fix: check if email is a valid pattern while account creation

[gigi.git] / src / club / wpia / gigi / pages / main / Signup.java

diff --git a/src/club/wpia/gigi/pages/main/Signup.java b/src/club/wpia/gigi/pages/main/Signup.java
index cbe96c0e7ad39f0856e6c4b7fab777b9552830e5..1c7942b57b6b59223a028a640d7f6574f259dcb8 100644 (file)
--- a/src/club/wpia/gigi/pages/main/Signup.java
+++ b/src/club/wpia/gigi/pages/main/Signup.java
@@ -53,7 +53,7 @@ public class Signup extends Form {
         vars.put("name", ni);
         vars.put("dob", myDoB);
         vars.put("email", HTMLEncoder.encodeHTML(email));
-        vars.put("helpOnNames", new SprintfCommand("Help on Names {0}in the knowledge base{1}", Arrays.asList("!(/kb/names", "!'</a>")));
+        vars.put("helpOnNames", new SprintfCommand("Help on Names in our {0}FAQ{1}", Arrays.asList("!(/kb/names", "!'</a>")));
         vars.put("csrf", getCSRFToken());
         vars.put("dobmin", User.MINIMUM_AGE + "");
         vars.put("countryCode", cs);
@@ -114,14 +114,6 @@ public class Signup extends Form {
             ga.mergeInto(new GigiApiException("Entered date of birth exceeds the maximum age set in our policies. Please check your DoB is correct and contact support if the issue persists."));
         }
 
-        if ( !"1".equals(req.getParameter("tos_agree"))) {
-            ga.mergeInto(new GigiApiException("Acceptance of the ToS is required to continue."));
-        }
-
-        if ( !"1".equals(req.getParameter("dp_agree"))) {
-            ga.mergeInto(new GigiApiException("Acceptance of the Data Protection Policy is required to continue."));
-        }
-
         if (email.equals("")) {
             ga.mergeInto(new GigiApiException("Email Address was blank"));
         }
@@ -132,6 +124,15 @@ public class Signup extends Form {
         } else if ( !pw1.equals(pw2)) {
             ga.mergeInto(new GigiApiException("Passwords don't match"));
         }
+
+        if ( !"1".equals(req.getParameter("tos_agree"))) {
+            ga.mergeInto(new GigiApiException("Acceptance of the ToS is required to continue."));
+        }
+
+        if ( !"1".equals(req.getParameter("dp_agree"))) {
+            ga.mergeInto(new GigiApiException("Acceptance of the Data Protection Policy is required to continue."));
+        }
+
         if ( !ga.isEmpty()) {
             throw ga;
         }
@@ -140,6 +141,11 @@ public class Signup extends Form {
             throw gaPassword;
         }
         GigiApiException ga2 = new GigiApiException();
+
+        if ( !EmailProvider.isValidMailAddress(email)) {
+            ga2.mergeInto(new GigiApiException("This email address seems not to be valid."));
+        }
+
         try (GigiPreparedStatement q1 = new GigiPreparedStatement("SELECT * FROM `emails` WHERE `email`=? AND `deleted` IS NULL"); GigiPreparedStatement q2 = new GigiPreparedStatement("SELECT * FROM `certOwners` INNER JOIN `users` ON `users`.`id`=`certOwners`.`id` WHERE `email`=? AND `deleted` IS NULL")) {
             q1.setString(1, email);
             q2.setString(1, email);