1 package org.cacert.gigi.pages.main;
3 import java.io.IOException;
4 import java.io.InputStreamReader;
5 import java.io.PrintWriter;
6 import java.io.UnsupportedEncodingException;
7 import java.sql.PreparedStatement;
8 import java.sql.ResultSet;
9 import java.sql.SQLException;
11 import java.util.HashMap;
14 import javax.servlet.http.HttpServletRequest;
16 import org.cacert.gigi.Language;
17 import org.cacert.gigi.User;
18 import org.cacert.gigi.database.DatabaseConnection;
19 import org.cacert.gigi.email.EmailProvider;
20 import org.cacert.gigi.output.DateSelector;
21 import org.cacert.gigi.output.Form;
22 import org.cacert.gigi.output.Template;
23 import org.cacert.gigi.pages.Page;
24 import org.cacert.gigi.util.HTMLEncoder;
25 import org.cacert.gigi.util.Notary;
26 import org.cacert.gigi.util.PasswordStrengthChecker;
27 import org.cacert.gigi.util.RandomToken;
28 import org.cacert.gigi.util.ServerConstants;
30 public class Signup extends Form {
31 User buildup = new User();
33 boolean general = true, country = true, regional = true, radius = true;
36 t = new Template(new InputStreamReader(
37 Signup.class.getResourceAsStream("Signup.templ"), "UTF-8"));
38 } catch (UnsupportedEncodingException e) {
44 buildup.setSuffix("");
46 buildup.setDob(new Date(0));
48 DateSelector myDoB = new DateSelector("day", "month", "year");
51 public void outputContent(PrintWriter out, Language l,
52 Map<String, Object> outerVars) {
53 HashMap<String, Object> vars = new HashMap<String, Object>();
54 vars.put("fname", HTMLEncoder.encodeHTML(buildup.getFname()));
55 vars.put("mname", HTMLEncoder.encodeHTML(buildup.getMname()));
56 vars.put("lname", HTMLEncoder.encodeHTML(buildup.getLname()));
57 vars.put("suffix", HTMLEncoder.encodeHTML(buildup.getSuffix()));
58 vars.put("dob", myDoB);
59 vars.put("email", HTMLEncoder.encodeHTML(buildup.getEmail()));
60 vars.put("general", general ? " checked=\"checked\"" : "");
61 vars.put("country", country ? " checked=\"checked\"" : "");
62 vars.put("regional", regional ? " checked=\"checked\"" : "");
63 vars.put("radius", radius ? " checked=\"checked\"" : "");
67 l.getTranslation("Help on Names %sin the wiki%s"),
68 "<a href=\"//wiki.cacert.org/FAQ/HowToEnterNamesInJoinForm\" target=\"_blank\">",
70 t.output(out, l, vars);
72 private void update(HttpServletRequest r) {
73 if (r.getParameter("fname") != null) {
74 buildup.setFname(r.getParameter("fname"));
76 if (r.getParameter("lname") != null) {
77 buildup.setLname(r.getParameter("lname"));
79 if (r.getParameter("mname") != null) {
80 buildup.setMname(r.getParameter("mname"));
82 if (r.getParameter("suffix") != null) {
83 buildup.setSuffix(r.getParameter("suffix"));
85 if (r.getParameter("email") != null) {
86 buildup.setEmail(r.getParameter("email"));
88 general = "1".equals(r.getParameter("general"));
89 country = "1".equals(r.getParameter("country"));
90 regional = "1".equals(r.getParameter("regional"));
91 radius = "1".equals(r.getParameter("radius"));
96 public synchronized boolean submit(PrintWriter out, HttpServletRequest req) {
98 boolean failed = false;
99 out.println("<div class='formError'>");
100 if (buildup.getFname().equals("") || buildup.getLname().equals("")) {
101 outputError(out, req, "First and/or last names were blank.");
104 if (!myDoB.isValid()) {
105 outputError(out, req, "Invalid date of birth");
108 if (!"1".equals(req.getParameter("cca_agree"))) {
109 outputError(out, req,
110 "You have to agree to the CAcert Community agreement.");
113 if (buildup.getEmail().equals("")) {
114 outputError(out, req, "Email Address was blank");
117 String pw1 = req.getParameter("pword1");
118 String pw2 = req.getParameter("pword2");
119 if (pw1 == null || pw1.equals("")) {
120 outputError(out, req, "Pass Phrases were blank");
122 } else if (!pw1.equals(pw2)) {
123 outputError(out, req, "Pass Phrases don't match");
