src/org/cacert/gigi/pages/Verify.java

   1 package org.cacert.gigi.pages;
   2
   3 import java.io.IOException;
   4 import java.io.PrintWriter;
   5 import java.sql.PreparedStatement;
   6 import java.sql.ResultSet;
   7 import java.sql.SQLException;
   8
   9 import javax.servlet.http.HttpServletRequest;
  10 import javax.servlet.http.HttpServletResponse;
  11
  12 import org.cacert.gigi.database.DatabaseConnection;
  13
  14 public class Verify extends Page {
  15         public static final String PATH = "/verify";
  16         public Verify() {
  17                 super("Verify email");
  18         }
  19         @Override
  20         public boolean needsLogin() {
  21                 return false;
  22         }
  23         @Override
  24         public void doGet(HttpServletRequest req, HttpServletResponse resp)
  25                         throws IOException {
  26                 PrintWriter out = resp.getWriter();
  27                 String hash = req.getParameter("hash");
  28                 String type = req.getParameter("type");
  29                 String id = req.getParameter("id");
  30                 if ("email".equals(type)) {
  31                         try {
  32                                 PreparedStatement ps = DatabaseConnection
  33                                                 .getInstance()
  34                                                 .prepare(
  35                                                                 "select email, memid from `email` where `id`=? and `hash`=? and `hash` != '' and `deleted` = 0");
  36                                 ps.setString(1, id);
  37                                 ps.setString(2, hash);
  38                                 ResultSet rs = ps.executeQuery();
  39                                 rs.last();
  40                                 if (rs.getRow() == 1) {
  41                                         PreparedStatement ps1 = DatabaseConnection
  42                                                         .getInstance()
  43                                                         .prepare(
  44                                                                         "update `email` set `hash`='', `modified`=NOW() where `id`=?");
  45                                         ps1.setString(1, id);
  46                                         ps1.execute();
  47                                         PreparedStatement ps2 = DatabaseConnection
  48                                                         .getInstance()
  49                                                         .prepare(
  50                                                                         "update `users` set `verified`='1' where `id`=? and `email`=? and `verified`='0'");
  51                                         ps2.setString(1, rs.getString(2));
  52                                         ps2.setString(2, rs.getString(1));
  53                                         ps2.execute();
  54                                         out.println("Your email is good.");
  55                                 } else {
  56                                         out.println("Your request is invalid");
  57                                 }
  58                         } catch (SQLException e) {
  59                                 e.printStackTrace();
  60                         }
  61                 }
  62         }
  63         @Override
  64         public void doPost(HttpServletRequest req, HttpServletResponse resp)
  65                         throws IOException {
  66                 String hash = req.getParameter("hash");
  67                 String type = req.getParameter("type");
  68                 if ("email".equals(type)) {
  69
  70                 }
  71         }
  72 }