public IHttpActionResult SwitchUser(int selectedUserId, string selectedUserName)
{
var result = default(IHttpActionResult);
try
{
if (selectedUserId == -1)
{
HttpContext.Current.Response.Redirect(Globals.NavigateURL("LogOff"));
}
else
{
var selectedUser = UserController.GetUserById(this.PortalSettings.PortalId, selectedUserId);
DataCache.ClearUserCache(this.PortalSettings.PortalId, selectedUserName);
// Sign current user out.
var objPortalSecurity = new PortalSecurity();
objPortalSecurity.SignOut();
// Sign new user in.
UserController.UserLogin(this.PortalSettings.PortalId, selectedUser, this.PortalSettings.PortalName,
HttpContext.Current.Request.UserHostAddress, false);
}
result = this.Ok();
}
catch (Exception exception)
{
Exceptions.LogException(exception);
result = this.InternalServerError(exception);
}
return(result);
}
/// <summary>
/// Handles the Click event of the SaveChangesBtn control.
/// </summary>
/// <param name="sender">
/// The source of the event.
/// </param>
/// <param name="e">
/// The <see cref="System.EventArgs"/> instance containing the event data.
/// </param>
protected void SaveChangesBtnClick(object sender, EventArgs e)
{
this.Page.Validate();
if (this.Page.IsValid)
{
var returnId = this.SaveUserData();
if (returnId == Guid.Empty)
{
if (this.SelfEdit)
{
// All should be ok now
// Try logoff user
PortalSecurity.SignOut(string.Empty, true);
// Logon user again with new settings
var actualPassword = this.PasswordField.Text.Length != 0
? this.PasswordField.Text
: this.OriginalPassword;
// Full signon
PortalSecurity.SignOn(this.EmailField.Text, actualPassword, false, this.RedirectPage);
}
else if (this.RedirectPage == string.Empty)
{
// Redirect browser back to home page
PortalSecurity.PortalHome();
}
else
{
this.Response.Redirect(this.RedirectPage);
}
}
}
}
protected void cmdSwitch_Click(object sender, EventArgs e)
{
if (cboUsers.SelectedValue != this.UserId.ToString())
{
if (cboUsers.SelectedValue == Null.NullInteger.ToString())
{
Response.Redirect(DotNetNuke.Common.Globals.NavigateURL("LogOff"));
}
else
{
UserInfo MyUserInfo = UserController.GetUser(PortalId, int.Parse(cboUsers.SelectedValue), false);
if (!ReferenceEquals(MyUserInfo, null))
{
//Remove user from cache
if (Page.User != null)
{
DataCache.ClearUserCache(this.PortalSettings.PortalId, Context.User.Identity.Name);
}
// sign current user out
PortalSecurity objPortalSecurity = new PortalSecurity();
objPortalSecurity.SignOut();
// sign new user in
UserController.UserLogin(PortalId, MyUserInfo, PortalSettings.PortalName, Request.UserHostAddress, false);
// redirect to current url
Response.Redirect(Request.RawUrl, true);
}
}
}
}
/// <summary>
/// Handles the Load event of the Page control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="T:System.EventArgs"/> instance containing the event data.</param>
private void Page_Load(object sender, EventArgs e)
{
var controlStr = "~/DesktopModules/CoreModules/SignIn/Signin.ascx";
if (this.PortalSettings.CustomSettings.ContainsKey("SITESETTINGS_LOGIN_TYPE"))
{
controlStr = Convert.ToString(this.PortalSettings.CustomSettings["SITESETTINGS_LOGIN_TYPE"]);
}
try
{
var control = this.LoadControl(controlStr);
if (control is SignInControl)
{
((SignInControl)this.LoadControl(controlStr)).Logoff();
}
}
catch (Exception exc)
{
ErrorHandler.Publish(LogLevel.Error, exc);
var control = this.LoadControl("~/DesktopModules/CoreModules/SignIn/Signin.ascx");
if (control is SignInControl)
{
((SignInControl)this.LoadControl("~/DesktopModules/CoreModules/SignIn/Signin.ascx")).Logoff();
}
}
// Signout
PortalSecurity.SignOut();
}
private void ProcessLogin(int newUserId)
{
var currentUser = UserController.GetCurrentUserInfo();
//Log event
