마카로닉스

762 No

27 .박재성 - [동영상 강좌] - 개인정보 수정에 대한 보안 처리

2017-09-03 18:46:12 By 머나먼나라 0 678 댓글수 4 포스트 하기

4월 2024
일	월	화	수	목	금	토
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30

SessionUtils

package com.slipp;

import java.io.IOException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.slipp.user.LoginServlet;

//중복 제거 클래스
public class SessionUtils {
	public static boolean isEmpty(HttpSession session, String key){
		Object object=session.getAttribute(key);
		if(object==null){
			return true;
		}
		return false;
	}
	
	public static String getStringValue(HttpSession session, String key){
		if(isEmpty(session, key)){
			return null;
		}
		return (String)session.getAttribute(key);
	}

	
	public static String conFirm(HttpServletRequest request, HttpServletResponse response)
			throws IOException{
		HttpSession session=request.getSession();
		String sessionUserId=SessionUtils.getStringValue(session, LoginServlet.SESSION_USER_ID);
		
		if(sessionUserId==null){
			response.sendRedirect("/");
			return null;
		}else{
			
			return sessionUserId ;
		}
		
	}
	
}

class UpdateUserServlet

package com.slipp.user;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.slipp.SessionUtils;

@WebServlet("/users/update")
public class UpdateUserServlet extends HttpServlet {

	protected void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		
		String sessionUerid=SessionUtils.conFirm(request, response);
		
		
		
		String userId=request.getParameter("userId");
		if(!sessionUerid.equals(userId)){
			response.sendRedirect("/");
			return;			
		}
		
	
		String password=request.getParameter("password");
		String name=request.getParameter("name");
		String email=request.getParameter("email");
	
		User user=new User(userId, password, name, email);
		UserDAO userDAO=new UserDAO();
		userDAO.updateUser(user);
		
		response.sendRedirect("/");
	}

	
	protected void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		doGet(request, response);
	}

}

class UpdateFormUserServlet

package com.slipp.user;

import java.io.IOException;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.slipp.SessionUtils;

@WebServlet("/users/updateform")
public class UpdateFormUserServlet extends HttpServlet {
	private static final long serialVersionUID = 1L;

	protected void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		
		String sessionUerid=SessionUtils.conFirm(request, response);
				
	
		UserDAO userDAO =new UserDAO();
		
		User user=userDAO.findByUserId(sessionUerid);
		request.setAttribute("user", user);
		RequestDispatcher rd=request.getRequestDispatcher("/update_form.jsp");
		rd.forward(request, response);
		
		
	}

	protected void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		// TODO Auto-generated method stub
		doGet(request, response);
	}

}