public IActionResult ResetPossword()
{
string ForgotEmail = HttpContext.Request.Form["ForgotPasswordEmail"];
string[] ValidationInputs = { ForgotEmail };
if (!functions.ValidateInputs(ValidationInputs))
{
TempData["ErrorMessage"] = "Validation error. Email required.";
return(RedirectToAction("Index", "SignIn"));
}
if (!_context.Accounts.Any(s => s.Email == ForgotEmail))
{
TempData["ErrorMessage"] = "The email provided does not exist in our records.";
return(RedirectToAction("Index", "SignIn"));
}
string AccountID = _context.Accounts.Where(s => s.Email == ForgotEmail).FirstOrDefault().AccountID;
try
{
//remove other user reset data if exists
functions.DeleteTableData("PasswordForgot", "AccountID", AccountID, _systemConfiguration.connectionString);
//add reset data
string ResetID = functions.RandomString(120);
functions.AddForgotPassword(ResetID, AccountID);
//send user email
//set email data
string ToName = functions.GetAccountData(AccountID, "FullName");
string[] MessageParagraphs = { "Hello, ", "We've received a request to reset the password for your account. No changes have been made to your account yet. You can reset your password by clicking the link below: ", "If you did not request a new password, please let us know immediately by replying to this email." };
string PreHeader = "Account password reset link notification.";
bool Button = true;
int ButtonPosition = 2;
string ButtonLink = functions.GetSiteLookupData("AppDomain") + "/PasswordReset/?id=" + ResetID;
string ButtonLinkText = "Reset Password";
string Closure = _systemConfiguration.emailClosure;
string Company = _systemConfiguration.emailCompany;
string UnsubscribeLink = _systemConfiguration.emailUnsubscribeLink;
string MessageBody = EmailFormating.FormatEmail(MessageParagraphs, PreHeader, Button, ButtonPosition, ButtonLink, ButtonLinkText, Closure, Company, UnsubscribeLink);
string FromEmail = _systemConfiguration.smtpEmail;
string ToEmail = ForgotEmail;
string Subject = "Password Reset Email";
//Get smtp details
string smtpEmail = _systemConfiguration.smtpEmail;
string smtpPass = _systemConfiguration.smtpPass;
string displayName = _systemConfiguration.emailDisplayName;
string smtpHost = _systemConfiguration.smtpHost;
int smtpPort = _systemConfiguration.smtpPort;
EmailService.SendEmail(FromEmail, ToEmail, Subject, MessageBody, smtpEmail, smtpPass, displayName, smtpHost, smtpPort);
TempData["SuccessMessage"] = @"The email with further instructions was sent to the submitted email address. If you don’t receive a message in 5 minutes, " +
"check the junk folder. If you are still experiencing any problems, contact support at " + functions.GetSiteLookupData("SupportEmail");
//log activity
if (_systemConfiguration.logActivity)
{
string LogAction = $@"User '{ToName}' did password reset.";
functions.LogActivity(ToEmail, ToEmail, "PasswordReset", LogAction);
}
return(RedirectToAction("Index", "SignIn"));
}
catch (Exception ex)
{
//Log Error
_logger.LogInformation("Password Reset Error: " + ex.ToString());
TempData["ErrorMessage"] = "There was an error processing your request. Please try again. If this error persists, please send an email to the administrator.";
return(RedirectToAction("Index", "SignIn"));
}
}
public async Task <ActionResult> ExternalLoginCallback(string returnUrl)
{
var ReturnUrl = "Index";
if (TempData["ReturnUrl"] != null)
{
ReturnUrl = TempData["ReturnUrl"].ToString();
}
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
