X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Fmain%2FSignup.java;h=844a227b2d8707d40e11dedab664b21d2875ed7d;hp=e956aa436eb59b4597ea62413dc5973a6187d348;hb=4b91927aa8d90226414872ce5b3006d0e0f5d273;hpb=480cb29387c76ccc19f8fa8fb0abe8ae1b069730 diff --git a/src/org/cacert/gigi/pages/main/Signup.java b/src/org/cacert/gigi/pages/main/Signup.java index e956aa43..844a227b 100644 --- a/src/org/cacert/gigi/pages/main/Signup.java +++ b/src/org/cacert/gigi/pages/main/Signup.java @@ -2,22 +2,23 @@ package org.cacert.gigi.pages.main; import java.io.IOException; import java.io.PrintWriter; -import java.sql.PreparedStatement; -import java.sql.ResultSet; -import java.sql.SQLException; import java.sql.Date; +import java.sql.SQLException; import java.util.HashMap; import java.util.Map; import javax.servlet.http.HttpServletRequest; -import org.cacert.gigi.EmailAddress; -import org.cacert.gigi.User; +import org.cacert.gigi.GigiApiException; import org.cacert.gigi.database.DatabaseConnection; +import org.cacert.gigi.database.GigiPreparedStatement; +import org.cacert.gigi.database.GigiResultSet; +import org.cacert.gigi.dbObjects.EmailAddress; +import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.email.EmailProvider; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.DateSelector; -import org.cacert.gigi.output.Form; +import org.cacert.gigi.output.template.Form; import org.cacert.gigi.output.template.Template; import org.cacert.gigi.pages.Page; import org.cacert.gigi.util.HTMLEncoder; @@ -26,21 +27,21 @@ import org.cacert.gigi.util.PasswordStrengthChecker; public class Signup extends Form { - User buildup = new User(); + private User buildup = new User(); - Template t; + private Template t; boolean general = true, country = true, regional = true, radius = true; public Signup(HttpServletRequest hsr) { super(hsr); t = new Template(Signup.class.getResource("Signup.templ")); - buildup.setFname(""); - buildup.setMname(""); - buildup.setLname(""); + buildup.setFName(""); + buildup.setMName(""); + buildup.setLName(""); buildup.setSuffix(""); buildup.setEmail(""); - buildup.setDob(new Date(0)); + buildup.setDoB(new Date(0)); } DateSelector myDoB = new DateSelector("day", "month", "year"); @@ -48,9 +49,9 @@ public class Signup extends Form { @Override public void outputContent(PrintWriter out, Language l, Map outerVars) { HashMap vars = new HashMap(); - vars.put("fname", HTMLEncoder.encodeHTML(buildup.getFname())); - vars.put("mname", HTMLEncoder.encodeHTML(buildup.getMname())); - vars.put("lname", HTMLEncoder.encodeHTML(buildup.getLname())); + vars.put("fname", HTMLEncoder.encodeHTML(buildup.getFName())); + vars.put("mname", HTMLEncoder.encodeHTML(buildup.getMName())); + vars.put("lname", HTMLEncoder.encodeHTML(buildup.getLName())); vars.put("suffix", HTMLEncoder.encodeHTML(buildup.getSuffix())); vars.put("dob", myDoB); vars.put("email", HTMLEncoder.encodeHTML(buildup.getEmail())); @@ -65,13 +66,13 @@ public class Signup extends Form { private void update(HttpServletRequest r) { if (r.getParameter("fname") != null) { - buildup.setFname(r.getParameter("fname")); + buildup.setFName(r.getParameter("fname")); } if (r.getParameter("lname") != null) { - buildup.setLname(r.getParameter("lname")); + buildup.setLName(r.getParameter("lname")); } if (r.getParameter("mname") != null) { - buildup.setMname(r.getParameter("mname")); + buildup.setMName(r.getParameter("mname")); } if (r.getParameter("suffix") != null) { buildup.setSuffix(r.getParameter("suffix")); @@ -83,80 +84,64 @@ public class Signup extends Form { country = "1".equals(r.getParameter("country")); regional = "1".equals(r.getParameter("regional")); radius = "1".equals(r.getParameter("radius")); - myDoB.update(r); + try { + myDoB.update(r); + } catch (GigiApiException e) { + } } @Override public synchronized boolean submit(PrintWriter out, HttpServletRequest req) { update(req); - boolean failed = false; - out.println("
"); - if (buildup.getFname().equals("") || buildup.getLname().equals("")) { - outputError(out, req, "First and/or last names were blank."); - failed = true; + if (buildup.getLName().trim().equals("")) { + outputError(out, req, "Last name were blank."); } if ( !myDoB.isValid()) { outputError(out, req, "Invalid date of birth"); - failed = true; } if ( !"1".equals(req.getParameter("cca_agree"))) { outputError(out, req, "You have to agree to the CAcert Community agreement."); - failed = true; } if (buildup.getEmail().equals("")) { outputError(out, req, "Email Address was blank"); - failed = true; } String pw1 = req.getParameter("pword1"); String pw2 = req.getParameter("pword2"); if (pw1 == null || pw1.equals("")) { outputError(out, req, "Pass Phrases were blank"); - failed = true; } else if ( !pw1.equals(pw2)) { outputError(out, req, "Pass Phrases don't match"); - failed = true; } int pwpoints = PasswordStrengthChecker.checkpw(pw1, buildup); if (pwpoints < 3) { outputError(out, req, "The Pass Phrase you submitted failed to contain enough" + " differing characters and/or contained words from" + " your name and/or email address."); - failed = true; } - if (failed) { - out.println("
