Mercurial Hosting > nabble
annotate src/nabble/view/web/more/ForumStart.jtp @ 37:40e282462f2e
fixed password instead of whitelist
author | Franklin Schmidt <fschmidt@gmail.com> |
---|---|
date | Wed, 08 Jul 2020 21:05:15 -0600 |
parents | 157eac0dee34 |
children | 72765b66e2c3 |
rev | line source |
---|---|
0 | 1 <% |
2 package nabble.view.web.more; | |
3 | |
4 import fschmidt.db.DbDatabase; | |
5 import fschmidt.util.mail.MailAddress; | |
6 import fschmidt.util.servlet.CanonicalUrl; | |
7 import nabble.model.Db; | |
8 import nabble.model.Message; | |
9 import nabble.model.ModelException; | |
10 import nabble.model.ModelHome; | |
11 import nabble.model.Site; | |
12 import nabble.model.User; | |
34 | 13 import nabble.model.Init; |
0 | 14 import nabble.naml.compiler.Template; |
15 import nabble.naml.compiler.TemplatePrintWriter; | |
16 import nabble.naml.namespaces.BasicNamespace; | |
17 import nabble.view.lib.Jtp; | |
18 import nabble.view.lib.NewSiteMail; | |
19 import nabble.view.lib.Permissions; | |
20 import nabble.view.lib.Shared; | |
21 import nabble.view.lib.UrlMappable; | |
22 import nabble.view.lib.Recaptcha; | |
23 import nabble.view.web.app.Languages; | |
24 import nabble.view.web.template.NabbleNamespace; | |
25 | |
26 import javax.servlet.ServletException; | |
27 import javax.servlet.http.HttpServlet; | |
28 import javax.servlet.http.HttpServletRequest; | |
29 import javax.servlet.http.HttpServletResponse; | |
30 import java.io.IOException; | |
31 import java.io.PrintWriter; | |
32 import java.io.StringWriter; | |
33 import java.util.Collections; | |
34 import java.util.HashMap; | |
35 import java.util.Map; | |
36 import java.util.regex.Matcher; | |
37 import java.util.regex.Pattern; | |
28 | 38 import org.slf4j.Logger; |
39 import org.slf4j.LoggerFactory; | |
0 | 40 |
41 | |
42 public final class ForumStart extends HttpServlet implements UrlMappable, CanonicalUrl { | |
28 | 43 private static final Logger logger = LoggerFactory.getLogger(ForumStart.class); |
0 | 44 |
45 private static final Pattern URL_PATTERN = Pattern.compile("/free-(forum|gallery|newspaper|blog|mailing-list)\\.html$"); | |
46 | |
47 public static String url(String what) { | |
48 return Jtp.defaultContextUrl() + path(what); | |
49 } | |
50 | |
51 public static String path(String what) { | |
52 return "/free-" + what + ".html"; | |
53 } | |
54 | |
55 public String getCanonicalUrl(HttpServletRequest request) { | |
56 return url( request.getParameter("what") ); | |
57 } | |
58 | |
59 public Map<String,String[]> getParameterMapFromUrl(HttpServletRequest request,String mappedUrl) { | |
60 Matcher m = URL_PATTERN.matcher(mappedUrl); | |
61 if( !m.find() ) | |
62 throw new RuntimeException(); | |
63 Map<String,String[]> params = new HashMap<String,String[]>(); | |
64 String what = m.group(1); | |
65 params.put("what",new String[]{what}); | |
66 return params; | |
67 } | |
68 | |
69 public Pattern getUrlPattern() { | |
70 return URL_PATTERN; | |
71 } | |
72 | |
73 protected void service(HttpServletRequest request,HttpServletResponse response) | |
74 throws ServletException, IOException | |
75 { | |
76 build(request, response, Collections.<String,String>emptyMap(), Collections.<String,String>emptyMap()); | |
77 } | |
78 | |
79 private static void build(HttpServletRequest request,HttpServletResponse response, Map<String,String> values, Map<String,String> errors) | |
80 throws ServletException, IOException | |
81 { | |
82 PrintWriter out = response.getWriter(); | |
83 String what = request.getParameter("what"); | |
84 if (what == null) | |
85 what = "Forum"; | |
86 else if ("mailing-list".equals(what)) | |
87 what = "Mailing List"; | |
88 else | |
89 what = Jtp.capitalize(what); | |
90 | |
91 String imgName = what.toLowerCase(); | |
92 if ("Mailing List".equals(what)) | |
93 imgName = "mailing-list"; | |
94 | |
95 %> | |
96 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> | |
97 <html> | |
