package isip.java.bullyse.bullydb;
import java.io.*;
import java.util.*;
import java.text.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;
//----------------------------------------------------------------------
//
// Admin.java
//
// This file handles all of the Administrative features and abilities
// within the Exchange.
//
public class Admin extends HttpServlet {
static BullyDB sessionbase = new BullyDB();
// Initialize System variables. These load the parameters from the
// Parameters table.
static String SystemURL = sessionbase.getURL();
static String ServletURL = sessionbase.getServletURL();
static String SystemEmail = sessionbase.getEmail();
static String SystemPath = sessionbase.getPath();
static String SystemName = sessionbase.getName();
static String SystemShortName = sessionbase.getShortName();
static String SystemFreeze = sessionbase.getFreezeStatus();
static String SystemLock = sessionbase.getLockStatus();
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException
{
// Initialize variables
String query = (String)null;
String AccountId = (String)null;
String task = request.getParameter("task");
String Symbol = (String)null;
String Owner = (String)null;
String Trans = (String)null;
String userName = (String)null;
int Shares = 0;
double Cost = 0.00;
ResultSet result = null;
// Set up decimal formatting for digits. This will force at least 0.00.
DecimalFormat curFormat = new DecimalFormat("$##,###,###,###,###,##0.00");
DecimalFormat numFormat = new DecimalFormat("################0.00");
DecimalFormat intFormat = new DecimalFormat("################0");
// Initialize the output stream
response.setContentType("text/html");
PrintWriter out = response.getWriter();
HttpSession session = request.getSession();
String SessionId = session.getId();
// Retrieve AccountId
AccountId = sessionbase.getAccountId(SessionId);
if ( AccountId == null || !AccountId.equals("1") ) {
response.sendRedirect(ServletURL + ".nonMember?task=LI&Type=1");
} else {
if (task == null) {
// Default action, display the main Administrative page
sessionbase.printTop(out, 21);
out.println("
");
out.println("Welcome to the Bulldog Stock Exchange
");
out.println("Please select an Administrative option from the list above or choose a task from the links to the left.
");
out.println("From here you can go to the " + SystemName + " Parameters.
");
if (SystemFreeze.equals("N")) {
out.println("Freeze all trading on " + SystemName + ".
");
out.println("This will prevent any trading from taking place. Users can still
");
out.println("log in but will not be able to buy or sell.
");
} else {
out.println("Allow trading on " + SystemName + ".
");
out.println("This will allow buying and selling to resume.
");
}
if (SystemLock.equals("N")) {
out.println("Lock " + SystemName + ".
");
out.println("This will prevent anyone from being able to log in.
");
} else {
out.println("Unlock " + SystemName + ".
");
out.println("This will allow users to log in.
");
}
sessionbase.printBot(out, SessionId, 3);
out.close();
} else if (task.equals("showOwners")) {
Symbol = request.getParameter("Symbol");
String Name = (String)null;
ResultSet users = null;
query = "select Name from Companies where Symbol = '" + Symbol + "'";
result = sessionbase.doQuery(query, SessionId);
try {
while (result.next()) {
Name = result.getString("Name");
}
} catch (Exception e) {
e.printStackTrace();
}
query = "select Username from Account where Username != 'root' order by Username";
users = sessionbase.doQuery(query);
sessionbase.printTop(out, 25);
out.println("
");
out.println("View Owners of " + Name + "(" + Symbol + ")
");
try {
while (users.next()) {
userName = users.getString("Username");
query = "select NumShares, Trans from " + userName + " where Symbol = '" + Symbol + "' and Trans = 'C' or Symbol = '" + Symbol + "' and Trans = 'S' or Symbol = '" + Symbol + "' and Trans = 'FS' order by Trans";
result = sessionbase.doQuery(query, SessionId);
int userShares = 0;
Trans = (String)null;
while (result.next()) {
userShares = result.getInt("NumShares");
Trans = result.getString("Trans");
if (Trans.equals("C")) {
out.println("User " + userName + " owns " + userShares + " shares.
");
} else {
out.println("User " + userName + " is selling " + userShares + " shares.
");
}
}
}
} catch (Exception e) {
e.printStackTrace();
}
sessionbase.printBot(out, SessionId, 3);
out.close();
} else if (task.equals("confirmresetUsers")) {
// We will need to change all user Balances to the default values
// keeping in mind User and Company have different defaults. Then
// all user holdings will be removed and given back to the Company.
String Username = (String)null;
// Loop through the list of regular users
query = "select AccountId from Account where AccountId != 1 and Type != 'C'";
result = sessionbase.doQuery(query);
try {
while (result.next()) {
Username = result.getString("AccountId");
deleteHoldings(Username);
resetBalance(Username, "U");
}
} catch (Exception e) {
e.printStackTrace();
}
// Cycle through all Company users to reset their balance
query = "select AccountId from Account where Type = 'C'";
result = sessionbase.doQuery(query);
try {
while (result.next()) {
Username = result.getString("AccountId");
resetBalance(Username, "C");
}
} catch (Exception e) {
e.printStackTrace();
}
// Delete all Frozen transactions
query = "delete from Frozen";
sessionbase.doUpdate(query);
// Everything should be done, print a success message
sessionbase.printTop(out, 21);
out.println("
");
out.println("Clear Holdings Complete
");
out.println("All user holdings have been cleared from " + SystemName + "
");
sessionbase.printBot(out, SessionId, 3);
out.close();
} else if (task.equals("confirmresetQueues")) {
// All pending or frozen sales will be deleted and the Selling shares
// will be restored to the original owner.
ResultSet result2 = null;
// First loop through all Company Queue tables then go through
// the Frozen table. Lastly, all User tables, deleting their
// pending and frozen jobs
query = "select Symbol from Companies where Symbol != 'SYS'";
result = sessionbase.doQuery(query);
try {
while (result.next()) {
Symbol = result.getString("Symbol");
// Delete all Buy offers
query = "delete from qt" + Symbol.toLowerCase() + " where Trans = 'B'";
sessionbase.doUpdate(query);
// Restore all Sell offers to the user
query = "select AccountId, NumShares from qt" + Symbol.toLowerCase();
result2 = sessionbase.doQuery(query);
while (result2.next()) {
Owner = result2.getString("AccountId");
Shares = result2.getInt("NumShares");
sessionbase.modHoldings(sessionbase.getUser(Owner), Symbol, Shares);
}
// Delete the remaining offers
query = "delete from qt" + Symbol.toLowerCase();
sessionbase.doUpdate(query);
}
} catch (Exception e) {
e.printStackTrace();
}
query = "delete from Frozen where Trans = 'B'";
sessionbase.doUpdate(query);
// Restore all Sell offers to the user
query = "select AccountId, NumShares, Symbol from Frozen";
result = sessionbase.doQuery(query);
try {
while (result.next()) {
Owner = result.getString("AccountId");
Shares = result.getInt("NumShares");
Symbol = result.getString("Symbol");
sessionbase.modHoldings(sessionbase.getUser(Owner), Symbol, Shares);
}
} catch (Exception e) {
e.printStackTrace();
}
// Now go through all User holdings, deleting anything pending
// or frozen.
query = "select Username from Account";
result = sessionbase.doQuery(query);
try {
while (result.next()) {
Owner = result.getString("Username");
query = "delete from " + Owner + " where Trans = 'B' or Trans = 'S' or Trans = 'FB' or Trans = 'FS'";
sessionbase.doUpdate(query);
}
} catch (Exception e) {
e.printStackTrace();
}
// Everything should be done, print a success message
sessionbase.printTop(out, 21);
out.println("
");
out.println("Clear Transactions Complete
");
out.println("All transactions have been cleared from " + SystemName + "
");
sessionbase.printBot(out, SessionId, 3);
out.close();
} else if (task.equals("confirmdeleteUsers")) {
// Will need to delete all except Company users. All shares will be
// restored to the Companies.
ResultSet result2 = null;
String User = (String)null;
query = "select Username from Account where AccountId != 1 and Type != 'C'";
result = sessionbase.doQuery(query);
System.out.println("Hi.");
try {
while (result.next()) {
User = result.getString("Username");
AccountId = sessionbase.getAccountId(User, 1);
deleteHoldings(AccountId);
query = "drop table " + User;
sessionbase.doUpdate(query);
query = "delete from Frozen where AccountId = " + AccountId;
sessionbase.doUpdate(query);
query = "delete from Portfolio where AccountId = " + AccountId;
sessionbase.doUpdate(query);
query = "delete from Account where Username = '" + User + "'";
sessionbase.doUpdate(query);
// Delete any user pending jobs from the Company queues
query = "select Symbol from Companies where Symbol != 'SYS'";
result2 = sessionbase.doQuery(query);
while (result2.next()) {
Symbol = result2.getString("Symbol");
query = "delete from qt" + Symbol.toLowerCase() + " where AccountId = " + AccountId;
sessionbase.doUpdate(query);
}
}
} catch (Exception e) {
e.printStackTrace();
}
// Everything should be done, print a success message
sessionbase.printTop(out, 21);
out.println("
");
out.println("Delete Users Complete
");
out.println("All users have been removed from " + SystemName);
sessionbase.printBot(out, SessionId, 3);
out.close();
} else if (task.equals("confirmdeleteCompanies")) {
// Delete all Companies and their users. User holdings will be converted
// to cash based on the current value of the company.
// Get a list of companies
query = "select Symbol from Companies where Symbol != 'SYS'";
result = sessionbase.doQuery(query);
try {
while (result.next()) {
Symbol = result.getString("Symbol");
deleteCompany(Symbol);
}
} catch (Exception e) {
e.printStackTrace();
}
// Clear SYS in the Companies table
query = "update Companies set Tshares = 1, Open = 1, Last = 1, Volume = 1, 52WkHi = 1, 52WkLo = 1, DayHi = 1, DayLo = 1, Previous = 1 where Symbol = 'SYS'";
sessionbase.doUpdate(query);
// Everything should be done, print a success message
sessionbase.printTop(out, 21);
out.println("
");
out.println("Delete Companies Complete
");
out.println("All companies have been removed from " + SystemName);
sessionbase.printBot(out, SessionId, 3);
out.close();
} else if (task.equals("confirmStartOver")) {
String Username = (String)null;
String UserId = (String)null;
String Company = (String)null;
// We're clearing everything. Start with the users.
