changepwdservlet.java

分为经理和出纳2个权限

package com.yiboit.cfss;

import java.io.IOException;
import java.io.PrintWriter;
import java.sql.SQLException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class ChangePwdServlet extends HttpServlet {

	/**
	 * The doGet method of the servlet. <br>
	 * 
	 * This method is called when a form has its tag value method equals to get.
	 * 
	 * @param request
	 *            the request send by the client to the server
	 * @param response
	 *            the response send by the server to the client
	 * @throws ServletException
	 *             if an error occurred
	 * @throws IOException
	 *             if an error occurred
	 */
	public void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		String old = request.getParameter("old");

		String newPwd = request.getParameter("new");
		String confirm = request.getParameter("confirm");

		HttpSession session = request.getSession(true);

		String username = (String) session.getAttribute("logonUsername");
		String password = (String) session.getAttribute("logonPassword");
		String flag = (String) session.getAttribute("logonFlag");

		if (old == null || old.length() == 0) {
			request.setAttribute("errmsg", "Old password is required.");
			request.getRequestDispatcher("changePwd.jsp").forward(request,
					response);
			return;
		}

		if (newPwd == null || newPwd.length() == 0) {
			request.setAttribute("errmsg", "New password is required.");
			request.getRequestDispatcher("changePwd.jsp").forward(request,
					response);
			return;
		}

		if (confirm == null || confirm.length() == 0) {
			request.setAttribute("errmsg", "Confirm password is required.");
			request.getRequestDispatcher("changePwd.jsp").forward(request,
					response);
			return;
		}

		if (!confirm.equals(newPwd)) {
			request.setAttribute("errmsg",
					"New password is not compatible with confirm password.");
			request.getRequestDispatcher("changePwd.jsp").forward(request,
					response);
			return;
		}

		if (!old.equals(password)) {
			request.setAttribute("errmsg", "Old password is wrong.");
			request.getRequestDispatcher("changePwd.jsp").forward(request,
					response);
			return;
		}

		if (newPwd.length() > 30) {
			request.setAttribute("errmsg", "New password is too long.");
			request.getRequestDispatcher("changePwd.jsp").forward(request,
					response);
			return;
		}

		ChangePwdDAO dao = new ChangePwdDAO();

		try {
			boolean res = dao.savePwd(username, newPwd);

			if (res) {
				session.setAttribute("logonPassword", newPwd);
				response.sendRedirect("description.jsp");
			} else {
				request.setAttribute("errmsg", "Update failure.");
				request.getRequestDispatcher("changePwd.jsp").forward(request,
						response);
			}
		} catch (SQLException e) {
			e.printStackTrace();
			response.sendRedirect(request.getContextPath() + "/error.jsp");
		}
	}

	/**
	 * The doPost method of the servlet. <br>
	 * 
	 * This method is called when a form has its tag value method equals to
	 * post.
	 * 
	 * @param request
	 *            the request send by the client to the server
	 * @param response
	 *            the response send by the server to the client
	 * @throws ServletException
	 *             if an error occurred
	 * @throws IOException
	 *             if an error occurred
	 */
	public void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		this.doGet(request, response);
	}

}