From: Janis Streib <janis@dogcraft.de>
Date: Sun, 24 Aug 2014 07:25:28 +0000 (+0200)
Subject: ADD: MYDetails edit
X-Git-Url: https://code.wpia.club/?p=gigi.git;a=commitdiff_plain;h=f667542e89607f5612e1ba6915e4dce4c950c175

ADD: MYDetails edit
---

diff --git a/src/org/cacert/gigi/User.java b/src/org/cacert/gigi/User.java
index fd1989b2..e251a987 100644
--- a/src/org/cacert/gigi/User.java
+++ b/src/org/cacert/gigi/User.java
@@ -7,6 +7,7 @@ import java.sql.SQLException;
 import java.util.Calendar;
 
 import org.cacert.gigi.database.DatabaseConnection;
+import org.cacert.gigi.util.Notary;
 import org.cacert.gigi.util.PasswordHash;
 import org.cacert.gigi.util.PasswordStrengthChecker;
 
@@ -24,6 +25,10 @@ public class User {
 
     public User(int id) {
         this.id = id;
+        updateName(id);
+    }
+
+    private void updateName(int id) {
         try {
             PreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `fname`, `lname`,`mname`, `suffix`, `dob`, `email` FROM `users` WHERE id=?");
             ps.setInt(1, id);
@@ -423,4 +428,21 @@ public class User {
     public void invalidateReceivedAssurances() {
         receivedAssurances = null;
     }
+
+    public void updateUserData() throws SQLException, GigiApiException {
+        synchronized (Notary.class) {
+            if (getAssurancePoints() != 0) {
+                updateUserData();
+                throw new GigiApiException("No change after assurance allowed.");
+            }
+            PreparedStatement update = DatabaseConnection.getInstance().prepare("UPDATE users SET fname=?, lname=?, mname=?, suffix=?, dob=? WHERE id=?");
+            update.setString(1, getFname());
+            update.setString(2, getLname());
+            update.setString(3, getMname());
+            update.setString(4, getSuffix());
+            update.setDate(5, getDob());
+            update.setInt(6, getId());
+            update.executeUpdate();
+        }
+    }
 }
diff --git a/src/org/cacert/gigi/pages/account/MyDetails.java b/src/org/cacert/gigi/pages/account/MyDetails.java
index 134307f8..2ddb6096 100644
--- a/src/org/cacert/gigi/pages/account/MyDetails.java
+++ b/src/org/cacert/gigi/pages/account/MyDetails.java
@@ -1,7 +1,5 @@
 package org.cacert.gigi.pages.account;
 
-import static org.cacert.gigi.Gigi.*;
-
 import java.io.IOException;
 import java.io.PrintWriter;
 import java.util.HashMap;
@@ -9,10 +7,8 @@ import java.util.HashMap;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.cacert.gigi.User;
-import org.cacert.gigi.output.DateSelector;
+import org.cacert.gigi.output.Form;
 import org.cacert.gigi.pages.Page;
-import org.cacert.gigi.util.HTMLEncoder;
 
 public class MyDetails extends Page {
 
@@ -24,18 +20,19 @@ public class MyDetails extends Page {
 
     @Override
     public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
-        User u = (User) req.getSession().getAttribute(USER);
-
         PrintWriter out = resp.getWriter();
         HashMap<String, Object> map = new HashMap<String, Object>();
-        map.put("fname", HTMLEncoder.encodeHTML(u.getFname()));
-        map.put("mname", u.getMname() == null ? "" : HTMLEncoder.encodeHTML(u.getMname()));
-        map.put("lname", HTMLEncoder.encodeHTML(u.getLname()));
-        map.put("suffix", u.getSuffix() == null ? "" : HTMLEncoder.encodeHTML(u.getSuffix()));
-        DateSelector ds = new DateSelector("day", "month", "year", u.getDob());
-        map.put("DoB", ds);
-        map.put("details", "");
+        MyDetailsForm form = new MyDetailsForm(req, getUser(req));
+        map.put("detailsForm", form);
         getDefaultTemplate().output(out, getLanguage(req), map);
+    }
 