// Limit the results to make sure we don't touch the admin account
query = "select Username, AccountId from Account where AccountId > 1";
result = sessionbase.doQuery(query, SessionId);
try {
while (result.next()) {
Username = result.getString("Username");
UserId = result.getString("AccountId");
// For every user in the list we must:
// Delete their Holdings table
// Remove them from the Accounts table
// Remove them from the Personal table
// Remove them from the Portfolio table
query = "drop table " + Username;
sessionbase.doUpdate(query, SessionId);
query = "delete from Account where Username = '" + Username + "'";
sessionbase.doUpdate(query, SessionId);
query = "delete from Personal where AccountId = '" + UserId + "'";
sessionbase.doUpdate(query, SessionId);
query = "delete from Portfolio where AccountId = '" + UserId + "'";
sessionbase.doUpdate(query, SessionId);
}
} catch (Exception e) {
e.printStackTrace();
}
// Now get the companies
query = "select Symbol from Companies where Symbol != 'SYS'";
result = sessionbase.doQuery(query, SessionId);
try {
while (result.next()) {
Company = result.getString("Symbol");
// For each company we must:
// Delete the Queue table
// Delete the History table
// Delete the Extended History table
// Remove from Companies table
query = "drop table qt" + Company.toLowerCase();
sessionbase.doUpdate(query, SessionId);
query = "drop table ht" + Company.toLowerCase();
sessionbase.doUpdate(query, SessionId);
query = "drop table eht" + Company.toLowerCase();
sessionbase.doUpdate(query, SessionId);
query = "delete from Companies where Symbol = '" + Company + "'";
sessionbase.doUpdate(query, SessionId);
}
} catch (Exception e) {
e.printStackTrace();
}
// Clear any Frozen jobs, News items and Locked accounts
query = "delete from News";
sessionbase.doUpdate(query, SessionId);
query = "delete from Frozen";
sessionbase.doUpdate(query, SessionId);
query = "delete from Locks";
sessionbase.doUpdate(query, SessionId);
// Final sweep of Account and Portfolio to make sure they are clean
query = "delete from Account where AccountId != 1";
sessionbase.doUpdate(query, SessionId);
query = "delete from Portfolio where AccountId != 1";
sessionbase.doUpdate(query, SessionId);
// Clear out any potential holdings in the Admin portfolio
// Admin username may change so get it
query = "select Username from Account where AccountId = 1";
result = sessionbase.doQuery(query, SessionId);
try {
while (result.next()) {
Username = result.getString("Username");
}
} catch (Exception e) {
e.printStackTrace();
}
query = "delete from " + Username;
sessionbase.doUpdate(query, SessionId);
// Clear SYS in the Companies table
query = "update Companies set Tshares = 1, Open = 1, Last = 1, Volume = 1, 52WkHi = 1, 52WkLo = 1, DayHi = 1, DayLo = 1, Previous = 1 where Symbol = 'SYS'";
sessionbase.doUpdate(query);
// Everything should be done, print a success message
sessionbase.printTop(out, 21);
out.println("
");
out.println("Restart Complete
");
out.println(SystemName + " has been cleared of all data.
");
sessionbase.printBot(out, SessionId, 3);
out.close();
} else if (task.equals("resetUsers")) {
sessionbase.printTop(out, 21);
out.println("
");
out.println("
Confirm
"); out.println("Are you certain you want to clear all user holdings?
");
out.println("");
sessionbase.printBot(out, SessionId, 3);
out.close();
} else if (task.equals("resetQueues")) {
sessionbase.printTop(out, 21);
out.println("
");
out.println("
Confirm
"); out.println("Are you certain you want to clear all trade queues?
");
out.println("");
sessionbase.printBot(out, SessionId, 3);
out.close();
} else if (task.equals("deleteUsers")) {
sessionbase.printTop(out, 21);
out.println("
");
out.println("
Confirm
"); out.println("Are you certain you want to delete all users from " + SystemName + "?
");
out.println("");
sessionbase.printBot(out, SessionId, 3);
out.close();
} else if (task.equals("deleteCompanies")) {
sessionbase.printTop(out, 21);
out.println("
");
out.println("
Confirm
"); out.println("Are you certain you want to delete all companies from " + SystemName + "?
");
out.println("");
sessionbase.printBot(out, SessionId, 3);
out.close();
} else if (task.equals("StartOver")) {
sessionbase.printTop(out, 21);
out.println("
");
out.println("
Confirm
"); out.println("Are you certain you want to fully clear off " + SystemName + "?
");
out.println("");
sessionbase.printBot(out, SessionId, 3);
out.close();
} else if (task.equals("reset")) {
// This section gives access to various methods that will clear
// out portions of the Exchange. This can be useful when returning
// the system to an initial trading status.
sessionbase.printTop(out, 21);
out.println("
");
out.println("" + SystemShortName + " Reset Options
");
out.println("Note: Be careful when using these options. They should only be used when resetting the system to an initial state.
");
out.println("
");
out.println("Modify a Company- " + Symbol + "");
out.println("Error: Invalid Symbol Entered "); out.println("Please go Back and enter a different symbol. "); sessionbase.printBot(out, SessionId, 3); out.close(); } else { sessionbase.printTop(out, 24); out.println(" "); out.println("
"); out.println("
"); out.println("Add News"); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (task.equals("account")) { // Manage user accounts sessionbase.printTop(out, 22); out.println(" "); out.println("Please select an option: "); out.println("
"); out.println("Lock " + SystemName + " "); out.println("Locking the system will prevent anyone from logging in. This can be useful during times of maintenance. Are you sure you want to do this? "); out.println(""); sessionbase.printBot(out, SessionId, 3); } else if (task.equals("unlockit")) { sessionbase.printTop(out, 21); out.println(" "); out.println("Unlock " + SystemName + " "); out.println("Unlocking the system will allow users to continue logging in. Are you sure you want to unlock it? "); out.println(""); sessionbase.printBot(out, SessionId, 3); } else if (task.equals("freezeall")) { sessionbase.printTop(out, 21); out.println(" "); out.println("Freeze " + SystemName + " "); out.println("Freezing the system will prevent anyone from buying or selling. All transactions will be frozen. Users will still be allowed to log in but no buying and selling will be able to take place. Are you sure you want to do this? "); out.println(""); sessionbase.printBot(out, SessionId, 3); } else if (task.equals("unfreezeall")) { sessionbase.printTop(out, 21); out.println(" "); out.println("Unfreeze " + SystemName + " "); out.println("Unfreezing the system will permit transactions to take place once again. Are you sure you want to do this? "); out.println(""); sessionbase.printBot(out, SessionId, 3); } else if (task.equals("confirmSysLock")) { query = "update Parameters set Locked = 'Y'"; sessionbase.doUpdate(query, SessionId); sessionbase.loadParams(); response.sendRedirect(ServletURL + ".Admin"); } else if (task.equals("confirmSysUnlock")) { query = "update Parameters set Locked = 'N'"; sessionbase.doUpdate(query, SessionId); sessionbase.loadParams(); response.sendRedirect(ServletURL + ".Admin"); } else if (task.equals("confirmSysFreeze")) { query = "update Parameters set Frozen = 'Y'"; sessionbase.doUpdate(query, SessionId); sessionbase.loadParams(); response.sendRedirect(ServletURL + ".Admin"); } else if (task.equals("confirmSysUnfreeze")) { query = "update Parameters set Frozen = 'N'"; sessionbase.doUpdate(query, SessionId); sessionbase.loadParams(); response.sendRedirect(ServletURL + ".Admin"); } else if (task.equals("lockUser")) { String lockUser = request.getParameter("User"); if (lockUser == null) { lockUser = ""; } sessionbase.printTop(out, 22); out.println(" "); out.println("Lock a User Account"); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (task.equals("confUnlock")) { userName = request.getParameter("User"); AccountId = (String)null; String Email = (String)null; // Lock required tables sessionbase.doUpdate("lock tables Account write, Locks write", SessionId); // Change lock status on user account query = "update Account set Locked = 'N' where Username = '" + userName + "'"; sessionbase.doUpdate(query, SessionId); // Get user's AccountId, Email Address and confirm Username query = "select Email, AccountId, Username from Account where Username = '" + userName + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Email = result.getString("Email"); AccountId = result.getString("AccountId"); userName = result.getString("Username"); } } catch (Exception e) { e.printStackTrace(); } // Remove entry from Locks table query = "delete from Locks where AccountId = " + AccountId; sessionbase.doUpdate(query, SessionId); // Unlock tables sessionbase.doUpdate("unlock tables", SessionId); // Email user String from = SystemEmail; String Subject = SystemShortName + " - Account Unlock Notice"; String Text = "Your account on the " + SystemName + " has been unlocked.\n"; sessionbase.sendEmail(Subject, Email, from, Text, SessionId); sessionbase.printTop(out, 22); out.println(" "); out.println("The Account of " + userName + " has been unlocked. "); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (task.equals("confCompUnlock")) { String companySym = request.getParameter("companySym"); // Lock required tables: Companies sessionbase.doUpdate("lock tables Companies write", SessionId); // Switch company to Unlocked status query = "update Companies set Locked = 'N' where Symbol = '" + companySym + "'"; sessionbase.doUpdate(query, SessionId); // Unlock tables sessionbase.doUpdate("unlock tables", SessionId); sessionbase.printTop(out, 24); out.println(" "); out.println("Company " + companySym + " has been unlocked."); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (task.equals("confCompLock")) { String companySym = request.getParameter("companySym"); // Lock required tables: Companies sessionbase.doUpdate("lock tables Companies write", SessionId); // Switch company to Locked status query = "update Companies set Locked = 'Y' where Symbol = '" + companySym + "'"; sessionbase.doUpdate(query, SessionId); // Unlock tables sessionbase.doUpdate("unlock tables", SessionId); sessionbase.printTop(out, 24); out.println(" "); out.println("Company " + companySym + " has been locked."); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (task.equals("confLock")) { userName = request.getParameter("User"); String Reason = request.getParameter("Reason"); int lenS = Reason.length(); String tempS = ""; String tempG = ""; String Email = (String)null; String LockId = (String)null; // Convert any 'special characters' back to their original form // for processing into the database. // The String is placed into two variables. One will be emailed to // the user, the other placed into the database. The database string // needs some checks of its own, thus the difference. for (int i = 0 ; i < lenS ; i++) { if (Reason.charAt(i) != '^') { tempS = tempS + Reason.charAt(i); tempG = tempG + Reason.charAt(i); } else { if (Reason.charAt(i+1) == '!' && Reason.charAt(i+3) == '!' && Reason.charAt(i+4) == '^') { if (Reason.charAt(i+2) == '1') { tempS += ' '; tempG += ' '; i += 4; } else if (Reason.charAt(i+2) == '2') { tempS += '\\'; tempS += '\"'; tempG += '\"'; i += 4; } else if (Reason.charAt(i+2) == '3') { tempS += '\\'; tempS += '\''; tempG += '\''; i += 4; } else if (Reason.charAt(i+2) == '4') { tempS += '?'; tempG += '?'; i += 4; } else if (Reason.charAt(i+2) == '5') { tempS += '&'; tempG += '&'; i += 4; } } else { tempS = tempS + Reason.charAt(i); tempG = tempG + Reason.charAt(i); } } } Reason = tempG; // Modify any ' in the string char Checkit; String rsnChek = ""; for (int i = 0 ; i < Reason.length() ; i++) { Checkit = Reason.charAt(i); if (Checkit == '\''){ rsnChek += "\'"; } else { rsnChek += Checkit; } } Reason = rsnChek; // Lock required tables: Account, Locks sessionbase.doUpdate("lock tables Account write, Locks write", SessionId); // Switch user to Locked status query = "update Account set Locked = 'Y' where Username = '" + userName + "'"; sessionbase.doUpdate(query, SessionId); // Get user's AccountId query = "select AccountId from Account where Username = '" + userName + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { LockId = result.getString("AccountId"); } } catch (Exception e) { e.printStackTrace(); } // Log lock in Locks table query = "insert into Locks (AccountId, Reason, When) values (" + LockId + ", '" + tempS + "', NOW())"; sessionbase.doUpdate(query, SessionId); // Email user. While we're at it, make sure we have the proper // format for Username query = "select Email, Username from Account where Username = '" + userName + "'"; result = sessionbase.doQuery(query, SessionId); try { while(result.next()) { Email = result.getString("Email"); userName = result.getString("Username"); } } catch(Exception e) { e.printStackTrace(); } String from = SystemEmail; String Subject = SystemShortName + " - Account Lock Notice"; String Text = "Your account on the " + SystemName + " has been locked. Reason:\n" + Reason + "\n\nPlease email " + SystemEmail + " with any questions.