src/org/cacert/gigi/pages/Verify.java

   1 package org.cacert.gigi.pages;
   2
   3 import java.io.IOException;
   4 import java.io.PrintWriter;
   5 import java.sql.PreparedStatement;
   6 import java.sql.ResultSet;
   7 import java.sql.SQLException;
   8
   9 import javax.servlet.http.HttpServletRequest;
  10 import javax.servlet.http.HttpServletResponse;
  11
  12 import org.cacert.gigi.database.DatabaseConnection;
  13
  14 public class Verify extends Page {
  15         public static final String PATH = "/verify";
  16
  17         public Verify() {
  18                 super("Verify email");
  19         }
  20
  21         @Override
  22         public boolean needsLogin() {
  23                 return false;
  24         }
  25
  26         @Override
  27         public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
  28                 PrintWriter out = resp.getWriter();
  29                 String hash = req.getParameter("hash");
  30                 String type = req.getParameter("type");
  31                 String id = req.getParameter("id");
  32                 if ("email".equals(type)) {
  33                         try {
  34                                 PreparedStatement ps = DatabaseConnection.getInstance().prepare(
  35                                         "select email, memid from `email` where `id`=? and `hash`=? and `hash` != '' and `deleted` = 0");
  36                                 ps.setString(1, id);
  37                                 ps.setString(2, hash);
  38                                 ResultSet rs = ps.executeQuery();
  39                                 rs.last();
  40                                 if (rs.getRow() == 1) {
  41                                         PreparedStatement ps1 = DatabaseConnection.getInstance().prepare(
  42                                                 "update `email` set `hash`='', `modified`=NOW() where `id`=?");
  43                                         ps1.setString(1, id);
  44                                         ps1.execute();
  45                                         PreparedStatement ps2 = DatabaseConnection.getInstance().prepare(
  46                                                 "update `users` set `verified`='1' where `id`=? and `email`=? and `verified`='0'");
  47                                         ps2.setString(1, rs.getString(2));
  48                                         ps2.setString(2, rs.getString(1));
  49                                         ps2.execute();
  50                                         out.println("Your email is good.");
  51                                 } else {
  52                                         out.println("Your request is invalid");
  53                                 }
  54                         } catch (SQLException e) {
  55                                 e.printStackTrace();
  56                         }
  57                 }
  58         }
  59
  60         @Override
  61         public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
  62                 String hash = req.getParameter("hash");
  63                 String type = req.getParameter("type");
  64                 if ("email".equals(type)) {
  65
  66                 }
  67         }
  68 }