//simple Stateless Session Bean for creating preferences accounts package cylikon.PreferencesEJB; import javax.ejb.*; import java.sql.*; import java.util.*; // for the dates/calendar and Vector import java.awt.*; import java.awt.event.*; public class CreateAccountBean implements SessionBean { //instance variables private transient SessionContext context; public final Frame f=new Frame("ERROR"); //mandatory methods in EJB spec public void ejbCreate() throws CreateException { } public void ejbRemove() { } public void ejbPassivate() { } //not used in a Stateless public void ejbActivate() { } //not used in a Stateless //set up an EJB session context public void setSessionContext(SessionContext ctx) { context=ctx; } ////////////////////////////////////////////////////////////////// // business method being implemented in remote interface public Vector DoSignup(String username,String password,String b, String je, String pl) { Vector v=new Vector(); v.setSize(3); String user=username; String pass=password; String brows=b; //info about the user's web browser String java_e=je; // info about whether the browser is java-enabled or not String plugs=pl; // info about the user's plugins Vector illv = new Vector(); boolean ill_char = false; boolean pass_too_short = false; boolean user_too_short = false; boolean identical = false; int status=1; // signup succeeded/failed (will be either 1 or 0) String message=""; String serial_number=""; // setting up a list of illegal characters (not allowed in usernames and passwords), // the list will be stored in the vector String illchars = "~,`,!,@,#,$,%,^,&,*,(,),-,_,+,=,{,},[,],|,\\,:,;,',\",<,.,>,?,/"; StringTokenizer st = new StringTokenizer(illchars,",", true); while (st.hasMoreElements()) { illv.addElement(st.nextToken().toString()); } //make sure no passwords or usernames contain any of these illegal characters for (int x=0; xUsernames and passwords may only contain letters and numbers.
Please correct the problem and try again. Thank you.

"; v.setElementAt(""+status,0); v.setElementAt(message,1); } //let's make sure all usernames are at least 6 characters and all passwords are at least // 6 characters... if (user.length() <= 5) { user_too_short=true; status=0; message=message+"\nYour account could not be created because the username you specified was too short.
All usernames must contain at least 6 characters.
Please correct the problem and try again.

"; v.setElementAt(""+status,0); v.setElementAt(message,1); } if (pass.length() <= 5) { pass_too_short=true; status=0; message=message+"\nYour account could not be created because the password you specified was too short.
All passwords must contain at least 6 characters.
Please correct the problem and try again.

"; v.setElementAt(""+status,0); v.setElementAt(message,1); } // let's also check to make sure the username and passwords are not identical if ( pass.toLowerCase().equals(user.toLowerCase()) ) { identical=true; status=0; message=message+"\nYour account could not be created because your password is the same as your username.
Usernames and passwords cannot be identical for security reasons.
Please correct the problem and try your sign-up again. Thank you.

"; v.setElementAt(""+status,0); v.setElementAt(message,1); } // setting up a user account with some default values...the id, links, and password hint // will be left blank - the DB will set the id number, the user can set the links and // password hint later, the dates to be inserted are determined by the Java Calendar Calendar cal=Calendar.getInstance(); cal.setTime(new java.util.Date()); String year=""+cal.get(Calendar.YEAR); String day=""+cal.get(Calendar.DAY_OF_MONTH); int mon=cal.get(Calendar.MONTH)+1; String month=""+mon; // Now, let's create a serial number for this user... // This serial number is what will be stored in cookies and the URL string, rather than // the actual username and password (better for security reasons on the user's behalf) // Chances are, this user is probably using a user/pass they use on other internet // accounts, so let's try to hide it as best we can if (pass_too_short==false && user_too_short==false) { serial_number = ""+user.charAt(0)+pass.charAt(1)+user.charAt(3)+pass.charAt(3)+month+day+year+cal.get(Calendar.HOUR_OF_DAY)+":"+cal.get(Calendar.MINUTE); v.setElementAt(serial_number,2); //store the serial number in the vector } String values = "('','"+user+"','"+pass+"','"+serial_number+"','CJs Java Site','blue','white','white','black','3','Shatter','Links 1','','Links 2','','Links 3','','yes','logged off','"+month+"','"+day+"','"+year+"','"+month+"','"+day+"','"+year+"','"+month+"','"+day+"','"+year+"','')"; String values2="('','"+serial_number+"','"+brows+"','"+java_e+"','"+plugs+"')"; if (ill_char==false && pass_too_short==false && user_too_short==false && identical==false) { try { Class.forName("gwe.sql.gweMysqlDriver"); } catch (ClassNotFoundException cnfe) { status=0; message=message+"\nERROR: Your account could not be created due to errors connecting to the database.\nOur site appears to be experiencing problems.\nWe apologize for this inconvenience.\nPlease send an email to the owner of this site (cylikon@hotmail.com), with this message in the email.\nERROR loading JDBC driver for database connection:\n"+cnfe+cnfe.getMessage(); v.setElementAt(""+status,0); v.setElementAt(message,1); } // a user should never get this message try { Connection conn = DriverManager.getConnection("jdbc:mysql://:3306/preferences","someUser","somePass"); Statement stmt = conn.createStatement(); ResultSet rs = stmt.executeQuery("SELECT id,username FROM site_preferences WHERE username='"+user+"'"); // if rs has more than zero rows, someone else already owns this username, so let's alert // the user who has attempted to create the account .... if (rs.next()) { status=0; message=message+"\nSorry, the Username "+user+" is already in use at this site.
Please select another Username and try again. Thank you.

"; rs.close(); v.setElementAt(""+status,0); v.setElementAt(message,1); } // otherwise, let's create the new account... else { rs.close(); stmt.executeUpdate("INSERT INTO site_preferences VALUES "+values); stmt.close(); /* let's also add the relevant info to the user_info table (this table contains info about the user's browser, plugins, and whether they have java-enabled.. */ Thread.sleep(250); // giving the db a little break Statement stmt2 = conn.createStatement(); stmt2.executeUpdate("INSERT INTO user_info VALUES "+values2); stmt2.close(); // The user will *only* see this message if the account was actually created without problems status=1; message=message+"\nNew user account "+user+" successfully created.
Thank you and welcome to the site.

"; v.setElementAt(""+status,0); v.setElementAt(message,1); } //end if-else // close all database resources... conn.close(); } catch(Throwable th) { report("ERROR:"+th+th.getMessage()); status=0; message=message+"\nERROR: Your account could not be created due to errors with the database.\nOur site appears to be experiencing problems.\nWe apologize for this inconvenience.\nPlease send an email to the owner of this site (cylikon@hotmail.com), with this message in the email.\nERROR: "+th+th.getMessage(); v.setElementAt(""+status,0); v.setElementAt(message,1); } } //end big if return v; } //end of method public void report(String x) { TextArea t = new TextArea(); f.add(t); f.addWindowListener(new WindowAdapter() { public void windowClosing(WindowEvent w) { f.hide(); f.dispose(); } } ); f.show(); t.setText(x); System.out.println(x); } } //end of Class