<%@ page contentType="text/html; charset=UTF-8" %> <%@ page import="kr.co.kihyun.lang.MString" %> <%@ page import="kr.co.kihyun.lang.Encoder" %> <%@ page import="kr.co.kihyun.moumi.Moumi"%> <%@ page import="kr.co.kihyun.text.html.ServletUtil" %> <%@ page import="kr.co.kihyun.beans.user.HttpSSOLogin" %> <%@ page import="java.net.URLEncoder" %> <%@ include file="/totsys/common/inc/sec/secure.inc.jsp" %> <% try{ /************ Parameter ************/ String strPage = ""; String findOption = ""; String findWord = ""; String userID = ""; String dirPath = URLEncoder.encode("사용자관리"); String uri = URLEncoder.encode("./user_list.jsp?findOption="+findOption+"&findWord="+findWord); strPage = clearXSS(request.getParameter("strPage"),""); findOption = clearXSS(MString.checkNull(request.getParameter("findOption")),""); findWord = clearXSS(Encoder.toJava(request.getParameter("findWord")),""); userID = clearXSS(Encoder.toJava(request.getParameter("userID")),""); /************ User values ************/ String passWord = ""; String userName = ""; //String slNo1 = ""; //String slNo2 = ""; String email = ""; String phone = ""; //String handTell = ""; int sysAuth = 0; String deptID = ""; String deptName = ""; String passcode = ""; String partID = ""; String partName = ""; String domainName = ""; int partSysAuth = 0; String dutyName = ""; int priority = 0; //v2. 13.SQL 삽입 : userView.executeQuery()에서 prepare SQL 문으로 되어 있다. userView.executeQuery(userID); //================= passWord = userView.getPasswd(); userName = userView.getName(); email = userView.getEmail(); phone = userView.getPhone(); sysAuth = userView.getSysAuth(); deptID = userView.getDeptID(); deptName = userView.getDeptName(); passcode = userView.getPasscode(); partSysAuth = userView.getPartSysAuth(); domainName = MString.checkNull(userView.getDomainName()); dutyName = userView.getDutyName(); priority = userView.getPriority(); %> <%@page import="kr.co.kihyun.beans.entity.MUser"%> <%=Moumi.getTitle()%> <%@ include file="/totsys/common/inc/buttom/buttom.jsp" %>
<%-- <% %> --%>
  ID <%= MString.checkNull(userID) %>   
  이 름
  소속기관/부서
  전화번호 >
  E-MAIL
  직위명
  문서수발담당자/>
  정렬순위
<% }catch(Exception ex){ //38.오류메세지를 통한 정보 노출(getMessage)_CWE-209 : Update by YOUNGJUN,CHO ex.printStackTrace(); //out.println(ex);//앤개 //out.println("

Can't contact servlet runner



Message : "+ex.getMessage()+""); //out.println(""); //================================================ }finally{ } %>