You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
40 lines
1.9 KiB
40 lines
1.9 KiB
package WeChat;
|
|
|
|
import javax.servlet.ServletException;
|
|
import javax.servlet.annotation.WebServlet;
|
|
import javax.servlet.http.HttpServlet;
|
|
import javax.servlet.http.HttpServletRequest;
|
|
import javax.servlet.http.HttpServletResponse;
|
|
import java.io.IOException;
|
|
import java.util.HashMap;
|
|
|
|
// 检查该用户的订单
|
|
@WebServlet(name = "CheckOrders", urlPatterns = {"/CheckOrders.do"}, loadOnStartup = 2)
|
|
public class CheckOrders extends HttpServlet {
|
|
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
|
|
if(Authentication.islegal(request)){
|
|
String UserID = request.getParameter("UserID");
|
|
String Statuetype = request.getParameter("status");
|
|
// 防止sql注入
|
|
if(UserID != null && sqlfilter.islegal(UserID)) {
|
|
String sql = "select MessageID,Book.BookID,UserName,BookName,'tel-phone',Address from User join Ordered on User.UserID = Ordered.UserID join Address on " +
|
|
"Address.UserId = Ordered.UserID and Address.MessageID = Ordered.MessageID join Book on Ordered.BookID = Book.BookID where User.UserID = " +
|
|
UserID;
|
|
if(Statuetype !=null && sqlfilter.isright(Statuetype)) sql += " and Status like '" + Statuetype + "%'";
|
|
HashMap<String,String> names = new HashMap<>();
|
|
names.put("UserName","UserName");
|
|
names.put("BookName","BookName");
|
|
names.put("tel-phone","tel-phone");
|
|
names.put("Address","Address");
|
|
names.put("BookID","BookID");
|
|
names.put("MessageID","MessageID");
|
|
GetJson.Getinfo(request,response,sql,names);
|
|
}
|
|
}
|
|
}
|
|
|
|
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
|
|
doPost(request, response);
|
|
}
|
|
}
|