var objEventLog = new EventLogController();
objEventLog.AddLog("Username", currentUser.Username, PortalSettings, currentUser.UserID, EventLogController.EventLogType.USER_IMPERSONATED);
//Remove user from cache
DataCache.ClearUserCache(PortalSettings.PortalId, currentUser.Username);
var objPortalSecurity = new PortalSecurity();
objPortalSecurity.SignOut();
var ctlUser = new UserController();
var newUser = ctlUser.GetUser(PortalSettings.PortalId, newUserId);
UserController.UserLogin(newUser.PortalID, newUser, PortalSettings.PortalName, HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"], false);
ClearCookies();
Response.Redirect(DotNetNuke.Common.Globals.NavigateURL(PortalSettings.ActiveTab.TabID));
}
protected void SignIn(object sender, EventArgs e)
{
UserInfo user = UserController.GetCurrentUserInfo();
if (user.UserID != -1)
{
secure.SignOut();
Response.Redirect("/", false);
}
}
private void CheckLogout(bool bLogout)
{
if (bLogout && UserInfo != null && UserInfo.UserID > 0)
{
DataCache.ClearUserCache(PortalSettings.PortalId, Context.User.Identity.Name);
PortalSecurity objPortalSecurity = new PortalSecurity();
objPortalSecurity.SignOut();
}
}
protected void SignIn(object sender, EventArgs e)
{
UserInfo user = UserController.Instance.GetCurrentUserInfo();
if (user.UserID != -1)
{
secure.SignOut();
Response.Redirect("/", false);
Session["IsVisitor"] = null;
}
}
public bool Logout()
{
try
{
var portalSecurity = new PortalSecurity();
portalSecurity.SignOut();
return(true);
}
catch
{
return(false);
}
}
private void DoLogoff()
{
try
{
//Remove user from cache
if (User != null)
{
DataCache.ClearUserCache(PortalSettings.PortalId, Context.User.Identity.Name);
}
var objPortalSecurity = new PortalSecurity();
objPortalSecurity.SignOut();
}
catch (Exception exc) //Page failed to load
{
Exceptions.ProcessPageLoadException(exc);
}
}
private void ProcessLogin(int newUserId)
{
var currentUser = DNNUserController.Instance.GetCurrentUserInfo();
//Log event
var objEventLog = new EventLogController();
objEventLog.AddLog("Username", currentUser.Username, PortalSettings, currentUser.UserID, EventLogController.EventLogType.USER_IMPERSONATED);
//Remove user from cache
DataCache.ClearUserCache(PortalSettings.PortalId, currentUser.Username);
var objPortalSecurity = new PortalSecurity();
objPortalSecurity.SignOut();
var newUser = DNNUserController.Instance.GetUser(PortalSettings.PortalId, newUserId);
DNNUserController.UserLogin(newUser.PortalID, newUser, PortalSettings.PortalName, HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"], false);
}
/// <summary>
///
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void SaveChangesBtn_Click(object sender, EventArgs e)
{
Page.Validate();
if (Page.IsValid)
{
Guid returnID = SaveUserData();
if (returnID == Guid.Empty)
{
if (selfEdit)
{
//All should be ok now
//Try logoff user
PortalSecurity.SignOut(string.Empty, true);
//Logon user again with new settings
string actualPassword;
if (PasswordField.Text.Length != 0)
{
actualPassword = PasswordField.Text;
}
else
{
actualPassword = originalPassword;
}
//Full signon
PortalSecurity.SignOn(EmailField.Text, actualPassword, false, RedirectPage);
}
else if (RedirectPage == string.Empty)
{
// Redirect browser back to home page
PortalSecurity.PortalHome();
}
else
{
Response.Redirect(RedirectPage);
}
}
}
}
/// <summary>
/// Handles the BeginRequest event of the Application control.
/// The Application_BeginRequest method is an ASP.NET event that executes
/// on each web request into the portal application. The below method
/// obtains the current pageIndex and PageID from the querystring of the
/// request -- and then obtains the configuration necessary to process
/// and render the request.
