jskim
/
moumiKnu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
knu project
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
69 MiB
 
 
 
 
 
 
Tag: Branch: Tree: 1420a4cf07
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1420a4cf07'
${ noResults }
moumiKnu/src_bak/kr/co/kihyun/tree/DeptRegist.java

89 lines
4.4 KiB
Raw Blame History

package kr.co.kihyun.tree;
//import java.sql.ResultSet;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.SQLException;
//import javax.servlet.ServletException;
//import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
//import kr.co.kihyun.lang.Encoder;
import kr.co.kihyun.lang.MInteger;
//import kr.co.kihyun.lang.MLong;
import kr.co.kihyun.moumi.MoumiConfig;
import kr.co.kihyun.db.DBManager;
import kr.co.kihyun.lang.MString;
import kr.co.kihyun.beans.user.HttpSSOLogin;
import kr.co.kihyun.text.html.ServletUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class DeptRegist extends DBManager
{
private static final Logger LOG = LoggerFactory.getLogger(DeptRegist.class);
public DeptRegist(HttpServletRequest req,HttpServletResponse res)
{
String deptId=null;
PrintWriter out=null;
try
{
res.setContentType("text/html;charset=UTF-8");
out = res.getWriter();
if(!HttpSSOLogin.isLogin(req))
{
String connURL = "location='/totsys/login/login.jsp';";
out.println(ServletUtil.getJavaScript(connURL));
return;
}
String name=MString.checkNull(req.getParameter("name"),"null");
String addr=MString.checkNull(req.getParameter("addr"),"null");
deptId=MString.checkNull(req.getParameter("id"),"null");
String phone=MString.checkNull(req.getParameter("phone"),"null");
String upperId = MString.checkNull(req.getParameter("upperId"),"null");
if(name.equals("null")) name=null; if(addr.equals("null")) addr=null;
if(deptId.equals("null")) deptId=null; if(phone.equals("null")) phone=null; if(upperId.equals("null")) upperId=null;
if(upperId!=null && upperId.equals("ROOT")) upperId=null;
String selType = req.getParameter("selType");
if(selType==null || selType.equals("on")) selType="Y";
else selType="N";
int priority = MInteger.parseInt(req.getParameter("priority"));
String location = req.getParameter("location");
if(location==null || location.equals("mnd")) location="1";
else location="2";
String sql="INSERT INTO MOUMI_DEPT (ID,NAME,ADDR,PHONE,SEL_TYPE,PRIORITY,UPPER_DEPT,LOCATION,SEQNUM,IS_OUT,SYS_AUTH,ORGAN) ";
sql+="VALUES(?,?,?,?,?,?,?,?,'0','N',2,?)";
execUpdate(sql,deptId,name,addr,phone,selType,priority,upperId,location,deptId);
out.println(ServletUtil.alert("새로운 데이터가 추가되었습니다."));
out.println(ServletUtil.redirect("/totsys/sysadm/dept/dept_view.jsp?reload=yes&deptID="+deptId));
//44.적절하지 않은 예외처리(광범위예외클래스)_CWE-754 Add by YOUNGJUN,CHO
} catch (IOException ioex) {
ioex.printStackTrace();
out.println(ServletUtil.alert(MoumiConfig.getMessageBundle().getString("moumi.message.popup.notCoporationChangeAdmin")));
out.println(ServletUtil.redirect("/totsys/sysadm/dept/empty.jsp?deptID="+deptId));
} catch (SQLException sqlex) {
sqlex.printStackTrace();
out.println(ServletUtil.alert(MoumiConfig.getMessageBundle().getString("moumi.message.popup.notCoporationChangeAdmin")));
out.println(ServletUtil.redirect("/totsys/sysadm/dept/empty.jsp?deptID="+deptId));
//++++++++++++++++++++++++++++++++++++++++++++++++
}
catch (Exception e)
{
e.printStackTrace();
out.println(ServletUtil.alert(MoumiConfig.getMessageBundle().getString("moumi.message.popup.notCoporationChangeAdmin")));
//v2. 9.크로스사이트 스크립트 (PrintWrier) : Update by KWON,HAN
// out.println(ServletUtil.redirect("/totsys/sysadm/dept/empty.jsp?deptID="+deptId));
// 수정 : 외부 입력값 필터링
String callbackFunc = "/totsys/sysadm/dept/empty.jsp?deptID="+deptId;
String filtered_callbackFunc = callbackFunc.replaceAll("<","").replaceAll(">","").replaceAll("&","").replaceAll(",","");
LOG.debug("v2 9.크로스사이트 스크립트 (PrintWrier) : DeptRegist.DeptRegist() filtered_callbackFunc={}, Not Test", filtered_callbackFunc);
out.println(ServletUtil.redirect(filtered_callbackFunc));
//========================================
}
finally { execClose(); }
}
}