//-----------------------------------------------------------------------------------------------------------------------------------------------
/// <summary>
/// Called the first time the login page is requested. For security, on new logins, the current session should be
/// abandoned and a new session started.
///
/// Calls the login page back with the ResetSession and an encrypted CID token which contains the AnonID
/// cookie value (a GUID) and a date time stamp
///
/// </summary>
protected void Step1KillSession()
{
string redirectURL = MGLApplicationSecurityInterface.Instance().AppLoginConfig.DefaultPostLoginPage;
try {
//-----1----- Abandon the current session
// 20-Apr-2016 - Before killing the session lets make absolutely sure that the current Session ID has been removed from the HTTPS checks
// This should be entirely unnecessary and does appear to be so, but lets do it anyway as it is light, fast and important
//Logger.Log("XXXXX - "+ActionPage+".aspx - removing the session requires https for " + Session.SessionID + " BEFORE Killing the session....");
if (MGLApplicationInterface.Instance().UseHttpsSessionsIndependently == true)
{
MGLApplicationInterface.Instance().RemoveSessionRequiringHTTPS(Session.SessionID);
MGLSessionInterface.Instance().UseHTTPS = false;
}
// And then lets abandon the session properly
Session.Abandon();
Response.Cookies.Add(new HttpCookie("ASP.NET_SessionId", ""));
//-----2----- Build the encrypted string
StringBuilder authKey = GenerateKey();
//-----3----- Build the redirectURL, including the special action, next page URL and CID authorisation token
// For the independent HTTPS in sessions we need to call this page again to configure the new session and then continue
// otherwise we can just go with it ...
string redirectPage = (MGLApplicationInterface.Instance().UseHttpsSessionsIndependently == false) ? ActionPage + "Do.aspx" : ActionPage + ".aspx";
redirectURL = BuildRedirectURL(redirectPage, authKey);
} catch (Exception ex) {
Logger.LogError(8, "Problem setting the authorisation redirect url in the login page. This is serious! The specific error was: " + ex.ToString());
}
//-----4----- Redirect to the loginDo page and commence the login event in anger.
// Or if this a use-https-in-sessions-independently website, lets come back to the login page to reconfigure.
Response.Redirect(redirectURL);
}
//-------------------------------------------------------------------------------------------------------------------------------------------------------------
protected void Page_Load(object sender, EventArgs e)
{
// Get the ID and the Language and extract the working title from the database
string wdIDStr = Request.Params.Get("DocID");
int.TryParse(wdIDStr, out wdID);
WebDocProcessing wdp = new WebDocProcessing(MGLSessionInterface.Instance().Config);
WebDoc wd = new WebDoc(wdID);
wdp.GetWebDoc(wd);
wdp.GetWebDocChapters(wd);
wdp.GetWebDocTagXRefs(wd);
WDSelectedID.InnerHtml = wd.ID.ToString();
WDWorkingTitle.InnerHtml = wd.DescriptionInternal;
// OK - lets now standardise the metadata we store in the page for the TagEditor with the BlogEditor and DocumentEditor...
DocID.Value = wd.ID.ToString();
DocType.Value = ((int)wd.DocumentType).ToString();
// OK - so now we want to build a dynamic listing of the chapters
BuildChapterTagWidget(wd);
}
//-----------------------------------------------------------------------------------------------------------------------------------------------
/// <summary>
/// Modifies the given next page URL to explicitly declare using HTTPS, if this is required at the application or session level
/// </summary>
protected string BuildNextPageURL(string url, bool httpsRequired)
{
// 20-Apr-2016 - modify the next page URL so that it automatically goes to the HTTPs page if required
if (httpsRequired == true)
{
if (url.StartsWith("http://") == true)
{
url = url.Replace("http://", "https://");
}
else if (url.StartsWith("~/") == true)
{
url = url.Replace("~/", "https://" + MGLSessionInterface.Instance().Config.WebProjectPath());
}
}
else
{
if (url.StartsWith("https://") == true)
{
url = url.Replace("https://", "http://");
}
else if (url.StartsWith("~/") == true)
{
url = url.Replace("~/", "http://" + MGLSessionInterface.Instance().Config.WebProjectPath());
}
}
return(url);
}
//-------------------------------------------------------------------------------------------------------------------------------------------------------------
protected void Page_Load(object sender, EventArgs e)
{
Testing.Visible = true;
// Hide the main login button once the user has logged in, otherwise this might get a little confusing ...
