0
|
1
|
|
2 package nabble.view.web.user;
|
|
3
|
|
4 import fschmidt.util.java.HtmlUtils;
|
|
5 import fschmidt.util.servlet.ServletUtils;
|
|
6 import nabble.model.ModelException;
|
|
7 import nabble.model.ModelHome;
|
|
8 import nabble.model.Site;
|
|
9 import nabble.model.User;
|
|
10 import nabble.view.lib.ChangeEmailMail;
|
|
11 import nabble.view.lib.Jtp;
|
|
12 import nabble.view.lib.Permissions;
|
|
13 import nabble.view.lib.Shared;
|
|
14
|
|
15 import javax.servlet.ServletException;
|
|
16 import javax.servlet.http.HttpServlet;
|
|
17 import javax.servlet.http.HttpServletRequest;
|
|
18 import javax.servlet.http.HttpServletResponse;
|
|
19 import java.io.IOException;
|
|
20 import java.io.PrintWriter;
|
|
21
|
|
22
|
|
23 public final class ChangeEmail extends HttpServlet {
|
|
24
|
|
25 protected void service(HttpServletRequest request,HttpServletResponse response)
|
|
26 throws ServletException, IOException
|
|
27 {
|
|
28 long userId = Jtp.getLong(request, "user");
|
|
29 Site site = Jtp.getSiteNotNull(request);
|
|
30 User user = site.getUser(userId);
|
|
31
|
|
32 User visitor = Jtp.getUser(request,response);
|
|
33 boolean isAllowed = user.equals(visitor) || Permissions.isInGroup(visitor, Permissions.ADMINISTRATORS_GROUP);
|
|
34 if (visitor == null || !isAllowed) {
|
|
35 Jtp.login("You must login to change your email.",request,response);
|
|
36 return;
|
|
37 }
|
|
38 String email = request.getParameter("email");
|
|
39 String errorMsg = null;
|
|
40
|
|
41 if( "Change".equals( request.getParameter("Action") ) && "POST".equals(request.getMethod()) ) {
|
|
42 try {
|
|
43 email = email.trim();
|
|
44 ModelHome.validateEmail(email);
|
|
45 if( !email.equalsIgnoreCase(user.getEmail()) && Jtp.getSite(request).getUserFromEmail(email) != null)
|
|
46 throw ModelException.newInstance("duplicate_email","Email already in use");
|
|
47 user.setProperty("_new_email", email);
|
|
48 String url = ServletUtils.getContextURL(request)
|
|
49 + "/user/ChangeEmail3.jtp?email=" + HtmlUtils.urlEncode(email)
|
|
50 + "&user=" + user.getId()
|
|
51 + "&h=" + emailHash(email)
|
|
52 ;
|
|
53 ChangeEmailMail.send(site, user.getName(), user.getEmail(), email, url);
|
|
54 response.sendRedirect( "ChangeEmail2.jtp");
|
|
55 return;
|
|
56 } catch(ModelException e) {
|
|
57 errorMsg = e.getMessage();
|
|
58 }
|
|
59 }
|
|
60 PrintWriter out = response.getWriter();
|
|
61
|
|
62 out.print( "\r\n<html>\r\n <head>\r\n " );
|
|
63 Shared.title(request,response,"Change Email");
|
|
64 out.print( "\r\n </head>\r\n <body>\r\n " );
|
|
65
|
|
66 Shared.minHeaderGlobal(request,response);
|
|
67 Shared.profileHeading(request,out,user,"Change Email");
|
|
68
|
|
69 Shared.errorMessage(request,response,errorMsg,
|
|
70 "Please enter a correct email address and click Change Email."
|
|
71 );
|
|
72
|
|
73 out.print( "\r\n\r\n<form method=post action=\"" );
|
|
74 out.print( (response.encodeURL("ChangeEmail.jtp")) );
|
|
75 out.print( "\">\r\n <input type=hidden name=\"Action\" value=\"Change\">\r\n <input type=hidden name=\"user\" value=\"" );
|
|
76 out.print( (user.getId()) );
|
|
77 out.print( "\">\r\n\r\n <div class=\"second-font field-title\">\r\n Current Email\r\n </div>\r\n <div class=\"weak-color\" style=\"margin-left:1.9em\">\r\n " );
|
|
78 out.print( (user.getEmail()) );
|
|
79 out.print( "\r\n </div>\r\n\r\n <div class=\"second-font field-title\">\r\n Change email\r\n </div>\r\n <div class=\"weak-color\" style=\"margin-bottom:1em\">\r\n <input name=\"email\" size=\"30\" value=\"" );
|
|
80 out.print( (Jtp.hideNull(email)) );
|
|
81 out.print( "\">\r\n </div>\r\n\r\n <input type=submit value=\"Change Email\"></input>\r\n or <a href=\"/template/NamlServlet.jtp?macro=user_profile\">Cancel</a>\r\n </form>\r\n\r\n" );
|
|
82 Shared.footer(request, response);
|
|
83 out.print( "\r\n" );
|
|
84 Shared.analytics(request,response);
|
|
85 out.print( "\r\n</body>\r\n</html>\r\n" );
|
|
86
|
|
87 }
|
|
88
|
|
89 static int emailHash(String email) {
|
|
90 return (email+"jyk.y/$sh%EW4w2333").hashCode();
|
|
91 }
|
|
92 }
|
|
93
|