if (loginInfo == null)
{
return(RedirectToAction("Login", "Home"));
}
// Sign in the user with this external login provider if the user already has a login
var result = await SignInManager.ExternalSignInAsync(loginInfo, isPersistent : false);
switch (result)
{
case SignInStatus.Success:
return(RedirectToLocal(returnUrl));
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.RequiresVerification:
return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = false }));
case SignInStatus.Failure:
default:
// If the user does not have an account, then prompt the user to create an account
ViewBag.ReturnUrl = returnUrl;
ViewBag.LoginProvider = loginInfo.Login.LoginProvider;
//Check if New Oauth Login
if (!db.Accounts.Any(s => s.Email == loginInfo.Email))
{
//Add registration
try
{
SecurityFunctions.AddNewRegistration(loginInfo.Email, AppFunctions.GetUsernameFromEmail(loginInfo.Email), true);
}
catch (Exception ex)
{
Console.WriteLine(ex);
//Log Error
SecurityFunctions.LogError(ex, loginInfo.Email, "ExternalLoginCallback", returnUrl);
}
}
//Login valid
var SessionID = SecurityFunctions.ComputeSha256Hash(AppFunctions.RandomString(12).ToString());
if (!SecurityFunctions.AddLoginInfo(loginInfo.Email, DateTime.Now, 0, 0, null, 0, SessionID, DateTime.Now))
{
//Think of what to do here
//Log Error
//SecurityFunctions.LogError(ex, loginInfo.Email, "ExternalLoginCallback", returnUrl);
}
//My Custom Edits
SecurityFunctions Security = new SecurityFunctions();
Session["sessionID"] = SessionID;
Session["sessionEmail"] = loginInfo.Email;
Session["sessionFullName"] = Security.ReturnAccountData(loginInfo.Email, "FirstName") + " " + Security.ReturnAccountData(loginInfo.Email, "LastName");
Session["sessionProfilePic"] = Security.ReturnAccountData(loginInfo.Email, "DirectoryName") + "/" + Security.ReturnAccountProfilePic(loginInfo.Email);
Session["sessionOauth"] = true;
if (string.IsNullOrEmpty(Security.ReturnAccountData(loginInfo.Email, "FirstName")))
{
Session["sessionFullName"] = loginInfo.Email;
}
Session["sessionProfilePic"] = Security.ReturnAccountData(loginInfo.Email, "DirectoryName") + "/" + Security.ReturnAccountProfilePic(loginInfo.Email);
if (string.IsNullOrEmpty(Security.ReturnAccountData(loginInfo.Email, "DirectoryName")) || string.IsNullOrEmpty(Security.ReturnAccountProfilePic(loginInfo.Email)))
{
Session["sessionProfilePic"] = AppFunctions.GetDefaultProfileLink();
}
//Set Admin Session Values
//System Admin
int sys_admin_id = AppFunctions.GetRoleID("SystemAdmin");
if (AppFunctions.ValidateUserRole(sys_admin_id))
{
Session["sessionSystemAdmin"] = true;
}
//Editor
int editor_id = AppFunctions.GetRoleID("Editor");
if (AppFunctions.ValidateUserRole(editor_id))
{
Session["sessionEditor"] = true;
}
//Author
int author_id = AppFunctions.GetRoleID("Author");
if (AppFunctions.ValidateUserRole(author_id))
{
Session["sessionAuthor"] = true;
}
//Censor
int censor_id = AppFunctions.GetRoleID("Censor");
if (AppFunctions.ValidateUserRole(censor_id))
{
Session["sessionCensor"] = true;
}
//Advertiser
int advitiser_id = AppFunctions.GetRoleID("Advertiser");
if (AppFunctions.ValidateUserRole(censor_id))
{
Session["sessionAdvertiser"] = true;
}
if (AppFunctions.UserHasRole()) //ie user has an admin role
{
return(RedirectToAction("Index", "Admin"));
}
//If user (Currently always the case)
if (!string.IsNullOrEmpty(ReturnUrl) && ReturnUrl != "Index")
{
//return Redirect(ReturnUrl);
}
return(RedirectToAction("Index", "Home"));
