1 package org.cacert.gigi.pages.main;
3 import java.io.IOException;
4 import java.io.InputStreamReader;
5 import java.io.PrintWriter;
6 import java.io.UnsupportedEncodingException;
7 import java.sql.PreparedStatement;
8 import java.sql.ResultSet;
9 import java.sql.SQLException;
10 import java.util.Date;
11 import java.util.HashMap;
13 import javax.servlet.ServletRequest;
14 import javax.servlet.http.HttpServletRequest;
16 import org.cacert.gigi.Language;
17 import org.cacert.gigi.User;
18 import org.cacert.gigi.database.DatabaseConnection;
19 import org.cacert.gigi.email.EmailProvider;
20 import org.cacert.gigi.output.DateSelector;
21 import org.cacert.gigi.output.Template;
22 import org.cacert.gigi.pages.Page;
23 import org.cacert.gigi.util.HTMLEncoder;
24 import org.cacert.gigi.util.Notary;
25 import org.cacert.gigi.util.PasswordStrengthChecker;
26 import org.cacert.gigi.util.RandomToken;
27 import org.cacert.gigi.util.ServerConstants;
30 User buildup = new User();
32 boolean general = true, country = true, regional = true, radius = true;
35 t = new Template(new InputStreamReader(
36 Signup.class.getResourceAsStream("Signup.templ"), "UTF-8"));
37 } catch (UnsupportedEncodingException e) {
43 buildup.setSuffix("");
45 buildup.setDob(new Date(0));
47 DateSelector myDoB = new DateSelector("day", "month", "year");
49 public void writeForm(PrintWriter out, Language l) {
50 HashMap<String, Object> vars = new HashMap<String, Object>();
51 vars.put("fname", HTMLEncoder.encodeHTML(buildup.getFname()));
52 vars.put("mname", HTMLEncoder.encodeHTML(buildup.getMname()));
53 vars.put("lname", HTMLEncoder.encodeHTML(buildup.getLname()));
54 vars.put("suffix", HTMLEncoder.encodeHTML(buildup.getSuffix()));
55 vars.put("dob", myDoB);
56 vars.put("email", HTMLEncoder.encodeHTML(buildup.getEmail()));
57 vars.put("general", general ? " checked=\"checked\"" : "");
58 vars.put("country", country ? " checked=\"checked\"" : "");
59 vars.put("regional", regional ? " checked=\"checked\"" : "");
60 vars.put("radius", radius ? " checked=\"checked\"" : "");
64 l.getTranslation("Help on Names %sin the wiki%s"),
65 "<a href=\"//wiki.cacert.org/FAQ/HowToEnterNamesInJoinForm\" target=\"_blank\">",
67 t.output(out, l, vars);
69 private void update(HttpServletRequest r) {
70 if (r.getParameter("fname") != null) {
71 buildup.setFname(r.getParameter("fname"));
73 if (r.getParameter("lname") != null) {
74 buildup.setLname(r.getParameter("lname"));
76 if (r.getParameter("mname") != null) {
77 buildup.setMname(r.getParameter("mname"));
79 if (r.getParameter("suffix") != null) {
80 buildup.setSuffix(r.getParameter("suffix"));
82 if (r.getParameter("email") != null) {
83 buildup.setEmail(r.getParameter("email"));
85 general = "1".equals(r.getParameter("general"));
86 country = "1".equals(r.getParameter("country"));
87 regional = "1".equals(r.getParameter("regional"));
88 radius = "1".equals(r.getParameter("radius"));
92 public synchronized boolean submit(PrintWriter out, HttpServletRequest req) {
94 boolean failed = false;
95 out.println("<div class='formError'>");
96 if (buildup.getFname().equals("") || buildup.getLname().equals("")) {
97 outputError(out, req, "First and/or last names were blank.");
100 if (!myDoB.isValid()) {
101 outputError(out, req, "Invalid date of birth");
104 if (!"1".equals(req.getParameter("cca_agree"))) {
105 outputError(out, req,
106 "You have to agree to the CAcert Community agreement.");
109 if (buildup.getEmail().equals("")) {
110 outputError(out, req, "Email Address was blank");
113 String pw1 = req.getParameter("pword1");
114 String pw2 = req.getParameter("pword2");
115 if (pw1 == null || pw1.equals("")) {
116 outputError(out, req, "Pass Phrases were blank");
118 } else if (!pw1.equals(pw2)) {
119 outputError(out, req, "Pass Phrases don't match");
122 int pwpoints = PasswordStrengthChecker.checkpw(pw1, buildup);
