/*
** For administrator to verify a user's information
** Class: DoVerifyUser
** Author: Yuping Zhu
** Date: 04-05-2000
*/

package ascdb.users;

// import package java.sql to use JDBC
import java.sql.*;

// import package oracle.html to generate dynamic HTML page
import oracle.html.*;

import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;

import java.util.Calendar;
import java.text.SimpleDateFormat;
import java.util.TimeZone;

import ascdb.conf;
import ascdb.users.UserValidation;


public class DoVerifyUser extends HttpServlet {

    //   private HtmlStringBuffer HTMLBuf = new HtmlStringBuffer();
     private String uid;
     private conf dbconf;
     private String me;
     private String op;
   
    //Create an HtmlBody Object
    //  private HtmlBody bd = new HtmlBody();

    // Sets various attributes of HtmlBody
    // private bd.setBackgroundColor("#ffffe6");

     public void doGet(HttpServletRequest req, HttpServletResponse res)
        throws ServletException, IOException
    {
	// Output HTML page header
        res.setContentType("text/html");
        PrintWriter out = res.getWriter();
	dbconf = new conf(req);
	uid = req.getParameter("u");
	me = req.getParameter("uid");
	op = req.getParameter("op");
	UserValidation UserV = new UserValidation();

	
	try {
	   int TabRow = UserV.Validation(req);
	   if (TabRow != 7)
	   {
	        out.println("You do not have this privillege!");
		BackMainHome();
		return;
	   }
	   out.println(HTMLFrame());
	}
	catch (ClassNotFoundException e) {
	    out.println("Can not load JDBC Driver!");
	}
	catch (SQLException e) {
	    out.println(e.getMessage());
	    return;
	}
    }

    public HtmlStringBuffer HTMLFrame()
           throws ClassNotFoundException,SQLException
    {
      HtmlStringBuffer HTMLBuf = new HtmlStringBuffer();
      HTMLBuf.appendln("<HTML>");
      HTMLBuf.appendln("<HEAD>");
      HTMLBuf.appendln("<TITLE>ASC TMD New Registrant Verification</TITLE>");
      HTMLBuf.appendln("</HEAD><BODY bgcolor='#9f3f5f'><CENTER>");
      HTMLBuf.appendln("<FONT SIZE=+8 color='white'>Administrator New Registrant Verification</FONT><P>");
      HTMLBuf.appendln("<TABLE bgcolor = 'cyan' border=1 width=100%>");
      HTMLBuf.appendln("<tr><td valign=top>" + HTMLString() + "</td><td valign=top>" + UserStatus() + "</td></tr>");
      //HTMLBuf.appendln("<tr><td valign=top>" + HTMLString() + "</td><td valign=top>hhh</td></tr>");
      //HTMLBuf.appendln("<tr><td valign=top>hhhh</td><td>" + UserStatus() + "</td></tr>");
      HTMLBuf.appendln("</TABLE></BODY>");
      return HTMLBuf;
    }

    private HtmlStringBuffer HTMLString() 
	throws ClassNotFoundException,SQLException
    {
	HtmlStringBuffer HTMLBuf = new HtmlStringBuffer();

	/*====
	HTMLBuf.appendln("<HTML>");
	HTMLBuf.appendln("<HEAD>");
	HTMLBuf.appendln("<TITLE>ASC TMD User Modification Form</TITLE>");
	====*/

	// append JavaScript
	HTMLBuf.append(JSValidation());
	//====	HTMLBuf.appendln("</HEAD>");

	/*	HTMLBuf.appendln("<FORM METHOD=\"POST\" ACTION=\"ascdb.users.UpdateVerifyUser\">");
	HTMLBuf.appendln("<INPUT TYPE=HIDDEN name=\"uid\" value=\"" + me + "\">");
	HTMLBuf.appendln("<INPUT TYPE=HIDDEN name=\"op\" value=\"0\">");	
	HTMLBuf.appendln("<INPUT TYPE=Submit name=\"submit\" value=\"Bldg Access Requested\">");
	HTMLBuf.appendln("</FORM>");
	HTMLBuf.appendln("<FORM METHOD=\"GET\" ACTION=\"http://www.npac.syr.edu\" TARGET=\"right\">");
	HTMLBuf.appendln("<INPUT TYPE=HIDDEN name=\"uid\" value=\"" + me + "\">");
	HTMLBuf.appendln("<INPUT TYPE=Submit name=\"submit\" value=\"Login Security Database\">");
	HTMLBuf.appendln("</FORM>");*/
       	HTMLBuf.append("<FORM METHOD=\"POST\" ACTION=\"ascdb.users.ApproveUser\" OnSubmit=\"return Validation(this)\">");

	// append form
       	HTMLBuf.append(UserForm());
	return HTMLBuf;
    }
	   

    private Script JSValidation() {
	//Create a JavaScript Object
	Script js = new Script("JavaScript");
	js.setCode("function Validation(form) {\n"
		 + "   if (myEmpty(form.firstname)) {\n"
		 + "      ErrorMsg(\"First Name\")\n"
		 + "      return false\n"
		 + "   }\n"

	      /*		 + "   if (! form.B_type[0].selected) {\n"
		 + "     alert(\"OK!\")\n"
                 + "     return false\n"
		 + "   }\n"*/

