--- /dev/null
+package org.cacert.gigi;
+
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+
+import org.cacert.gigi.database.DatabaseConnection;
+
+public class EmailAddress {
+ String address;
+ int id;
+ User owner;
+ String hash = null;
+
+ private EmailAddress(int id) throws SQLException {
+ PreparedStatement ps = DatabaseConnection.getInstance().prepare(
+ "SELECT memid, email, hash FROM `email` WHERE id=? AND deleted=0");
+ ps.setInt(1, id);
+
+ ResultSet rs = ps.executeQuery();
+ if (!rs.next()) {
+ throw new IllegalArgumentException("Invalid email id " + id);
+ }
+ this.id = id;
+ owner = User.getById(rs.getInt(1));
+ address = rs.getString(2);
+ hash = rs.getString(3);
+ rs.close();
+ }
+
+ public int getId() {
+ return id;
+ }
+
+ public String getAddress() {
+ return address;
+ }
+
+ public synchronized void verify(String hash) throws GigiApiException {
+ if (this.hash.equals(hash)) {
+
+ try {
+ PreparedStatement ps = DatabaseConnection.getInstance()
+ .prepare("UPDATE `email` SET hash='' WHERE id=?");
+ ps.setInt(1, id);
+ ps.execute();
+ hash = "";
+
+ // Verify user with that primary email
+ PreparedStatement ps2 = DatabaseConnection.getInstance().prepare(
+ "update `users` set `verified`='1' where `id`=? and `email`=? and `verified`='0'");
+ ps2.setInt(1, owner.getId());
+ ps2.setString(2, address);
+ ps2.execute();
+ } catch (SQLException e) {
+ throw new GigiApiException(e);
+ }
+
+ } else {
+ throw new GigiApiException("Email verification hash is invalid.");
+ }
+ }
+
+ public static EmailAddress getById(int id) throws IllegalArgumentException {
+ // TODO cache
+ try {
+ EmailAddress e = new EmailAddress(id);
+ return e;
+ } catch (SQLException e) {
+ throw new IllegalArgumentException(e);
+ }
+ }
+}
--- /dev/null
+package org.cacert.gigi;
+
+import java.io.PrintWriter;
+import java.sql.SQLException;
+
+public class GigiApiException extends Exception {
+ SQLException e;
+ String message;
+
+ public GigiApiException(SQLException e) {
+ this.e = e;
+ }
+
+ public GigiApiException(String message) {
+ this.message = message;
+ }
+
+ public boolean isInternalError() {
+ return e != null;
+ }
+
+ public void format(PrintWriter out, Language language) {
+ if (isInternalError()) {
+ e.printStackTrace();
+ out.println(language.getTranslation("An internal error ouccured."));
+ } else {
+ out.println(language.getTranslation(message));
+ }
+
+ }
+
+}
}
return points;
}
+
+ public static User getById(int id) {
+ return new User(id);
+ }
+
}
import java.io.IOException;
import java.io.PrintWriter;
-import java.sql.PreparedStatement;
-import java.sql.ResultSet;
-import java.sql.SQLException;
-
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.cacert.gigi.database.DatabaseConnection;
+import org.cacert.gigi.EmailAddress;
+import org.cacert.gigi.GigiApiException;
public class Verify extends Page {
public static final String PATH = "/verify";
String id = req.getParameter("id");
if ("email".equals(type)) {
try {
- PreparedStatement ps = DatabaseConnection.getInstance().prepare(
- "select email, memid from `email` where `id`=? and `hash`=? and `hash` != '' and `deleted` = 0");
- ps.setString(1, id);
- ps.setString(2, hash);
- ResultSet rs = ps.executeQuery();
- rs.last();
- if (rs.getRow() == 1) {
- PreparedStatement ps1 = DatabaseConnection.getInstance().prepare(
- "update `email` set `hash`='', `modified`=NOW() where `id`=?");
- ps1.setString(1, id);
- ps1.execute();
- PreparedStatement ps2 = DatabaseConnection.getInstance().prepare(
- "update `users` set `verified`='1' where `id`=? and `email`=? and `verified`='0'");
- ps2.setString(1, rs.getString(2));
- ps2.setString(2, rs.getString(1));
- ps2.execute();
- out.println("Your email is good.");
- } else {
- out.println("Your request is invalid");
- }
- } catch (SQLException e) {
- e.printStackTrace();
+ EmailAddress ea = EmailAddress.getById(Integer.parseInt(id));
+ ea.verify(hash);
+ out.println("Email verification completed.");
+ } catch (IllegalArgumentException e) {
+ out.println(translate(req, "The email address is invalid."));
+ } catch (GigiApiException e) {
+ e.format(out, getLanguage(req));
}
}
}
- @Override
- public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
- String hash = req.getParameter("hash");
- String type = req.getParameter("type");
- if ("email".equals(type)) {
-
- }
- }
}