\n"; sessionbase.sendEmail(Subject, Email, from, Text, SessionId); // Unlock tables sessionbase.doUpdate("unlock tables", SessionId); sessionbase.printTop(out, 22); out.println(" "); out.println("The Account of " + userName + " has been locked. "); out.println("Reason: "); out.println(Reason); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (task.equals("unlockUser")) { String unlockUser = request.getParameter("User"); if (unlockUser == null) { unlockUser = ""; } sessionbase.printTop(out, 22); out.println(" "); out.println("Unlock a User Account"); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (task.equals("displayUser")) { // Display user information, giving admin the option to lock // (or unlock if already locked), delete or modify user. String fName = (String)null; String MI = (String)null; String lName = (String)null; String Last = (String)null; String Email = (String)null; String Create = (String)null; String Locked = (String)null; userName = request.getParameter("userName"); java.util.Date lastDate = new java.util.Date(); java.util.Date lastTime = new java.util.Date(); java.util.Date createDate = new java.util.Date(); java.util.Date createTime = new java.util.Date(); Locale locale = new Locale("en","US"); // Set the format for time and date DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.LONG, locale); DateFormat timeFormat = DateFormat.getTimeInstance(DateFormat.MEDIUM, locale); query = "select Fname, Mi, Lname, Email, Dcreate, Locked, LastLogin from Account where Username = '" + userName + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { fName = result.getString("Fname"); MI = result.getString("Mi"); lName = result.getString("Lname"); Email = result.getString("Email"); createDate = result.getDate("Dcreate"); createTime = result.getTime("Dcreate"); lastDate = result.getDate("LastLogin"); lastTime = result.getTime("LastLogin"); Last = result.getString("LastLogin"); Locked = result.getString("Locked"); } } catch (Exception e) { e.printStackTrace(); } sessionbase.printTop(out, 22); out.println(" "); out.println("
"); out.println("Modify User "); out.println("Error: "); out.println("Invalid User Specified."); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } else { sessionbase.printTop(out, 22); out.println(" "); out.println(" "); out.println("Delete a User Account "); out.println("List Users "); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (task.equals("deleteArticle")) { String newsId = request.getParameter("Id"); String Title = ""; String Author = ""; query = "select Title, Author from News where Id = " + newsId; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Title += result.getString("Title"); Author += result.getString("Author"); } } catch (Exception e) { e.printStackTrace(); } if (Title.length() < 1) { sessionbase.printTop(out, 26); out.println(" "); out.println("Error! "); out.println("The article entered does not exist. Please go back and try again."); sessionbase.printBot(out, SessionId, 3); out.close(); } else { sessionbase.printTop(out, 26); out.println(" "); out.println("Delete a News Article "); out.println("Are you sure you want to delete the article "); out.println(Title + " by " + Author + "? "); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } } else if (task.equals("confirmDeleteArticle")) { String newsId = request.getParameter("Id"); // Delete News item // First check the Type of article. If this is a Headline // article, use the most recent News article for the Headline. String Type = (String)null; query = "select Type from News where Id = " + newsId; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Type = result.getString("Type"); } } catch (Exception e) { e.printStackTrace(); } if (Type.equals("3")) { query = "select max(Stamp) from News where Type = 1 or Type = 2"; result = sessionbase.doQuery(query, SessionId); String Stamp = (String)null; try { while (result.next()) { Stamp = result.getString("max(Stamp)"); } } catch (Exception e) { e.printStackTrace(); } // The Timestamp is probably unique but just in case, do // another query for a specific News Id String headId = ""; query = "select Id from News where Stamp = " + Stamp; result = sessionbase.doQuery(query, SessionId); try { // If there is more than one that match, we only want // one of them, so no need for a while loop. result.next(); headId += result.getString("Id"); } catch (Exception e) { e.printStackTrace(); } // Switch this article to Type 3 if (headId.length() > 0) { query = "update News set Type = 3 where Id = " + headId; sessionbase.doUpdate(query, SessionId); } else { // There is no remaining news! Add a default addNews("No News", "root", "3", "No news is good news.", SessionId); } } // Delete the article query = "delete from News where Id = " + newsId; sessionbase.doUpdate(query, SessionId); response.sendRedirect(ServletURL + ".Admin?task=showNews"); } else if (task.equals("delCompany")) { String delCmp = request.getParameter("Symbol"); if (delCmp == null) { delCmp = ""; } sessionbase.printTop(out, 24); out.println(" "); out.println("Delete a Company "); out.println("List Companies "); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (task.equals("createUser")) { double startBal = 0; query = "select userBalance from Parameters"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { startBal = result.getDouble("userBalance"); } } catch (Exception e) { e.printStackTrace(); } sessionbase.printTop(out, 22); out.println(" "); out.println("Create a New User"); out.println("
"); out.println("
"); out.println("The Transaction Log has been cleared. "); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (task.equals("viewLog")) { // This section outputs the contents of the TransLog table, // which records all transactions that take place. java.util.Date transDate = new java.util.Date(); java.util.Date transTime = new java.util.Date(); Locale locale = new Locale("en","US"); // Set the format for time and date DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.LONG, locale); DateFormat timeFormat = DateFormat.getTimeInstance(DateFormat.MEDIUM, locale); String tempOwn = (String)null; String tradeFrom = (String)null; String tradeTo = (String)null; int numShares = 0; double Value = 0; sessionbase.printTop(out, 23); out.println(" "); out.println("Clear Transaction Log "); out.println("
"); out.println("Please select an option: "); out.println("
"); out.println("Please select an option: "); out.println("
"); sessionbase.showHoldings(out, 1, SessionId); sessionbase.printBot(out, SessionId, 3); } else if (task.equals("buysell")) { String NumS = (String)null; String Price = (String)null; Symbol = request.getParameter("Symbol"); Trans = request.getParameter("Trans"); NumS = request.getParameter("NumShares"); Price = request.getParameter("Price"); // Print top template for Buy and Sell sessionbase.printTop(out, 23); out.println(" "); // Print link to view all current offers before Buy and Sell form out.println("View pending offers on all stock. "); // Output form for user to make selections on out.println(""); // Print user holdings sessionbase.showHoldings(out, 1, SessionId); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (task.equals("lfrozen")) { // List frozen offers with modify/unfreeze/delete option displayAllFrozen(request, response, SessionId); out.close(); } else if (task.equals("VOffers")) { // List offers of a particular stock displayTrans(request, response, SessionId); out.close(); } else if (task.equals("quote")) { // Show a stock quote String Type = request.getParameter("Type"); displayQuote(request, response, SessionId, Type); out.close(); } else if (task.equals("modf")) { Symbol = request.getParameter("Symbol"); Owner = request.getParameter("Owner"); Trans = request.getParameter("Trans"); query = "select * from Frozen where Trans = '" + Trans + "' and AccountId = " + Owner + " and Symbol = '" + Symbol + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Shares = result.getInt("NumShares"); Cost = result.getDouble("tradeAt"); } } catch (Exception e) { e.printStackTrace(); } query = "select Username from Account where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { userName = result.getString("Username"); } } catch (Exception e) { e.printStackTrace(); } sessionbase.printTop(out, 23); out.println(" "); out.println("Note: "); out.println("This will modify a frozen offer. Please "); out.println("be sure of the changes you make. These changes will effect"); out.println("the portfolio of the user owning this transaction. "); out.println("Transaction owner: " + userName + " "); out.println("Modify the transaction:"); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (task.equals("mod")) { Symbol = request.getParameter("Symbol"); Owner = request.getParameter("Owner"); Trans = request.getParameter("Trans"); query = "select * from qt" + Symbol.toLowerCase() + " where Trans = '" + Trans + "' and AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Shares = result.getInt("NumShares"); Cost = result.getDouble("tradeAt"); } } catch (Exception e) { e.printStackTrace(); } query = "select Username from Account where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { userName = result.getString("Username"); } } catch (Exception e) { e.printStackTrace(); } sessionbase.printTop(out, 23); out.println(" "); out.println("Note: "); out.println("This will modify a currently existing offer. Please "); out.println("be sure of the changes you make. These changes will effect"); out.println("the portfolio of the user owning this transaction. "); out.println("Transaction owner: " + userName + " "); out.println("Modify the transaction:"); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (task.equals("freeze")) { Symbol = request.getParameter("Symbol"); Trans = request.getParameter("Trans"); Owner = request.getParameter("Owner"); // Get the username query = "select Username from Account where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { userName = result.getString("Username"); } } catch (Exception e) { e.printStackTrace(); } // Get transaction info query = "select tradeAt, NumShares from qt" + Symbol.toLowerCase() + " where AccountId = " + Owner + " and Trans = '" + Trans + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Cost = result.getDouble("tradeAt"); Shares = result.getInt("NumShares"); } } catch (Exception e) { e.printStackTrace(); } String Transe = (String)null; if (Trans.equals("B")) { Transe = "Purchase"; } else { Transe = "Sell"; } sessionbase.printTop(out, 23); out.println(" "); out.println("Are you sure you want to freeze the following transaction? "); out.println("Owner: " + userName + " "); out.println("Symbol: " + Symbol.toUpperCase() + " "); out.println("Transaction type: " + Transe + " "); out.println("Number of Shares: " + intFormat.format(Shares) + " "); out.println("Cost: " + curFormat.format(Cost) + " "); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (task.equals("confirmFreeze")) { Symbol = request.getParameter("Symbol"); Trans = request.getParameter("Trans"); Owner = request.getParameter("Owner"); // Get the userName query = "select Username from Account where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { userName = result.getString("Username"); } } catch (Exception e) { e.printStackTrace(); } // Lock required tables sessionbase.doUpdate("lock tables " + userName + " write, qt" + Symbol.toLowerCase() + " write, Account write, Frozen write", SessionId); // Get value and shares query = "select tradeAt, NumShares from qt" + Symbol.toLowerCase() + " where AccountId = " + Owner + " and Trans = '" + Trans + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Cost = result.getDouble("tradeAt"); Shares = result.getInt("NumShares"); } } catch (Exception e) { e.printStackTrace(); } // Delete from the queue query = "delete from qt" + Symbol.toLowerCase() + " where AccountId = " + Owner + " and Trans = '" + Trans + "'"; sessionbase.doUpdate(query, SessionId); // Switch to Frozen in User Holdings query = "update " + userName + " set Trans = 'F" + Trans + "' where Symbol = '" + Symbol + "' and Trans = '" + Trans + "'"; sessionbase.doUpdate(query, SessionId); // Add to Frozen table query = "insert into Frozen (AccountId, Symbol, Trans, NumShares, tradeAt) values (" + Owner + ", '" + Symbol + "', '" + Trans + "', " + Shares + ", " + Cost + ")"; sessionbase.doUpdate(query, SessionId); // Send an email to the user about the change. String Email = (String)null; String from = (String)null; String Subject = (String)null; String Text = (String)null; if (Trans.equals("B")) { Trans = "Purchasing"; } else { Trans = "Selling"; } query = "select Email from Account where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while(result.next()) { Email = result.getString("Email"); } } catch(Exception e) { e.printStackTrace(); } from = SystemEmail; Subject = SystemShortName + " - Offer Frozen Notice"; Text = "This note is to inform you that one of your offers has been\nfrozen by a " + SystemName + " administrator\nfor suspicion of market manipulation practices.