		 + "   if (myEmpty(form.lastname)) {\n"
		 + "      ErrorMsg(\"Last Name\")\n"
		 + "      return false\n"
		 + "   }\n"
		 + "   if (myEmpty(form.address)) {\n"
		 + "      ErrorMsg(\"Address\")\n"
		 + "      return false\n"
		 + "   }\n"
		 + "   if (myEmpty(form.city)) {\n"
		 + "      ErrorMsg(\"City\")\n"
		 + "      return false\n"
		 + "   }\n"
		 + "   if (myEmpty(form.zip)) {\n"
		 + "      ErrorMsg(\"Zip\")\n"
		 + "      return false\n"
		 + "   }\n"
		 + "   if (myEmpty(form.phone)) {\n"
		 + "      ErrorMsg(\"Phone\")\n"
		 + "      return false\n"
		 + "   }\n"
		 + "   if (myEmpty(form.email)) {\n"
		 + "      ErrorMsg(\"Email\")\n"
		 + "      return false\n"
		 + "   }\n"
		 + "   if (myEmpty(form.b_name)) {\n"
		 + "      ErrorMsg(\"Business Name\")\n"
		 + "      return false\n"
		 + "   }\n"
		 + "   if (! form.B_type[0].selected) {\n"
		 + "      if (myEmpty(form.s_f_name)) {\n"
		 + "         ErrorSponsor(\"First Name\")\n"
		 + "         return false\n"
                 + "      }\n"
                 + "      if (myEmpty(form.s_l_name)) {\n"
		 + "         ErrorSponsor(\"Last Name\")\n"
		 + "         return false\n"
                 + "      }\n"
                 + "      if (myEmpty(form.s_phone)) {\n"
		 + "         ErrorSponsor(\"Phone\")\n"
		 + "         return false\n"
                 + "      }\n"
                 + "      if (myEmpty(form.s_email)) {\n"
		 + "         ErrorSponsor(\"Email\")\n"
		 + "         return false\n"
                 + "      }\n"
                 + "   }\n" 
		 + "   return true\n\n"
		 + "}\n\n"
		 + "function myEmpty(str) {\n"
		 + "   var typein = new String(str.value)\n"
		 + "   if (typein.length == 0) return true\n"
		 + "   while(typein.charCodeAt(0) == 32)\n"
		 + "        typein = typein.substring(1)\n"
                 + "   if (typein.length == 0) return true\n"
		 + "   return false\n"
		 + "}\n\n"
		 + "function ErrorMsg(err) {\n"
		 + "   alert(\"Your \" + err + \" was blank, Please go back to the form to correct it!\")\n"
		 + "}\n\n"
                 + "function ErrorSponsor(err) {\n"
		 + "   alert(\"Since your Employment is not DoD, you must provide Sponsor Information. Sponsor's \" + err + \" was blank. Please go back to the form and correct the error.\")\n"
		 + "}\n");
	return js;
    }

    private HtmlBody UserForm() 
            	throws ClassNotFoundException,SQLException
    {
	
	   //Create an HtmlBody Object
      	   HtmlBody bd = new HtmlBody();

	   // Sets various attributes of HtmlBody
           bd.setBackgroundColor("#ffffe6");

 	   // Load the Oracle JDBC driver
	   Class.forName (dbconf.JdbcDriver);
	
	   // Connect to the database
	   Connection conn =
     		DriverManager.getConnection (dbconf.ConnectStr,dbconf.DBName,dbconf.DBPassword);

	   // Create a Statement
	   Statement stmt = conn.createStatement ();
	   Statement stmt1 = conn.createStatement ();

	   // Fetch the user's information from DB
	   ResultSet rset = stmt.executeQuery("select * from user_info where oracle_uid = '" + uid + "'");
    	
	   if ( ! rset.next())
	   {
		bd.addItem(new SimpleItem("No such User!"));
		return bd;
	   }

	  String Oldtit = rset.getString("surtitle");
	  int titfg = 0;
	  ResultSet SurtitleRset = stmt1.executeQuery("select * from domain where domain_name='SURTITLES' order by order_num asc");

	  Select Surtitle = new Select("surtitle");
	  while (SurtitleRset.next()) 
	      if (Oldtit.equals(SurtitleRset.getString("char_code"))) 
	      {
		  titfg = 1;
		  Surtitle.addOption(new Option(Oldtit,Oldtit,true));
	      }
	      else
	         Surtitle.addOption(new Option(SurtitleRset.getString("char_code")));
	  if (titfg == 0)
	      Surtitle.addOption(new Option("Surtitle*","surtit",true));
	  else
	      Surtitle.addOption(new Option("Surtitle*","surtit",false));
	  bd.addItem(Surtitle);

	  SurtitleRset.close();
    
	  bd
	      .addItem(new SimpleItem("First Name*: ").setBold())
	      .addItem(new TextField("firstname", 35, 15,rset.getString("first_nam")))
	      .addItem(new SimpleItem("Middle Name: ").setBold())
	      .addItem(new TextField("middlename", 35, 15,rset.getString("middle_nam")))
	      .addItem(new SimpleItem("Last Name*: ").setBold())
	      .addItem(new TextField("lastname", 35, 15,rset.getString("last_nam")))
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new SimpleItem("Primary Street Address*: ").setBold())
	      .addItem(new TextField("address",50,30,rset.getString("address")))
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new SimpleItem("Secondary Address: ").setBold())
	      .addItem(new TextField("address2",50,30,rset.getString("address2")))
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new SimpleItem("Room Number: ").setBold())
	      .addItem(new TextField("room",10,10,rset.getString("room_num")))
	      .addItem(new SimpleItem("Mail Stop: ").setBold())
	      .addItem(new TextField("mail", 20, 20, rset.getString("mail_stop")))
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new SimpleItem("City*: ").setBold())
	      .addItem(new TextField("city",30,30,rset.getString("city")))
	      .addItem(new SimpleItem("State*: ").setBold());

