package ascdb.users;

import ascdb.conf;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import oracle.html.HtmlStringBuffer;

/* loaded from: input_file:ascdb/users/ChangePasswd.class */
public class ChangePasswd extends HttpServlet {
    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.setContentType("text/html");
        PrintWriter writer = httpServletResponse.getWriter();
        if (httpServletRequest.getParameter("passwd") == null) {
            writer.println(InputForm());
            return;
        }
        new conf(httpServletRequest);
        String parameter = httpServletRequest.getParameter("uid");
        String parameter2 = httpServletRequest.getParameter("passwd");
        String parameter3 = httpServletRequest.getParameter("ssan");
        String parameter4 = httpServletRequest.getParameter("passwd1");
        httpServletRequest.getParameter("passwd2");
        try {
            Class.forName(conf.JdbcDriver);
            Statement createStatement = DriverManager.getConnection(conf.ConnectStr, conf.DBName, conf.DBPassword).createStatement();
            ResultSet executeQuery = createStatement.executeQuery(new StringBuffer("select oracle_uid from user_info where oracle_uid='").append(parameter).append("' and tmd_password='").append(parameter2).append("' and ssan_last4='").append(parameter3).append("'").toString());
            writer.println("<body bgcolor=white><font size=+1>");
            if (!executeQuery.next()) {
                writer.println("Your oracle_uid, or old password, or 4-digit number is wrong!");
            } else if (createStatement.executeUpdate(new StringBuffer("update addl_users set tmd_password ='").append(parameter4).append("' where oracle_uid='").append(parameter).append("'").toString()) == 1) {
                writer.println("Your password has been changed!");
            } else {
                writer.println("Can not change your password!");
            }
            writer.println(new StringBuffer(String.valueOf(BackHome())).append("</font>").toString());
        } catch (ClassNotFoundException unused) {
            writer.println("Can not load JDBC Driver!");
        } catch (SQLException e) {
            writer.println(e.getMessage());
        }
    }

    private HtmlStringBuffer InputForm() {
        HtmlStringBuffer htmlStringBuffer = new HtmlStringBuffer();
        htmlStringBuffer.appendln("<html>");
        htmlStringBuffer.appendln("<head><title>User Change Password</title></head>");
        htmlStringBuffer.appendln("<SCRIPT Language=\"JavaScript\">");
        htmlStringBuffer.appendln("function CheckPasswd(form) {\n   if (form.uid.value == \"\") {\n       alert(\"Please input your TMD user ID!\")\n       return false\n   }\n   if (form.passwd.value == \"\") {\n      alert(\"Please input your old password!\")\n      return false\n   }\n   if (form.ssan.value == \"\") {\n      alert(\"Pleas input your 4-digit number!\")\n      return false\n   }\n   if (form.passwd1.value == \"\") {\n      alert(\"Pleas input your new password!\")\n      return false\n   }\n   if (form.passwd1.value != form.passwd2.value){\n      alert(\"Your New Password confirm is not the same as the New Password input!\")\n      return false\n   }\n   return true\n}\n");
        htmlStringBuffer.appendln("</SCRIPT>");
        htmlStringBuffer.appendln("<body bgcolor=white>");
        htmlStringBuffer.appendln("<center><font size=+5 color=red>You can change your TMD password now ...</font></center>");
        htmlStringBuffer.appendln("<form method=\"POST\" action=\"ascdb.users.ChangePasswd\" onSubmit=\"return CheckPasswd(this)\">");
        htmlStringBuffer.appendln("<font size=+1>TMD User ID:  ");
        htmlStringBuffer.appendln("<input type=text name=\"uid\" value=\"\" size=20><br>");
        htmlStringBuffer.appendln("Old Password:  ");
        htmlStringBuffer.appendln("<input type=password name=\"passwd\" value=\"\" size=30><br>");
        htmlStringBuffer.appendln("Your 4-digit Number:  ");
        htmlStringBuffer.appendln("<input type=password name=\"ssan\" value=\"\" size=4><br>");
        htmlStringBuffer.appendln("New Password:  ");
        htmlStringBuffer.appendln("<input type=password name=\"passwd1\" value=\"\" size=30><br>");
        htmlStringBuffer.appendln("New Password Confirm:  ");
        htmlStringBuffer.appendln("<input type=password name=\"passwd2\" value=\"\" size=30><br>");
        htmlStringBuffer.appendln("<input type=submit name=\"submit\" value=\"Change!\">");
        htmlStringBuffer.appendln("<input type=reset name=\"reset\" value=\"Reset\"></font>");
        htmlStringBuffer.appendln("</form></html>");
        return htmlStringBuffer;
    }

    private HtmlStringBuffer BackHome() {
        HtmlStringBuffer htmlStringBuffer = new HtmlStringBuffer();
        htmlStringBuffer.appendln("<form method=\"GET\" action=\"ascdb.pub.WelcomePage\">");
        htmlStringBuffer.appendln("<input type=submit name=\"submit\" value=\"Back Main Menu\">");
        htmlStringBuffer.appendln("</form>");
        return htmlStringBuffer;
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doGet(httpServletRequest, httpServletResponse);
    }
}