/// This portal configuration is stored within the application's "Context"
/// object -- which is available to all pages, controls and components
/// during the processing of a single request.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="T:System.EventArgs"/> instance containing the event data.</param>
protected void Application_BeginRequest(Object sender, EventArgs e)
{
Reader contextReader = new Reader(new WebContextReader());
HttpContext context = contextReader.Current;
// TODO: Move all URL handling to URLHandler.cs in core
// TODO: Need to support page name with no id, search db for match
// TODO: If not, return page with recomended matches..
/*
* QUERY FOR MATCHERS
* int pageID = Portal.PageID; // Get PageID from QueryString
* string portalAlias = Portal.UniqueID;
* Portal alias =
* page name = currentURL.Substring(currentURL.LastIndexOf("/") + 1)
* DECLARE @portalAlias varchar(20)
* DECLARE @PageName varchar(20)
*
* SET @portalAlias = 'rainbow'
* SET @PageName = 'Manage'
*
* SELECT rb_Tabs.TabID, rb_Tabs.TabName
* FROM rb_Portals INNER JOIN
* rb_Tabs ON rb_Portals.PortalID = rb_Tabs.PortalID
* WHERE (rb_Portals.PortalAlias LIKE '%' + @portalAlias + '%') AND (rb_Tabs.TabName LIKE N'%' + @PageName + N'%')
*/
string currentURL = context.Request.Path.ToLower();
#if DEBUG
if (currentURL.Contains("trace.axd"))
{
return;
}
#endif
context.Trace.Warn("Application_BeginRequest :: " + currentURL);
if (Portal.PageID > 0)
{
//Creates the physical path on the server
string physicalPath = context.Server.MapPath(currentURL.Substring(currentURL.LastIndexOf("/") + 1));
// TODO: Can we enhance performance here by checking to see if it is a friedly url page
// name instead of doing an IO check for exists?
// checks to see if the file does not exsists.
if (!File.Exists(physicalPath)) // Rewrites the path
{
context.RewritePath("~/default.aspx?" + context.Request.ServerVariables["QUERY_STRING"]);
}
}
else
{
string pname = currentURL.Substring(currentURL.LastIndexOf("/") + 1);
pname = pname.Substring(0, (pname.Length - 5));
if (Regex.IsMatch(pname, @"^\d+$"))
{
context.RewritePath("~/default.aspx?pageid=" + pname +
context.Request.ServerVariables["QUERY_STRING"]);
}
}
// 1st Check: is it a dangerously malformed request?
//Important patch http://support.microsoft.com/?kbid=887459
if (context.Request.Path.IndexOf('\\') >= 0 ||
Path.GetFullPath(context.Request.PhysicalPath) != context.Request.PhysicalPath)
{
throw new RainbowRedirect(LogLevel.Warn, HttpStatusCode.NotFound, "Malformed request", null);
}
#region 2nd Check: is the AllPortals Lock switched on?
// 2nd Check: is the AllPortals Lock switched on?
// let the user through if client IP address is in LockExceptions list, otherwise throw...
if (Config.LockAllPortals)
{
string _rawUrl = context.Request.RawUrl.ToLower(CultureInfo.InvariantCulture);
string _lockRedirect = Config.LockRedirect;
if (!_rawUrl.EndsWith(_lockRedirect))
{
// construct IPList
string[] lockKeyHolders = Config.LockKeyHolders.Split(new char[] { ';' });
IPList ipList = new IPList();
foreach (string lockKeyHolder in lockKeyHolders)
{
if (lockKeyHolder.IndexOf("-") > -1)
{
ipList.AddRange(lockKeyHolder.Substring(0, lockKeyHolder.IndexOf("-")),
lockKeyHolder.Substring(lockKeyHolder.IndexOf("-") + 1));
}
else
{
ipList.Add(lockKeyHolder);
}
}
// check if requestor's IP address is in allowed list
if (!ipList.CheckNumber(context.Request.UserHostAddress))
{
throw new PortalsLockedException();
}
}
}
#endregion
#region 3rd Check: is database/code version correct?
// 3rd Check: is database/code version correct?
