This method returns the address of a module based on the module identifier submitted. If user has not accessed this level before, they are put down as starting the level at this time. If the level is a client side attack, or other issues that cannot be abused to return a result key (like XSS, CSRF o
(String ApplicationRoot, String moduleId, String userId)
| 1043 | * @return The module address |
| 1044 | */ |
| 1045 | public static String getModuleAddress (String ApplicationRoot, String moduleId, String userId) |
| 1046 | { |
| 1047 | log.debug("*** Getter.getModuleAddress ***"); |
| 1048 | String output = new String(); |
| 1049 | String type = new String(); |
| 1050 | Connection conn = Database.getCoreConnection(ApplicationRoot); |
| 1051 | try |
| 1052 | { |
| 1053 | CallableStatement callstmt = conn.prepareCall("call moduleGetHash(?, ?)"); |
| 1054 | callstmt.setString(1, moduleId); |
| 1055 | callstmt.setString(2, userId); |
| 1056 | log.debug("Gathering moduleGetHash ResultSet"); |
| 1057 | ResultSet modules = callstmt.executeQuery(); |
| 1058 | log.debug("Opening Result Set from moduleGetHash"); |
| 1059 | modules.next(); //Exception thrown if no hash was found |
| 1060 | //Set Type. Used to ensure the URL points at the correct directory |
| 1061 | if(modules.getString(3).equalsIgnoreCase("challenge")) |
| 1062 | { |
| 1063 | type = "challenges"; |
| 1064 | } |
| 1065 | else |
| 1066 | { |
| 1067 | type = "lessons"; |
| 1068 | } |
| 1069 | output = type + "/" + modules.getString(1) + ".jsp"; |
| 1070 | } |
| 1071 | catch(Exception e) |
| 1072 | { |
| 1073 | log.error("Module Hash Retrieval: " + e.toString()); |
| 1074 | log.error("moduleID = " + moduleId); |
| 1075 | log.error("userID = " + userId); |
| 1076 | } |
| 1077 | Database.closeConnection(conn); |
| 1078 | log.debug("*** END getModuleAddress() ***"); |
| 1079 | return output; |
| 1080 | } |
| 1081 | |
| 1082 | /** |
| 1083 | * Retrieves the module category based on the moduleId submitted |