package servlets;

import filters.ActionValidationFilter;
import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Timestamp;
import java.util.Date;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.sql.DataSource;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpHeaders;
import org.bibsonomy.database.systemstags.SystemTagsUtil;
import org.bibsonomy.database.systemstags.search.NetworkRelationSystemTag;
import org.bibsonomy.lucene.util.LuceneBase;
import org.bibsonomy.util.ValidationUtils;
import org.bibsonomy.util.spring.security.AuthenticationUtils;

@Deprecated
/* loaded from: input_file:WEB-INF/classes/servlets/SettingsHandler.class */
public class SettingsHandler extends HttpServlet {
    private static final long serialVersionUID = 4051324539558769200L;
    private DataSource dataSource;
    private static final Log log = LogFactory.getLog(SettingsHandler.class);

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        try {
            this.dataSource = (DataSource) ((Context) new InitialContext().lookup(LuceneBase.CONTEXT_ENV_NAME)).lookup("jdbc/bibsonomy");
        } catch (NamingException e) {
            throw new ServletException("Cannot retrieve java:/comp/env/bibsonomy", e);
        }
    }

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doPost(httpServletRequest, httpServletResponse);
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        Connection connection;
        Connection connection2 = null;
        ResultSet resultSet = null;
        PreparedStatement preparedStatement = null;
        String name = AuthenticationUtils.getUser().getName();
        if (name == null) {
            httpServletResponse.sendRedirect("/login?referer=/settings");
            return;
        }
        try {
            if (!ActionValidationFilter.isValidCkey(httpServletRequest)) {
                httpServletResponse.sendRedirect("/login?referer=/settings");
                return;
            }
            try {
                synchronized (this.dataSource) {
                    if (this.dataSource == null) {
                        throw new Exception("No Datasource");
                    }
                    connection = this.dataSource.getConnection();
                }
                try {
                    connection.setAutoCommit(false);
                    String parameter = httpServletRequest.getParameter("del_friend");
                    String parameter2 = httpServletRequest.getParameter("del_relationTag");
                    String buildSystemTagString = !ValidationUtils.present(parameter2) ? NetworkRelationSystemTag.BibSonomyFriendSystemTag : SystemTagsUtil.buildSystemTagString("relation", parameter2);
                    if (parameter != null) {
                        PreparedStatement prepareStatement = connection.prepareStatement("INSERT INTO log_friends (friends_id, user_name, f_user_name, tag_name, f_network_user_id, friendship_date) SELECT * FROM friends WHERE user_name = ? AND f_user_name = ? AND tag_name = ?");
                        prepareStatement.setString(1, name);
                        prepareStatement.setString(2, parameter);
                        prepareStatement.setString(3, buildSystemTagString);
                        prepareStatement.executeUpdate();
                        preparedStatement = connection.prepareStatement("DELETE FROM friends WHERE user_name = ? AND f_user_name = ? AND tag_name = ?");
                        preparedStatement.setString(1, name);
                        preparedStatement.setString(2, parameter);
                        preparedStatement.setString(3, buildSystemTagString);
                        preparedStatement.executeUpdate();
                    }
                    String parameter3 = httpServletRequest.getParameter("add_friend");
                    String parameter4 = httpServletRequest.getParameter("add_relationTag");
                    String buildSystemTagString2 = !ValidationUtils.present(parameter4) ? NetworkRelationSystemTag.BibSonomyFriendSystemTag : SystemTagsUtil.buildSystemTagString("relation", parameter4);
                    if (parameter3 != null && !parameter3.equalsIgnoreCase(name)) {
                        preparedStatement = connection.prepareStatement("SELECT user_name FROM user WHERE user_name = ?");
                        preparedStatement.setString(1, parameter3);
                        resultSet = preparedStatement.executeQuery();
                        if (resultSet.next()) {
                            preparedStatement = connection.prepareStatement("SELECT f_user_name FROM friends WHERE user_name = ? AND f_user_name = ? AND tag_name = ?");
                            preparedStatement.setString(1, name);
                            preparedStatement.setString(2, parameter3);
                            preparedStatement.setString(3, buildSystemTagString2);
                            resultSet = preparedStatement.executeQuery();
                            if (!resultSet.next()) {
                                preparedStatement = connection.prepareStatement("INSERT INTO friends (user_name, f_user_name, tag_name, friendship_date) VALUES (?,?,?,?)");
                                preparedStatement.setString(1, name);
                                preparedStatement.setString(2, parameter3);
                                preparedStatement.setString(3, buildSystemTagString2);
                                preparedStatement.setTimestamp(4, new Timestamp(new Date().getTime()));
                                preparedStatement.executeUpdate();
                            }
                        }
                    }
                    String parameter5 = httpServletRequest.getParameter("add_group_user");
                    if (parameter5 != null) {
                        addUserToGroup(parameter5, name, preparedStatement, resultSet, connection);
                    }
                    String parameter6 = httpServletRequest.getParameter("del_group_user");
                    if (parameter6 != null && !parameter6.equalsIgnoreCase(name)) {
                        preparedStatement = connection.prepareStatement("SELECT i.group FROM groups g, groupids i WHERE g.user_name = ? AND i.group_name = ? AND g.group = i.group");
                        preparedStatement.setString(1, name);
                        preparedStatement.setString(2, name);