// don't check database when installer is running
if (Request.AppRelativeCurrentExecutionFilePath.ToLower() != Config.InstallerRedirect.ToLower() &&
Request.AppRelativeCurrentExecutionFilePath.ToLower() != "~/webresource.axd")
{
int versionDelta = Database.DatabaseVersion.CompareTo(Portal.CodeVersion);
// if DB and code versions do not match
if (versionDelta != 0)
{
Uri _requestUri = context.Request.Url;
string _databaseUpdateRedirect = Config.DatabaseUpdateRedirect;
if (_databaseUpdateRedirect.StartsWith("~/"))
{
_databaseUpdateRedirect = _databaseUpdateRedirect.TrimStart(new char[] { '~' });
}
if (
!
_requestUri.AbsolutePath.ToLower(CultureInfo.InvariantCulture).EndsWith(
_databaseUpdateRedirect.ToLower(CultureInfo.InvariantCulture)))
{
// ...and this is not DB Update page
string errorMessage = "Database version: " + Database.DatabaseVersion.ToString() + " Code version: " +
Portal.CodeVersion.ToString();
if (versionDelta < 0) // DB Version is behind Code Version
{
// Jonathan : WHy wouldnt we redirect to update page?
// TODO : Check with people why this was like this....
Response.Redirect(Framework.Settings.Path.ApplicationRoot + _databaseUpdateRedirect, true);
// so update?
ErrorHandler.Publish(LogLevel.Warn, errorMessage);
// throw new DatabaseVersionException(errorMessage);
}
else // DB version is ahead of Code Version
{
ErrorHandler.Publish(LogLevel.Warn, errorMessage);
// Jonathan : WHy wouldnt we redirect to update page?
// TODO : Check with people why this was like this....
// Who cares ?
// throw new CodeVersionException(errorMessage);
}
}
else // this is already DB Update page...
{
return; // so skip creation of PortalSettings
}
}
#endregion
// ************ 'calculate' response to this request ************
//
// Test 1 - try requested Alias and requested PageID
// Test 2 - try requested Alias and PageID 0
// Test 3 - try default Alias and requested PageID
// Test 4 - try default Alias and PageID 0
//
// The UrlToleranceLevel determines how many times the test is allowed to fail before the request is considered
// to be "an error" and is therefore redirected:
//
// UrlToleranceLevel 1
// - requested Alias must be valid - if invalid, InvalidAliasRedirect page on default portal will be shown
// - if requested PageID is found, it is shown
// - if requested PageID is not found, InvalidPageIdRedirect page is shown
//
// UrlToleranceLevel 2
// - requested Alias must be valid - if invalid, InvalidAliasRedirect page on default portal will be shown
// - if requested PageID is found, it is shown
// - if requested PageID is not found, PageID 0 (Home page) is shown
//
// UrlToleranceLevel 3 - <<<<<< not working?
// - if requested Alias is invalid, default Alias will be used
// - if requested PageID is found, it is shown
// - if requested PageID is not found, InvalidPageIdRedirect page is shown
//
// UrlToleranceLevel 4 -
// - if requested Alias is invalid, default Alias will be used
// - if requested PageID is found, it is shown
// - if requested PageID is not found, PageID 0 (Home page) is shown
PortalSettings portalSettings = null;
int pageID = Portal.PageID; // Get PageID from QueryString
string portalAlias = Portal.UniqueID; // Get requested alias from querystring, cookies or hostname
string defaultAlias = Config.DefaultPortal; // get default portal from config