bool isLoggedIn = Authorisation.DoIsLoggedIn();
if (isLoggedIn)
{
MainLoginButton.Visible = false;
}
//WebDocConversion.Test(MGLSessionInterface.Instance().Config);
StringBuilder str = new StringBuilder();
str.Append("<script type='text/javascript'>");
// 18-Mar-2016 - Get the JS Version ...
string jsVersionConfig = MGLApplicationInterface.Instance().JSVersion;
str.Append("var jsVersionConfig=" + jsVersionConfig + ";");
//-----a----- Display any warnings or confirmation messages to the user
// Session timeout warning is the default (and most common) ...
// 20-Apr-2016 - show a logout confirmation ...
string showLogoutStr = Request.Params.Get("ShowLogout");
if (string.IsNullOrEmpty(showLogoutStr) == false && showLogoutStr == "1")
{
ctlInfoSplash.SetupInfoSplash(true, "You have successfully logged out.", false);
str.Append("window.setTimeout( 'HideInfoSplash();', 3000 );");
}
else
{
// 21-Apr-2016 - show a password reset message if any ...
string showPasswordReset = Request.Params.Get("FromPasswordReset");
if (string.IsNullOrEmpty(showPasswordReset) == false && showPasswordReset == "1")
{
ctlInfoSplash.SetupInfoSplash(true, "Password reset successfully - You are now logged in.", false);
str.Append("window.setTimeout( 'HideInfoSplash();', 3000 );");
}
else if (MGLSessionInterface.Instance().SessionExpired == true)
{
// Show the session expiry warning ...
// can we do something in here with the duration?
ctlInfoSplash.SetupInfoSplash(false, "Session expired - please log in again.", true);
str.Append("window.setTimeout( 'HideInfoSplash();', 3000 );");
MGLSessionInterface.Instance().SessionExpired = false;
}
}
str.Append("</script>");
jsStuff.Controls.Add(new LiteralControl(str.ToString()));
}
//-----------------------------------------------------------------------------------------------------------------------------------------------
/// <summary>
/// Called the second time the login page is requested. For security, on new logins, the current session should be
/// abandoned and a new session started.
///
/// If HTTPS is globally all false or globally all true, this intermediate step is not required as the page requesting the login page will
/// have the same protocol (both HTTP or both HTTPS). However, if the MGLApplicationInterface.UseHttpsSessionsIndependently variable is set, then we need
/// an intermediate step - this step - to force the session to use HTTPs and then call LoginDo...
///
/// Calls the LoginDo page with the ResetSession and an encrypted CID token which contains the AnonID
/// cookie value ( a GUID) and a date time stamp.
///
/// </summary>
protected void Step2SetSecureSession(StringBuilder encryptedKey)
{
string redirectURL = MGLApplicationSecurityInterface.Instance().AppLoginConfig.DefaultPostLoginPage;
try {
bool keyIsValid = KeyIsValid(encryptedKey);
//Logger.Log("XXXXX - "+ActionPage+".aspx - Setting the secure session. And checking that the key is valid: " + keyIsValid);
//-----a----- Get the AuthKey and check it is legit - if not we do nothing and the user is bounced out to the default page
if (keyIsValid == true)
{
//-----b----- Setup the new session to be secure - which by now should have been created as this page loads for the second time!