//Overriding
//return View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel { Email = loginInfo.Email });
}
}
public ActionResult AddComment([Bind(Include = "CommentText")] ArticleCommentsModel commentsModel)
{
var ReturnUrl = Request.Form["ReturnUrl"];
var ArticleID = Request.Form["ArticleID"];
var UserEmail = Session["sessionEmail"];
var CommenterName = Request.Form["CommenterName"];
if ((CommenterName != "" && CommenterName.Length < 3) || (commentsModel.CommentText.Length < 2))
{
TempData["ErrorMessage"] = "Invalid inputs.";
if (!string.IsNullOrEmpty(ReturnUrl))
{
return(Redirect(ReturnUrl));
}
return(RedirectToAction("Index", "Home"));
}
bool IsReply = Convert.ToBoolean(Convert.ToInt32(Request.Form["IsReply"]));
if (IsReply)
{
commentsModel.ReplyCommentID = Int32.Parse(Request.Form["ReplyCommentID"]);
}
if (ModelState.IsValid)
{
commentsModel.ArticleID = Int32.Parse(ArticleID);
commentsModel.Name = CommenterName;
if (UserEmail != null)
{
commentsModel.UserEmail = UserEmail.ToString();
}
commentsModel.IsReply = IsReply;
commentsModel.UniqueCommentID = AppFunctions.RandomString(2) + AppFunctions.RandomInt(8) + AppFunctions.RandomString(2);
db.ArticleComments.Add(commentsModel);
db.SaveChanges();
TempData["SuccessMessage"] = "Comment added.";
if (!string.IsNullOrEmpty(ReturnUrl))
{
return(Redirect(ReturnUrl));
}
return(RedirectToAction("Index", "Home"));
}
else
{
StringBuilder result = new StringBuilder();
foreach (var item in ModelState)
{
string key = item.Key;
var errors = item.Value.Errors;
foreach (var error in errors)
{
result.Append(key + " " + error.ErrorMessage + "#");
}
}
TempData["ErrorMessage"] = "Opps!an error occured. " + result.ToString();
if (!string.IsNullOrEmpty(ReturnUrl))
{
return(Redirect(ReturnUrl));
}
return(View("Index", "Home"));
}
}
public ActionResult Register(AccountsModel accountmodel)
{
var returnController = "Home";
var returnAction = "Index";
if (!string.IsNullOrEmpty(Request.Form["returnController"]) && !string.IsNullOrEmpty(Request.Form["returnAction"]))
{
returnController = Request.Form["returnController"];
returnAction = Request.Form["returnAction"];
}
if (ModelState.IsValid)
{
//Set default values for account
var confirm_password = Request.Form["RepeatPassword"];
//If passwords do not match
if (accountmodel.Password != confirm_password)
{
TempData["ProcessRegisterFailureMessage"] = "Passwords do not match.";
TempData["displayModal"] = "registerModal";
return(RedirectToAction(returnAction, returnController));
}
//Check if email exist already
if (db.Accounts.Where(s => s.Email == accountmodel.Email).Any())
{
TempData["ProcessRegisterFailureMessage"] = "The email provided already exist, please try again with a different email.";
TempData["displayModal"] = "registerModal";
return(RedirectToAction(returnAction, returnController));
}
//Add registration
if (SecurityFunctions.AddNewRegistration(accountmodel.Email, accountmodel.Password, false))
{
string to_name = AppFunctions.FirstLetterToUpper(AppFunctions.GetUsernameFromEmail(accountmodel.Email));
string h1_text = "Welcome to Gambia Review.";
string h2_text = null;
string p1_text = "You've successfully registered in Gambia Review application system.";
string p2_text = "You can contact us by phone +7 (495) 280-14- 81 (ext. 3397) or by using the feedback form, which is presented on the questionnaire page. Our staff will promptly provide answers to your questions. You can fill in the questionnaire sections in any order convenient for you.";
