-3

We recently made a J2EE project in our class which required 58 different webpages. But a lot of them were redundant in my opinion. How? Let me give you a simple example. After the "login" page, where both the admin and a common user logs in, one is redirected to a common page, where there are several buttons. Some buttons are common for a user and the admin, but an admin can see some extra buttons in that very same page. So what we did- we made first the common part of the page and then made another page copy-pasting the code for the common page and then added some extra buttons for admins privileges. So after confirming a user, we redirected him to the common page, again if the user is confirmed as the admin, we redirected him to the extra buttons added page.

I personally feel this approach is redundant. We should have made a single page for admin view and then should have made arrangements so that if the user is confirmed to be an admin, he can see everything, but if he is confirmed to be a user, the extra buttons would hide automatically. Is htere a way to do so in HTML pages? Along with HTML, we used a little CSS and Javascript (Alert etc.)

Mistu4u
  • 5,132
  • 15
  • 53
  • 91
  • HTML? Not JSP, like most Java EE apps? In which case normal JSTL or Spring Security-like tags provide such "do this when user has this role" stuff out-of-the-box? Not even using dynamic includes/basic JSP templating? Or more-featured solution like Tiles, SiteMesh, etc? You're asking this question at the wrong time. – Dave Newton Oct 07 '13 at 17:07
  • You want to control this on your back-end (server side). For example, with PHP, use a `includes` statement to add the button, based upon a conditional evaluation of the user's login information. – Sablefoste Oct 07 '13 at 17:09
  • @DaveNewton, Actually the pages are JSP, but tags are all HTML. – Mistu4u Oct 07 '13 at 17:10
  • @SableFoste, Well, in that case, I want to know how I can do that in J2EE. – Mistu4u Oct 07 '13 at 17:11
  • The pages are JSP, but the tags are all HTML? Then why use JSP? You're not using scriptlets, I hope??? Also note that if this is all done on the client side then they'll still be able to access the JS and HTML. Note you'd need to confirm authorization on the server side *anyway*, but still, why leak information like this? – Dave Newton Oct 07 '13 at 17:13

2 Answers2

0

For common pieces of HTML, you can:

  1. Use Templates
  2. Use hidden sections of HTML that you make visible upon demand
  3. Use Dynamically loaded HTML (loaded upon demand from a common source via javascript)
  4. Use popup HTML windows (not generally recommended)
  5. Use server-side includes to include a common section in many pages

There are many different choices that don't involve copying the same HTML across many different pages and which to select depends upon the particular circumstances and, in some cases, which tools you are using and what their capabilities make simple.

jfriend00
  • 683,504
  • 96
  • 985
  • 979
  • Please can you provide some examples in each case. – Mistu4u Oct 07 '13 at 17:13
  • I don't know a lot about HTML. Can you at least provide me with some link? – Mistu4u Oct 07 '13 at 17:13
  • @Mistu4u - You probably want to have a common page design that you use a conditional server-side include based on whether a cookie confirms that user is logged in as an admin. I'd suggest you read the first answer here and the associated reference in that answer to get you started in the right direction: http://stackoverflow.com/questions/14580120/whats-the-difference-between-including-files-with-jsp-include-directive-jsp-in – jfriend00 Oct 07 '13 at 17:28
0

You can check if a user is Admin or not. Then you can use Javascript to change the display-value to hidden on the buttons, the user shouldent be able to see. An example

<input type="button" value="3" name="3" id="button_3" display="inline">

if(!admin) /* However you wanna chek if he is admin or not */
{
document.getElementById("button_3").display = "none";
}
Ensis
  • 1
  • 1