0
|
1 <%
|
|
2 package nabble.view.web.user;
|
|
3
|
|
4 import fschmidt.util.java.HtmlUtils;
|
|
5 import fschmidt.util.servlet.ServletUtils;
|
|
6 import nabble.model.ModelException;
|
|
7 import nabble.model.ModelHome;
|
|
8 import nabble.model.Site;
|
|
9 import nabble.model.User;
|
|
10 import nabble.view.lib.ChangeEmailMail;
|
|
11 import nabble.view.lib.Jtp;
|
|
12 import nabble.view.lib.Permissions;
|
|
13 import nabble.view.lib.Shared;
|
|
14
|
|
15 import javax.servlet.ServletException;
|
|
16 import javax.servlet.http.HttpServlet;
|
|
17 import javax.servlet.http.HttpServletRequest;
|
|
18 import javax.servlet.http.HttpServletResponse;
|
|
19 import java.io.IOException;
|
|
20 import java.io.PrintWriter;
|
|
21
|
|
22
|
|
23 public final class ChangeEmail extends HttpServlet {
|
|
24
|
|
25 protected void service(HttpServletRequest request,HttpServletResponse response)
|
|
26 throws ServletException, IOException
|
|
27 {
|
|
28 long userId = Jtp.getLong(request, "user");
|
|
29 Site site = Jtp.getSiteNotNull(request);
|
|
30 User user = site.getUser(userId);
|
|
31
|
|
32 User visitor = Jtp.getUser(request,response);
|
|
33 boolean isAllowed = user.equals(visitor) || Permissions.isInGroup(visitor, Permissions.ADMINISTRATORS_GROUP);
|
|
34 if (visitor == null || !isAllowed) {
|
|
35 Jtp.login("You must login to change your email.",request,response);
|
|
36 return;
|
|
37 }
|
|
38 String email = request.getParameter("email");
|
|
39 String errorMsg = null;
|
|
40
|
|
41 if( "Change".equals( request.getParameter("Action") ) && "POST".equals(request.getMethod()) ) {
|
|
42 try {
|
|
43 email = email.trim();
|
|
44 ModelHome.validateEmail(email);
|
|
45 if( !email.equalsIgnoreCase(user.getEmail()) && Jtp.getSite(request).getUserFromEmail(email) != null)
|
|
46 throw ModelException.newInstance("duplicate_email","Email already in use");
|
|
47 user.setProperty("_new_email", email);
|
|
48 String url = ServletUtils.getContextURL(request)
|
|
49 + "/user/ChangeEmail3.jtp?email=" + HtmlUtils.urlEncode(email)
|
|
50 + "&user=" + user.getId()
|
|
51 + "&h=" + emailHash(email)
|
|
52 ;
|
|
53 ChangeEmailMail.send(site, user.getName(), user.getEmail(), email, url);
|
|
54 response.sendRedirect( "ChangeEmail2.jtp");
|
|
55 return;
|
|
56 } catch(ModelException e) {
|
|
57 errorMsg = e.getMessage();
|
|
58 }
|
|
59 }
|
|
60 PrintWriter out = response.getWriter();
|
|
61 %>
|
|
62 <html>
|
|
63 <head>
|
|
64 <% Shared.title(request,response,"Change Email"); %>
|
|
65 </head>
|
|
66 <body>
|
|
67 <%
|
|
68 Shared.minHeaderGlobal(request,response);
|
|
69 Shared.profileHeading(request,out,user,"Change Email");
|
|
70
|
|
71 Shared.errorMessage(request,response,errorMsg,
|
|
72 "Please enter a correct email address and click Change Email."
|
|
73 );
|
|
74 %>
|
|
75
|
|
76 <form method=post action="<%=response.encodeURL("ChangeEmail.jtp")%>">
|
|
77 <input type=hidden name="Action" value="Change">
|
|
78 <input type=hidden name="user" value="<%=user.getId()%>">
|
|
79
|
|
80 <div class="second-font field-title">
|
|
81 Current Email
|
|
82 </div>
|
|
83 <div class="weak-color" style="margin-left:1.9em">
|
|
84 <%=user.getEmail()%>
|
|
85 </div>
|
|
86
|
|
87 <div class="second-font field-title">
|
|
88 Change email
|
|
89 </div>
|
|
90 <div class="weak-color" style="margin-bottom:1em">
|
|
91 <input name="email" size="30" value="<%=Jtp.hideNull(email)%>">
|
|
92 </div>
|
|
93
|
|
94 <input type=submit value="Change Email"></input>
|
|
95 or <a href="/template/NamlServlet.jtp?macro=user_profile">Cancel</a>
|
|
96 </form>
|
|
97
|
|
98 <% Shared.footer(request, response); %>
|
|
99 <% Shared.analytics(request,response); %>
|
|
100 </body>
|
|
101 </html>
|
|
102 <%
|
|
103 }
|
|
104
|
|
105 static int emailHash(String email) {
|
|
106 return (email+"jyk.y/$sh%EW4w2333").hashCode();
|
|
107 }
|
|
108 }
|
|
109 %>
|