// load arrays with values to test
string[] testAlias = new string[4] {
portalAlias, portalAlias, defaultAlias, defaultAlias
};
int[] testPageID = new int[4] {
pageID, 0, pageID, 0
};
int testsAllowed = Config.UrlToleranceLevel;
int testsToRun = testsAllowed > 2 ? 4 : 2;
// if requested alias is default alias, limit UrlToleranceLevel to max value of 2 and limit tests to 2
if (portalAlias == defaultAlias)
{
testsAllowed = testsAllowed % 2;
testsToRun = 2;
}
int testsCounter = 1;
while (testsCounter <= testsToRun)
{
//try with current values from arrays
portalSettings = new PortalSettings(testPageID[testsCounter - 1], testAlias[testsCounter - 1]);
// test returned result
if (portalSettings.PortalAlias != null)
{
break; // successful hit
}
else
{
testsCounter++; // increment the test counter and continue
}
}
if (portalSettings.PortalAlias == null)
{
// critical error - neither requested alias nor default alias could be found in DB
throw new RainbowRedirect(
Config.NoPortalErrorRedirect,
LogLevel.Fatal,
Config.NoPortalErrorResponse,
"Unable to load any portal - redirecting request to ErrorNoPortal page.",
null);
}
if (testsCounter <= testsAllowed) // success
{
// Portal Settings has passed the test so add it to Context
context.Items.Add("PortalSettings", portalSettings);
context.Items.Add("PortalID", portalSettings.PortalID); // jes1111
}
else // need to redirect
{
if (portalSettings.PortalAlias != portalAlias) // we didn't get the portal we asked for
{
throw new RainbowRedirect(
Config.InvalidAliasRedirect,
LogLevel.Info,
HttpStatusCode.NotFound,
"Invalid Alias specified in request URL - redirecting (404) to InvalidAliasRedirect page.",
null);
}
if (portalSettings.ActivePage.PageID != pageID) // we didn't get the page we asked for
{
throw new RainbowRedirect(
Config.InvalidPageIdRedirect,
LogLevel.Info,
HttpStatusCode.NotFound,
"Invalid PageID specified in request URL - redirecting (404) to InvalidPageIdRedirect page.",
null);
}
}
// Save cookies
//saveCookie = true; // Jes1111 - why is this always set to true? is it needed?
//ExtendCookie(settings);
//if (saveCookie) // Jes1111 - why is this always set to true? is it needed?
//{
context.Response.Cookies["PortalAlias"].Path = "/";
context.Response.Cookies["PortalAlias"].Value = portalSettings.PortalAlias;
//}
//Try to get alias from cookie to determine if alias has been changed
bool refreshSite = false;
if (context.Request.Cookies["PortalAlias"] != null &&
context.Request.Cookies["PortalAlias"].Value.ToLower() != Portal.UniqueID)
{
refreshSite = true; //Portal has changed since last page request
}
// if switching portals then clean parameters [TipTopWeb]
// Must be the last instruction in this method
// 5/7/2006 Ed Daniel
// Added hack for Http 302 by extending condition below to check for more than 3 cookies
if (refreshSite && context.Request.Cookies.Keys.Count > 3)
{
// Signout and force the browser to refresh only once to avoid any dead-lock
if (context.Request.Cookies["refreshed"] == null ||
(context.Request.Cookies["refreshed"] != null &&
context.Response.Cookies["refreshed"].Value == "false"))
{
string rawUrl = context.Request.RawUrl;
// jes1111 - not needed now
// //by Manu avoid endless loop when portal does not exists
// if (rawUrl.EndsWith("init")) // jes1111: is this still valid/needed?
