Enforce Output of CSRF token.

[gigi.git] / src / org / cacert / gigi / pages / main / Signup.java

diff --git a/src/org/cacert/gigi/pages/main/Signup.java b/src/org/cacert/gigi/pages/main/Signup.java
index 39e91a273fba0901d6f89ce4d15778b8fdefca30..bd4037a1d5c8e9fa18ecfc2418ef789de2b97291 100644 (file)
--- a/src/org/cacert/gigi/pages/main/Signup.java
+++ b/src/org/cacert/gigi/pages/main/Signup.java
@@ -7,10 +7,10 @@ import java.io.UnsupportedEncodingException;
 import java.sql.PreparedStatement;
 import java.sql.ResultSet;
 import java.sql.SQLException;
-import java.util.Date;
+import java.sql.Date;
 import java.util.HashMap;
+import java.util.Map;
 
-import javax.servlet.ServletRequest;
 import javax.servlet.http.HttpServletRequest;
 
 import org.cacert.gigi.Language;
@@ -18,6 +18,7 @@ import org.cacert.gigi.User;
 import org.cacert.gigi.database.DatabaseConnection;
 import org.cacert.gigi.email.EmailProvider;
 import org.cacert.gigi.output.DateSelector;
+import org.cacert.gigi.output.Form;
 import org.cacert.gigi.output.Template;
 import org.cacert.gigi.pages.Page;
 import org.cacert.gigi.util.HTMLEncoder;
@@ -26,7 +27,7 @@ import org.cacert.gigi.util.PasswordStrengthChecker;
 import org.cacert.gigi.util.RandomToken;
 import org.cacert.gigi.util.ServerConstants;
 
-public class Signup {
+public class Signup extends Form {
        User buildup = new User();
        Template t;
        boolean general = true, country = true, regional = true, radius = true;
@@ -46,7 +47,9 @@ public class Signup {
        }
        DateSelector myDoB = new DateSelector("day", "month", "year");
 
-       public void writeForm(PrintWriter out, Language l) {
+       @Override
+       public void outputContent(PrintWriter out, Language l,
+                       Map<String, Object> outerVars) {
                HashMap<String, Object> vars = new HashMap<String, Object>();
                vars.put("fname", HTMLEncoder.encodeHTML(buildup.getFname()));
                vars.put("mname", HTMLEncoder.encodeHTML(buildup.getMname()));
@@ -89,6 +92,7 @@ public class Signup {
                myDoB.update(r);
        }
 
+       @Override
        public synchronized boolean submit(PrintWriter out, HttpServletRequest req) {
                update(req);
                boolean failed = false;
@@ -215,11 +219,6 @@ public class Signup {
                }
                return true;
        }
-       private void outputError(PrintWriter out, ServletRequest req, String text) {
-               out.print("<div>");
-               out.print(Page.translate(req, text));
-               out.println("</div>");
-       }
 
        private void run(HttpServletRequest req, String password)
                        throws SQLException {
@@ -227,6 +226,7 @@ public class Signup {
                        DatabaseConnection.getInstance().beginTransaction();
                        String hash = RandomToken.generateToken(16);
 
+                       buildup.setDob(myDoB.getDate());
                        buildup.insert(password);
                        int memid = buildup.getId();
                        PreparedStatement ps = DatabaseConnection.getInstance().prepare(
@@ -256,8 +256,8 @@ public class Signup {
                                        .translate(
                                                        req,
                                                        "Thanks for signing up with CAcert.org, below is the link you need to open to verify your account. Once your account is verified you will be able to start issuing certificates till your hearts' content!"));
-                       body.append("\n\n");
-                       body.append(ServerConstants.NORMAL_HOST_NAME);
+                       body.append("\n\nhttps://");
+                       body.append(ServerConstants.getWwwHostNamePort());
                        body.append("/verify?type=email&id=");
                        body.append(emailid);
                        body.append("&hash=");