	      
	  String OldState= rset.getString("state");
	  ResultSet StateRset = stmt1.executeQuery("select * from domain where domain_name='STATES' order by expsn asc");

	  Select StateSelect = new Select("state");

	  while (StateRset.next())
	      if (OldState.equals((StateRset.getString("expsn")).trim()))
		  StateSelect.addOption(new Option(OldState,OldState,true));
	      else
	         StateSelect.addOption(new Option(StateRset.getString("expsn")));

	  bd.addItem(StateSelect);
	  StateRset.close();
	  bd
	      .addItem(new SimpleItem("Zip Code*: ").setBold())
	      .addItem(new TextField("zip", 11, 11, rset.getString("zip")))
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new SimpleItem("Country*: ").setBold());

	  String OldCountry = rset.getString("country");
	  ResultSet CRset = stmt1.executeQuery("select * from domain where domain_name='COUNTRIES' order by order_num asc");
    
	  Select CountrySelect = new Select("country");

	  while (CRset.next())
	      if (OldCountry.equals(CRset.getString("char_code")))
		  CountrySelect.addOption(new Option(CRset.getString("expsn"),CRset.getString("expsn"),true));
	      else
	          CountrySelect.addOption(new Option(CRset.getString("expsn")));
	  bd
	      .addItem(CountrySelect)
	      .addItem(SimpleItem.LineBreak);

	  CRset.close();   
	  	     
	  bd
	      .addItem(new SimpleItem("Phone*: ").setBold())
	      .addItem(new TextField("phone", 15, 15, rset.getString("phone")))
	      .addItem(new SimpleItem("Phone Extension: ").setBold())
	      .addItem(new TextField("ext", 5, 5, rset.getString("phone_ext")))
	      .addItem(new SimpleItem("Alternate Phone: ").setBold())
	      .addItem(new TextField("alt_phone", 15, 15, rset.getString("alt_phone")))
	      .addItem(new SimpleItem("FAX: ").setBold())
	      .addItem(new TextField("fax", 15, 15, rset.getString("fax")))
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new SimpleItem("Email ").setBold()) 
	      .addItem(new TextField("email", 50, 25, rset.getString("email")))
	      .addItem(new SimpleItem("    Share Email ").setBold())
	      .addItem(new SimpleItem("Yes"));

	  if ((rset.getString("share_email")).equals("Y"))
	      bd.addItem(new Radio("shared","Y",true))
		.addItem(new SimpleItem("No"))
	        .addItem(new Radio("shared","N"));
	  else
	       bd.addItem(new Radio("shared","Y"))
	         .addItem(new SimpleItem("No"))
	         .addItem(new Radio("shared","N",true));
	  bd
	      .addItem(new SimpleItem("    List Email ").setBold())
	      .addItem(new SimpleItem("Yes"));
     	      
	  if ((rset.getString("list_email")).equals("Y"))
	      bd
	        .addItem(new Radio("list","Y",true))
	        .addItem(new SimpleItem("No"))
	        .addItem(new Radio("list","N"));
	  else
	      bd
	        .addItem(new Radio("list","Y"))
	        .addItem(new SimpleItem("No"))
	        .addItem(new Radio("list","N",true)); 
	  
	  bd
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new SimpleItem("CTA ").setBold());
	      //	      .addItem(SimpleItem.LineBreak);
	  
	  ResultSet PCta = stmt1.executeQuery("select cta from student_ctas where student_uid ='" + uid + "' and type='PRIMARY'");
	  
	  String OldPCta;
	  if (PCta.next())
	      OldPCta = PCta.getString(1);
	  else 
	      OldPCta = "N/A";
	  PCta.close();
     	  
	  ResultSet CTAset = stmt1.executeQuery("select * from domain where domain_name='CTAS' order by order_num asc");
 
	  Select CTAs = new Select("cta");
	  while (CTAset.next())
	      if (((CTAset.getString("expsn")).indexOf(OldPCta)) == 0)
		  CTAs.addOption(new Option(CTAset.getString("expsn"),CTAset.getString("expsn"),true));
	      else
		  CTAs.addOption(new Option(CTAset.getString("expsn")));

	  bd
	      .addItem(CTAs)
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new SimpleItem("Other CTAs ").setBold());
	  CTAset.close(); 

	  ResultSet CTAset2 = stmt1.executeQuery("select * from domain where domain_name='CTAS' order by order_num asc");

	  Select CTAs2 = new Select("cta2",4,true);
	  Statement stmt2 = conn.createStatement();

	  while (CTAset2.next()) {
	      int fg = 0;
	      ResultSet PCtas = stmt2.executeQuery("select cta from student_ctas where student_uid ='" + uid + "' and type is NULL");
	      while(PCtas.next())
	           if  ((CTAset2.getString("expsn")).indexOf(PCtas.getString(1)) == 0)
		  {
		      fg = 1;
		      break;
	          }
	      if (fg == 1)
		  CTAs2.addOption(new Option(CTAset2.getString("expsn"),CTAset2.getString("expsn"),true));
	      else
		  CTAs2.addOption(new Option(CTAset2.getString("expsn")));
	      PCtas.close();
	  }
    
	  bd
	      .addItem(CTAs2)
	      .addItem(SimpleItem.LineBreak);
	  
