src/org/cacert/gigi/pages/wot/AssurePage.java

   1 package org.cacert.gigi.pages.wot;
   2
   3 import java.io.IOException;
   4 import java.io.InputStreamReader;
   5 import java.io.PrintWriter;
   6 import java.sql.PreparedStatement;
   7 import java.sql.ResultSet;
   8 import java.sql.SQLException;
   9 import java.util.HashMap;
  10
  11 import javax.servlet.http.HttpServletRequest;
  12 import javax.servlet.http.HttpServletResponse;
  13 import javax.servlet.http.HttpSession;
  14
  15 import org.cacert.gigi.User;
  16 import org.cacert.gigi.database.DatabaseConnection;
  17 import org.cacert.gigi.output.DateSelector;
  18 import org.cacert.gigi.output.Template;
  19 import org.cacert.gigi.pages.LoginPage;
  20 import org.cacert.gigi.pages.Page;
  21 import org.cacert.gigi.util.Notary;
  22
  23 public class AssurePage extends Page {
  24         public static final String PATH = "/wot/assure";
  25         public static final String SESSION = "/wot/assure/FORM";
  26         DateSelector ds = new DateSelector("day", "month", "year");
  27         Template t;
  28
  29         public AssurePage() {
  30                 super("Assure someone");
  31                 t = new Template(new InputStreamReader(
  32                                 AssuranceForm.class.getResourceAsStream("AssureeSearch.templ")));
  33
  34         }
  35
  36         @Override
  37         public void doGet(HttpServletRequest req, HttpServletResponse resp)
  38                         throws IOException {
  39
  40                 PrintWriter out = resp.getWriter();
  41                 String pi = req.getPathInfo().substring(PATH.length());
  42                 if (pi.length() > 1) {
  43                         User myself = LoginPage.getUser(req);
  44                         int mid = Integer.parseInt(pi.substring(1));
  45
  46                         if (!Notary.checkAssuranceIsPossible(myself, new User(mid), out)) {
  47                                 return;
  48                         }
  49                         HttpSession hs = req.getSession();
  50                         AssuranceForm form = (AssuranceForm) hs.getAttribute(SESSION);
  51                         if (form == null || form.assuree.getId() != mid) {
  52                                 form = new AssuranceForm(mid);
  53                                 hs.setAttribute(SESSION, form);
  54                         }
  55
  56                         form.output(out, getLanguage(req), new HashMap<String, Object>());;
  57                 } else {
  58                         HashMap<String, Object> vars = new HashMap<String, Object>();
  59                         vars.put("DoB", ds);
  60                         t.output(out, getLanguage(req), vars);
  61                 }
  62         }
  63         @Override
  64         public void doPost(HttpServletRequest req, HttpServletResponse resp)
  65                         throws IOException {
  66                 PrintWriter out = resp.getWriter();
  67                 String pi = req.getPathInfo().substring(PATH.length());
  68                 if (pi.length() > 1) {
  69                         User myself = LoginPage.getUser(req);
  70                         int mid = Integer.parseInt(pi.substring(1));
  71                         if (mid == myself.getId()) {
  72                                 out.println("Cannot assure myself.");
  73                                 return;
  74                         }
  75
  76                         AssuranceForm form = (AssuranceForm) req.getSession().getAttribute(
  77                                         SESSION);
  78                         if (form == null) {
  79                                 out.println("No form found. This is an Error. Fill in the form again.");
  80                                 return;
  81                         }
  82                         form.submit(out, req);
  83
  84                         return;
  85                 }
  86
  87                 System.out.println("searching for");
  88                 ResultSet rs = null;
  89                 try {
  90                         PreparedStatement ps = DatabaseConnection
  91                                         .getInstance()
  92                                         .prepare(
  93                                                         "SELECT id, verified FROM users WHERE email=? AND dob=? AND deleted=0");
  94                         ps.setString(1, req.getParameter("email"));
  95                         String day = req.getParameter("year") + "-"
  96                                         + req.getParameter("month") + "-" + req.getParameter("day");
  97                         ps.setString(2, day);
  98                         rs = ps.executeQuery();
  99                         int id = 0;
 100                         if (rs.next()) {
 101                                 id = rs.getInt(1);
 102                                 int verified = rs.getInt(2);
 103                                 if (rs.next()) {
 104                                         out.println("Error, ambigous user. Please contact support@cacert.org.");
 105                                 } else {
 106                                         if (verified == 0) {
 107                                                 out.println(translate(req,
 108                                                                 "User is not yet verified. Please try again in 24 hours!"));
 109                                         }
 110                                         resp.sendRedirect(PATH + "/" + id);
 111                                 }
 112                         } else {
 113                                 out.print("<div class='formError'>");
 114
 115                                 out.println(translate(
 116                                                 req,
 117                                                 "I'm sorry, there was no email and date of birth matching"
 118                                                                 + " what you entered in the system. Please double check"
 119                                                                 + " your information."));
 120                                 out.print("</div>");
 121                         }
 122
 123                         rs.close();
 124                 } catch (SQLException e) {
 125                         e.printStackTrace();
 126                 } finally {
 127                         try {
 128                                 if (rs != null) {
 129                                         rs.close();
 130                                 }
 131                         } catch (SQLException e) {
 132                                 e.printStackTrace();
 133                         }
 134                 }
 135         }
 136 }