package de.knightsoft.knightsoftnet.bettingpool;

import com.sun.mail.imap.IMAPStore;
import de.knightsoft.common.AbstractVisualDb;
import de.knightsoft.common.Constants;
import de.knightsoft.common.DataBaseDepending;
import de.knightsoft.common.SendEMail;
import de.knightsoft.common.StringToHtml;
import de.knightsoft.common.TextException;
import de.knightsoft.knightsoftnet.common.KnConst;
import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:WEB-INF/classes/de/knightsoft/knightsoftnet/bettingpool/Login.class */
public class Login extends AbstractVisualDb {
    protected static final int MAX_LOGIN = 5;
    private String passwordSql;
    private String passwordSqlOld;
    private String readUserSql;
    private String updateErrorSql;
    private String updateOkSql;
    private String readUserMailSql;
    private String updateMailSql;
    private Navigation thisNavigation;

    public Login(Connection connection, String str) throws SQLException, TextException {
        super(connection, "/", str, "/pics/16x16/login.png", "Login", "Login für die Tipprunde");
        try {
            DataBaseDepending dataBaseDepending = new DataBaseDepending(connection.getMetaData().getDatabaseProductName());
            if (!dataBaseDepending.getSqlPassword("").equals("")) {
                this.passwordSql = "SELECT     " + dataBaseDepending.getSqlPassword(" ? ");
                this.passwordSqlOld = "SELECT     " + dataBaseDepending.getSqlOldPassword(" ? ");
            }
            this.readUserSql = "SELECT        passwort,                 " + dataBaseDepending.getSqlDiffFromNow("datum_fehllogin") + " AS waiting_period_run_off,                 mandator,                 spitzname,                 anzahl_fehllogin,                 stufe FROM            KnightSoft_TippMitspieler WHERE        Mandator = ? AND                 spitzname = ? ";
            this.updateErrorSql = "UPDATE        KnightSoft_TippMitspieler SET            anzahl_fehllogin = ? ,                 datum_fehllogin = " + dataBaseDepending.getSqlTimeNow() + " WHERE        Mandator = ? AND                 spitzname = ? ";
            this.updateOkSql = "UPDATE        KnightSoft_TippMitspieler SET            datum_login = " + dataBaseDepending.getSqlTimeNow() + ",                 passwort = " + dataBaseDepending.getSqlPassword("?") + ",                 anzahl_fehllogin = 0,                 datum_fehllogin = NULL WHERE        Mandator = ? AND                 spitzname = ? ";
            this.readUserMailSql = "SELECT        geschlecht,                 name,                 email FROM            KnightSoft_TippMitspieler WHERE        Mandator = ? AND                 spitzname = ? ";
            this.updateMailSql = "UPDATE        KnightSoft_TippMitspieler SET            datum_geaendert = " + dataBaseDepending.getSqlTimeNow() + ",                 passwort = " + dataBaseDepending.getSqlPassword("?") + " WHERE        Mandator = ? AND                 spitzname = ? ";
            this.thisNavigation = new Navigation(connection);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // de.knightsoft.common.AbstractVisualDb
    public String initJavaScript() throws SQLException {
        return super.initJavaScript() + "        <script type=\"text/javascript\">\n            <!--\n                PWCheck=0;\n\n                function chkLogin()\n                {\n                    if (document.forms[0].spitzname.value.length == 0)\n                    {\n                        alert(\"Bitte geben Sie Ihren bei der Registrierung angegebenen Spitznamen/ihren Benutzernamen ein\");\n                        document.forms[0].spitzname.focus();\n                        return false;\n                    }\n\n                    if (PWCheck == 1)\n                    {\n                        if (document.forms[0].passwort.value.length == 0)\n                        {\n                            alert(\"Bitte geben Sie Ihr bei der Registrierung angegebenes Passwort ein\");\n                            document.forms[0].passwort.focus();\n                            return false;\n                        }\n                    }\n\n                    return true;\n                }\n            //-->\n        </script>\n";
    }

