src/org/cacert/gigi/pages/wot/AssurePage.java

   1 package org.cacert.gigi.pages.wot;
   2
   3 import java.io.IOException;
   4 import java.io.PrintWriter;
   5 import java.sql.PreparedStatement;
   6 import java.sql.ResultSet;
   7 import java.sql.SQLException;
   8 import java.util.HashMap;
   9
  10 import javax.servlet.http.HttpServletRequest;
  11 import javax.servlet.http.HttpServletResponse;
  12 import javax.servlet.http.HttpSession;
  13
  14 import org.cacert.gigi.User;
  15 import org.cacert.gigi.database.DatabaseConnection;
  16 import org.cacert.gigi.output.DateSelector;
  17 import org.cacert.gigi.output.Template;
  18 import org.cacert.gigi.pages.LoginPage;
  19 import org.cacert.gigi.pages.Page;
  20 import org.cacert.gigi.util.Notary;
  21
  22 public class AssurePage extends Page {
  23         public static final String PATH = "/wot/assure";
  24         public static final String SESSION = "/wot/assure/FORM";
  25         DateSelector ds = new DateSelector("day", "month", "year");
  26         Template t;
  27
  28         public AssurePage() {
  29                 super("Assure someone");
  30
  31         }
  32
  33         @Override
  34         public void doGet(HttpServletRequest req, HttpServletResponse resp)
  35                         throws IOException {
  36
  37                 PrintWriter out = resp.getWriter();
  38                 String pi = req.getPathInfo().substring(PATH.length());
  39                 if (pi.length() > 1) {
  40                         User myself = LoginPage.getUser(req);
  41                         int mid = Integer.parseInt(pi.substring(1));
  42
  43                         if (!Notary.checkAssuranceIsPossible(myself, new User(mid), out)) {
  44                                 return;
  45                         }
  46                         HttpSession hs = req.getSession();
  47                         AssuranceForm form = (AssuranceForm) hs.getAttribute(SESSION);
  48                         if (form == null || form.assuree.getId() != mid) {
  49                                 form = new AssuranceForm(mid);
  50                                 hs.setAttribute(SESSION, form);
  51                         }
  52
  53                         form.output(out, getLanguage(req), new HashMap<String, Object>());;
  54                 } else {
  55                         HashMap<String, Object> vars = new HashMap<String, Object>();
  56                         vars.put("DoB", ds);
  57                         t.output(out, getLanguage(req), vars);
  58                 }
  59         }
  60         @Override
  61         public void doPost(HttpServletRequest req, HttpServletResponse resp)
  62                         throws IOException {
  63                 PrintWriter out = resp.getWriter();
  64                 String pi = req.getPathInfo().substring(PATH.length());
  65                 if (pi.length() > 1) {
  66                         User myself = LoginPage.getUser(req);
  67                         int mid = Integer.parseInt(pi.substring(1));
  68                         if (mid == myself.getId()) {
  69                                 out.println("Cannot assure myself.");
  70                                 return;
  71                         }
  72
  73                         AssuranceForm form = (AssuranceForm) req.getSession().getAttribute(
  74                                         SESSION);
  75                         if (form == null) {
  76                                 out.println("No form found. This is an Error. Fill in the form again.");
  77                                 return;
  78                         }
  79                         form.submit(out, req);
  80
  81                         return;
  82                 }
  83
  84                 System.out.println("searching for");
  85                 ResultSet rs = null;
  86                 try {
  87                         PreparedStatement ps = DatabaseConnection
  88                                         .getInstance()
  89                                         .prepare(
  90                                                         "SELECT id, verified FROM users WHERE email=? AND dob=? AND deleted=0");
  91                         ps.setString(1, req.getParameter("email"));
  92                         String day = req.getParameter("year") + "-"
  93                                         + req.getParameter("month") + "-" + req.getParameter("day");
  94                         ps.setString(2, day);
  95                         rs = ps.executeQuery();
  96                         int id = 0;
  97                         if (rs.next()) {
  98                                 id = rs.getInt(1);
  99                                 int verified = rs.getInt(2);
 100                                 if (rs.next()) {
 101                                         out.println("Error, ambigous user. Please contact support@cacert.org.");
 102                                 } else {
 103                                         if (verified == 0) {
 104                                                 out.println(translate(req,
 105                                                                 "User is not yet verified. Please try again in 24 hours!"));
 106                                         }
 107                                         resp.sendRedirect(PATH + "/" + id);
 108                                 }
 109                         } else {
 110                                 out.print("<div class='formError'>");
 111
 112                                 out.println(translate(
 113                                                 req,
 114                                                 "I'm sorry, there was no email and date of birth matching"
 115                                                                 + " what you entered in the system. Please double check"
 116                                                                 + " your information."));
 117                                 out.print("</div>");
 118                         }
 119
 120                         rs.close();
 121                 } catch (SQLException e) {
 122                         e.printStackTrace();
 123                 } finally {
 124                         try {
 125                                 if (rs != null) {
 126                                         rs.close();
 127                                 }
 128                         } catch (SQLException e) {
 129                                 e.printStackTrace();
 130                         }
 131                 }
 132         }
 133 }