98 <head> | |
99 <% Shared.head(request,response); %> | |
100 <title>Nabble - Free <%=what%> Setup</title> | |
101 <meta name="robots" content="noindex"/> | |
102 <META NAME="description" CONTENT="Setting up a free <%=what.toLowerCase()%> on Nabble is quick and easy. Fill in one simple form and you are done."> | |
103 <META NAME="keywords" CONTENT="free <%=what.toLowerCase()%>, hosted <%=what.toLowerCase()%>, simple, embeddable <%=what.toLowerCase()%>, customizable"> | |
104 <style type="text/css"> | |
105 div.center-content { | |
32 | 106 margin: 0px auto; |
0 | 107 margin-bottom: 3em; |
108 } | |
109 td.column1 { | |
32 | 110 text-align: right; |
111 width: 7em; | |
112 white-space: nowrap; | |
0 | 113 } |
114 input[type=text],input[type=password] { | |
32 | 115 padding: .4em 0; |
0 | 116 } |
117 div.field-title { | |
32 | 118 margin-top: .3em; |
119 } | |
120 .important { | |
121 font-weight: bold; | |
0 | 122 } |
32 | 123 label { |
124 vertical-align: -15%; | |
125 } | |
126 #submit-btn { | |
127 padding: .5em .8em; | |
128 font-size: 110%; | |
129 font-weight: bold; | |
130 } | |
0 | 131 </style> |
132 <script type="text/javascript"> | |
133 | |
134 function singleFormSubmit(f) { | |
135 if (f.done) | |
136 return false; | |
137 f.done = true; | |
138 $('#submit-btn').hide(); | |
139 var $div = $('#wait-message'); | |
140 function loading1() { $div.fadeTo(300,0.3,loading2); }; | |
141 function loading2() { $div.fadeTo(300,1,loading1); }; | |
142 loading1(); | |
143 return true; | |
144 }; | |
32 | 145 |
0 | 146 </script> |
147 <%= Recaptcha.JS %> | |
148 </head> | |
149 <body style="text-align:center"> | |
150 <% Shared.minHeaderGlobal(request,response); %> | |
151 | |
152 <div class="center-content"> | |
153 <img src="/images/logo_nabble_home.png" border="0" alt="Nabble - free forums for everyone"/><br /> | |
154 <h1 style="color:#979797">Start Your <%=what%></h1> | |
155 | |
156 <% if (errors.size() > 0) { %> | |
157 <div class="error-message important" style="margin:1em;padding:.5em 0"> | |
158 <% String generic = errors.get("generic"); %> | |
159 <%=generic != null? generic : errors.size() > 0? "Please check the errors below" : ""%> | |
160 </div> | |
161 <% } %> | |
162 | |
163 <form action="/more/ForumStart$Save.jtp" method="post" accept-charset="UTF-8" onsubmit="return singleFormSubmit(this)"> | |
164 <input type="hidden" name="type" value="<%=what.toLowerCase().replace(" ","")%>" /> | |
165 <input type="hidden" name="what" value="<%=what%>" /> | |
166 | |
167 <div style="text-align:left;width:50em;margin:0 auto"> | |
168 <div style="border-bottom:2px solid #eeeeee;padding:1em"> | |
169 <div class="weak-color" style="width:12em;text-align:center;float:left"> | |
170 <div style="font-weight:bold">Account</div> | |
171 <img src="/images/account.png" width="84" height="45"/> | |
172 <div style="margin-top:1em;font-size:80%"> | |
173 You will receive an email with a link to activate your account | |
174 </div> | |
175 </div> | |
176 <table> | |
177 <tr> | |
178 <td class="column1"><div class="second-font field-title">User Name</div></td> | |
32 | 179 <td><input type="text" autofocus size="35" maxlength="30" name="username" value="<%=Jtp.hideNull(values.get("username"))%>" /></td> |
0 | 180 <td class="important"><%=errors.containsKey("username")? errors.get("username"):""%></td> |
181 </tr> | |
182 <tr> | |
183 <td class="column1"><div class="second-font field-title">Email</div></td> | |
184 <td><input type="text" size="35" maxlength="60" name="email" value="<%=Jtp.hideNull(values.get("email"))%>"/></td> | |
185 <td class="important"><%=errors.containsKey("email")? errors.get("email"):""%></td> | |
186 </tr> | |
187 <tr> | |
188 <td class="column1"><div class="second-font field-title">Password</div></td> | |
189 <td><input type="password" size="35" maxlength="15" name="password" value="<%=Jtp.hideNull(values.get("password"))%>"/></td> | |
