuthenticationException {
OnlineUser onlineUser = onlineUserManager.getOnlineUser(request);
if (MVNForumConfig.getEnableCaptcha()) {
onlineUser.buildNewCaptcha();
}
}
void forgotPassword(HttpServletRequest request)
throws BadInputException, ObjectNotFoundException, DatabaseException, MessagingException,
AssertionException, AssertionException, DatabaseException, AuthenticationException, IOException,TemplateException {
// use for the captcha feature
OnlineUser onlineUser = onlineUserManager.getOnlineUser(request);
Locale locale = I18nUtil.getLocaleInRequest(request);
int memberID = 0;
String memberName = ParamUtil.getParameter(request, "MemberName");
StringUtil.checkGoodName(memberName);
String memberEmail = ParamUtil.getParameter(request, "MemberEmail");
if (memberEmail.length() > 0) {
memberEmail = ParamUtil.getParameterEmail(request, "MemberEmail");
}
if (memberName.length() > 0) {// user enter his MemberName
// we find the email of this memberID, not the provided email
try {
memberID = DAOFactory.getMemberDAO().getMemberIDFromMemberName(memberName);
} catch (ObjectNotFoundException e) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.membername_not_exists", new Object[] {memberName});
throw new ObjectNotFoundException(localizedMessage);
}
MemberBean bean = DAOFactory.getMemberDAO().getMember_forPublic(memberID);
memberEmail = bean.getMemberEmail();
} else if (memberEmail.length() > 0) {// user enter his email
// we find the MemberID of this mail, now we sure that user didnt enter his MemberID
memberID = DAOFactory.getMemberDAO().getMemberIDFromMemberEmail(memberEmail);
MemberBean bean = DAOFactory.getMemberDAO().getMember_forPublic(memberID);
memberName = bean.getMemberName();
} else {// user didnt enter any thing
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.your_member_name_or_email_is_not_entered");
throw new BadInputException(localizedMessage);
//throw new BadInputException("You must enter at least your MemberName or email");
}
// now we have the correct pair of MemberID and MemberEmail
// Check the assumption above
MemberBean memberBean = DAOFactory.getMemberDAO().getMember_forPublic(memberID);
if (!memberEmail.equalsIgnoreCase(memberBean.getMemberEmail())) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.AssertionException.serious_bug");
throw new AssertionException(localizedMessage);
//throw new AssertionException("Assertion when process forgot password. This is a serious bug. Please contact the Web site administrator to report the bug.");
}
// end check
// Now check the captcha
if (MVNForumConfig.getEnableCaptcha()) {
String captchaResponse = ParamUtil.getParameterSafe(request, "CaptchaResponse", false);
onlineUser.ensureCorrectCaptchaResponse(captchaResponse);
}
String currentTempPassword = DAOFactory.getMemberDAO().getTempPassword(memberID);
// if the current value length is less then 5, we assume that it is not set
// and we generate the new value only in this case. This will prevent the
// different values are sent out and confuse user.
if (currentTempPassword.length() < 5) {
//generate a temp password
currentTempPassword = RandomGenerator.getRandomMD5_Base64();
DAOFactory.getMemberDAO().updateTempPassword(memberID, currentTempPassword);
}
// next, encode to make sure it could be put on a link
String urlEncodedTempPassword = Encoder.encodeURL(currentTempPassword);
// we have pass the assertion check, go ahead
String serverName = ParamUtil.getServerPath();//ParamUtil.getServer2(request);
StringBuffer passwordResetUrl = new StringBuffer(256);
passwordResetUrl.append(serverName);
passwordResetUrl.append(ParamUtil.getContextPath());
passwordResetUrl.append(UserModuleConfig.getUrlPattern());
passwordResetUrl.append("/resetpassword?temppassword=");
passwordResetUrl.append(urlEncodedTempPassword);
passwordResetUrl.append("&member=");
passwordResetUrl.append(memberName);
// Prepare the FreeMarker configuration;
Configuration cfg = MVNForumConfig.getFreeMarkerConfiguration();
//Below is a code to map content of email to template
Map root = new HashMap();
root.put("serverName", serverName);
root.put("MVNForumInfo", MVNForumInfo.getProductDesc());
root.put("passwordResetUrl", passwordResetUrl.toString());
root.put("memberName", memberName);
root.put("currentTempPassword", currentTempPassword);
StringWriter subjectWriter = new StringWriter(256);
Template subjectTemplate = cfg.getTemplate(MVNForumGlobal.TEMPLATE_FORGOTPASSWORD_SUBJECT, "UTF-8");
subjectTemplate.process(root, subjectWriter);
String subject = subjectWriter.toString();
