Mercurial Hosting > nabble
annotate src/nabble/view/web/more/ForumStart.java @ 36:157eac0dee34
whitelist for mailing lists
author | Franklin Schmidt <fschmidt@gmail.com> |
---|---|
date | Wed, 08 Jul 2020 12:22:41 -0600 |
parents | 61800d34be0d |
children | 40e282462f2e |
rev | line source |
---|---|
0 | 1 |
2 package nabble.view.web.more; | |
3 | |
4 import fschmidt.db.DbDatabase; | |
5 import fschmidt.util.mail.MailAddress; | |
6 import fschmidt.util.servlet.CanonicalUrl; | |
7 import nabble.model.Db; | |
8 import nabble.model.Message; | |
9 import nabble.model.ModelException; | |
10 import nabble.model.ModelHome; | |
11 import nabble.model.Site; | |
12 import nabble.model.User; | |
34 | 13 import nabble.model.Init; |
0 | 14 import nabble.naml.compiler.Template; |
15 import nabble.naml.compiler.TemplatePrintWriter; | |
16 import nabble.naml.namespaces.BasicNamespace; | |
17 import nabble.view.lib.Jtp; | |
18 import nabble.view.lib.NewSiteMail; | |
19 import nabble.view.lib.Permissions; | |
20 import nabble.view.lib.Shared; | |
21 import nabble.view.lib.UrlMappable; | |
22 import nabble.view.lib.Recaptcha; | |
23 import nabble.view.web.app.Languages; | |
24 import nabble.view.web.template.NabbleNamespace; | |
25 | |
26 import javax.servlet.ServletException; | |
27 import javax.servlet.http.HttpServlet; | |
28 import javax.servlet.http.HttpServletRequest; | |
29 import javax.servlet.http.HttpServletResponse; | |
30 import java.io.IOException; | |
31 import java.io.PrintWriter; | |
32 import java.io.StringWriter; | |
33 import java.util.Collections; | |
34 import java.util.HashMap; | |
35 import java.util.Map; | |
34 | 36 import java.util.Set; |
0 | 37 import java.util.regex.Matcher; |
38 import java.util.regex.Pattern; | |
28 | 39 import org.slf4j.Logger; |
40 import org.slf4j.LoggerFactory; | |
0 | 41 |
42 | |
43 public final class ForumStart extends HttpServlet implements UrlMappable, CanonicalUrl { | |
28 | 44 private static final Logger logger = LoggerFactory.getLogger(ForumStart.class); |
0 | 45 |
46 private static final Pattern URL_PATTERN = Pattern.compile("/free-(forum|gallery|newspaper|blog|mailing-list)\\.html$"); | |
47 | |
48 public static String url(String what) { | |
49 return Jtp.defaultContextUrl() + path(what); | |
50 } | |
51 | |
52 public static String path(String what) { | |
53 return "/free-" + what + ".html"; | |
54 } | |
55 | |
56 public String getCanonicalUrl(HttpServletRequest request) { | |
57 return url( request.getParameter("what") ); | |
58 } | |
59 | |
60 public Map<String,String[]> getParameterMapFromUrl(HttpServletRequest request,String mappedUrl) { | |
61 Matcher m = URL_PATTERN.matcher(mappedUrl); | |
62 if( !m.find() ) | |
63 throw new RuntimeException(); | |
64 Map<String,String[]> params = new HashMap<String,String[]>(); | |
65 String what = m.group(1); | |
66 params.put("what",new String[]{what}); | |
67 return params; | |
68 } | |
69 | |
70 public Pattern getUrlPattern() { | |
71 return URL_PATTERN; | |
72 } | |
73 | |
74 protected void service(HttpServletRequest request,HttpServletResponse response) | |
75 throws ServletException, IOException | |
76 { | |
77 build(request, response, Collections.<String,String>emptyMap(), Collections.<String,String>emptyMap()); | |
78 } | |
79 | |
80 private static void build(HttpServletRequest request,HttpServletResponse response, Map<String,String> values, Map<String,String> errors) | |
