1 package org.cacert.gigi.pages;
3 import java.io.IOException;
4 import java.io.PrintWriter;
5 import java.sql.PreparedStatement;
6 import java.sql.ResultSet;
7 import java.sql.SQLException;
9 import javax.servlet.http.HttpServletRequest;
10 import javax.servlet.http.HttpServletResponse;
12 import org.cacert.gigi.database.DatabaseConnection;
14 public class Verify extends Page {
15 public static final String PATH = "/verify";
18 super("Verify email");
22 public boolean needsLogin() {
27 public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
28 PrintWriter out = resp.getWriter();
29 String hash = req.getParameter("hash");
30 String type = req.getParameter("type");
31 String id = req.getParameter("id");
32 if ("email".equals(type)) {
34 PreparedStatement ps = DatabaseConnection.getInstance().prepare(
35 "select email, memid from `email` where `id`=? and `hash`=? and `hash` != '' and `deleted` = 0");
37 ps.setString(2, hash);
38 ResultSet rs = ps.executeQuery();
40 if (rs.getRow() == 1) {
41 PreparedStatement ps1 = DatabaseConnection.getInstance().prepare(
42 "update `email` set `hash`='', `modified`=NOW() where `id`=?");
45 PreparedStatement ps2 = DatabaseConnection.getInstance().prepare(
46 "update `users` set `verified`='1' where `id`=? and `email`=? and `verified`='0'");
47 ps2.setString(1, rs.getString(2));
48 ps2.setString(2, rs.getString(1));
50 out.println("Your email is good.");
52 out.println("Your request is invalid");
54 } catch (SQLException e) {
61 public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
62 String hash = req.getParameter("hash");
63 String type = req.getParameter("type");
64 if ("email".equals(type)) {