                        resultSet = preparedStatement.executeQuery();
                        if (resultSet.next()) {
                            int i = resultSet.getInt(1);
                            PreparedStatement prepareStatement2 = connection.prepareStatement("INSERT INTO log_groups (`user_name`, `group`, `defaultgroup`, `start_date`, `user_status`) SELECT g.user_name, g.group, g.defaultgroup, g.start_date, g.user_status FROM groups g WHERE g.user_name = ? AND g.group = ?");
                            prepareStatement2.setString(1, parameter6);
                            prepareStatement2.setInt(2, i);
                            prepareStatement2.executeUpdate();
                            PreparedStatement prepareStatement3 = connection.prepareStatement("DELETE FROM groups WHERE user_name = ? AND `group` = ?");
                            prepareStatement3.setString(1, parameter6);
                            prepareStatement3.setInt(2, i);
                            prepareStatement3.executeUpdate();
                            PreparedStatement prepareStatement4 = connection.prepareStatement("UPDATE tas b SET b.group = 1 WHERE b.user_name = ? AND b.group = ?");
                            prepareStatement4.setString(1, parameter6);
                            prepareStatement4.setInt(2, i);
                            prepareStatement4.executeUpdate();
                            PreparedStatement prepareStatement5 = connection.prepareStatement("INSERT INTO log_bibtex (content_id, `group`, user_name) SELECT content_id, `group`, user_name FROM bibtex WHERE user_name = ? AND `group` = ?");
                            prepareStatement5.setString(1, parameter6);
                            prepareStatement5.setInt(2, i);
                            prepareStatement5.executeUpdate();
                            PreparedStatement prepareStatement6 = connection.prepareStatement("UPDATE bibtex b SET b.group = 1 WHERE b.user_name = ? AND b.group = ?");
                            prepareStatement6.setString(1, parameter6);
                            prepareStatement6.setInt(2, i);
                            prepareStatement6.executeUpdate();
                            PreparedStatement prepareStatement7 = connection.prepareStatement("INSERT INTO log_bookmark (content_id, `group`, user_name) SELECT content_id, `group`, user_name FROM bookmark WHERE user_name = ? AND `group` = ?");
                            prepareStatement7.setString(1, parameter6);
                            prepareStatement7.setInt(2, i);
                            prepareStatement7.executeUpdate();
                            PreparedStatement prepareStatement8 = connection.prepareStatement("UPDATE bookmark b SET b.group = 1 WHERE b.user_name = ? AND b.group = ?");
                            prepareStatement8.setString(1, parameter6);
                            prepareStatement8.setInt(2, i);
                            prepareStatement8.executeUpdate();
                            PreparedStatement prepareStatement9 = connection.prepareStatement("INSERT INTO log_discussion (discussion_id, interHash, user_name, text, rating, date, change_date, anonymous, parent_hash, hash, type, `group`) SELECT discussion_id, interHash, user_name, text, rating, date, change_date, anonymous, parent_hash, hash, type, `group` FROM discussion WHERE user_name = ? AND `group` = ?");
                            prepareStatement9.setString(1, parameter6);
                            prepareStatement9.setInt(2, i);
                            prepareStatement9.executeUpdate();
                            preparedStatement = connection.prepareStatement("UPDATE discussion d SET d.group = 1 WHERE d.user_name = ? AND d.group = ?");
                            preparedStatement.setString(1, parameter6);
                            preparedStatement.setInt(2, i);
                            preparedStatement.executeUpdate();
                        }
                    }
                    connection.commit();
                    String header = httpServletRequest.getHeader(HttpHeaders.REFERER);
                    httpServletResponse.sendRedirect(header != null ? header : "/settings");
                } catch (SQLException e) {
                    connection.rollback();
                    log.fatal("Could not change settings for user " + name + ".", e);
                    getServletConfig().getServletContext().getRequestDispatcher("/errors/databaseError.jsp").forward(httpServletRequest, httpServletResponse);
                }
                if (resultSet != null) {
                    try {
                        resultSet.close();
                    } catch (SQLException e2) {
                    }
                }
                if (preparedStatement != null) {
                    try {
                        preparedStatement.close();
                    } catch (SQLException e3) {
                    }
                }
                if (connection != null) {
                    try {
                        connection.close();
                    } catch (SQLException e4) {
                    }
                }
            } catch (Exception e5) {
                log.fatal(e5);
                httpServletResponse.sendRedirect("/errors/databaseError.jsp");
                if (0 != 0) {
                    try {
                        resultSet.close();
                    } catch (SQLException e6) {
                    }
                }
                if (0 != 0) {
                    try {
                        preparedStatement.close();
                    } catch (SQLException e7) {
                    }
                }
                if (0 != 0) {
                    try {
                        connection2.close();
                    } catch (SQLException e8) {
                    }
                }
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    resultSet.close();
                } catch (SQLException e9) {
                }
            }
            if (0 != 0) {
                try {
                    preparedStatement.close();
                } catch (SQLException e10) {
                }
            }
            if (0 != 0) {
                try {
                    connection2.close();
                } catch (SQLException e11) {
                }
            }
            throw th;
        }
    }

