public byte[] ReadFile(string fileName, string username, string password)
{
if (SiteSecurity.Login(username, password).Role != "admin")
{
throw new Exception("Invalid Password");
}
string fullPath = HttpContext.Current.Server.MapPath("SiteConfig/" + fileName);
ValidatePath(fullPath);
if (File.Exists(fullPath))
{
using (StreamReader reader = new StreamReader(fullPath))
{
string value = reader.ReadToEnd();
MemoryStream ms = new MemoryStream();
StreamWriter sw = new StreamWriter(ms);
sw.Write(value);
sw.Flush();
sw.Close();
return(ms.ToArray());
}
}
return(new byte[0]);
}
public void UpdateFile(string fileName, byte[] content, string username, string password)
{
if (SiteSecurity.Login(username, password).Role != "admin")
{
throw new Exception("Invalid Password");
}
string fullPath = HttpContext.Current.Server.MapPath("SiteConfig/" + fileName);
ValidatePath(fullPath);
FileStream writer = null;
try
{
if (File.Exists(fullPath))
{
writer = new FileStream(fullPath, FileMode.Truncate, FileAccess.Write);
}
else
{
writer = new FileStream(fullPath, FileMode.Create, FileAccess.Write);
}
writer.Write(content, 0, content.Length);
}
finally
{
if (writer != null)
{
writer.Close();
}
}
}
public string UpdateEntry(Entry entry, string username, string password)
{
if (SiteSecurity.Login(username, password).Role != "admin")
{
throw new Exception("Invalid Password");
}
foreach (DayEntry day in data.Days)
{
if (day.Date == entry.Created.Date)
{
day.Load();
foreach (Entry found in day.Entries)
{
if (found.EntryId == entry.EntryId)
{
found.Categories = entry.Categories;
found.Content = entry.Content;
found.Title = entry.Title;
found.Description = entry.Description;
found.Modify();
day.Save();
data.IncrementEntryChange();
BlogXUtils.PingWeblogsCom();
return(entry.EntryId);
}
}
}
}
return("not found");
}
private void Page_Load(object sender, System.EventArgs e)
{
if (SiteSecurity.IsInRole("admin") == false)
{
Response.Redirect("~/FormatPage.aspx?path=SiteConfig/accessdenied.format.html");
}
// Put user code to initialize the page here
}
private void doSignIn_Click(object sender, System.EventArgs e)
{
UserToken token = SiteSecurity.Login(username.Text, password.Text);
if (token != null)
{
FormsAuthentication.SetAuthCookie(token.Name, rememberCheckbox.Checked);
Response.Redirect(Request.ApplicationPath);
}
}
public void UpdateNavigation(NavigationRoot navigation, string username, string password)
{
if (SiteSecurity.Login(username, password).Role != "admin")
{
throw new Exception("Invalid Password");
}
string fullPath = HttpContext.Current.Server.MapPath("SiteConfig/navigation.xml");
XmlSerializer ser = new XmlSerializer(typeof(NavigationRoot));
using (StreamWriter writer = new StreamWriter(fullPath))
{
ser.Serialize(writer, navigation);
}
}
private void HomePage_Init(object sender, System.EventArgs e)
{
if (SiteSecurity.IsInRole("admin"))
{
AdminNavBar nav = (AdminNavBar)LoadControl("AdminNavBar.ascx");
rightBar.Controls.Add(nav);
rightBar.Controls.Add(new LiteralControl("<br />"));
}
if (!Request.IsAuthenticated)
{
SignIn signIn = (SignIn)LoadControl("SignIn.ascx");
rightBar.Controls.Add(signIn);
rightBar.Controls.Add(new LiteralControl("<br />"));
}
}
private void save_Click(object sender, System.EventArgs e)
{
if (SiteSecurity.IsInRole("admin"))
{
BlogXData data = new BlogXData();
bool added = false;
Entry entry = new Entry();
entry.Initialize();
entry.Title = entryTitle.Text;
entry.Description = entryAbstract.Text;
entry.Content = entryContent.Text;
entry.Categories = entryCategories.Text;
foreach (DayEntry day in data.Days)
{
if (day.Date == entry.Created.Date)
{
added = true;
day.Load();
day.Entries.Add(entry);
day.Save();
data.IncrementEntryChange();
BlogXUtils.PingWeblogsCom();
break;
}
}
if (!added)
{
DayEntry newDay = new DayEntry();
newDay.Date = entry.Created.Date;
newDay.Entries.Add(entry);
newDay.Save();
data.IncrementEntryChange();
BlogXUtils.PingWeblogsCom();
}
entryTitle.Text = "";
entryAbstract.Text = "";
entryContent.Text = "";
entryCategories.Text = "";
Response.Redirect("default.aspx", false);
}
}
public string[] GetFiles(string username, string password)
{
if (SiteSecurity.Login(username, password).Role != "admin")
{
throw new Exception("Invalid Password");
}
