src/org/cacert/gigi/pages/wot/AssurePage.java

   1 package org.cacert.gigi.pages.wot;
   2
   3 import java.io.IOException;
   4 import java.io.InputStreamReader;
   5 import java.io.PrintWriter;
   6 import java.sql.PreparedStatement;
   7 import java.sql.ResultSet;
   8 import java.sql.SQLException;
   9 import java.util.HashMap;
  10
  11 import javax.servlet.http.HttpServletRequest;
  12 import javax.servlet.http.HttpServletResponse;
  13 import org.cacert.gigi.User;
  14 import org.cacert.gigi.database.DatabaseConnection;
  15 import org.cacert.gigi.output.DateSelector;
  16 import org.cacert.gigi.output.Form;
  17 import org.cacert.gigi.output.Template;
  18 import org.cacert.gigi.pages.LoginPage;
  19 import org.cacert.gigi.pages.Page;
  20 import org.cacert.gigi.util.Notary;
  21 import org.cacert.gigi.util.Notary.AssuranceResult;
  22
  23 public class AssurePage extends Page {
  24         public static final String PATH = "/wot/assure";
  25         DateSelector ds = new DateSelector("day", "month", "year");
  26         Template t;
  27
  28         public AssurePage() {
  29                 super("Assure someone");
  30                 t = new Template(new InputStreamReader(AssuranceForm.class.getResourceAsStream("AssureeSearch.templ")));
  31
  32         }
  33
  34         @Override
  35         public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
  36
  37                 PrintWriter out = resp.getWriter();
  38                 String pi = req.getPathInfo().substring(PATH.length());
  39                 if (pi.length() > 1) {
  40                         int mid = Integer.parseInt(pi.substring(1));
  41                         AssuranceForm form = new AssuranceForm(req, mid);
  42                         outputForm(req, out, mid, form);
  43
  44                 } else {
  45                         HashMap<String, Object> vars = new HashMap<String, Object>();
  46                         vars.put("DoB", ds);
  47                         t.output(out, getLanguage(req), vars);
  48                 }
  49         }
  50
  51         private void outputForm(HttpServletRequest req, PrintWriter out, int mid, AssuranceForm form) {
  52                 User myself = LoginPage.getUser(req);
  53                 AssuranceResult check = Notary.checkAssuranceIsPossible(myself, new User(mid));
  54                 if (check != AssuranceResult.ASSURANCE_SUCCEDED) {
  55                         out.println(translate(req, check.getMessage()));
  56                         return;
  57                 }
  58                 if (form == null || form.assuree.getId() != mid) {
  59                         form = new AssuranceForm(req, mid);
  60                 }
  61
  62                 form.output(out, getLanguage(req), new HashMap<String, Object>());
  63         }
  64
  65         @Override
  66         public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
  67                 PrintWriter out = resp.getWriter();
  68                 String pi = req.getPathInfo().substring(PATH.length());
  69                 if (pi.length() > 1) {
  70                         User myself = LoginPage.getUser(req);
  71                         int mid = Integer.parseInt(pi.substring(1));
  72                         if (mid == myself.getId()) {
  73                                 out.println(translate(req, "Cannot assure myself."));
  74                                 return;
  75                         }
  76
  77                         AssuranceForm form = Form.getForm(req, AssuranceForm.class);
  78                         if (mid != form.assuree.getId()) {
  79                                 return;
  80                         }
  81                         if (form.submit(out, req)) {
  82                                 out.println(translate(req, "Assurance complete."));
  83                         } else {
  84                                 outputForm(req, resp.getWriter(), mid, form);
  85                         }
  86
  87                         return;
  88                 }
  89
  90                 ResultSet rs = null;
  91                 try {
  92                         PreparedStatement ps = DatabaseConnection.getInstance().prepare(
  93                                 "SELECT id, verified FROM users WHERE email=? AND dob=? AND deleted=0");
  94                         ps.setString(1, req.getParameter("email"));
  95                         String day = req.getParameter("year") + "-" + req.getParameter("month") + "-" + req.getParameter("day");
  96                         ps.setString(2, day);
  97                         rs = ps.executeQuery();
  98                         int id = 0;
  99                         if (rs.next()) {
 100                                 id = rs.getInt(1);
 101                                 int verified = rs.getInt(2);
 102                                 if (rs.next()) {
 103                                         out.println("Error, ambigous user. Please contact support@cacert.org.");
 104                                 } else {
 105                                         if (verified == 0) {
 106                                                 out.println(translate(req, "User is not yet verified. Please try again in 24 hours!"));
 107                                         }
 108                                         resp.sendRedirect(PATH + "/" + id);
 109                                 }
 110                         } else {
 111                                 out.print("<div class='formError'>");
 112
 113                                 out.println(translate(req, "I'm sorry, there was no email and date of birth matching"
 114                                         + " what you entered in the system. Please double check" + " your information."));
 115                                 out.print("</div>");
 116                         }
 117
 118                         rs.close();
 119                 } catch (SQLException e) {
 120                         e.printStackTrace();
 121                 } finally {
 122                         try {
 123                                 if (rs != null) {
 124                                         rs.close();
 125                                 }
 126                         } catch (SQLException e) {
 127                                 e.printStackTrace();
 128                         }
 129                 }
 130         }
 131 }