Exemple #1
0
        protected void btnRequest_Click(object sender, System.EventArgs e)
        {
            if (txEmail.Text.Trim() != "")
            {
                if (tbImgCode.Text == (string)Session["CaptchaImageText"])
                {
                    this.Cn.Open();
                    object res = Cn.ExecuteScalar("SELECT UserName FROM ForumUsers WHERE Email=?", txEmail.Text.Trim());
                    if (res == null)
                    {
                        Cn.Close();
                        lblEmailNotFound.Visible = true;
                        return;                         //no user found
                    }

                    string newPsw     = CryptoUtils.GenerateRandomCode(7);
                    string newPswHash = Utils.Password.CalculateHash(newPsw);

                    Cn.ExecuteNonQuery("UPDATE ForumUsers SET [Password]=? WHERE Email=?", newPswHash, txEmail.Text.Trim());
                    this.Cn.Close();

                    SendPsw(txEmail.Text.Trim(), res.ToString(), newPsw);

                    tblMain.Visible = false;
                    lblOk.Visible   = true;
                }
                else
                {
                    lblWrongCode.Visible = true;
                }
            }
        }
Exemple #2
0
 protected void gridGroups_ItemCommand(object source, System.Web.UI.WebControls.DataGridCommandEventArgs e)
 {
     if (e.CommandName == "delete")
     {
         string groupid = e.Item.Cells[0].Text;
         Cn.Open();
         Cn.ExecuteNonQuery("DELETE FROM ForumGroupPermissions WHERE GroupID=" + groupid + " AND ForumID=" + _forumId);
         Cn.Close();
         Forum.ClearFrontPageCacheForGuests();
         BindPermissionsGrid();
         return;
     }
     if (e.CommandName == "save")
     {
         string   groupid         = e.Item.Cells[0].Text;
         CheckBox chkAllowReading = (CheckBox)e.Item.Cells[2].FindControl("chkAllowReading");
         CheckBox chkAllowPosting = (CheckBox)e.Item.Cells[2].FindControl("chkAllowPosting");
         Cn.Open();
         Cn.ExecuteNonQuery("UPDATE ForumGroupPermissions SET AllowReading=?, AllowPosting=? WHERE GroupID=" + groupid + " AND ForumID=" + _forumId,
                            chkAllowReading.Checked, chkAllowPosting.Checked);
         Cn.Close();
         Forum.ClearFrontPageCacheForGuests();
         BindPermissionsGrid();
         return;
     }
 }
Exemple #3
0
        protected void btnChangePsw_Click(object sender, System.EventArgs e)
        {
            if (tbNewPsw1.Text == "" || tbNewPsw2.Text == "" || tbNewPsw1.Text != tbNewPsw2.Text)
            {
                lblResult.Text = Resources.various.ErrorPasswordsDoNotMatch;
                return;
            }

            if (tbNewPsw1.Text.Length < Utils.Settings.MinPasswordLength)
            {
                lblResult.Text = string.Format("Password is too short, {0} characters minimum", Utils.Settings.MinPasswordLength);
                return;
            }

            Cn.Open();
            var res = Cn.ExecuteScalar("SELECT UserID FROM ForumUsers WHERE (Password=?) AND UserID=?",
                                       Utils.Password.CalculateHash(tbOldPsw.Text), _editedUserID);

            if (IsAdministrator || res != null)
            {
                Cn.ExecuteNonQuery("UPDATE ForumUsers SET [Password]=? WHERE UserID=?", Utils.Password.CalculateHash(tbNewPsw1.Text), _editedUserID);
                lblResult.Text = Resources.various.PasswordChanged;
            }
            else
            {
                lblResult.Text = Resources.various.ErrorWrongOldPassword;
            }
            Cn.Close();
        }
Exemple #4
0
        protected void btnAdd_Click(object sender, EventArgs e)
        {
            int parentid = 0, subforumid = 0;

            int.TryParse(ddlParentForum.SelectedValue, out parentid);
            int.TryParse(ddlSubForum.SelectedValue, out subforumid);