string fullPath = HttpContext.Current.Server.MapPath("SiteConfig/");
DirectoryInfo di = new DirectoryInfo(fullPath);
FileInfo[] files = di.GetFiles();
string[] results = new string[files.Length];
for (int i = 0; i < files.Length; i++)
{
results[i] = files[i].Name;
}
return(results);
}
public bool CanEdit(string username, string password)
{
try
{
if (HttpContext.Current.Request.IsAuthenticated)
{
UserToken token = SiteSecurity.GetToken(User.Identity.Name);
if (token.Role == "admin")
{
return(true);
}
}
return(SiteSecurity.Login(username, password).Role == "admin");
}
catch
{
return(false);
}
}
public string CreateEntry(Entry entry, string username, string password)
{
if (SiteSecurity.Login(username, password).Role != "admin")
{
throw new Exception("Invalid Password");
}
bool added = false;
// ensure that the entryId was filled in
//
if (entry.EntryId == null || entry.EntryId.Length == 0)
{
entry.EntryId = Guid.NewGuid().ToString();
}
foreach (DayEntry day in data.Days)
{
if (day.Date == entry.Created.Date)
{
added = true;
day.Load();
day.Entries.Add(entry);
day.Save();
data.IncrementEntryChange();
BlogXUtils.PingWeblogsCom();
break;
}
}
if (!added)
{
DayEntry newDay = new DayEntry();
newDay.Date = entry.Created.Date;
newDay.Entries.Add(entry);
newDay.Save();
data.IncrementEntryChange();
BlogXUtils.PingWeblogsCom();
}
return(entry.EntryId);
}
public void DeleteEntry(string entryId, string username, string password)
{
if (SiteSecurity.Login(username, password).Role != "admin")
{
throw new Exception("Invalid Password");
}
EntryIdCache ecache = new EntryIdCache();
ecache.Ensure(data);
DateTime found = new DateTime();
foreach (EntryIdCacheEntry ece in ecache.Entries)
{
if (ece.EntryId == entryId)
{
found = ece.Date;
break;
}
}
foreach (DayEntry day in data.Days)
{
if (day.Date == found)
{
day.Load();
for (int i = 0; i < day.Entries.Count; i++)
{
if (day.Entries[i].EntryId == entryId)
{
day.Entries.RemoveAt(i);
day.Save();
BlogXUtils.PingWeblogsCom();
return;
}
}
}
}
}
public NavigationRoot ReadNavigation(string username, string password)
{
if (SiteSecurity.Login(username, password).Role != "admin")
{
throw new Exception("Invalid Password");
}
string fullPath = HttpContext.Current.Server.MapPath("SiteConfig/navigation.xml");
if (File.Exists(fullPath))
{
XmlSerializer ser = new XmlSerializer(typeof(NavigationRoot));
using (StreamReader reader = new StreamReader(fullPath))
{
NavigationRoot nav = (NavigationRoot)ser.Deserialize(reader);
return(nav);
}
}
else
{
return(new NavigationRoot());
}
}
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
if (Request.IsAuthenticated == true)
{
string role = null;
// Create the roles cookie if it doesn't exist yet for this session.
if ((Request.Cookies["portalroles"] == null) || (Request.Cookies["portalroles"].Value == ""))
{
// Get roles from UserRoles table, and add to cookie
UserToken token = SiteSecurity.GetToken(User.Identity.Name);
if (token != null)
{
role = token.Role;
// Create a cookie authentication ticket.
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, // version
Context.User.Identity.Name, // user name
DateTime.Now, // issue time
DateTime.Now.AddHours(1), // expires every hour
false, // don't persist cookie
role // roles
);
// Encrypt the ticket
String cookieStr = FormsAuthentication.Encrypt(ticket);
// Send the cookie to the client
Response.Cookies["portalroles"].Value = cookieStr;
Response.Cookies["portalroles"].Path = "/";
Response.Cookies["portalroles"].Expires = DateTime.Now.AddMinutes(1);
}
else
{
// This is hit for the case where the user
// has a cookie that points to an out of date
// user name. Basically we have to un-authenticate
// and redirect...
//
// Log User Off from Cookie Authentication System
FormsAuthentication.SignOut();
// Invalidate roles token
Response.Cookies["portalroles"].Value = null;
Response.Cookies["portalroles"].Expires = new System.DateTime(1999, 10, 12);
Response.Cookies["portalroles"].Path = "/";
}
}
else
{
// Get roles from roles cookie
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(Context.Request.Cookies["portalroles"].Value);
role = ticket.UserData;
}
// Add our own custom principal to the request containing the roles in the auth ticket
Context.User = new GenericPrincipal(Context.User.Identity, new string[] { role });
}
}