\n\nTransaction: " + Trans + " " + intFormat.format(Shares) + " shares of " + Symbol.toUpperCase() + " at " + curFormat.format(Cost) + ".\n\n"; sessionbase.sendEmail(Subject, Email, from, Text, SessionId); sessionbase.doUpdate("unlock tables", SessionId); response.sendRedirect(ServletURL + ".Admin?task=loffers"); out.close(); } else if (task.equals("unfreeze")) { Symbol = request.getParameter("Symbol"); Trans = request.getParameter("Trans"); Owner = request.getParameter("Owner"); // Get the userName query = "select Username from Account where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { userName = result.getString("Username"); } } catch (Exception e) { e.printStackTrace(); } // Get value and shares query = "select NumShares, tradeAt from Frozen where AccountId = " + Owner + " and Symbol = '" + Symbol + "' and Trans = '" + Trans + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Cost = result.getDouble("tradeAt"); Shares = result.getInt("NumShares"); } } catch (Exception e) { e.printStackTrace(); } // Okay, put the transaction through doTrans. First delete it from the // users frozen holdings query = "delete from " + userName + " where Symbol = '" + Symbol + "' and Trans = 'F" + Trans + "'"; sessionbase.doUpdate(query); // Delete from Frozen table query = "delete from Frozen where AccountId = " + Owner + " and Trans = '" + Trans + "' and Symbol = '" + Symbol + "'"; sessionbase.doUpdate(query); Timestamp now = null; Offers currentOffer = new Offers(Symbol, Trans, Cost, Shares, now, Owner); sessionbase.doTrans(currentOffer, SessionId, true, response); // Send an email to the user about the change. String from = (String)null; String Subject = (String)null; String Text = (String)null; if (Trans.equals("B")) { Trans = "Purchasing"; } else { Trans = "Selling"; } Subject = SystemShortName + " - Offer UnFrozen Notice"; Text = "This note is to inform you that one of your frozen offers has been\nreleased by a " + SystemName + " administrator.\n\nTransaction: " + Trans + " " + intFormat.format(Shares) + " shares of " + Symbol.toUpperCase() + " at " + curFormat.format(Cost) + ".\n\n"; sessionbase.sendEmail(Subject, Text, Owner, SessionId); response.sendRedirect(ServletURL + ".Admin?task=lfrozen"); out.close(); } else if (task.equals("deletef")) { Symbol = request.getParameter("Symbol"); Trans = request.getParameter("Trans"); Owner = request.getParameter("Owner"); // Get the username query = "select Username from Account where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { userName = result.getString("Username"); } } catch (Exception e) { e.printStackTrace(); } // Get transaction info query = "select tradeAt, NumShares from Frozen where AccountId = " + Owner + " and Trans = '" + Trans + "' and Symbol = '" + Symbol + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Cost = result.getDouble("tradeAt"); Shares = result.getInt("NumShares"); } } catch (Exception e) { e.printStackTrace(); } String Transe = (String)null; if (Trans.equals("B")) { Transe = "Purchase"; } else { Transe = "Sell"; } sessionbase.printTop(out, 23); out.println(" "); out.println("Are you sure you want to delete the following frozen transaction? "); out.println("Owner: " + userName + " "); out.println("Symbol: " + Symbol.toUpperCase() + " "); out.println("Transaction type: " + Transe + " "); out.println("Number of Shares: " + intFormat.format(Shares) + " "); out.println("Cost: " + curFormat.format(Cost) + " "); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (task.equals("delete")) { Symbol = request.getParameter("Symbol"); Trans = request.getParameter("Trans"); Owner = request.getParameter("Owner"); // Get the username query = "select Username from Account where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { userName = result.getString("Username"); } } catch (Exception e) { e.printStackTrace(); } // Get transaction info query = "select tradeAt, NumShares from qt" + Symbol.toLowerCase() + " where AccountId = " + Owner + " and Trans = '" + Trans + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Cost = result.getDouble("tradeAt"); Shares = result.getInt("NumShares"); } } catch (Exception e) { e.printStackTrace(); } String Transe = (String)null; if (Trans.equals("B")) { Transe = "Purchase"; } else { Transe = "Sell"; } sessionbase.printTop(out, 23); out.println(" "); out.println("Are you sure you want to delete the following transaction? "); out.println("Owner: " + userName + " "); out.println("Symbol: " + Symbol.toUpperCase() + " "); out.println("Transaction type: " + Transe + " "); out.println("Number of Shares: " + intFormat.format(Shares) + " "); out.println("Cost: " + curFormat.format(Cost) + " "); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (task.equals("confirmDelF")) { Symbol = request.getParameter("Symbol"); Trans = request.getParameter("Trans"); Owner = request.getParameter("Owner"); // Get the userName query = "select Username from Account where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { userName = result.getString("Username"); } } catch (Exception e) { e.printStackTrace(); } // Lock required tables sessionbase.doUpdate("lock tables " + userName + " write, Frozen write, Portfolio write, Account write", SessionId); // Get value and shares query = "select tradeAt, NumShares from Frozen where AccountId = " + Owner + " and Trans = '" + Trans + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Cost = result.getDouble("tradeAt"); Shares = result.getInt("NumShares"); } } catch (Exception e) { e.printStackTrace(); } // Delete from the queue query = "delete from Frozen where AccountId = " + Owner + " and Trans = '" + Trans + "' and Symbol = '" + Symbol + "'"; sessionbase.doUpdate(query, SessionId); // If it's a Buy offer, delete offer from users Holdings // and add balance back into Portfolio // If it's a Sell offer, place shares back into Holdings as // fixed and delete the offer. double Balance = 0.00; if (Trans.equals("B")) { // Retrieve users balance query = "select Balance from Portfolio where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Balance = result.getDouble("Balance"); } } catch (Exception e) { e.printStackTrace(); } // Update balance Balance += (Shares * Cost); query = "update Portfolio set Balance = " + Balance + " where AccountId = " + Owner; sessionbase.doUpdate(query, SessionId); } else { // Check to see if user already has Fixed shares of this // type and just update that. Otherwise, insert the new // amount. int oShares = 0; query = "select NumShares from " + userName + " where Symbol = '" + Symbol + "' and Trans = 'C'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { oShares = result.getInt("NumShares"); } } catch (Exception e) { e.printStackTrace(); } if (oShares > 0) { oShares += Shares; query = "update " + userName + " set NumShares = " + oShares + " where Symbol = '" + Symbol + "' and Trans = 'C'"; sessionbase.doUpdate(query, SessionId); } else { query = "insert into " + userName + " (Symbol, NumShares, tradeAt, Trans, Dtime) values ('" + Symbol + "', " + Shares + ", " + Cost + ", 'C', NOW())"; sessionbase.doUpdate(query, SessionId); } } // Delete offer query = "delete from " + userName + " where Symbol = '" + Symbol + "' and Trans = 'F" + Trans + "'"; sessionbase.doUpdate(query, SessionId); // Send an email to the user about the change. String Email = (String)null; String from = (String)null; String Subject = (String)null; String Text = (String)null; if (Trans.equals("B")) { Trans = "Purchasing"; } else { Trans = "Selling"; } query = "select Email from Account where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while(result.next()) { Email = result.getString("Email"); } } catch(Exception e) { e.printStackTrace(); } // Get current balance query = "select Balance from Portfolio where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Balance = result.getDouble("Balance"); } } catch (Exception e) { e.printStackTrace(); } from = SystemEmail; Subject = SystemShortName + " - Frozen Offer Deleted Notice"; Text = "This note is to inform you that one of your frozen offers has been\ndeleted by a " + SystemName + " administrator.\n\nTransaction: " + Trans + " " + intFormat.format(Shares) + " shares of " + Symbol.toUpperCase() + " at " + curFormat.format(Cost) + ".\n\nBalance: " + curFormat.format(Balance) + "\n"; sessionbase.sendEmail(Subject, Email, from, Text, SessionId); sessionbase.doUpdate("unlock tables", SessionId); response.sendRedirect(ServletURL + ".Admin?task=loffers"); out.close(); } else if (task.equals("confirmDel")) { Symbol = request.getParameter("Symbol"); Trans = request.getParameter("Trans"); Owner = request.getParameter("Owner"); // Get the userName query = "select Username from Account where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { userName = result.getString("Username"); } } catch (Exception e) { e.printStackTrace(); } // Lock required tables sessionbase.doUpdate("lock tables " + userName + " write, qt" + Symbol.toLowerCase() + " write, Portfolio write, Account write", SessionId); // Get value and shares query = "select tradeAt, NumShares from qt" + Symbol.toLowerCase() + " where AccountId = " + Owner + " and Trans = '" + Trans + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Cost = result.getDouble("tradeAt"); Shares = result.getInt("NumShares"); } } catch (Exception e) { e.printStackTrace(); } // Delete from the queue query = "delete from qt" + Symbol.toLowerCase() + " where AccountId = " + Owner + " and Trans = '" + Trans + "'"; sessionbase.doUpdate(query, SessionId); // If it's a Buy offer, delete offer from users Holdings // and add balance back into Portfolio // If it's a Sell offer, place shares back into Holdings as // fixed and delete the offer. double Balance = 0.00; if (Trans.equals("B")) { // Retrieve users balance query = "select Balance from Portfolio where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Balance = result.getDouble("Balance"); } } catch (Exception e) { e.printStackTrace(); } // Update balance Balance += (Shares * Cost); query = "update Portfolio set Balance = " + Balance + " where AccountId = " + Owner; sessionbase.doUpdate(query, SessionId); } else { // Check to see if user already has Fixed shares of this // type and just update that. Otherwise, insert the new // amount. int oShares = 0; query = "select NumShares from " + userName + " where Symbol = '" + Symbol + "' and Trans = 'C'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { oShares = result.getInt("NumShares"); } } catch (Exception e) { e.printStackTrace(); } if (oShares > 0) { oShares += Shares; query = "update " + userName + " set NumShares = " + oShares + " where Symbol = '" + Symbol + "' and Trans = 'C'"; sessionbase.doUpdate(query, SessionId); } else { query = "insert into " + userName + " (Symbol, NumShares, tradeAt, Trans, Dtime) values ('" + Symbol + "', " + Shares + ", " + Cost + ", 'C', NOW())"; sessionbase.doUpdate(query, SessionId); } } // Delete offer query = "delete from " + userName + " where Symbol = '" + Symbol + "' and Trans = '" + Trans + "'"; sessionbase.doUpdate(query, SessionId); // Send an email to the user about the change. String Email = (String)null; String from = (String)null; String Subject = (String)null; String Text = (String)null; if (Trans.equals("B")) { Trans = "Purchasing"; } else { Trans = "Selling"; } query = "select Email from Account where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while(result.next()) { Email = result.getString("Email"); } } catch(Exception e) { e.printStackTrace(); } // Get current balance query = "select Balance from Portfolio where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Balance = result.getDouble("Balance"); } } catch (Exception e) { e.printStackTrace(); } from = SystemEmail; Subject = SystemShortName + " - Offer Deleted Notice"; Text = "This note is to inform you that one of your offers has been\ndeleted by a " + SystemName + " administrator.