// context.Response.Redirect("~/app_support/ErrorNoPortal.html", true);
//
// // add parameter at the end of the command line to detect the dead-lock
// if (rawUrl.LastIndexOf(@"?") > 0)
// rawUrl += "&init";
// else rawUrl += "?init";
context.Response.Cookies["refreshed"].Value = "true";
context.Response.Cookies["refreshed"].Path = "/";
context.Response.Cookies["refreshed"].Expires = DateTime.Now.AddMinutes(1);
// sign-out, if refreshed param on the command line we will not call it again
PortalSecurity.SignOut(rawUrl, false);
}
}
// invalidate cookie, so the page can be refreshed when needed
if (context.Request.Cookies["refreshed"] != null && context.Request.Cookies.Keys.Count > 3)
{
context.Response.Cookies["refreshed"].Path = "/";
context.Response.Cookies["refreshed"].Value = "false";
context.Response.Cookies["refreshed"].Expires = DateTime.Now.AddMinutes(1);
}
}
} // end of Application_BeginRequest
protected void Page_Load(object sender, EventArgs e)
{
try
{
spnStatus.Visible = true;
lblMsg.Visible = false;
string secret_key = (host.StartsWith("www.")) ? System.Configuration.ConfigurationManager.AppSettings["secretkey_fromPostUrl"] : System.Configuration.ConfigurationManager.AppSettings["secretkey_fromSandBoxPostUrl"];//"ed70df7a017654499542ff0a5515812824b74142";
string data = "";
string txnId = Request["TxId"];
string txnStatus = Request["TxStatus"];
string amount = Request["amount"];
string pgTxnId = Request["pgTxnNo"];
string issuerRefNo = Request["issuerRefNo"];
string authIdCode = Request["authIdCode"];
string firstName = Request["firstName"];
string lastName = Request["lastName"];
string pgRespCode = Request["pgRespCode"];
string zipCode = Request["addressZip"];
string resSignature = Request["signature"];
string _mrNumber = Request["MrNumber"];
bool flag = true;
if (txnId != null)
{
data += txnId;
}
if (txnStatus != null)
{
data += txnStatus;
}
if (amount != null)
{
data += amount;
}
if (pgTxnId != null)
{
data += pgTxnId;
}
if (issuerRefNo != null)
{
data += issuerRefNo;
}
if (authIdCode != null)
{
data += authIdCode;
}
if (firstName != null)
{
data += firstName;
}
if (lastName != null)
{
data += lastName;
}
if (pgRespCode != null)
{
data += pgRespCode;
}
if (zipCode != null)
{
data += zipCode;
}
System.Security.Cryptography.HMACSHA1 myhmacsha1 = new System.Security.Cryptography.HMACSHA1(Encoding.ASCII.GetBytes(secret_key));
System.IO.MemoryStream stream = new System.IO.MemoryStream(Encoding.ASCII.GetBytes(data));
string signature = BitConverter.ToString(myhmacsha1.ComputeHash(stream)).Replace("-", "").ToLower();
if (resSignature != null && !signature.Equals(resSignature))
{
flag = false;
}
if (flag == true)
{
string Tranrefid = Convert.ToString(issuerRefNo);
string Transtatus = Convert.ToString(txnStatus);
//sessionData.Amount = Convert.ToInt32(Session["Amount"]);
int UserId = user.UserID;
lblUserName.Text = user.DisplayName;
lblMNo.Text = user.Username; //= Convert.ToString(user.UserID);
lblTxtnId.Text = Convert.ToString(txnId);
lblPaidAgainst.Text = string.Empty;
lblDateTime.Text = Convert.ToString(DateTime.Now.ToString("dd/MM/yyyy"));
lblAmount.Text = string.Empty;
// PR();
if (txnStatus != null)
{
if (Session["Guid"] != null)
{
DataSet AppointmentDs = new DataSet();
if (txnStatus == "CANCELED")
{
Session["Guid"] = null;
Response.Redirect("/");
}
string Guid = Session["Guid"].ToString();
string PageName = Guid.Substring(0, 3);
if (PageName == "App")
{
AppointmentDs = objBusinessLogic.SavePaymentBookAppointment(txnId, Tranrefid, Transtatus, Guid, JeevaStatus);
if (AppointmentDs.Tables[0].Rows.Count > 0)
{
double Amount = Convert.ToDouble(AppointmentDs.Tables[0].Rows[0]["AMOUNT"]);
string ServiceName = Convert.ToString(AppointmentDs.Tables[0].Rows[0]["ServiceName"]);
int PaymentId = Convert.ToInt32(AppointmentDs.Tables[0].Rows[0]["PaymentId"]);
lblAmount.Text = Convert.ToString(Amount);
lblPaidAgainst.Text = ServiceName;
// Send data to Napier Service for Save Deposit
JeevaStatus = SaveDeposit(txnId, lblMNo.Text, Amount, Convert.ToString(DateTime.Now.ToString("dd/MM/yyyy")), ServiceName);
// Code To Update Jeeva status in Payment Table
if (!string.IsNullOrEmpty(JeevaStatus))
{
DataTable dt = null;
objBusinessLogic.UpdateStatus(JeevaStatus, PaymentId, lblMNo.Text, dt);