81 throws ServletException, IOException | |
82 { | |
83 PrintWriter out = response.getWriter(); | |
84 String what = request.getParameter("what"); | |
85 if (what == null) | |
86 what = "Forum"; | |
87 else if ("mailing-list".equals(what)) | |
88 what = "Mailing List"; | |
89 else | |
90 what = Jtp.capitalize(what); | |
91 | |
92 String imgName = what.toLowerCase(); | |
93 if ("Mailing List".equals(what)) | |
94 imgName = "mailing-list"; | |
95 | |
96 | |
97 out.print( "\r\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\r\n<html>\r\n <head>\r\n " ); | |
98 Shared.head(request,response); | |
99 out.print( "\r\n <title>Nabble - Free " ); | |
100 out.print( (what) ); | |
101 out.print( " Setup</title>\r\n <meta name=\"robots\" content=\"noindex\"/>\r\n <META NAME=\"description\" CONTENT=\"Setting up a free " ); | |
102 out.print( (what.toLowerCase()) ); | |
103 out.print( " on Nabble is quick and easy. Fill in one simple form and you are done.\">\r\n <META NAME=\"keywords\" CONTENT=\"free " ); | |
104 out.print( (what.toLowerCase()) ); | |
105 out.print( ", hosted " ); | |
106 out.print( (what.toLowerCase()) ); | |
107 out.print( ", simple, embeddable " ); | |
108 out.print( (what.toLowerCase()) ); | |
32 | 109 out.print( ", customizable\">\r\n <style type=\"text/css\">\r\n div.center-content {\r\n margin: 0px auto;\r\n margin-bottom: 3em;\r\n }\r\n td.column1 {\r\n text-align: right;\r\n width: 7em;\r\n white-space: nowrap;\r\n }\r\n input[type=text],input[type=password] {\r\n padding: .4em 0;\r\n }\r\n div.field-title {\r\n margin-top: .3em;\r\n }\r\n .important {\r\n font-weight: bold;\r\n }\r\n label {\r\n vertical-align: -15%;\r\n }\r\n #submit-btn {\r\n padding: .5em .8em;\r\n font-size: 110%;\r\n font-weight: bold;\r\n }\r\n </style>\r\n <script type=\"text/javascript\">\r\n\r\n function singleFormSubmit(f) {\r\n if (f.done)\r\n return false;\r\n f.done = true;\r\n $('#submit-btn').hide();\r\n var $div = $('#wait-message');\r\n function loading1() { $div.fadeTo(300,0.3,loading2); };\r\n function loading2() { $div.fadeTo(300,1,loading1); };\r\n loading1();\r\n return true;\r\n };\r\n\r\n </script>\r\n " ); |
0 | 110 out.print( ( Recaptcha.JS ) ); |
111 out.print( "\r\n </head>\r\n <body style=\"text-align:center\">\r\n " ); | |
112 Shared.minHeaderGlobal(request,response); | |
113 out.print( "\r\n\r\n <div class=\"center-content\">\r\n <img src=\"/images/logo_nabble_home.png\" border=\"0\" alt=\"Nabble - free forums for everyone\"/><br />\r\n <h1 style=\"color:#979797\">Start Your " ); | |
114 out.print( (what) ); | |
115 out.print( "</h1>\r\n\r\n " ); | |
116 if (errors.size() > 0) { | |
117 out.print( "\r\n <div class=\"error-message important\" style=\"margin:1em;padding:.5em 0\">\r\n " ); | |
118 String generic = errors.get("generic"); | |
119 out.print( "\r\n " ); | |
120 out.print( (generic != null? generic : errors.size() > 0? "Please check the errors below" : "") ); | |
121 out.print( "\r\n </div>\r\n " ); | |
122 } | |
123 out.print( "\r\n\r\n <form action=\"/more/ForumStart$Save.jtp\" method=\"post\" accept-charset=\"UTF-8\" onsubmit=\"return singleFormSubmit(this)\">\r\n <input type=\"hidden\" name=\"type\" value=\"" ); | |
124 out.print( (what.toLowerCase().replace(" ","")) ); | |
125 out.print( "\" />\r\n <input type=\"hidden\" name=\"what\" value=\"" ); | |
126 out.print( (what) ); | |
