public void ProcessRequest(HttpContext context)
{
if (context.Request.RequestType != "POST" || !context.Request.IsAuthenticated)
return;
IGraffitiUser user = GraffitiUsers.Current;
if (user == null)
return;
if (!RolePermissionManager.CanViewControlPanel(user))
return;
context.Response.ContentType = "text/plain";
switch (context.Request.QueryString["command"])
{
case "deleteComment":
Comment c = new Comment(context.Request.Form["commentid"]);
if (RolePermissionManager.GetPermissions(c.Post.CategoryId, GraffitiUsers.Current).Publish)
{
Comment.Delete(context.Request.Form["commentid"]);
context.Response.Write("success");
}
break;
case "deleteCommentWithStatus":
Comment c1 = new Comment(context.Request.Form["commentid"]);
if (RolePermissionManager.GetPermissions(c1.Post.CategoryId, GraffitiUsers.Current).Publish)
{
Comment.Delete(context.Request.Form["commentid"]);
context.Response.Write("The comment was deleted. <a href=\"javascript:void(0);\" onclick=\"Comments.unDelete('" + new Urls().AdminAjax + "'," + context.Request.Form["commentid"] + "); return false;\">Undo?</a>");
}
break;
case "unDelete":
Comment c2 = new Comment(context.Request.Form["commentid"]);
if (RolePermissionManager.GetPermissions(c2.Post.CategoryId, GraffitiUsers.Current).Publish)
{
Comment comment = new Comment(context.Request.Form["commentid"]);
comment.IsDeleted = false;
comment.Save();
context.Response.Write("The comment was un-deleted. You may need to refresh the page to see it");
}
break;
case "approve":
Comment c3 = new Comment(context.Request.Form["commentid"]);
if (RolePermissionManager.GetPermissions(c3.Post.CategoryId, GraffitiUsers.Current).Publish)
{
Comment cmt = new Comment(context.Request.Form["commentid"]);
cmt.IsDeleted = false;
cmt.IsPublished = true;
cmt.Save();
context.Response.Write("The comment was un-deleted and/or approved. You may need to refresh the page to see it");
}
break;
case "deletePost":
try
{
Post postToDelete = new Post(context.Request.Form["postid"]);
Permission perm = RolePermissionManager.GetPermissions(postToDelete.CategoryId, user);
if (GraffitiUsers.IsAdmin(user) || perm.Publish)
{
postToDelete.IsDeleted = true;
postToDelete.Save(user.Name, DateTime.Now);
//Post.Delete(context.Request.Form["postid"]);
//ZCache.RemoveByPattern("Posts-");
//ZCache.RemoveCache("Post-" + context.Request.Form["postid"]);
context.Response.Write("The post was deleted. <a href=\"javascript:void(0);\" onclick=\"Posts.unDeletePost('" + new Urls().AdminAjax + "'," + context.Request.Form["postid"] + "); return false;\">Undo?</a>");
}
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
}
break;
case "unDeletePost":
Post p = new Post(context.Request.Form["postid"]);
p.IsDeleted = false;
p.Save();
//ZCache.RemoveByPattern("Posts-");
//ZCache.RemoveCache("Post-" + context.Request.Form["postid"]);
//context.Response.Write("The post was un-deleted. You may need to fresh the page to see it");
break;
case "permanentDeletePost":
Post tempPost = new Post(context.Request.Form["postid"]);
Post.DestroyDeletedPost(tempPost.Id);
context.Response.Write(tempPost.Title);
break;
case "createdWidget":
string widgetID = context.Request.Form["id"];
List<WidgetDescription> the_widgets = Widgets.GetAvailableWidgets();
Widget widget = null;
foreach (WidgetDescription wia in the_widgets)
{
if (wia.UniqueId == widgetID)
{
widget = Widgets.Create(wia.WidgetType);
break;
}
}
context.Response.Write(widget.Id.ToString());
break;
case "updateWidgetsOrder":
try
{
string listID = context.Request.Form["id"];
string list = "&" + context.Request.Form["list"];
Widgets.ReOrder(listID, list);
//StreamWriter sw = new StreamWriter(context.Server.MapPath("~/widgets.txt"), true);
//sw.WriteLine(DateTime.Now);
//sw.WriteLine();
