Skip to content

Commit

Permalink
Merge branch 'main' of github.com:SonarSource-Demos/demo-java-security
Browse files Browse the repository at this point in the history
  • Loading branch information
@jeff-zapotoczny-sonarsource
jeff-zapotoczny-sonarsource committed Dec 15, 2023
2 parents 56f7996 + 57fadaf commit 902f64b
Showing 1 changed file with 16 additions and 5 deletions.
21 changes: 16 additions & 5 deletions src/main/java/demo/security/servlet/UserServlet.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,7 @@
public class UserServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
SessionHeader sessionHeader = getSessionHeader(request);
if (sessionHeader == null) return;
String user = sessionHeader.getUsername();
String query = "SELECT userid FROM users WHERE username = '" + user + "'";
String user = request.getParameter("username");
try {
DBUtils db = new DBUtils();
List<String> users = db.findUsers(user);
Expand Down Expand Up @@ -52,6 +49,20 @@ private SessionHeader getSessionHeader(HttpServletRequest request) {

@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

SessionHeader sessionHeader = getSessionHeader(request);
if (sessionHeader == null) return;
String user = sessionHeader.getUsername();
try {
DBUtils db = new DBUtils();
List<String> users = db.findUsers(user);
response.setContentType("text/html");
PrintWriter out = response.getWriter();
users.forEach((result) -> {
out.print("<h2>User "+result+ "</h2>");
});
out.close();
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}

0 comments on commit 902f64b

Please sign in to comment.