1 package org.cacert.gigi.pages.main;
3 import java.io.IOException;
4 import java.io.InputStreamReader;
5 import java.io.PrintWriter;
6 import java.io.UnsupportedEncodingException;
7 import java.sql.PreparedStatement;
8 import java.sql.ResultSet;
9 import java.sql.SQLException;
11 import java.util.HashMap;
14 import javax.servlet.http.HttpServletRequest;
16 import org.cacert.gigi.Language;
17 import org.cacert.gigi.User;
18 import org.cacert.gigi.database.DatabaseConnection;
19 import org.cacert.gigi.email.EmailProvider;
20 import org.cacert.gigi.output.DateSelector;
21 import org.cacert.gigi.output.Form;
22 import org.cacert.gigi.output.Template;
23 import org.cacert.gigi.pages.Page;
24 import org.cacert.gigi.util.HTMLEncoder;
25 import org.cacert.gigi.util.Notary;
26 import org.cacert.gigi.util.PasswordStrengthChecker;
27 import org.cacert.gigi.util.RandomToken;
28 import org.cacert.gigi.util.ServerConstants;
30 public class Signup extends Form {
31 User buildup = new User();
33 boolean general = true, country = true, regional = true, radius = true;
37 t = new Template(new InputStreamReader(Signup.class.getResourceAsStream("Signup.templ"), "UTF-8"));
38 } catch (UnsupportedEncodingException e) {
44 buildup.setSuffix("");
46 buildup.setDob(new Date(0));
49 DateSelector myDoB = new DateSelector("day", "month", "year");
52 public void outputContent(PrintWriter out, Language l, Map<String, Object> outerVars) {
53 HashMap<String, Object> vars = new HashMap<String, Object>();
54 vars.put("fname", HTMLEncoder.encodeHTML(buildup.getFname()));
55 vars.put("mname", HTMLEncoder.encodeHTML(buildup.getMname()));
56 vars.put("lname", HTMLEncoder.encodeHTML(buildup.getLname()));
57 vars.put("suffix", HTMLEncoder.encodeHTML(buildup.getSuffix()));
58 vars.put("dob", myDoB);
59 vars.put("email", HTMLEncoder.encodeHTML(buildup.getEmail()));
60 vars.put("general", general ? " checked=\"checked\"" : "");
61 vars.put("country", country ? " checked=\"checked\"" : "");
62 vars.put("regional", regional ? " checked=\"checked\"" : "");
63 vars.put("radius", radius ? " checked=\"checked\"" : "");
64 vars.put("helpOnNames", String.format(l.getTranslation("Help on Names %sin the wiki%s"),
65 "<a href=\"//wiki.cacert.org/FAQ/HowToEnterNamesInJoinForm\" target=\"_blank\">", "</a>"));
66 t.output(out, l, vars);
69 private void update(HttpServletRequest r) {
70 if (r.getParameter("fname") != null) {
71 buildup.setFname(r.getParameter("fname"));
73 if (r.getParameter("lname") != null) {
74 buildup.setLname(r.getParameter("lname"));
76 if (r.getParameter("mname") != null) {
77 buildup.setMname(r.getParameter("mname"));
79 if (r.getParameter("suffix") != null) {
80 buildup.setSuffix(r.getParameter("suffix"));
82 if (r.getParameter("email") != null) {
83 buildup.setEmail(r.getParameter("email"));
85 general = "1".equals(r.getParameter("general"));
86 country = "1".equals(r.getParameter("country"));
87 regional = "1".equals(r.getParameter("regional"));
88 radius = "1".equals(r.getParameter("radius"));
93 public synchronized boolean submit(PrintWriter out, HttpServletRequest req) {
95 boolean failed = false;
96 out.println("<div class='formError'>");
97 if (buildup.getFname().equals("") || buildup.getLname().equals("")) {
98 outputError(out, req, "First and/or last names were blank.");
101 if (!myDoB.isValid()) {
102 outputError(out, req, "Invalid date of birth");
105 if (!"1".equals(req.getParameter("cca_agree"))) {
106 outputError(out, req, "You have to agree to the CAcert Community agreement.");
109 if (buildup.getEmail().equals("")) {
110 outputError(out, req, "Email Address was blank");
113 String pw1 = req.getParameter("pword1");
114 String pw2 = req.getParameter("pword2");
115 if (pw1 == null || pw1.equals("")) {
116 outputError(out, req, "Pass Phrases were blank");
118 } else if (!pw1.equals(pw2)) {
119 outputError(out, req, "Pass Phrases don't match");
122 int pwpoints = PasswordStrengthChecker.checkpw(pw1, buildup);
