Add constraint check on save/update

build/web/WEB-INF/classes/jsp/confirm.jsp

@@ -14,7 +14,7 @@
     <body>
         <%@include file="header.jsp" %>
         
-        <h1>${confirm} </h1>
+        <h1>${error != null ? error : confirm} </h1>
         <form action="list.htm"  method="POST">
             <input hidden type="text" name="type"  value="${type}" />
             <input type="submit" value="Afficher tous les enregistrements"  />

build/web/WEB-INF/classes/jsp/detail.jsp

@@ -60,7 +60,7 @@
                         <label for="discountCode">Remise</label>
                         <select name="discountCode" id="discountCode">
                             <c:forEach items="${code}" var="dc">
-                                <option <c:if test="${dc.discountCode==result.discountCode}"> selected </c:if> value="${dc.discountCode}}">${dc.discountCode} - ${dc.rate}%</option>
+                                <option <c:if test="${dc.discountCode==result.discountCode}"> selected </c:if> value="${dc.discountCode}">${dc.discountCode} - ${dc.rate}%</option>
                             </c:forEach>
                         </select>
                     </p>
@@ -175,7 +175,7 @@
                         <label for="discountCode">Remise</label>
                         <select name="discountCode" id="discountCode">
                             <c:forEach items="${code}" var="dc">
-                                <option <c:if test="${dc.discountCode==result.discountCode}"> selected </c:if> value="${dc.discountCode}}">${dc.discountCode} - ${dc.rate}%</option>
+                                <option <c:if test="${dc.discountCode==result.discountCode}"> selected </c:if> value="${dc.discountCode}">${dc.discountCode} - ${dc.rate}%</option>
                             </c:forEach>
                         </select>
                     </p>
@@ -189,7 +189,7 @@
             <input hidden type="text" name="type"  value="${type}" />
             <c:choose>
                 <c:when test="${save != null}">
-                    <input type="submit" value="Add" formaction="add.htm" />
+                    <input type="submit" value="Add" formaction="save.htm" />
                 </c:when>
                 <c:otherwise>
                     <input type="submit" value="Edit" formaction="update.htm" />
@@ -199,8 +199,6 @@
                     </c:if>
                 </c:otherwise>
             </c:choose>
-            
-            
         </form>
     </body>
 </html>

build/web/WEB-INF/classes/jsp/resultat.jsp

@@ -20,7 +20,7 @@
                 <h1>${error}</h1>
             </c:when>
             <c:otherwise>
-                <form name="Add" action="detail.htm"  method="POST">
+                <form name="Add" action="formAdd.htm"  method="POST">
                     <input hidden type="text" name="type"  value="${type}"/>
                     <input type=submit  value="Add"  />
                 </form>

build/web/WEB-INF/jsp/confirm.jsp

@@ -14,7 +14,7 @@
     <body>
         <%@include file="header.jsp" %>
         
-        <h1>${confirm} </h1>
+        <h1>${error != null ? error : confirm} </h1>
         <form action="list.htm"  method="POST">
             <input hidden type="text" name="type"  value="${type}" />
             <input type="submit" value="Afficher tous les enregistrements"  />

build/web/WEB-INF/jsp/detail.jsp

@@ -60,7 +60,7 @@
                         <label for="discountCode">Remise</label>
                         <select name="discountCode" id="discountCode">
                             <c:forEach items="${code}" var="dc">
-                                <option <c:if test="${dc.discountCode==result.discountCode}"> selected </c:if> value="${dc.discountCode}}">${dc.discountCode} - ${dc.rate}%</option>
+                                <option <c:if test="${dc.discountCode==result.discountCode}"> selected </c:if> value="${dc.discountCode}">${dc.discountCode} - ${dc.rate}%</option>
                             </c:forEach>
                         </select>
                     </p>
@@ -175,7 +175,7 @@
                         <label for="discountCode">Remise</label>
                         <select name="discountCode" id="discountCode">
                             <c:forEach items="${code}" var="dc">
-                                <option <c:if test="${dc.discountCode==result.discountCode}"> selected </c:if> value="${dc.discountCode}}">${dc.discountCode} - ${dc.rate}%</option>
+                                <option <c:if test="${dc.discountCode==result.discountCode}"> selected </c:if> value="${dc.discountCode}">${dc.discountCode} - ${dc.rate}%</option>
                             </c:forEach>
                         </select>
                     </p>

src/java/DAO/MagasinHelper.java

@@ -8,6 +8,7 @@ import org.hibernate.*;
 import org.hibernate.cfg.Configuration;
 import java.util.*;
 import java.sql.*;
+import org.hibernate.exception.ConstraintViolationException;
 