// Force this session to use HTTPs as this page has been requested
if (MGLSessionInterface.Instance().UseHTTPS == false)
{
MGLSessionInterface.Instance().SetSessionRequiresHTTPs(Request.Cookies["AnonID"], Session.SessionID, HttpContext.Current.Request.IsLocal);
}
//-----c----- Build the URL for the LoginDo page - and if HTTPS is enabled, we explicitly set the LoginDo page to use HTTPS
// ASSUMPTION is that the action page HAS TO BE IN THE Code/Security folder!!
string redirectPage = ActionPage + "Do.aspx";
if (MGLSessionInterface.Instance().UseHTTPS == true && HttpContext.Current.Request.IsLocal == false)
{
redirectPage = "https://" + MGLSessionInterface.Instance().Config.WebProjectPath() + "Code/Security/" + redirectPage;
}
redirectURL = BuildRedirectURL(redirectPage, encryptedKey);
}
} catch (Exception ex) {
Logger.LogError(8, "Problem setting the secure session in the login page. This is serious! The specific error was: " + ex.ToString());
}
//Logger.Log("XXXXX - " + ActionPage + ".aspx - https is " + MGLSessionInterface.Instance().UseHTTPS + " and Redirecting to : " + redirectURL);
//-----d----- Redirect to the LoginDo page and commence the login event in anger ...
Response.Redirect(redirectURL);
}
//-------------------------------------------------------------------------------------------------------------------------------------------------------------
protected void Session_Start(Object sender, EventArgs e)
{
//_____ Add the Config Info to the address seshion interface
MGL.Web.WebUtilities.MGLSessionInterface.Instance().Config = MGL.Web.WebUtilities.MGLApplicationInterface.Instance().ConfigDefault;
//____ Generate a new Unique SessionID ... Use for logging specific sessions ...
MGLSessionInterface.Instance().GenerateNewSessionID();
// 8-Jan-2015 - Code that runs when a new session is started - this stops the following error from occurring intermittently:
// "Session state has created a session id, but cannot save it because the response was already flushed by the application"
string sessionId = Session.SessionID;
//_____ Update the number of users in the database ...
bool success = DataNirvanaWebProcessing.LogNewSiteVisitor(MGLSessionInterface.Instance().Config);
MGLSessionInterface.Instance().NumberOfUsers = DataNirvanaWebProcessing.GetNumberOfVisitors(MGLSessionInterface.Instance().Config);
//_____ LEGACY - Increment the number of users ....
MGLApplicationInterface.Instance().NumberOfUsers++;
//_____ Set the Users Host Address at the startup of the session ...
// 27-Nov-2015 - Converted to use this v4IPAddress method.
//MGLSessionSecurityInterface.Instance().UserIPAddress = Request.UserHostAddress;
MGLSessionSecurityInterface.Instance().UserIPAddress = IPAddressHelper.GetIP4OrAnyAddressFromHTTPRequest();
// 7-Dec-2015 - set the default session timeout in minutes in the case locker object.
// if (CaseLocker.SessionTimeoutMins == 0) {
// CaseLocker.SessionTimeoutMins = Session.Timeout;
// }
// 17-Dec-2015 - align the session UseHTTPS variable with the global variable and always set the session requires HTTPS if HTTPS is true
MGLSessionInterface.Instance().UseHTTPS = MGLApplicationSecurityInterface.Instance().AppLoginConfig.UseHTTPS;
if (MGLSessionInterface.Instance().UseHTTPS == true)
{
MGLSessionInterface.Instance().SetSessionRequiresHTTPs(Request.Cookies["AnonID"], sessionId, HttpContext.Current.Request.IsLocal);
}
}
//-------------------------------------------------------------------------------------------------------------------------------------------------------
protected bool DeleteTag(int tagID, out string errorMessage)
{
bool success = false;
errorMessage = "";
try {
//___ Check it is not shit
if (tagID <= 0)
{
errorMessage = "No tag was selected. Please try again.";
}
else
{
string tagName = "";
foreach (WebDocTag wdt in KeyInfo.Tags)
{
if (wdt.ID == tagID)
{
tagName = wdt.Name;
break;
}
}
// OK here lets setup the processing obj
WebDocProcessing wdp = new WebDocProcessing(MGLSessionInterface.Instance().Config);
//_____ So now then lets try to delete it ... and all the associated XRefs ...