+    @Override
+    public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        if(req.getParameter("processDetails") != null) {
+            MyDetailsForm form = Form.getForm(req, MyDetailsForm.class);
+            form.submit(resp.getWriter(), req);
+        }
+        super.doPost(req, resp);
     }
 }
diff --git a/src/org/cacert/gigi/pages/account/MyDetails.templ b/src/org/cacert/gigi/pages/account/MyDetails.templ
index cb925741..1d919504 100644
--- a/src/org/cacert/gigi/pages/account/MyDetails.templ
+++ b/src/org/cacert/gigi/pages/account/MyDetails.templ
@@ -1,44 +1 @@
-<form method="post" action="/account/myDetails">
-<table class="wrapper dataTable" width="400">
-<thead>
-  <tr>
-    <th colspan="2"><?=_My Details?></th>
-  </tr>
-  </thead>
-  <tbody>
-  <tr>
-    <td width="125"><?=_First Name?>: </td>
-    <td width="125"><input type="text" name="fname" value="<?=$fname?>"></td>
-  </tr>
-  <tr>
-    <td valign="top"><?=_Middle Name(s)?><br>
-      (<?=_optional?>)
-    </td>
-    <td><input type="text" name="mname" value="<?=$mname?>"></td>
-  </tr>
-  <tr>
-    <td><?=_Last Name?>: </td>
-    <td><input type="text" name="lname" value="<?=$lname?>"></td>
-  </tr>
-  <tr>
-    <td><?=_Suffix?><br>
-      (<?=_optional?>)</td>
-    <td><input type="text" name="suffix" value="<?=$suffix?>"></td>
-  </tr>
-  <tr>
-    <td><?=_Date of Birth?><br>
-	    (<?=_dd/mm/yyyy?>)</td>
-    <td><?=$DoB?></td>
-  </tr>
-  <tr>
-    <td colspan="2" class="title"><?=_Show account history?></td>
-  </tr>
-  <tr>
-    <td colspan="2" class="title"><?=_View secret question & answers and OTP phrases?></td>
-  </tr>
-  <?=$details?>
-  <tr><td colspan="2"><input type="submit" name="process" value="<?=_Update?>"></td>
-  </tr>
-  </tbody>
-</table>
-</form>
+<?=$detailsForm?>
\ No newline at end of file
diff --git a/src/org/cacert/gigi/pages/account/MyDetailsForm.java b/src/org/cacert/gigi/pages/account/MyDetailsForm.java
new file mode 100644
index 00000000..32e275fb
--- /dev/null
+++ b/src/org/cacert/gigi/pages/account/MyDetailsForm.java
@@ -0,0 +1,88 @@
+package org.cacert.gigi.pages.account;
+
+import java.io.InputStreamReader;
+import java.io.PrintWriter;
+import java.sql.Date;
+import java.sql.SQLException;
+import java.util.Calendar;
+import java.util.Map;
+import java.util.TimeZone;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.cacert.gigi.GigiApiException;
+import org.cacert.gigi.User;
+import org.cacert.gigi.localisation.Language;
+import org.cacert.gigi.output.DateSelector;
+import org.cacert.gigi.output.Form;
+import org.cacert.gigi.output.template.Template;
+import org.cacert.gigi.pages.Page;
+import org.cacert.gigi.util.HTMLEncoder;
+
+public class MyDetailsForm extends Form {
+
+    private static Template templ;
+    static {
+        templ = new Template(new InputStreamReader(MyDetailsForm.class.getResourceAsStream("MyDetailsForm.templ")));
+    }
+
+    private User target;
+
+    public MyDetailsForm(HttpServletRequest hsr, User target) {
+        super(hsr);
+        this.target = target;
+    }
+
+    @Override
+    public boolean submit(PrintWriter out, HttpServletRequest req) {
+        try {
+            if (target.getAssurancePoints() == 0) {
+                String newFname = req.getParameter("fname").trim();
+                String newLname = req.getParameter("lname").trim();
+                String newMname = req.getParameter("mname").trim();
+                String newSuffix = req.getParameter("suffix").trim();