//Send email to registerer
AppEmailer.SendEmail(GMailer.GetGambiaReviewEmail(), "Gambia Review", accountmodel.Email, to_name, "Welcome to Gambia Review",
h1_text, h2_text, p1_text, p2_text, null, null, null, null, null);
//Send email to Gambia Review
to_name = "Gambia Review Team";
h1_text = "New User Registered";
h2_text = null;
p1_text = "User with email :" + accountmodel.Email + " has registered.";
p2_text = null;
AppEmailer.SendEmail(GMailer.GetGambiaReviewEmail(), "Gambia Review", "*****@*****.**", to_name, "Welcome to Gambia Review",
h1_text, h2_text, p1_text, p2_text, null, null, null, null, null);
//Add Login data
var SessionID = SecurityFunctions.ComputeSha256Hash(AppFunctions.RandomString(12).ToString());
if (!SecurityFunctions.AddLoginInfo(accountmodel.Email, DateTime.Now, 0, 0, null, 0, SessionID, DateTime.Now))
{
//Think of what to do here
//Log Error
}
TempData["ProcessSuccessMessage"] = "Registration successfull.";
SecurityFunctions Security = new SecurityFunctions();
Session["sessionID"] = SessionID;
Session["sessionEmail"] = accountmodel.Email;
Session["sessionFullName"] = Security.ReturnAccountData(accountmodel.Email, "FirstName") + " " + Security.ReturnAccountData(accountmodel.Email, "LastName");
if (string.IsNullOrEmpty(Security.ReturnAccountData(accountmodel.Email, "FirstName")))
{
Session["sessionFullName"] = accountmodel.Email;
}
Session["sessionProfilePic"] = Security.ReturnAccountData(accountmodel.Email, "DirectoryName") + "/" + Security.ReturnAccountProfilePic(accountmodel.Email);
if (string.IsNullOrEmpty(Security.ReturnAccountData(accountmodel.Email, "DirectoryName")))
{
Session["sessionProfilePic"] = AppFunctions.GetDefaultProfileLink();
}
return(RedirectToAction("Index", "Home"));
}
else
{
TempData["ProcessFailureMessage"] = "Registration failed, please try again.";
return(RedirectToAction(returnAction, returnController));
}
}
else
{
StringBuilder result = new StringBuilder();
foreach (var item in ModelState)
{
string key = item.Key;
var errors = item.Value.Errors;
foreach (var error in errors)
{
result.Append(key + " " + error.ErrorMessage + "#");
}
}
TempData["ProcessRegisterFailureMessage"] = result.ToString();
TempData["displayModal"] = "registerModal";
}
return(RedirectToAction(returnAction, returnController));
}
public ActionResult Login(AccountsModel usersmodel)
{
var returnController = "Home";
var returnAction = "Index";
if (!string.IsNullOrEmpty(Request.Form["returnController"]) && !string.IsNullOrEmpty(Request.Form["returnAction"]))
{
returnController = Request.Form["returnController"];
returnAction = Request.Form["returnAction"];
}
//If both inputs not empty
if (!string.IsNullOrEmpty(Request.Form["userEmail"]) && !string.IsNullOrEmpty(Request.Form["userPassword"]))
{
var user_email = Request.Form["userEmail"];
var user_password = Request.Form["userPassword"]; //Hash password
var remember = Request.Form["RememberMe"];
//bool remember_me = false; //Convert.ToBoolean(Request.Form["RememberMe"]);
SecurityFunctions Security = new SecurityFunctions();
if (Security.IsLoginValid(user_email, user_password))
{
//Check if account is active
int AccountStatus = Security.ReturnAccountStatus(user_email);
if (AccountStatus == 0)
{
//Login valid but pending approval
TempData["ProcessLoginFailureMessage"] = "This account has not yet been approved by the administrator.";
TempData["displayModal"] = "loginModal";
