package com.lemon.lifecenter.controller; import java.lang.reflect.Field; import java.util.ArrayList; import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.json.JSONObject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.transaction.annotation.Propagation; import org.springframework.transaction.annotation.Transactional; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.servlet.ModelAndView; import com.lemon.lifecenter.common.LifeCenterConfigVO; import com.lemon.lifecenter.common.LifeCenterController; import com.lemon.lifecenter.common.LifeCenterFunction; import com.lemon.lifecenter.common.LifeCenterPaging; import com.lemon.lifecenter.common.LifeCenterSessionController; import com.lemon.lifecenter.dto.CenterInfoDTO; import com.lemon.lifecenter.dto.GroupListDTO; import com.lemon.lifecenter.dto.LoginDTO; import com.lemon.lifecenter.dto.PrivateLogDTO; import com.lemon.lifecenter.dto.StaffDTO; import com.lemon.lifecenter.service.CenterService; import com.lemon.lifecenter.service.GroupListService; import com.lemon.lifecenter.service.LoginService; import com.lemon.lifecenter.service.PrivateLogService; import com.lemon.lifecenter.service.StaffService; // 의료진관리 contorller @Controller @RequestMapping("/staff") public class StaffController extends LifeCenterController { private final Logger logger = LoggerFactory.getLogger(this.getClass()); private LifeCenterPaging paging; @Autowired private LoginService loginService; @Autowired private StaffService memberService; @Autowired private LifeCenterConfigVO config; @Autowired private GroupListService groupListService; @Autowired private CenterService centerService; @Autowired private PrivateLogService privateLogService; @RequestMapping("/new") public ModelAndView staffNew( HttpServletRequest request,HttpServletResponse response ) throws Exception { int sesCenterCode = Integer.valueOf( LifeCenterSessionController.getSession( request, "sesCenterCode" ) ) ; String sesId = LifeCenterSessionController.getSession( request, "sesId" ); String sesName = LifeCenterSessionController.getSession( request, "sesName" ); String sesCenterName = LifeCenterSessionController.getSession( request, "sesCenterName" ); String logCenterName = !sesCenterName.equals( "" )? "["+sesCenterName+"] " : ""; String processingContents = "의료진 신규 등록 페이지 접속"; PrivateLogDTO logDTO = new PrivateLogDTO(); logDTO.setId( sesId ); logDTO.setAccessorDetail( logCenterName + sesName + " (" + sesId + ")" ); logDTO.setIp( LifeCenterFunction.getRemoteAddr( request ) ); logDTO.setFullUrl( LifeCenterFunction.getFullURL( request ) ); logDTO.setProcessingTarget( "" ); logDTO.setProcessingContents( processingContents ); privateLogService.insertPrivateAccessLog( logDTO ); CenterInfoDTO cDto = new CenterInfoDTO(); cDto.setCenterCode(sesCenterCode); List centerList = memberService.selectCenterList(cDto); ModelAndView mv = setMV("staff/new"); GroupListDTO dto = new GroupListDTO(); List groupList = groupListService.selectGroupList(dto); for( GroupListDTO data : groupList ) { data.setEncryptIdx( LifeCenterFunction.aesEncrypt( config.aesKey, config.IV, String.valueOf( data.getIdx() ) ) ); } mv.addObject( "centerList", centerList ); mv.addObject( "groupList", groupList ); return mv; } @RequestMapping("/new/regist") public String staffNewRegist( @ModelAttribute("dto") final StaffDTO dto, HttpServletRequest request, @RequestParam(value="encryptIdx", required=true) String encryptIdx, @RequestParam(value="passwordConfirm", required=true) String passwordConfirm ) throws Exception { // 의료진 관리 -> 의료진 신규등록 컨트롤러 // 의료진 신규등록시 -> 계정 권한은 일반사용자 권한으로 생성? -> 관리자로도 생성? // 센터하나당 관리자 권한 계정은 1개임 (시스템관리자가 센터생성할때 관리자 계정 1개 발급) String decryptIdx = LifeCenterFunction.aesDecrypt( config.aesKey, config.IV, encryptIdx ); // password 일치확인 String password = dto.getPassword(); if( !password.equals( passwordConfirm ) ) { // redirect page back } dto.setGroupIdx( Integer.valueOf( decryptIdx ) ); dto.setPassword( LifeCenterFunction.sha256Encrypt(password) ); memberService.insertStaff( dto ); String sesId = LifeCenterSessionController.getSession( request, "sesId" ); String sesName = LifeCenterSessionController.getSession( request, "sesName" ); String sesCenterName = LifeCenterSessionController.getSession( request, "sesCenterName" ); String logCenterName = !sesCenterName.equals( "" )? "["+sesCenterName+"] " : ""; String processingContents = "의료진 신규 등록 완료"; PrivateLogDTO logDTO = new PrivateLogDTO(); logDTO.setId( sesId ); logDTO.setAccessorDetail( logCenterName + sesName + " (" + sesId + ")" ); logDTO.setIp( LifeCenterFunction.getRemoteAddr( request ) ); logDTO.setFullUrl( LifeCenterFunction.getFullURL( request ) ); logDTO.setProcessingTarget( "(의료진)" + dto.getName() + "["+dto.getId()+"]" ); logDTO.setProcessingContents( processingContents ); privateLogService.insertPrivateAccessLog( logDTO ); return "redirect:../info?staffId=" + dto.getId(); } @RequestMapping("/info") public ModelAndView staffInfo( HttpServletRequest request,HttpServletResponse response, @RequestParam(value="staffId", required=false, defaultValue="") String staffID) throws Exception { String sesId = LifeCenterSessionController.getSession( request, "sesId" ); String sesName = LifeCenterSessionController.getSession( request, "sesName" ); String sesCenterName = LifeCenterSessionController.getSession( request, "sesCenterName" ); String logCenterName = !sesCenterName.equals( "" )? "["+sesCenterName+"] " : ""; StaffDTO dto = new StaffDTO(); dto.setId(staffID); dto = memberService.selectMemberInfo(dto); String processingContents = "의료진 정보 상세 페이지 접속"; PrivateLogDTO logDTO = new PrivateLogDTO(); logDTO.setId( sesId ); logDTO.setAccessorDetail( logCenterName + sesName + " (" + sesId + ")" ); logDTO.setIp( LifeCenterFunction.getRemoteAddr( request ) ); logDTO.setFullUrl( LifeCenterFunction.getFullURL( request ) ); logDTO.setProcessingTarget( "(의료진)" + dto.getName() + "["+dto.getId()+"]" ); logDTO.setProcessingContents( processingContents ); privateLogService.insertPrivateAccessLog( logDTO ); dto.setPhoneNumber( LifeCenterFunction.phone( dto.getPhoneNumber() ) ); String enMemberId = LifeCenterFunction.aesEncrypt( config.aesKey, config.IV, staffID ); ModelAndView mv = setMV("staff/info"); mv.addObject( "info", dto ); mv.addObject( "sesId", sesId ); mv.addObject( "enMemberId", enMemberId ); mv.addObject( "centerCode", dto.getCenterCode() ); return mv; } @RequestMapping("/edit") public ModelAndView staffEdit( HttpServletRequest request,HttpServletResponse response, @RequestParam(value="staffId", required=false, defaultValue="") String staffId) throws Exception { String sesId = LifeCenterSessionController.getSession( request, "sesId" ); String sesName = LifeCenterSessionController.getSession( request, "sesName" ); String sesCenterName = LifeCenterSessionController.getSession( request, "sesCenterName" ); String logCenterName = !sesCenterName.equals( "" )? "["+sesCenterName+"] " : ""; // List centerList = memberService.selectCenterList(); StaffDTO dto = new StaffDTO(); dto.setId(staffId); dto = memberService.selectMemberInfo(dto); String processingContents = "의료진 정보 변경 페이지 접속"; PrivateLogDTO logDTO = new PrivateLogDTO(); logDTO.setId( sesId ); logDTO.setAccessorDetail( logCenterName + sesName + " (" + sesId + ")" ); logDTO.setIp( LifeCenterFunction.getRemoteAddr( request ) ); logDTO.setFullUrl( LifeCenterFunction.getFullURL( request ) ); logDTO.setProcessingTarget( "(의료진)" + dto.getName() + "["+dto.getId()+"]" ); logDTO.setProcessingContents( processingContents ); privateLogService.insertPrivateAccessLog( logDTO ); String groupIdx = LifeCenterFunction.aesEncrypt(config.aesKey, config.IV, String.valueOf(dto.getGroupIdx())); int centerCode = dto.getCenterCode(); GroupListDTO gDto = new GroupListDTO(); List groupList = groupListService.selectGroupList(gDto); for( GroupListDTO data : groupList ) { data.setEncryptIdx( LifeCenterFunction.aesEncrypt( config.aesKey, config.IV, String.valueOf( data.getIdx() ) ) ); } ModelAndView mv = setMV("staff/edit"); mv.addObject("info", dto); mv.addObject("centerCode", centerCode); mv.addObject("groupIdx", groupIdx); // mv.addObject("centerList", centerList); mv.addObject( "groupList", groupList ); return mv; } @RequestMapping( value="edit/update", method=RequestMethod.POST) public String editUpdate( HttpServletRequest request,HttpServletResponse response, @RequestParam(value="encGroupIdx", required=false, defaultValue = "") String encGroupIdx, @ModelAttribute("dto") StaffDTO dto ) throws Exception { String sesName = LifeCenterSessionController.getSession( request, "sesName" ); String sesCenterName = LifeCenterSessionController.getSession( request, "sesCenterName" ); String logCenterName = !sesCenterName.equals( "" )? "["+sesCenterName+"] " : ""; String memberId = dto.getId(); StaffDTO originMemberData = new StaffDTO(); StaffDTO newMemberData = new StaffDTO(); originMemberData.setId( memberId ); originMemberData = memberService.selectMemberInfo(originMemberData); String decryptIdx = ""; if( !encGroupIdx.equals("") ) { decryptIdx = LifeCenterFunction.aesDecrypt( config.aesKey, config.IV, encGroupIdx ); dto.setGroupIdx( Integer.valueOf( decryptIdx ) ); } String sesId = LifeCenterSessionController.getSession( request, "sesId" ); dto.setUpdateById(sesId); int rts = memberService.updateEditMember(dto); newMemberData = new StaffDTO(); newMemberData.setId( memberId ); newMemberData = memberService.selectMemberInfo(newMemberData); String processingDetail = "[수정내역 :"; PrivateLogDTO logDTO = new PrivateLogDTO(); int cnt = 0; try{ Object objNew=newMemberData; for (Field field : objNew.getClass().getDeclaredFields()){ Object objOrigin=originMemberData; for (Field field1 : objOrigin.getClass().getDeclaredFields()){ if( field1.getName().equals( field.getName() ) ) { field1.setAccessible(true); Object valueOrigin = field1.get(objOrigin); String originVal = valueOrigin == null ? "": valueOrigin.toString(); field.setAccessible(true); Object valueNew=field.get(objNew); String newVal = valueNew == null ? "": valueNew.toString(); // System.err.println(field.getName()+","+originVal + " -> " + newVal); if( !originVal.equals( newVal ) ) { // System.out.println(field.getName()+","+originVal + " -> " + newVal); String nv = cnt >= 1 ? ", " : " "; processingDetail += nv + field.getName()+"컬럼 값 변경 ("+originVal + " -> " + newVal +")"; cnt ++; } } } } processingDetail +="]"; }catch (Exception e){ e.printStackTrace(); } String processingContents = "의료진 정보 수정 [총 " + cnt + "건 항목] " + processingDetail; System.err.println( "processingContents : " + processingContents ); logDTO.setId( sesId ); logDTO.setAccessorDetail( logCenterName + sesName + " (" + sesId + ")" ); logDTO.setIp( LifeCenterFunction.getRemoteAddr( request ) ); logDTO.setFullUrl( LifeCenterFunction.getFullURL( request ) ); logDTO.setProcessingTarget( "(의료진)" + originMemberData.getName() + "["+originMemberData.getId()+"]" ); logDTO.setProcessingContents( processingContents ); privateLogService.insertPrivateAccessLog( logDTO ); return "redirect:/staff/info?staffId=" + dto.getId(); } @RequestMapping("/myinfo") public ModelAndView staffMyinfo(HttpServletRequest request,HttpServletResponse response) { String sesId = LifeCenterSessionController.getSession( request, "sesId" ); String sesName = LifeCenterSessionController.getSession( request, "sesName" ); String sesCenterName = LifeCenterSessionController.getSession( request, "sesCenterName" ); String logCenterName = !sesCenterName.equals( "" )? "["+sesCenterName+"] " : ""; StaffDTO dto = new StaffDTO(); dto.setId(sesId); dto = memberService.selectMemberInfo(dto); String processingContents = "내정보 변경 페이지 접속"; PrivateLogDTO logDTO = new PrivateLogDTO(); logDTO.setId( sesId ); logDTO.setAccessorDetail( logCenterName + sesName + " (" + sesId + ")" ); logDTO.setIp( LifeCenterFunction.getRemoteAddr( request ) ); logDTO.setFullUrl( LifeCenterFunction.getFullURL( request ) ); logDTO.setProcessingTarget( "(의료진)" + dto.getName() + "["+dto.getId()+"]" ); logDTO.setProcessingContents( processingContents ); privateLogService.insertPrivateAccessLog( logDTO ); String referer = request.getHeader( "Referer" ); ModelAndView mv = setMV("staff/myinfo"); mv.addObject("info", dto); mv.addObject("returnUrl", referer); return mv; } @RequestMapping( value="myinfo/update", method=RequestMethod.POST) public String myInfoUpdate( HttpServletRequest request, HttpServletResponse response, @ModelAttribute("dto") final StaffDTO dto, @RequestParam(value="passwordNew", required=false, defaultValue="") String passwordNew, @RequestParam(value="passwordConfirm", required=false, defaultValue="") String passwordConfirm, @RequestParam(value="returnUrl", required=false, defaultValue="") String returnUrl) throws Exception { String sesId = LifeCenterSessionController.getSession( request, "sesId" ); String sesName = LifeCenterSessionController.getSession( request, "sesName" ); String sesCenterName = LifeCenterSessionController.getSession( request, "sesCenterName" ); String logCenterName = !sesCenterName.equals( "" )? "["+sesCenterName+"] " : ""; String memberId = dto.getId(); StaffDTO originMemberData = new StaffDTO(); StaffDTO newMemberData = new StaffDTO(); originMemberData.setId( memberId ); originMemberData = memberService.selectMemberInfo(originMemberData); Object sesPasswordChange = request.getSession().getAttribute( "sesPasswordChange" ); String encryptPw = LifeCenterFunction.sha256Encrypt(dto.getPassword()); dto.setPassword(encryptPw); int mCnt = memberService.selectMemberCount(dto); if (mCnt == 1) { if (!passwordNew.equals("")) { if (passwordNew.equals(passwordConfirm)) { dto.setPassword(LifeCenterFunction.sha256Encrypt(passwordNew)); if( sesPasswordChange != null && ( sesPasswordChange.equals( "REQUIRED" ) || sesPasswordChange.equals( "RESET" ) ) ) { LifeCenterSessionController.setSession( request, "sesPasswordChange", "" ); } } } memberService.updateMember(dto); LifeCenterSessionController.setSession( request, "sesName", dto.getName() ); newMemberData = new StaffDTO(); newMemberData.setId( memberId ); newMemberData = memberService.selectMemberInfo(newMemberData); String processingDetail = "[수정내역 :"; PrivateLogDTO logDTO = new PrivateLogDTO(); int cnt = 0; try{ Object objNew=newMemberData; for (Field field : objNew.getClass().getDeclaredFields()){ Object objOrigin=originMemberData; for (Field field1 : objOrigin.getClass().getDeclaredFields()){ if( field1.getName().equals( field.getName() ) ) { field1.setAccessible(true); Object valueOrigin = field1.get(objOrigin); String originVal = valueOrigin == null ? "": valueOrigin.toString(); field.setAccessible(true); Object valueNew=field.get(objNew); String newVal = valueNew == null ? "": valueNew.toString(); // System.err.println(field.getName()+","+originVal + " -> " + newVal); if( !originVal.equals( newVal ) ) { // System.out.println(field.getName()+","+originVal + " -> " + newVal); String nv = cnt >= 1 ? ", " : " "; processingDetail += nv + field.getName()+"컬럼 값 변경 ("+originVal + " -> " + newVal +")"; cnt ++; } } } } processingDetail +="]"; }catch (Exception e){ e.printStackTrace(); } String processingContents = "내정보 수정 [총 " + cnt + "건 항목] " + processingDetail; System.err.println( "processingContents : " + processingContents ); logDTO.setId( sesId ); logDTO.setAccessorDetail( logCenterName + sesName + " (" + sesId + ")" ); logDTO.setIp( LifeCenterFunction.getRemoteAddr( request ) ); logDTO.setFullUrl( LifeCenterFunction.getFullURL( request ) ); logDTO.setProcessingTarget( "(의료진)" + originMemberData.getName() + "["+originMemberData.getId()+"]" ); logDTO.setProcessingContents( processingContents ); privateLogService.insertPrivateAccessLog( logDTO ); LifeCenterFunction.scriptMessage( response, "alertBox({ txt : '변경되었습니다', callBack : function(){ location.href='/staff/myinfo'; } });" ); return "/common/blank"; } else { LifeCenterFunction.scriptMessage( response, "alertBox({ txt : '비밀번호가 일치하지않습니다.', callBack : function(){ history.back(); } });" ); return "/common/blank"; } // return "redirect:/"; // return "redi"returnUrl; } @RequestMapping("/list") public ModelAndView staffList( @ModelAttribute("dto") final StaffDTO dto, @RequestParam(value="selectState", required=false, defaultValue="") String selectState, @RequestParam(value="sData", required=false, defaultValue="") String sData, @RequestParam(value="useYn", required=false, defaultValue="") String useYn, @RequestParam(value="page", required=false, defaultValue="1") int page, HttpServletRequest request, HttpServletResponse response) { String sesId = LifeCenterSessionController.getSession( request, "sesId" ); String sesGroupIdx = LifeCenterSessionController.getSession( request, "sesGroupIdx" ); String sesCenterCode = LifeCenterSessionController.getSession( request, "sesCenterCode" ); String sesName = LifeCenterSessionController.getSession( request, "sesName" ); String sesCenterName = LifeCenterSessionController.getSession( request, "sesCenterName" ); String logCenterName = !sesCenterName.equals( "" )? "["+sesCenterName+"] " : ""; String processingContents = "의료진 리스트 조회"; PrivateLogDTO logDTO = new PrivateLogDTO(); logDTO.setId( sesId ); logDTO.setAccessorDetail( logCenterName + sesName + " (" + sesId + ")" ); logDTO.setIp( LifeCenterFunction.getRemoteAddr( request ) ); logDTO.setFullUrl( LifeCenterFunction.getFullURL( request ) ); logDTO.setProcessingTarget( "" ); logDTO.setProcessingContents( processingContents ); privateLogService.insertPrivateAccessLog( logDTO ); if (selectState.equals("sId")) { dto.setId(sData); } else if (selectState.equals("sName")) { dto.setName(sData); } else { dto.setCenterName(sData); } dto.setGroupIdx(Integer.parseInt( sesGroupIdx )); dto.setSesId(sesId); dto.setCenterCode(Integer.parseInt(sesCenterCode)); dto.setLimit( ( Integer.valueOf( page ) - 1 ) * config.pageDataSize ); dto.setLimitMax( config.pageDataSize ); int total = memberService.selectMemberListCount(dto); List list = new ArrayList(); if (total > 0) { list = memberService.selectMemberList(dto); } String param = "selectState=" + selectState + "&sData=" + sData + "&useYn=" + useYn; paging = LifeCenterPaging.getInstance(); paging.paging(config, total, page, param); ModelAndView mv = setMV("staff/list"); mv.addObject("total", total); mv.addObject("selectState", selectState); mv.addObject("sData", sData); mv.addObject("useYn", useYn); mv.addObject("item", list); mv.addObject("paging", paging); mv.addObject( "sesId", sesId ); mv.addObject("sesGroupIdx", sesGroupIdx ); return mv; } @RequestMapping( value="/duplicateIdCheck", method = RequestMethod.POST ) @ResponseBody public boolean duplicateIdCheck( @RequestParam( value="staffId", required = false, defaultValue = "" ) String