\n\nTransaction: " + Trans + " " + intFormat.format(Shares) + " shares of " + Symbol.toUpperCase() + " at " + curFormat.format(Cost) + ".\n\nBalance: " + curFormat.format(Balance) + "\n"; sessionbase.sendEmail(Subject, Email, from, Text, SessionId); sessionbase.doUpdate("unlock tables", SessionId); response.sendRedirect(ServletURL + ".Admin?task=loffers"); out.close(); } else { // Invalid task sessionbase.printTop(out, 21); out.println("Error:"); out.println(" Invalid Task Specified "); sessionbase.printBot(out, SessionId, 3); out.close(); } } } public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { String AccountId = (String)null; String task = request.getParameter("task"); String query = (String)null; ResultSet result = null; // Set up decimal formatting for digits. This will force at least 0.00. DecimalFormat curFormat = new DecimalFormat("$##,###,###,###,###,##0.00"); DecimalFormat numFormat = new DecimalFormat("################0.00"); DecimalFormat intFormat = new DecimalFormat("################0"); // Initialize the output stream response.setContentType("text/html"); PrintWriter out = response.getWriter(); HttpSession session = request.getSession(); String SessionId = session.getId(); // Retrieve AccountId AccountId = sessionbase.getAccountId(SessionId); if ( AccountId == null || !AccountId.equals("1") ) { response.sendRedirect(ServletURL + ".nonMember?task=LI&Type=1"); } else { if (task.equals("mod")) { String Symbol = request.getParameter("Symbol"); String Trans = request.getParameter("Trans"); String askP = request.getParameter("Cost"); String numShares = request.getParameter("Shares"); String Owner = request.getParameter("Owner"); String userName = request.getParameter("Name"); int error = 0; int lenCheck = 0; char Checkit; String numCheck = ""; Integer convInt; Double contP; double Cost = 0.00; int Shares = 0; int oShares = 0; double oCost = 0.00; double Balance = 0.00; askP = askP.trim(); lenCheck = askP.length(); for (int i = 0 ; i < lenCheck ; i++) { Checkit = askP.charAt(i); if (Checkit != '$' && Checkit != ',') { numCheck += Checkit; } } askP = numCheck; try { convInt = new Integer(numShares); Shares = convInt.intValue(); contP = new Double(askP); Cost = contP.doubleValue(); } catch(NumberFormatException e) { sessionbase.printTop(out, 23); out.println(""); out.println("Error:"); out.println(" Invalid characters entered."); out.println("Please go back and correct the problem. "); sessionbase.printBot(out, SessionId, 3); out.close(); error++; } if (error == 0) { // First lock the tables needed sessionbase.doUpdate("lock tables " + userName + " write, qt" + Symbol.toLowerCase() + " write, Portfolio write, Account write", SessionId); // Check to make sure the transaction still exists. Don't // want to try and modify what someone has already acted on query = "select AccountId from qt" + Symbol.toLowerCase() + " where Trans = '" + Trans + "' and AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Owner = result.getString("AccountId"); } } catch (Exception e) { e.printStackTrace(); } if (Owner == null) { sessionbase.doUpdate("unlock tables", SessionId); sessionbase.printTop(out, 23); out.println(""); out.println(" Error "); out.println("The transaction you are attempting to modify"); out.println("is no longer in the queue. A possible reason for this is someone"); out.println("has already responded to the transaction. "); sessionbase.printBot(out, SessionId, 3); out.close(); } else { // Modify the transaction. For a Buy transaction, the Queue, // users Holdings and users Balance need to be modified. // For a sell only the Queue and Holdings need be modified. if (Trans.equals("B")) { // Modify Buy offer // Load the old transaction query = "select * from qt" + Symbol.toLowerCase() + " where AccountId = " + Owner + " and Trans = 'B'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { oShares = result.getInt("NumShares"); oCost = result.getDouble("tradeAt"); } } catch (Exception e) { e.printStackTrace(); } // Extract users balance query = "select Balance from Portfolio where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Balance = result.getDouble("Balance"); } } catch (Exception e) { e.printStackTrace(); } // Add cost of original transaction back in Balance = Balance + (oCost*oShares); // Take out cost of modified transaction Balance = Balance - (Cost * Shares); // Make sure the user doesn't have a negative balance if (Balance < 0) { Balance = 0; } // Update Balance query = "update Portfolio set Balance = " + numFormat.format(Balance) + " where AccountId = " + Owner; sessionbase.doUpdate(query, SessionId); query = "update qt" + Symbol.toLowerCase() + " set NumShares = " + Shares + ", tradeAt = " + Cost + " where AccountId = " + Owner + " and Trans = 'B'"; sessionbase.doUpdate(query, SessionId); query = "update " + userName + " set NumShares = " + Shares + ", tradeAt = " + Cost + " where Symbol = '" + Symbol + "' and Trans = 'B'"; sessionbase.doUpdate(query, SessionId); } else if (Trans.equals("S")) { // Modify Sell offer // Load the old transaction query = "select * from qt" + Symbol.toLowerCase() + " where AccountId = " + Owner + " and Trans = 'S'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { oShares = result.getInt("NumShares"); oCost = result.getDouble("tradeAt"); } } catch (Exception e) { e.printStackTrace(); } // Update the Queue table query = "update qt" + Symbol.toLowerCase() + " set NumShares = " + Shares + ", tradeAt = " + Cost + " where AccountId = " + Owner + " and Trans = 'S'"; sessionbase.doUpdate(query, SessionId); // Update the User table query = "update " + userName + " set NumShares = " + Shares + ", tradeAt = " + Cost + " where Symbol = '" + Symbol + "' and Trans = 'S'"; sessionbase.doUpdate(query, SessionId); // Check to see if any shares need to be added back in if (Shares < oShares) { int newShares = oShares - Shares; // First see if there are any Completed shares query = "select NumShares from " + userName + " where Symbol = '" + Symbol + "' and Trans = 'C'"; result = sessionbase.doQuery(query, SessionId); int cShares = 0; try { while (result.next()) { cShares = result.getInt("NumShares"); } } catch (Exception e) { e.printStackTrace(); } if (cShares > 0) { newShares += cShares; query = "update " + userName + " set NumShares = " + newShares + " where Symbol = '" + Symbol + "' and Trans = 'C'"; sessionbase.doUpdate(query, SessionId); } else { query = "insert into " + userName + " (Symbol, NumShares, tradeAt, Trans, Dtime) values ('" + Symbol + "', " + newShares + ", " + Cost + ", 'C', NOW())"; sessionbase.doUpdate(query, SessionId); } } // Check to see if any shares need to be removed if (Shares > oShares) { int newShares = Shares - oShares; // First see if there are any Completed shares query = "select NumShares from " + userName + " where Symbol = '" + Symbol + "' and Trans = 'C'"; result = sessionbase.doQuery(query, SessionId); int cShares = 0; try { while (result.next()) { cShares = result.getInt("NumShares"); } } catch (Exception e) { e.printStackTrace(); } if (cShares > 0) { if (cShares <= newShares) { // User would be left with 0, just // remove from their holdings query = "delete from " + userName + " where Symbol = '" + Symbol + "' and Trans = 'C'"; sessionbase.doUpdate(query, SessionId); } else { int tShares = cShares - newShares; query = "update " + userName + " set NumShares = " + tShares + " where Symbol = '" + Symbol + "' and Trans = 'C'"; sessionbase.doUpdate(query, SessionId); } } } } // Send an email to the user about the change. String Email = (String)null; String from = (String)null; String Subject = (String)null; String Text = (String)null; if (Trans.equals("B")) { Trans = "Purchasing"; } else { Trans = "Selling"; } query = "select Email from Account where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while(result.next()) { Email = result.getString("Email"); } } catch(Exception e) { e.printStackTrace(); } // Get current balance query = "select Balance from Portfolio where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Balance = result.getDouble("Balance"); } } catch (Exception e) { e.printStackTrace(); } from = SystemEmail; Subject = SystemShortName + " - Offer Modified Notice"; Text = "This note is to inform you that one of your offers has been\nmodified by a " + SystemName + " administrator.\n\nOriginal Transaction: " + Trans + " " + intFormat.format(oShares) + " shares of " + Symbol.toUpperCase() + " at " + curFormat.format(oCost) + ".\n\nNew Transaction: " + Trans + " " + intFormat.format(Shares) + " of " + Symbol.toUpperCase() + " at " + curFormat.format(Cost) + ".\n\nBalance: " + curFormat.format(Balance) + "\n"; sessionbase.sendEmail(Subject, Email, from, Text, SessionId); sessionbase.doUpdate("unlock tables", SessionId); response.sendRedirect(ServletURL + ".Admin?task=loffers"); } } } else if (task.equals("buy")) { // Initialize variables String Symbol = request.getParameter("symbol"); String nums = request.getParameter("numShares"); String askP = request.getParameter("askPrice"); Integer convInt; int numShares = 0; // Cost per share container double shareCost = 0.00; // Current balance container double Balance = 0.00; // Total cost of purchase container double tCost = 0.00; // End balance container double endBalance = 0.00; // Available shares container int availShares = 0; // Remaining shares available int endShares = 0; int error = 0; Double contP; double askPrice = 0.00; String numCheck = ""; char Checkit; int lenCheck = 0; String Locked = ""; // Everything is type String, convert everything to its proper type. askP = askP.trim(); lenCheck = askP.length(); // Filter out $ and , from the Cost for (int i = 0 ; i < lenCheck ; i++) { Checkit = askP.charAt(i); if (Checkit != '$' && Checkit != ',') { numCheck += Checkit; } } askP = numCheck; try { convInt = new Integer(nums); numShares = convInt.intValue(); contP = new Double(askP); askPrice = contP.doubleValue(); } catch(NumberFormatException e) { // User must have entered something else wrong sessionbase.printTop(out, 23); out.println(""); out.println(" Error: "); out.println("Invalid characters entered."); out.println("Please go back and correct the problem. "); sessionbase.printBot(out, SessionId, 3); out.close(); error++; } // Make sure user isn't trying to sell 0 shares or < $0.01 if (numShares < 1 || askPrice < 0.01) { sessionbase.printTop(out, 23); out.println(""); out.println(" Error: "); out.println("0 and negative values not allowed for Shares or Amount."); out.println("Go back and enter a different number. "); sessionbase.printBot(out, SessionId, 3); out.close(); error++; } // Make sure they entered a valid company and that it isn't locked query = "Select Last, Locked from Companies where Symbol = '" + Symbol + "'"; result = sessionbase.doQuery(query, SessionId); try { while(result.next()) { shareCost = result.getDouble("Last"); Locked = result.getString("Locked"); } } catch(Exception e) { e.printStackTrace(); } if(shareCost == 0.00) { sessionbase.printTop(out, 23); out.println(""); out.println(" Error: "); out.println("You have entered an