+                if ((newFname.isEmpty() && !target.getFname().isEmpty()) || (newLname.isEmpty() && !target.getLname().isEmpty()) || (newMname.isEmpty() && !target.getMname().isEmpty()) || (newSuffix.isEmpty() && !target.getSuffix().isEmpty())) {
+                    throw new GigiApiException("Names couldn't be removed.");
+                }
+                target.setFname(newFname);
+                target.setLname(newLname);
+                target.setMname(newMname);
+                target.setSuffix(newSuffix);
+                int newYear = Integer.parseInt(req.getParameter("year"));
+                int newMonth = Integer.parseInt(req.getParameter("month"));
+                int newDay = Integer.parseInt(req.getParameter("day"));
+                Calendar cal = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
+                cal.set(Calendar.YEAR, newYear);
+                cal.set(Calendar.MONTH, newMonth);
+                cal.set(Calendar.DAY_OF_MONTH, newDay);
+                target.setDob(new Date(cal.getTimeInMillis()));
+                target.updateUserData();
+            } else {
+                throw new GigiApiException("No change after assurance allowed.");
+            }
+        } catch (SQLException e) {
+            new GigiApiException(e).format(out, Page.getLanguage(req));
+            return false;
+        } catch (GigiApiException e) {
+            e.format(out, Page.getLanguage(req));
+            return false;
+        } catch (NumberFormatException e) {
+            new GigiApiException("Invalid value.").format(out, Page.getLanguage(req));
+            return false;
+        }
+        return false;
+    }
+
+    @Override
+    protected void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
+        vars.put("fname", HTMLEncoder.encodeHTML(target.getFname()));
+        vars.put("mname", target.getMname() == null ? "" : HTMLEncoder.encodeHTML(target.getMname()));
+        vars.put("lname", HTMLEncoder.encodeHTML(target.getLname()));
+        vars.put("suffix", target.getSuffix() == null ? "" : HTMLEncoder.encodeHTML(target.getSuffix()));
+        DateSelector ds = new DateSelector("day", "month", "year", target.getDob());
+        vars.put("DoB", ds);
+        vars.put("details", "");
+        templ.output(out, l, vars);
+    }
+
+}
diff --git a/src/org/cacert/gigi/pages/account/MyDetailsForm.templ b/src/org/cacert/gigi/pages/account/MyDetailsForm.templ
new file mode 100644
index 00000000..8e82eec9
--- /dev/null
+++ b/src/org/cacert/gigi/pages/account/MyDetailsForm.templ
@@ -0,0 +1,42 @@
+<table class="wrapper dataTable" width="400">
+<thead>
+  <tr>
+    <th colspan="2"><?=_My Details?></th>
+  </tr>
+  </thead>
+  <tbody>
+  <tr>
+    <td width="125"><?=_First Name?>: </td>
+    <td width="125"><input type="text" name="fname" value="<?=$fname?>"></td>
+  </tr>
+  <tr>
+    <td valign="top"><?=_Middle Name(s)?><br>
+      (<?=_optional?>)
+    </td>
+    <td><input type="text" name="mname" value="<?=$mname?>"></td>
+  </tr>
+  <tr>
+    <td><?=_Last Name?>: </td>
+    <td><input type="text" name="lname" value="<?=$lname?>"></td>
+  </tr>
+  <tr>
+    <td><?=_Suffix?><br>
+      (<?=_optional?>)</td>
+    <td><input type="text" name="suffix" value="<?=$suffix?>"></td>
+  </tr>
+  <tr>
+    <td><?=_Date of Birth?><br>
+	    (<?=_dd/mm/yyyy?>)</td>
+    <td><?=$DoB?></td>
+  </tr>
+  <tr>
+    <td colspan="2" class="title"><?=_Show account history?></td>
+  </tr>
+  <tr>
+    <td colspan="2" class="title"><?=_View secret question & answers and OTP phrases?></td>
+  </tr>
+  <?=$details?>
+  <tr><td colspan="2"><input type="submit" name="processDetails" value="<?=_Update?>"></td>
+  </tr>
+  </tbody>
+</table>