moumiKnu/webapps/totsys/sysadm/dept/toolbar.jsp

<%
/**********************************************************************************
	프로그램명		: dept_view.jsp
	프로그램설명	:
	작 성 자			: 조용준
	작 성 일			: 04.0702
	최신변경일		:
***********************************************************************************/
%>
<%@ page contentType="text/html; charset=UTF-8"%>
<%@ page import="javax.jdo.PersistenceManager"%>
<%@ page import="javax.jdo.Transaction"%>
<%@ page import="kr.co.kihyun.beans.entity.MDept"%>
<%@ page import="kr.co.kihyun.beans.entity.util.*"%>
<%@ page import="kr.co.kihyun.beans.user.HttpSSOLogin"%>
<%@ page import="kr.co.kihyun.text.html.ServletUtil"%>
<%@ page import="kr.co.kihyun.moumi.Moumi"%>
<%@ page import="kr.co.kihyun.lang.MString"
	import="kr.co.kihyun.lang.MLong"
	import="kr.co.kihyun.lang.MLong" import="org.slf4j.Logger"
	import="org.slf4j.LoggerFactory"%>

<%
Logger LOG = LoggerFactory.getLogger(this.getClass());
	PersistenceManager pm = new MPersistenceManager(PMF.get().getPersistenceManager());
	Transaction tx = pm.currentTransaction();
	try{

		request.setCharacterEncoding("UTF-8");
        /***** user Login check *****************/
		if(!HttpSSOLogin.isLogin(request)){
			String connURL="parent.location='/totsys/login/login.jsp';";
			out.println(ServletUtil.getJavaScript(connURL));
			return;
		}

		/****** Parameter ******/

		String deptID=request.getParameter("deptID");

		/****** DEPT view data get ******/
		tx.begin();

		MDept deptView = (MDept)pm.getObjectById(MDept.class, deptID);


		String passcode = deptView.getPasscode();
		tx.rollback();
%>
<style>
td {
	padding: 0 0 2 0;
}
</style>
<SCRIPT language="javascript">
			function deptDel(){
				if (confirm('정말 삭제하시겠습니까?')) {
					location.href="/servlet/kr.co.kihyun.tree.HttpDeptDeleter?id=<%=deptID%>&passcode=<%=passcode%>";
				}
			}
		</SCRIPT>

<table width="505" border="0" cellpadding="0" cellspacing="0">
	<tr class="toolbar">
		<td align="right" style="padding-right:10px">
		<table border="0" cellspacing="0" cellpadding="0">
			<tr>
				<td><A
					href="<%if(deptID == null) {%>
                                                  #
                                              <%} else { 
                                                  //v2. 14.디렉토리 경로 조작(getParameter)_CWE-22/23 : 오탐
                                                  out.write("dept_modify.jsp?deptID="+deptID); 
                                              }%>"><img src="/totsys/common/images/bt_timm.gif"  border="0" align="absmiddle"></a></td>
				<td>&nbsp;<a  href="#"
					onclick="<% if(deptID != null) {%>deptDel();<%}%>"><img src="/totsys/common/images/bt_timd.gif"  border="0" align="absmiddle"></a></td>
			</tr>
		</table>
		</td>
	</tr>
</table>
<%
	}catch(Exception ex){
                //38.오류메세지를 통한 정보 노출(getMessage)_CWE-209 : Update by YOUNGJUN,CHO
		ex.printStackTrace();
		//out.println(ex);
		//out.println("<html><body style='overflow=auto' bgcolor='white'><h1>Can't contact servlet runner</h1><br><br> Message : "+ex.getMessage()+"</body></html>");
		//out.println("<META HTTP-EQUIV='refresh' CONTENT='0.1 URL=/error/exception.jsp'>");
                //================================================
	}finally{
		if(tx.isActive())
			tx.rollback();
		pm.close();
	}
%>