//sw.WriteLine(context.Request.Form["left"]);
//sw.WriteLine(context.Request.Form["right"]);
//sw.WriteLine(context.Request.Form["queue"]);
//sw.WriteLine();
//sw.Close();
context.Response.Write("Saved!");
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
}
break;
case "deleteWidget":
string deleteID = context.Request.Form["id"];
Widgets.Delete(deleteID);
context.Response.Write("The widget was removed!");
break;
case "createTextLink":
DynamicNavigationItem di = new DynamicNavigationItem();
di.NavigationType = DynamicNavigationType.Link;
di.Text = context.Request.Form["text"];
di.Href = context.Request.Form["href"];
di.Id = Guid.NewGuid();
NavigationSettings.Add(di);
context.Response.Write(di.Id);
break;
case "deleteTextLink":
Guid g = new Guid(context.Request.Form["id"]);
NavigationSettings.Remove(g);
context.Response.Write("Success");
break;
case "reOrderNavigation":
try
{
string navItems = "&" + context.Request.Form["navItems"];
NavigationSettings.ReOrder(navItems);
context.Response.Write("Success");
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
}
break;
case "addNavigationItem":
try
{
if (context.Request.Form["type"] == "Post")
{
Post navPost = Post.FetchByColumn(Post.Columns.UniqueId, new Guid(context.Request.Form["id"]));
DynamicNavigationItem item = new DynamicNavigationItem();
item.PostId = navPost.Id;
item.Id = navPost.UniqueId;
item.NavigationType = DynamicNavigationType.Post;
NavigationSettings.Add(item);
context.Response.Write("Success");
}
else if (context.Request.Form["type"] == "Category")
{
Category navCategory = Category.FetchByColumn(Category.Columns.UniqueId, new Guid(context.Request.Form["id"]));
DynamicNavigationItem item = new DynamicNavigationItem();
item.CategoryId = navCategory.Id;
item.Id = navCategory.UniqueId;
item.NavigationType = DynamicNavigationType.Category;
NavigationSettings.Add(item);
context.Response.Write("Success");
}
}
catch (Exception exp)
{
context.Response.Write(exp.Message);
}
break;
case "reOrderPosts":
try
{
Dictionary<int, Post> posts = new Dictionary<int, Post>();
DataBuddy.Query query = Post.CreateQuery();
query.AndWhere(Post.Columns.CategoryId, int.Parse(context.Request.QueryString["id"]));
foreach (Post post in PostCollection.FetchByQuery(query))
{
posts[post.Id] = post;
}
string postOrder = context.Request.Form["posts"];
int orderNumber = 1;
foreach (string sId in postOrder.Split('&'))
{
Post post = null;
posts.TryGetValue(int.Parse(sId), out post);
if (post != null && post.SortOrder != orderNumber)
{
post.SortOrder = orderNumber;
post.Save();
}
orderNumber++;
}
context.Response.Write("Success");
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
}
break;
case "reOrderHomePosts":
try
{
Dictionary<int, Post> posts = new Dictionary<int, Post>();
DataBuddy.Query query = Post.CreateQuery();
query.AndWhere(Post.Columns.IsHome, true);
foreach (Post post in PostCollection.FetchByQuery(query))
{
posts[post.Id] = post;
}
string postOrder = context.Request.Form["posts"];
int orderNumber = 1;
foreach (string sId in postOrder.Split('&'))
{
Post post = null;
posts.TryGetValue(int.Parse(sId), out post);
if (post != null && post.HomeSortOrder != orderNumber)
{
post.HomeSortOrder = orderNumber;
post.Save();
}
orderNumber++;
}
context.Response.Write("Success");
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
}
break;
case "categoryForm":
int selectedCategory = int.Parse(context.Request.QueryString["category"] ?? "-1");
int postId = int.Parse(context.Request.QueryString["post"] ?? "-1");
NameValueCollection nvcCustomFields;
if (postId > 0)
nvcCustomFields = new Post(postId).CustomFields();
else
nvcCustomFields = new NameValueCollection();
CustomFormSettings cfs = CustomFormSettings.Get(selectedCategory);
if (cfs.HasFields)
{