            Cn.Open();

            //reverse subforum check
            object res = Cn.ExecuteScalar("SELECT ParentForumID FROM ForumSubforums WHERE ParentForumID=" + subforumid + " AND SubForumID=" + parentid);

            if (parentid != 0 && parentid != subforumid && res == null)
            {
                lblError.Visible = false;
                Cn.ExecuteNonQuery("INSERT INTO ForumSubforums (ParentForumID, SubForumID) VALUES (?, ?)", parentid, subforumid);
            }
            else
            {
                lblError.Visible = true;
            }

            Cn.Close();

            BindDropDownLists();
            BindSubForums();
        }
Exemple #5
0
 private void SaveAvatarFromTwitter(int userId, string avatarUrl)
 {
     //save avatar from twitter
     Cn.Open();
     Cn.ExecuteNonQuery("UPDATE ForumUsers SET UseGravatar=?, AvatarFileName=? WHERE UserID=?", false, avatarUrl, userId);
     Cn.Close();
 }
Exemple #6
0
        protected void btnSave_Click(object sender, System.EventArgs e)
        {
            if (tbForumGroup.Text.Trim() == "" && ddlForumGroup.Items.Count == 0)
            {
                Response.Write("error");
                return;
            }

            Cn.Open();

            int forumGroup = 0;

            if (tbForumGroup.Text.Trim() != "")
            {
                Cn.ExecuteNonQuery("INSERT INTO ForumGroups (GroupName) VALUES (?)", tbForumGroup.Text);
                forumGroup = Convert.ToInt32(Cn.ExecuteScalar("SELECT GroupID FROM ForumGroups WHERE GroupName='" + tbForumGroup.Text + "'"));
            }
            else
            {
                forumGroup = int.Parse(ddlForumGroup.SelectedValue);
            }

            string uploadDir = Attachments.GetIconsDirAbsolutePath();

            string iconFileName = iconUpload.PostedFile.FileName;

            if (iconFileName != "" && !Attachments.IsExtForbidden(iconFileName))
            {
                //deleting old iconfile form disk
                object res = Cn.ExecuteScalar("SELECT IconFile FROM Forums WHERE ForumID=" + _forumId);
                if (res != null && res.ToString() != "")
                {
                    File.Delete(uploadDir + "\\" + res);
                }

                iconFileName = Path.GetFileName(iconFileName);
                //rename if the file already exists
                iconFileName = Utils.Attachments.ChangeFileNameIfAlreadyExists(iconFileName, uploadDir);
                iconUpload.PostedFile.SaveAs(uploadDir + "\\" + iconFileName);

                //saving icon to DB
                Cn.ExecuteNonQuery("UPDATE Forums SET IconFile=? WHERE ForumID=?", iconFileName, _forumId);
            }

            Cn.ExecuteNonQuery("UPDATE Forums SET Title=?, Description=?, Premoderated=?, GroupID=?, MembersOnly=?, RestrictTopicCreation=? WHERE ForumID=?",
                               tbTitle.Text, tbDescr.Text, cbPremoderated.Checked, forumGroup, cbMembersOnly.Checked, cbRestrictTopicCreation.Checked, _forumId);
            Cn.Close();

            //to update the front-page with new name, icon etc.
            Forum.ClearFrontPageCacheForGuests();

            Response.Redirect("admin.aspx", true);