success = wdp.DeleteWebDocTag(tagID);
//_____ Lastly, if added then we need to reset the global organisation variables ....
if (success == false)
{
errorMessage = "Could not delete the tag with ID " + tagID + ". This should not normally happen - please inform a website administrator and provide them with a screenshot.";
}
else
{
int b4Count = KeyInfo.Tags.Count;
// then lastly - if this is successful - we need to refresh the global list of tags ...
lock (KeyInfo.Tags) {
KeyInfo.Tags = wdp.GetAllWebDocTags();
}
// Success is that the number of tags increments by one
success = ((b4Count - 1) == KeyInfo.Tags.Count);
if (success == false)
{
errorMessage = "Could not update the website global variables after deleting the tag with ID " + tagID
+ ". This should not normally happen - please inform a website administrator and provide them with a screenshot.";
}
else
{
errorMessage = "The tag '" + tagName + "' and all corresponding cross-references have been successfully deleted.";
TBTag.Value = "";
DoDelete.Value = "";
}
}
}
} catch (Exception ex) {
ctlInfoSplash.SetupInfoSplash(false, "General error trying to delete the organisation. Please try again.", false);
Logger.LogError(7, "Error deleting the organisation: " + ex.ToString());
}
return(success);
}
//-------------------------------------------------------------------------------------------------------------------------------------------------------
protected bool AddTag(string tagName, out string errorMessage)
{
bool success = false;
errorMessage = "";
string tagTN = WebDocProcessing.dbTNWebDocTag;
try {
//___ Check it is not shit
if (tagName == null || tagName == "" || tagName.Trim() == "")
{
errorMessage = "No new tag was provided - please try again.";
}
else
{
// clean it up a bit
tagName = tagName.Trim();
tagName = tagName.Replace(" ", " ");
tagName = tagName.Replace(" ", " ");
tagName = tagName.Replace(" ", " ");
tagName = tagName.Replace(" ", " ");
tagName = tagName.Replace(" ", " ");
tagName = tagName.Replace(" ", " ");
tagName = tagName.Replace(" ", " ");
//_____ See if it exists already
bool alreadyExists = false;
foreach (WebDocTag wdt in KeyInfo.Tags)
{
if (wdt.Name.Equals(tagName, StringComparison.CurrentCultureIgnoreCase) == true)
{
alreadyExists = true;
break;
}
}
if (alreadyExists == true)
{
errorMessage = "The tag name '" + tagName + "' already exists! Please check the name and try again.";
}
else
{
// OK here lets setup the processing obj
WebDocProcessing wdp = new WebDocProcessing(MGLSessionInterface.Instance().Config);
//_____ So now then lets try to insert it ...
success = wdp.InsertWebDocTag(tagName);
//_____ Lastly, if added then we need to reset the global organisation variables ....
if (success == false)
{
errorMessage = "Could not insert the new tag name '" + tagName + "'. This should not normally happen - please inform a website administrator and provide them with a screenshot.";
}
else
{
int b4Count = KeyInfo.Tags.Count;
// then lastly - if this is successful - we need to refresh the global list of tags ...