}
AppointmentSendEmail(Convert.ToString(AppointmentDs.Tables[0].Rows[0]["PhoneNo"]), Convert.ToString(AppointmentDs.Tables[0].Rows[0]["MobileNo"]), Convert.ToString(AppointmentDs.Tables[0].Rows[0]["Country"]), Convert.ToString(AppointmentDs.Tables[0].Rows[0]["StateName"]), Convert.ToString(AppointmentDs.Tables[0].Rows[0]["BookedDate"]), Convert.ToString(AppointmentDs.Tables[0].Rows[0]["AMOUNT"]) + ".00 INR", Convert.ToString(AppointmentDs.Tables[0].Rows[0]["Description"]), Convert.ToString(AppointmentDs.Tables[0].Rows[0]["DoctName"]), "ConsultationAppointment");
AppointmentDs.Tables[0].Rows.Clear();
}
Session["Guid"] = null;
}
else if (PageName == "Reg")
{
lblMsg.Visible = true;
string Gender = user.Profile.GetPropertyValue("Gender");
if (Gender == "Male")
{
Gender = "M";
}
else
{
Gender = "F";
}
string Age = user.Profile.GetPropertyValue("Age");
string Address = user.Profile.GetPropertyValue("Address");
string PhoneNumber = user.Profile.GetPropertyValue("PhoneNumber");
string[] X = PhoneNumber.Split('-');
PhoneNumber = X[1];
string Username;
string Fname;
string Lname;
string Email;
if (user.Username.Length > 20)
{
Username = user.Username.Substring(0, 20);
}
else
{
Username = user.Username;
}
if (user.FirstName.Length > 30)
{
Fname = user.FirstName.Substring(0, 30);
}
else
{
Fname = user.FirstName;
}
if (user.LastName.Length > 30)
{
Lname = user.LastName.Substring(0, 30);
}
else
{
Lname = user.LastName;
}
if (user.Email.Length > 50)
{
Email = user.Email.Substring(0, 50);
}
else
{
Email = user.Email;
}
if (Address.Length > 30)
{
Address = Address.Substring(0, 30);
}
if (PhoneNumber.Length > 12)
{
PhoneNumber = PhoneNumber.Substring(0, 12);
}
var PatientDetails = NapierService(user.Username, user.FirstName, user.LastName, Gender, Age, "01/01/2000", Address, Address, Address, PhoneNumber, Email);
//var PatientDetails = objPatIndex.UpdateorInsertPatient(user.Username, user.FirstName, user.LastName, Gender, Age, "01/01/2000", Address, Address, Address, PhoneNumber, Email);
if (!string.IsNullOrEmpty(PatientDetails.MRNO))
{
if (!string.IsNullOrEmpty(PatientDetails.WEBPWD))
{
bool IsExistMRNumber = objBusinessLogic.IsExistMRNumber(PatientDetails.MRNO);
if (IsExistMRNumber == true)
{
Clear();
lblMsg.ForeColor = System.Drawing.ColorTranslator.FromHtml("#FF0000");
lblMsg.Text = "You Are Allready Registered As A permanent User!";
}
else
{
bool IsUserExist = objBusinessLogic.IsUserExist(PatientDetails.MRNO);
if (!IsUserExist)
{
if (PatientDetails.PatSex == "M")
{
PatientDetails.PatSex = "Male";
}
else
{
PatientDetails.PatSex = "Female";
}
DataSet dsVal = InsertUpdateUserDetails(PatientDetails.MRNO, PatientDetails.PatFName, PatientDetails.PatLName, PatientDetails.PatEmail, PatientDetails.WEBPWD, PatientDetails.PatMobile, PatientDetails.PatSex, PatientDetails.PatAddr1, PatientDetails.PatAge);
lblMNo.Text = PatientDetails.MRNO;
if (dsVal.Tables[0].Rows.Count > 0)
{
// SendMail & MSG
try
{
PermanentUserSendEmail(PatientDetails.PatFName, PatientDetails.PatEmail, PatientDetails.MRNO, PatientDetails.WEBPWD, PhoneNumber, "PermanentRegistration");
}
catch (Exception ex)
{
lblMsg.ForeColor = System.Drawing.ColorTranslator.FromHtml("#FF0000");
lblMsg.Text = "SMS Service is stoped Due to technical problem!";
Exceptions.LogException(ex);
}
lblMsg.Text = "You are now the permanent user! Please login with your MR Number that has been sent to your registered mobile number";
lblMsg.ForeColor = System.Drawing.ColorTranslator.FromHtml("#008000");
UserController.DeleteUser(ref user, false, false);
UserController.RemoveUser(user);
if (user.UserID != -1)
{
secure.SignOut();
}
}
}
else
{
Clear();
lblMsg.ForeColor = System.Drawing.ColorTranslator.FromHtml("#FF0000");
lblMsg.Text = "UserName already exist!";
}
}
}
else
{
Clear();
lblMsg.ForeColor = System.Drawing.ColorTranslator.FromHtml("#FF0000");
lblMsg.Text = "You are already register as a permanent user, Please login with MR Number";
}
}
else
{
Clear();
lblMsg.Visible = true;
lblMsg.ForeColor = System.Drawing.ColorTranslator.FromHtml("#FF0000");
lblMsg.Text = "Due to some technical problem MRNumber is not generated please contact Jaslok Hospital!";
plcDivSucces.Visible = true;
plcDivError.Visible = false;
}
// code to save payment details of Per. Reg.
