1 package org.cacert.gigi.pages.main;
3 import java.io.IOException;
4 import java.io.InputStreamReader;
5 import java.io.PrintWriter;
6 import java.io.UnsupportedEncodingException;
7 import java.sql.PreparedStatement;
8 import java.sql.ResultSet;
9 import java.sql.SQLException;
10 import java.util.Date;
11 import java.util.HashMap;
14 import javax.servlet.ServletRequest;
15 import javax.servlet.http.HttpServletRequest;
17 import org.cacert.gigi.Language;
18 import org.cacert.gigi.User;
19 import org.cacert.gigi.database.DatabaseConnection;
20 import org.cacert.gigi.email.EmailProvider;
21 import org.cacert.gigi.output.DateSelector;
22 import org.cacert.gigi.output.Form;
23 import org.cacert.gigi.output.Template;
24 import org.cacert.gigi.pages.Page;
25 import org.cacert.gigi.util.HTMLEncoder;
26 import org.cacert.gigi.util.Notary;
27 import org.cacert.gigi.util.PasswordStrengthChecker;
28 import org.cacert.gigi.util.RandomToken;
29 import org.cacert.gigi.util.ServerConstants;
31 public class Signup implements Form {
32 User buildup = new User();
34 boolean general = true, country = true, regional = true, radius = true;
37 t = new Template(new InputStreamReader(
38 Signup.class.getResourceAsStream("Signup.templ"), "UTF-8"));
39 } catch (UnsupportedEncodingException e) {
45 buildup.setSuffix("");
47 buildup.setDob(new Date(0));
49 DateSelector myDoB = new DateSelector("day", "month", "year");
51 public void output(PrintWriter out, Language l,
52 Map<String, Object> outerVars) {
53 HashMap<String, Object> vars = new HashMap<String, Object>();
54 vars.put("fname", HTMLEncoder.encodeHTML(buildup.getFname()));
55 vars.put("mname", HTMLEncoder.encodeHTML(buildup.getMname()));
56 vars.put("lname", HTMLEncoder.encodeHTML(buildup.getLname()));
57 vars.put("suffix", HTMLEncoder.encodeHTML(buildup.getSuffix()));
58 vars.put("dob", myDoB);
59 vars.put("email", HTMLEncoder.encodeHTML(buildup.getEmail()));
60 vars.put("general", general ? " checked=\"checked\"" : "");
61 vars.put("country", country ? " checked=\"checked\"" : "");
62 vars.put("regional", regional ? " checked=\"checked\"" : "");
63 vars.put("radius", radius ? " checked=\"checked\"" : "");
67 l.getTranslation("Help on Names %sin the wiki%s"),
68 "<a href=\"//wiki.cacert.org/FAQ/HowToEnterNamesInJoinForm\" target=\"_blank\">",
70 t.output(out, l, vars);
72 private void update(HttpServletRequest r) {
73 if (r.getParameter("fname") != null) {
74 buildup.setFname(r.getParameter("fname"));
76 if (r.getParameter("lname") != null) {
77 buildup.setLname(r.getParameter("lname"));
79 if (r.getParameter("mname") != null) {
80 buildup.setMname(r.getParameter("mname"));
82 if (r.getParameter("suffix") != null) {
83 buildup.setSuffix(r.getParameter("suffix"));
85 if (r.getParameter("email") != null) {
86 buildup.setEmail(r.getParameter("email"));
88 general = "1".equals(r.getParameter("general"));
89 country = "1".equals(r.getParameter("country"));
90 regional = "1".equals(r.getParameter("regional"));
91 radius = "1".equals(r.getParameter("radius"));
95 public synchronized boolean submit(PrintWriter out, HttpServletRequest req) {
97 boolean failed = false;
98 out.println("<div class='formError'>");
99 if (buildup.getFname().equals("") || buildup.getLname().equals("")) {
100 outputError(out, req, "First and/or last names were blank.");
103 if (!myDoB.isValid()) {
104 outputError(out, req, "Invalid date of birth");
107 if (!"1".equals(req.getParameter("cca_agree"))) {
108 outputError(out, req,
109 "You have to agree to the CAcert Community agreement.");
112 if (buildup.getEmail().equals("")) {
113 outputError(out, req, "Email Address was blank");
116 String pw1 = req.getParameter("pword1");
117 String pw2 = req.getParameter("pword2");
118 if (pw1 == null || pw1.equals("")) {
119 outputError(out, req, "Pass Phrases were blank");
121 } else if (!pw1.equals(pw2)) {
122 outputError(out, req, "Pass Phrases don't match");
