package de.knightsoft.common;

import java.io.IOException;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:de/knightsoft/common/Login.class */
public class Login {
    protected final Connection thisDatabase;
    protected final String pathPrefix;
    protected final String servletName;
    protected final String title;
    protected final String service;
    protected String hint;
    protected final String dbTable;
    protected final String dbUserField;
    protected final String dbPasswordField;
    protected final String dbSystemField;
    protected final String dbSystem;
    protected final String dbStep;
    protected final String dbOtherFields;
    protected int step;
    protected static final int MAX_LOGIN = 5;

    public Login(String str, String str2, String str3, String str4, String str5, Connection connection) {
        this(str, str2, str3, str4, str5, connection, "KnightSoft_Berechtigungen", "user", "passwort", "system", "stufe", "");
    }

    public Login(String str, String str2, String str3, String str4, String str5, Connection connection, String str6, String str7, String str8, String str9, String str10, String str11) {
        this.pathPrefix = str2;
        this.dbTable = str6;
        this.dbUserField = str7;
        this.dbPasswordField = str8;
        this.dbSystemField = str9;
        this.dbStep = str10;
        this.servletName = str;
        this.title = str3;
        this.service = str4;
        this.dbSystem = str5;
        this.thisDatabase = connection;
        this.hint = null;
        this.dbOtherFields = str11;
    }

    protected void htmlFormular(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletOutputStream servletOutputStream, String str, String str2, String str3, String str4) throws IOException {
        servletOutputStream.println("<!DOCTYPE html>");
        servletOutputStream.println("<html><!-- " + StringToHtml.convert(this.servletName) + " -->");
        servletOutputStream.println("    <head>");
        servletOutputStream.println("        <meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">");
        servletOutputStream.println("        <meta name=\"MSSmartTagsPreventParsing\" content=\"TRUE\">");
        servletOutputStream.println("        <title>" + StringToHtml.convert(this.title) + "</title>");
        servletOutputStream.println("    </head>");
        servletOutputStream.println("    <body style=\"background: white; color: black\">");
        servletOutputStream.println("        <div style=\"text-align:center;\">");
        if (this.hint == null) {
            this.hint = this.title;
        }
        servletOutputStream.println("        <p>" + StringToHtml.convert(this.hint) + "</p>");
        servletOutputStream.println("        <p>");
        servletOutputStream.println("        <form action=\"" + httpServletResponse.encodeURL(this.pathPrefix + "servlet/" + this.servletName) + "\" method=\"POST\" enctype=\"application/x-www-form-urlencoded; charset=utf-8\" accept-charset=\"utf-8\">");
        if (this.dbStep != null) {
            servletOutputStream.println("            <p><input type=\"hidden\" name=\"" + StringToHtml.convert(this.dbStep) + "\" value=\"1\"></p>");
        }
        servletOutputStream.println("            <table style=\"margin-left:auto; margin-right:auto;\" border=\"0\">");
        servletOutputStream.println("                <tr>");
        servletOutputStream.println("                    <td style=\"text-align:left;\">Name:</td>");
        if (str == null) {
            servletOutputStream.println("                    <td style=\"text-align:left;\"><input type=\"Text\" name=\"User\" size=\"30\" maxlength=\"30\"></td>");
        } else {
