1 package org.cacert.gigi.pages.main;
3 import java.io.IOException;
4 import java.io.InputStreamReader;
5 import java.io.PrintWriter;
6 import java.io.UnsupportedEncodingException;
7 import java.sql.PreparedStatement;
8 import java.sql.ResultSet;
9 import java.sql.SQLException;
10 import java.util.Date;
11 import java.util.HashMap;
13 import javax.servlet.ServletRequest;
14 import javax.servlet.http.HttpServletRequest;
16 import org.cacert.gigi.Language;
17 import org.cacert.gigi.User;
18 import org.cacert.gigi.database.DatabaseConnection;
19 import org.cacert.gigi.email.EmailChecker;
20 import org.cacert.gigi.email.EmailProvider;
21 import org.cacert.gigi.output.DateSelector;
22 import org.cacert.gigi.output.Template;
23 import org.cacert.gigi.pages.Page;
24 import org.cacert.gigi.util.HTMLEncoder;
25 import org.cacert.gigi.util.Notary;
26 import org.cacert.gigi.util.PasswordStrengthChecker;
27 import org.cacert.gigi.util.RandomToken;
28 import org.cacert.gigi.util.ServerConstants;
31 User buildup = new User();
33 boolean general = true, country = true, regional = true, radius = true;
36 t = new Template(new InputStreamReader(
37 Signup.class.getResourceAsStream("Signup.templ"), "UTF-8"));
38 } catch (UnsupportedEncodingException e) {
44 buildup.setSuffix("");
46 buildup.setDob(new Date(0));
48 DateSelector myDoB = new DateSelector("day", "month", "year");
50 public void writeForm(PrintWriter out, Language l) {
51 HashMap<String, Object> vars = new HashMap<String, Object>();
52 vars.put("fname", HTMLEncoder.encodeHTML(buildup.getFname()));
53 vars.put("mname", HTMLEncoder.encodeHTML(buildup.getMname()));
54 vars.put("lname", HTMLEncoder.encodeHTML(buildup.getLname()));
55 vars.put("suffix", HTMLEncoder.encodeHTML(buildup.getSuffix()));
56 vars.put("dob", myDoB);
57 vars.put("email", HTMLEncoder.encodeHTML(buildup.getEmail()));
58 vars.put("general", general ? " checked=\"checked\"" : "");
59 vars.put("country", country ? " checked=\"checked\"" : "");
60 vars.put("regional", regional ? " checked=\"checked\"" : "");
61 vars.put("radius", radius ? " checked=\"checked\"" : "");
65 l.getTranslation("Help on Names %sin the wiki%s"),
66 "<a href=\"//wiki.cacert.org/FAQ/HowToEnterNamesInJoinForm\" target=\"_blank\">",
68 t.output(out, l, vars);
70 private void update(HttpServletRequest r) {
71 if (r.getParameter("fname") != null) {
72 buildup.setFname(r.getParameter("fname"));
74 if (r.getParameter("lname") != null) {
75 buildup.setLname(r.getParameter("lname"));
77 if (r.getParameter("mname") != null) {
78 buildup.setMname(r.getParameter("mname"));
80 if (r.getParameter("suffix") != null) {
81 buildup.setSuffix(r.getParameter("suffix"));
83 if (r.getParameter("email") != null) {
84 buildup.setEmail(r.getParameter("email"));
86 general = "1".equals(r.getParameter("general"));
87 country = "1".equals(r.getParameter("country"));
88 regional = "1".equals(r.getParameter("regional"));
89 radius = "1".equals(r.getParameter("radius"));
93 public synchronized boolean submit(PrintWriter out, HttpServletRequest req) {
95 boolean failed = false;
96 out.println("<div class='formError'>");
97 if (buildup.getFname().equals("") || buildup.getLname().equals("")) {
98 outputError(out, req, "First and/or last names were blank.");
101 if (!myDoB.isValid()) {
102 outputError(out, req, "Invalid date of birth");
105 if (!"1".equals(req.getParameter("cca_agree"))) {
106 outputError(out, req,
107 "You have to agree to the CAcert Community agreement.");
110 if (buildup.getEmail().equals("")) {
111 outputError(out, req, "Email Address was blank");
114 String pw1 = req.getParameter("pword1");
115 String pw2 = req.getParameter("pword2");
116 if (pw1 == null || pw1.equals("")) {
117 outputError(out, req, "Pass Phrases were blank");
119 } else if (!pw1.equals(pw2)) {
120 outputError(out, req, "Pass Phrases don't match");
