X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;ds=sidebyside;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2FPasswordResetPage.java;h=4090bdd49b140822e7d516a879acdf0c6f9df9e1;hb=2fa72700a18cdc62e80e1762b90e6e8bf20e8b92;hp=1be5643c30d08e1ee16cd5e5e62f6df388c6f103;hpb=25f59f370978c0e9789821a15d89a83d5d702622;p=gigi.git
diff --git a/src/org/cacert/gigi/pages/PasswordResetPage.java b/src/org/cacert/gigi/pages/PasswordResetPage.java
index 1be5643c..4090bdd4 100644
--- a/src/org/cacert/gigi/pages/PasswordResetPage.java
+++ b/src/org/cacert/gigi/pages/PasswordResetPage.java
@@ -2,7 +2,6 @@ package org.cacert.gigi.pages;
import java.io.IOException;
import java.io.PrintWriter;
-import java.io.StringWriter;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Map;
@@ -13,12 +12,12 @@ import javax.servlet.http.HttpServletResponse;
import org.cacert.gigi.GigiApiException;
import org.cacert.gigi.database.GigiPreparedStatement;
import org.cacert.gigi.dbObjects.User;
-import org.cacert.gigi.email.SendMail;
import org.cacert.gigi.localisation.Language;
import org.cacert.gigi.output.template.Form;
-import org.cacert.gigi.output.template.SprintfCommand;
+import org.cacert.gigi.output.template.MailTemplate;
import org.cacert.gigi.output.template.Template;
import org.cacert.gigi.util.AuthorizationContext;
+import org.cacert.gigi.util.HTMLEncoder;
import org.cacert.gigi.util.RandomToken;
import org.cacert.gigi.util.ServerConstants;
@@ -90,14 +89,13 @@ public class PasswordResetPage extends Page {
@Override
public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
PasswordResetForm form = Form.getForm(req, PasswordResetForm.class);
- try {
- form.submit(resp.getWriter(), req);
- resp.getWriter().println(getLanguage(req).getTranslation("Password reset successful."));
+ PrintWriter w = resp.getWriter();
+ if (form.submitProtected(w, req)) {
+ w.println("
");
+ w.println(HTMLEncoder.encodeHTML(getLanguage(req).getTranslation("Password reset successful.")));
+ w.println("
");
return;
- } catch (GigiApiException e) {
- e.format(resp.getWriter(), getLanguage(req));
}
- form.output(resp.getWriter(), getLanguage(req), new HashMap());
}
@Override
@@ -114,30 +112,20 @@ public class PasswordResetPage extends Page {
return true;
}
+ private static final MailTemplate passwordResetMail = new MailTemplate(PasswordResetPage.class.getResource("PasswordResetMail.templ"));
+
public static void initPasswordResetProcess(PrintWriter out, User targetUser, HttpServletRequest req, String aword, Language l, String method, String subject) {
String ptok = RandomToken.generateToken(32);
int id = targetUser.generatePasswordResetTicket(Page.getUser(req), ptok, aword);
try {
- StringWriter sw = new StringWriter();
- PrintWriter outMail = new PrintWriter(sw);
- outMail.print(l.getTranslation("Hi,") + "\n\n");
- outMail.print(method);
- outMail.print("\n\nhttps://");
- outMail.print(ServerConstants.getWwwHostNamePortSecure() + PasswordResetPage.PATH);
- outMail.print("?id=");
- outMail.print(id);
- outMail.print("&token=");
- outMail.print(URLEncoder.encode(ptok, "UTF-8"));
- outMail.print("\n");
- outMail.print("\n");
- SprintfCommand.createSimple("This process will expire in {0} hours.", Integer.toString(HOUR_MAX)).output(outMail, l, new HashMap());
- outMail.print("\n");
- outMail.print("\n");
- outMail.print(l.getTranslation("Best regards"));
- outMail.print("\n");
- outMail.print(l.getTranslation("SomeCA.org Support!"));
- outMail.close();
- SendMail.getInstance().sendMail(Page.getUser(req).getEmail(), "[SomeCA.org] " + subject, sw.toString(), "support@cacert.org", null, null, null, null, false);
+ HashMap vars = new HashMap<>();
+ vars.put("subject", subject);
+ vars.put("method", method);
+ vars.put("link", "https://" + ServerConstants.getWwwHostNamePortSecure() + PasswordResetPage.PATH //
+ + "?id=" + id + "&token=" + URLEncoder.encode(ptok, "UTF-8"));
+ vars.put("hour_max", HOUR_MAX);
+
+ passwordResetMail.sendMail(l, vars, Page.getUser(req).getEmail());
out.println(Page.getLanguage(req).getTranslation("Password reset successful."));
} catch (IOException e) {
e.printStackTrace();