            servletOutputStream.println("                    <td style=\"text-align:left;\"><input type=\"Text\" name=\"User\" size=\"30\" maxlength=\"30\" value=\"" + StringToHtml.convert(str) + "\"></td>");
        }
        servletOutputStream.println("                </tr>");
        servletOutputStream.println("                <tr>");
        servletOutputStream.println("                    <td style=\"text-align:left;\">Passwort:</td>");
        if (str2 == null) {
            servletOutputStream.println("                    <td style=\"text-align:left;\"><input type=\"password\" name=\"Password\" size=\"30\" maxlength=\"30\"></td>");
        } else {
            servletOutputStream.println("                    <td style=\"text-align:left;\"><input type=\"password\" name=\"Password\" size=\"30\" maxlength=\"30\" value=\"" + StringToHtml.convert(str2) + "\"></td>");
        }
        servletOutputStream.println("                </tr>");
        servletOutputStream.println("                <tr>");
        servletOutputStream.println("                    <td style=\"text-align:left;\">Passwort (neu):</td>");
        if (str3 == null) {
            servletOutputStream.println("                    <td style=\"text-align:left;\"><input type=\"password\" name=\"Password_new\" size=\"30\" maxlength=\"30\"></td>");
        } else {
            servletOutputStream.println("                    <td style=\"text-align:left;\"><input type=\"password\" name=\"Password_new\" size=\"30\" maxlength=\"30\" value=\"" + StringToHtml.convert(str3) + "\"></td>");
        }
        servletOutputStream.println("                </tr>");
        servletOutputStream.println("                <tr>");
        servletOutputStream.println("                    <td style=\"text-align:left;\">Passwort (neu Best&auml;tigung):</td>");
        if (str4 == null) {
            servletOutputStream.println("                    <td style=\"text-align:left;\"><input type=\"password\" name=\"Password_rep\" size=\"30\" maxlength=\"30\"></td>");
        } else {
            servletOutputStream.println("                    <td style=\"text-align:left;\"><input type=\"password\" name=\"Password_rep\" size=\"30\" maxlength=\"30\" value=\"" + StringToHtml.convert(str4) + "\"></td>");
        }
        servletOutputStream.println("                </tr>");
        servletOutputStream.println("                <tr>");
        servletOutputStream.println("                    <td colspan=\"2\" style=\"text-align:center;\"><input type=submit value=\"Absenden\"></td>");
        servletOutputStream.println("                </tr>");
        servletOutputStream.println("            </table>");
        servletOutputStream.println("            <p>Zum &Auml;ndern des Passwortes, das neue Passwort bitte in die Felder &raquo;Passwort (neu)&laquo; und &raquo;Passwort (neu Best&auml;tigung)&laquo; eingeben.</p>");
        servletOutputStream.println("        </form>");
        servletOutputStream.println("        </div>");
        servletOutputStream.println("    </body>");
        servletOutputStream.println("</html>");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String passwortaenderung(String str, String str2) throws TextException {
        String str3 = " ";
        if (StringUtils.isNotEmpty(str) && StringUtils.isNotEmpty(str2)) {
            if (!str.equals(str2)) {
                throw new TextException("Die Felder »Passwort (neu)« und »Passwort (neu Bestätigung)« wurden nicht identisch gefüllt!");
            }
            str3 = " , Passwort=password(" + StringToSql.convert(str) + ") ";
            this.hint = "Das Passwort wurde entsprechend Ihrer Vorgaben geändert";
        }
        return str3;
    }

