The Data Tier
Listing 12.16 shows the data tier for Emailaholic. This data tier can gener-
ate a list of products in response to GET requests. It also accepts orders sent
with POST requests. For security purposes, the database username and
password must be provided.
Listing 12.16: XMLServer.java
package com.psol.xcommerce;
import java.io.*;
import java.sql.*;
import java.text.*;
import org.w3c.dom.*;
import javax.servlet.*;
import javax.servlet.http.*;
/**
* XMLServer returns database records in XML.
*
* @version Dec 23, 1999
* @author Benoît Marchal <bmarchal@pineapplesoft.com>
*/
public class XMLServer
extends HttpServlet
{
/**
* currency formater for numbers
*/
protected NumberFormat formatter =
NumberFormat.getCurrencyInstance();
/**
* process GET request
* @param request HTTP request
* @param response hold the response
* @exception ServletException error processing the request
* @exception IOException error writing the result
429
The Data Tier
EXAMPLE
continues
*/
protected void doGet(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException
{
response.setContentType(“application/xml”);
Writer writer = response.getWriter();
String sqlDriver = getInitParameter(“sql.driver”),
sqlURL = getInitParameter(“sql.url”),
sqlUser = getInitParameter(“sql.user”),
sqlPassword = getInitParameter(“sql.password”),
merchant = getInitParameter(“merchant”);
writer.write(“<?xml version=\”1.0\”?>”);
writer.write(“<products merchant=\””);
writer.write(merchant);
writer.write(“\”>”);
try
{
Class.forName(sqlDriver);
Connection connection =
DriverManager.getConnection(sqlURL,
sqlUser,
sqlPassword);
try
{
Statement stmt = connection.createStatement();
try
{
ResultSet rs =
stmt.executeQuery(“select id, name, “ +
“manufacturer, img, warranty, “ +
“description, price from products”);
while(rs.next())
{
writer.write(“<product id=\””);
writer.write(String.valueOf(rs.getInt(1)));
writer.write(“\” xmlns:em=\”http://www.emailaholic”);
430
Chapter 12: Putting It All Together: An e-Commerce Example
Listing 12.16: continued
writer.write(“.com/xt/1.0\”><name>”);
writer.write(rs.getString(2));
writer.write(“</name><em:manufacturer>”);
writer.write(rs.getString(3));
writer.write(“</em:manufacturer><em:image>”);
writer.write(rs.getString(4));
writer.write(“</em:image><em:warranty>”);
writer.write(rs.getString(5));
writer.write(“</em:warranty><description>”);
writer.write(rs.getString(6));
writer.write(“</description><price>”);
writer.write(formatter.format(rs.getDouble(7)));
writer.write(“</price></product>”);
}
}
finally
{
stmt.close();
}
}
finally
{
connection.close();
}
}
catch(ClassNotFoundException e)
{
throw new ServletException(e);
}
catch(SQLException e)
{
throw new ServletException(e);
}
writer.write(“</products>”);
writer.flush();
}
431
The Data Tier
continues
/**
* process POST request
* @param request HTTP request
* @param response hold the response
* @exception ServletException error processing the request
* @exception IOException error writing the result
*/
protected void doPost(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException
{
// there is no error checking at all
// if incorrect, throws an exception:
// it goes to a computer so it’s for technicians anyway
String sqlDriver = getInitParameter(“sql.driver”),
sqlURL = getInitParameter(“sql.url”),
sqlUser = request.getParameter(“user”),
sqlPassword = request.getParameter(“password”),
xmlData = request.getParameter(“xmldata”);
Reader reader = new StringReader(xmlData);
Document orderDocument = XMLUtil.parse(reader);
Element orderElement = orderDocument.getDocumentElement(),
buyerElement =
XMLUtil.extractFirst(orderElement,”buyer”),
productElement =
XMLUtil.extractFirst(orderElement,”product”);
String name = buyerElement.getAttribute(“name”),
street = buyerElement.getAttribute(“street”),
region = buyerElement.getAttribute(“region”),
postal_code =
buyerElement.getAttribute(“postal-code”),
locality = buyerElement.getAttribute(“locality”),
country = buyerElement.getAttribute(“country”),
email = buyerElement.getAttribute(“email”),
productid = productElement.getAttribute(“id”),
productname = productElement.getAttribute(“name”),
432
Chapter 12: Putting It All Together: An e-Commerce Example
Listing 12.16: continued
productprice = productElement.getAttribute(“price”),
productquantity =
productElement.getAttribute(“quantity”);
try
{
Class.forName(sqlDriver);
Connection connection =
DriverManager.getConnection(sqlURL,
sqlUser,
sqlPassword);
try
{
PreparedStatement stmt =
connection.prepareStatement(
“insert into orders (name,street,region,” +
“postal_code,locality,country,email,” +
“productid,productname,productprice,” +
“productquantity) “ +
“values(?,?,?,?,?,?,?,?,?,?,?)”);
try
{
stmt.setString(1,name);
stmt.setString(2,street);
stmt.setString(3,region);
stmt.setString(4,postal_code);
stmt.setString(5,locality);
stmt.setString(6,country);
stmt.setString(7,email);
stmt.setString(8,productid);
stmt.setString(9,productname);
stmt.setDouble(10,
formatter.parse(productprice).doubleValue());
stmt.setString(11,productquantity);
stmt.executeUpdate();
connection.commit();
433
The Data Tier
continues

Get XML by Example now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.