 /**
  *
@@ -393,8 +394,7 @@ public void add  (Object data) {
              tx=session.beginTransaction();
              session.save(data);
              tx.commit();
-        }
+        } catch (Exception e) {
-        catch (Exception e) {
             e.printStackTrace();
             tx.rollback();
             throw e;

src/java/Exceptions/InvalidParameter.java

@@ -0,0 +1,16 @@
+/*
+ * To change this license header, choose License Headers in Project Properties.
+ * To change this template file, choose Tools | Templates
+ * and open the template in the editor.
+ */
+package Exceptions;
+
+/**
+ *
+ * @author flifloo
+ */
+public class InvalidParameter extends Exception {
+    public InvalidParameter(String message) {
+        super(message);
+    }
+}

src/java/controller/BddController.java

@@ -5,6 +5,7 @@
  */
 package controller;
 import DAO.*;
+import Exceptions.InvalidParameter;
 import java.math.BigDecimal;
 import java.text.SimpleDateFormat;
 import service.User;
@@ -17,6 +18,7 @@ import org.springframework.context.support.ClassPathXmlApplicationContext;
 import org.springframework.web.servlet.mvc.multiaction.MultiActionController;
 import javax.servlet.http.*;
 import javax.servlet.*;
+import org.hibernate.exception.ConstraintViolationException;
 
 
 
@@ -252,64 +254,146 @@ public class BddController extends MultiActionController {
    
    }
    
+   private char paramChar(HttpServletRequest request, String name) throws InvalidParameter {
+       String param = paramNotNull(request, name);
+        if (param.length() > 1)
+            throw new InvalidParameter("Invalid ".concat(name));
+        return param.charAt(0);
+   }
+   
+   private int parseParamInt(HttpServletRequest request, String name) throws InvalidParameter {
+       try {
+           return Integer.parseInt(request.getParameter(name));
+       } catch (Exception e) {
+           throw new InvalidParameter("Invalid numer for ".concat(name));
+       }
+   }
+   
+   private int parseParamInt(String param, String name) throws InvalidParameter {
+       try {
+           return Integer.parseInt(param);
+       } catch (Exception e) {
+           throw new InvalidParameter("Invalid numer for ".concat(name));
+       }
+   }
+   
+   private BigDecimal parseParamBigDecimal(HttpServletRequest request, String name, int precision) throws InvalidParameter {
+       BigDecimal bc;
+       try {
+           bc = BigDecimal.valueOf(Long.parseLong(request.getParameter("rate")));
+       } catch (Exception e) {
+           throw new InvalidParameter("Invalid big int for ".concat(name));
+       }
+       
+       if (bc.precision() > precision)
+        throw new InvalidParameter("Precision for ".concat(name).concat(" shounld be over ".concat(String.valueOf(precision))));
+       return bc;
+   }
+   
+   private Short parseParamShort(HttpServletRequest request, String name) throws InvalidParameter {
+       try {
+           return Short.valueOf(request.getParameter("rate"));
+       } catch (Exception e) {
+           throw new InvalidParameter("Invalid short number for ".concat(name));
+       }
+   }
+   
+   private String paramNotNull(HttpServletRequest request, String name) throws InvalidParameter {
+       String param = request.getParameter(name);
+       if (param == null || param.isEmpty())
+           throw new InvalidParameter(name.concat(" should not be empty"));
+       return param;
+   }
+   
+   private String paramLength(HttpServletRequest request, String name, int length) throws InvalidParameter {
+       String param = request.getParameter(name);
+       if (param.length() > length)
+           throw new InvalidParameter(name.concat(" should not be more than ".concat(String.valueOf(length)).concat(" characters")));
+       return param;
+   }
+   
+   private String paramLength(String param, String name, int length) throws InvalidParameter {
+       if (param.length() > length)
+           throw new InvalidParameter(name.concat(" should not be more than ".concat(String.valueOf(length)).concat(" characters")));
+       return param;
+   }
+   
+   private String paramAvailable(HttpServletRequest request, String name) throws InvalidParameter {
+       String param = request.getParameter(name).toUpperCase();
+       if (!param.equals("TRUE") && !param.equals("FALSE"))
+           throw new InvalidParameter("It's true or false for ".concat(name));
+       return param;
+   }
+   
+   private Date paramDate(HttpServletRequest request, String name) throws InvalidParameter {
+       SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd");
+       try {
+           return format.parse(request.getParameter(name));
+       } catch(Exception e) {
+           throw new InvalidParameter("Invalid date for ".concat(name));
+       }
+   }
+   
    private Object fetchDetailsData(HttpServletRequest request, ModelAndView mv) throws Exception {
        String type = request.getParameter("type");
        Object data = null;
        