"); + if (isFailed(out)) { return false; } - try { - PreparedStatement q1 = DatabaseConnection.getInstance().prepare("select * from `emails` where `email`=? and `deleted`=0"); - PreparedStatement q2 = DatabaseConnection.getInstance().prepare("select * from `users` where `email`=? and `deleted`=0"); - q1.setString(1, buildup.getEmail()); - q2.setString(1, buildup.getEmail()); - ResultSet r1 = q1.executeQuery(); - ResultSet r2 = q2.executeQuery(); - if (r1.next() || r2.next()) { - outputError(out, req, "This email address is currently valid in the system."); - failed = true; - } - r1.close(); - r2.close(); - PreparedStatement q3 = DatabaseConnection.getInstance().prepare("select `domain` from `baddomains` where `domain`=RIGHT(?, LENGTH(`domain`))"); - q3.setString(1, buildup.getEmail()); - - ResultSet r3 = q3.executeQuery(); - if (r3.next()) { - String domain = r3.getString(1); - out.print("
"); - out.print(String.format(Page.translate(req, "We don't allow signups from people using email addresses from %s"), domain)); - out.println("
"); - failed = true; - } - r3.close(); - } catch (SQLException e) { - e.printStackTrace(); - failed = true; - } + GigiPreparedStatement q1 = DatabaseConnection.getInstance().prepare("select * from `emails` where `email`=? and `deleted` IS NULL"); + GigiPreparedStatement q2 = DatabaseConnection.getInstance().prepare("select * from certOwners inner join users on users.id=certOwners.id where `email`=? and `deleted` IS NULL"); + q1.setString(1, buildup.getEmail()); + q2.setString(1, buildup.getEmail()); + GigiResultSet r1 = q1.executeQuery(); + GigiResultSet r2 = q2.executeQuery(); + if (r1.next() || r2.next()) { + outputError(out, req, "This email address is currently valid in the system."); + } + r1.close(); + r2.close(); + GigiPreparedStatement q3 = DatabaseConnection.getInstance().prepare("select `domain` from `baddomains` where `domain`=RIGHT(?, LENGTH(`domain`))"); + q3.setString(1, buildup.getEmail()); + + GigiResultSet r3 = q3.executeQuery(); + if (r3.next()) { + String domain = r3.getString(1); + outputError(out, req, "We don't allow signups from people using email addresses from %s", domain); + } + r3.close(); String mailResult = EmailProvider.FAIL; try { - mailResult = EmailProvider.getInstance().checkEmailServer(0, buildup.getEmail()); + mailResult = HTMLEncoder.encodeHTML(EmailProvider.getInstance().checkEmailServer(0, buildup.getEmail())); } catch (IOException e) { } if ( !mailResult.equals(EmailProvider.OK)) { @@ -168,43 +153,42 @@ public class Signup extends Form { if (mailResult.equals(EmailProvider.FAIL)) { outputError(out, req, "Failed to make a connection to the mail server"); } else { - out.print("
"); - out.print(mailResult); - out.println("
"); + outputErrorPlain(out, mailResult); } - failed = true; } - out.println(""); - if (failed) { + if (isFailed(out)) { return false; } try { run(req, pw1); } catch (SQLException e) { e.printStackTrace(); + } catch (GigiApiException e) { + outputError(out, req, e.getMessage()); + return false; } return true; } - private void run(HttpServletRequest req, String password) throws SQLException { + private void run(HttpServletRequest req, String password) throws SQLException, GigiApiException { try { DatabaseConnection.getInstance().beginTransaction(); - - buildup.setDob(myDoB.getDate()); + buildup.setPreferredLocale(Page.getLanguage(req).getLocale()); + buildup.setDoB(myDoB.getDate()); buildup.insert(password); int memid = buildup.getId(); - EmailAddress ea = new EmailAddress(buildup.getEmail(), buildup); + EmailAddress ea = new EmailAddress(buildup, buildup.getEmail()); ea.insert(Page.getLanguage(req)); - PreparedStatement ps = DatabaseConnection.getInstance().prepare("insert into `alerts` set `memid`=?," + " `general`=?, `country`=?, `regional`=?, `radius`=?"); + GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("insert into `alerts` set `memid`=?," + " `general`=?, `country`=?, `regional`=?, `radius`=?"); ps.setInt(1, memid); ps.setString(2, general ? "1" : "0"); ps.setString(3, country ? "1" : "0"); ps.setString(4, regional ? "1" : "0"); ps.setString(5, radius ? "1" : "0"); ps.execute(); - Notary.writeUserAgreement(memid, "CCA", "account creation", "", true, 0); + Notary.writeUserAgreement(buildup, "CCA", "account creation", "", true, 0); DatabaseConnection.getInstance().commitTransaction(); } finally {