StringWriter bodyWriter = new StringWriter(1024);
Template bodyTemplate = cfg.getTemplate(MVNForumGlobal.TEMPLATE_FORGOTPASSWORD_BODY, "UTF-8");
bodyTemplate.process(root, bodyWriter);
String body = bodyWriter.toString();
// String subject= "Your MEMBER password of website " + serverName;
/* String body = "This email is sent to you because you (or someone) have requested PASSWORD RESET from web site " + serverName + ".\n" +
"If you did not request this password reset feature, just ignore and DELETE this email IMMEDIATELY.\n" +
"If you do want to reset your password, please use this url to reset your password:\n" +
passwordResetUrl.toString() + "\n" +
"Thank you for using " + MVNForumInfo.getProductDesc() + " and we hope that you enjoy our forum.\n" +
serverName + " webmaster\n\n" +
"NOTE: you could use the information below in case the above link does not work:\n" +
"Your Member Name = " + memberName + "\n" +
"Your temporary password = " + currentTempPassword + "\n";
*/
log.debug("subject = " + subject);
log.debug("body = " + body);
try {
MailUtil.sendMail(MVNForumConfig.getWebMasterEmail() /*use the default MailFrom value*/,
memberEmail /*to*/, "" /*cc*/, "" /*bcc*/, subject, body);
} catch (UnsupportedEncodingException e) {
log.error("Cannot support encoding", e);
}
// Only destroy captcha when send mail successfully
if (MVNForumConfig.getEnableCaptcha()) {
onlineUser.destroyCurrentCaptcha();
}
}
void resetPassword(HttpServletRequest request)
throws BadInputException, ObjectNotFoundException, DatabaseException {
Locale locale = I18nUtil.getLocaleInRequest(request);
String memberName = ParamUtil.getParameter(request, "member", true);
StringUtil.checkGoodName(memberName);
// IMPORTANT: MUST check that temp password is not empty, because temppassword = empty
// means cannot reset password
String memberTempPassword = ParamUtil.getParameter(request, "temppassword", true);
int memberID = 0;
try {
memberID = DAOFactory.getMemberDAO().getMemberIDFromMemberName(memberName);
} catch (ObjectNotFoundException e) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.membername_not_exists", new Object[] {memberName});
throw new ObjectNotFoundException(localizedMessage);
}
String currentTempPassword = DAOFactory.getMemberDAO().getTempPassword(memberID);
if (memberTempPassword.equals(currentTempPassword) == false) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.wrong_temporary_password");
throw new BadInputException(localizedMessage);
//throw new BadInputException("Your temporary password is not correct, please try the forgot password feature.");
}
String memberPassword1 = ParamUtil.getParameterPassword(request, "MemberMatkhau", 3, 0);
String memberPassword2 = ParamUtil.getParameterPassword(request, "MemberMatkhauConfirm", 3, 0);
if (!memberPassword1.equals(memberPassword2)) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.confirmed_password_is_not_match");
throw new BadInputException(localizedMessage);
//throw new BadInputException("Password and confirmed password are not the same, please try again.");
}
String memberPassword = Encoder.getMD5_Base64(memberPassword1);
DAOFactory.getMemberDAO().updatePassword(memberID, memberPassword);
DAOFactory.getMemberDAO().updateTempPassword(memberID, "");// reset the temp password
}
void sendActivateCode(HttpServletRequest request)
throws BadInputException, ObjectNotFoundException, DatabaseException,
MessagingException, IOException, TemplateException {
Locale locale = I18nUtil.getLocaleInRequest(request);
int memberID = 0;
String memberName = ParamUtil.getParameter(request, "MemberName", true);
StringUtil.checkGoodName(memberName);
String memberEmail = ParamUtil.getParameterEmail(request, "MemberEmail");
// we find the email of this memberID, not the provided email
try {
memberID = DAOFactory.getMemberDAO().getMemberIDFromMemberName(memberName);
} catch (ObjectNotFoundException e) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.membername_not_exists", new Object[] {memberName});
throw new ObjectNotFoundException(localizedMessage);
}
// Check if the email is correct
MemberBean memberBean = DAOFactory.getMemberDAO().getMember_forPublic(memberID);
if (!memberEmail.equalsIgnoreCase(memberBean.getMemberEmail())) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.provided_email_not_equals_member_email");
throw new BadInputException(localizedMessage);
//throw new BadInputException("Your provided email does not equals to the member's email in our database. Please try again.");
}
// end check, send mail now
