src/org/cacert/gigi/EmailAddress.java

   1 package org.cacert.gigi;
   2
   3 import java.io.IOException;
   4 import java.sql.PreparedStatement;
   5 import java.sql.ResultSet;
   6 import java.sql.SQLException;
   7
   8 import org.cacert.gigi.database.DatabaseConnection;
   9 import org.cacert.gigi.email.EmailProvider;
  10 import org.cacert.gigi.localisation.Language;
  11 import org.cacert.gigi.util.RandomToken;
  12 import org.cacert.gigi.util.ServerConstants;
  13
  14 public class EmailAddress {
  15
  16     private String address;
  17
  18     private int id;
  19
  20     private User owner;
  21
  22     private String hash = null;
  23
  24     private EmailAddress(int id) throws SQLException {
  25         PreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT memid, email, hash FROM `emails` WHERE id=? AND deleted=0");
  26         ps.setInt(1, id);
  27
  28         ResultSet rs = ps.executeQuery();
  29         if ( !rs.next()) {
  30             throw new IllegalArgumentException("Invalid email id " + id);
  31         }
  32         this.id = id;
  33         owner = User.getById(rs.getInt(1));
  34         address = rs.getString(2);
  35         hash = rs.getString(3);
  36         rs.close();
  37     }
  38
  39     public EmailAddress(String address, User owner) {
  40         if ( !EmailProvider.MAIL.matcher(address).matches()) {
  41             throw new IllegalArgumentException("Invalid email.");
  42         }
  43         this.address = address;
  44         this.owner = owner;
  45         this.hash = RandomToken.generateToken(16);
  46     }
  47
  48     public void insert(Language l) {
  49         if (id != 0) {
  50             throw new IllegalStateException("already inserted.");
  51         }
  52         try {
  53             PreparedStatement ps = DatabaseConnection.getInstance().prepare("INSERT INTO `emails` SET memid=?, hash=?, email=?");
  54             ps.setInt(1, owner.getId());
  55             ps.setString(2, hash);
  56             ps.setString(3, address);
  57             ps.execute();
  58             id = DatabaseConnection.lastInsertId(ps);
  59             StringBuffer body = new StringBuffer();
  60             body.append(l.getTranslation("Thanks for signing up with CAcert.org, below is the link you need to open to verify your account. Once your account is verified you will be able to start issuing certificates till your hearts' content!"));
  61             body.append("\n\nhttps://");
  62             body.append(ServerConstants.getWwwHostNamePort());
  63             body.append("/verify?type=email&id=");
  64             body.append(id);
  65             body.append("&hash=");
  66             body.append(hash);
  67             body.append("\n\n");
  68             body.append(l.getTranslation("Best regards"));
  69             body.append("\n");
  70             body.append(l.getTranslation("CAcert.org Support!"));
  71             EmailProvider.getInstance().sendmail(address, "[CAcert.org] " + l.getTranslation("Mail Probe"), body.toString(), "support@cacert.org", null, null, null, null, false);
  72         } catch (SQLException e) {
  73             e.printStackTrace();
  74         } catch (IOException e) {
  75             e.printStackTrace();
  76         }
  77     }
  78
  79     public int getId() {
  80         return id;
  81     }
  82
  83     public String getAddress() {
  84         return address;
  85     }
  86
  87     public synchronized void verify(String hash) throws GigiApiException {
  88         if (this.hash.equals(hash)) {
  89
  90             try {
  91                 PreparedStatement ps = DatabaseConnection.getInstance().prepare("UPDATE `emails` SET hash='' WHERE id=?");
  92                 ps.setInt(1, id);
  93                 ps.execute();
  94                 hash = "";
  95
  96                 // Verify user with that primary email
  97                 PreparedStatement ps2 = DatabaseConnection.getInstance().prepare("update `users` set `verified`='1' where `id`=? and `email`=? and `verified`='0'");
  98                 ps2.setInt(1, owner.getId());
  99                 ps2.setString(2, address);
 100                 ps2.execute();
 101                 this.hash = "";
 102             } catch (SQLException e) {
 103                 throw new GigiApiException(e);
 104             }
 105
 106         } else {
 107             throw new GigiApiException("Email verification hash is invalid.");
 108         }
 109     }
 110
 111     public static EmailAddress getById(int id) throws IllegalArgumentException {
 112         // TODO cache
 113         try {
 114             EmailAddress e = new EmailAddress(id);
 115             return e;
 116         } catch (SQLException e) {
 117             throw new IllegalArgumentException(e);
 118         }
 119     }
 120
 121     public boolean isVerified() {
 122         return hash.isEmpty();
 123     }
 124 }