            //tbForumGroup.Text = "";
            //BindForumProperties();
        }
Exemple #7
0
 protected void btnAdd_Click(object sender, EventArgs e)
 {
     if (this.tbForumGroup.Text.Trim() != "")
     {
         Cn.Open();
         Cn.ExecuteNonQuery("INSERT INTO ForumGroups (GroupName) VALUES (?)", tbForumGroup.Text);
         Cn.Close();
         BindGroups(_groupID);
     }
 }
Exemple #8
0
 protected void btnVote_Click(object sender, EventArgs e)
 {
     if (rblOptions.SelectedValue == "")
     {
         return;
     }
     Cn.Open();
     Cn.ExecuteNonQuery("INSERT INTO ForumPollAnswers (UserID, OptionID) VALUES (?, ?)", CurrentUserID, rblOptions.SelectedValue);
     ShowPollIfAny();
     Cn.Close();
 }
Exemple #9
0
        protected void gridModerators_ItemCommand(object source, System.Web.UI.WebControls.DataGridCommandEventArgs e)
        {
            if (e.CommandName == "delete")
            {
                Cn.Open();
                Cn.ExecuteNonQuery("DELETE FROM ForumModerators WHERE UserID=? AND ForumID=?", int.Parse(e.Item.Cells[0].Text), _forumId);
                Cn.Close();

                BindModeratorsGrid();
            }
        }
Exemple #10
0
        protected void gridForumGroups_UpdateCommand(object source, DataGridCommandEventArgs e)
        {
            TextBox tbName = e.Item.Cells[1].Controls[0] as TextBox;

            string groupid = e.Item.Cells[0].Text;

            this.Cn.Open();
            Cn.ExecuteNonQuery("UPDATE ForumGroups SET GroupName=? WHERE GroupID=?", tbName.Text, groupid);
            this.Cn.Close();
            gridForumGroups.EditItemIndex = -1;
            BindGroups(_groupID);
        }
Exemple #11
0
 /// <summary>
 /// saves the current order of forums in which they ALREADY APPEAR inthe grid
 /// </summary>
 private void SaveCurrentOrderOfSectinsCategories()
 {
     Cn.Open();
     foreach (DataGridItem item in gridForums.Items)
     {
         if (item.ItemType == ListItemType.Item || item.ItemType == ListItemType.AlternatingItem)
         {
             Cn.ExecuteNonQuery(@"UPDATE Forums SET OrderByNumber = ? WHERE ForumID=?", item.ItemIndex, item.Cells[0].Text);
         }
     }
     Cn.Close();
 }
Exemple #12
0
        protected void btnSave_Click(object sender, System.EventArgs e)
        {
            //reset avatar cache for current user (BECAUSE email can change!!!!)
            if (Utils.User.CurrentUserID == _editedUserID)
            {
                Session["AvatarPath"] = null;
            }

            string username  = tbUsername.Text.Replace("<", "&lt;").Replace(">", "&gt;");
            string email     = tbEmail.Text.Replace("<", "&lt;").Replace(">", "&gt;");
            string interests = tbInterests.Text.Replace("<", "&lt;").Replace(">", "&gt;");
            string homepage  = tbHomepage.Text.Replace("<", "&lt;").Replace(">", "&gt;");
            string firstName = tbFirstName.Text.Trim().Replace("<", "&lt;").Replace(">", "&gt;");
            string lastName  = tbLastName.Text.Trim().Replace("<", "&lt;").Replace(">", "&gt;");
            string signature = tbSignature.Text.Trim().Replace("<", "&lt;").Replace(">", "&gt;");

            signature = (signature.Length > 1000 ? signature.Substring(0, 1000) : signature);

            //check is a user tries to change his username but IntegratedAuth is ON
            if (Utils.Settings.IntegratedAuthentication &&
                _editedUserID == CurrentUserID &&
                tbUsername.Text.ToLower() != Session["aspnetforumUserName"].ToString().ToLower())
            {
                lblResult.Text = Resources.various.ErrorIntegratedUserName;
                return;
            }

            //check username uniqueness
            Cn.Open();
            var res = Cn.ExecuteScalar("SELECT UserID FROM ForumUsers WHERE UserName=? AND UserID<>?", username, _editedUserID);

            if (res != null)
            {
                Cn.Close();
                lblResult.Text = string.Format(Resources.various.ErrorUserExists, username);
                return;
            }