	  CTAset2.close();
	  
	  bd
	      .addItem(new SimpleItem("Is user a Foreign National?  ").setBold())
	      .addItem(new SimpleItem("Yes"));
	  if ((rset.getString("fn_indctr")).equals("Y"))
	      bd
	        .addItem(new Radio("fn","Y",true))
	        .addItem(new SimpleItem("No"))
	        .addItem(new Radio("fn","N"));
	  else
	      bd
	        .addItem(new Radio("fn","Y"))
	        .addItem(new SimpleItem("No"))
	        .addItem(new Radio("fn","N",true)); 
	  
	  ResultSet CountryRset = stmt1.executeQuery("select * from domain where domain_name='COUNTRIES' order by order_num asc");
	  
	  String OldCitizen = rset.getString("citizenship");
	  bd.addItem(new SimpleItem("  Citizenship*: ").setBold());
               	  
          Select Country = new Select("citizenship");
     
	  while (CountryRset.next())
	      if (OldCitizen.equals(CountryRset.getString("expsn")))
		  Country.addOption(new Option(CountryRset.getString("expsn"),CountryRset.getString("expsn"),true));
	      else
		  Country.addOption(new Option(CountryRset.getString("expsn")));
	  bd
	      .addItem(Country)
	      .addItem(SimpleItem.LineBreak);
    
	  CountryRset.close();
	  	 	  
	  String OldNac = rset.getString("nac_type");
	      
	  bd.addItem(new SimpleItem("NAC Type  ").setBold());
	  
	  ResultSet NacSet = stmt1.executeQuery("select * from domain where domain_name='NAC TYPES' order by order_num asc");
	  Select Nac = new Select("nac_type");
	  while( NacSet.next())
	      if (OldNac.equals(NacSet.getString("char_code")))
		  Nac.addOption(new Option(NacSet.getString("char_code"),NacSet.getString("char_code"),true));
	      else
		  Nac.addOption(new Option(NacSet.getString("char_code")));
	  bd
	      .addItem(Nac);

	  NacSet.close();
	 	    
	  bd
	      .addItem(new SimpleItem("  Permit Type  ").setBold())
	      .addItem(new TextField("permit",25,15,rset.getString("permit_type")))
	      .addItem(new SimpleItem("  Permit Number  ").setBold())
	      .addItem(new TextField("p_num",20,15,rset.getString("permit_num")))
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new SimpleItem("Comments   ").setBold())
	      .addItem(new TextArea("comments", 60,3,rset.getString("user_comment")))
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new SimpleItem("Business Types  ").setBold());

	  String OldB = rset.getString("business_type");
	
	  /* debug 04-27-2000
      	  if (OldB == null)
	      bd.addItem(new SimpleItem("Ok"));
	  else
	      bd.addItem(new SimpleItem("NO"));
	  */
	  
	  ResultSet Brset = stmt1.executeQuery("select * from domain where domain_name='BUSINESS TYPES' order by order_num asc");
	  Select Business = new Select("B_type");
	  while(Brset.next())
	      if (OldB == null)
		  Business.addOption(new Option(Brset.getString("char_code")));
	      else
		  if (OldB.equals(Brset.getString("char_code")))
		      Business.addOption(new Option(Brset.getString("char_code"),Brset.getString("char_code"),true));
	  /* else
	     Business.addOption(new Option(Brset.getString("char_code")));*/
	  bd
	      .addItem(Business)
	      .addItem(new SimpleItem("Business Name ").setBold())
	      .addItem(new TextField("b_name",50,15,rset.getString("business_name")))
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new SimpleItem("User Type: ").setBold());

	  Brset.close();
	  	      	  
	  String OlduserType = rset.getString("user_type");
	  ResultSet UtypeSet = stmt1.executeQuery("select * from domain where domain_name = 'USER TYPES' order by order_num");
	  Select Utype = new Select("userType");
	  while (UtypeSet.next())
	      if (OlduserType == null)
		  Utype.addOption(new Option(UtypeSet.getString("char_code")));
	      else if (OlduserType.equals(UtypeSet.getString("char_code")))
		  Utype.addOption(new Option(UtypeSet.getString("char_code"),UtypeSet.getString("char_code"),true));
    
	  bd
	      .addItem(Utype)
	      .addItem(new SimpleItem("Organization  ").setBold())
	      .addItem(new TextField("org",60,15,rset.getString("organization")))
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new SimpleItem("Purpose  ").setBold());
	     
	      Select PurSelect = new Select("purpose");

	  /*	  PurSelect
	      .addOption(new Option("Student"))
	      .addOption(new Option("Instructor"))
	      .addOption(new Option("CTA"))
	      .addOption(new Option("Administrator"));*/
	  
	  if ((rset.getString("purpose")) == null)
	      PurSelect
		  .addOption(new Option("Student"))
		  .addOption(new Option("Instructor"))
		  .addOption(new Option("CTA"))
		  .addOption(new Option("Administrator"));
	  else
	  {    
	      if ((rset.getString("purpose")).equals("Student"))
		  PurSelect.addOption(new Option("Student","Student",true));
	      else
		  PurSelect.addOption(new Option("Student"));

	      if ((rset.getString("purpose")).equals("Instructor"))
		  PurSelect.addOption(new Option("Instructor","Instructor",true));
	      else
		  PurSelect.addOption(new Option("Instructor"));

	      if ((rset.getString("purpose")).equals("CTA"))
		  PurSelect.addOption(new Option("CTA","CTA",true));
	      else
		  PurSelect.addOption(new Option("CTA"));

	      if ((rset.getString("purpose")).equals("Administrator"))
		  PurSelect.addOption(new Option("Administrator","Administrator",true));
	      else
		  PurSelect.addOption(new Option("Administrator"));
	  }

	  bd
	      .addItem(PurSelect)
	      .addItem(new SimpleItem("Login_uid  ").setBold())
	      .addItem(new TextField("luid",30,15,rset.getString("login_uid")))
	      .addItem(new SimpleItem("Password  ").setBold())
	      .addItem(new PasswordField("passwd",30,15,rset.getString("tmd_password")))
	      .addItem(new SimpleItem("SSAN_Last4  ").setBold())
	      .addItem(new TextField("ssn",4,4,rset.getString("ssan_last4")))
	      .addItem(SimpleItem.LineBreak);
	     

