package userBean;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.util.*;
import java.sql.*;
public final class userInfo
{
// Variables
boolean validUser = false;
String userID = "";
String userPW = "";
String[] vRoles;
// Basic functions
public void setValidUserFlag(boolean validUser)
{
this.validUser = validUser;
}
public boolean getValidUserFlag()
{
return validUser;
}
public String getUserID()
{
return userID;
}
public void setUserID(String userID)
{
this.userID = userID;
}
public String getUserPW()
{
return userPW;
}
public void setUserPW(String userPW)
{
this.userPW = userPW;
}
// Security related functions.
public boolean checkUser (String userID, String userPW)
{
boolean vRetVal;
String vQry = "SELECT \'Y\' FROM users " +
" WHERE username = \'" +
userID + "\'" +
" AND userpw = \'" + userPW
+ "\'" ;
// Load the driver class
Class.forName
("sun.jdbc.odbc.JdbcOdbcDriver");
// This defines the data source for the
driver
String sourceURL = new String
("jdbc:odbc:archerarjun");
// Create connection through the
DriverManager
Connection conn = DriverManager.getConnection
(sourceURL);
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery(vQry);
if (rs.next())
{
vRetVal = true;
}
else
{
vRetVal = false;
}
// Close the connection here, then....
return vRetVal;
}
public boolean checkPageRole (String pageName, String
roleName)
{
boolean vRetVal;
String vQry = "SELECT \'Y\' FROM
pageroles " +
" WHERE rolename = \'" +
roleName + "\'" +
" AND pagename = \'" +
pageName + "\'" ;
// Load the driver class
Class.forName
("sun.jdbc.odbc.JdbcOdbcDriver");
// This defines the data source for the
driver
String sourceURL = new String
("jdbc:odbc:archerarjun");
// Create connection through the
DriverManager
Connection conn = DriverManager.getConnection
(sourceURL);
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery(vQry);
if (rs.next())
{
vRetVal = true;
}
else
{
vRetVal = false;
}
// Close the connection here, then....
return vRetVal;
}
public String[] getRoles()
{
String[] vRetStr;
int i = 0;
String vQry = "SELECT rolename FROM
userroles " +
" WHERE username = \'" +
userID + "\'";
// Load the driver class
Class.forName
("sun.jdbc.odbc.JdbcOdbcDriver");
// This defines the data source for the
driver
String sourceURL = new String
("jdbc:odbc:archerarjun");
// Create connection through the
DriverManager
Connection conn = DriverManager.getConnection
(sourceURL);
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery(vQry);
while (rs.next())
{
vRetStr[i] = rs.getString(1);
i++;
}
// Close the connection here, then ...
return vRetStr;
}
public void initLogin (String userID, String userPW)
{
setUserID(userID);
setUserPW(userPW);
setValidUserFlag(true);
getRoles();
}
public void finishLogout()
{
int j;
setUserID("");
setUserPW("");
setValidUserFlag(false);
//reset roles to null
for ( j=0; j < vRoles.length; j++ )
{
vRoles[j] = "";
}
}
public boolean checkAuth(String pageName)
{
int j;
String[] vlRoles;
boolean vValid = false;
boolean vRetVal = false;
if (validUser)
{
vlRoles = vRoles;
for (j=0; j < vRoles.length; j++)
{
vValid = checkPageRole
(pageName, vRoles[j]);
if (vValid)
{
vRetVal = true;
break;
}
}
}
return vRetVal;
}
}