-       switch (type) {
+       try {
-           case "customer":
+        switch (type) {
-               int customerId = Integer.parseInt(request.getParameter("customerId"));
+            case "customer":
-               char discountCode = request.getParameter("discountCode").charAt(0);
+                int customerId = parseParamInt(request, "customerId");
-               String zip = request.getParameter("zip");
+                char discountCode = paramChar(request, "discountCode");
-               String name = request.getParameter("name");
+                String zip = paramLength(paramNotNull(request, "zip"), "zip", 10);
-               String addressline1 = request.getParameter("addressline1");
+                String name = paramLength(request, "name", 30);
-               String addressline2 = request.getParameter("addressline2");
+                String addressline1 = paramLength(request, "addressline1", 30);
-               String city = request.getParameter("city");
+                String addressline2 = paramLength(request, "addressline2", 30);
-               String state = request.getParameter("state");
+                String city = paramLength(request, "city", 25);
-               String phone = request.getParameter("phone");
+                String state = paramLength(request, "state", 2);
-               String fax = request.getParameter("fax");
+                String phone = paramLength(request, "phone", 12);
-               String email = request.getParameter("email");
+                String fax = paramLength(request, "fax", 12);
-               int creditLimit = Integer.parseInt(request.getParameter("creditLimit"));
+                String email = paramLength(request, "email", 40);
-               data = new Customer(customerId, discountCode, zip, name, addressline1, addressline2, city, state, phone, fax, email, creditLimit);
+                int creditLimit = parseParamInt(request, "creditLimit");
-               break;
+                data = new Customer(customerId, discountCode, zip, name, addressline1, addressline2, city, state, phone, fax, email, creditLimit);
-           case "product":
-               int productId = Integer.parseInt(request.getParameter("productId"));
-               int manufacturerId = Integer.parseInt(request.getParameter("manufacturerId"));
-               String productCode = request.getParameter("productCode");
-               BigDecimal purchaseCost = BigDecimal.valueOf(Double.parseDouble(request.getParameter("purchaseCost")));
-               int quantityOnHand = Integer.parseInt(request.getParameter("quantityOnHand"));
-               BigDecimal markup = BigDecimal.valueOf(Double.parseDouble(request.getParameter("markup")));
-               String available = request.getParameter("available");
-               String description = request.getParameter("description");
-               data = new Product(productId, manufacturerId, productCode, purchaseCost, quantityOnHand, markup, available, description);
-               break;
-           case "purchase":
-               SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd");
-               
-               int orderNum = Integer.parseInt(request.getParameter("orderNum"));
-               customerId = Integer.parseInt(request.getParameter("customerId"));
-               productId = Integer.parseInt(request.getParameter("productId"));
-               Short quantity = Short.parseShort(request.getParameter("quantity"));
-               BigDecimal shippingCost = BigDecimal.valueOf(Double.parseDouble(request.getParameter("shippingCost")));
-               Date salesDate = format.parse(request.getParameter("salesDate"));
-               Date shippingDate = format.parse(request.getParameter("shippingDate"));
-               String freightCompany = request.getParameter("freightCompany");
-               data = new PurchaseOrder(orderNum, customerId, productId, quantity, shippingCost, salesDate, shippingDate, freightCompany);
                 break;
-           case "discount":
+            case "product":
-               discountCode = request.getParameter("discountCode").charAt(0);
+                int productId = parseParamInt(request, "productId");
-               BigDecimal rate = BigDecimal.valueOf(Double.parseDouble(request.getParameter("rate")));
+                int manufacturerId = parseParamInt(paramNotNull(request, "manufacturerId"), "manufacturerId");
-               data = new DiscountCode(discountCode, rate);
+                String productCode = paramLength(paramNotNull(request, "productCode"), "productCode", 2);
-               break;
+                BigDecimal purchaseCost = parseParamBigDecimal(request, "purchaseCost", 12);
-           case "prodCode":
+                int quantityOnHand = parseParamInt(request, "quantityOnHand");
-               productCode = request.getParameter("prodCode");
+                BigDecimal markup = parseParamBigDecimal(request, "markup", 12);
-               discountCode = request.getParameter("discountCode").charAt(0);
+                String available = paramAvailable(request, "available");
-               description = request.getParameter("description");
+                String description = paramLength(request, "description", 50);
-               data = new ProductCode(productCode, discountCode, description);
+                data = new Product(productId, manufacturerId, productCode, purchaseCost, quantityOnHand, markup, available, description);
-               break;
+                break;
-           default:
+            case "purchase":
-               mv.addObject("error", "Type not found");
+                int orderNum = parseParamInt(request, "orderNum");
-               return mv;
+                customerId = parseParamInt(paramNotNull(request, "customerId"), "customerId");
+                productId = parseParamInt(paramNotNull(request, "productId"), "productId");
+                Short quantity = parseParamShort(request, "quantity");
+                BigDecimal shippingCost = parseParamBigDecimal(request, "shippingCost", 12);
+                Date salesDate = paramDate(request, "salesDate");
+                Date shippingDate = paramDate(request, "shippingDate");
+                String freightCompany = paramLength(request, "freightCompany", 30);
+                data = new PurchaseOrder(orderNum, customerId, productId, quantity, shippingCost, salesDate, shippingDate, freightCompany);
+                 break;
+            case "discount":
+                discountCode = paramChar(request, "discountCode");
+                BigDecimal rate = parseParamBigDecimal(request, "rate", 4);
+                data = new DiscountCode(discountCode, rate);
+                break;
+            case "prodCode":
+                productCode = paramLength(request, "prodCode", 2);
+                discountCode = paramChar(request, "discountCode");
+                description = paramLength(request, "description", 10);
+                data = new ProductCode(productCode, discountCode, description);
+                break;
+            default:
+                mv.addObject("error", "Type not found");
+                return mv;
+        }
+       } catch (InvalidParameter e) {
+            mv.addObject("error", e.getMessage());
        }
        