    protected String htmlPage(HttpServletResponse httpServletResponse, String str, HttpSession httpSession, String str2, String str3, String str4) {
        String str5 = str;
        if (str5 == null) {
            str5 = "Bitte geben Sie Ihren Benutzernamen (Spitzname) und Ihr Passwort ein";
        }
        httpSession.setAttribute(this.servletName + "SelecteField_" + this.serviceName, "spitzname");
        return "            <h2>" + StringToHtml.convert(str5) + "</h2>\n            <form action=\"" + httpServletResponse.encodeURL("/Tipprunde/Login.html") + "\" method=\"POST\" enctype=\"application/x-www-form-urlencoded; charset=utf-8\" accept-charset=\"utf-8\" OnSubmit=\"return chkLogin()\">\n                <div><input type=\"hidden\" name=\"Mandator\" value=\"1\"></div>\n                <table class=\"login\">\n                    <tr>\n                        <td class=\"left\">Spitzname/Benutzer:</td>\n                        <td class=\"left\"><input type=\"Text\" name=\"spitzname\" size=\"30\" maxlength=\"50\" value=\"" + StringToHtml.convert(StringUtils.defaultString(str3)) + "\"></td>\n                    </tr>\n                    <tr>\n                        <td class=\"left\">Passwort:</td>\n                        <td class=\"left\"><input type=\"password\" name=\"passwort\" size=\"30\" maxlength=\"30\" value=\"" + StringToHtml.convert(StringUtils.defaultString(str4)) + "\"></td>\n                    </tr>\n                    <tr>\n                        <td colspan=\"2\" class=\"center\"><input type=\"submit\" name=\"Submittype\" value=\"Absenden\" onClick=\"javascript:PWCheck=1\"><input type=\"reset\" value=\"Zur&uuml;cksetzen\">&nbsp;&nbsp;&nbsp;<input type=\"submit\" name=\"Submittype\" value=\"Passwort vergessen *\" onClick=\"javascript:PWCheck=0\"></td>\n                    </tr>\n                </table>\n            </form>\n            <p class=\"anmerkung\">*) Sollten Sie Ihr Passwort vergessen haben, w&auml;hlen sie die Liga, f&uuml;r die Sie sich angemeldet haben, geben Sie Ihren Spitznamen bzw. Ihre Benutzerkennung ein und klicken Sie auf \"Passwort vergessen *\". Ein Passwort wird per Zufallsgenerator erstellt und Ihnen umgehend per E-Mail zugeschickt.</p>\n";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // de.knightsoft.common.AbstractVisualDb
    public String htmlPage(HttpServletResponse httpServletResponse, String str, HttpSession httpSession, String str2) {
        return htmlPage(httpServletResponse, str, httpSession, str2, "", "");
    }

    protected String htmlPageLogon(HttpServletResponse httpServletResponse, String str, HttpSession httpSession, String str2) {
        return "<h2>Willkommen &quot;" + StringToHtml.convert((String) httpSession.getAttribute(this.servletName + "UsernameUsername")) + "&quot; bei der KnightSoft-Net Tipprunde.</h2>";
    }

    protected boolean logonok(ResultSet resultSet, String str, String str2, HttpSession httpSession) throws TextException {
        try {
            PreparedStatement prepareStatement = this.myDataBase.prepareStatement(this.updateOkSql);
            try {
                int i = resultSet.getInt(Constants.DB_FIELD_GLOBAL_MANDATOR);
                int i2 = resultSet.getInt("stufe");
                httpSession.setAttribute(this.servletName + "UsernameUsername", resultSet.getString("spitzname"));
                httpSession.setAttribute(this.servletName + "KSFT_Stufe", Integer.valueOf(i2));
                httpSession.setAttribute(this.servletName + "KSFT_Navigation", this.thisNavigation.getNavTabStrukt(this.servletName, "xxxxxx", httpSession));
                prepareStatement.clearParameters();
                prepareStatement.setString(1, str2);
                prepareStatement.setInt(2, i);
                prepareStatement.setString(3, str);
                prepareStatement.executeUpdate();
                if (prepareStatement != null) {
                    prepareStatement.close();
                }
                return true;
            } finally {
            }
        } catch (SQLException e) {
            throw new TextException("Fehler beim Datenbankzugriff:\n" + e.toString(), e);
        }
    }

    public void doLogout(HttpSession httpSession) {
        httpSession.setAttribute(this.servletName + "UsernameUsername", (Object) null);
        httpSession.setAttribute(this.servletName + "KSFT_Stufe", 0);
        httpSession.setAttribute(this.servletName + "KSFT_Navigation", this.thisNavigation.getNavTabStrukt());
    }

