view src/global/web/UserSites.java @ 66:3fbe9cb2e325

security
author Franklin Schmidt <fschmidt@gmail.com>
date Wed, 18 Sep 2024 03:51:47 -0600
parents 7ecd1a4ef557
children
line wrap: on
line source


package global.web;

import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.lucene.index.Term;
import org.apache.lucene.search.IndexSearcher;
import org.apache.lucene.search.TopDocs;
import org.apache.lucene.search.Query;
import org.apache.lucene.search.ScoreDoc;
import org.apache.lucene.search.TermQuery;
import fschmidt.util.mail.Mail;
import fschmidt.util.mail.MailAddress;
import fschmidt.util.mail.MailHome;
import fschmidt.util.mail.PlainTextContent;
import global.Site;
import global.HtmlGlobalUtils;


public final class UserSites extends HttpServlet {

	protected void service(HttpServletRequest request,HttpServletResponse response)
		throws IOException
	{
		PrintWriter out = response.getWriter();
		boolean isValid = true;
		boolean isSent = false;
		String email = request.getParameter("email");
		if( email == null ) {
			email = "";
		} else {
			email = email.trim();
			MailAddress to = new MailAddress(email);
			isValid = to.isValid();
			if( isValid ) {
				Mail mail = MailHome.newMail();
				mail.setTo(to);
				mail.setFrom( new MailAddress("no-reply@nabble.com","Nabble") );
				mail.setSubject("Your Nabble Apps");
				mail.setContent(new PlainTextContent(text(email)));
				MailHome.getDefaultSmtpServer().send(mail);
				isSent = true;
			}
		}

		out.print( "\r\n<!DOCTYPE html>\r\n<html lang=\"en\">\r\n	<head>\r\n		" );
 HtmlGlobalUtils.head(request, response, "Your Apps"); 
		out.print( "\r\n	</head>\r\n	<body lato>\r\n		" );
 HtmlGlobalUtils.header(request,response); 
		out.print( "\r\n		<div content center paddingTop>\r\n			<h1 oswald>Your Nabble Apps</h1>\r\n			<p>\r\n				Nabble can send you a list with all apps that you currently own.\r\n			</p>\r\n			" );

			if (!isSent) {
				
		out.print( "\r\n<form action=\"UserSites.jtp\">\r\n	<p>\r\n		<input name=\"email\" type=\"text\" value=\"" );
		out.print( (email) );
		out.print( "\" size=\"30\" placeholder=\"Email address\"/>\r\n		<input type=\"submit\" value=\"Submit\"/>\r\n	</p>\r\n</form>\r\n" );

				if( !isValid ) {
					
		out.print( "<p>invalid email address</p>" );

				}
			} else {
				
		out.print( "<div class=\"info-message\" style=\"padding:.5em\">An email has been sent to you.</div>" );

			}
			
		out.print( "\r\n</div>\r\n" );
 HtmlGlobalUtils.footer(request,response); 
		out.print( "\r\n</body>\r\n</html>\r\n" );

	}

    private static String text(String email) {
		try {
			IndexSearcher searcher = new IndexSearcher(Site.dir());
			Query q = new TermQuery(new Term(Site.OWNER_EMAIL_FLD,email));
			TopDocs hits = searcher.search( q, 500 );
			try {
				StringWriter buf = new StringWriter();
				PrintWriter out = new PrintWriter(buf);

		out.print( "\r\nDear Nabble user,\r\n" );
 if( hits.totalHits == 0 ){ 
		out.print( "\r\nYou don't have any sites on Nabble.\r\n" );
 } else { 
		out.print( "\r\nHere are your Nabble apps:\r\n" );
 for( ScoreDoc sd : hits.scoreDocs ) {
Site site = new Site( searcher.doc(sd.doc) );

		out.print( "\r\n" );
		out.print( (site.url()) );
		out.print( "\r\n" );

}
}

		out.print( "\r\nRegards,\r\nThe Nabble team\r\n" );

				out.flush();
				return buf.toString();
			} finally {
				searcher.close();
			}
		} catch(IOException e) {
			throw new RuntimeException(e);
		}
	}

}