You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
130 lines
6.0 KiB
130 lines
6.0 KiB
/************************************************************************************************* |
|
* 프로그램명 : HttpAssign.java 프로그램설명 : 보고자 이관 요청에 대한 정보 작성자 : 작성일 : 변경일 : |
|
**************************************************************************************************/ |
|
|
|
package kr.co.kihyun.beans.totsys.repoper; |
|
|
|
import java.io.IOException; |
|
import java.io.PrintWriter; |
|
import java.util.Date; |
|
|
|
import javax.jdo.PersistenceManager; |
|
import javax.servlet.ServletException; |
|
import javax.servlet.annotation.WebServlet; |
|
import javax.servlet.http.HttpServlet; |
|
import javax.servlet.http.HttpServletRequest; |
|
import javax.servlet.http.HttpServletResponse; |
|
import javax.servlet.http.HttpSession; |
|
import kr.co.kihyun.beans.entity.AcptDoc; |
|
|
|
import kr.co.kihyun.beans.entity.TotDoc; |
|
import kr.co.kihyun.beans.entity.TotReport; |
|
import kr.co.kihyun.beans.entity.TotReportProcess; |
|
import kr.co.kihyun.beans.entity.util.MPersistenceManager; |
|
import kr.co.kihyun.beans.entity.util.*; |
|
import kr.co.kihyun.beans.user.HttpSSOLogin; |
|
import kr.co.kihyun.lang.MInteger; |
|
import kr.co.kihyun.lang.MLong; |
|
import kr.co.kihyun.lang.MString; |
|
import kr.co.kihyun.moumi.MoumiConfig; |
|
import kr.co.kihyun.moumi.report.MReport; |
|
import kr.co.kihyun.text.html.ServletUtil; |
|
|
|
import org.slf4j.Logger; |
|
import org.slf4j.LoggerFactory; |
|
@WebServlet("/servlet/kr.co.kihyun.beans.totsys.repoper.HttpPrssUpdate") |
|
public class HttpPrssUpdate extends HttpServlet { |
|
|
|
/** |
|
* |
|
*/ |
|
private static final long serialVersionUID = 1L; |
|
private static final Logger LOG = LoggerFactory.getLogger(HttpPrssUpdate.class); |
|
|
|
public void doPost(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { |
|
res.setContentType("text/html;charset=UTF-8"); |
|
PrintWriter out = res.getWriter(); |
|
HttpSession session = req.getSession(true); |
|
|
|
/*********** User HttpLogin check ***********/ |
|
if (!HttpSSOLogin.isLogin(req)) { |
|
String connURL = "location='/totsys/login/login.jsp';"; |
|
out.println(ServletUtil.getJavaScript(connURL)); |
|
return; |
|
} |
|
|
|
/********** session내의 userId **********/ |
|
String usID = HttpSSOLogin.getLoginID(req); |
|
String deptName = HttpSSOLogin.getDeptName(req); |
|
|
|
/********** parameter value **********/ |
|
Long reportID = MLong.parseLong(req.getParameter("reportID"), null); |
|
Long repDocID = MLong.parseLong(req.getParameter("repDocID"), null); |
|
|
|
int prss = MInteger.parseInt(req.getParameter("prss")); |
|
int totRange = MInteger.parseInt(req.getParameter("totRange"), 0); |
|
int accDocCd = MInteger.parseInt(req.getParameter("accDocCd")); |
|
//out.println("accDocCd: {}"+ accDocCd); |
|
LOG.debug("deptName : {}",deptName); |
|
PersistenceManager pm = new MPersistenceManager(PMF.get().getPersistenceManager()); |
|
try { |
|
/********** regist **********/ |
|
TotReport totReport = pm.getObjectById(TotReport.class, reportID); |
|
|
|
|
|
|
|
if (prss == MReport.COMP) { |
|
totReport.setProcess(TotReportProcess.COMP); |
|
totReport.setRegDate(new Date()); |
|
totReport.setRepTotDoc(repDocID == null ? null : pm.getObjectById(TotDoc.class, repDocID)); |
|
AcptDoc acptDoc =null; |
|
if(accDocCd > 0 && !MString.isNull(deptName)){ |
|
acptDoc = new AcptDoc(deptName, accDocCd); |
|
} |
|
totReport.setAcptDoc(acptDoc); |
|
|
|
pm.makePersistent(totReport); |
|
} else if (prss == MReport.ACCEPT_LIST) { |
|
totReport.clearAttachment(); |
|
totReport.setData(null); |
|
totReport.setProcess(TotReportProcess.values()[prss]); |
|
totReport.setNote(null); |
|
//if (totRange == 0) |
|
totReport.setUser(null); |
|
pm.makePersistent(totReport); |
|
} else if (prss == MReport.RETURN) { |
|
totReport.setProcess(TotReportProcess.values()[prss]); |
|
pm.makePersistent(totReport); |
|
} else { |
|
throw new IllegalArgumentException("prss("+prss+") is incorrect."); |
|
} |
|
LOG.info(TotReportProcess.COMP + "{}, {}, {}", new Object[] { usID, req.getRemoteAddr(), reportID }); |
|
// out.println(ServletUtil.alert("제출완료!\\n \\n제출된 자료는 제출완료함에서 확인할 수 있습니다.")); |
|
String targetURI = (String) session.getAttribute("compSuccTargetURI"); |
|
out.println(ServletUtil.redirect(targetURI)); |
|
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO |
|
} catch (IllegalArgumentException iaex) { |
|
LOG.error(TotReportProcess.COMP + "{}, {}, {}", new Object[] { usID, req.getRemoteAddr(), reportID }); |
|
out.println(ServletUtil.alert(TotReportProcess.COMP + MoumiConfig.getMessageBundle().getString("moumi.message.popup.failTryAgain"))); |
|
out.println(ServletUtil.getJavaScript("history.back();")); |
|
iaex.printStackTrace(); |
|
//++++++++++++++++++++++++++++++++++++++++++++++++ |
|
} catch (Exception ex) { |
|
LOG.error(TotReportProcess.COMP + "{}, {}, {}", new Object[] { usID, req.getRemoteAddr(), reportID }); |
|
out.println(ServletUtil.alert(TotReportProcess.COMP + MoumiConfig.getMessageBundle().getString("moumi.message.popup.failTryAgain"))); |
|
//v2. 9.크로스사이트 스크립트 (PrintWrier) : Update by KWON,HAN |
|
// out.println(ServletUtil.getJavaScript("history.back();")); |
|
|
|
// 수정 : 외부 입력값 필터링 |
|
String callbackFunc = "history.back();"; |
|
String filtered_callbackFunc = callbackFunc.replaceAll("<","").replaceAll(">","").replaceAll("&","").replaceAll(",",""); |
|
LOG.debug("v2 9.크로스사이트 스크립트 (PrintWrier) : HttpPrssUpdate.doPost() filtered_callbackFunc={}, Not Test", filtered_callbackFunc); |
|
out.println(ServletUtil.getJavaScript(filtered_callbackFunc)); |
|
//======================================== |
|
|
|
ex.printStackTrace(); |
|
} finally { |
|
pm.close(); |
|
} |
|
} |
|
}
|
|
|