diff --git a/WebContent/adminLogin.jsp b/WebContent/adminLogin.jsp index e33796f..df36b10 100644 --- a/WebContent/adminLogin.jsp +++ b/WebContent/adminLogin.jsp @@ -1,88 +1,221 @@ <%@ page import = "database.*" %> -<%@ page language="java" contentType="text/html; charset=ISO-8859-1" - pageEncoding="ISO-8859-1"%> +<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%> <%@ page import = "java.sql.*" %> <%@ page import = "java.security.MessageDigest" %> <%@ page import = "java.security.NoSuchAlgorithmException" %> -<% -int ssoNum; -String pass; -Cookie adminCookie; +<%@ page import = "java.util.Random" %> + + +
+ + + + + + -ssoNum = Integer.parseInt(request.getParameter("username")); -pass = request.getParameter("pass"); -String generatedPass = null; +Ticket ID | -Requestor Name | -Location Name | -Device Name | -Status | -Return Date | -
---|
Ticket ID | +Requestor Name | +Location Name | +Device Name | +Status | +Permanent? | +Return Date | +
---|
Thanks for approving a ticket!
+You can ship the devices to the following address:
+You shouldn't be seeing this page :)
+ +<% +/* + We follow into this "if" statement if the password change form was submitted. +*/ +if(request.getParameter("password") != null){ + /* + Gathering form information that the user submitted. + */ + String old = request.getParameter("old"); + String newpass = request.getParameter("new"); + String confirm = request.getParameter("confirm"); + String generatedOldPass = null; + + /* + This uses MD5 to hash the old password the user entered in, so it can be compared against what is in the DB. + */ + try { + MessageDigest md = MessageDigest.getInstance("MD5"); + md.update(old.getBytes()); + byte[] bytes = md.digest(); + StringBuilder sb = new StringBuilder(); + for(int i = 0; iYou shouldn't be seeing this page :)
- <% //make instance String ticketidstr = request.getParameter("ticketid"); String deviceidstr = request.getParameter("deviceid"); String locationidstr = request.getParameter("locationid"); +String permanent = request.getParameter("permField"); int ticketid = Integer.parseInt(ticketidstr); int deviceid = Integer.parseInt(deviceidstr); int locationid = Integer.parseInt(locationidstr); +int perm = permanent.equals("Yes") ? 1 : 0; //approve form was submitted if(request.getParameter("approve") != null){ - TicketQueries.acceptTicket(ticketid,deviceid,locationid,Integer.parseInt(navsso)); + Cookie location = new Cookie("location",Integer.toString(locationid)); + location.setMaxAge(30*60); + location.setPath("/"); + response.addCookie(location); + TicketQueries.acceptTicket(ticketid,deviceid,locationid,Integer.parseInt(navsso),perm); User client = EmployeeQueries.getEmployeeByID(TicketQueries.getUserID(ticketid)); boolean notificationPreferences = (Math.floor(client.getNotificationPreferences()/2)%2==1); //The second least significant bit of notificationPreferences - the 2's place - is used for ticket approval notifications. if(notificationPreferences){ NotificationQueue q = new NotificationQueue(client,"ticketConfirmations"); q.start(); + response.sendRedirect("../administration/ticketApprove.jsp"); + return; } } //reject form was submitted @@ -55,12 +60,10 @@ if(request.getParameter("reject") != null){ if(notificationPreferences){ NotificationQueue q = new NotificationQueue(client, "ticketRejections"); q.start(); + response.sendRedirect("../administration/adminApprove.jsp"); + return; } } %> - -