            //update settings
            Cn.ExecuteNonQuery("UPDATE ForumUsers SET UserName=?, Email=?, Homepage=?, Interests=?, Signature=?, FirstName=?, LastName=?, HidePresence=? WHERE UserID=?",
                               username, email, homepage, interests, signature, firstName, lastName, cbHidePresence.Checked, _editedUserID);
            Cn.Close();

            if (_editedUserID == CurrentUserID)
            {
                Session["aspnetforumUserName"] = username;
            }
            lblResult.Text = Resources.various.ProfileSaved;

            //to show avatar img
            ShowUserInfo();
        }
Exemple #13
0
        protected void gridForumGroups_ItemCommand(object source, DataGridCommandEventArgs e)
        {
            if (e.CommandName == "delete")
            {
                string groupid = e.Item.Cells[0].Text;
                this.Cn.Open();
                Cn.ExecuteNonQuery("DELETE FROM ForumGroups WHERE GroupID=? and GroupID NOT IN (SELECT GroupID FROM Forums)", groupid);
                this.Cn.Close();
                BindGroups(_groupID);
            }
            else if (e.CommandName == "up" || e.CommandName == "down")
            {
                SaveCurrentOrderOfSectinsCategories();                 //save current picture

                string groupId = e.Item.Cells[0].Text;
                if (e.CommandName == "up")
                {
                    if (e.Item.ItemIndex > 0)
                    {
                        DataGridItem previousItem = gridForumGroups.Items[e.Item.ItemIndex - 1];
                        if (previousItem.ItemType == ListItemType.Item || previousItem.ItemType == ListItemType.AlternatingItem)
                        {
                            string previousGroupId = previousItem.Cells[0].Text;

                            Cn.Open();
                            Cn.ExecuteNonQuery(@"UPDATE ForumGroups SET OrderByNumber = OrderByNumber-1 WHERE GroupID=?", groupId);
                            Cn.ExecuteNonQuery(@"UPDATE ForumGroups SET OrderByNumber = OrderByNumber+1 WHERE GroupID=?", previousGroupId);
                            Cn.Close();
                            BindGroups(_groupID);
                        }
                    }
                }
                if (e.CommandName == "down")
                {
                    if (e.Item.ItemIndex < gridForumGroups.Items.Count - 1)
                    {
                        DataGridItem nextItem = gridForumGroups.Items[e.Item.ItemIndex + 1];
                        if (nextItem.ItemType == ListItemType.Item || nextItem.ItemType == ListItemType.AlternatingItem)
                        {
                            string nextGroupId = nextItem.Cells[0].Text;

                            Cn.Open();
                            Cn.ExecuteNonQuery(@"UPDATE ForumGroups SET OrderByNumber = OrderByNumber+1	WHERE GroupID=?", groupId);
                            Cn.ExecuteNonQuery(@"UPDATE ForumGroups SET OrderByNumber = OrderByNumber-1 WHERE GroupID=?", nextGroupId);
                            Cn.Close();
                            BindGroups(_groupID);
                        }
                    }
                }
            }
        }
Exemple #14
0
        protected void rptMessagesList_ItemCommand(object source, System.Web.UI.WebControls.RepeaterCommandEventArgs e)
        {
            //delete message
            if (e.CommandName == "remove")
            {
                int deletedMessageID = int.Parse(e.CommandArgument.ToString());
                this.Cn.Open();
                Cn.ExecuteNonQuery("DELETE FROM ForumComplaints WHERE MessageID=" + deletedMessageID);
                BindRepeater();
                this.Cn.Close();