invalid symbol."); out.println("Please go back and enter a different one. "); sessionbase.printBot(out, SessionId, 3); out.close(); error++; } if (Locked.equals("Y")) { sessionbase.printTop(out, 23); out.println(""); out.println(" Error: "); out.println("The stock you are trying to buy is currently frozen, no buy or sell transactions can take place until this is lifted."); sessionbase.printBot(out, SessionId, 3); out.close(); error++; } // Get user balance and make sure they have enough money query = "select Balance from Portfolio where AccountId = " + AccountId; result = sessionbase.doQuery(query, SessionId); try { while(result.next()) { Balance = result.getDouble("Balance"); } } catch(Exception e) { e.printStackTrace(); } tCost = 20 + (askPrice * numShares); endBalance = Balance - tCost; if(endBalance < 0) { sessionbase.printTop(out, 23); out.println(""); out.println(" Error: "); out.println("You cannot afford the number of stocks requested. Keep in mind there is a $20 commission on each transaction."); out.println("Please go back and enter a different one. "); sessionbase.printBot(out, SessionId, 3); out.close(); error++; } // Check to see if user already has an offer out for this symbol query = "select Symbol from " + sessionbase.getUsername(SessionId) + " where Symbol = '" + Symbol + "' and Trans = 'B'"; result = sessionbase.doQuery(query, SessionId); String Sym = (String)null; try { while(result.next()) { Sym = result.getString("Symbol"); } } catch(Exception e) { e.printStackTrace(); } if (Sym != null) { sessionbase.printTop(out, 23); out.println(""); out.println(" Existing Trade "); out.println("Only one \"buy\" or \"sell\" offer can be made at a time."); out.println("You can have a \"buy\" and \"sell\" offer at the same time but only one of"); out.println("each. To change your transaction, go back"); out.println("and cancel the existing trade. "); sessionbase.printBot(out, SessionId, 3); out.close(); error++; } if (error == 0) { // Everything must be ok. Prompt user to ensure they // really want to do the trade. sessionbase.printTop(out, 23); out.println(""); out.println(" Confirm "); out.println("Please confirm your purchase bid: Error: "); out.println("Invalid characters entered."); out.println("Please go back and correct the problem. "); sessionbase.printBot(out, SessionId, 3); out.close(); error++; } // Make sure they entered a valid company query = "select Last, Locked from Companies where Symbol = '" + Symbol + "'"; result = sessionbase.doQuery(query, SessionId); try { while(result.next()) { shareCost = result.getDouble("Last"); Locked = result.getString("Locked"); } } catch(Exception e) { e.printStackTrace(); } if (shareCost == 0.00) { sessionbase.printTop(out, 23); out.println(""); out.println(" Error: "); out.println("The Symbol you have entered doesn't exist."); out.println("Go back and enter a valid symbol. "); sessionbase.printBot(out, SessionId, 3); error++; out.close(); } // Make sure user isn't trying to sell 0 shares or < $0.01 if (numShares < 1 || askPrice < 0.01) { sessionbase.printTop(out, 23); out.println(""); out.println(" Error: "); out.println("0 and negative values not allowed for Shares or Amount."); out.println("Go back and enter a different number. "); sessionbase.printBot(out, SessionId, 3); out.close(); error++; } // Make sure user has the number of shares they try to sell query = "Select NumShares from " + sessionbase.getUsername(SessionId) + " where Symbol = '" + Symbol + "' and Trans = 'C'"; result = sessionbase.doQuery(query, SessionId); try { while(result.next()) { userShares = result.getInt("NumShares"); } } catch(Exception e) { e.printStackTrace(); } if ((userShares - numShares) < 0 ) { sessionbase.printTop(out, 23); out.println(""); out.println(" Error: "); out.println("You don't have that many shares to sell."); out.println("Go back and enter a different number. "); sessionbase.printBot(out, SessionId, 3); out.close(); error++; } if (Locked.equals("Y")) { sessionbase.printTop(out, 23); out.println(""); out.println(" Error: "); out.println("The stock you are trying to buy is currently frozen, no buy or sell transactions can take place until this is lifted."); sessionbase.printBot(out, SessionId, 3); out.close(); error++; } // Check to see if user already has an offer out for this symbol query = "select Symbol from " + sessionbase.getUsername(SessionId) + " where Symbol = '" + Symbol + "' and Trans = 'S'"; result = sessionbase.doQuery(query, SessionId); String Sym = (String)null; try { while(result.next()) { Sym = result.getString("Symbol"); } } catch(Exception e) { e.printStackTrace(); } if (Sym != null) { sessionbase.printTop(out, 23); out.println(""); out.println(" Existing Trade "); out.println("Only one \"buy\" or \"sell\" offer can be made at a time."); out.println("You can have a \"buy\" and \"sell\" offer at the same time but only one of"); out.println("each. To change your transaction, go back"); out.println("and cancel the existing trade. "); sessionbase.printBot(out, SessionId, 3); out.close(); error++; } if (error == 0) { // Everything seems ok, confirm the sale // Get user's balance query = "select Balance from Portfolio where AccountId = " + AccountId; result = sessionbase.doQuery(query, SessionId); try { while(result.next()) { Balance = result.getDouble("Balance"); } } catch(Exception e) { e.printStackTrace(); } Profit = (numShares * askPrice) - 20; endBalance = Balance + Profit; sessionbase.printTop(out, 23); out.println(""); out.println(" Confirm "); out.println("Please confirm your sale bid: "); out.println("Modify Company "); out.println("Company information for " + Name + "(" + Symbol + ") successfully updated."); sessionbase.printBot(out, SessionId, 3); out.close(); } } else if (task.equals("modusr")) { String userName = ""; userName += request.getParameter("User"); String fName = ""; fName += request.getParameter("fName"); String lName = ""; lName += request.getParameter("lName"); String MI = ""; MI += request.getParameter("MI"); String Email = ""; Email += request.getParameter("Email"); String Pass = ""; Pass += request.getParameter("Pass"); String Pass1 = ""; Pass1 += request.getParameter("Pass1"); String Bal = ""; Bal += request.getParameter("Balance"); String Randm = ""; Randm += request.getParameter("Random"); String Message = ""; int error = 0; String numCheck = ""; int lenCheck = 0; Double convD; double Balance = 0.00; char Checkit; try { numCheck = ""; lenCheck = Bal.length(); for (int i = 0 ; i < lenCheck ; i++) { Checkit = Bal.charAt(i); if (Checkit != '$' && Checkit != ',') { numCheck += Checkit; } } convD = new Double(numCheck); Balance = convD.doubleValue(); } catch(NumberFormatException e) { Message += "Balance contains invalid characters. "; error++; } if (Balance < 0) { Message += "Balance field cannot be a negative value. "; error++; } if (fName.length() < 1) { Message += "First Name field cannot be left empty. "; error++; } if (lName.length() < 1) { Message += "Last name field cannot be left empty. "; error++; } if (Email.length() < 1) { Message += "Email field cannot be left empty. "; error++; } if ((Pass.length() < 1 && Pass1.length() > 0) || (Pass1.length() < 1 && Pass.length() > 0)) { Message += "Password field cannot be left empty without selecting Random Password. "; error++; } if (Pass.length() > 0 && Pass.length() < 5 && Pass.equals(Pass1) && !Randm.equals("rand")) { Message += "The password you have entered is too short. "; error++; } if (Randm.equals("rand") && (Pass.length() > 0 || Pass1.length() > 0)) { Message += "You entered a password and selected Random Password. Please choose one or the other. "; error++; } if (Pass.length() > 0) { if (!Pass.equals(Pass1)) { Message += "The passwords you entered do not match. "; error++; } } // Check for duplicate email address query = "select AccountId from Account where Email = '" + Email + "'"; result = sessionbase.doQuery(query, SessionId); String checkEmail = ""; try { while (result.next()) { checkEmail = result.getString("AccountId"); } } catch (Exception e) { e.printStackTrace(); } AccountId = ""; query = "select AccountId from Account where Username = '" + userName + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { AccountId = result.getString("AccountId"); } } catch (Exception e) { e.printStackTrace(); } if (!AccountId.equals(checkEmail) && checkEmail.length() > 0) { Message += "Another user is registered with the selected email address. "; error++; } if (error > 0) { sessionbase.printTop(out, 22); out.println(" "); out.println("Error: "); out.println(Message); out.println(" "); out.println("Information for " + userName + " successfully updated."); sessionbase.printBot(out, SessionId, 3); out.close(); } } else if (task.equals("confirmUserDel")) { String userName = request.getParameter("User"); // Make sure it's a valid user and not a Company User String userCheck = ""; String Fname = ""; String Lname = ""; query = "select Username, Fname, Lname from Account where Username = '" + userName + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { userCheck = result.getString("Username"); Fname = result.getString("Fname"); Lname = result.getString("Lname"); } } catch (Exception e) { e.printStackTrace(); } String uChk = userName.toLowerCase(); if (!uChk.equals(userCheck.toLowerCase())) { sessionbase.printTop(out, 23); out.println(" "); out.println("You have specified an invalid user."); out.println("Please go Back and re-enter the user."); sessionbase.printBot(out, SessionId, 3); out.close(); } else { if (Fname.equals("Company") && Lname.equals("User")) { sessionbase.printTop(out, 23); out.println(" "); out.println("You are trying to delete a Company User. These users cannot be deleted - they are automatically removed when a Company is deleted. "); out.println("Please go Back and re-enter the user."); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (sessionbase.checkRoot(userCheck)) { sessionbase.printTop(out, 23); out.println(" "); out.println("You are trying to delete the Administrative user. This user cannot be deleted. "); out.println("Please go Back and re-enter the user."); sessionbase.printBot(out, SessionId, 3); out.close(); } else { sessionbase.printTop(out, 23); out.println(" "); out.println("Confirm Account Delete "); out.println("Delete the Account of " + userCheck + "? "); out.println("Note: This will permanently delete the user account. "); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } } } else if (task.equals("confirmCompDel")) { String Symbol = request.getParameter("Symbol"); // Make sure it's a valid company String cmpCheck = ""; String cName = (String)null; query = "select Symbol, Name from Companies where Symbol = '" + Symbol + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { cmpCheck = result.getString("Symbol"); cName = result.getString("Name"); } } catch (Exception e) { e.printStackTrace(); } String uChk = Symbol.toLowerCase(); if (!uChk.equals(cmpCheck.toLowerCase())) { sessionbase.printTop(out, 24); out.println(" "); out.println("You have specified an invalid company."); out.println("Please go Back and re-enter the symbol."); sessionbase.printBot(out, SessionId, 3); out.close(); } else { sessionbase.printTop(out, 24); out.println(" "); out.println("Confirm Company Deletion "); out.println("Delete the Company " + cName + "(" + cmpCheck + ")? "); out.println("Warning: This will permanently delete the Company. This step cannot be undone and will alter the holdings of everyone owning shares in this company. "); out.println("Please make sure this is the right company to delete. "); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } } else if (task.equals("confirmCompanyUnlock")) { String companySym = request.getParameter("companySym"); // Make sure it's a valid company and that it's locked String compCheck = ""; String lockStat = ""; query = "select Name, Locked from Companies where Symbol = '" + companySym + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { compCheck = result.getString("Name"); lockStat = result.getString("Locked"); } } catch (Exception e) { e.printStackTrace(); } if (!