The Data Tier
Listing 12.16 shows the data tier for Emailaholic. This data tier can gener-
ate a list of products in response to GET requests. It also accepts orders sent
with POST requests. For security purposes, the database username and
password must be provided.
Listing 12.16: XMLServer.java
package com.psol.xcommerce;
import java.io.*;
import java.sql.*;
import java.text.*;
import org.w3c.dom.*;
import javax.servlet.*;
import javax.servlet.http.*;
/**
* XMLServer returns database records in XML.
*
* @version Dec 23, 1999
* @author Benoît Marchal <bmarchal@pineapplesoft.com>
*/
public class XMLServer
extends HttpServlet
{
/**
* currency formater for numbers
*/
protected NumberFormat formatter =
NumberFormat.getCurrencyInstance();
/**
* process GET request
* @param request HTTP request
* @param response hold the response
* @exception ServletException error processing the request
* @exception IOException error writing the result
429
The Data Tier
EXAMPLE
continues
*/
protected void doGet(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException
{
response.setContentType(“application/xml”);
Writer writer = response.getWriter();
String sqlDriver = getInitParameter(“sql.driver”),
sqlURL = getInitParameter(“sql.url”),
sqlUser = getInitParameter(“sql.user”),
sqlPassword = getInitParameter(“sql.password”),
merchant = getInitParameter(“merchant”);
writer.write(“<?xml version=\”1.0\”?>”);
writer.write(“<products merchant=\””);
writer.write(merchant);
writer.write(“\”>”);
try
{
Class.forName(sqlDriver);
Connection connection =
DriverManager.getConnection(sqlURL,
sqlUser,
sqlPassword);
try
{
Statement stmt = connection.createStatement();
try
{
ResultSet rs =
stmt.executeQuery(“select id, name, “ +
“manufacturer, img, warranty, “ +
“description, price from products”);
while(rs.next())
{
writer.write(“<product id=\””);
writer.write(String.valueOf(rs.getInt(1)));
writer.write(“\” xmlns:em=\”http://www.emailaholic”);
430
Chapter 12: Putting It All Together: An e-Commerce Example
Listing 12.16: continued
writer.write(“.com/xt/1.0\”><name>”);
writer.write(rs.getString(2));
writer.write(“</name><em:manufacturer>”);
writer.write(rs.getString(3));
writer.write(“</em:manufacturer><em:image>”);
writer.write(rs.getString(4));
writer.write(“</em:image><em:warranty>”);
writer.write(rs.getString(5));
writer.write(“</em:warranty><description>”);
writer.write(rs.getString(6));
writer.write(“</description><price>”);
writer.write(formatter.format(rs.getDouble(7)));
writer.write(“</price></product>”);
}
}
finally
{
stmt.close();
}
}
finally
{
connection.close();
}
}
catch(ClassNotFoundException e)
{
throw new ServletException(e);
}
catch(SQLException e)
{
throw new ServletException(e);
}
writer.write(“</products>”);
writer.flush();
}
431
The Data Tier
continues
/**
* process POST request
* @param request HTTP request
* @param response hold the response
* @exception ServletException error processing the request
* @exception IOException error writing the result
*/
protected void doPost(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException
{
// there is no error checking at all
// if incorrect, throws an exception:
// it goes to a computer so it’s for technicians anyway
String sqlDriver = getInitParameter(“sql.driver”),
sqlURL = getInitParameter(“sql.url”),
sqlUser = request.getParameter(“user”),
sqlPassword = request.getParameter(“password”),
xmlData = request.getParameter(“xmldata”);
Reader reader = new StringReader(xmlData);
Document orderDocument = XMLUtil.parse(reader);
Element orderElement = orderDocument.getDocumentElement(),
buyerElement =
XMLUtil.extractFirst(orderElement,”buyer”),
productElement =
XMLUtil.extractFirst(orderElement,”product”);
String name = buyerElement.getAttribute(“name”),
street = buyerElement.getAttribute(“street”),
region = buyerElement.getAttribute(“region”),
postal_code =
buyerElement.getAttribute(“postal-code”),
locality = buyerElement.getAttribute(“locality”),
country = buyerElement.getAttribute(“country”),
email = buyerElement.getAttribute(“email”),
productid = productElement.getAttribute(“id”),
productname = productElement.getAttribute(“name”),
432
Chapter 12: Putting It All Together: An e-Commerce Example
Listing 12.16: continued
productprice = productElement.getAttribute(“price”),
productquantity =
productElement.getAttribute(“quantity”);
try
{
Class.forName(sqlDriver);
Connection connection =
DriverManager.getConnection(sqlURL,
sqlUser,
sqlPassword);
try
{
PreparedStatement stmt =
connection.prepareStatement(
“insert into orders (name,street,region,” +
“postal_code,locality,country,email,” +
“productid,productname,productprice,” +
“productquantity) “ +
“values(?,?,?,?,?,?,?,?,?,?,?)”);
try
{
stmt.setString(1,name);
stmt.setString(2,street);
stmt.setString(3,region);
stmt.setString(4,postal_code);
stmt.setString(5,locality);
stmt.setString(6,country);
stmt.setString(7,email);
stmt.setString(8,productid);
stmt.setString(9,productname);
stmt.setDouble(10,
formatter.parse(productprice).doubleValue());
stmt.setString(11,productquantity);
stmt.executeUpdate();
connection.commit();
433
The Data Tier
continues

Get XML by Example now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.