diff --git a/src/main/java/controller/ControllPassword.java b/src/main/java/controller/ControllPassword.java index 12a116d..ff21f0b 100644 --- a/src/main/java/controller/ControllPassword.java +++ b/src/main/java/controller/ControllPassword.java @@ -8,7 +8,9 @@ import java.io.IOException; import com.google.gson.Gson; import com.google.gson.JsonObject; +import model.entity.User; import model.service.encryption.Encryption; +import model.service.login.Authenticator; import model.service.user.UserData; @WebServlet("/ControllPassword") @@ -19,10 +21,11 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response) try { String password = request.getParameter("password"); String password_control= password.replaceAll("\\s", ""); - UserData utenteData = new UserData(); + Authenticator authenticator = new Authenticator(); int id = (int) request.getSession().getAttribute("id"); + String email = new UserData().getUser(id).getEmail(); JsonObject jsonResponse = new JsonObject(); - if (utenteData.ControlPassword(id, password_control)) { + if (authenticator.authenticate(email, password) > 0) { jsonResponse.addProperty("result", true); request.getSession().setAttribute("autorizzato",true); String jsonString = new Gson().toJson(jsonResponse); diff --git a/src/main/java/model/DAO/DAOUser.java b/src/main/java/model/DAO/DAOUser.java index 9af6932..f9cc605 100644 --- a/src/main/java/model/DAO/DAOUser.java +++ b/src/main/java/model/DAO/DAOUser.java @@ -239,114 +239,54 @@ public boolean resetPassword(String email, String newPassword) { return false; } - public String updateUser(int idUser, String Email, String address) { - Connection connection = null; - PreparedStatement preparedStatement = null; - String query; + public String updateUser(int idUser, String email, String address) { + String updateQuery = null; + boolean validEmail = true; - try - { - connection = DAOConnection.getConnection(); + if (email != null && !checkIfEmailExists(email)) { + validEmail = false; + } - if (Email != null && address!=null) - { - if (checkIfEmailExists(Email)) - { - query = "UPDATE user SET Email = ?, Address=? WHERE ID = ?"; - - // Prepare the statement - preparedStatement = connection.prepareStatement(query); - - // Set the parameters - preparedStatement.setString(1, Email); - preparedStatement.setString(2, address); - preparedStatement.setInt(3, idUser); - - // Execute the update query - int rowsModified = preparedStatement.executeUpdate(); - - // If rowsModified is greater than 0, then a row has been updated. - // So, return true. If not, return false. - return "Aggioranmento Email e Address riuscito"; - } - else - { - query = "UPDATE user SET Address=? WHERE ID = ?"; - - // Prepare the statement - preparedStatement = connection.prepareStatement(query); - - // Set the parameters - preparedStatement.setString(1, address); - preparedStatement.setInt(2, idUser); - - // Execute the update query - int rowsModified = preparedStatement.executeUpdate(); - - // If rowsModified is greater than 0, then a row has been updated. - // So, return true. If not, return false. - return "Aggioranmento Address riuscito ma l'Email inserità e già usata scegliere un'altra Email"; - } - } - else if (Email !=null) - { - if (checkIfEmailExists(Email)) - { - query = "UPDATE user SET Email = ? WHERE ID = ?"; - - // Prepare the statement - preparedStatement = connection.prepareStatement(query); - - // Set the parameters - preparedStatement.setString(1, Email); - preparedStatement.setInt(2, idUser); - - // Execute the update query - int rowsModified = preparedStatement.executeUpdate(); - - // If rowsModified is greater than 0, then a row has been updated. - // So, return true. If not, return false. - return "Aggioranmento Email riuscito"; - } - else - { - return "l'Email inserità e già usata scegliere un'altra Email"; - } - } - else - { - query = "UPDATE user SET Address = ? WHERE ID = ?"; + if (email == null && address == null) { + return "Both email and address are null. No update is needed."; + } - // Prepare the statement - preparedStatement = connection.prepareStatement(query); + if (validEmail && email != null && address != null) { + updateQuery = "UPDATE user SET Email = ?, Address=? WHERE ID = ?"; + } else if (validEmail && email != null) { + updateQuery = "UPDATE user SET Email = ? WHERE ID = ?"; + } else if (address != null) { + updateQuery = "UPDATE user SET Address=? WHERE ID = ?"; + } + + if (updateQuery == null) { + return "Invalid email. No update performed."; + } - // Set the parameters + try (Connection connection = DAOConnection.getConnection(); + PreparedStatement preparedStatement = connection.prepareStatement(updateQuery)) { + + if (validEmail && email != null && address != null) { + preparedStatement.setString(1, email); + preparedStatement.setString(2, address); + preparedStatement.setInt(3, idUser); + preparedStatement.executeUpdate(); + return "Both email and address have been updated successfully."; + } else if (validEmail && email != null) { + preparedStatement.setString(1, email); + preparedStatement.setInt(2, idUser); + preparedStatement.executeUpdate(); + return "Email has been updated successfully."; + } else { preparedStatement.setString(1, address); preparedStatement.setInt(2, idUser); - - // Execute the update query - int rowsModified = preparedStatement.executeUpdate(); - - // If rowsModified is greater than 0, then a row has been updated. - // So, return true. If not, return false. - return "Aggioranmento Address riuscito"; + preparedStatement.executeUpdate(); + return "Address has been updated successfully."; } - } - catch (Exception e) - { + + } catch (SQLException e) { e.printStackTrace(); - return "Aggiornamento non possibile a causa di un problema di connessione con il Server"; - } - finally - { - try { - // Close everything properly - if (preparedStatement != null) preparedStatement.close(); - DAOConnection.releaseConnection(connection); - } catch (SQLException e) { - // Handle the exception (e.g., log or throw) - e.printStackTrace(); - } + return "Update not possible due to a server connection issue."; } } public boolean ControlPassword(int id, String Password)