190 <td class="important"><%=errors.containsKey("password")? errors.get("password"):""%></td> | |
191 </tr> | |
192 <tr> | |
193 <td class="column1"><input type="checkbox" id="terms" name="terms" value="y" <%="y".equals(values.get("terms"))?"checked":""%> /></td> | |
194 <td colspan=2><label for="terms">I have read and I agree to Nabble's <a href="<%=Jtp.termsUrl(true)%>">Terms of Use</a>.</label></td> | |
195 </tr> | |
196 </table> | |
197 </div> | |
198 | |
199 <div style="padding:1em;overflow:hidden"> | |
200 <div class="weak-color" style="width:12em;text-align:center;float:left;height:15em"> | |
201 <div style="font-weight:bold"><%=what%></div> | |
202 <img src="/images/homepage/<%=imgName%>.png" alt="Free <%=what.toLowerCase()%>"> | |
203 </div> | |
204 <table> | |
205 <tr> | |
206 <td class="column1"><div class="second-font field-title">Language</div></td> | |
207 <td> | |
208 <select name="lang"> | |
209 <% for( Map.Entry<String,String> entry : Languages.languages.entrySet() ) { %> | |
210 <% String lang = request.getParameter("lang"); %> | |
211 <% boolean isEnglish = entry.getKey().equals("none"); %> | |
212 <% boolean isSelected = (lang == null && isEnglish) || entry.getKey().equals(lang); %> | |
213 <option value="<%=entry.getKey()%>" <%=isSelected?"selected=\"true\"":""%>><%=entry.getValue()%></option> | |
214 <% } %> | |
215 </select> | |
216 </td> | |
217 <td></td> | |
218 </tr> | |
219 <tr> | |
220 <td colspan="3" style="height:.6em"></td> | |
221 </tr> | |
222 <tr> | |
223 <td class="column1"><div class="second-font field-title"><%=what%> Name</div></td> | |
224 <td><input type="text" name="subject" size="30" maxlength="80" value="<%=Jtp.hideNull(values.get("subject"))%>"/></td> | |
225 <td class="important"><%=errors.containsKey("subject")? errors.get("subject"):""%></td> | |
226 </tr> | |
227 <tr> | |
228 <td colspan=3 style="padding:.4em 0 0 .6em"> | |
229 <div class="second-font field-title">Description <span class="weak-color" style="font-weight:normal;">(optional)</span></div> | |
230 <textarea rows="7" name="message" wrap="SOFT" style="width:28em"><%=Jtp.hideNull(values.get("message"))%></textarea> | |
231 <br><%= Recaptcha.DIV %> | |
232 </td> | |
233 </tr> | |
234 </table> | |
235 </div> | |
236 <div class="weak-color" style="margin-top:.5em;text-align:center;"> | |
32 | 237 <input id="submit-btn" type="submit" value="Create <%=what%>" /> |
0 | 238 <div id="wait-message" class="important invisible" style="margin:.1em 0">Creating <%=what%>... Please wait</div> |
239 </div> | |
240 </div> | |
241 </form> | |
242 </div> | |
243 | |
244 <% Shared.footer(request,response); %> | |
245 <% Shared.analytics(request,response); %> | |
246 </body> | |
247 </html> | |
248 <% | |
249 } | |
250 | |
28 | 251 |
37
40e282462f2e
fixed password instead of whitelist
Franklin Schmidt <fschmidt@gmail.com>
parents:
36
diff
changeset
|
252 private static final String newSitePassword = (String)Init.get("new_site_password"); |
34 | 253 |
0 | 254 public static class Save extends HttpServlet { |
255 | |
256 private static String get(String name, HttpServletRequest request) { | |
257 String s = request.getParameter(name); | |
28 | 258 return s == null ? null : s.trim(); |
0 | 259 } |
260 | |
261 protected void service(HttpServletRequest request, HttpServletResponse response) | |
262 throws ServletException, IOException | |
263 { | |
264 String username = get("username", request); | |
265 String email = get("email", request); | |
266 String password = get("password", request); | |
267 boolean agreed = "y".equals(get("terms", request)); | |
268 String subject = get("subject", request); | |
269 String message = get("message", request); | |
270 | |
271 Map<String,String> errors = new HashMap<String,String>(); | |
272 if (username == null || username.trim().length() == 0) | |
273 errors.put("username", "required"); | |
274 if (email == null || email.length() == 0) | |
275 errors.put("email", "required"); | |