(compCheck.length() > 0)) { sessionbase.printTop(out, 24); out.println(" "); out.println("Company Unlock"); out.println("You have specified an invalid company."); out.println("Please go Back and re-enter the company."); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (lockStat.equals("N")) { sessionbase.printTop(out, 24); out.println(" "); out.println("Company Unlock"); out.println("The company you are trying to unlock has not been locked."); out.println("Please go Back and re-enter the company."); sessionbase.printBot(out, SessionId, 3); out.close(); } else { sessionbase.printTop(out, 24); out.println(" "); out.println("Confirm Company Unlock"); out.println("Unlock the Company " + compCheck + "(" + companySym + ")? "); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } } else if (task.equals("confirmCompanyLock")) { String companySym = request.getParameter("companySym"); // Make sure it's a valid company and that it's unlocked String compCheck = ""; String lockStat = ""; query = "select Name, Locked from Companies where Symbol = '" + companySym + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { compCheck = result.getString("Name"); lockStat = result.getString("Locked"); } } catch (Exception e) { e.printStackTrace(); } if (!(compCheck.length() > 0)) { sessionbase.printTop(out, 24); out.println(" "); out.println("You have specified an invalid company."); out.println("Please go Back and re-enter the company."); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (lockStat.equals("Y")) { sessionbase.printTop(out, 24); out.println(" "); out.println("The company you are trying to lock is already locked."); out.println("Please go Back and re-enter the company."); sessionbase.printBot(out, SessionId, 3); out.close(); } else { sessionbase.printTop(out, 24); out.println(" "); out.println("Confirm Company Lock"); out.println("Lock the Company " + compCheck + "(" + companySym + ")? "); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } } else if (task.equals("confirmLock")) { String userName = request.getParameter("User"); String reasonLock = request.getParameter("reason"); // Make sure it's a valid user String userCheck = ""; query = "select AccountId from Account where Username = '" + userName + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { userCheck = result.getString("AccountId"); } } catch (Exception e) { e.printStackTrace(); } if (!(userCheck.length() > 0)) { sessionbase.printTop(out, 23); out.println(" "); out.println("You have specified an invalid user."); out.println("Please go Back and re-enter the user."); sessionbase.printBot(out, SessionId, 3); out.close(); } else if (reasonLock.equals("")) { sessionbase.printTop(out, 23); out.println(" "); out.println("You must enter a reason for locking the account."); out.println("Please go Back and enter one."); sessionbase.printBot(out, SessionId, 3); out.close(); } else { sessionbase.printTop(out, 23); out.println(" "); out.println("Confirm Account Lock"); out.println("Lock the Account of " + userCheck + " with the reason: "); out.println(reasonLock + " "); int lenS = reasonLock.length(); String tempS = ""; // Filter out things in the string that might throw off the url. // Use a little pattern just for the Exchange. for (int i = 0 ; i < lenS ; i++) { if (reasonLock.charAt(i) != ' ' && reasonLock.charAt(i) != '\"' && reasonLock.charAt(i) !='\'' && reasonLock.charAt(i) != '?' && reasonLock.charAt(i) != '&') { tempS = tempS + reasonLock.charAt(i); } else if (reasonLock.charAt(i) == ' ') { tempS += "^!1!^"; } else if (reasonLock.charAt(i) == '\"') { tempS += "^!2!^"; } else if (reasonLock.charAt(i) == '\'') { tempS += "^!3!^"; } else if (reasonLock.charAt(i) == '?') { tempS += "^!4!^"; } else if (reasonLock.charAt(i) == '&') { tempS += "^!5!^"; } } reasonLock = tempS; out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } } else if (task.equals("confirmUnlock")) { String userName = request.getParameter("User"); // Make sure it's a valid user String userCheck = ""; query = "select AccountId from Account where Username = '" + userName + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { userCheck = result.getString("AccountId"); } } catch (Exception e) { e.printStackTrace(); } if (!(AccountId.length() > 0)) { sessionbase.printTop(out, 23); out.println(" "); out.println("You have specified an invalid user."); out.println("Please go Back and re-enter the user."); sessionbase.printBot(out, SessionId, 3); out.close(); } else { sessionbase.printTop(out, 23); out.println(" "); out.println("Confirm Unlock "); out.println("Are you sure you want to unlock the account of " + userCheck + "? "); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } } else if (task.equals("modf")) { String Symbol = request.getParameter("Symbol"); String Trans = request.getParameter("Trans"); String askP = request.getParameter("Cost"); String numShares = request.getParameter("Shares"); String Owner = request.getParameter("Owner"); String userName = request.getParameter("Name"); int error = 0; int lenCheck = 0; char Checkit; String numCheck = ""; Integer convInt; Double contP; double Cost = 0.00; int Shares = 0; int oShares = 0; double oCost = 0.00; double Balance = 0.00; askP = askP.trim(); lenCheck = askP.length(); for (int i = 0 ; i < lenCheck ; i++) { Checkit = askP.charAt(i); if (Checkit != '$' && Checkit != ',') { numCheck += Checkit; } } askP = numCheck; try { convInt = new Integer(numShares); Shares = convInt.intValue(); contP = new Double(askP); Cost = contP.doubleValue(); } catch(NumberFormatException e) { sessionbase.printTop(out, 23); out.println(" "); out.println("Error:"); out.println(" Invalid characters entered."); out.println("Please go back and correct the problem. "); sessionbase.printBot(out, SessionId, 3); out.close(); error++; } if (error == 0) { // First lock the tables needed sessionbase.doUpdate("lock tables " + userName + " write, Frozen write, Portfolio write, Account write", SessionId); // Modify the transaction. For a Buy transaction, Frozen queue, // users Holdings and users Balance need to be modified. // For a sell only the Frozen queue and Holdings need be modified. if (Trans.equals("B")) { // Modify Buy offer // Load the old transaction query = "select * from Frozen where AccountId = " + Owner + " and Trans = 'B' and Symbol = '" + Symbol + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { oShares = result.getInt("NumShares"); oCost = result.getDouble("tradeAt"); } } catch (Exception e) { e.printStackTrace(); } // Extract users balance query = "select Balance from Portfolio where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Balance = result.getDouble("Balance"); } } catch (Exception e) { e.printStackTrace(); } // Add cost of original transaction back in Balance = Balance + (oCost*oShares); // Take out cost of modified transaction Balance = Balance - (Cost * Shares); // Make sure the user doesn't have a negative balance if (Balance < 0) { Balance = 0; } // Update Balance query = "update Portfolio set Balance = " + numFormat.format(Balance) + " where AccountId = " + Owner; sessionbase.doUpdate(query, SessionId); query = "update Frozen set NumShares = " + Shares + ", tradeAt = " + Cost + " where AccountId = " + Owner + " and Trans = 'B' and Symbol = '" + Symbol + "'"; sessionbase.doUpdate(query, SessionId); query = "update " + userName + " set NumShares = " + Shares + ", tradeAt = " + Cost + " where Symbol = '" + Symbol + "' and Trans = 'FB'"; sessionbase.doUpdate(query, SessionId); } else if (Trans.equals("S")) { // Modify Sell offer // Load the old transaction query = "select NumShares, tradeAt from Frozen where AccountId = " + Owner + " and Trans = 'S' and Symbol = '" + Symbol + "'"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { oShares = result.getInt("NumShares"); oCost = result.getDouble("tradeAt"); } } catch (Exception e) { e.printStackTrace(); } // Update the Queue table query = "update Frozen set NumShares = " + Shares + ", tradeAt = " + Cost + " where AccountId = " + Owner + " and Trans = 'S' and Symbol = '" + Symbol + "'"; sessionbase.doUpdate(query, SessionId); // Update the User table query = "update " + userName + " set NumShares = " + Shares + ", tradeAt = " + Cost + " where Symbol = '" + Symbol + "' and Trans = 'FS'"; sessionbase.doUpdate(query, SessionId); // Check to see if any shares need to be added back in if (Shares < oShares) { int newShares = oShares - Shares; // First see if there are any Completed shares query = "select NumShares from " + userName + " where Symbol = '" + Symbol + "' and Trans = 'C'"; result = sessionbase.doQuery(query, SessionId); int cShares = 0; try { while (result.next()) { cShares = result.getInt("NumShares"); } } catch (Exception e) { e.printStackTrace(); } if (cShares > 0) { newShares += cShares; query = "update " + userName + " set NumShares = " + newShares + " where Symbol = '" + Symbol + "' and Trans = 'C'"; sessionbase.doUpdate(query, SessionId); } else { query = "insert into " + userName + " (Symbol, NumShares, tradeAt, Trans, Dtime) values ('" + Symbol + "', " + newShares + ", " + Cost + ", 'C', NOW())"; sessionbase.doUpdate(query, SessionId); } } // Check to see if any shares need to be removed if (Shares > oShares) { int newShares = Shares - oShares; // First see if there are any Completed shares query = "select NumShares from " + userName + " where Symbol = '" + Symbol + "' and Trans = 'C'"; result = sessionbase.doQuery(query, SessionId); int cShares = 0; try { while (result.next()) { cShares = result.getInt("NumShares"); } } catch (Exception e) { e.printStackTrace(); } if (cShares > 0) { if (cShares <= newShares) { // User would be left with 0, just // remove from their holdings query = "delete from " + userName + " where Symbol = '" + Symbol + "' and Trans = 'C'"; sessionbase.doUpdate(query, SessionId); } else { int tShares = cShares - newShares; query = "update " + userName + " set NumShares = " + tShares + " where Symbol = '" + Symbol + "' and Trans = 'C'"; sessionbase.doUpdate(query, SessionId); } } } } // Send an email to the user about the change. String Email = (String)null; String from = (String)null; String Subject = (String)null; String Text = (String)null; if (Trans.equals("B")) { Trans = "Purchasing"; } else { Trans = "Selling"; } query = "select Email from Account where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while(result.next()) { Email = result.getString("Email"); } } catch(Exception e) { e.printStackTrace(); } // Get current balance query = "select Balance from Portfolio where AccountId = " + Owner; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Balance = result.getDouble("Balance"); } } catch (Exception e) { e.printStackTrace(); } from = SystemEmail; Subject = SystemShortName + " - Frozen Offer Modified Notice"; Text = "This note is to inform you that one of your Frozen offers has been\nmodified by a " + SystemName + " administrator.\n\nOriginal Transaction: " + Trans + " " + intFormat.format(oShares) + " shares of " + Symbol.toUpperCase() + " at " + curFormat.format(oCost) + ".\n\nNew Transaction: " + Trans + " " + intFormat.format(Shares) + " of " + Symbol.toUpperCase() + " at " + curFormat.format(Cost) + ".