<%@ page contentType="text/html; charset=UTF-8"%> <%@ page import="kr.co.kihyun.lang.MString"%> <%@ page import="kr.co.kihyun.lang.Encoder"%> <%@ page import="kr.co.kihyun.moumi.MoumiConfig"%> <%@ page import="kr.co.kihyun.text.html.ServletUtil"%> <%@ page import="kr.co.kihyun.beans.user.HttpSSOLogin"%> <%@ page import="java.net.URLEncoder" import="javax.jdo.PersistenceManager" import="javax.jdo.Transaction" import="kr.co.kihyun.beans.entity.util.*" import="kr.co.kihyun.beans.entity.*" %> <%@ include file="/totsys/common/inc/sec/secure.inc.jsp"%> <% PersistenceManager pm = new MPersistenceManager(PMF.get().getPersistenceManager()); Transaction tx = pm.currentTransaction(); try{ /************ Parameter ************/ String strPage = clearXSS(request.getParameter("strPage"),""); String findOption = clearXSS(MString.checkNull(request.getParameter("findOption")),""); String findWord = clearXSS(Encoder.toJava(request.getParameter("findWord")),""); String userID = clearXSS(Encoder.toJava(request.getParameter("userID")),""); /***** user Login check *****************/ if(!HttpSSOLogin.isLogin(request)){ String connURL="parent.location='/totsys/login/login.jsp';"; out.println(ServletUtil.getJavaScript(connURL)); return; } /********** session내의 userId **********/ String usID = HttpSSOLogin.getLoginID(request); tx.begin(); /************ User values ************/ MUser mUser = pm.getObjectById(MUser.class, userID); String passwd = mUser.getPassword(); String userName = mUser.getName(pm); String email = mUser.getEmail(); String phone = mUser.getPhone(); SysAuth sysAuth = mUser.getSysAuth(); String deptID = mUser.getUpperDept(pm).getId(); String deptName = mUser.getUpperDept(pm).getName(); String dutyName = mUser.getDutyName(); Long priority = mUser.getPriority(); tx.rollback(); %> <%=MoumiConfig.getTitle()%> <%@ include file="/totsys/common/inc/buttom/buttom.jsp"%>

ID	<%= MString.checkNull(userID) %>
<%=MoumiConfig.getMessageBundle().getString("moumi.message.tot_doc.userName")%>	<%= MString.checkNull(userName) %>
<%=MoumiConfig.getMessageBundle().getString("moumi.message.tot_doc.belongTo")%><%=MoumiConfig.getMessageBundle().getString("moumi.message.tot_doc.coporation")%>/<%=MoumiConfig.getMessageBundle().getString("moumi.message.tot_doc.devision")%>	<%= MString.checkNull(deptName) %>
<%=MoumiConfig.getMessageBundle().getString("moumi.message.tot_doc.telNumber")%>
E-MAIL
권한	<%= sysAuth %>

<% }catch(Exception ex){ //38.오류메세지를 통한 정보 노출(getMessage)_CWE-209 : Update by YOUNGJUN,CHO ex.printStackTrace(); //out.println(ex); //out.println("

Can't contact servlet runner

Message : "+ex.getMessage()+""); //out.println(""); //================================================ }finally{ if(tx.isActive()) tx.rollback(); pm.close(); } %>