String serverName = ParamUtil.getServerPath();//ParamUtil.getServer2(request);
SendMailUtil.sendActivationCodeEmail(memberID, serverName);
}
void activateMember(HttpServletRequest request)
throws BadInputException, ObjectNotFoundException, DatabaseException,
AuthenticationException, AssertionException {
String memberName = ParamUtil.getParameter(request, "member", true);
StringUtil.checkGoodName(memberName);
Locale locale = I18nUtil.getLocaleInRequest(request);
// IMPORTANT: MUST check that ActivateCode is not empty, because ActivateCode = empty
// means invalid
String memberActivateCode = ParamUtil.getParameter(request, "activatecode", true);
if (memberActivateCode.equals(MemberBean.MEMBER_ACTIVATECODE_ACTIVATED)) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.cannot_activate.invalid_activation_code");
throw new BadInputException(localizedMessage);
//throw new BadInputException("Cannot activate member with invalid activation code.");
}
int memberID = 0;
try {
memberID = DAOFactory.getMemberDAO().getMemberIDFromMemberName(memberName);
} catch (ObjectNotFoundException e) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.membername_not_exists", new Object[] {memberName});
throw new ObjectNotFoundException(localizedMessage);
}
// Now, check that this member is not activated, to prevent the
// situation that other people try to annoy this member
if (DAOFactory.getMemberDAO().getActivateCode(memberID).equals(MemberBean.MEMBER_ACTIVATECODE_ACTIVATED)) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.cannot_activate.is_activated_member");
throw new BadInputException(localizedMessage);
//throw new BadInputException("Cannot activate an activated member.");
}
String currentActivateCode = DAOFactory.getMemberDAO().getActivateCode(memberID);
if (memberActivateCode.equals(currentActivateCode) == false) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.cannot_activate.wrong_activation_code");
throw new BadInputException(localizedMessage);
//throw new BadInputException("Your activation code is not correct, please try the Member Account Activation feature.");
}
DAOFactory.getMemberDAO().updateActivateCode(memberID, MemberBean.MEMBER_ACTIVATECODE_ACTIVATED);// activate member
// now reload the permission if this online user is the activated user
OnlineUser onlineUser = onlineUserManager.getOnlineUser(request);
if (memberID == onlineUser.getMemberID()) {
onlineUser.reloadPermission();
}
}
/*************************************************
* For public view
*************************************************/
void prepareView_forPublic(HttpServletRequest request)
throws BadInputException, ObjectNotFoundException, DatabaseException {
String memberName = ParamUtil.getParameter(request, "member", false);
Locale locale = I18nUtil.getLocaleInRequest(request);
// primary key column(s)
int memberID = -1;
if (memberName.length() == 0) {
memberID = ParamUtil.getParameterInt(request, "memberid");
} else {// has MemberName
/**@todo: improve this for better performance(dont use this method,
* and write 2 new methods)*/
StringUtil.checkGoodName(memberName);// check for better security
try {
memberID = DAOFactory.getMemberDAO().getMemberIDFromMemberName(memberName);
} catch (ObjectNotFoundException e) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.membername_not_exists", new Object[] {memberName});
throw new ObjectNotFoundException(localizedMessage);
}
}
try {
DAOFactory.getMemberDAO().increaseViewCount(memberID);
} catch (ObjectNotFoundException e) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.ObjectNotFoundException.memberid_not_exists", new Object[] {new Integer(memberID)});
throw new ObjectNotFoundException(localizedMessage);
}
MemberBean memberBean = DAOFactory.getMemberDAO().getMember_forPublic(memberID);
request.setAttribute("MemberBean", memberBean);
}
/**
* This method supports sorting base on many criteria
*/
void prepareListMembers_forPublic(HttpServletRequest request)
throws DatabaseException, AssertionException, BadInputException, AuthenticationException {
Locale locale = I18nUtil.getLocaleInRequest(request);
if (MVNForumConfig.getEnableListMembers() == false) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.AssertionException.list_members_is_disabled");
throw new AssertionException(localizedMessage);
//throw new AssertionException("Cannot list members because LIST_MEMBERS feature is disabled by administrator.");
}
OnlineUser onlineUser = onlineUserManager.getOnlineUser(request);
//MVNForumPermission permission = onlineUser.getPermission();
//@todo: some permission checking is needed ???