\n\nBalance: " + curFormat.format(Balance) + "\n"; sessionbase.sendEmail(Subject, Email, from, Text, SessionId); sessionbase.doUpdate("unlock tables", SessionId); response.sendRedirect(ServletURL + ".Admin?task=lfrozen"); } } else { // Invalid task sessionbase.printTop(out, 21); out.println("Error:"); out.println(" Invalid Task Specified "); sessionbase.printBot(out, SessionId, 3); out.close(); } } } public void displayQuote(HttpServletRequest request, HttpServletResponse response, String SessionId, String Type) throws IOException, ServletException { String Symbol = request.getParameter("Symbol"); String query = (String)null; String Name = (String)null; int Tshares = 0; double Ipo = 0.00; double Open = 0.00; double Last = 0.00; int Volume = 0; double Change = 0.00; double WkHi = 0.00; double WkLo = 0.00; double DayHi = 0.00; double DayLo = 0.00; double Previous = 0.00; String fLast = (String)null; String fChange = (String)null; String fLow = (String)null; String fHigh = (String)null; ResultSet result = null; double Capitalization = 0.00; ResultSet result2 = null; double userValue = 0; int userShares = 0; String userName = (String)null; boolean member = true; String Locked = (String)null; String Email = (String)null; // Set up decimal formatting for digits. This will force at least 0.00. DecimalFormat curFormat = new DecimalFormat("$##,###,###,###,###,##0.00"); DecimalFormat numFormat = new DecimalFormat("################0.00"); DecimalFormat intFormat = new DecimalFormat("################0"); // Initialize output stream response.setContentType("text/html"); PrintWriter out=response.getWriter(); // Extract Company info from the database. A null ResultSet means the company // must not be in the database. query = "select * from Companies where Symbol = '" + Symbol + "'"; result = sessionbase.doQuery(query); try { while(result.next()) { Name = result.getString("Name"); Tshares = result.getInt("Tshares"); Open = result.getDouble("Open"); Last = result.getDouble("Last"); Volume = result.getInt("Volume"); WkHi = result.getDouble("52WkHi"); WkLo = result.getDouble("52WkLo"); DayHi = result.getDouble("DayHi"); DayLo = result.getDouble("DayLo"); Previous = result.getDouble("Previous"); Locked = result.getString("Locked"); } } catch(Exception e) { e.printStackTrace(); } // Get Company Email address query = "select Email from Account where Username = '" + Symbol + "'"; result = sessionbase.doQuery(query); try { while (result.next()) { Email = result.getString("Email"); } } catch (Exception e) { e.printStackTrace(); } Change = Last - Previous; // Calculating an accurate total Market Cap is a little // trickier. query = "select Username from Account where Username != 'root' order by Username"; result2 = sessionbase.doQuery(query); try { while (result2.next()) { userName = result2.getString("Username"); query = "select * from " + userName + " where Symbol = '" + Symbol + "' and Trans != 'B' and Trans != 'FB'"; result = sessionbase.doQuery(query); while (result.next()) { userValue = result.getDouble("boughtAt"); userShares = result.getInt("NumShares"); Capitalization += (userValue * userShares); } } } catch (Exception e) { e.printStackTrace(); } if (Name == null) { response.sendRedirect(ServletURL + ".Quotes?Task=invalid&Link=3"); out.close(); } else { sessionbase.printTop(out, 25); out.println(""); out.println(" "); out.println(" Today with " + Name + " (" + Symbol + ") "); out.println("
"); out.println(" No Data "); out.println("No offers are currently pending for this stock. "); sessionbase.printBot(out, SessionId, 3); out.close(); } else { // Extract Company info from the database. A null ResultSet means // the company must not be in the database. query = "select * from qt" + Symbol.toLowerCase(); result = sessionbase.doQuery(query, SessionId); sessionbase.printTop(out, 23); out.println(""); out.println("
"); out.println("
"); out.println(" "); out.println("
"); out.println("No frozen jobs currently exist."); out.println(""); sessionbase.printBot(out, SessionId, 3); out.close(); } else { out.println(" "); out.println("
"); out.println("Current Balance: " + curFormat.format(Balance) + " "); } else { out.println("User's Holdings: "); out.println("
"); // Get the Front Article String frontTitle = (String)null; String frontAuthor = (String)null; int frontId = 0; java.util.Date frontDate = new java.util.Date(); java.util.Date frontTime = new java.util.Date(); Locale locale = new Locale("en","US"); // Set the format for time and date DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.LONG, locale); DateFormat shortFormat = DateFormat.getDateInstance(DateFormat.SHORT, locale); DateFormat timeFormat = DateFormat.getTimeInstance(DateFormat.SHORT, locale); String frontStory = (String)null; query = "select Title, Author, Date, Story, Id from News where Type = 3"; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { frontTitle = result.getString("Title"); frontAuthor = result.getString("Author"); frontDate = result.getDate("Date"); frontTime = result.getTime("Date"); frontStory = result.getString("Story"); frontId = result.getInt("Id"); } } catch (Exception e) { e.printStackTrace(); } // Get Author's Full Name query = "select Fname, Lname from Account where Username = '" + frontAuthor + "'"; result = sessionbase.doQuery(query, SessionId); String frontFullAuthor = ""; try { while (result.next()) { frontFullAuthor += result.getString("Fname"); frontFullAuthor += " "; frontFullAuthor += result.getString("Lname"); } } catch (Exception e) { e.printStackTrace(); } out.println(" "); out.println("Article Submitted: " + dateFormat.format(frontDate) + " at " + timeFormat.format(frontTime) + " "); out.println("" + frontTitle + ""); out.println(frontStory + " "); out.println(" ");
out.println("Article submitted by: " + frontFullAuthor);
out.println(" ");
out.println("Breaking News "); java.util.Date frontDate = new java.util.Date(); java.util.Date frontTime = new java.util.Date(); Locale locale = new Locale("en","US"); // Set the format for time and date DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.LONG, locale); DateFormat shortFormat = DateFormat.getDateInstance(DateFormat.SHORT, locale); DateFormat timeFormat = DateFormat.getTimeInstance(DateFormat.SHORT, locale); java.util.Date curDate = new java.util.Date(); int Day = curDate.getDate(); int Month = (curDate.getMonth()) + 1; int Year = (curDate.getYear()) + 1900; Day = Day - 14; if (Day < 1) { Month = Month - 1; if (Month == 1) { Day = 31 + Day; } else if (Month == 2) { Day = 28 + Day; } else if (Month == 3) { Day = 31 + Day; } else if (Month == 4) { Day = 30 + Day; } else if (Month == 5) { Day = 31 + Day; } else if (Month == 6) { Day = 30 + Day; } else if (Month == 7) { Day = 31 + Day; } else if (Month == 8) { Day = 31 + Day; } else if (Month == 9) { Day = 30 + Day; } else if (Month == 10) { Day = 31 + Day; } else if (Month == 11) { Day = 30 + Day; } else if (Month == 12) { Day = 31 + Day; } if (Month < 1) { Month = 12; Year = Year - 1; } } // Get all Headlines String headTitle = (String)null; String headId = (String)null; java.util.Date headDate = new java.util.Date(); java.util.Date headDateO = new java.util.Date(); query = "select Title, Date, Id from News where Date >= " + Year + "-" + Month + "-" + Day + " order by Date desc"; result = sessionbase.doQuery(query, SessionId); int i = 0; out.println("These articles have been submitted within the last two "); out.println("weeks. To view older articles, visit the archives."); out.println(" News Articles"); try { while (result.next()) { i++; headDateO = headDate; headTitle = result.getString("Title"); headDate = result.getDate("Date"); headId = result.getString("Id"); if (!headDate.equals(headDateO)) { if (i > 1) { out.println(" "); } out.println("" + shortFormat.format(headDate) + " "); out.println("° " + headTitle + " "); } else { out.println("° " + headTitle + " "); } } } catch (Exception e) { e.printStackTrace(); } if (i == 0) { out.println("No New Articles "); } out.println(" View old news..."); sessionbase.printBot(out, SessionId, 3); out.close(); } public void displayArchives(HttpServletRequest request, HttpServletResponse response, String SessionId) throws IOException, ServletException { String query = (String)null; ResultSet result = null; // Initialize the output stream response.setContentType("text/html"); PrintWriter out = response.getWriter(); // Let's get the news sessionbase.printTop(out, 26); out.println(" "); java.util.Date frontDate = new java.util.Date(); java.util.Date frontTime = new java.util.Date(); Locale locale = new Locale("en","US"); // Set the format for time and date DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.LONG, locale); DateFormat shortFormat = DateFormat.getDateInstance(DateFormat.SHORT, locale); DateFormat timeFormat = DateFormat.getTimeInstance(DateFormat.SHORT, locale); java.util.Date curDate = new java.util.Date(); int Day = curDate.getDate(); int Month = (curDate.getMonth()) + 1; int Year = (curDate.getYear()) + 1900; Day = Day - 14; if (Day < 1) { Month = Month - 1; if (Month == 1) { Day = 31 + Day; } else if (Month == 2) { Day = 28 + Day; } else if (Month == 3) { Day = 31 + Day; } else if (Month == 4) { Day = 30 + Day; } else if (Month == 5) { Day = 31 + Day; } else if (Month == 6) { Day = 30 + Day; } else if (Month == 7) { Day = 31 + Day; } else if (Month == 8) { Day = 31 + Day; } else if (Month == 9) { Day = 30 + Day; } else if (Month == 10) { Day = 31 + Day; } else if (Month == 11) { Day = 30 + Day; } else if (Month == 12) { Day = 31 + Day; } if (Month < 1) { Month = 12; Year = Year - 1; } } // Get all Headlines String headTitle = (String)null; String headId = (String)null; java.util.Date headDate = new java.util.Date(); java.util.Date headDateO = new java.util.Date(); query = "select Title, Date, Id from News where Date < " + Year + "-" + Month + "-" + Day + " order by Date desc"; result = sessionbase.doQuery(query, SessionId); int i = 0; out.println("These articles are all over two weeks old. To view newer "); out.println("articles, visit the headlines."); out.println(" News Articles"); try { while (result.next()) { i++; headDateO = headDate; headTitle = result.getString("Title"); headDate = result.getDate("Date"); headId = result.getString("Id"); if (!headDate.equals(headDateO)) { if (i > 1) { out.println(" "); } out.println("" + shortFormat.format(headDate) + " "); out.println("° " + headTitle + " "); } else { out.println("° " + headTitle + " "); } } } catch (Exception e) { e.printStackTrace(); } if (i == 0) { out.println("No Old Articles "); } out.println(" View all headlines..."); sessionbase.printBot(out, SessionId, 3); out.close(); } public void displayArticle(HttpServletRequest request, HttpServletResponse response, String SessionId) throws IOException, ServletException { String Id = request.getParameter("Id"); String query = (String)null; ResultSet result = null; // Initialize the output stream response.setContentType("text/html"); PrintWriter out = response.getWriter(); // Get the Article String Title = (String)null; String Author = (String)null; java.util.Date Date = new java.util.Date(); java.util.Date Time = new java.util.Date(); Locale locale = new Locale("en","US"); // Set the format for time and date DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.LONG, locale); DateFormat shortFormat = DateFormat.getDateInstance(DateFormat.SHORT, locale); DateFormat timeFormat = DateFormat.getTimeInstance(DateFormat.SHORT, locale); String Story = (String)null; query = "select Title, Author, Date, Story from News where Id = " + Id; result = sessionbase.doQuery(query, SessionId); try { while (result.next()) { Title = result.getString("Title"); Author = result.getString("Author"); Date = result.getDate("Date"); Time = result.getTime("Date"); Story = result.getString("Story"); } } catch (Exception e) { e.printStackTrace(); } // Get Author's Full Name query = "select Fname, Lname from Account where Username = '" + Author + "'"; result = sessionbase.doQuery(query, SessionId); String FullAuthor = ""; try { while (result.next()) { FullAuthor += result.getString("Fname"); FullAuthor += " "; FullAuthor += result.getString("Lname"); } } catch (Exception e) { e.printStackTrace(); } sessionbase.printTop(out, 26); out.println(" "); out.println(" "); out.println("Article Submitted: " + dateFormat.format(Date) + " at " + timeFormat.format(Time) + " "); out.println("" + Title + ""); out.println(Story + " "); out.println(" ");
out.println("Article submitted by: " + FullAuthor + " ");
out.println("Breaking News ");
out.println("Market News | ");
out.println("");
String weekTitle = (String)null;
String weekId = (String)null;
java.util.Date weekDate = new java.util.Date();
java.util.Date weekDateO = new java.util.Date();
// We only want to get Headlines within 2 weeks of the current
// date, set up the Date qualifier.
query = "select Title, Id, Date from News order by Date desc";
result = sessionbase.doQuery(query, SessionId);
int reps = 0;
try {
while (result.next() && reps < 6) {
weekDateO = weekDate;
reps++;
weekTitle = result.getString("Title");
weekId = result.getString("Id");
weekDate = result.getDate("Date");
if (!weekDate.equals(weekDateO)) {
// Just a formatting thing, don't want to push down the links
// if it is printing the top one.
if (reps > 1) {
out.println(" | "); } out.println("" + shortFormat.format(weekDate) + " "); out.println("° " + weekTitle + " "); } else { out.println("° " + weekTitle + " "); } } } catch (Exception e) { e.printStackTrace(); } out.println(" all headlines..."); out.println(" |