32 | 127 out.print( "\" />\r\n\r\n <div style=\"text-align:left;width:50em;margin:0 auto\">\r\n <div style=\"border-bottom:2px solid #eeeeee;padding:1em\">\r\n <div class=\"weak-color\" style=\"width:12em;text-align:center;float:left\">\r\n <div style=\"font-weight:bold\">Account</div>\r\n <img src=\"/images/account.png\" width=\"84\" height=\"45\"/>\r\n <div style=\"margin-top:1em;font-size:80%\">\r\n You will receive an email with a link to activate your account\r\n </div>\r\n </div>\r\n <table>\r\n <tr>\r\n <td class=\"column1\"><div class=\"second-font field-title\">User Name</div></td>\r\n <td><input type=\"text\" autofocus size=\"35\" maxlength=\"30\" name=\"username\" value=\"" ); |
0 | 128 out.print( (Jtp.hideNull(values.get("username"))) ); |
129 out.print( "\" /></td>\r\n <td class=\"important\">" ); | |
130 out.print( (errors.containsKey("username")? errors.get("username"):"") ); | |
131 out.print( "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"column1\"><div class=\"second-font field-title\">Email</div></td>\r\n <td><input type=\"text\" size=\"35\" maxlength=\"60\" name=\"email\" value=\"" ); | |
132 out.print( (Jtp.hideNull(values.get("email"))) ); | |
133 out.print( "\"/></td>\r\n <td class=\"important\">" ); | |
134 out.print( (errors.containsKey("email")? errors.get("email"):"") ); | |
135 out.print( "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"column1\"><div class=\"second-font field-title\">Password</div></td>\r\n <td><input type=\"password\" size=\"35\" maxlength=\"15\" name=\"password\" value=\"" ); | |
136 out.print( (Jtp.hideNull(values.get("password"))) ); | |
137 out.print( "\"/></td>\r\n <td class=\"important\">" ); | |
138 out.print( (errors.containsKey("password")? errors.get("password"):"") ); | |
139 out.print( "</td>\r\n </tr>\r\n <tr>\r\n <td class=\"column1\"><input type=\"checkbox\" id=\"terms\" name=\"terms\" value=\"y\" " ); | |
140 out.print( ("y".equals(values.get("terms"))?"checked":"") ); | |
141 out.print( " /></td>\r\n <td colspan=2><label for=\"terms\">I have read and I agree to Nabble's <a href=\"" ); | |
142 out.print( (Jtp.termsUrl(true)) ); | |
143 out.print( "\">Terms of Use</a>.</label></td>\r\n </tr>\r\n </table>\r\n </div>\r\n\r\n <div style=\"padding:1em;overflow:hidden\">\r\n <div class=\"weak-color\" style=\"width:12em;text-align:center;float:left;height:15em\">\r\n <div style=\"font-weight:bold\">" ); | |
144 out.print( (what) ); | |
145 out.print( "</div>\r\n <img src=\"/images/homepage/" ); | |
146 out.print( (imgName) ); | |
147 out.print( ".png\" alt=\"Free " ); | |
148 out.print( (what.toLowerCase()) ); | |
149 out.print( "\">\r\n </div>\r\n <table>\r\n <tr>\r\n <td class=\"column1\"><div class=\"second-font field-title\">Language</div></td>\r\n <td>\r\n <select name=\"lang\">\r\n " ); | |
150 for( Map.Entry<String,String> entry : Languages.languages.entrySet() ) { | |
151 out.print( "\r\n " ); | |
152 String lang = request.getParameter("lang"); | |
153 out.print( "\r\n " ); | |
154 boolean isEnglish = entry.getKey().equals("none"); | |
155 out.print( "\r\n " ); | |
156 boolean isSelected = (lang == null && isEnglish) || entry.getKey().equals(lang); | |
157 out.print( "\r\n <option value=\"" ); | |
158 out.print( (entry.getKey()) ); | |
159 out.print( "\" " ); | |
160 out.print( (isSelected?"selected=\"true\"":"") ); | |
161 out.print( ">" ); | |