    protected boolean loginok(ResultSet resultSet, String str, String str2, String str3, String str4, HttpSession httpSession) throws TextException {
        StringBuffer stringBuffer = new StringBuffer(128);
        stringBuffer.append("UPDATE    ").append(this.dbTable).append(' ').append("SET        datum_login=NOW(),").append("           anzahl_fehllogin=0,").append("            datum_fehllogin=NULL").append(passwortaenderung(str3, str4));
        if (this.dbSystemField == null) {
            stringBuffer.append("WHERE    ").append(this.dbUserField).append('=').append(StringToSql.convert(str));
        } else {
            stringBuffer.append("WHERE    ").append(this.dbSystemField).append('=').append(StringToSql.convert(this.dbSystem)).append(" AND    ").append(this.dbUserField).append('=').append(StringToSql.convert(str));
        }
        try {
            this.thisDatabase.createStatement().executeUpdate(stringBuffer.toString());
            return true;
        } catch (SQLException e) {
            throw new TextException("Fehler beim Datenbankzugriff: " + e.toString() + "\n\nSQL-String:\n" + stringBuffer, e);
        }
    }

    public boolean process(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletOutputStream servletOutputStream, HttpSession httpSession) throws IOException {
        int i = 0;
        int i2 = 0;
        String parameter = httpServletRequest.getParameter("User");
        String checkPassword = checkPassword(httpServletRequest.getParameter("Password"));
        String parameter2 = httpServletRequest.getParameter("Password_new");
        String parameter3 = httpServletRequest.getParameter("Password_rep");
        StringBuffer stringBuffer = new StringBuffer(512);
        boolean z = false;
        this.hint = null;
        this.step = 0;
        try {
        } catch (TextException e) {
            this.hint = e.toString();
            htmlFormular(httpServletRequest, httpServletResponse, servletOutputStream, parameter, checkPassword, parameter2, parameter3);
        } catch (SQLException e2) {
            this.hint = "Fehler beim Datenbankzugriff: " + e2.toString() + "\n\nSQL-String:\n" + stringBuffer;
            htmlFormular(httpServletRequest, httpServletResponse, servletOutputStream, parameter, checkPassword, parameter2, parameter3);
        }
        if (StringUtils.isEmpty(parameter) || StringUtils.isEmpty(checkPassword)) {
            throw new TextException("Bitte geben Sie Ihren Benutzernamen und Ihr Passwort ein");
        }
        stringBuffer.append("SELECT    IF (PASSWORD(").append(StringToSql.convert(checkPassword)).append(") = ").append(this.dbPasswordField).append(',').append("                    'J',").append("                    'N'").append("                ) AS berechtigt, ").append("            IF (    TO_DAYS(NOW()) - TO_DAYS(datum_fehllogin) >= 1,").append("                    'J',").append("                    'N'").append("                ) AS sperrfrist_abgelaufen, ").append("            anzahl_fehllogin");
        if (this.dbOtherFields != null) {
            stringBuffer.append(this.dbOtherFields);
        }
        if (this.dbStep != null) {
            stringBuffer.append(", ").append(this.dbStep);
        }
        stringBuffer.append(" FROM        ").append(this.dbTable).append(' ');
        if (this.dbSystemField == null) {
            stringBuffer.append("WHERE    ").append(this.dbUserField).append('=').append(StringToSql.convert(parameter));
        } else {
            stringBuffer.append("WHERE    ").append(this.dbSystemField).append('=').append(StringToSql.convert(this.dbSystem)).append(" AND        ").append(this.dbUserField).append('=').append(StringToSql.convert(parameter));
        }
        ResultSet executeQuery = this.thisDatabase.createStatement().executeQuery(stringBuffer.toString());
        while (!z) {
            try {
                if (!executeQuery.next()) {
                    break;
                }
                i2++;
                i = executeQuery.getInt("anzahl_fehllogin");
                if (i >= MAX_LOGIN) {
                    if (executeQuery.getString("sperrfrist_abgelaufen").equals("N")) {
                        throw new TextException("Es gab heute bereits 5 Fehlversuche, versuchen Sie es morgen wieder");
                    }
                    i = 0;
                }
                if (executeQuery.getString("berechtigt").equals("J")) {
                    this.step = executeQuery.getInt(this.dbStep);
                    z = loginok(executeQuery, parameter, checkPassword, parameter2, parameter3, httpSession);
                    if (z) {
                        httpSession.setAttribute(this.servletName + "Mandator", 1);
                        httpSession.setAttribute(this.servletName + "UsernameUsername", parameter);
                    }
                }
            } catch (Throwable th) {
                if (executeQuery != null) {
                    try {
                        executeQuery.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
        if (executeQuery != null) {
            executeQuery.close();
        }
        if (i2 == 0) {
            throw new TextException("Die eingegebene Benutzerkennung existiert nicht");
        }
        if (z) {
            return z;
        }
        int i3 = i + 1;
        stringBuffer.delete(0, stringBuffer.length());
        stringBuffer.append("UPDATE    ").append(this.dbTable).append(' ').append("SET        anzahl_fehllogin=").append(i3).append(',').append("            datum_fehllogin=NOW() ");
        if (this.dbSystemField == null) {
            stringBuffer.append("WHERE    ").append(this.dbUserField).append('=').append(StringToSql.convert(parameter));
        } else {
            stringBuffer.append("WHERE    ").append(this.dbSystemField).append('=').append(StringToSql.convert(this.dbSystem)).append(" AND        ").append(this.dbUserField).append('=').append(StringToSql.convert(parameter));
        }
        this.thisDatabase.createStatement().executeUpdate(stringBuffer.toString());
        if (i3 >= MAX_LOGIN) {
            throw new TextException("Dies war Ihr " + i3 + " Fehlversuch, der Zugang wird bis morgen gesperrt!");
        }
        throw new TextException("Dies war Ihr " + i3 + " Fehlversuch, nach 5 wird der Zugang für heute gesperrt, Sie haben noch " + (MAX_LOGIN - i3) + " Versuche");
    }

    public void processLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServletOutputStream servletOutputStream) throws IOException {
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            session.invalidate();
        }
        htmlFormular(httpServletRequest, httpServletResponse, servletOutputStream, null, null, null, null);
    }

    public String checkPassword(String str) {
        return str;
    }

    public int getStep() {
        return this.step;
    }

    public String getHint() {
        return this.hint;
    }
}