	  // ResultSet Sponrset;
      	  String spon_uid = rset.getString("spons_agency_uid");
       	  //if (spon_uid.length() != 0)
       	  ResultSet Sponrset = stmt1.executeQuery("select * from users where oracle_uid='" + spon_uid + "'");
	  String slname = "";
	  String sfname = "";
	  String smname = "";
	  String sphone = "";
	  String sext = "";
	  String sfax = "";
	  String salt = "";
	  String semail = "";
	  String stitle = "";
	  
      	  if (Sponrset.next()) {
	      slname = Sponrset.getString("last_nam");
	      smname = Sponrset.getString("middle_nam");
	      sfname = Sponrset.getString("first_nam");
	      sphone = Sponrset.getString("phone");
	      sext = Sponrset.getString("phone_ext");
	      sfax = Sponrset.getString("fax");
	      semail = Sponrset.getString("email");
	      stitle = Sponrset.getString("surtitle");
	      }
	  	  
	  bd
	      .addItem(SimpleItem.Paragraph)
	      .addItem(new Image(dbconf.ImageBase + "wavy.gif").setCenter())
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new SimpleItem("Sponsor Information:").setBold().setFontColor(Color.red).setFontSize(5).setCenter())
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new Image(dbconf.ImageBase + "wavy.gif").setCenter())
	      .addItem(SimpleItem.Paragraph)
	      .addItem(new SimpleItem("Surtitle  " + stitle).setBold());

	  Select sSurtitle = new Select("stit");
	  ResultSet sSurRset = stmt1.executeQuery("select * from domain where domain_name='SURTITLES' order by order_num asc");

	  titfg = 0;
	  while(sSurRset.next())
	   if (stitle.equals(sSurRset.getString("char_code"))) 
	      {
		  titfg = 1;
		  sSurtitle.addOption(new Option(stitle,stitle,true));
	      }
	      else
	         sSurtitle.addOption(new Option(sSurRset.getString("char_code")));
	  if (titfg == 0)
	      sSurtitle.addOption(new Option("Surtitle*","surtit",true));
	  else
	      Surtitle.addOption(new Option("Surtitle*","surtit",false));
	  sSurRset.close();
	  
	  bd
	      .addItem(sSurtitle)
	      .addItem(new SimpleItem("First Name  ").setBold())
	      .addItem(new TextField("s_f_name",35,10,sfname))
	      .addItem(new SimpleItem("Middle Name  ").setBold())
	      .addItem(new TextField("s_m_name",35,10,smname))
	      .addItem(new SimpleItem("Last Name  ").setBold())
	      .addItem(new TextField("s_l_name",35,10,slname))
	      .addItem(SimpleItem.LineBreak);

	      
	      /*	      .addItem(new SimpleItem("Sponsor's Military Organization*").setBold());
	  //       	  bd.addItem(new SimpleItem(sorg));
	  
	  ResultSet orgSet = stmt1.executeQuery("select * from domain where domain_name='ORGANIZATIONS' order by order_num asc");
	  Select orgS = new Select("org");*/
	  	  	 
	  //	  while (orgSet.next())
	      /*    if (sorg.equals(orgSet.getString("char_code")))
		  orgS.addOption(new Option(orgSet.getString("char_code"),orgSet.getString("char_code"),true));
		  else*/
	  /*	  orgS.addOption(new Option(orgSet.getString("char_code")));
	  	  	  
	  bd
	      .addItem(orgS)
	      .addItem(SimpleItem.LineBreak)*/
	  
	  bd
	      .addItem(new SimpleItem("Phone  ").setBold())
	      .addItem(new TextField("s_phone",15,15,sphone))
	      .addItem(new SimpleItem("Ext: ").setBold())
	      .addItem(new TextField("s_ext",15,15,sext))
	      .addItem(new SimpleItem("Alt. Phone ").setBold())
	      .addItem(new TextField("s_alt",15,15,sphone))
	      .addItem(new SimpleItem("FAX  ").setBold())
	      .addItem(new TextField("s_fax",15,15,sfax))
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new SimpleItem("Email  ").setBold())
	      .addItem(new TextField("s_email",50,50,semail))
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new Image(dbconf.ImageBase + "wavy.gif"))
	      .addItem(SimpleItem.Paragraph);

	      
	  /*
	      .addItem(new SimpleItem("User Type: ").setBold());
	  String OlduserType = rset.getString("user_type");
	  ResultSet UtypeSet = stmt1.executeQuery("select * from domain where domain_name = 'USER TYPES' order by order_num");
	  Select Utype = new Select("userType");
	  while (UtypeSet.next())
	      if (OlduserType.equals(UtypeSet.getString("char_code")))
		  Utype.addOption(new Option(UtypeSet.getString("char_code"),UtypeSet.getString("char_code"),true));
	      else
	         Utype.addOption(new Option(UtypeSet.getString("char_code")));
    
	  bd
	      .addItem(Utype)
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new SimpleItem("Provide 4-digit number only you and the TMD administrator will know in case you forget your password and need it reset: ").setBold())
	      .addItem(SimpleItem.LineBreak)
	      .addItem(new TextField("ssn",4,4,rset.getString("ssan_last4")))
	      .addItem(SimpleItem.LineBreak)
	  */

