KnuGit/webapps/totsys/sysadm/user/user_view2.jsp

<%@ page contentType="text/html; charset=UTF-8"%>

<%@ page import="kr.co.kihyun.lang.MString"%>
<%@ page import="kr.co.kihyun.lang.Encoder"%>
<%@ page import="kr.co.kihyun.moumi.MoumiConfig"%>
<%@ page import="kr.co.kihyun.text.html.ServletUtil"%>
<%@ page import="kr.co.kihyun.beans.user.HttpSSOLogin"%>
<%@ page import="java.net.URLEncoder"
	import="javax.jdo.PersistenceManager" import="javax.jdo.Transaction"
	import="kr.co.kihyun.beans.entity.util.*"
	import="kr.co.kihyun.beans.entity.*"
%>
<%@ include file="/totsys/common/inc/sec/secure.inc.jsp"%>
<%
PersistenceManager pm = new MPersistenceManager(PMF.get().getPersistenceManager());
Transaction tx = pm.currentTransaction();
try{
	/************ Parameter ************/
	String strPage = clearXSS(request.getParameter("strPage"),"");
	String findOption = clearXSS(MString.checkNull(request.getParameter("findOption")),"");
	String findWord = clearXSS(Encoder.toJava(request.getParameter("findWord")),"");
	String userID = clearXSS(Encoder.toJava(request.getParameter("userID")),"");

      /***** user Login check *****************/
		if(!HttpSSOLogin.isLogin(request)){
			String connURL="parent.location='/totsys/login/login.jsp';";
			out.println(ServletUtil.getJavaScript(connURL));
			return;
		}

		/********** session내의 userId **********/
		String usID = HttpSSOLogin.getLoginID(request);

	tx.begin();

	/************ User values ************/
	MUser mUser = pm.getObjectById(MUser.class, userID);
	String passwd = mUser.getPassword();
	String userName = mUser.getName(pm);
	String email = mUser.getEmail();
	String phone = mUser.getPhone();
	SysAuth sysAuth = mUser.getSysAuth();
	String deptID = mUser.getUpperDept(pm).getId();
	String deptName = mUser.getUpperDept(pm).getName();
	String dutyName = mUser.getDutyName();
	Long priority = mUser.getPriority();

	tx.rollback();
%>
<HTML>
<HEAD>
<TITLE><%=MoumiConfig.getTitle()%></TITLE>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=UTF-8">
<link rel="stylesheet" href="/totsys/common/css/text.css"
	type="text/css">
<link rel="stylesheet" href="/totsys/common/css/kecttep.css"
	type="text/css">
<link rel="stylesheet" href="/totsys/common/css/SquareButtons.css"
	type="text/css">
<script src="/totsys/common/js/rollover.js">
</script>
<SCRIPT language="javascript">
           function userModify(){
				if (confirm("정보를 변경하시겠습니까?"))
				{
						dform.submit();
				}
			}
		</SCRIPT>
<style>
td {
	padding: 1 2 1 2;
}
</style>
</HEAD>