    private static boolean addUserToGroup(String str, String str2, PreparedStatement preparedStatement, ResultSet resultSet, Connection connection) throws SQLException {
        if (str == null) {
            return false;
        }
        String lowerCase = str.toLowerCase();
        PreparedStatement prepareStatement = connection.prepareStatement("SELECT user_name FROM user WHERE user_name = ?");
        prepareStatement.setString(1, lowerCase);
        if (!prepareStatement.executeQuery().next()) {
            return false;
        }
        PreparedStatement prepareStatement2 = connection.prepareStatement("SELECT i.group,g.defaultgroup FROM groups g, groupids i WHERE g.user_name = ? AND i.group_name = ? AND g.group = i.group");
        prepareStatement2.setString(1, str2);
        prepareStatement2.setString(2, str2);
        ResultSet executeQuery = prepareStatement2.executeQuery();
        if (!executeQuery.next()) {
            return false;
        }
        int i = executeQuery.getInt(1);
        int i2 = executeQuery.getInt(2);
        PreparedStatement prepareStatement3 = connection.prepareStatement("SELECT g.user_name FROM groups g WHERE g.user_name = ? AND g.group = ?");
        prepareStatement3.setString(1, lowerCase);
        prepareStatement3.setInt(2, i);
        if (prepareStatement3.executeQuery().next()) {
            return false;
        }
        PreparedStatement prepareStatement4 = connection.prepareStatement("INSERT INTO groups (user_name, `group`, defaultgroup) VALUES (?,?,?)");
        prepareStatement4.setString(1, lowerCase);
        prepareStatement4.setInt(2, i);
        prepareStatement4.setInt(3, i2);
        return prepareStatement4.executeUpdate() == 1;
    }
}