foreach (CustomField cf in cfs.Fields)
{
if (context.Request.Form[cf.Id.ToString()] != null)
nvcCustomFields[cf.Name] = context.Request.Form[cf.Id.ToString()];
}
context.Response.Write(cfs.GetHtmlForm(nvcCustomFields, (postId < 1)));
}
else
context.Response.Write("");
break;
case "toggleEventStatus":
try
{
EventDetails ed = Events.GetEvent(context.Request.QueryString["t"]);
ed.Enabled = !ed.Enabled;
if (ed.Enabled)
ed.Event.EventEnabled();
else
ed.Event.EventDisabled();
Events.Save(ed);
context.Response.Write(ed.Enabled ? "Enabled" : "Disabled");
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
}
break;
case "buildMainFeed":
try
{
FileInfo mainFeedFileInfo = new FileInfo(HttpContext.Current.Server.MapPath("~/Feed/Default.aspx"));
if (!mainFeedFileInfo.Directory.Exists)
mainFeedFileInfo.Directory.Create();
using (StreamWriter sw = new StreamWriter(mainFeedFileInfo.FullName, false))
{
sw.WriteLine("<%@ Page Language=\"C#\" Inherits=\"Graffiti.Core.RSS\" %>");
sw.Close();
}
context.Response.Write("Success");
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
return;
}
break;
case "removeFeedData":
try
{
FeedManager.RemoveFeedData();
context.Response.Write("Success");
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
}
break;
case "buildCategoryPages":
try
{
CategoryCollection cc = new CategoryController().GetCachedCategories();
foreach (Category cat in cc)
cat.WritePages();
context.Response.Write("Success");
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
return;
}
break;
case "buildPages":
try
{
Query q = Post.CreateQuery();
q.PageIndex = Int32.Parse(context.Request.Form["p"]);
q.PageSize = 20;
q.OrderByDesc(Post.Columns.Id);
PostCollection pc = PostCollection.FetchByQuery(q);
if (pc.Count > 0)
{
foreach (Post postToWrite in pc)
{
postToWrite.WritePages();
foreach (string tagName in Util.ConvertStringToList(postToWrite.TagList))
{
if (!string.IsNullOrEmpty(tagName))
Tag.WritePage(tagName);
}
}
context.Response.Write("Next");
}
else
{
context.Response.Write("Success");
}
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
return;
}
break;
case "importPosts":
try
{
Post newPost = new Post();
newPost.Title = HttpContext.Current.Server.HtmlDecode(context.Request.Form["subject"].ToString());
string postName = HttpContext.Current.Server.HtmlDecode(context.Request.Form["name"].ToString());
PostCollection pc = new PostCollection();
if (!String.IsNullOrEmpty(postName))
{
Query q = Post.CreateQuery();
q.AndWhere(Post.Columns.Name, Util.CleanForUrl(postName));
pc.LoadAndCloseReader(q.ExecuteReader());
}
if (pc.Count > 0)
{
newPost.Name = "[RENAME ME - " + Guid.NewGuid().ToString().Substring(0, 7) + "]";
newPost.Status = (int)PostStatus.Draft;
}
else if (String.IsNullOrEmpty(postName))
{
newPost.Name = "[RENAME ME - " + Guid.NewGuid().ToString().Substring(0, 7) + "]";
newPost.Status = (int)PostStatus.Draft;
}
else
{
newPost.Name = postName;
newPost.Status = (int)PostStatus.Publish;
}
if (String.IsNullOrEmpty(newPost.Title))
newPost.Title = newPost.Name;
newPost.PostBody = HttpContext.Current.Server.HtmlDecode(context.Request.Form["body"].ToString());
newPost.CreatedOn = Convert.ToDateTime(context.Request.Form["createdon"]);
newPost.CreatedBy = context.Request.Form["author"];
newPost.ModifiedBy = context.Request.Form["author"];
newPost.TagList = context.Request.Form["tags"];
newPost.ContentType = "text/html";
newPost.CategoryId = Convert.ToInt32(context.Request.Form["category"]);
newPost.UserName = context.Request.Form["author"];
newPost.EnableComments = true;
newPost.Published = Convert.ToDateTime(context.Request.Form["createdon"]);
newPost.IsPublished = Convert.ToBoolean(context.Request.Form["published"]);
// this was causing too many posts to be in draft status.
