package testcode;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Enumeration;

public class BasicServlet extends HttpServlet {

    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        useParameters(req);

        resp.getWriter().print("<!--" + req.getContentType() + "-->");
        resp.getWriter().print("<h1>Welcome to " + req.getServerName());

        String sqlQuery = "UPDATE sessions(last_visit) VALUES(now()) WHERE where sid = '" + req.getRequestedSessionId() + "')";
        resp.getWriter().print("<!--" + req.getQueryString() + "-->");

        String referrer = req.getHeader("Referer"); //Should have a higher priority
        if (referrer != null && referrer.startsWith("http://company.ca")) {
            req.getHeader("Host");
            req.getHeader("User-Agent");
            req.getHeader("X-Requested-With");
//            req.getHeader("X-Forwarded-For");
//            req.getHeader("X-ATT-DeviceId");
//            req.getHeader("X-Wap-Profile");
        }
    }

    private void useParameters(HttpServletRequest req) {

        String username = (String) req.getParameter("username");

        String[] roles = (String[]) req.getParameterValues("roles");

        String price = (String) req.getParameterMap().get("hidden_price_value");

        Enumeration parameters = req.getParameterNames();
        boolean isAdmin = false;
        while (parameters.hasMoreElements()) {
            if (parameters.nextElement().equals("admin_mode")) {
                isAdmin = true;
                break;
            }
        }

        System.out.println(username + roles.length + price + isAdmin); //Avoid used variable
    }
}