<% /********************************************************************************** 프로그램명 : dept_view.jsp 프로그램설명 : 작 성 자 : 기현테크 작 성 일 : 2010.11.28 최신변경일 : ***********************************************************************************/ %> <%@ page contentType="text/html; charset=UTF-8"%> <%@ page import="kr.co.kihyun.beans.user.HttpSSOLogin"%> <%@ page import="kr.co.kihyun.text.html.ServletUtil"%> <%@ page import="kr.co.kihyun.lang.Encoder"%> <%@ page import="kr.co.kihyun.moumi.MoumiConfig"%> <%@ page import="kr.co.kihyun.lang.MString"%> <%@ page import="kr.co.kihyun.beans.user.User"%> <%@ page import="kr.co.kihyun.beans.entity.MDept"%> <%@ page import="java.net.URLEncoder"%> <%@page import="java.net.URLDecoder" import="javax.jdo.PersistenceManager" import="javax.jdo.Transaction" import="kr.co.kihyun.beans.entity.util.*" import="kr.co.kihyun.beans.entity.*" %> <%@ include file="/totsys/common/inc/sec/secure.inc.jsp"%> <% PersistenceManager pm = new MPersistenceManager(PMF.get().getPersistenceManager()); Transaction tx = pm.currentTransaction(); try{ request.setCharacterEncoding("UTF-8"); /***** user Login check *****************/ if(!HttpSSOLogin.isLogin(request)){ String connURL="parent.location='/totsys/login/login.jsp';"; out.println(ServletUtil.getJavaScript(connURL)); return; } /********** session내의 userId **********/ String usID = HttpSSOLogin.getLoginID(request); /****** Parameter ******/ String userID = clearXSS(URLDecoder.decode(request.getParameter("userID"), "UTF-8"),""); String phone = clearXSS(URLDecoder.decode(request.getParameter("phone"), "UTF-8"),""); tx.begin(); MUser mUser = pm.getObjectById(MUser.class, userID); SysAuth sysAuth = mUser.getSysAuth(); tx.rollback(); %> <%=MoumiConfig.getTitle()%>

<% }catch(Exception ex){ //38.오류메세지를 통한 정보 노출(getMessage)_CWE-209 : Update by YOUNGJUN,CHO ex.printStackTrace(); //out.println(ex); //out.println("

Can't contact servlet runner

Message : "+ex.getMessage()+""); //out.println(""); //================================================ }finally{ if(tx.isActive()) tx.rollback(); pm.close(); } %>