enteraction.java

一套完整的档案管理系统

package com.stsc.archive.manage;

import javax.servlet.http.*;
import org.apache.struts.action.*;
import java.util.Properties;

import com.stsc.util.STPoolDataSet;
import com.stsc.util.STResultSet;
import com.stsc.util.STSecurity;

import org.apache.struts.util.MessageResources;
import com.stsc.util.STSecurity;
/*
The action for the creation of a book.
@author stephan@stephanwiesner.de
*/
public final class EnterAction extends Action
{
	/**
	@param mapping The ActionMapping used to select this instance
	@param form The optional ActionForm bean for this request (if any)
	@param req The non-HTTP request we are processing
	@param res The non-HTTP response we are creating
	@return Return an ActionForward instance describing where and how
	control should be forwarded, or null if the response has already
	been completed.
	*/
	public ActionForward perform(ActionMapping mapping,
		ActionForm form, HttpServletRequest req,
		HttpServletResponse res)
	{
		System.out.println("Start perform(" + form + ") . . ." );
		String user = req.getParameter("user");
		String psd = req.getParameter("pass");
		System.out.println(user);
		System.out.println(psd);

		STSecurity security = new STSecurity();
		String strSecurity = security.Encrypt(psd);
		
		Properties dbBase = new Properties();
        dbBase.setProperty("dsJndiName", Constants.ARCHIVE_DBSOURCE_KEY);
        
        STPoolDataSet data = new STPoolDataSet();

		//2003-06-09 MODIFY BY LIQF
		//如果数据库为空，则添加'admin',密码为'admin'的数据。
		
		String strSecurity1= security.Encrypt("admin");
		STResultSet rs = data.getSTResult("select count(*) as total from fUserName where entername='admin'", dbBase);
		rs.next();
		if(rs.getInt("total")==0){
			String temp_sql="insert into fUserName(EnterName,username,password,Department,RowsPerPage)";
			temp_sql+=" values('admin','admin','"+strSecurity1+"','admin',10)";
			data.executeSQL(temp_sql,dbBase);
			for(int i=0;i<8;i++){
				data.executeSQL("insert into fuserrole(entername,roleid) values('admin',"+(i+1)+")",dbBase);
			}

		}

        String sql = "SELECT * FROM fUserName WHERE EnterName='" + user + "' AND Password='" + strSecurity + "'";
        System.out.println("begin query db...");
        //STResultSet rs = data.getSTResult(sql, dbBase);
        System.out.println("end");
		rs = data.getSTResult(sql, dbBase);
        if (rs!=null && rs.next()) 
        {
        	User userInfo = new User();
        	userInfo.setEnterName(user);
        	userInfo.setUserName(rs.getString("UserName"));
        	userInfo.setDepartment(rs.getString("Department"));
        	userInfo.setRowsPerPage(rs.getInt("RowsPerPage"));
        	
        	sql = "SELECT * FROM fRole WHERE RoleID IN (SELECT RoleID FROM fUserRole WHERE EnterName='" + user + "')";
        	rs = data.getSTResult(sql, dbBase);
        	if(rs != null)
        	{
	        	int iLen = rs.getRecCount();
	        	String[] popedoms = new String[iLen];
				int[] iPopedoms = new int[iLen];
	        	int i=0;
	        	while(rs.next())
	        	{
	        		popedoms[i] = rs.getString("Role");
					iPopedoms[i] = rs.getInt("RoleID");
	        		i++;
	        	}
	        	userInfo.setPopedoms(popedoms);
				userInfo.setIPopedoms(iPopedoms);
        	}
        	
        	HttpSession session = req.getSession();
        	session.setAttribute(Constants.CURRENT_USER_KEY, userInfo);
        	
        	return mapping.findForward("newMain");
        }
		else
		{
			ActionErrors errors = new ActionErrors();
			errors.add("user", new ActionError("error.enter.user"));
			saveErrors(req, errors);
			return (new ActionForward(mapping.getInput()));
		}
	}
}