Push

WebContent/passwordreset.jsp

@@ -1,4 +1,4 @@
-<%@ page import = "database.*" %>
+<%@ page import = "database.*,entities.User,utilities.Mail" %>
 <%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%>
 <%@ page import = "java.sql.*" %>
 <%@ page import = "java.security.MessageDigest" %>
@@ -33,100 +33,98 @@
 	</div>
 </body>
 <%
-int success = 0;
+int success=0;
 /*
 	If the user wants to reset their password, we will keep them on this page.
 */
-//if(request.getParameter("reset") != null){
-	//int ssoNum = Integer.parseInt(request.getParameter("username"));
-	//String email = request.getParameter("email");
+if(request.getParameter("reset") != null){
+	int ssoNum = Integer.parseInt(request.getParameter("username"));
+	String email = request.getParameter("email");
 	
 	/*
 		Generate new password randomly
 	*/
-	//String chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890";
-	//StringBuilder random = new StringBuilder();
-	//Random rnd = new Random();
+	String chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890";
+	StringBuilder random = new StringBuilder();
+	Random rnd = new Random();
 	//String is 16 characters long
-	//while(random.length() < 16){
-		//int index = (int)(rnd.nextFloat()*chars.length());
-		//random.append(chars.charAt(index));
-	//}
-	//String newpass = random.toString();
-	//String hashpass = null;
+	while(random.length() < 16){
+		int index = (int)(rnd.nextFloat()*chars.length());
+		random.append(chars.charAt(index));
+	}
+	String newpass = random.toString();
+	String hashpass = null;
 	
 	/*
 		Hash new password.
 	*/
-	//try {
-		//MessageDigest md1 = MessageDigest.getInstance("MD5");
-		//md1.update(newpass.getBytes());
-		//byte[] bytes = md1.digest();
-		//StringBuilder sb = new StringBuilder();
-		//for(int i = 0; i<bytes.length; i++)
-			//sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1));
-		//hashpass = sb.toString();
-	//}
-	//catch (NoSuchAlgorithmException e){
-		
-	//}
+	try {
+		MessageDigest md1 = MessageDigest.getInstance("MD5");
+		md1.update(newpass.getBytes());
+		byte[] bytes = md1.digest();
+		StringBuilder sb = new StringBuilder();
+		for(int i = 0; i<bytes.length; i++)
+			sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1));
+		hashpass = sb.toString();
+	}
+	catch (NoSuchAlgorithmException e){
+	}
 	
 	/*
 		Make database connection
 	*/
-	//String database = "jdbc:mysql://us-cdbr-iron-east-04.cleardb.net/ad_15a989204c2ff8a?user=b372dfe7409692&password=74f6e317";
-	//String user = "b372dfe7409692";
-	//String password = "74f6e317";
-	//Class.forName("com.mysql.jdbc.Driver");
-	//Connection connection;
-	//Statement stmt;
-	//for(;;){
-		//try{
-			//connection = DriverManager.getConnection(database, user, password);
-			//break;
-		//}
-		//catch(SQLException e){
-			//Thread.sleep(1);
-		//}
-	//}
-	//for(;;){
-		//try{
-			//stmt = connection.createStatement();
-			//break;
-		//}
-		//catch(SQLException e){
-			//Thread.sleep(1);
-		//}
-	//}
+	String database = "jdbc:mysql://us-cdbr-iron-east-04.cleardb.net/ad_15a989204c2ff8a?user=b372dfe7409692&password=74f6e317";
+	String user = "b372dfe7409692";
+	String password = "74f6e317";
+	Class.forName("com.mysql.jdbc.Driver");
+	Connection connection;
+	Statement stmt;
+	for(;;){
+		try{
+			connection = DriverManager.getConnection(database, user, password);
+			break;
+		}
+		catch(SQLException e){
+			Thread.sleep(1);
+		}
+	}
+	for(;;){
+		try{
+			stmt = connection.createStatement();
+			break;
+		}
+		catch(SQLException e){
+			Thread.sleep(1);
+		}
+	}
 	
 	/*
 		We check to make sure that the email and SSO number match.
 	*/
-	//ResultSet set = stmt.executeQuery("SELECT * from employee WHERE Email = \'" + email + "\' AND Employee_ID = " + sso)
-	//int success;
-	//if(set.next()){
-		//success = 1;
-		//stmt.executeUpdate("UPDATE admin SET Password = \"" + hashpass + "\", Password_Flag = 0 WHERE Admin_ID = " + ssoNum);
-		//User changepass = new User(ssoNum,
-			//set.getInt("Location_ID"),
-			//set.getString("Name"),
-			//set.getString("Phone_Number"),
-			//set.getString("Email"),
-			//set.getInt("Img_Index"),
-			//set.getInt("Notification_Preference"))
-		//stmt.close();
-		//connection.close();
-		//new Mail(changepass).sebdTemporaryPassword(newpass);
-	//}
+	ResultSet set = stmt.executeQuery("SELECT * from employee WHERE Email = \'" + email + "\' AND Employee_ID = " + ssoNum);
+	if(set.next()){
+		success = 1;
+		stmt.executeUpdate("UPDATE admin SET Password = \"" + hashpass + "\", Password_Flag = 0 WHERE Admin_ID = " + ssoNum);
+		User changepass = new User(ssoNum,
+			set.getInt("Location_ID"),
+			set.getString("Name"),
+			set.getString("Phone_Number"),
+			set.getString("Email"),
+			set.getInt("Img_Index"),
+			set.getInt("Notification_Preference"));
+		stmt.close();
+		connection.close();
+		new Mail(changepass).sendTemporaryPassword(newpass);
+	}
 	/*
 		Email and SSO did not match, so we end.
 	*/
-	//else{
-		//success = 0;
-		//stmt.close();
-		//connection.close();
-	//}
-//}
+	else{
+		success = 0;
+		stmt.close();
+		connection.close();
+	}
+}
 %>
 <script>
 /*