126 int pwpoints = PasswordStrengthChecker.checkpw(pw1, buildup);
131 "The Pass Phrase you submitted failed to contain enough"
132 + " differing characters and/or contained words from"
133 + " your name and/or email address.");
137 out.println("</div>");
141 PreparedStatement q1 = DatabaseConnection.getInstance().prepare(
142 "select * from `email` where `email`=? and `deleted`=0");
143 PreparedStatement q2 = DatabaseConnection.getInstance().prepare(
144 "select * from `users` where `email`=? and `deleted`=0");
145 q1.setString(1, buildup.getEmail());
146 q2.setString(1, buildup.getEmail());
147 ResultSet r1 = q1.executeQuery();
148 ResultSet r2 = q2.executeQuery();
149 if (r1.next() || r2.next()) {
150 outputError(out, req,
151 "This email address is currently valid in the system.");
156 PreparedStatement q3 = DatabaseConnection
159 "select `domain` from `baddomains` where `domain`=RIGHT(?, LENGTH(`domain`))");
160 q3.setString(1, buildup.getEmail());
162 ResultSet r3 = q3.executeQuery();
164 String domain = r3.getString(1);
166 out.print(String.format(
168 "We don't allow signups from people using email addresses from %s"),
170 out.println("</div>");
174 } catch (SQLException e) {
178 String mailResult = EmailProvider.FAIL;
180 mailResult = EmailProvider.getInstance().checkEmailServer(0,
182 } catch (IOException e) {
184 if (!mailResult.equals(EmailProvider.OK)) {
185 if (mailResult.startsWith("4")) {
189 "The mail server responsible for your domain indicated"
190 + " a temporary failure. This may be due to anti-SPAM measures, such"
191 + " as greylisting. Please try again in a few minutes.");
196 "Email Address given was invalid, or a test connection"
197 + " couldn't be made to your server, or the server"
198 + " rejected the email address as invalid");
200 if (mailResult.equals(EmailProvider.FAIL)) {
201 outputError(out, req,
202 "Failed to make a connection to the mail server");
205 out.print(mailResult);
206 out.println("</div>");
211 out.println("</div>");
217 } catch (SQLException e) {
223 private void run(HttpServletRequest req, String password)
224 throws SQLException {
226 DatabaseConnection.getInstance().beginTransaction();
227 String hash = RandomToken.generateToken(16);
229 buildup.setDob(myDoB.getDate());
230 buildup.insert(password);
231 int memid = buildup.getId();
232 PreparedStatement ps = DatabaseConnection.getInstance().prepare(
233 "insert into `email` set `email`=?,"
234 + " `hash`=?, `created`=NOW(),`memid`=?");
235 ps.setString(1, buildup.getEmail());
236 ps.setString(2, hash);
239 int emailid = DatabaseConnection.lastInsertId(ps);
240 ps = DatabaseConnection
243 "insert into `alerts` set `memid`=?,"
244 + " `general`=?, `country`=?, `regional`=?, `radius`=?");
246 ps.setString(2, general ? "1" : "0");
247 ps.setString(3, country ? "1" : "0");
248 ps.setString(4, regional ? "1" : "0");
249 ps.setString(5, radius ? "1" : "0");
251 Notary.writeUserAgreement(memid, "CCA", "account creation", "",
254 StringBuffer body = new StringBuffer();
258 "Thanks for signing up with CAcert.org, below is the link you need to open to verify your account. Once your account is verified you will be able to start issuing certificates till your hearts' content!"));
259 body.append("\n\nhttps://");
260 body.append(ServerConstants.getWwwHostNamePort());
261 body.append("/verify?type=email&id=");
262 body.append(emailid);
263 body.append("&hash=");
266 body.append(Page.translate(req, "Best regards"));
268 body.append(Page.translate(req, "CAcert.org Support!"));
270 EmailProvider.getInstance().sendmail(buildup.getEmail(),
271 "[CAcert.org] " + Page.translate(req, "Mail Probe"),
272 body.toString(), "support@cacert.org", null, null,
274 } catch (IOException e) {
277 DatabaseConnection.getInstance().commitTransaction();
279 DatabaseConnection.getInstance().quitTransaction();