125 int pwpoints = PasswordStrengthChecker.checkpw(pw1, buildup);
130 "The Pass Phrase you submitted failed to contain enough"
131 + " differing characters and/or contained words from"
132 + " your name and/or email address.");
136 out.println("</div>");
140 PreparedStatement q1 = DatabaseConnection.getInstance().prepare(
141 "select * from `email` where `email`=? and `deleted`=0");
142 PreparedStatement q2 = DatabaseConnection.getInstance().prepare(
143 "select * from `users` where `email`=? and `deleted`=0");
144 q1.setString(1, buildup.getEmail());
145 q2.setString(1, buildup.getEmail());
146 ResultSet r1 = q1.executeQuery();
147 ResultSet r2 = q2.executeQuery();
148 if (r1.next() || r2.next()) {
149 outputError(out, req,
150 "This email address is currently valid in the system.");
155 PreparedStatement q3 = DatabaseConnection
158 "select `domain` from `baddomains` where `domain`=RIGHT(?, LENGTH(`domain`))");
159 q3.setString(1, buildup.getEmail());
161 ResultSet r3 = q3.executeQuery();
163 String domain = r3.getString(1);
165 out.print(String.format(
167 "We don't allow signups from people using email addresses from %s"),
169 out.println("</div>");
173 } catch (SQLException e) {
177 String mailResult = EmailProvider.FAIL;
179 mailResult = EmailProvider.getInstance().checkEmailServer(0,
181 } catch (IOException e) {
183 if (!mailResult.equals(EmailProvider.OK)) {
184 if (mailResult.startsWith("4")) {
188 "The mail server responsible for your domain indicated"
189 + " a temporary failure. This may be due to anti-SPAM measures, such"
190 + " as greylisting. Please try again in a few minutes.");
195 "Email Address given was invalid, or a test connection"
196 + " couldn't be made to your server, or the server"
197 + " rejected the email address as invalid");
199 if (mailResult.equals(EmailProvider.FAIL)) {
200 outputError(out, req,
201 "Failed to make a connection to the mail server");
204 out.print(mailResult);
205 out.println("</div>");
210 out.println("</div>");
216 } catch (SQLException e) {
221 private void outputError(PrintWriter out, ServletRequest req, String text) {
223 out.print(Page.translate(req, text));
224 out.println("</div>");
227 private void run(HttpServletRequest req, String password)
228 throws SQLException {
230 DatabaseConnection.getInstance().beginTransaction();
231 String hash = RandomToken.generateToken(16);
233 buildup.setDob(myDoB.getDate());
234 buildup.insert(password);
235 int memid = buildup.getId();
236 PreparedStatement ps = DatabaseConnection.getInstance().prepare(
237 "insert into `email` set `email`=?,"
238 + " `hash`=?, `created`=NOW(),`memid`=?");
239 ps.setString(1, buildup.getEmail());
240 ps.setString(2, hash);
243 int emailid = DatabaseConnection.lastInsertId(ps);
244 ps = DatabaseConnection
247 "insert into `alerts` set `memid`=?,"
248 + " `general`=?, `country`=?, `regional`=?, `radius`=?");
250 ps.setString(2, general ? "1" : "0");
251 ps.setString(3, country ? "1" : "0");
252 ps.setString(4, regional ? "1" : "0");
253 ps.setString(5, radius ? "1" : "0");
255 Notary.writeUserAgreement(memid, "CCA", "account creation", "",
258 StringBuffer body = new StringBuffer();
262 "Thanks for signing up with CAcert.org, below is the link you need to open to verify your account. Once your account is verified you will be able to start issuing certificates till your hearts' content!"));
264 body.append(ServerConstants.NORMAL_HOST_NAME);
265 body.append("/verify?type=email&id=");
266 body.append(emailid);
267 body.append("&hash=");
270 body.append(Page.translate(req, "Best regards"));
272 body.append(Page.translate(req, "CAcert.org Support!"));
274 EmailProvider.getInstance().sendmail(buildup.getEmail(),
275 "[CAcert.org] " + Page.translate(req, "Mail Probe"),
276 body.toString(), "support@cacert.org", null, null,
278 } catch (IOException e) {
281 DatabaseConnection.getInstance().commitTransaction();
283 DatabaseConnection.getInstance().quitTransaction();