127 "The Pass Phrase you submitted failed to contain enough"
128 + " differing characters and/or contained words from"
129 + " your name and/or email address.");
133 out.println("</div>");
137 PreparedStatement q1 = DatabaseConnection.getInstance().prepare(
138 "select * from `email` where `email`=? and `deleted`=0");
139 PreparedStatement q2 = DatabaseConnection.getInstance().prepare(
140 "select * from `users` where `email`=? and `deleted`=0");
141 q1.setString(1, buildup.getEmail());
142 q2.setString(1, buildup.getEmail());
143 ResultSet r1 = q1.executeQuery();
144 ResultSet r2 = q2.executeQuery();
145 if (r1.next() || r2.next()) {
146 outputError(out, req,
147 "This email address is currently valid in the system.");
152 PreparedStatement q3 = DatabaseConnection
155 "select `domain` from `baddomains` where `domain`=RIGHT(?, LENGTH(`domain`))");
156 q3.setString(1, buildup.getEmail());
158 ResultSet r3 = q3.executeQuery();
160 String domain = r3.getString(1);
162 out.print(String.format(
164 "We don't allow signups from people using email addresses from %s"),
166 out.println("</div>");
170 } catch (SQLException e) {
174 String mailResult = EmailProvider.FAIL;
176 mailResult = EmailProvider.getInstance().checkEmailServer(0,
178 } catch (IOException e) {
180 if (!mailResult.equals(EmailProvider.OK)) {
181 if (mailResult.startsWith("4")) {
185 "The mail server responsible for your domain indicated"
186 + " a temporary failure. This may be due to anti-SPAM measures, such"
187 + " as greylisting. Please try again in a few minutes.");
192 "Email Address given was invalid, or a test connection"
193 + " couldn't be made to your server, or the server"
194 + " rejected the email address as invalid");
196 if (mailResult.equals(EmailProvider.FAIL)) {
197 outputError(out, req,
198 "Failed to make a connection to the mail server");
201 out.print(mailResult);
202 out.println("</div>");
207 out.println("</div>");
213 } catch (SQLException e) {
218 private void outputError(PrintWriter out, ServletRequest req, String text) {
220 out.print(Page.translate(req, text));
221 out.println("</div>");
224 private void run(HttpServletRequest req, String password)
225 throws SQLException {
227 DatabaseConnection.getInstance().beginTransaction();
228 String hash = RandomToken.generateToken(16);
230 buildup.setDob(myDoB.getDate());
231 buildup.insert(password);
232 int memid = buildup.getId();
233 PreparedStatement ps = DatabaseConnection.getInstance().prepare(
234 "insert into `email` set `email`=?,"
235 + " `hash`=?, `created`=NOW(),`memid`=?");
236 ps.setString(1, buildup.getEmail());
237 ps.setString(2, hash);
240 int emailid = DatabaseConnection.lastInsertId(ps);
241 ps = DatabaseConnection
244 "insert into `alerts` set `memid`=?,"
245 + " `general`=?, `country`=?, `regional`=?, `radius`=?");
247 ps.setString(2, general ? "1" : "0");
248 ps.setString(3, country ? "1" : "0");
249 ps.setString(4, regional ? "1" : "0");
250 ps.setString(5, radius ? "1" : "0");
252 Notary.writeUserAgreement(memid, "CCA", "account creation", "",
255 StringBuffer body = new StringBuffer();
259 "Thanks for signing up with CAcert.org, below is the link you need to open to verify your account. Once your account is verified you will be able to start issuing certificates till your hearts' content!"));
261 body.append(ServerConstants.NORMAL_HOST_NAME);
262 body.append("/verify?type=email&id=");
263 body.append(emailid);
264 body.append("&hash=");
267 body.append(Page.translate(req, "Best regards"));
269 body.append(Page.translate(req, "CAcert.org Support!"));
271 EmailProvider.getInstance().sendmail(buildup.getEmail(),
272 "[CAcert.org] " + Page.translate(req, "Mail Probe"),
273 body.toString(), "support@cacert.org", null, null,
275 } catch (IOException e) {
278 DatabaseConnection.getInstance().commitTransaction();
280 DatabaseConnection.getInstance().quitTransaction();