private string GenerateInvalidRecaptchaErrorMessage(RecaptchaValidationResult recaptchaValidationResult) { string recaptchaErrors = string.Empty; if (recaptchaValidationResult != null && recaptchaValidationResult.ErrorCodes != null) { recaptchaErrors = string.Join(", ", recaptchaValidationResult.ErrorCodes); if (!string.IsNullOrWhiteSpace(recaptchaErrors)) { recaptchaErrors = $" (Error: {recaptchaErrors})"; } } return(string.Format(ExceptionMessages.ERR_RecaptchaInvalid, recaptchaErrors)); }
/// <summary> /// Validates a Recaptcha V2 response. /// </summary> /// <param name="recaptchaResponse">g-recaptcha-response form response variable (HttpContext.Current.Request.Form["g-recaptcha-response"])</param> /// <returns>RecaptchaValidationResult</returns> public RecaptchaValidationResult Validate(string recaptchaResponse) { RecaptchaValidationResult result = new RecaptchaValidationResult(); HttpWebRequest req = (HttpWebRequest)WebRequest.Create("https://www.google.com/recaptcha/api/siteverify?secret=" + SecretKey + "&response=" + recaptchaResponse + "&remoteip=" + GetClientIp()); //Google recaptcha Response using (WebResponse wResponse = req.GetResponse()) { using (StreamReader readStream = new StreamReader(wResponse.GetResponseStream())) { string jsonResponse = readStream.ReadToEnd(); JavaScriptSerializer js = new JavaScriptSerializer(); result = js.Deserialize <RecaptchaValidationResult>(jsonResponse.Replace("error-codes", "ErrorMessages").Replace("success", "Succeeded")); // Deserialize Json } } return(result); }
public HttpResponseMessage Submit() { var form = JObject.Parse(HttpContextSource.Current.Request.Form["data"].ToString()); var statuses = new List <FilesStatus>(); try { //todo can we eliminate the HttpContext here UploadWholeFile(HttpContextSource.Current, statuses); var files = new JArray(); form["Files"] = files; int i = 1; foreach (var item in statuses) { var file = new JObject(); file["name"] = item.name; file["url"] = OpenFormUtils.ToAbsoluteUrl(item.url); files.Add(file); //form["File"+i] = OpenFormUtils.ToAbsoluteUrl(item.url); i++; } } catch (Exception exc) { Log.Logger.Error(exc); } try { form["IPAddress"] = Request.GetIPAddress(); int moduleId = ActiveModule.ModuleID; OpenFormController ctrl = new OpenFormController(); var content = new OpenFormInfo() { ModuleId = moduleId, Json = form.ToString(), CreatedByUserId = UserInfo.UserID, CreatedOnDate = DateTime.Now, LastModifiedByUserId = UserInfo.UserID, LastModifiedOnDate = DateTime.Now, Html = "", Title = "Form submitted - " + DateTime.Now.ToString() }; ctrl.AddContent(content); var res = new ResultDTO() { Message = "Form submitted." }; string template = (string)ActiveModule.ModuleSettings["template"]; var razorscript = new FileUri(Path.GetDirectoryName(template), "aftersubmit.cshtml"); res.AfterSubmit = razorscript.FileExists; string jsonSettings = ActiveModule.ModuleSettings["data"] as string; if (!string.IsNullOrEmpty(jsonSettings)) { SettingsDTO settings = JsonConvert.DeserializeObject <SettingsDTO>(jsonSettings); HandlebarsEngine hbs = new HandlebarsEngine(); dynamic data = null; string formData = ""; if (form != null) { if (!string.IsNullOrEmpty(settings.Settings.SiteKey)) { Recaptcha recaptcha = new Recaptcha(settings.Settings.SiteKey, settings.Settings.SecretKey); RecaptchaValidationResult validationResult = recaptcha.Validate(form["recaptcha"].ToString()); if (!validationResult.Succeeded) { return(Request.CreateResponse(HttpStatusCode.Forbidden)); } form.Remove("recaptcha"); } string templateFilename = HostingEnvironment.MapPath("~/" + template); string schemaFilename = Path.GetDirectoryName(templateFilename) + "\\" + "schema.json"; JObject schemaJson = JsonUtils.GetJsonFromFile(schemaFilename); //form["schema"] = schemaJson; // default options string optionsFilename = Path.GetDirectoryName(templateFilename) + "\\" + "options.json"; JObject optionsJson = null; if (File.Exists(optionsFilename)) { string fileContent = File.ReadAllText(optionsFilename); if (!string.IsNullOrWhiteSpace(fileContent)) { optionsJson = JObject.Parse(fileContent); //form["options"] = optionsJson; } } // language options optionsFilename = Path.GetDirectoryName(templateFilename) + "\\" + "options." + DnnLanguageUtils.GetCurrentCultureCode() + ".json"; if (File.Exists(optionsFilename)) { string fileContent = File.ReadAllText(optionsFilename); if (!string.IsNullOrWhiteSpace(fileContent)) { optionsJson = JObject.Parse(fileContent); //form["options"] = optionsJson; } } var enhancedForm = form.DeepClone() as JObject; OpenFormUtils.ResolveLabels(enhancedForm, schemaJson, optionsJson); data = OpenFormUtils.GenerateFormData(enhancedForm.ToString(), out formData); } if (settings != null && settings.Notifications != null) { foreach (var notification in settings.Notifications) { try { MailAddress from = FormUtils.GenerateMailAddress(notification.From, notification.FromEmail, notification.FromName, notification.FromEmailField, notification.FromNameField, form); MailAddress to = FormUtils.GenerateMailAddress(notification.To, notification.ToEmail, notification.ToName, notification.ToEmailField, notification.ToNameField, form); MailAddress reply = null; if (!string.IsNullOrEmpty(notification.ReplyTo)) { reply = FormUtils.GenerateMailAddress(notification.ReplyTo, notification.ReplyToEmail, notification.ReplyToName, notification.ReplyToEmailField, notification.ReplyToNameField, form); } string body = formData; if (!string.IsNullOrEmpty(notification.EmailBody)) { body = hbs.Execute(notification.EmailBody, data); } string subject = notification.EmailSubject; if (!string.IsNullOrEmpty(notification.EmailSubject)) { subject = hbs.Execute(notification.EmailSubject, data); } var attachements = new List <Attachment>(); foreach (var item in statuses) { var file = FileManager.Instance.GetFile(item.id); attachements.Add(new Attachment(FileManager.Instance.GetFileContent(file), item.name)); } string send = FormUtils.SendMail(from.ToString(), to.ToString(), (reply == null ? "" : reply.ToString()), subject, body, attachements); if (!string.IsNullOrEmpty(send)) { res.Errors.Add("From:" + from.ToString() + " - To:" + to.ToString() + " - " + send); } } catch (Exception exc) { res.Errors.Add("Notification " + (settings.Notifications.IndexOf(notification) + 1) + " : " + exc.Message + " - " + (UserInfo.IsSuperUser ? exc.StackTrace : "")); Log.Logger.Error(exc); } } } if (settings != null && settings.Settings != null) { if (!string.IsNullOrEmpty(settings.Settings.Message)) { res.Message = hbs.Execute(settings.Settings.Message, data); } else { res.Message = "Message sent."; } res.Tracking = settings.Settings.Tracking; if (!string.IsNullOrEmpty(settings.Settings.Tracking)) { //res.RedirectUrl = Globals.NavigateURL(ActiveModule.TabID, "", "result=" + content.ContentId); } } } return(Request.CreateResponse(HttpStatusCode.OK, res)); } catch (Exception exc) { Log.Logger.Error(exc); return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, exc)); } }