<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"
import="java.util.*"
import="org.starhope.appius.user.*"
%>
Joshua the Spy
<%
User lifeguard = null;
/** Ensure that the user is logged in and has staff priveledges. */
if (null==session.getAttribute("lifeguard") && null==request.getParameter("lifeguard")) {
response.sendRedirect("/Joshua/login.jsp");
} else {
if (null!=request.getParameter("lifeguard") && null!=request.getParameter("password")) {
lifeguard = User.getByLogin(request.getParameter("lifeguard"));
if (null!=lifeguard && lifeguard.checkPassword(request.getParameter("password"))) {
if (lifeguard.hasStaffLevel(1)) {
session.setAttribute("lifeguard", lifeguard);
} else {
System.err.println ("User does not have sufficient priveledges.");
response.sendRedirect("http://members.tootsville.com/membership/");
}
} else {
System.err.println("Invalid password");
response.sendRedirect("/Joshua/");
}
} else if (null!=session.getAttribute("lifeguard")) {
lifeguard = (User) session.getAttribute("lifeguard");
if (null!=lifeguard) {
if (!lifeguard.hasStaffLevel(1)) {
System.err.println ("User does not have sufficient priveledges." + lifeguard.getStaffLevel());
response.sendRedirect("http://members.tootsville.com/membership/");
}
} else {
System.err.println("Invalid staff level");
response.sendRedirect("/Joshua/login.jsp");
}
} else {
System.err.println("empty form and no session");
response.sendRedirect("/Joshua/login.jsp");
}
/** Check and see if a user or parent has been searched for */
if (null!=request.getParameter("user") || null!=request.getParameter("parent")) {
}
%>
<%
/** Check and see if a user or parent has been searched for
* Parameter comes from search/ on the submit button.
* if the user search button or the parent search button has
* been clicked the parameter will not be null.
*/
if (null!=request.getParameter("user") || null!=request.getParameter("parent")) {
/** First check for user searches.
* Import the user or parent details page accordingly
* and pass it the necessary params
*/
if (null!=request.getParameter("user")) {
/** check if a username was entered */
if (!"".equals(request.getParameter("uSearchUN"))) {
String value = request.getParameter("uSearchUN");
%>
<%
} else
/** if that is null check for user id */
if (!"".equals(request.getParameter("uSearchID"))) {
String value = request.getParameter("uSearchID");
System.err.println(value);
%>
<%
} else
/** finally check for user e-mail */
if (!"".equals(request.getParameter("uSearchEM"))) {
String value = request.getParameter("uSearchEM");
System.err.println(value);
%>
<%
}
} else
/** If no user searches exist, check for parent searches */
if (null!=request.getParameter("parent")) {
/** if that is null check for user id */
if (!"".equals(request.getParameter("pSearchEM"))) {
String value = request.getParameter("pSearchEM");
%>
<%
} else
/** finally check for user e-mail */
if (!"".equals(request.getParameter("pSearchID"))) {
String value = request.getParameter("pSearchID");
%>
<%
}
} else
if (null!=request.getParameter("reg")) {
String reg = request.getParameter("reg");
if ("user".equals(reg)) {
%>
<%
} else
if ("parent".equals(reg)) {
%>
<%
}
} else
/** If no searches exists display a message */
{
out.println ("