    public boolean doLogon(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HttpSession httpSession) throws SQLException, TextException {
        int i = 0;
        int i2 = 0;
        String parameter = httpServletRequest.getParameter(Constants.DB_FIELD_GLOBAL_MANDATOR);
        int i3 = 1;
        String parameter2 = httpServletRequest.getParameter("spitzname");
        String parameter3 = httpServletRequest.getParameter("passwort");
        String str = parameter3;
        String str2 = parameter3;
        boolean z = false;
        if (parameter != null) {
            i3 = Integer.parseInt(parameter);
        }
        if (this.passwordSql != null && this.passwordSqlOld != null && parameter3 != null) {
            PreparedStatement prepareStatement = this.myDataBase.prepareStatement(this.passwordSql);
            try {
                PreparedStatement prepareStatement2 = this.myDataBase.prepareStatement(this.passwordSqlOld);
                try {
                    prepareStatement.clearParameters();
                    prepareStatement.setString(1, parameter3);
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    try {
                        if (executeQuery.next()) {
                            str = executeQuery.getString(1);
                        }
                        if (executeQuery != null) {
                            executeQuery.close();
                        }
                        prepareStatement2.clearParameters();
                        prepareStatement2.setString(1, parameter3);
                        executeQuery = prepareStatement2.executeQuery();
                        try {
                            if (executeQuery.next()) {
                                str2 = executeQuery.getString(1);
                            }
                            if (executeQuery != null) {
                                executeQuery.close();
                            }
                            if (prepareStatement2 != null) {
                                prepareStatement2.close();
                            }
                            if (prepareStatement != null) {
                                prepareStatement.close();
                            }
                        } finally {
                        }
                    } finally {
                    }
                } catch (Throwable th) {
                    if (prepareStatement2 != null) {
                        try {
                            prepareStatement2.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } catch (Throwable th3) {
                if (prepareStatement != null) {
                    try {
                        prepareStatement.close();
                    } catch (Throwable th4) {
                        th3.addSuppressed(th4);
                    }
                }
                throw th3;
            }
        }
        if (StringUtils.isEmpty(parameter2) || StringUtils.isEmpty(parameter3)) {
            throw new TextException("Bitte geben Sie Ihren Usernamen und Ihr Passwort ein");
        }
        PreparedStatement prepareStatement3 = this.myDataBase.prepareStatement(this.readUserSql);
        try {
            prepareStatement3.clearParameters();
            prepareStatement3.setInt(1, i3);
            prepareStatement3.setString(2, parameter2);
            ResultSet executeQuery2 = prepareStatement3.executeQuery();
            while (!z) {
                try {
                    if (!executeQuery2.next()) {
                        break;
                    }
                    i2++;
                    i = executeQuery2.getInt("anzahl_fehllogin");
                    if (i >= 5) {
                        if (executeQuery2.getInt("waiting_period_run_off") < 1) {
                            throw new TextException("Es gab heute bereits 5 Fehlversuche, versuchen Sie es morgen wieder");
                        }
                        i = 0;
                    }
                    String string = executeQuery2.getString("passwort");
                    if (str != null && string != null && (string.equalsIgnoreCase(str) || string.equalsIgnoreCase(str2))) {
                        z = logonok(executeQuery2, parameter2, parameter3, httpSession);
                    }
                } catch (Throwable th5) {
                    if (executeQuery2 != null) {
                        try {
                            executeQuery2.close();
                        } catch (Throwable th6) {
                            th5.addSuppressed(th6);
                        }
                    }
                    throw th5;
                }
            }
            if (executeQuery2 != null) {
                executeQuery2.close();
            }
            if (prepareStatement3 != null) {
                prepareStatement3.close();
            }
            if (i2 == 0) {
                throw new TextException("Die eingegebene Userkennung existiert nicht");
            }
            if (z) {
                return z;
            }
            int i4 = i + 1;
            PreparedStatement prepareStatement4 = this.myDataBase.prepareStatement(this.updateErrorSql);
            try {
                prepareStatement4.clearParameters();
                prepareStatement4.setInt(1, i4);
                prepareStatement4.setInt(2, i3);
                prepareStatement4.setString(3, parameter2);
                prepareStatement4.executeUpdate();
                if (prepareStatement4 != null) {
                    prepareStatement4.close();
                }
                if (i4 >= 5) {
                    throw new TextException("Dies war Ihr " + i4 + ". Fehlversuch, der Zugang wird bis morgen gesperrt!");
                }
                throw new TextException("Dies war Ihr " + i4 + ". Fehlversuch, nach 5 wird der Zugang für heute gesperrt, Sie haben noch " + (5 - i4) + " Versuche");
            } catch (Throwable th7) {
                if (prepareStatement4 != null) {
                    try {
                        prepareStatement4.close();
                    } catch (Throwable th8) {
                        th7.addSuppressed(th8);
                    }
                }
                throw th7;
            }
        } catch (Throwable th9) {
            if (prepareStatement3 != null) {
                try {
                    prepareStatement3.close();
                } catch (Throwable th10) {
                    th9.addSuppressed(th10);
                }
            }
            throw th9;
        }
    }