123 int pwpoints = PasswordStrengthChecker.checkpw(pw1, buildup);
128 "The Pass Phrase you submitted failed to contain enough"
129 + " differing characters and/or contained words from"
130 + " your name and/or email address.");
134 out.println("</div>");
138 PreparedStatement q1 = DatabaseConnection.getInstance().prepare(
139 "select * from `email` where `email`=? and `deleted`=0");
140 PreparedStatement q2 = DatabaseConnection.getInstance().prepare(
141 "select * from `users` where `email`=? and `deleted`=0");
142 q1.setString(1, buildup.getEmail());
143 q2.setString(1, buildup.getEmail());
144 ResultSet r1 = q1.executeQuery();
145 ResultSet r2 = q2.executeQuery();
146 if (r1.next() || r2.next()) {
147 outputError(out, req,
148 "This email address is currently valid in the system.");
153 PreparedStatement q3 = DatabaseConnection
156 "select `domain` from `baddomains` where `domain`=RIGHT(?, LENGTH(`domain`))");
157 q3.setString(1, buildup.getEmail());
159 ResultSet r3 = q3.executeQuery();
161 String domain = r3.getString(1);
163 out.print(String.format(
165 "We don't allow signups from people using email addresses from %s"),
167 out.println("</div>");
171 } catch (SQLException e) {
175 String mailResult = EmailChecker.FAIL;
177 mailResult = EmailChecker.checkEmailServer(0, buildup.getEmail());
178 } catch (IOException e) {
180 if (!mailResult.equals(EmailChecker.OK)) {
181 if (mailResult.startsWith("4")) {
185 "The mail server responsible for your domain indicated"
186 + " a temporary failure. This may be due to anti-SPAM measures, such"
187 + " as greylisting. Please try again in a few minutes.");
192 "Email Address given was invalid, or a test connection"
193 + " couldn't be made to your server, or the server"
194 + " rejected the email address as invalid");
196 if (mailResult.equals(EmailChecker.FAIL)) {
197 outputError(out, req,
198 "Failed to make a connection to the mail server");
201 out.print(mailResult);
202 out.println("</div>");
207 out.println("</div>");
213 } catch (SQLException e) {
218 private void outputError(PrintWriter out, ServletRequest req, String text) {
220 out.print(Page.translate(req, text));
221 out.println("</div>");
224 private void run(HttpServletRequest req, String password)
225 throws SQLException {
226 String hash = RandomToken.generateToken(16);
228 buildup.insert(password);
229 int memid = buildup.getId();
230 PreparedStatement ps = DatabaseConnection.getInstance().prepare(
231 "insert into `email` set `email`=?,"
232 + " `hash`=?, `created`=NOW(),`memid`=?");
233 ps.setString(1, buildup.getEmail());
234 ps.setString(2, hash);
237 int emailid = DatabaseConnection.lastInsertId(ps);
238 ps = DatabaseConnection
241 "insert into `alerts` set `memid`=?,"
242 + " `general`=?, `country`=?, `regional`=?, `radius`=?");
244 ps.setString(2, general ? "1" : "0");
245 ps.setString(3, country ? "1" : "0");
246 ps.setString(4, regional ? "1" : "0");
247 ps.setString(5, radius ? "1" : "0");
249 Notary.writeUserAgreement(memid, "CCA", "account creation", "", true, 0);
251 StringBuffer body = new StringBuffer();
255 "Thanks for signing up with CAcert.org, below is the link you need to open to verify your account. Once your account is verified you will be able to start issuing certificates till your hearts' content!"));
257 body.append("http://");
258 body.append(ServerConstants.NORMAL_HOST_NAME);
259 body.append("/verify.php?type=email&emailid=");
260 body.append(emailid);
261 body.append("&hash=");
264 body.append(Page.translate(req, "Best regards"));
266 body.append(Page.translate(req, "CAcert.org Support!"));
268 EmailProvider.getInstance().sendmail(buildup.getEmail(),
269 "[CAcert.org] " + Page.translate(req, "Mail Probe"),
270 body.toString(), "support@cacert.org", null, null, null,
272 } catch (IOException e) {