162 out.print( (entry.getValue()) ); | |
163 out.print( "</option>\r\n " ); | |
164 } | |
165 out.print( "\r\n </select>\r\n </td>\r\n <td></td>\r\n </tr>\r\n <tr>\r\n <td colspan=\"3\" style=\"height:.6em\"></td>\r\n </tr>\r\n <tr>\r\n <td class=\"column1\"><div class=\"second-font field-title\">" ); | |
166 out.print( (what) ); | |
167 out.print( " Name</div></td>\r\n <td><input type=\"text\" name=\"subject\" size=\"30\" maxlength=\"80\" value=\"" ); | |
168 out.print( (Jtp.hideNull(values.get("subject"))) ); | |
169 out.print( "\"/></td>\r\n <td class=\"important\">" ); | |
170 out.print( (errors.containsKey("subject")? errors.get("subject"):"") ); | |
171 out.print( "</td>\r\n </tr>\r\n <tr>\r\n <td colspan=3 style=\"padding:.4em 0 0 .6em\">\r\n <div class=\"second-font field-title\">Description <span class=\"weak-color\" style=\"font-weight:normal;\">(optional)</span></div>\r\n <textarea rows=\"7\" name=\"message\" wrap=\"SOFT\" style=\"width:28em\">" ); | |
172 out.print( (Jtp.hideNull(values.get("message"))) ); | |
173 out.print( "</textarea>\r\n <br>" ); | |
174 out.print( ( Recaptcha.DIV ) ); | |
32 | 175 out.print( "\r\n </td>\r\n </tr>\r\n </table>\r\n </div>\r\n <div class=\"weak-color\" style=\"margin-top:.5em;text-align:center;\">\r\n <input id=\"submit-btn\" type=\"submit\" value=\"Create " ); |
0 | 176 out.print( (what) ); |
32 | 177 out.print( "\" />\r\n <div id=\"wait-message\" class=\"important invisible\" style=\"margin:.1em 0\">Creating " ); |
0 | 178 out.print( (what) ); |
179 out.print( "... Please wait</div>\r\n </div>\r\n </div>\r\n </form>\r\n </div>\r\n\r\n " ); | |
180 Shared.footer(request,response); | |
181 out.print( "\r\n " ); | |
182 Shared.analytics(request,response); | |
183 out.print( "\r\n </body>\r\n</html>\r\n" ); | |
184 | |
185 } | |
186 | |
28 | 187 |
36
157eac0dee34
whitelist for mailing lists
Franklin Schmidt <fschmidt@gmail.com>
parents:
34
diff
changeset
|
188 static final Set whitelist = (Set)Init.get("whitelist"); |
34 | 189 |
0 | 190 public static class Save extends HttpServlet { |
191 | |
192 private static String get(String name, HttpServletRequest request) { | |
193 String s = request.getParameter(name); | |
28 | 194 return s == null ? null : s.trim(); |
0 | 195 } |
196 | |
197 protected void service(HttpServletRequest request, HttpServletResponse response) | |
198 throws ServletException, IOException | |
199 { | |
200 String username = get("username", request); | |
201 String email = get("email", request); | |
202 String password = get("password", request); | |
203 boolean agreed = "y".equals(get("terms", request)); | |
204 String subject = get("subject", request); | |
205 String message = get("message", request); | |
206 | |
207 Map<String,String> errors = new HashMap<String,String>(); | |
208 if (username == null || username.trim().length() == 0) | |
209 errors.put("username", "required"); | |
210 if (email == null || email.length() == 0) | |
211 errors.put("email", "required"); | |
212 else if (!new MailAddress(email).isValid()) | |
213 errors.put("email", "invalid email"); | |
214 if (password == null || password.length() < 4) | |
215 errors.put("password", "too short"); | |
216 if (!agreed) | |
217 errors.put("generic", "You must agree to the Terms and Conditions"); | |
218 if (subject == null || subject.length() == 0) | |
219 errors.put("subject", "required"); | |
220 | |