276 else if (!new MailAddress(email).isValid()) | |
277 errors.put("email", "invalid email"); | |
278 if (password == null || password.length() < 4) | |
279 errors.put("password", "too short"); | |
280 if (!agreed) | |
281 errors.put("generic", "You must agree to the Terms and Conditions"); | |
282 if (subject == null || subject.length() == 0) | |
283 errors.put("subject", "required"); | |
284 | |
285 String type = get("type", request); | |
286 type = "newspaper".equals(type)? "news" : type; | |
287 | |
288 String extraMessage = ""; | |
289 if ("mailinglist".equals(type)) { | |
290 type = "forum"; | |
291 StringBuilder m = new StringBuilder(); | |
292 m.append("\n\nMailing List Options\n"); | |
293 m.append("Click \"Options > Subscribe via email\" to subscribe to this mailing list;\n"); | |
294 m.append("Click \"Options > Post by email...\" to get the email address of this mailing list;\n"); | |
295 m.append("You can post messages via email or through the forum interface below;\n"); | |
296 m.append("All web posts and emails are archived here."); | |
297 extraMessage = m.toString(); | |
298 } | |
299 | |
300 if (errors.isEmpty()) { | |
37
40e282462f2e
fixed password instead of whitelist
Franklin Schmidt <fschmidt@gmail.com>
parents:
36
diff
changeset
|
301 if( newSitePassword!=null && !newSitePassword.equals(password) ) { |
34 | 302 logger.info("ignoring "+email); |
303 return; | |
304 } | |
305 | |
0 | 306 DbDatabase db = Db.dbGlobal(); |
307 db.beginTransaction(); | |
308 try { | |
309 Recaptcha.check(request); | |
310 Site site = ModelHome.newSite(type,subject, message + extraMessage, Message.Format.TEXT, email, username); | |
311 Permissions.addToGroup( (User)site.getRootNode().getOwner(), Permissions.ADMINISTRATORS_GROUP ); | |
312 String key = site.newRegistration(email,password,username,"/"); | |
313 db.commitTransaction(); | |
314 | |
315 // Track spam activities by IP | |
316 ModelHome.setRemoteAddr(site, Jtp.getClientIpAddr(request)); | |
317 | |
318 site = site.getGoodCopy(); | |
319 | |
320 String lang = request.getParameter("lang"); | |
321 if (!"none".equals(lang)) { | |
322 site.setModuleEnabled(lang, true); | |
323 site = site.getGoodCopy(); | |
324 } | |
325 | |
326 sendRegisterMail(site, email, key); | |
327 NewSiteMail.send(site, request, response); | |
328 response.sendRedirect(site.getBaseUrl()+"/more/ForumStart$Redirection.jtp"); | |
329 return; | |
330 } catch(ModelException e) { | |
331 errors.put("generic", e.getMessage()); | |
332 } finally { | |
333 db.endTransaction(); | |
334 } | |
335 } | |
336 | |
337 Map<String,String> values = new HashMap<String,String>(); | |
338 values.put("username", username); | |
339 values.put("email", email); | |
340 values.put("password", password); | |
341 values.put("terms", agreed?"y":""); | |
342 values.put("subject", subject); | |
343 values.put("message", message); | |
344 build(request, response, values, errors); | |
345 } | |
346 } | |
347 | |
348 /** Sets cookies in the site domain */ | |
349 public static class Redirection extends HttpServlet { | |
350 | |
351 protected void service(HttpServletRequest request, HttpServletResponse response) | |
352 throws ServletException, IOException | |
353 { | |
354 Site site = Jtp.getSite(request); | |
355 Shared.javascriptRedirect(request, response, Jtp.url(site.getRootNode()), "Nabble.setVar('appnotice','true');"); | |
356 } | |
357 } | |
358 | |
359 public static void sendRegisterMail(Site site, String email, String key) { | |
360 Map<String,Object> args = new HashMap<String,Object>(); | |
361 args.put("email",email); | |
362 args.put("next_url","/"); | |
363 args.put("key",key); | |
364 Template template = site.getTemplate( "send_registration_email", | |
365 BasicNamespace.class, NabbleNamespace.class | |
366 ); | |
367 template.run( TemplatePrintWriter.NULL, args, | |
368 new BasicNamespace(template), new NabbleNamespace(site) | |
369 ); | |
370 } | |
371 } | |
372 %> |