// for sort and order stuff
String sort = ParamUtil.getParameter(request, "sort");
String order = ParamUtil.getParameter(request, "order");
if (sort.length() == 0) sort = "MemberCreationDate";
if (order.length()== 0) order = "DESC";
// we continue
int postsPerPage = onlineUser.getPostsPerPage();
int offset = 0;
try {
offset = ParamUtil.getParameterInt(request, "offset");
} catch (BadInputException e) {
// do nothing
}
int totalMembers = DAOFactory.getMemberDAO().getNumberOfMembers();
if (offset > totalMembers) {
String localizedMessage = MVNForumResourceBundle.getString(locale, "mvncore.exception.BadInputException.offset_greater_than_total_rows");
throw new BadInputException(localizedMessage);
//throw new BadInputException("The offset is not allowed to be greater than total rows.");
}
Collection memberBeans = DAOFactory.getMemberDAO().getMembers_withSortSupport_limit(offset, postsPerPage, sort, order);
request.setAttribute("MemberBeans", memberBeans);
request.setAttribute("TotalMembers", new Integer(totalMembers));
}
// just for showing member's avatar
public void getAvatar(HttpServletRequest request, HttpServletResponse response)
throws BadInputException, DatabaseException, IOException {
if (MVNForumConfig.getEnableAvatar() == false) {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
}
int memberID = ParamUtil.getParameterInt(request, "memberid");
MemberBean member = null;
try {
member = DAOFactory.getMemberDAO().getMember_forPublic(memberID);
} catch (ObjectNotFoundException e) {
response.sendError(HttpServletResponse.SC_BAD_REQUEST);
return;
}
String memberAvatar = member.getMemberAvatar();
if (memberAvatar.equals(MemberBean.MEMBER_AVATAR_USING_UPLOAD) ||
memberAvatar.startsWith(MVNForumGlobal.UPLOADED_AVATAR_DIR)) {
memberAvatar = member.getMemberName() + ".jpg";
} else {
response.sendError(HttpServletResponse.SC_BAD_REQUEST);
return;
}
String imageMimeType = "image/jpeg";
File avatarFile = new File(MVNForumConfig.getAvatarDir() + File.separator + memberAvatar);
if (!avatarFile.exists()) {
response.sendError(HttpServletResponse.SC_NOT_FOUND);
return;
}
if (!avatarFile.isFile()) {
response.sendError(HttpServletResponse.SC_NO_CONTENT);
return;
}
long lastModified = avatarFile.lastModified();
long ifModifiedSince = request.getDateHeader("If-Modified-Since");
//log.debug("\n ** Last Modified : " + lastModified + " If Modified Since : " + ifModifiedSince + " **");
if (ifModifiedSince != -1) {
if (/*(request.getHeader("If-None-Match") == null)
&& */(lastModified <= ifModifiedSince )) {
// The entity has not been modified since the date
// specified by the client. This is not an error case.
response.setStatus(HttpServletResponse.SC_NOT_MODIFIED);
return;
}
}
OutputStream outputStream = null;
try {
String httpModified = DateUtil.getHTTPHeaderTime(new Date(lastModified));
response.setContentType(imageMimeType);
response.setHeader("Location", memberAvatar);
response.setHeader("Last-Modified", httpModified);
//response.setHeader("Content-Disposition", "attachment; filename=" + memberAvatar);//always download
//response.setHeader("Content-Length", String.valueOf(avatarFile.length()));//problem with compression
// now, the header inited, just write the file content on the output
try {
outputStream = response.getOutputStream();
FileUtil.popFile(avatarFile, outputStream);
} catch (IOException ex) {
// cannot throw Exception after we output to the response
log.error("Error while trying to send avatar from server", ex);
}
outputStream.flush();
outputStream.close();
outputStream = null;// no close twice
} catch (IOException ex) {
throw ex;
} finally {
if (outputStream != null) {
try {
outputStream.close();
} catch (IOException ex) { }
}
}
}
}
|
The search page
Other source code files at this package level
Click here to learn more about this project
