src/org/cacert/gigi/pages/wot/AssurePage.java

   1 package org.cacert.gigi.pages.wot;
   2
   3 import java.io.IOException;
   4 import java.io.PrintWriter;
   5 import java.sql.PreparedStatement;
   6 import java.sql.ResultSet;
   7 import java.sql.SQLException;
   8 import java.util.HashMap;
   9
  10 import javax.servlet.http.HttpServletRequest;
  11 import javax.servlet.http.HttpServletResponse;
  12
  13 import org.cacert.gigi.User;
  14 import org.cacert.gigi.database.DatabaseConnection;
  15 import org.cacert.gigi.output.DateSelector;
  16 import org.cacert.gigi.output.Form;
  17 import org.cacert.gigi.output.template.Template;
  18 import org.cacert.gigi.pages.LoginPage;
  19 import org.cacert.gigi.pages.Page;
  20 import org.cacert.gigi.util.Notary;
  21 import org.cacert.gigi.util.Notary.AssuranceResult;
  22
  23 public class AssurePage extends Page {
  24
  25     public static final String PATH = "/wot/assure";
  26
  27     DateSelector ds = new DateSelector("day", "month", "year");
  28
  29     Template t;
  30
  31     public AssurePage() {
  32         super("Assure someone");
  33         t = new Template(AssuranceForm.class.getResource("AssureeSearch.templ"));
  34
  35     }
  36
  37     @Override
  38     public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
  39
  40         PrintWriter out = resp.getWriter();
  41         String pi = req.getPathInfo().substring(PATH.length());
  42         if (pi.length() > 1) {
  43             int mid = Integer.parseInt(pi.substring(1));
  44             AssuranceForm form = new AssuranceForm(req, mid);
  45             outputForm(req, out, mid, form);
  46
  47         } else {
  48             HashMap<String, Object> vars = new HashMap<String, Object>();
  49             vars.put("DoB", ds);
  50             t.output(out, getLanguage(req), vars);
  51         }
  52     }
  53
  54     private void outputForm(HttpServletRequest req, PrintWriter out, int mid, AssuranceForm form) {
  55         User myself = LoginPage.getUser(req);
  56         AssuranceResult check = Notary.checkAssuranceIsPossible(myself, new User(mid));
  57         if (check != AssuranceResult.ASSURANCE_SUCCEDED) {
  58             out.println(translate(req, check.getMessage()));
  59             return;
  60         }
  61         if (form == null || form.assuree.getId() != mid) {
  62             form = new AssuranceForm(req, mid);
  63         }
  64
  65         form.output(out, getLanguage(req), new HashMap<String, Object>());
  66     }
  67
  68     @Override
  69     public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
  70         PrintWriter out = resp.getWriter();
  71         String pi = req.getPathInfo().substring(PATH.length());
  72         if (pi.length() > 1) {
  73             User myself = getUser(req);
  74             int mid = Integer.parseInt(pi.substring(1));
  75             if (mid == myself.getId()) {
  76                 out.println(translate(req, "Cannot assure myself."));
  77                 return;
  78             }
  79
  80             AssuranceForm form = Form.getForm(req, AssuranceForm.class);
  81             if (mid != form.assuree.getId()) {
  82                 return;
  83             }
  84             if (form.submit(out, req)) {
  85                 out.println(translate(req, "Assurance complete."));
  86             } else {
  87                 outputForm(req, resp.getWriter(), mid, form);
  88             }
  89
  90             return;
  91         }
  92
  93         ResultSet rs = null;
  94         try {
  95             PreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT id, verified FROM users WHERE email=? AND dob=? AND deleted=0");
  96             ps.setString(1, req.getParameter("email"));
  97             String day = req.getParameter("year") + "-" + req.getParameter("month") + "-" + req.getParameter("day");
  98             ps.setString(2, day);
  99             rs = ps.executeQuery();
 100             int id = 0;
 101             if (rs.next()) {
 102                 id = rs.getInt(1);
 103                 int verified = rs.getInt(2);
 104                 if (rs.next()) {
 105                     out.println("Error, ambigous user. Please contact support@cacert.org.");
 106                 } else {
 107                     if (verified == 0) {
 108                         out.println(translate(req, "User is not yet verified. Please try again in 24 hours!"));
 109                     }
 110                     resp.sendRedirect(PATH + "/" + id);
 111                 }
 112             } else {
 113                 out.print("<div class='formError'>");
 114
 115                 out.println(translate(req, "I'm sorry, there was no email and date of birth matching" + " what you entered in the system. Please double check" + " your information."));
 116                 out.print("</div>");
 117             }
 118
 119             rs.close();
 120         } catch (SQLException e) {
 121             e.printStackTrace();
 122         } finally {
 123             try {
 124                 if (rs != null) {
 125                     rs.close();
 126                 }
 127             } catch (SQLException e) {
 128                 e.printStackTrace();
 129             }
 130         }
 131     }
 132 }