<body style='' BGCOLOR=#FFFFFF LEFTMARGIN=0 TOPMARGIN=0 MARGINWIDTH=0
	MARGINHEIGHT=0>
<table width="100%" height="70" border="0" cellpadding="0"
	cellspacing="0">
	<jsp:include page="/totsys/common/inc/sysadm/top/top.jsp" flush="true" />
	<tr>
		<td nowrap width="0"></td>
		<td valign="top">
		<table width="100%" border="0" cellspacing="0" cellpadding="0">
	 <tr class="toolbar">
		<td align="right">
		<table border="0" cellspacing="0" cellpadding="0">
			<tr>
                <td><a class="simplebutton" href="#"
					onclick="<% if(!MString.isNull(userID) && SysAuth.TOTPER == sysAuth || SysAuth.SUB_SYSADM == sysAuth || SysAuth.SYSADM == sysAuth) {%>userModify();<%}%>">
                                        <span class="ok"><%=MoumiConfig.getMessageBundle().getString("moumi.message.tot_doc.info")%><%=MoumiConfig.getMessageBundle().getString("moumi.message.tot_doc.change")%></span></a>
                </td>
			</tr>
		</table>
		</td>
	</tr>
        <form name="dform" action="/servlet/kr.co.kihyun.beans.user.HttpUserModify" method="post">
        	<input type="hidden" name="userID" value="<%=URLEncoder.encode(userID, "UTF-8")%>">
			<tr>
				<td height="31" valign="top">
				<table border="1px" class="kecttep_list_table" bordercolor="#e3e3e3"
					width="100%" cellpadding="0" cellspacing="0">
					<!---- 아이디 ---->
					<tr>
						<td width="100" height="31" class="kecttep_tdmenu"
							style="padding-left: 10;"><img
							src="/totsys/common/images/icon.gif" align="middle">&nbsp;&nbsp;<b>ID</b></td>
						<td class="kecttep_last_graytd" style="padding-left: 10;">&nbsp;<%= MString.checkNull(userID) %></td>
					</tr>
					<!---- 비밀번호---->
					<!--tr>
						<td width="150" height="31" class="kecttep_tdmenu" style="padding-left:10;"><img src="/totsys/common/images/icon.gif" align="middle">&nbsp;&nbsp;<b><%=MoumiConfig.getMessageBundle().getString("moumi.message.tot_doc.password")%></b></td>
						<td bgcolor="F8F8F8" style="padding-left:10;"><input type="password" name="passwd" class=inputtxt value="<%= MString.checkNull(passwd) %>" ></td>
					</tr-->
					<!---- 이름 ---->
					<tr>
						<td height="31" class="kecttep_tdmenu" style="padding-left: 10;"><img
							src="/totsys/common/images/icon.gif" align="middle">&nbsp;&nbsp;<b><%=MoumiConfig.getMessageBundle().getString("moumi.message.tot_doc.userName")%></b></td>
						<td class="kecttep_last_graytd" style="padding-left: 10;">&nbsp;<%= MString.checkNull(userName) %></td>
					</tr>
					<!---- 소속기관/부서 ---->
					<tr>
						<td height="31" class="kecttep_tdmenu" style="padding-left: 10;"><img
							src="/totsys/common/images/icon.gif" align="middle">&nbsp;&nbsp;<b><%=MoumiConfig.getMessageBundle().getString("moumi.message.tot_doc.belongTo")%><%=MoumiConfig.getMessageBundle().getString("moumi.message.tot_doc.coporation")%>/<%=MoumiConfig.getMessageBundle().getString("moumi.message.tot_doc.devision")%></b></td>
						<td class="kecttep_last_graytd" style="padding-left: 10;">&nbsp;<%= MString.checkNull(deptName) %></td>
					</tr>
					<!---- 전화번호---->
					<tr>
						<td height="31" class="kecttep_tdmenu" style="padding-left: 10;"><img
							src="/totsys/common/images/icon.gif" align="middle">&nbsp;&nbsp;<b><%=MoumiConfig.getMessageBundle().getString("moumi.message.tot_doc.telNumber")%></b></td>
						<td class="kecttep_last_graytd" style="padding-left: 10;">&nbsp;<input type="text"  name="phone" class=inputtxt value="<%=MString.checkNull(phone) %>" align="center"></td>
					</tr>
					<!---- E-MAIL ---->
					<tr>
						<td height="31" class="kecttep_tdmenu" style="padding-left: 10;"><img
							src="/totsys/common/images/icon.gif" align="middle">&nbsp;&nbsp;<b>E-MAIL</b></td>
						<td class="kecttep_last_graytd" style="padding-left: 10;">&nbsp;<input type="text"  name="email" class=inputtxt value="<%= MString.checkNull(email) %>" align="center"></td>
					</tr>
					<!---- 직위명 ---->
                                        <!--<tr>
						<td height="31" class="kecttep_tdmenu" style="padding-left: 10;"><img
							src="/totsys/common/images/icon.gif" align="middle">&nbsp;&nbsp;<b><%=MoumiConfig.getMessageBundle().getString("moumi.message.tot_doc.position")%><%=MoumiConfig.getMessageBundle().getString("moumi.message.tot_doc.name")%></b></td>
						<td class="kecttep_last_graytd" style="padding-left: 10;">&nbsp;<%= MString.checkNull(dutyName) %></td>
					</tr>-->
					<!---- 정렬순위 ---->
                                        <!---- 권한 ---->
					<tr>
						<td height="31" class="kecttep_tdmenu" style="padding-left: 10;"><img
							src="/totsys/common/images/icon.gif" align="middle">&nbsp;&nbsp;<b>권한</b></td>
						<td class="kecttep_last_graytd" style="padding-left: 10;">&nbsp;<%= sysAuth %></td>
					</tr>

				</table>
				</td>
			</tr>
            </form>
		</table>
		</td>
		<td nowrap width="10"></td>
	</tr>
	<!------------------------------- top menu start ------------------------------->
	<%@ include file="/totsys/common/inc/buttom/buttom.jsp"%>
	<!------------------------------- top menu end ------------------------------->
</table>
</BODY>
</HTML>
<%
}catch(Exception ex){
        //38.오류메세지를 통한 정보 노출(getMessage)_CWE-209 : Update by YOUNGJUN,CHO
	ex.printStackTrace();
	//out.println(ex);
	//out.println("<html><body style='overflow=auto' bgcolor='white'><h1>Can't contact servlet runner</h1><br><br>Message : "+ex.getMessage()+"</body></html>");
	//out.println("<META HTTP-EQUIV='refresh' CONTENT='0.1; URL=/error/exception.jsp'>");
        //================================================
}finally{
	if(tx.isActive())
		tx.rollback();
	pm.close();
}
%>