FIX: now before to redirect to purchase page, check if the game is al…

…ready buyed

src/main/java/control/AccessControlFilter.java

@@ -33,22 +33,24 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
 		String path = httpServletRequest.getServletPath();
 		//Retrieve path from the request
 
-		//Retrieve user from the session
-		User user = (User) session.getAttribute("user");
-		//Retrieve user from the session
+		synchronized (session) {
+			//Retrieve user from the session
+			User user = (User) session.getAttribute("user");
+			//Retrieve user from the session
 
-		//Check if the access is permitted, in other case, redirect to login page or error page
-		if( checkForUserPath(path, user)) {
-			httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/Login.jsp");
-			return;
-		}
-		else if(checkForAdminPath(path, user)) {
-			httpServletResponse.sendError(405);
-			return;
-		}
-		//Check if the access is permitted, in other case, redirect to login page
+			//Check if the access is permitted, in other case, redirect to login page or error page
+			if( checkForUserPath(path, user)) {
+				httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/Login.jsp");
+				return;
+			}
+			else if(checkForAdminPath(path, user)) {
+				httpServletResponse.sendError(405);
+				return;
+			}
+			//Check if the access is permitted, in other case, redirect to login page
 
-		chain.doFilter(request, response);
+			chain.doFilter(request, response);
+		}
 	}
 
 	//Check if the user is logged(has a session)

src/main/java/control/AddPurchaseGameServlet.java

@@ -1,7 +1,6 @@
 package control;
 
 import java.io.IOException;
-import java.security.InvalidParameterException;
 import java.sql.SQLException;
 
 import javax.servlet.RequestDispatcher;
@@ -16,6 +15,8 @@
 
 import model.Purchase;
 import model.User;
+import utility.BackendException;
+import utility.InvalidParameters;
 import utility.MethodNotSupportedException;
 import model.Game;
 
@@ -39,8 +40,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response)
 
 		//Check if input are valid
 		if(! super.validParameters(request, response)) {
-			throw new InvalidParameterException("Ajajajaj");
-
+			throw new InvalidParameters();
 		}
 		//Check if input are valid
 
@@ -73,7 +73,7 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response)
 		try {
 			purchaseDAO.insert(purchase);
 		} catch (SQLException e) {
-			return;
+			throw new BackendException();
 		}
 		//Insert purchase on database
 

src/main/java/control/PurchaseRedirectServlet.java

@@ -1,16 +1,23 @@
 package control;
 
 import java.io.IOException;
+import java.sql.SQLException;
 import java.util.Arrays;
 
 import javax.servlet.RequestDispatcher;
 import javax.servlet.ServletException;
 import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.sql.DataSource;
 
+import utility.BackendException;
 import utility.InvalidParameters;
 
+import dao.PurchaseDAO;
+
+import model.User;
+
 @WebServlet("/user/PurchaseRedirectServlet")
 public class PurchaseRedirectServlet extends BaseServlet {
 	private static final long serialVersionUID = 1L;
@@ -27,11 +34,33 @@ protected void doGet(HttpServletRequest request, HttpServletResponse response) t
 		}
 		//Check if parameters are empty
 
+		//Retrieve user from the session
+		User user = (User)request.getSession().getAttribute("user");
+		//Retrieve user from the session
+
 		//Retrieve parameters from request
 		String from = request.getParameter("from");
 		String gameId = request.getParameter("gameId");
 		//Retrieve parameters from request
 
+		//Retrieve data source from the servlet context
+		DataSource ds = (DataSource)request.getServletContext().getAttribute("DataSource");
+		//Retrieve data source from the servlet context
+
+		//Check if the game is already buyed
+		PurchaseDAO purchaseDAO = new PurchaseDAO(ds);
+
+		boolean isBuyed = false;
+		try {
+			isBuyed = purchaseDAO.isBuyed(Integer.parseInt(gameId), user.getUsername());
+		} catch (NumberFormatException | SQLException e) {
+			throw new BackendException();
+		}
+
+		if(isBuyed)
+			throw new BackendException();
+		//Check if the game is already buyed
+
 		//Check if parameters are valid
 		if( ! (from.equals("personalGamePage") || from.equals("cart")) ) 
 			throw new InvalidParameters();

src/main/java/control/UpdateGameServlet.java

@@ -126,7 +126,6 @@ protected void doPost(HttpServletRequest request, HttpServletResponse response)
 		game.setId(gameId);
 		//make game DTO
 
-
 		//update game in database
 		GameDAO gameDAO = new GameDAO(dataSource);
 		try {

src/main/webapp/CSS/PersonalGamePage.css

@@ -72,12 +72,11 @@ div#description {
 
 div#description h1 {
 	height: 40px;
+	width: 100%;
 
 	margin-top: 10px;
 
 	text-align: left;
-
-	display: inline-block;
 }
 
 div#description button {
@@ -224,8 +223,6 @@ span#rightText {
 	div#description h1 {
 		display: block;
 
-		min-width: 100%;
-
 		text-align: center;
 	}
 

src/main/webapp/user/Wishlist.jsp

@@ -44,7 +44,7 @@
 			 	<%for (Game currentGame:games){ %>
 			 		<div class=gameDiv>
 			 			<p class=gameImage>
-			 				<a href='/GamingWorldShop/PersonalGamePage.jsp?gameId=<%=currentGame.getId()%>'><img src="RetrieveGameImageServlet?gameId=<%=currentGame.getId()%>&role=BANNER" alt="game logo"> </a>	
+			 				<a href='../PersonalGamePage.jsp?gameId=<%=currentGame.getId()%>'><img src="../RetrieveGameImageServlet?gameId=<%=currentGame.getId()%>&role=BANNER" alt="game logo"> </a>	
 			 			</p>
 			 			<p class=gamePrice>
 			 				<span class= price><%=currentGame.getPrice()%></span><br>