221 String type = get("type", request); | |
222 type = "newspaper".equals(type)? "news" : type; | |
223 | |
224 String extraMessage = ""; | |
225 if ("mailinglist".equals(type)) { | |
226 type = "forum"; | |
227 StringBuilder m = new StringBuilder(); | |
228 m.append("\n\nMailing List Options\n"); | |
229 m.append("Click \"Options > Subscribe via email\" to subscribe to this mailing list;\n"); | |
230 m.append("Click \"Options > Post by email...\" to get the email address of this mailing list;\n"); | |
231 m.append("You can post messages via email or through the forum interface below;\n"); | |
232 m.append("All web posts and emails are archived here."); | |
233 extraMessage = m.toString(); | |
234 } | |
235 | |
236 if (errors.isEmpty()) { | |
34 | 237 if( whitelist!=null && !whitelist.contains(email) ) { |
238 logger.info("ignoring "+email); | |
239 return; | |
240 } | |
241 | |
0 | 242 DbDatabase db = Db.dbGlobal(); |
243 db.beginTransaction(); | |
244 try { | |
245 Recaptcha.check(request); | |
246 Site site = ModelHome.newSite(type,subject, message + extraMessage, Message.Format.TEXT, email, username); | |
247 Permissions.addToGroup( (User)site.getRootNode().getOwner(), Permissions.ADMINISTRATORS_GROUP ); | |
248 String key = site.newRegistration(email,password,username,"/"); | |
249 db.commitTransaction(); | |
250 | |
251 // Track spam activities by IP | |
252 ModelHome.setRemoteAddr(site, Jtp.getClientIpAddr(request)); | |
253 | |
254 site = site.getGoodCopy(); | |
255 | |
256 String lang = request.getParameter("lang"); | |
257 if (!"none".equals(lang)) { | |
258 site.setModuleEnabled(lang, true); | |
259 site = site.getGoodCopy(); | |
260 } | |
261 | |
262 sendRegisterMail(site, email, key); | |
263 NewSiteMail.send(site, request, response); | |
264 response.sendRedirect(site.getBaseUrl()+"/more/ForumStart$Redirection.jtp"); | |
265 return; | |
266 } catch(ModelException e) { | |
267 errors.put("generic", e.getMessage()); | |
268 } finally { | |
269 db.endTransaction(); | |
270 } | |
271 } | |
272 | |
273 Map<String,String> values = new HashMap<String,String>(); | |
274 values.put("username", username); | |
275 values.put("email", email); | |
276 values.put("password", password); | |
277 values.put("terms", agreed?"y":""); | |
278 values.put("subject", subject); | |
279 values.put("message", message); | |
280 build(request, response, values, errors); | |
281 } | |
282 } | |
283 | |
284 /** Sets cookies in the site domain */ | |
285 public static class Redirection extends HttpServlet { | |
286 | |
287 protected void service(HttpServletRequest request, HttpServletResponse response) | |
288 throws ServletException, IOException | |
289 { | |
290 Site site = Jtp.getSite(request); | |
291 Shared.javascriptRedirect(request, response, Jtp.url(site.getRootNode()), "Nabble.setVar('appnotice','true');"); | |
292 } | |
293 } | |
294 | |
295 public static void sendRegisterMail(Site site, String email, String key) { | |
296 Map<String,Object> args = new HashMap<String,Object>(); | |
297 args.put("email",email); | |
298 args.put("next_url","/"); | |
299 args.put("key",key); | |
300 Template template = site.getTemplate( "send_registration_email", | |
301 BasicNamespace.class, NabbleNamespace.class | |
302 ); | |
303 template.run( TemplatePrintWriter.NULL, args, | |
304 new BasicNamespace(template), new NabbleNamespace(site) | |
305 ); | |
306 } | |
307 } | |
308 |