124 outputError(out, req, "The Pass Phrase you submitted failed to contain enough"
125 + " differing characters and/or contained words from" + " your name and/or email address.");
129 out.println("</div>");
133 PreparedStatement q1 = DatabaseConnection.getInstance().prepare(
134 "select * from `email` where `email`=? and `deleted`=0");
135 PreparedStatement q2 = DatabaseConnection.getInstance().prepare(
136 "select * from `users` where `email`=? and `deleted`=0");
137 q1.setString(1, buildup.getEmail());
138 q2.setString(1, buildup.getEmail());
139 ResultSet r1 = q1.executeQuery();
140 ResultSet r2 = q2.executeQuery();
141 if (r1.next() || r2.next()) {
142 outputError(out, req, "This email address is currently valid in the system.");
147 PreparedStatement q3 = DatabaseConnection.getInstance().prepare(
148 "select `domain` from `baddomains` where `domain`=RIGHT(?, LENGTH(`domain`))");
149 q3.setString(1, buildup.getEmail());
151 ResultSet r3 = q3.executeQuery();
153 String domain = r3.getString(1);
155 out.print(String.format(
156 Page.translate(req, "We don't allow signups from people using email addresses from %s"), domain));
157 out.println("</div>");
161 } catch (SQLException e) {
165 String mailResult = EmailProvider.FAIL;
167 mailResult = EmailProvider.getInstance().checkEmailServer(0, buildup.getEmail());
168 } catch (IOException e) {
170 if (!mailResult.equals(EmailProvider.OK)) {
171 if (mailResult.startsWith("4")) {
172 outputError(out, req, "The mail server responsible for your domain indicated"
173 + " a temporary failure. This may be due to anti-SPAM measures, such"
174 + " as greylisting. Please try again in a few minutes.");
176 outputError(out, req, "Email Address given was invalid, or a test connection"
177 + " couldn't be made to your server, or the server" + " rejected the email address as invalid");
179 if (mailResult.equals(EmailProvider.FAIL)) {
180 outputError(out, req, "Failed to make a connection to the mail server");
183 out.print(mailResult);
184 out.println("</div>");
189 out.println("</div>");
195 } catch (SQLException e) {
201 private void run(HttpServletRequest req, String password) throws SQLException {
203 DatabaseConnection.getInstance().beginTransaction();
204 String hash = RandomToken.generateToken(16);
206 buildup.setDob(myDoB.getDate());
207 buildup.insert(password);
208 int memid = buildup.getId();
209 PreparedStatement ps = DatabaseConnection.getInstance().prepare(
210 "insert into `email` set `email`=?," + " `hash`=?, `created`=NOW(),`memid`=?");
211 ps.setString(1, buildup.getEmail());
212 ps.setString(2, hash);
215 int emailid = DatabaseConnection.lastInsertId(ps);
216 ps = DatabaseConnection.getInstance().prepare(
217 "insert into `alerts` set `memid`=?," + " `general`=?, `country`=?, `regional`=?, `radius`=?");
219 ps.setString(2, general ? "1" : "0");
220 ps.setString(3, country ? "1" : "0");
221 ps.setString(4, regional ? "1" : "0");
222 ps.setString(5, radius ? "1" : "0");
224 Notary.writeUserAgreement(memid, "CCA", "account creation", "", true, 0);
226 StringBuffer body = new StringBuffer();
230 "Thanks for signing up with CAcert.org, below is the link you need to open to verify your account. Once your account is verified you will be able to start issuing certificates till your hearts' content!"));
231 body.append("\n\nhttps://");
232 body.append(ServerConstants.getWwwHostNamePort());
233 body.append("/verify?type=email&id=");
234 body.append(emailid);
235 body.append("&hash=");
238 body.append(Page.translate(req, "Best regards"));
240 body.append(Page.translate(req, "CAcert.org Support!"));
242 EmailProvider.getInstance().sendmail(buildup.getEmail(),
243 "[CAcert.org] " + Page.translate(req, "Mail Probe"), body.toString(), "support@cacert.org", null,
244 null, null, null, false);
245 } catch (IOException e) {
248 DatabaseConnection.getInstance().commitTransaction();
250 DatabaseConnection.getInstance().quitTransaction();