	  /*=====

	  bd
	      .addItem(new SimpleItem("Does the uer have a valid Visit Request?").setBold())
	      .addItem(new SimpleItem("Yes").setBold())
	      .addItem(new Radio("approved","Y",false))
	      .addItem(new SimpleItem("No").setBold())
              .addItem(new Radio("approved","N",true))
	      .addItem(SimpleItem.LineBreak);
		  
	  if (! OldB.equals("GOVERNMENT ORGANIZATION"))
	      bd
		  .addItem(SimpleItem.LineBreak)
		  .addItem(new SimpleItem("Has the sponsor verified this User?").setBold())
		  .addItem(new SimpleItem("Yes").setBold())
		  .addItem(new Radio("accept","Y",false))
		  .addItem(new SimpleItem("No").setBold())
		  .addItem(new Radio("accept","N",true))
		  .addItem(SimpleItem.LineBreak);
	   

	  String QueryClassIdStr = "select class_id from class_students where student_uid ='" + uid + "' order by class_id asc";
	  String errInfo = "The Student did not register any class now!";

	  if (op.equals("2"))
	  {
	      QueryClassIdStr = "select class_id from class_instructors where instructor_uid ='" + uid + "' order by class_id asc";
	      errInfo = "The Instructor did not submit any class!";
	  }
     	  // retrieve the user's class registration info.
	  ResultSet classId = stmt1.executeQuery(QueryClassIdStr);

	  if (! classId.next())
	      bd.addItem(new SimpleItem(errInfo).setBold().setFontColor(Color.red));
	  else
	  {
	      String CId = classId.getString(1);
	      bd
	        .addItem(new SimpleItem("User " + uid + " registered the class ...").setBold().setFontColor(Color.red))
	        .addItem(SimpleItem.LineBreak);
	  
	      ResultSet classInfo = stmt1.executeQuery("select course_num, title, class_start_date, location, room, building from class_schedule where class_id = '" + CId + "'");
	      if (classInfo.next())
	        bd	  
		.addItem(new SimpleItem("Course Num:  ").setBold())
		.addItem(new SimpleItem(classInfo.getString("course_num")))
		.addItem(SimpleItem.LineBreak)
		.addItem(new SimpleItem("Title:  ").setBold())
		.addItem(new SimpleItem(classInfo.getString("title")))
		.addItem(SimpleItem.LineBreak)
		.addItem(new SimpleItem("Class Start Date:  ").setBold())
		.addItem(new SimpleItem(classInfo.getString("class_start_date")))
		.addItem(SimpleItem.LineBreak)
		.addItem(new SimpleItem("Location:  ").setBold())
		.addItem(new SimpleItem(classInfo.getString("location")))
		.addItem(SimpleItem.LineBreak)
		.addItem(new SimpleItem("Room:  ").setBold())
		.addItem(new SimpleItem(classInfo.getString("room")))
		.addItem(SimpleItem.LineBreak)
		.addItem(new SimpleItem("Building:  ").setBold())
		.addItem(new SimpleItem(classInfo.getString("building")))
		.addItem(SimpleItem.LineBreak);
	  }

	  =====*/	  
	  bd
	      .addItem(new Hidden("purpose",rset.getString("purpose")))
	      .addItem(new Hidden("op","1"))
	      .addItem(new Hidden("uid",me))
              .addItem(new Hidden("u",uid))
	      .addItem(SimpleItem.Paragraph)
	      .addItem(new Submit("submit", "Approve!").setBold())
	      .addItem(new Reset("Reset").setBold());  
	  return bd;
    }    

    private HtmlStringBuffer UserStatus()
             throws ClassNotFoundException,SQLException
    {
	HtmlStringBuffer HTMLBuf = new HtmlStringBuffer();
	HTMLBuf.append("<FORM METHOD=\"POST\" ACTION=\"ascdb.users.ApproveUser\">");
	//Create an HtmlBody Object
  	HtmlBody bd = new HtmlBody();
	// Load the Oracle JDBC driver
	Class.forName (dbconf.JdbcDriver);
	
        // Connect to the database
	Connection conn =
     	   DriverManager.getConnection (dbconf.ConnectStr,dbconf.DBName,dbconf.DBPassword);

	// Create a Statement
	Statement stmt = conn.createStatement ();
	Statement stmt1 = conn.createStatement ();

	// Get Timezone
	TimeZone tz = TimeZone.getTimeZone("EST");

      	SimpleDateFormat df
	      = new SimpleDateFormat ("MM/dd/yyyy");
	  
	df.setTimeZone(tz);

