Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Merge pull request #160 from arc12012/bugs
Bugs
- Loading branch information
Showing
3 changed files
with
161 additions
and
74 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,147 @@ | ||
<%@ page import = "database.*,entities.User,utilities.Mail" %> | ||
<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%> | ||
<%@ page import = "java.sql.*" %> | ||
<%@ page import = "java.security.MessageDigest" %> | ||
<%@ page import = "java.security.NoSuchAlgorithmException" %> | ||
<%@ page import = "java.util.Random" %> | ||
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> | ||
<html> | ||
<head> | ||
<meta charset="utf-8"> | ||
<meta http-equiv="X-UA-Compatible" content="IE=edge"> | ||
<meta name="viewport" content="width=device-width, initial-scale=1"> | ||
<!-- The above 3 meta tags *must* come first in the head; any other head content must come *after* these tags --> | ||
<meta name="description" content=""> | ||
<meta name="author" content=""> | ||
|
||
<title>Innovation Hub</title> | ||
|
||
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css"> | ||
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script> | ||
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script> | ||
<link rel = "stylesheet" type = "text/css" href = "html/css/stylesheet.css"> | ||
<link rel = "shortcut icon" href = "html/imgs/synchrony-financial-logo-dlpx_1.ico"> | ||
</head> | ||
<body> | ||
<nav class="navbar navbar-inverse navbar-fixed-top" id = "navbaruniversal" style = "visibility: hidden;"> | ||
<div class="container-fluid"><div class="navbar-header"><button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar"><span class="sr-only">Toggle navigation</span><span class="icon-bar"></span><span class="icon-bar"></span><span class="icon-bar"></span></button><a class="navbar-brand" href="index.jsp"><img src="html/imgs/synchrony-financial-logo-dlpx_1.png" style = "height: 100%;"></a></div><div id="navbar" class="navbar-collapse collapse" aria-expanded="false"><ul class="nav navbar-nav navbar-right"><li><a href="index.jsp">Synchrony Device Request System</a></li></ul></div></div> | ||
</nav> | ||
<div id = "info" style = "margin-left: 10px; visibility: hidden;"> | ||
<h2>Password Reset</h2> | ||
<h3 id = "msg"></h3> | ||
<button class = "btn btn-primary" onclick="goBack()">Go Back</button> | ||
</div> | ||
</body> | ||
<% | ||
int success=0; | ||
/* | ||
If the user wants to reset their password, we will keep them on this page. | ||
*/ | ||
if(request.getParameter("reset") != null){ | ||
int ssoNum = Integer.parseInt(request.getParameter("username")); | ||
String email = request.getParameter("email"); | ||
/* | ||
Generate new password randomly | ||
*/ | ||
String chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"; | ||
StringBuilder random = new StringBuilder(); | ||
Random rnd = new Random(); | ||
//String is 16 characters long | ||
while(random.length() < 16){ | ||
int index = (int)(rnd.nextFloat()*chars.length()); | ||
random.append(chars.charAt(index)); | ||
} | ||
String newpass = random.toString(); | ||
String hashpass = null; | ||
/* | ||
Hash new password. | ||
*/ | ||
try { | ||
MessageDigest md1 = MessageDigest.getInstance("MD5"); | ||
md1.update(newpass.getBytes()); | ||
byte[] bytes = md1.digest(); | ||
StringBuilder sb = new StringBuilder(); | ||
for(int i = 0; i<bytes.length; i++) | ||
sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1)); | ||
hashpass = sb.toString(); | ||
} | ||
catch (NoSuchAlgorithmException e){ | ||
} | ||
/* | ||
Make database connection | ||
*/ | ||
String database = "jdbc:mysql://us-cdbr-iron-east-04.cleardb.net/ad_15a989204c2ff8a?user=b372dfe7409692&password=74f6e317"; | ||
String user = "b372dfe7409692"; | ||
String password = "74f6e317"; | ||
Class.forName("com.mysql.jdbc.Driver"); | ||
Connection connection; | ||
Statement stmt; | ||
for(;;){ | ||
try{ | ||
connection = DriverManager.getConnection(database, user, password); | ||
break; | ||
} | ||
catch(SQLException e){ | ||
Thread.sleep(1); | ||
} | ||
} | ||
for(;;){ | ||
try{ | ||
stmt = connection.createStatement(); | ||
break; | ||
} | ||
catch(SQLException e){ | ||
Thread.sleep(1); | ||
} | ||
} | ||
/* | ||
We check to make sure that the email and SSO number match. | ||
*/ | ||
ResultSet set = stmt.executeQuery("SELECT * from employee WHERE Email = \'" + email + "\' AND Employee_ID = " + ssoNum); | ||
if(set.next()){ | ||
success = 1; | ||
stmt.executeUpdate("UPDATE admin SET Password = \"" + hashpass + "\", Password_Flag = 0 WHERE Admin_ID = " + ssoNum); | ||
User changepass = new User(ssoNum, | ||
set.getInt("Location_ID"), | ||
set.getString("Name"), | ||
set.getString("Phone_Number"), | ||
set.getString("Email"), | ||
set.getInt("Img_Index"), | ||
set.getInt("Notification_Preference")); | ||
stmt.close(); | ||
connection.close(); | ||
new Mail(changepass).sendTemporaryPassword(newpass); | ||
} | ||
/* | ||
Email and SSO did not match, so we end. | ||
*/ | ||
else{ | ||
success = 0; | ||
stmt.close(); | ||
connection.close(); | ||
} | ||
} | ||
%> | ||
<script> | ||
/* | ||
At this point, we show the user what happened. | ||
*/ | ||
if(<%=success%> == 1) | ||
document.getElementById("msg").innerHTML = "Please check your email to get your newly generated password!"; | ||
else | ||
document.getElementById("msg").innerHTML = "Email and SSO Number did not match. Please go back and try again."; | ||
document.getElementById("info").style.visibility = 'visible'; | ||
document.getElementById("navbaruniversal").style.visibility = 'visible'; | ||
/* | ||
Goes back to the previous page. | ||
*/ | ||
function goBack(){ | ||
window.history.back(); | ||
} | ||
</script> | ||
</html> |