return(RedirectToAction(returnAction, returnController));
}
if (AccountStatus == 2)
{
//Login valid but pending approval
TempData["ProcessLoginFailureMessage"] = "This account is currently suspended. Please contact us at (+90) 5314950226 or send us a message.";
TempData["displayModal"] = "loginModal";
return(RedirectToAction(returnAction, returnController));
}
//Valid Login Status
if (Security.IsAccountLocked(user_email))
{
//Login valid but account locked
TempData["ProcessLoginFailureMessage"] = "This account is currently locked. Try again later.";
TempData["displayModal"] = "loginModal";
return(RedirectToAction(returnAction, returnController));
}
//If All Good
if (AccountStatus == 1)
{
//Login valid
var SessionID = SecurityFunctions.ComputeSha256Hash(AppFunctions.RandomString(12).ToString());
if (!SecurityFunctions.AddLoginInfo(user_email, DateTime.Now, 0, 0, null, 0, SessionID, DateTime.Now))
{
//Think of what to do here
//Log Error
}
Session["sessionID"] = SessionID;
Session["sessionEmail"] = user_email;
Session["sessionFullName"] = Security.ReturnAccountData(user_email, "FirstName") + " " + Security.ReturnAccountData(user_email, "LastName");
Session["sessionOauth"] = false;
if (string.IsNullOrEmpty(Security.ReturnAccountData(user_email, "FirstName")))
{
Session["sessionFullName"] = user_email;
}
Session["sessionProfilePic"] = Security.ReturnAccountData(user_email, "DirectoryName") + "/" + Security.ReturnAccountProfilePic(user_email);
if (string.IsNullOrEmpty(Security.ReturnAccountData(user_email, "DirectoryName")) || string.IsNullOrEmpty(Security.ReturnAccountProfilePic(user_email)))
{
Session["sessionProfilePic"] = AppFunctions.GetDefaultProfileLink();
}
//Set Admin Session Values
//System Admin
int sys_admin_id = AppFunctions.GetRoleID("SystemAdmin");
if (AppFunctions.ValidateUserRole(sys_admin_id))
{
Session["sessionSystemAdmin"] = true;
}
//Editor
int editor_id = AppFunctions.GetRoleID("Editor");
if (AppFunctions.ValidateUserRole(editor_id))
{
Session["sessionEditor"] = true;
}
//Author
int author_id = AppFunctions.GetRoleID("Author");
if (AppFunctions.ValidateUserRole(author_id))
{
Session["sessionAuthor"] = true;
}
//Censor
int censor_id = AppFunctions.GetRoleID("Censor");
if (AppFunctions.ValidateUserRole(censor_id))
{
Session["sessionCensor"] = true;
}
//Advertiser
int advitiser_id = AppFunctions.GetRoleID("Advertiser");
if (AppFunctions.ValidateUserRole(censor_id))
{
Session["sessionAdvertiser"] = true;
}
if (AppFunctions.UserHasRole())//ie user has an admin role
{
return(RedirectToAction("Index", "Admin"));
}
return(RedirectToAction("Index", "User"));
}
}
else
{
//Login not valid
TempData["ProcessLoginFailureMessage"] = "Wrong username or password! Please try again.";
TempData["displayModal"] = "loginModal";
return(RedirectToAction(returnAction, returnController));
}
}
// If we got this far, something failed, redisplay form
//Login not valid
TempData["ProcessLoginFailureMessage"] = "Email and password field required.";
TempData["displayModal"] = "loginModal";
return(RedirectToAction(returnAction, returnController));
}
public async Task <IActionResult> NewPost(ProductsModel productsModel)
{
string AccountID = _sessionManager.LoginAccountId;
//Set ViewBags data for form return data
ViewBag.CurrencyList = functions.GetCurrencyList();
ViewBag.CategoryList = functions.GetCategoryList();
ViewBag.StoresList = functions.GetStoresList(_sessionManager.LoginAccountId);
if (ModelState.IsValid)