	// Fetch the user's information from DB
	ResultSet rset = stmt.executeQuery("select * from user_info where oracle_uid = '" + uid + "'");
    	
	if ( ! rset.next())
	{
	   bd.addItem(new SimpleItem("No such User!"));
	   HTMLBuf.append(bd);
	   return HTMLBuf;
	}
	
	bd
	    .addItem(new SimpleItem("Does user require a Sponsor?  ").setBold())
	    .addItem(new SimpleItem("Yes").setBold());

	if ((rset.getString("user_type").compareTo("MILITARY")) != 0)
	    bd
		.addItem(new Radio("spon","Y",true))
		.addItem(new SimpleItem("No").setBold())
		.addItem(new Radio("spon","N",false));
	else
	    bd
		.addItem(new Radio("spon","Y",false))
		.addItem(new SimpleItem("No").setBold())
		.addItem(new Radio("spon","N",true));
	
	bd
	    .addItem(SimpleItem.LineBreak)
	    .addItem(new SimpleItem("The registrant said they have NAC type: ").setBold())
	    .addItem(new SimpleItem(rset.getString("nac_type")).setBold().setFontColor(Color.red))
	    .addItem(SimpleItem.LineBreak)
	    .addItem(new SimpleItem("Is that true? (reference security db)" ).setBold())
	    .addItem(new SimpleItem("Yes").setBold())
	    .addItem(new Radio("nac","Y",true))
	    .addItem(new SimpleItem("No").setBold())
	    .addItem(new Radio("nac","N",false))
	    .addItem(SimpleItem.LineBreak)
	    .addItem(new SimpleItem("If not, what they hold?").setBold());

	String OldNac = rset.getString("nac_type");
	      
	bd.addItem(new SimpleItem("NAC Type  ").setBold());
		  
	ResultSet NacSet = stmt1.executeQuery("select * from domain where domain_name='NAC TYPES' order by order_num asc");
	Select Nac = new Select("nac_type2");
	while( NacSet.next())
	     if (OldNac.equals(NacSet.getString("char_code")))
		  Nac.addOption(new Option(NacSet.getString("char_code"),NacSet.getString("char_code"),true));
	     else
		  Nac.addOption(new Option(NacSet.getString("char_code")));
	bd
	    .addItem(Nac)
	    .addItem(SimpleItem.LineBreak)
	    .addItem(new SimpleItem("What date was this checked? ").setBold());

	if (rset.getDate("nac_check_date") != null)
	    bd.addItem(new TextField("nac_date",20,10,df.format(rset.getDate("nac_check_date"))));
	else
	    bd.addItem(new TextField("nac_date",20,10,""));

	bd
	    .addItem(SimpleItem.LineBreak)
	    .addItem(new SimpleItem("Who verified this?").setBold())
	    .addItem(new TextField("verifier",20,10,rset.getString("nac_verified")))
	    .addItem(SimpleItem.Paragraph)
	    .addItem(new SimpleItem("Current Status").setBold().setFontColor(Color.red).setCenter())
	    .addItem(SimpleItem.LineBreak)
	    .addItem(new SimpleItem("Status  ").setBold());
	
		String OldStat = rset.getString("user_status");

	ResultSet StatusSet = stmt1.executeQuery("select char_code from domain where domain_name='USER STATUSES' order by order_num");
	Select UStatus = new Select("UserStat");
	while(StatusSet.next())
	    if (OldStat.equals(StatusSet.getString(1)))
		UStatus.addOption(new Option(OldStat,OldStat,true));
	    else
		
		UStatus.addOption(new Option(StatusSet.getString(1)));
	bd
	    .addItem(UStatus)
	    .addItem(SimpleItem.LineBreak)
	    .addItem(new SimpleItem("Approved Date(mm/dd/yyyy) ").setBold());

	if (rset.getDate("approved_date") != null)
	    bd.addItem(new TextField("app_date",15,10,df.format(rset.getDate("approved_date"))));
	else
	    bd.addItem(new TextField("app_date",15,10,""));

	bd
	    .addItem(SimpleItem.LineBreak)
	    .addItem(new SimpleItem("Submitter ").setBold())
	    .addItem(new TextField("submitter",20,10,rset.getString("who_enable")))
	    .addItem(SimpleItem.Paragraph)
	    /*	    .addItem(new Hidden("op","0"))
	    .addItem(new Hidden("uid",me))
            .addItem(new Hidden("u",uid))
	    .addItem(SimpleItem.Paragraph)
	    .addItem(new Submit("submit", "Approve!").setBold())
	    .addItem(new Reset("Reset").setBold()) */
	    .addItem(new SimpleItem("Status Log").setBold().setFontColor(Color.red).setCenter())
	    .addItem(SimpleItem.LineBreak);
	
	//Creates the table with 3 columns
        DynamicTable tab = new DynamicTable(3);
	tab.setBackgroundColor (Color.cyan);
        tab.setBorderColor (Color.black);
        tab.setCellSpacing(1);
        tab.setCellPadding(2);

	int num = 1;
      	if (rset.getDate("approved_date") != null)
            num = num + 1;
	if (rset.getDate("removal_date") != null)
	    num = num + 1;
	TableRow[] rows = new TableRow[num];
        for(int i=0; i < num; i++)
            rows[i] = new TableRow();

	rows[0]
	    .addCell(new TableDataCell(new SimpleItem("Status").setBold().setCenter()))
	    .addCell(new TableDataCell(new SimpleItem("Date").setBold().setCenter()))
	    .addCell(new TableDataCell(new SimpleItem("Submitter").setBold().setCenter()));
	if (( num > 1) && (rset.getDate("approved_date") != null))
	  rows[1]
	    .addCell(new TableDataCell(new SimpleItem("Enabled").setBold().setCenter()))
	    .addCell(new TableDataCell(new SimpleItem(df.format(rset.getDate("approved_date"))).setBold().setCenter()))
	    .addCell(new TableDataCell(new SimpleItem(rset.getString("who_enable")).setBold().setCenter()));
	if (( num > 1) && (rset.getDate("removal_date") != null))
	  rows[2]
	    .addCell(new TableDataCell(new SimpleItem("Disabled").setBold().setCenter()))
	    .addCell(new TableDataCell(new SimpleItem(df.format(rset.getDate("removal_date"))).setBold().setCenter()))
	    .addCell(new TableDataCell(new SimpleItem(rset.getString("who_disable")).setBold().setCenter()));
	
