Mercurial Hosting > nabble
diff src/nabble/view/web/user/ChangeEmail.jtp @ 0:7ecd1a4ef557
add content
author | Franklin Schmidt <fschmidt@gmail.com> |
---|---|
date | Thu, 21 Mar 2019 19:15:52 -0600 |
parents | |
children | 18cf4872fd7f |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/nabble/view/web/user/ChangeEmail.jtp Thu Mar 21 19:15:52 2019 -0600 @@ -0,0 +1,109 @@ +<% +package nabble.view.web.user; + +import fschmidt.util.java.HtmlUtils; +import fschmidt.util.servlet.ServletUtils; +import nabble.model.ModelException; +import nabble.model.ModelHome; +import nabble.model.Site; +import nabble.model.User; +import nabble.view.lib.ChangeEmailMail; +import nabble.view.lib.Jtp; +import nabble.view.lib.Permissions; +import nabble.view.lib.Shared; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; + + +public final class ChangeEmail extends HttpServlet { + + protected void service(HttpServletRequest request,HttpServletResponse response) + throws ServletException, IOException + { + long userId = Jtp.getLong(request, "user"); + Site site = Jtp.getSiteNotNull(request); + User user = site.getUser(userId); + + User visitor = Jtp.getUser(request,response); + boolean isAllowed = user.equals(visitor) || Permissions.isInGroup(visitor, Permissions.ADMINISTRATORS_GROUP); + if (visitor == null || !isAllowed) { + Jtp.login("You must login to change your email.",request,response); + return; + } + String email = request.getParameter("email"); + String errorMsg = null; + + if( "Change".equals( request.getParameter("Action") ) && "POST".equals(request.getMethod()) ) { + try { + email = email.trim(); + ModelHome.validateEmail(email); + if( !email.equalsIgnoreCase(user.getEmail()) && Jtp.getSite(request).getUserFromEmail(email) != null) + throw ModelException.newInstance("duplicate_email","Email already in use"); + user.setProperty("_new_email", email); + String url = ServletUtils.getContextURL(request) + + "/user/ChangeEmail3.jtp?email=" + HtmlUtils.urlEncode(email) + + "&user=" + user.getId() + + "&h=" + emailHash(email) + ; + ChangeEmailMail.send(site, user.getName(), user.getEmail(), email, url); + response.sendRedirect( "ChangeEmail2.jtp"); + return; + } catch(ModelException e) { + errorMsg = e.getMessage(); + } + } + PrintWriter out = response.getWriter(); + %> + <html> + <head> + <% Shared.title(request,response,"Change Email"); %> + </head> + <body> + <% + Shared.minHeaderGlobal(request,response); + Shared.profileHeading(request,out,user,"Change Email"); + + Shared.errorMessage(request,response,errorMsg, + "Please enter a correct email address and click Change Email." + ); + %> + + <form method=post action="<%=response.encodeURL("ChangeEmail.jtp")%>"> + <input type=hidden name="Action" value="Change"> + <input type=hidden name="user" value="<%=user.getId()%>"> + + <div class="second-font field-title"> + Current Email + </div> + <div class="weak-color" style="margin-left:1.9em"> + <%=user.getEmail()%> + </div> + + <div class="second-font field-title"> + Change email + </div> + <div class="weak-color" style="margin-bottom:1em"> + <input name="email" size="30" value="<%=Jtp.hideNull(email)%>"> + </div> + + <input type=submit value="Change Email"></input> + or <a href="/template/NamlServlet.jtp?macro=user_profile">Cancel</a> + </form> + + <% Shared.footer(request, response); %> + <% Shared.analytics(request,response); %> + </body> + </html> + <% + } + + static int emailHash(String email) { + return (email+"jyk.y/$sh%EW4w2333").hashCode(); + } +} +%>