Listing 3: AddBlogEntry.java, which adds a new entry to our Weblog. /* A servlet to add a new entry to our Weblog ("blog"). The Weblog is stored in a PostgreSQL database table. */ import java.io.*; import java.text.*; import java.util.*; import javax.servlet.*; import javax.servlet.http.*; import java.sql.*; public class AddBlogEntry extends HttpServlet { // Keep the connection common to the entire instance private Connection con; // Our "init" method sets up a database connection public void init(ServletConfig config) throws ServletException { // Some private variables for logging into the database String loginJdbc = "org.postgresql.Driver"; String loginUser = "reuven"; String loginPasswd = ""; String loginUrl = "jdbc:postgresql://localhost/atf"; // Load the PostgreSQL driver try { Class.forName(loginJdbc); con = DriverManager.getConnection(loginUrl, loginUser, loginPasswd); } catch (ClassNotFoundException e) { throw new UnavailableException("Cannot load the PostgreSQL driver: " + e); } catch (SQLException e) { throw new UnavailableException("Error connecting to PostgreSQL: " + e); } } // Our "doGet" method returns an error message indicating // that only "POST" is acceptable. public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { // Set the MIME content type for the response response.setContentType("text/html"); // Get the output stream to STDOUT PrintWriter out = response.getWriter(); // Tell the user that GET isn't going to work with this servlet. out.println("\n" + "AddBlogEntry: Error\n" + "\n" + "

Sorry, but this servlet can only be invoked" + "with the POST method.

\n" + "\n"); } // This is the real workhorse for our servlet, when someone submits // information public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { // Set the MIME content type for the response response.setContentType("text/html"); // Get the output stream to STDOUT PrintWriter out = response.getWriter(); // Initialize the message that we will send to the end user String message = ""; // Get the headline, and make sure that it contains something String entry_headline = request.getParameter("entry_headline"); if ((entry_headline == null) || (entry_headline == "")) { message = message + "

You must provide a headline for the blog entry.

"; } // Get the text, and make sure that it contains something String entry_text = request.getParameter("entry_text"); if ((entry_text == null) || (entry_text == "")) { message = message + "

You must provide text for the blog entry.

"; } // If we have not produced any messages so far, we can // go ahead with the insertion if (message == "") { try { // Create our SQL statement PreparedStatement statement = con.prepareStatement( "INSERT INTO BlogEntries " + " (entry_date, entry_headline, entry_text) " + " VALUES " + " (NOW(), ?, ?)" ); // Associate a variable with the placeholder statement.setString(1, entry_headline); statement.setString(2, entry_text); // Perform the INSERT int updateCount = statement.executeUpdate(); // If we did not insert a row, indicate as such if (updateCount != 1) { // Send output to the user's browser out.println("" + "" + "AddBlogEntry: Error" + "\n" + "

Sorry, but we could not " + "insert the entry." + ""); return; } } // Catch SQL exceptions catch(SQLException e) { out.println("" + "" + "AddBlogEntry: Error" + "\n"); out.println("

SQL error in doPost: " + e.getMessage() + "

"); while ((e = e.getNextException()) != null) { out.println("

SQL error: " + e.getMessage() + "

"); } out.println(""); return; } // Catch all other exceptions catch(Exception e) { out.println("" + "" + "AddBlogEntry: Error" + "\n"); out.println("

Exception in doPost: " + e.getMessage() + "

"); out.println(""); return; } } // Send output to the user's browser out.println("" + "" + "AddBlogEntry: Success!" + "\n" + "

Your new entry was added." + ""); } }