X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Fwot%2FAssurePage.java;h=9c29044bbf2b0a18053b76ed0edcce280cfd73c2;hp=70b5985ef8f5a747e1bb36bfc5d7f6a33e503e96;hb=45b1bef0919f9115f74b5b232e8fda4c787ba03d;hpb=2824d1c165c501e2f3a8809044788b33b81f478a diff --git a/src/org/cacert/gigi/pages/wot/AssurePage.java b/src/org/cacert/gigi/pages/wot/AssurePage.java index 70b5985e..9c29044b 100644 --- a/src/org/cacert/gigi/pages/wot/AssurePage.java +++ b/src/org/cacert/gigi/pages/wot/AssurePage.java @@ -10,13 +10,11 @@ import java.util.HashMap; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - import org.cacert.gigi.User; import org.cacert.gigi.database.DatabaseConnection; import org.cacert.gigi.output.DateSelector; +import org.cacert.gigi.output.Form; import org.cacert.gigi.output.Template; -import org.cacert.gigi.output.Form.CSRFError; import org.cacert.gigi.pages.LoginPage; import org.cacert.gigi.pages.Page; import org.cacert.gigi.util.Notary; @@ -24,7 +22,6 @@ import org.cacert.gigi.util.Notary.AssuranceResult; public class AssurePage extends Page { public static final String PATH = "/wot/assure"; - public static final String SESSION = "/wot/assure/FORM"; DateSelector ds = new DateSelector("day", "month", "year"); Template t; @@ -40,22 +37,10 @@ public class AssurePage extends Page { PrintWriter out = resp.getWriter(); String pi = req.getPathInfo().substring(PATH.length()); if (pi.length() > 1) { - User myself = LoginPage.getUser(req); int mid = Integer.parseInt(pi.substring(1)); - AssuranceResult check = Notary.checkAssuranceIsPossible(myself, new User(mid)); - if (check != AssuranceResult.ASSURANCE_SUCCEDED) { - out.println(translate(req, check.getMessage())); - return; - } - HttpSession hs = req.getSession(); - AssuranceForm form = (AssuranceForm) hs.getAttribute(SESSION); - if (form == null || form.assuree.getId() != mid) { - form = new AssuranceForm(mid); - hs.setAttribute(SESSION, form); - } + AssuranceForm form = new AssuranceForm(req, mid); + outputForm(req, out, mid, form); - form.output(out, getLanguage(req), new HashMap()); - ; } else { HashMap vars = new HashMap(); vars.put("DoB", ds); @@ -63,6 +48,20 @@ public class AssurePage extends Page { } } + private void outputForm(HttpServletRequest req, PrintWriter out, int mid, AssuranceForm form) { + User myself = LoginPage.getUser(req); + AssuranceResult check = Notary.checkAssuranceIsPossible(myself, new User(mid)); + if (check != AssuranceResult.ASSURANCE_SUCCEDED) { + out.println(translate(req, check.getMessage())); + return; + } + if (form == null || form.assuree.getId() != mid) { + form = new AssuranceForm(req, mid); + } + + form.output(out, getLanguage(req), new HashMap()); + } + @Override public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException { PrintWriter out = resp.getWriter(); @@ -71,26 +70,23 @@ public class AssurePage extends Page { User myself = LoginPage.getUser(req); int mid = Integer.parseInt(pi.substring(1)); if (mid == myself.getId()) { - out.println("Cannot assure myself."); + out.println(translate(req, "Cannot assure myself.")); return; } - AssuranceForm form = (AssuranceForm) req.getSession().getAttribute(SESSION); - if (form == null) { - out.println("No form found. This is an Error. Fill in the form again."); + AssuranceForm form = Form.getForm(req, AssuranceForm.class); + if (mid != form.assuree.getId()) { return; } - try { - form.submit(out, req); - } catch (CSRFError e) { - resp.sendError(500, "CSRF Failed"); - out.println(translate(req, "CSRF Token failed.")); + if (form.submit(out, req)) { + out.println(translate(req, "Assurance complete.")); + } else { + outputForm(req, resp.getWriter(), mid, form); } return; } - System.out.println("searching for"); ResultSet rs = null; try { PreparedStatement ps = DatabaseConnection.getInstance().prepare(