/// <summary> Constructor for a new instance of the Home_MySobekViewer class </summary> /// <param name="RequestSpecificValues"> All the necessary, non-global data specific to the current request </param> public Logon_MySobekViewer(RequestCache RequestSpecificValues) : base(RequestSpecificValues) { // Check to see if (non-admin) logon is currently disabled if (UI_ApplicationCache_Gateway.Settings.System.Disable_Standard_User_Logon_Flag) { generalLogonDisabled = true; generalLogonDisabledMsg = String.IsNullOrEmpty(UI_ApplicationCache_Gateway.Settings.System.Disable_Standard_User_Logon_Message) ? "General logon to this system is temporarily disabled." : UI_ApplicationCache_Gateway.Settings.System.Disable_Standard_User_Logon_Message; } else { generalLogonDisabled = false; generalLogonDisabledMsg = String.Empty; } RequestSpecificValues.Tracer.Add_Trace("Logon_MySobekViewer.Constructor", String.Empty); errorMessage = String.Empty; // If this is a postback, check to see if the user is valid if (RequestSpecificValues.Current_Mode.isPostBack) { string possible_username = String.Empty; string possible_password = String.Empty; bool remember_me = false; string[] getKeys = HttpContext.Current.Request.Form.AllKeys; foreach (string thisKey in getKeys) { switch (thisKey) { case "logon_username": possible_username = HttpContext.Current.Request.Form[thisKey].Trim(); break; case "logon_password": possible_password = HttpContext.Current.Request.Form[thisKey].Trim(); break; case "rememberme": if (HttpContext.Current.Request.Form[thisKey].Trim() == "rememberme") { remember_me = true; } break; } } if ((!String.IsNullOrEmpty(possible_password)) && (!String.IsNullOrEmpty(possible_username))) { User_Object user = Engine_Database.Get_User(possible_username, possible_password, RequestSpecificValues.Tracer); if (user != null) { // If disabled for general logon,cancel if ((generalLogonDisabled) && (!user.Is_Host_Admin) && (!user.Is_System_Admin)) { errorMessage = generalLogonDisabledMsg; return; } // The user was valid here, so save this user information HttpContext.Current.Session["user"] = user; // Should we remember this user via cookies? if (remember_me) { HttpCookie userCookie = new HttpCookie("SobekUser"); userCookie.Values["userid"] = user.UserID.ToString(); userCookie.Values["security_hash"] = user.Security_Hash(HttpContext.Current.Request.UserHostAddress); userCookie.Expires = DateTime.Now.AddDays(14); HttpContext.Current.Response.Cookies.Add(userCookie); } // Forward back to their original URL (unless the original URL was this logon page) string raw_url = HttpContext.Current.Items["Original_URL"].ToString(); if (raw_url.ToLower().IndexOf("my/logon") > 0) { if (!String.IsNullOrEmpty(RequestSpecificValues.Current_Mode.Return_URL)) { HttpContext.Current.Response.Redirect(RequestSpecificValues.Current_Mode.Return_URL, false); RequestSpecificValues.Current_Mode.Request_Completed = true; return; } else { RequestSpecificValues.Current_Mode.My_Sobek_Type = My_Sobek_Type_Enum.Home; UrlWriterHelper.Redirect(RequestSpecificValues.Current_Mode); } } else { HttpContext.Current.Response.Redirect(raw_url, false); HttpContext.Current.ApplicationInstance.CompleteRequest(); RequestSpecificValues.Current_Mode.Request_Completed = true; } } else { errorMessage = "Invalid user/password entered"; } } } }