X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Foutput%2Ftemplate%2FForm.java;h=83a96f3813ad6bdb0c20bbc817f73f5eb2287b35;hb=aa5723dbb64ec8efa63909d39ff72364f0a5ee96;hp=ed1a86689cd261b95aa03807e56eb40d8dd11f29;hpb=87c6ea794b343732e32514cba17d047c6fc196a4;p=gigi.git

diff --git a/src/org/cacert/gigi/output/template/Form.java b/src/org/cacert/gigi/output/template/Form.java
index ed1a8668..83a96f38 100644
--- a/src/org/cacert/gigi/output/template/Form.java
+++ b/src/org/cacert/gigi/output/template/Form.java
@@ -13,6 +13,9 @@ import org.cacert.gigi.localisation.Language;
 import org.cacert.gigi.pages.Page;
 import org.cacert.gigi.util.RandomToken;
 
+/**
+ * A generic HTML-form that handles CSRF-token creation.
+ */
 public abstract class Form implements Outputable {
 
     public static final String CSRF_FIELD = "csrf";
@@ -21,10 +24,24 @@ public abstract class Form implements Outputable {
 
     private final String action;
 
+    /**
+     * Creates a new {@link Form}.
+     * 
+     * @param hsr
+     *            the request to register the form against.
+     */
     public Form(HttpServletRequest hsr) {
         this(hsr, null);
     }
 
+    /**
+     * Creates a new {@link Form}.
+     * 
+     * @param hsr
+     *            the request to register the form against.
+     * @param action
+     *            the target path where the form should be submitted.
+     */
     public Form(HttpServletRequest hsr, String action) {
         csrf = RandomToken.generateToken(32);
         this.action = action;
@@ -32,6 +49,17 @@ public abstract class Form implements Outputable {
         hs.setAttribute("form/" + getClass().getName() + "/" + csrf, this);
     }
 
+    /**
+     * Update the forms internal state based on submitted data.
+     * 
+     * @param out
+     *            the stream to the user.
+     * @param req
+     *            the request to take the initial data from.
+     * @return true, iff the form succeeded and the user should be redirected.
+     * @throws GigiApiException
+     *             if internal operations went wrong.
+     */
     public abstract boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException;
 
     protected String getCsrfFieldName() {
@@ -52,9 +80,19 @@ public abstract class Form implements Outputable {
         out.println("'></form>");
     }
 
+    /**
+     * Outputs the forms contents.
+     * 
+     * @param out
+     *            Stream to the user.
+     * @param l
+     *            {@link Language} to translate text to.
+     * @param vars
+     *            Variables supplied from the outside.
+     */
     protected abstract void outputContent(PrintWriter out, Language l, Map<String, Object> vars);
 
-    boolean failed;
+    private boolean failed;
 
     protected void outputError(PrintWriter out, ServletRequest req, String text, Object... contents) {
         if ( !failed) {
@@ -91,6 +129,17 @@ public abstract class Form implements Outputable {
         return csrf;
     }
 
+    /**
+     * Re-fetches a form e.g. when a Post-request is received.
+     * 
+     * @param req
+     *            the request that is directed to the form.
+     * @param target
+     *            the {@link Class} of the expected form.
+     * @return the form where this request is directed to.
+     * @throws CSRFException
+     *             if no CSRF-token is found or the token is wrong.
+     */
     public static <T extends Form> T getForm(HttpServletRequest req, Class<T> target) throws CSRFException {
         String csrf = req.getParameter(CSRF_FIELD);
         if (csrf == null) {