mysql.java

piweurrrrq i o fhsadhfka fd dskajc zxkjcnkjsahc

/*
 * Mysql Authentication Module:
 * By Leif Jackson <ljackson@jjcons.com>
 * Last Updated: 03.22.2000 
 * ChangeLog:
 *  - 03.21.2000 
 *   * Created base SQL code for auth and create a local connection to test with
 *  - 03.22.2000
 *   * Fixed up the SQL table and cleaned up the code a bit. It is now working.
 *  - 03.22.2000 - TL
 *   * Made this class non-static
 *   * Keeping the db connection cached.
 *   * Using the new error logger
 *   * Added a finally clause so the Statement is always closed 
 */

package com.lyrisoft.auth.mysql;

import java.util.*;
import java.sql.*;

import com.lyrisoft.chat.server.remote.AccessDenied;
import com.lyrisoft.util.properties.*;
import com.lyrisoft.chat.server.remote.ChatServer;

public class Mysql {
    private Connection Conn = null;

    Mysql() 
    {
        try {
            Properties p = PropertyTool.loadProperties("mysqlauth.conf");
            String MysqlClass = PropertyTool.getString("mysql.class", p);
            String DBUrl = PropertyTool.getString("mysql.dburl", p);
            Class.forName(MysqlClass).newInstance();
            Conn = DriverManager.getConnection(DBUrl);

            ChatServer.log("Mysql initialized");
        }
        catch (Exception e) {
            ChatServer.log(e);
            throw new RuntimeException(e.toString());
        }
    }

    /**
     * Gets a MysqlRecord.
     *
     * @param userId the user Id
     * @param password the password in plaintext
     * @return the PasswdRecord or null if the user was not found
     * @throw AccessException if the user was found, 
     *   but his password did not match the contents of the user record.
     */
    public synchronized final MysqlRecord getRecord(String userId, 
        String password) throws SQLException, AccessDenied
    {
        Statement Stmt = null;
        MysqlRecord r = null;
        try {
            Stmt = Conn.createStatement();
            String query = "SELECT COUNT(*) FROM users WHERE user='" + userId + "'";
            ResultSet RS = Stmt.executeQuery(query);
            if (RS.next()) {
                if (RS.getInt(1) == 0) {
                    // no user record
                    return null;
                }
            }

            query = "select * from users where user = '" + userId +
                    "' and password = password('" + password + "')";
            RS = Stmt.executeQuery(query);
            if(RS.next()){
                r = new MysqlRecord(RS.getString("user"), 
                                    RS.getInt("access"),
                                    RS.getString("password"));
                return r;
            } else {
                throw new AccessDenied(userId);
//                throw new AccessException("Access denied for " + userId);
            }
        } catch (SQLException E) {
            ChatServer.log(E);
            ChatServer.logError("  SQLException: " + E.getMessage());
            ChatServer.logError("  SQLState:     " + E.getSQLState());
            ChatServer.logError("  VendorError:  " + E.getErrorCode());
            throw E;
        } finally {
            // always Clean Up
            if (Stmt != null) {
                try {
                    Stmt.close(); 
                } catch (SQLException e) {
                    ChatServer.log(e);
                }
            }
        }
    }
  
}