src/org/cacert/gigi/pages/main/Signup.java

   1 package org.cacert.gigi.pages.main;
   2
   3 import java.io.InputStreamReader;
   4 import java.io.PrintWriter;
   5 import java.io.UnsupportedEncodingException;
   6 import java.sql.PreparedStatement;
   7 import java.sql.ResultSet;
   8 import java.sql.SQLException;
   9 import java.util.Date;
  10 import java.util.HashMap;
  11
  12 import javax.servlet.ServletRequest;
  13
  14 import org.cacert.gigi.Language;
  15 import org.cacert.gigi.User;
  16 import org.cacert.gigi.database.DatabaseConnection;
  17 import org.cacert.gigi.output.DateSelector;
  18 import org.cacert.gigi.output.Template;
  19 import org.cacert.gigi.pages.Page;
  20 import org.cacert.gigi.util.HTMLEncoder;
  21
  22 public class Signup {
  23         User buildup = new User();
  24         String password;
  25         String password2;
  26         Template t;
  27         boolean general = true, country = true, regional = true, radius = true;
  28         public Signup() {
  29                 try {
  30                         t = new Template(new InputStreamReader(
  31                                         Signup.class.getResourceAsStream("Signup.templ"), "UTF-8"));
  32                 } catch (UnsupportedEncodingException e) {
  33                         e.printStackTrace();
  34                 }
  35                 buildup.setFname("");
  36                 buildup.setMname("");
  37                 buildup.setLname("");
  38                 buildup.setSuffix("");
  39                 buildup.setEmail("");
  40                 buildup.setDob(new Date(0));
  41         }
  42         DateSelector myDoB = new DateSelector("day", "month", "year");
  43
  44         public void writeForm(PrintWriter out, Language l) {
  45                 HashMap<String, Object> vars = new HashMap<String, Object>();
  46                 vars.put("fname", HTMLEncoder.encodeHTML(buildup.getFname()));
  47                 vars.put("mname", HTMLEncoder.encodeHTML(buildup.getMname()));
  48                 vars.put("lname", HTMLEncoder.encodeHTML(buildup.getLname()));
  49                 vars.put("suffix", HTMLEncoder.encodeHTML(buildup.getSuffix()));
  50                 vars.put("dob", myDoB);
  51                 vars.put("email", HTMLEncoder.encodeHTML(buildup.getEmail()));
  52                 vars.put("general", general ? " checked=\"checked\"" : "");
  53                 vars.put("country", country ? " checked=\"checked\"" : "");
  54                 vars.put("regional", regional ? " checked=\"checked\"" : "");
  55                 vars.put("radius", radius ? " checked=\"checked\"" : "");
  56                 vars.put(
  57                                 "helpOnNames",
  58                                 String.format(
  59                                                 l.getTranslation("Help on Names %sin the wiki%s"),
  60                                                 "<a href=\"//wiki.cacert.org/FAQ/HowToEnterNamesInJoinForm\" target=\"_blank\">",
  61                                                 "</a>"));
  62                 t.output(out, l, vars);
  63         }
  64         private void update(ServletRequest r) {
  65                 if (r.getParameter("fname") != null) {
  66                         buildup.setFname(r.getParameter("fname"));
  67                 }
  68                 if (r.getParameter("lname") != null) {
  69                         buildup.setLname(r.getParameter("lname"));
  70                 }
  71                 if (r.getParameter("mname") != null) {
  72                         buildup.setMname(r.getParameter("mname"));
  73                 }
  74                 if (r.getParameter("suffix") != null) {
  75                         buildup.setSuffix(r.getParameter("suffix"));
  76                 }
  77                 if (r.getParameter("email") != null) {
  78                         buildup.setEmail(r.getParameter("email"));
  79                 }
  80                 general = "1".equals(r.getParameter("general"));
  81                 country = "1".equals(r.getParameter("country"));
  82                 regional = "1".equals(r.getParameter("regional"));
  83                 radius = "1".equals(r.getParameter("radius"));
  84         }
  85
  86         public boolean submit(PrintWriter out, ServletRequest req) {
  87                 update(req);
  88                 boolean failed = false;
  89                 out.println("<div class='formError'>");
  90                 if (buildup.getFname().equals("") || buildup.getLname().equals("")) {
  91                         outputError(out, req, "First and/or last names were blank.");
  92                         failed = true;
  93                 }
  94                 if (!myDoB.isValid()) {
  95                         outputError(out, req, "Invalid date of birth");
  96                         failed = true;
  97                 }
  98                 if (buildup.getEmail().equals("")) {
  99                         outputError(out, req, "Email Address was blank");
 100                         failed = true;
 101                 }
 102                 String pw1 = req.getParameter("pword1");
 103                 String pw2 = req.getParameter("pword2");
 104                 if (pw1 == null || pw1.equals("")) {
 105                         outputError(out, req, "Pass Phrases were blank");
 106                         failed = true;
 107                 } else if (!pw1.equals(pw2)) {
 108                         outputError(out, req, "Pass Phrases don't match");
 109                         failed = true;
 110                 }
 111                 // TODO check password strength
 112                 try {
 113                         PreparedStatement q1 = DatabaseConnection.getInstance().prepare(
 114                                         "select * from `email` where `email`=? and `deleted`=0");
 115                         PreparedStatement q2 = DatabaseConnection.getInstance().prepare(
 116                                         "select * from `users` where `email`=? and `deleted`=0");
 117                         q1.setString(1, buildup.getEmail());
 118                         q2.setString(1, buildup.getEmail());
 119                         ResultSet r1 = q1.executeQuery();
 120                         ResultSet r2 = q2.executeQuery();
 121                         if (r1.next() || r2.next()) {
 122                                 outputError(out, req,
 123                                                 "This email address is currently valid in the system.");
 124                                 failed = true;
 125                         }
 126                         r1.close();
 127                         r2.close();
 128                         PreparedStatement q3 = DatabaseConnection
 129                                         .getInstance()
 130                                         .prepare(
 131                                                         "select `domain` from `baddomains` where `domain`=RIGHT(?, LENGTH(`domain`))");
 132                         q3.setString(1, buildup.getEmail());
 133
 134                         ResultSet r3 = q3.executeQuery();
 135                         if (r3.next()) {
 136                                 String domain = r3.getString(1);
 137                                 out.print("<div>");
 138                                 out.print(String.format(
 139                                                 Page.translate(req,
 140                                                                 "We don't allow signups from people using email addresses from %s"),
 141                                                 domain));
 142                                 out.println("</div>");
 143                                 failed = true;
 144                         }
 145                         r3.close();
 146                 } catch (SQLException e) {
 147                         e.printStackTrace();
 148                         failed = true;
 149                 }
 150                 out.println("</div>");
 151                 return failed;
 152         }
 153         private void outputError(PrintWriter out, ServletRequest req, String text) {
 154                 out.print("<div>");
 155                 out.print(Page.translate(req, text));
 156                 out.println("</div>");
 157         }
 158 }