01: package forum;
02:
03: import java.io.*;
04: import javax.servlet.*;
05: import javax.servlet.http.*;
06: import java.sql.*;
07: import java.sql.Connection;
08: import java.sql.Statement;
09: import java.sql.ResultSet;
10:
11: public class AddThread extends HttpServlet {
12:
13: DBConnectie db = new DBConnectie(Variable.getDb(), Variable
14: .getDbLogin(), Variable.getDbPassword());
15:
16: public void doPost(HttpServletRequest request,
17: HttpServletResponse response) throws ServletException,
18: IOException {
19: PrintWriter out = response.getWriter();
20: try {
21: String forum_id = request.getParameter("forum_id");
22: int lastThread_id = Integer.parseInt(request
23: .getParameter("lastThread_id"));
24: String thread_id = Integer.toString(lastThread_id + 1);
25:
26: String title = request.getParameter("title");
27:
28: if (title.equals("")) {
29: title = "No title";
30: } else {
31: title = Filter.filterAll(title);
32: }
33:
34: String message = request.getParameter("message");
35: message = Filter.filterAll(message);
36: String user = request.getParameter("user");
37:
38: db.connect();
39:
40: db
41: .query("INSERT INTO forum_threads(forum_id,thread_id,title) "
42: + "VALUES(\""
43: + forum_id
44: + "\",\""
45: + thread_id + "\",\"" + title + "\")");
46:
47: db
48: .query("INSERT INTO forum_message(forum_id,thread_id,reply_id,message,user,date_time) "
49: + "VALUES(\""
50: + forum_id
51: + "\",\""
52: + thread_id
53: + "\",\"0"
54: + "\",\""
55: + message
56: + "\",\"" + user + "\",SYSDATE())");
57:
58: db.close();
59:
60: response.sendRedirect(Variable.getForumPath()
61: + "index.jsp?page=thread&forum_id=" + forum_id);
62:
63: } catch (Exception e) {
64: out.println(e);
65: }
66:
67: }
68:
69: public void doGet(HttpServletRequest request,
70: HttpServletResponse response)//{
71: throws ServletException, IOException {
72: doPost(request, response);
73: }
74:
75: }
|