Review

finding-14

/mubench/checkouts/chensun/cf23b99/build/CS5430/src/server/SocialNetworkPosts.java

viewPostList(String, String, String, boolean)

class SocialNetworkPosts {
	public static String viewPostList(String username, String boardName, String regionName, boolean isGoTo) {
		if (boardName == null || (!("freeforall").equals(boardName) && regionName == null)) {
			return "Invalid Call to Function";
		}
		String bname = boardName.trim().toLowerCase();
		Connection dbconn = DBManager.getConnection();
		if (bname.equals("freeforall")) { //regionName might be null
			String msg = SocialNetworkDatabasePosts.getPostListFreeForAll(dbconn, username);
			DBManager.closeConnection(dbconn);
			return msg;
		}
		//regionName is NOT null
		String rname = regionName.trim().toLowerCase();
		Boolean boardExists = SocialNetworkBoards.boardExists(bname);
		if (boardExists == null) {
			return "print Error: Database error while verifying existence of board. " +
					"If the problem persists, contact an admin.";
		}
		else if (boardExists.booleanValue()) {
			Boolean regionExists = SocialNetworkRegions.regionExists(bname, rname);
			if (regionExists == null) {
				return "print Error: Database error while verifying existence of region. " +
						"If the problem persists, contact an admin.";
			}
			else if (regionExists.booleanValue()) {
				//AUTHORIZATION CHECK
				if (isGoTo) {
					Boolean authorized = SocialNetworkDatabaseRegions.authorizedGoToRegion(dbconn, username, boardName, regionName);
					if (authorized == null) {
						return "print Error: Database error while checking authorization. If the problem persists, contact an admin.";
					}
					else if (!authorized.booleanValue()) {
						return "print Error: Cannot view this region.";
					}
				}
				String msg = SocialNetworkDatabasePosts.getPostList(dbconn, username,
						bname, rname);
				DBManager.closeConnection(dbconn);
				return msg;
			}
			else {
				return "print Error: Cannot view this region.";
			}
		}
		else {
			return "print Error: Board does not exist. Refresh. " +
			"If the problem persists, contact an admin.";
		}
	}

}