	// Add new row to table
        for(int i=0; i< num; i++)
            tab.addRow(rows[i]);

        // Add the table to Html Body
        bd
	    .addItem(tab.setCenter())
	    .addItem(SimpleItem.Paragraph)
	    .addItem(new SimpleItem("Emails").setBold().setFontColor(Color.red).setCenter())
	    .addItem(SimpleItem.LineBreak)
	    .addItem(new SimpleItem("1. Registration Received  ").setBold())
	    .addItem(new Link("ascdb.admin.SendEmail?op=1&uid=" + me + "&u=" +uid, new SimpleItem("Send Now").setBold().setFontColor(Color.red)))
	    .addItem(SimpleItem.Paragraph)
	    .addItem(new SimpleItem("2. NAC/Security Clearance not on file  ").setBold())
	    .addItem(new Link("ascdb.admin.SendEmail?op=2&uid=" + me + "&u=" + uid, new SimpleItem("Send Now").setBold().setFontColor(Color.red)))
	    .addItem(SimpleItem.Paragraph)
	    .addItem(new SimpleItem("3. NAC/Security Clearance received & Registration confirmed  ").setBold())
	    .addItem(new Link("ascdb.admin.SendEmail?op=3&uid=" + me + "&u=" + uid, new SimpleItem("Send Now").setBold().setFontColor(Color.red)))
	    .addItem(SimpleItem.Paragraph)
	    .addItem(new SimpleItem("4. Sponsor Verification  ").setBold())
	    .addItem(new Link("ascdb.admin.SendEmail?op=4&uid=" + me + "&u=" + uid, new SimpleItem("Send Now").setBold().setFontColor(Color.red)))
	    .addItem(SimpleItem.Paragraph)
	    .addItem(new SimpleItem("5. Registration Confirmed  ").setBold())
	    .addItem(new Link("ascdb.admin.SendEmail?op=5&uid=" + me + "&u=" + uid, new SimpleItem("Send Now").setBold().setFontColor(Color.red)))
	    .addItem(SimpleItem.Paragraph)
	    .addItem(new SimpleItem("6. 5-day Reminder  ").setBold())
	    .addItem(new Link("ascdb.admin.SendEmail?op=6&uid=" + me + "&u=" + uid, new SimpleItem("Send Now").setBold().setFontColor(Color.red)))
	    .addItem(SimpleItem.Paragraph)
	    .addItem(new SimpleItem("Email Log").setBold().setFontColor(Color.red).setCenter())
	    .addItem(SimpleItem.LineBreak);
	
	String EmailStr = "select count(*),sent_date,sender from user_emails where oracle_uid='" + uid + "' group by sender,sent_date";
      	ResultSet EmailNumSet = stmt1.executeQuery(EmailStr);
	
	num = 1;
	while (EmailNumSet.next())
	    num = num + 1;
	
       	//Creates the table with 3 columns
        DynamicTable Mailtab = new DynamicTable(3);
	Mailtab.setBackgroundColor (Color.cyan);
        Mailtab.setBorderColor (Color.black);
        Mailtab.setCellSpacing(1);
        Mailtab.setCellPadding(2);
	
	TableRow[] rows1 = new TableRow[num];
        for(int i=0; i < num; i++)
            rows1[i] = new TableRow();

	ResultSet EmailSet = stmt1.executeQuery(EmailStr);
	rows1[0]
	    .addCell(new TableDataCell(new SimpleItem("email number").setBold().setCenter()))
	    .addCell(new TableDataCell(new SimpleItem("date").setBold().setCenter()))
	    .addCell(new TableDataCell(new SimpleItem("sender").setBold().setCenter()));
	
      	int j = 1;

	if (num > 1)
	    while (EmailSet.next())
		rows1[j++]
		    .addCell(new TableDataCell(new SimpleItem(EmailSet.getString(1))))
		    .addCell(new TableDataCell(new SimpleItem(df.format(EmailSet.getDate("sent_date"))).setBold()))
		    .addCell(new TableDataCell(new SimpleItem(EmailSet.getString("sender")).setBold()));
	// Add new row to table
        for(int i=0; i< num; i++)
            Mailtab.addRow(rows1[i]);
	// Add the table to Html Body
        bd.addItem(Mailtab.setCenter());
	HTMLBuf.append(bd);
	return HTMLBuf;
    }
	    
    private void BackHome(PrintWriter out) 
    {
       out.println("<form method=\"GET\" action=\"ascdb.pub.WelcomePage\">");
       out.println("<input type=hidden name=\"uid\" value=\"" +	me + "\">");
       out.println("<input type=submit name=\"submit\" value=\"Back Main Menu\">");
    }

    private HtmlStringBuffer BackMainHome()
    {
	HtmlStringBuffer BackMain = new HtmlStringBuffer();
	BackMain.appendln("<form method=\"GET\" action=\"ascdb.users.WelcomePage\">");
	BackMain.appendln("<input type=submit name=\"submit\" value=\"Back Main Menu\">");
       return BackMain;
    }
    
    public void doPost(HttpServletRequest req, HttpServletResponse res)
        throws ServletException, IOException
    {	doGet(req,res); }
}