id ) { boolean result = false; // false : 중복 , true : 중복아님 JSONObject obj = new JSONObject(); LoginDTO dto = new LoginDTO(); if( id.trim().equals( "" ) ) { result = false; } else { dto.setId( id.trim() ); int count = loginService.selectMemberIdCount( dto ); if( count == 0 ) { result = true; } } // obj.put( "result" , result ); return result; } @RequestMapping( value="/passwordReset", method = RequestMethod.POST ) @ResponseBody public boolean passwordReset( HttpServletRequest request, @RequestParam( value="staffId", required = true ) String id, @RequestParam( value="type", required = true ) String type) throws Exception { String sesId = LifeCenterSessionController.getSession( request, "sesId" ); String sesName = LifeCenterSessionController.getSession( request, "sesName" ); String sesCenterName = LifeCenterSessionController.getSession( request, "sesCenterName" ); String logCenterName = !sesCenterName.equals( "" )? "["+sesCenterName+"] " : ""; StaffDTO info = new StaffDTO(); info.setId(id); info = memberService.selectMemberInfo(info); String processingContents = "의료진 비밀번호 초기화 처리"; PrivateLogDTO logDTO = new PrivateLogDTO(); logDTO.setId( sesId ); logDTO.setAccessorDetail( logCenterName + sesName + " (" + sesId + ")" ); logDTO.setIp( LifeCenterFunction.getRemoteAddr( request ) ); logDTO.setFullUrl( LifeCenterFunction.getFullURL( request ) ); logDTO.setProcessingTarget( "(의료진)" + info.getName() + "["+info.getId()+"]" ); logDTO.setProcessingContents( processingContents ); privateLogService.insertPrivateAccessLog( logDTO ); boolean result = false; String pw = ""; StaffDTO dto = new StaffDTO(); dto.setId(id); if (type.equals("staff")) { pw = LifeCenterFunction.sha256Encrypt(config.staffResetPw); } else { pw = LifeCenterFunction.sha256Encrypt(config.centerResetPw); } dto.setPassword(pw); int rts = memberService.updateMemberPwReset(dto); if (rts == 1) { result = true; } return result; } @RequestMapping("/delete") @Transactional(propagation=Propagation.REQUIRED) public String memberDelete( @RequestParam( value="enMemberId", required = true ) String enMemberId, HttpServletRequest request,HttpServletResponse response ) throws Exception { String sesId = LifeCenterSessionController.getSession( request, "sesId" ); String sesName = LifeCenterSessionController.getSession( request, "sesName" ); String sesCenterName = LifeCenterSessionController.getSession( request, "sesCenterName" ); String logCenterName = !sesCenterName.equals( "" )? "["+sesCenterName+"] " : ""; String memberId = LifeCenterFunction.aesDecrypt( config.aesKey, config.IV, enMemberId ); StaffDTO info = new StaffDTO(); info.setId(memberId); info = memberService.selectMemberInfo(info); StaffDTO dto = new StaffDTO(); dto.setId( memberId ); LoginDTO loginDTO = new LoginDTO(); loginDTO.setId( memberId ); int total = loginService.selectMemberIdCount( loginDTO ); if( total == 0 ) { LifeCenterFunction.scriptMessage( response, "alertBox({ txt: '이미 삭제되었거나 존재하지않는 사용자입니다.', callBack : function(){ history.back(); } });" ); return "/common/blank"; } else { memberService.deleteMember(dto); String processingContents = "의료진 삭제 처리"; PrivateLogDTO logDTO = new PrivateLogDTO(); logDTO.setId( sesId ); logDTO.setAccessorDetail( logCenterName + sesName + " (" + sesId + ")" ); logDTO.setIp( LifeCenterFunction.getRemoteAddr( request ) ); logDTO.setFullUrl( LifeCenterFunction.getFullURL( request ) ); logDTO.setProcessingTarget( "(의료진)" + info.getName() + "["+info.getId()+"]" ); logDTO.setProcessingContents( processingContents ); privateLogService.insertPrivateAccessLog( logDTO ); } LifeCenterFunction.scriptMessage( response, "alertBox({ txt: '사용자가 삭제되었습니다. ', callBack : function(){ location.href='./list'; } });" ); return "/common/blank"; } }