src/org/cacert/gigi/EmailAddress.java

   1 package org.cacert.gigi;
   2
   3 import java.io.IOException;
   4 import java.sql.PreparedStatement;
   5 import java.sql.ResultSet;
   6 import java.sql.SQLException;
   7
   8 import org.cacert.gigi.database.DatabaseConnection;
   9 import org.cacert.gigi.email.EmailProvider;
  10 import org.cacert.gigi.util.RandomToken;
  11 import org.cacert.gigi.util.ServerConstants;
  12
  13 public class EmailAddress {
  14
  15     private String address;
  16
  17     private int id;
  18
  19     private User owner;
  20
  21     private String hash = null;
  22
  23     private EmailAddress(int id) throws SQLException {
  24         PreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT memid, email, hash FROM `email` WHERE id=? AND deleted=0");
  25         ps.setInt(1, id);
  26
  27         ResultSet rs = ps.executeQuery();
  28         if ( !rs.next()) {
  29             throw new IllegalArgumentException("Invalid email id " + id);
  30         }
  31         this.id = id;
  32         owner = User.getById(rs.getInt(1));
  33         address = rs.getString(2);
  34         hash = rs.getString(3);
  35         rs.close();
  36     }
  37
  38     public EmailAddress(String address, User owner) {
  39         if ( !EmailProvider.MAIL.matcher(address).matches()) {
  40             throw new IllegalArgumentException("Invalid email.");
  41         }
  42         this.address = address;
  43         this.owner = owner;
  44         this.hash = RandomToken.generateToken(16);
  45     }
  46
  47     public void insert(Language l) {
  48         if (id != 0) {
  49             throw new IllegalStateException("already inserted.");
  50         }
  51         try {
  52             PreparedStatement ps = DatabaseConnection.getInstance().prepare("INSERT INTO `email` SET memid=?, hash=?, email=?");
  53             ps.setInt(1, owner.getId());
  54             ps.setString(2, hash);
  55             ps.setString(3, address);
  56             ps.execute();
  57             id = DatabaseConnection.lastInsertId(ps);
  58             StringBuffer body = new StringBuffer();
  59             body.append(l.getTranslation("Thanks for signing up with CAcert.org, below is the link you need to open to verify your account. Once your account is verified you will be able to start issuing certificates till your hearts' content!"));
  60             body.append("\n\nhttps://");
  61             body.append(ServerConstants.getWwwHostNamePort());
  62             body.append("/verify?type=email&id=");
  63             body.append(id);
  64             body.append("&hash=");
  65             body.append(hash);
  66             body.append("\n\n");
  67             body.append(l.getTranslation("Best regards"));
  68             body.append("\n");
  69             body.append(l.getTranslation("CAcert.org Support!"));
  70             EmailProvider.getInstance().sendmail(address, "[CAcert.org] " + l.getTranslation("Mail Probe"), body.toString(), "support@cacert.org", null, null, null, null, false);
  71         } catch (SQLException e) {
  72             e.printStackTrace();
  73         } catch (IOException e) {
  74             e.printStackTrace();
  75         }
  76     }
  77
  78     public int getId() {
  79         return id;
  80     }
  81
  82     public String getAddress() {
  83         return address;
  84     }
  85
  86     public synchronized void verify(String hash) throws GigiApiException {
  87         if (this.hash.equals(hash)) {
  88
  89             try {
  90                 PreparedStatement ps = DatabaseConnection.getInstance().prepare("UPDATE `email` SET hash='' WHERE id=?");
  91                 ps.setInt(1, id);
  92                 ps.execute();
  93                 hash = "";
  94
  95                 // Verify user with that primary email
  96                 PreparedStatement ps2 = DatabaseConnection.getInstance().prepare("update `users` set `verified`='1' where `id`=? and `email`=? and `verified`='0'");
  97                 ps2.setInt(1, owner.getId());
  98                 ps2.setString(2, address);
  99                 ps2.execute();
 100                 this.hash = "";
 101             } catch (SQLException e) {
 102                 throw new GigiApiException(e);
 103             }
 104
 105         } else {
 106             throw new GigiApiException("Email verification hash is invalid.");
 107         }
 108     }
 109
 110     public static EmailAddress getById(int id) throws IllegalArgumentException {
 111         // TODO cache
 112         try {
 113             EmailAddress e = new EmailAddress(id);
 114             return e;
 115         } catch (SQLException e) {
 116             throw new IllegalArgumentException(e);
 117         }
 118     }
 119
 120     public boolean isVerified() {
 121         return hash.isEmpty();
 122     }
 123 }