X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Fwot%2FAssurePage.java;h=8862535c97aa6a6ffd404ae49e4c48c562bb8ee9;hb=d690eda36eba121aa79e4f456d5f0eb481be8b86;hp=6bdae95114864ec0978dd3feed2cd61687af37e0;hpb=109ee347f66820b5a860c1ae579866c7da01c5cd;p=gigi.git

diff --git a/src/org/cacert/gigi/pages/wot/AssurePage.java b/src/org/cacert/gigi/pages/wot/AssurePage.java
index 6bdae951..8862535c 100644
--- a/src/org/cacert/gigi/pages/wot/AssurePage.java
+++ b/src/org/cacert/gigi/pages/wot/AssurePage.java
@@ -10,6 +10,7 @@ import java.util.HashMap;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
 
 import org.cacert.gigi.User;
 import org.cacert.gigi.database.DatabaseConnection;
@@ -17,34 +18,42 @@ import org.cacert.gigi.output.DateSelector;
 import org.cacert.gigi.output.Template;
 import org.cacert.gigi.pages.LoginPage;
 import org.cacert.gigi.pages.Page;
+import org.cacert.gigi.util.Notary;
 
 public class AssurePage extends Page {
-	public static final String PATH = "/wot/assure/*";
+	public static final String PATH = "/wot/assure";
+	public static final String SESSION = "/wot/assure/FORM";
 	DateSelector ds = new DateSelector("day", "month", "year");
 	Template t;
 
 	public AssurePage() {
 		super("Assure someone");
 		t = new Template(new InputStreamReader(
-				AssurePage.class.getResourceAsStream("AssureeSearch.templ")));
+				AssuranceForm.class.getResourceAsStream("AssureeSearch.templ")));
+
 	}
 
 	@Override
 	public void doGet(HttpServletRequest req, HttpServletResponse resp)
 			throws IOException {
-		PrintWriter out = resp.getWriter();
 
-		String pi = req.getPathInfo().substring(PATH.length() - 2);
+		PrintWriter out = resp.getWriter();
+		String pi = req.getPathInfo().substring(PATH.length());
 		if (pi.length() > 1) {
 			User myself = LoginPage.getUser(req);
 			int mid = Integer.parseInt(pi.substring(1));
-			if (mid == myself.getId()) {
-				out.println("Cannot assure myself.");
+
+			if (!Notary.checkAssuranceIsPossible(myself, new User(mid), out)) {
 				return;
 			}
+			HttpSession hs = req.getSession();
+			AssuranceForm form = (AssuranceForm) hs.getAttribute(SESSION);
+			if (form == null || form.assuree.getId() != mid) {
+				form = new AssuranceForm(mid);
+				hs.setAttribute(SESSION, form);
+			}
 
-			new AssuranceForm(mid).output(out, getLanguage(req),
-					new HashMap<String, Object>());;
+			form.output(out, getLanguage(req), new HashMap<String, Object>());;
 		} else {
 			HashMap<String, Object> vars = new HashMap<String, Object>();
 			vars.put("DoB", ds);
@@ -55,29 +64,73 @@ public class AssurePage extends Page {
 	public void doPost(HttpServletRequest req, HttpServletResponse resp)
 			throws IOException {
 		PrintWriter out = resp.getWriter();
+		String pi = req.getPathInfo().substring(PATH.length());
+		if (pi.length() > 1) {
+			User myself = LoginPage.getUser(req);
+			int mid = Integer.parseInt(pi.substring(1));
+			if (mid == myself.getId()) {
+				out.println("Cannot assure myself.");
+				return;
+			}
+
+			AssuranceForm form = (AssuranceForm) req.getSession().getAttribute(
+					SESSION);
+			if (form == null) {
+				out.println("No form found. This is an Error. Fill in the form again.");
+				return;
+			}
+			form.submit(out, req);
+
+			return;
+		}
+
 		System.out.println("searching for");
+		ResultSet rs = null;
 		try {
-			PreparedStatement ps = DatabaseConnection.getInstance().prepare(
-					"SELECT id FROM users WHERE email=? AND dob=?");
+			PreparedStatement ps = DatabaseConnection
+					.getInstance()
+					.prepare(
+							"SELECT id, verified FROM users WHERE email=? AND dob=? AND deleted=0");
 			ps.setString(1, req.getParameter("email"));
 			String day = req.getParameter("year") + "-"
 					+ req.getParameter("month") + "-" + req.getParameter("day");
 			ps.setString(2, day);
-			ResultSet rs = ps.executeQuery();
+			rs = ps.executeQuery();
 			int id = 0;
 			if (rs.next()) {
 				id = rs.getInt(1);
-			}
-			if (rs.next()) {
-				out.println("Error, ambigous user. Please contact support@cacert.org");
+				int verified = rs.getInt(2);
+				if (rs.next()) {
+					out.println("Error, ambigous user. Please contact support@cacert.org.");
+				} else {
+					if (verified == 0) {
+						out.println(translate(req,
+								"User is not yet verified. Please try again in 24 hours!"));
+					}
+					resp.sendRedirect(PATH + "/" + id);
+				}
 			} else {
-				resp.sendRedirect(PATH.substring(0, PATH.length() - 2) + "/"
-						+ id);
+				out.print("<div class='formError'>");
+
+				out.println(translate(
+						req,
+						"I'm sorry, there was no email and date of birth matching"
+								+ " what you entered in the system. Please double check"
+								+ " your information."));
+				out.print("</div>");
 			}
 
 			rs.close();
 		} catch (SQLException e) {
 			e.printStackTrace();
+		} finally {
+			try {
+				if (rs != null) {
+					rs.close();
+				}
+			} catch (SQLException e) {
+				e.printStackTrace();
+			}
 		}
 	}
 }