// updated text on migrator to flag users to just move their content/binary directory
// into graffiti's root
//if (context.Request.Form["method"] == "dasBlog")
//{
// if (newPost.Body.ToLower().Contains("/content/binary/"))
// newPost.Status = (int)PostStatus.Draft;
//}
newPost.Save(GraffitiUsers.Current.Name);
int postid = Convert.ToInt32(context.Request.Form["postid"]);
IMigrateFrom temp = null;
switch (context.Request.Form["method"])
{
case "CS2007Database":
CS2007Database db = new CS2007Database();
temp = (IMigrateFrom)db;
break;
case "Wordpress":
Wordpress wp = new Wordpress();
temp = (IMigrateFrom)wp;
break;
case "BlogML":
BlogML bml = new BlogML();
temp = (IMigrateFrom)bml;
break;
case "CS21Database":
CS21Database csDb = new CS21Database();
temp = (IMigrateFrom)csDb;
break;
case "dasBlog":
dasBlog dasb = new dasBlog();
temp = (IMigrateFrom)dasb;
break;
}
List<MigratorComment> comments = temp.GetComments(postid);
foreach (MigratorComment cmnt in comments)
{
Comment ct = new Comment();
ct.PostId = newPost.Id;
ct.Body = cmnt.Body;
ct.Published = cmnt.PublishedOn;
ct.IPAddress = cmnt.IPAddress;
ct.WebSite = cmnt.WebSite;
ct.Email = string.IsNullOrEmpty(cmnt.Email) ? "" : cmnt.Email;
ct.Name = string.IsNullOrEmpty(cmnt.UserName) ? "" : cmnt.UserName;
ct.IsPublished = cmnt.IsPublished;
ct.IsTrackback = cmnt.IsTrackback;
ct.SpamScore = cmnt.SpamScore;
ct.DontSendEmail = true;
ct.DontChangeUser = true;
ct.Save();
Comment ctemp = new Comment(ct.Id);
ctemp.DontSendEmail = true;
ctemp.DontChangeUser = true;
ctemp.Body = HttpContext.Current.Server.HtmlDecode(ctemp.Body);
ctemp.Save();
}
if (newPost.Status == (int)PostStatus.Publish)
context.Response.Write("Success" + context.Request.Form["panel"]);
else
context.Response.Write("Warning" + context.Request.Form["panel"]);
}
catch (Exception ex)
{
context.Response.Write(context.Request.Form["panel"] + ":" + ex.Message);
}
break;
case "saveHomeSortStatus":
SiteSettings siteSettings = SiteSettings.Get();
siteSettings.UseCustomHomeList = bool.Parse(context.Request.Form["ic"]);
siteSettings.Save();
context.Response.Write("Success");
break;
case "checkCategoryPermission":
try
{
int catID = Int32.Parse(context.Request.QueryString["category"]);
string permissionName = context.Request.QueryString["permission"];
Permission perm = RolePermissionManager.GetPermissions(catID, user);
bool permissionResult = false;
switch (permissionName)
{
case "Publish":
permissionResult = perm.Publish;
break;
case "Read":
permissionResult = perm.Read;
break;
case "Edit":
permissionResult = perm.Edit;
break;
}
context.Response.Write(permissionResult.ToString().ToLower());
}
catch (Exception ex)
{
context.Response.Write(ex.Message);
}
break;
}
}
private void CreatePingBack(string sourceURI, string targetURI)
{
// Check Parameters
if (string.IsNullOrEmpty(sourceURI))
{
throw new XmlRpcFaultException(errorCode_SourceURIDoesNotExist, "No source URI parameter found, please try harder!");
}
if (string.IsNullOrEmpty(targetURI))
{
throw new XmlRpcFaultException(errorCode_TargetURIDoesNotExist, "The target URI does not exist!");
}
// Retrieve referenced post
Post trackedEntry = null;
try
{
trackedEntry = GetPostFromUrl(targetURI);
}
catch
{
throw new XmlRpcFaultException(errorCode_TargetURIInvalid, "The target URI is invalid.");
}
if (trackedEntry == null)
{
