X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Fwot%2FAssurePage.java;h=f553793e5d3d4ebd47d1e0e1cc9ff5d557f0a942;hp=8862535c97aa6a6ffd404ae49e4c48c562bb8ee9;hb=086118bb498331de19b4d8d55caa59e0efd41402;hpb=bff50cf243e15556ced8b8a4723492d7a2e7ece5

diff --git a/src/org/cacert/gigi/pages/wot/AssurePage.java b/src/org/cacert/gigi/pages/wot/AssurePage.java
index 8862535c..f553793e 100644
--- a/src/org/cacert/gigi/pages/wot/AssurePage.java
+++ b/src/org/cacert/gigi/pages/wot/AssurePage.java
@@ -16,9 +16,11 @@ import org.cacert.gigi.User;
 import org.cacert.gigi.database.DatabaseConnection;
 import org.cacert.gigi.output.DateSelector;
 import org.cacert.gigi.output.Template;
+import org.cacert.gigi.output.Form.CSRFError;
 import org.cacert.gigi.pages.LoginPage;
 import org.cacert.gigi.pages.Page;
 import org.cacert.gigi.util.Notary;
+import org.cacert.gigi.util.Notary.AssuranceResult;
 
 public class AssurePage extends Page {
 	public static final String PATH = "/wot/assure";
@@ -42,8 +44,10 @@ public class AssurePage extends Page {
 		if (pi.length() > 1) {
 			User myself = LoginPage.getUser(req);
 			int mid = Integer.parseInt(pi.substring(1));
-
-			if (!Notary.checkAssuranceIsPossible(myself, new User(mid), out)) {
+			AssuranceResult check = Notary.checkAssuranceIsPossible(myself,
+					new User(mid));
+			if (check != AssuranceResult.ASSURANCE_SUCCEDED) {
+				out.println(translate(req, check.getMessage()));
 				return;
 			}
 			HttpSession hs = req.getSession();
@@ -79,7 +83,12 @@ public class AssurePage extends Page {
 				out.println("No form found. This is an Error. Fill in the form again.");
 				return;
 			}
-			form.submit(out, req);
+			try {
+				form.submit(out, req);
+			} catch (CSRFError e) {
+				resp.sendError(500, "CSRF Failed");
+				out.println(translate(req, "CSRF Token failed."));
+			}
 
 			return;
 		}