        return data;
@@ -324,8 +408,16 @@ public class BddController extends MultiActionController {
      mv.addObject("type", type);
      Object data = fetchDetailsData(request, mv);
      
-       new MagasinHelper().add(data);
+       if (data != null) {
-       mv.addObject("confirm","Save completed");
+        try {
+            new MagasinHelper().add(data);
+            mv.addObject("confirm","Save completed");
+        } catch (ConstraintViolationException e) {
+            mv.addObject("error", e.getSQLException().getMessage());
+        } catch (Exception e) {
+            mv.addObject("error", e.getMessage());
+        }
+       }
        return mv;
        }
    
@@ -338,11 +430,14 @@ public class BddController extends MultiActionController {
      mv.addObject("type", type);
      Object data = fetchDetailsData(request, mv);
      
-       new MagasinHelper().update(data);
+     if (data != null) {
-       mv.addObject("confirm","Update completed");
+        try {
+            new MagasinHelper().update(data);
+            mv.addObject("confirm","Update completed");
+        } catch (Exception e) {
+            mv.addObject("error", e.getMessage());
+        }
+    }
        return mv;
    }
 }
-	
-    
-

web/WEB-INF/jsp/confirm.jsp

@@ -14,7 +14,7 @@
     <body>
         <%@include file="header.jsp" %>
         
-        <h1>${confirm} </h1>
+        <h1>${error != null ? error : confirm} </h1>
         <form action="list.htm"  method="POST">
             <input hidden type="text" name="type"  value="${type}" />
             <input type="submit" value="Afficher tous les enregistrements"  />

web/WEB-INF/jsp/detail.jsp

@@ -60,7 +60,7 @@
                         <label for="discountCode">Remise</label>
                         <select name="discountCode" id="discountCode">
                             <c:forEach items="${code}" var="dc">
-                                <option <c:if test="${dc.discountCode==result.discountCode}"> selected </c:if> value="${dc.discountCode}}">${dc.discountCode} - ${dc.rate}%</option>
+                                <option <c:if test="${dc.discountCode==result.discountCode}"> selected </c:if> value="${dc.discountCode}">${dc.discountCode} - ${dc.rate}%</option>
                             </c:forEach>
                         </select>
                     </p>
@@ -175,7 +175,7 @@
                         <label for="discountCode">Remise</label>
                         <select name="discountCode" id="discountCode">
                             <c:forEach items="${code}" var="dc">
-                                <option <c:if test="${dc.discountCode==result.discountCode}"> selected </c:if> value="${dc.discountCode}}">${dc.discountCode} - ${dc.rate}%</option>
+                                <option <c:if test="${dc.discountCode==result.discountCode}"> selected </c:if> value="${dc.discountCode}">${dc.discountCode} - ${dc.rate}%</option>
                             </c:forEach>
                         </select>
                     </p>