    protected String newPassword(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws SQLException, TextException, IOException {
        String parameter = httpServletRequest.getParameter(Constants.DB_FIELD_GLOBAL_MANDATOR);
        String parameter2 = httpServletRequest.getParameter("spitzname");
        int i = 1;
        if (parameter != null) {
            i = Integer.parseInt(parameter);
        }
        String str = null;
        String str2 = null;
        String str3 = null;
        PreparedStatement prepareStatement = this.myDataBase.prepareStatement(this.readUserMailSql);
        try {
            prepareStatement.clearParameters();
            prepareStatement.setInt(1, i);
            prepareStatement.setString(2, parameter2);
            ResultSet executeQuery = prepareStatement.executeQuery();
            try {
                if (executeQuery.next()) {
                    str = executeQuery.getString("geschlecht");
                    str2 = executeQuery.getString(IMAPStore.ID_NAME);
                    str3 = executeQuery.getString("email");
                }
                if (executeQuery != null) {
                    executeQuery.close();
                }
                if (prepareStatement != null) {
                    prepareStatement.close();
                }
                if (str2 == null) {
                    return "Der Benutzer/Spitzname existiert in der gewählten Liga nicht, es konnte kein neues Passwort vergeben werden!";
                }
                String generatePassword = Constants.generatePassword("KSFT");
                new SendEMail(KnConst.EMAIL_FT, Constants.ORGANISATION, str3, "Neue Passwortanforderung", ("W".equals(str) ? "Sehr geehrte Frau " : "Sehr geehrter Herr ") + str2 + ",\n\nfür Ihren Eintrag mit der Benutzerkennung bzw.\ndem Spitznamen '" + parameter2 + "' wurde ein\nneues Passwort angefordert. Unser Zufallsgenerator\nhat folgendes Passwort generiert:\n\n" + generatePassword + "\n\nBitte beachten Sie Groß- und Kleinschreibung bei\nder Eingabe. Das bisherige Passwort ist nicht mehr\ngültig!\nBei Fragen oder Problemen stehen wir Ihnen jeder-\nzeit mir Rat und Tat zur Seite.\n\nMit freundlichen Grüssen,\n\nManfred Tremmel");
                prepareStatement = this.myDataBase.prepareStatement(this.updateMailSql);
                try {
                    prepareStatement.clearParameters();
                    prepareStatement.setString(1, generatePassword);
                    prepareStatement.setInt(2, i);
                    prepareStatement.setString(3, parameter2);
                    prepareStatement.executeUpdate();
                    if (prepareStatement == null) {
                        return "Ein neues Passwort wurde Ihnen per E-Mail zugesandt!";
                    }
                    prepareStatement.close();
                    return "Ein neues Passwort wurde Ihnen per E-Mail zugesandt!";
                } finally {
                }
            } catch (Throwable th) {
                if (executeQuery != null) {
                    try {
                        executeQuery.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } finally {
        }
    }

    @Override // de.knightsoft.common.AbstractVisualDb
    public String doTheWork(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HttpSession httpSession) throws TextException {
        String htmlPage;
        String str;
        String parameter = httpServletRequest.getParameter("Submittype");
        if (parameter == null) {
            htmlPage = htmlPage(httpServletResponse, null, httpSession, parameter);
        } else if ("Logout".equals(parameter)) {
            doLogout(httpSession);
            htmlPage = htmlPage(httpServletResponse, null, httpSession, parameter);
        } else if ("Absenden".equals(parameter)) {
            String parameter2 = httpServletRequest.getParameter("spitzname");
            String parameter3 = httpServletRequest.getParameter("passwort");
            try {
                htmlPage = doLogon(httpServletRequest, httpServletResponse, httpSession) ? htmlPageLogon(httpServletResponse, null, httpSession, null) : htmlPage(httpServletResponse, "Logon fehlgeschlagen", httpSession, parameter, parameter2, parameter3);
            } catch (TextException e) {
                htmlPage = htmlPage(httpServletResponse, e.toString(), httpSession, parameter, parameter2, parameter3);
            } catch (SQLException e2) {
                htmlPage = htmlPage(httpServletResponse, "Fehler beim Datenbankzugriff:\n" + e2.toString(), httpSession, parameter, parameter2, parameter3);
            }
        } else if ("Passwort vergessen *".equals(parameter)) {
            try {
                str = newPassword(httpServletRequest, httpServletResponse);
            } catch (IOException e3) {
                str = "Fehler beim versenden der E-Mail, bitte nochmals versuchen: " + e3.toString();
            } catch (SQLException e4) {
                str = "Fehler beim Datenbankzugriff: " + e4.toString();
            }
            htmlPage = htmlPage(httpServletResponse, str, httpSession, parameter);
        } else {
            htmlPage = htmlPage(httpServletResponse, null, httpSession, parameter);
        }
        return htmlPage;
    }

    @Override // de.knightsoft.common.AbstractVisualDb
    public boolean changesNavigation(HttpSession httpSession) {
        return true;
    }

    @Override // de.knightsoft.common.AbstractVisualDb
    public boolean allowedToSee(HttpSession httpSession) {
        return true;
    }

    @Override // de.knightsoft.common.AbstractVisualDb
    public boolean allowedToChange(HttpSession httpSession) {
        return true;
    }
}