                ModeratorStats.ResetComplaintsCountCache();
            }
        }
Exemple #15
0
        protected void gridForums_ItemCommand(object source, System.Web.UI.WebControls.DataGridCommandEventArgs e)
        {
            if (e.CommandName == "delete")
            {
                string forumid = e.Item.Cells[0].Text;
                Utils.Forum.DeleteForum(int.Parse(forumid));
                BindForums();
            }
            else if (e.CommandName == "up" || e.CommandName == "down")
            {
                SaveCurrentOrderOfSectinsCategories();                 //save current picture

                string forumId = e.Item.Cells[0].Text;
                if (e.CommandName == "up")
                {
                    if (e.Item.ItemIndex > 0)
                    {
                        DataGridItem previousItem = gridForums.Items[e.Item.ItemIndex - 1];
                        if (previousItem.ItemType == ListItemType.Item || previousItem.ItemType == ListItemType.AlternatingItem)
                        {
                            string previousForumId = previousItem.Cells[0].Text;

                            Cn.Open();
                            Cn.ExecuteNonQuery(@"UPDATE Forums SET OrderByNumber = OrderByNumber-1 WHERE ForumID=?", forumId);
                            Cn.ExecuteNonQuery(@"UPDATE Forums SET OrderByNumber = OrderByNumber+1 WHERE ForumID=?", previousForumId);
                            Cn.Close();
                            BindForums();
                        }
                    }
                }
                if (e.CommandName == "down")
                {
                    if (e.Item.ItemIndex < gridForums.Items.Count - 1)
                    {
                        DataGridItem nextItem = gridForums.Items[e.Item.ItemIndex + 1];
                        if (nextItem.ItemType == ListItemType.Item || nextItem.ItemType == ListItemType.AlternatingItem)
                        {
                            string nextForumId = nextItem.Cells[0].Text;

                            Cn.Open();
                            Cn.ExecuteNonQuery(@"UPDATE Forums SET OrderByNumber = OrderByNumber+1	WHERE ForumID=?", forumId);
                            Cn.ExecuteNonQuery(@"UPDATE Forums SET OrderByNumber = OrderByNumber-1 WHERE ForumID=?", nextForumId);
                            Cn.Close();
                            BindForums();
                        }
                    }
                }
            }
        }
Exemple #16
0
        protected void btnReset_Click(object sender, System.EventArgs e)
        {
            string uploadDir = Utils.Attachments.GetIconsDirAbsolutePath();

            Cn.Open();
            //deleting old iconfile form disk
            object res = Cn.ExecuteScalar("SELECT IconFile FROM Forums WHERE ForumID=" + _forumId);

            if (res != null && res.ToString() != "")
            {
                File.Delete(uploadDir + "\\" + res);
            }
            //saving icon to DB
            Cn.ExecuteNonQuery("UPDATE Forums SET IconFile=? WHERE ForumID=?", "", _forumId);

            Cn.Close();

            imgForumIcon.ImageUrl = forums.GetForumIcon("");
        }
Exemple #17
0
        protected void btnAddPermission_Click(object sender, System.EventArgs e)
        {
            if (ddlGroups.SelectedValue == "")
            {
                return;
            }
            Cn.Open();

            //delete just in case
            Cn.ExecuteNonQuery("DELETE FROM ForumGroupPermissions WHERE GroupID=" + ddlGroups.SelectedValue + " AND ForumID=" + _forumId);

            Cn.ExecuteNonQuery("INSERT INTO ForumGroupPermissions (GroupID, ForumID, AllowReading, AllowPosting) VALUES(?, ?, ?, ?)",
                               ddlGroups.SelectedValue, _forumId, chkAllowReadingNew.Checked, chkAllowPostingNew.Checked);

            Cn.Close();

            Forum.ClearFrontPageCacheForGuests();

            BindPermissionsGrid();
        }
Exemple #18
0
 private void MarkAllAsRead()
 {
     Cn.ExecuteNonQuery("UPDATE ForumPersonalMessages SET New=? WHERE FromUserID=? and ToUserID=?", false, _userId, CurrentUserID);
     Session["ForumUnreadMessagesCount"] = null;
 }