{
try
{
//Set other product data
productsModel.ProductID = functions.GetUinqueId();
productsModel.AccountID = _sessionManager.LoginAccountId;
productsModel.UniqueProductName = functions.GenerateUniqueProductName(productsModel.ProductName);
productsModel.FeaturedPost = (string.IsNullOrEmpty(HttpContext.Request.Form["FeaturedPost"])) ? 0 : functions.Int32Parse(HttpContext.Request.Form["FeaturedPost"]);
productsModel.ApproveStatus = _systemConfiguration.defaultProductApproveStatus;
productsModel.UpdatedBy = _sessionManager.LoginUsername;
productsModel.UpdateDate = DateTime.Now;
productsModel.DateAdded = DateTime.Now;
if (!string.IsNullOrEmpty(HttpContext.Request.Form["EditPost"]) && HttpContext.Request.Form["EditPost"] == "True")
{
//update post
productsModel.ID = functions.Int32Parse(HttpContext.Request.Form["ID"]);
productsModel.ProductID = HttpContext.Request.Form["ProductID"];
_context.Update(productsModel);
await _context.SaveChangesAsync();
//remove current post images
functions.DeleteProductImages(AccountID, productsModel.ProductID);
functions.DeleteTableData("ProductImages", "ProductID", productsModel.ProductID, _systemConfiguration.connectionString);
}
else
{
//add post
_context.Add(productsModel);
await _context.SaveChangesAsync();
//add product stock
functions.AddTableData("ProductStock", "ProductID", _systemConfiguration.defaultProductStock.ToString(), _systemConfiguration.connectionString);
}
//Image watermark from config file
string TextWaterMark = _systemConfiguration.textWaterMark;
string ImageWaterMark = _systemConfiguration.imageWatermark;
int ImageHeight = _systemConfiguration.uploadImageDefaultHeight;
int ImageWidth = _systemConfiguration.uploadImageDefaultWidth;
//Get account directory name
var DirectoryName = functions.GetAccountData(_sessionManager.LoginAccountId, "DirectoryName");
var SavePath = @"wwwroot\\files\\" + DirectoryName + "\\products";
int TotalUploads = 0;
//Loop through files and upload
foreach (var file in Request.Form.Files)
{
if (file.Length > 0)
{
using (var stream = file.OpenReadStream())
{
using (var img = Image.FromStream(stream))
{
string NewFileName = functions.RandomString(4) + "-" + file.FileName;
if (!string.IsNullOrEmpty(ImageWaterMark))
{
img.ScaleAndCrop(ImageWidth, ImageHeight)
.AddImageWatermark(@"wwwroot\files\images\" + ImageWaterMark)
.AddTextWatermark(TextWaterMark)
.SaveAs(SavePath + "\\" + NewFileName);
}
else
{
try
{
img.ScaleAndCrop(ImageWidth, ImageHeight)
.AddTextWatermark(TextWaterMark)
.SaveAs(SavePath + "\\" + NewFileName);
}
catch (Exception)
{
//exclude watermark
img.ScaleAndCrop(ImageWidth, ImageHeight)
.SaveAs(SavePath + "\\" + NewFileName);
}
}
//Add image to ProductImages table
functions.AddProductImages(productsModel.ProductID, NewFileName, null);
TotalUploads++;
}
}
}
}
//Add product video (if added)
var ProductVideo = Request.Form["ProductVideo"];
if (!string.IsNullOrEmpty(ProductVideo.ToString()))
{
string NewFileName = functions.RandomString(4) + "-" + ProductVideo;
//Add to ProductVideo table
functions.AddProductVideo(productsModel.ProductID, NewFileName, null);
}
TempData["SuccessMessage"] = @$ "Product added successfully. {TotalUploads} images uploaded.
<br/> Add product details here: <a href='/Account/AddProductColors/{productsModel.ProductID}' class='mr-2'>Product Colors</a>
<a href='/Account/AddProductSizes/{productsModel.ProductID}'>Product Sizes</a>";
return(RedirectToAction("ManagePosts", "Account"));
}