throw new XmlRpcFaultException(errorCode_TargetURIInvalid, "The target URI is invalid.");
}
// Check if trackbacks/pingbacks are enabled
if (!trackedEntry.EnableComments || !trackedEntry.EnableNewComments)
{
throw new XmlRpcFaultException(errorCode_AccessDenied, "Pingbacks are not enabled.");
}
// Check if this is a duplicate pingback (or trackback)
if (!IsNewTrackBack(trackedEntry.Id, sourceURI))
{
throw new XmlRpcFaultException(errorCode_DuplicatePingBack, "A pingback for this source URI already exists.");
}
// Retrieve the source document and check if it actually contains a link to the target
string pageTitle = null;
if (!LinkParser.SourceContainsTarget(sourceURI, new Macros().FullUrl(trackedEntry.Url), out pageTitle))
{
throw new XmlRpcFaultException(errorCode_SourceDoesNotContainTarget, "Sorry couldn't find a relevant link in " + sourceURI);
}
if (string.IsNullOrEmpty(pageTitle))
throw new XmlRpcFaultException(errorCode_SourceDoesNotContainTarget, "Could not find a readable HTML title in the remote page at " + sourceURI);
// Create the Trackback item
Comment comment = new Comment();
comment.IsTrackback = true;
comment.PostId = trackedEntry.Id;
comment.Name = pageTitle;
comment.WebSite = sourceURI;
comment.Body = "Pingback from " + pageTitle;
comment.IPAddress = Context.Request.UserHostAddress;
comment.Published = DateTime.Now.AddHours(SiteSettings.Get().TimeZoneOffSet);
comment.Save();
// Log success message to EventLog
string message = String.Format("Pingback request received from {0} and saved to post {1}.", sourceURI, trackedEntry.Title);
Log.Info("Pingback Received", message);
}
public void ProcessRequest(HttpContext context)
{
Macros macros = new Macros();
context.Response.ContentType = "text/xml";
int postId = 0;
try { postId = int.Parse(context.Request.QueryString["id"]); }
catch { }
if (postId <= 0)
TrackbackResponse(context, "PostId is invalid or missing");
if (context.Request.HttpMethod == "POST")
{
string title = SafeParam(context, "title");
string excerpt = SafeParam(context, "excerpt");
string url = SafeParam(context, "url");
string blog_name = SafeParam(context, "blog_name");
try
{
// Check if params are valid
if (string.IsNullOrEmpty(url) || string.IsNullOrEmpty(title) || string.IsNullOrEmpty(blog_name) || string.IsNullOrEmpty(excerpt))
{
TrackbackResponse(context, "One or more parameters are invalid or missing");
}
Post trackedEntry = Post.GetCachedPost(postId);
if (trackedEntry == null)
{
TrackbackResponse(context, "The link does not exist");
return;
}
if (!trackedEntry.EnableComments || !trackedEntry.EnableNewComments)
{
TrackbackResponse(context, "Trackbacks are not enabled");
return;
}
if (!IsNewTrackBack(trackedEntry.Id, url))
{
TrackbackResponse(context, "Trackbacks already exists");
return;
}
string pageTitle = null;
if (!LinkParser.SourceContainsTarget(url, macros.FullUrl(trackedEntry.Url), out pageTitle))
{
TrackbackResponse(context, "Sorry couldn't find a relevant link in " + url);
}
if (string.IsNullOrEmpty(pageTitle))
{
TrackbackResponse(context, "Could not find a readable HTML title in the remote page at " + url);
return;
}
if (!string.IsNullOrEmpty(excerpt))
excerpt = Util.RemoveHtml(excerpt, 250);
// Create the Trackback item
Comment comment = new Comment();
comment.IsTrackback = true;
comment.PostId = trackedEntry.Id;
comment.Name = title;
comment.WebSite = url;
comment.Body = excerpt;
