Mercurial Hosting > nabble
view src/nabble/view/web/user/ChangeEmail.jtp @ 19:18cf4872fd7f
remove anonymous posting
author | Franklin Schmidt <fschmidt@gmail.com> |
---|---|
date | Fri, 29 May 2020 22:58:25 -0600 |
parents | 7ecd1a4ef557 |
children |
line wrap: on
line source
<% package nabble.view.web.user; import fschmidt.util.java.HtmlUtils; import fschmidt.util.servlet.ServletUtils; import nabble.model.ModelException; import nabble.model.ModelHome; import nabble.model.Site; import nabble.model.User; import nabble.view.lib.ChangeEmailMail; import nabble.view.lib.Jtp; import nabble.view.lib.Permissions; import nabble.view.lib.Shared; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; public final class ChangeEmail extends HttpServlet { protected void service(HttpServletRequest request,HttpServletResponse response) throws ServletException, IOException { long userId = Jtp.getLong(request, "user"); Site site = Jtp.getSiteNotNull(request); User user = site.getUser(userId); User visitor = Jtp.getUser(request); boolean isAllowed = user.equals(visitor) || Permissions.isInGroup(visitor, Permissions.ADMINISTRATORS_GROUP); if (visitor == null || !isAllowed) { Jtp.login("You must login to change your email.",request,response); return; } String email = request.getParameter("email"); String errorMsg = null; if( "Change".equals( request.getParameter("Action") ) && "POST".equals(request.getMethod()) ) { try { email = email.trim(); ModelHome.validateEmail(email); if( !email.equalsIgnoreCase(user.getEmail()) && Jtp.getSite(request).getUserFromEmail(email) != null) throw ModelException.newInstance("duplicate_email","Email already in use"); user.setProperty("_new_email", email); String url = ServletUtils.getContextURL(request) + "/user/ChangeEmail3.jtp?email=" + HtmlUtils.urlEncode(email) + "&user=" + user.getId() + "&h=" + emailHash(email) ; ChangeEmailMail.send(site, user.getName(), user.getEmail(), email, url); response.sendRedirect( "ChangeEmail2.jtp"); return; } catch(ModelException e) { errorMsg = e.getMessage(); } } PrintWriter out = response.getWriter(); %> <html> <head> <% Shared.title(request,response,"Change Email"); %> </head> <body> <% Shared.minHeaderGlobal(request,response); Shared.profileHeading(request,out,user,"Change Email"); Shared.errorMessage(request,response,errorMsg, "Please enter a correct email address and click Change Email." ); %> <form method=post action="<%=response.encodeURL("ChangeEmail.jtp")%>"> <input type=hidden name="Action" value="Change"> <input type=hidden name="user" value="<%=user.getId()%>"> <div class="second-font field-title"> Current Email </div> <div class="weak-color" style="margin-left:1.9em"> <%=user.getEmail()%> </div> <div class="second-font field-title"> Change email </div> <div class="weak-color" style="margin-bottom:1em"> <input name="email" size="30" value="<%=Jtp.hideNull(email)%>"> </div> <input type=submit value="Change Email"></input> or <a href="/template/NamlServlet.jtp?macro=user_profile">Cancel</a> </form> <% Shared.footer(request, response); %> <% Shared.analytics(request,response); %> </body> </html> <% } static int emailHash(String email) { return (email+"jyk.y/$sh%EW4w2333").hashCode(); } } %>