lock (KeyInfo.Tags) {
KeyInfo.Tags = wdp.GetAllWebDocTags();
}
// Success is that the number of tags increments by one
success = ((b4Count + 1) == KeyInfo.Tags.Count);
if (success == false)
{
errorMessage = "Could not update the website global variables after adding new tag '" + tagName
+ "'. This should not normally happen - please inform a website administrator and provide them with a screenshot.";
}
else
{
errorMessage = "The new tag '" + tagName + "' has been added successfully.";
//TBTag.Value = tagName;
TBTag.Value = "";
DoDelete.Value = "";
}
}
}
}
} catch (Exception ex) {
ctlInfoSplash.SetupInfoSplash(false, "General error trying to add the tag. Please try again.", false);
Logger.LogError(7, "Error adding a new tag: " + ex.ToString());
}
return(success);
}
//--------------------------------------------------------------------------------------------------------------------------------------------------------------
protected string BuildTagSummary(int tagID)
{
KeyValuePair <int, string> kvp = KeyInfo.FindValue(WebDocTag.ConvertToKeyValuePair(KeyInfo.Tags), tagID);
tagName.InnerHtml = kvp.Value;
WebDocProcessing wdp = new WebDocProcessing(MGLSessionInterface.Instance().Config);
// ok this is gonna be a custom query!!
List <string[]> data = wdp.ContentLinkedToTag(tagID);
HtmlGenericControl container = new HtmlGenericControl("div");
if (data == null || data.Count == 0)
{
container.InnerHtml = "No content is currently associated with the '" + kvp.Value + "' tag.";
}
else
{
int counter = 0;
// The header row
{
HtmlGenericControl hDivRow = new HtmlGenericControl("div");
hDivRow.Attributes.Add("class", "row");
HtmlGenericControl hCell1 = new HtmlGenericControl("div");
hCell1.Attributes.Add("class", "col-md-2");
hCell1.InnerHtml = "<h4>Document type</h4>";
hDivRow.Controls.Add(hCell1);
// Document ID
HtmlGenericControl hCell2 = new HtmlGenericControl("div");
hCell2.Attributes.Add("class", "col-md-2");
hCell2.InnerHtml = "<h4>Document ID</h4>";
hDivRow.Controls.Add(hCell2);
// Description
HtmlGenericControl hCell3 = new HtmlGenericControl("div");
hCell3.Attributes.Add("class", "col-md-4");
hCell3.InnerHtml = "<h4>Document description</h4>";
hDivRow.Controls.Add(hCell3);
// Chapter
HtmlGenericControl hCell4 = new HtmlGenericControl("div");
hCell4.Attributes.Add("class", "col-md-4");
hCell4.InnerHtml = "<h4>Chapter name</h4>";
hDivRow.Controls.Add(hCell4);
container.Controls.Add(hDivRow);
}
// a.ID, a.DocumentType, a.GeneralDescription, b.ChapterNumber, b.ChapterTitle
foreach (string[] row in data)
{
string altCSS = (counter++ % 2 == 0) ? "BA" : "BB";
HtmlGenericControl divRow = new HtmlGenericControl("div");
divRow.Attributes.Add("class", "row " + altCSS);
// Document type
WebDocType webDocType = (WebDocType)Enum.Parse(typeof(WebDocType), row[1]);
HtmlGenericControl cell1 = new HtmlGenericControl("div");
cell1.Attributes.Add("class", "col-md-2");
cell1.InnerHtml = webDocType.ToString();
divRow.Controls.Add(cell1);
// Document ID
HtmlGenericControl cell2 = new HtmlGenericControl("div");
cell2.Attributes.Add("class", "col-md-2");
HtmlAnchor link = new HtmlAnchor();
link.InnerHtml = row[0];
link.HRef = "/" + webDocType.ToString() + "Editor?DocID=" + row[0];
cell2.Controls.Add(link);
divRow.Controls.Add(cell2);
// Description
HtmlGenericControl cell3 = new HtmlGenericControl("div");
cell3.Attributes.Add("class", "col-md-4");
cell3.InnerHtml = row[2];
divRow.Controls.Add(cell3);
// Chapter
HtmlGenericControl cell4 = new HtmlGenericControl("div");
cell4.Attributes.Add("class", "col-md-4");
cell4.InnerHtml = "<b>" + row[3] + ".</b> " + row[4];
divRow.Controls.Add(cell4);
container.Controls.Add(divRow);
}
}
string html = HTMLUtilities.RenderControlToHtml(container);
return(html);
}