comment.IPAddress = context.Request.UserHostAddress;
comment.Published = DateTime.Now.AddHours(SiteSettings.Get().TimeZoneOffSet);
comment.Save();
// Log success message to EventLog
string message = String.Format("Trackback request received from {0} and saved to post {1}.", url, trackedEntry.Title);
Log.Info("Trackback Received", message);
context.Response.Write(successResponseXML);
context.Response.End();
}
catch (System.Threading.ThreadAbortException) { }
catch (System.Exception ex)
{
if (ex.Message != null)
TrackbackResponse(context, string.Format("Error occurred while processing Trackback: {0}", ex.Message));
else
TrackbackResponse(context, "Unknown error occurred while processing Trackback.");
}
}
}
public void ProcessRequest(HttpContext context)
{
if (context.Request.RequestType != "POST")
return;
if (context.Items["UserId"] == null)
return;
context.Response.ContentType = "text/plain";
switch (context.Request.QueryString["command"])
{
case "newComment":
Comment comment = new Comment();
comment.Name = context.Request.Form["author"];
comment.WebSite = context.Request.Form["url"];
comment.Email = context.Request.Form["email"];
comment.Body = context.Request.Form["comment"];
if (!context.Request.IsAuthenticated && String.IsNullOrEmpty(comment.Name))
{
context.Response.Write("Please enter your name");
return;
}
if (String.IsNullOrEmpty(comment.Body))
{
context.Response.Write("Please enter a comment");
return;
}
comment.IPAddress = context.Request.UserHostAddress;
comment.PostId = Int32.Parse(context.Request.Form["comment_post_ID"]);
comment.Published = DateTime.Now.AddHours(SiteSettings.Get().TimeZoneOffSet);
comment.Save();
context.Response.Write("Your comment has been received and will be published shortly. Thanks!");
break;
case "newContactMessage":
string subject = context.Request.Form["subject"];
string email = context.Request.Form["email"];
string name = context.Request.Form["name"];
string message = context.Request.Form["message"];
if (string.IsNullOrEmpty(subject) || string.IsNullOrEmpty(email) || string.IsNullOrEmpty(name) || string.IsNullOrEmpty(message))
{
context.Response.Write("All of the fields are required, your message has not been sent");
context.Response.End();
return;
}
if (!Regex.IsMatch(email, @"\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}\b", RegexOptions.IgnoreCase))
{
context.Response.Write("The email address you entered is not valid");
context.Response.End();
return;
}
EmailTemplateToolboxContext templateContext = new EmailTemplateToolboxContext();
templateContext.Put("subject", context.Server.HtmlEncode(subject));
templateContext.Put("email", context.Server.HtmlEncode(email));
templateContext.Put("name", context.Server.HtmlEncode(name));
templateContext.Put("message", Util.ConvertTextToHTML(message));
templateContext.Put("ip", context.Request.UserHostAddress);
EmailTemplate et = new EmailTemplate();
et.Subject = "Contact Request: " + subject;
et.Context = templateContext;
et.From = email;
et.TemplateName = "contact.view";
Log.Info("Contact Received", "Subject: {0}\nFrom:{1} ({2})\nIP:{3}\n\n{4}", subject, name, email, context.Request.UserHostAddress, message);
foreach (IGraffitiUser user in GraffitiUsers.GetUsers(GraffitiUsers.AdminRole))
{
et.To = user.Email;
Emailer.Send(et);
}
context.Response.Write("Your message was received. Thanks!");
break;
}
}
