Mercurial Hosting > nabble
view src/nabble/view/web/user/ChangeEmail.java @ 19:18cf4872fd7f
remove anonymous posting
| author | Franklin Schmidt <fschmidt@gmail.com> |
|---|---|
| date | Fri, 29 May 2020 22:58:25 -0600 |
| parents | 7ecd1a4ef557 |
| children |
line wrap: on
line source
package nabble.view.web.user; import fschmidt.util.java.HtmlUtils; import fschmidt.util.servlet.ServletUtils; import nabble.model.ModelException; import nabble.model.ModelHome; import nabble.model.Site; import nabble.model.User; import nabble.view.lib.ChangeEmailMail; import nabble.view.lib.Jtp; import nabble.view.lib.Permissions; import nabble.view.lib.Shared; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; public final class ChangeEmail extends HttpServlet { protected void service(HttpServletRequest request,HttpServletResponse response) throws ServletException, IOException { long userId = Jtp.getLong(request, "user"); Site site = Jtp.getSiteNotNull(request); User user = site.getUser(userId); User visitor = Jtp.getUser(request); boolean isAllowed = user.equals(visitor) || Permissions.isInGroup(visitor, Permissions.ADMINISTRATORS_GROUP); if (visitor == null || !isAllowed) { Jtp.login("You must login to change your email.",request,response); return; } String email = request.getParameter("email"); String errorMsg = null; if( "Change".equals( request.getParameter("Action") ) && "POST".equals(request.getMethod()) ) { try { email = email.trim(); ModelHome.validateEmail(email); if( !email.equalsIgnoreCase(user.getEmail()) && Jtp.getSite(request).getUserFromEmail(email) != null) throw ModelException.newInstance("duplicate_email","Email already in use"); user.setProperty("_new_email", email); String url = ServletUtils.getContextURL(request) + "/user/ChangeEmail3.jtp?email=" + HtmlUtils.urlEncode(email) + "&user=" + user.getId() + "&h=" + emailHash(email) ; ChangeEmailMail.send(site, user.getName(), user.getEmail(), email, url); response.sendRedirect( "ChangeEmail2.jtp"); return; } catch(ModelException e) { errorMsg = e.getMessage(); } } PrintWriter out = response.getWriter(); out.print( "\r\n<html>\r\n <head>\r\n " ); Shared.title(request,response,"Change Email"); out.print( "\r\n </head>\r\n <body>\r\n " ); Shared.minHeaderGlobal(request,response); Shared.profileHeading(request,out,user,"Change Email"); Shared.errorMessage(request,response,errorMsg, "Please enter a correct email address and click Change Email." ); out.print( "\r\n\r\n<form method=post action=\"" ); out.print( (response.encodeURL("ChangeEmail.jtp")) ); out.print( "\">\r\n <input type=hidden name=\"Action\" value=\"Change\">\r\n <input type=hidden name=\"user\" value=\"" ); out.print( (user.getId()) ); out.print( "\">\r\n\r\n <div class=\"second-font field-title\">\r\n Current Email\r\n </div>\r\n <div class=\"weak-color\" style=\"margin-left:1.9em\">\r\n " ); out.print( (user.getEmail()) ); out.print( "\r\n </div>\r\n\r\n <div class=\"second-font field-title\">\r\n Change email\r\n </div>\r\n <div class=\"weak-color\" style=\"margin-bottom:1em\">\r\n <input name=\"email\" size=\"30\" value=\"" ); out.print( (Jtp.hideNull(email)) ); out.print( "\">\r\n </div>\r\n\r\n <input type=submit value=\"Change Email\"></input>\r\n or <a href=\"/template/NamlServlet.jtp?macro=user_profile\">Cancel</a>\r\n </form>\r\n\r\n" ); Shared.footer(request, response); out.print( "\r\n" ); Shared.analytics(request,response); out.print( "\r\n</body>\r\n</html>\r\n" ); } static int emailHash(String email) { return (email+"jyk.y/$sh%EW4w2333").hashCode(); } }