int PaymentId = 0;
int Amount = 100;
string ServiceName = "PermenantRegistration";
lblAmount.Text = Convert.ToString(Amount);
lblPaidAgainst.Text = ServiceName;
// Send data to Napier Service for Save Deposit
JeevaStatus = SaveDeposit(txnId, lblMNo.Text, Amount, Convert.ToString(DateTime.Now.ToString("dd/MM/yyyy")), ServiceName);
DataTable dt = new DataTable();
dt.Columns.AddRange(new DataColumn[9] {
new DataColumn("TRANSACTIONID"), new DataColumn("TRANREFID"), new DataColumn("TRANSTATUS"), new DataColumn("AMOUNT"), new DataColumn("USERID"), new DataColumn("PORTALID"), new DataColumn("JeevaStatus"), new DataColumn("MrNo"), new DataColumn("ServiceName")
});
//Add rows to DataTable.
dt.Rows.Add(txnId, Tranrefid, Transtatus, Amount, user.UserID, AppGlobal.PortalId, JeevaStatus, lblMNo.Text, ServiceName);
if (dt.Rows.Count > 0)
{
objBusinessLogic.UpdateStatus(JeevaStatus, PaymentId, lblMNo.Text, dt);
}
}
else
{
DataSet ds = objBusinessLogic.SavePaymentDetails(Guid, txnId, Tranrefid, Transtatus);
if (ds.Tables[0].Rows.Count > 0)
{
double Amount = Convert.ToDouble(ds.Tables[0].Rows[0]["Amount"]);
string ServiceName = Convert.ToString(ds.Tables[0].Rows[0]["ServiceName"]);
string ServicePackage = Convert.ToString(ds.Tables[0].Rows[0]["ServicePackage"]);
string BookDate = Convert.ToString(ds.Tables[0].Rows[0]["BEDBOOKINDATETIME"]);
int PaymentId = Convert.ToInt32(ds.Tables[0].Rows[0]["PaymentId"]);
string processName = Convert.ToString(ds.Tables[0].Rows[0]["processName"]);
lblAmount.Text = Convert.ToString(Amount);
lblPaidAgainst.Text = ServiceName;
// Send data to Napier Service for Save Deposit
JeevaStatus = SaveDeposit(txnId, lblMNo.Text, Amount, Convert.ToString(DateTime.Now.ToString("dd/MM/yyyy")), ServiceName);
// Code To Update Jeeva status in Payment Table
if (!string.IsNullOrEmpty(JeevaStatus))
{
DataTable dt = null;
objBusinessLogic.UpdateStatus(JeevaStatus, PaymentId, lblMNo.Text, dt);
}
// Conditions For Email
if (processName == "Bed" || processName == "Sur" || processName == "Hea")
{
string TemplateName = string.Empty;
if (processName == "Bed")
{
TemplateName = "BedBookingPayment";
}
else if (processName == "Sur")
{
TemplateName = "SurgeryBookingPayment";
}
else if (processName == "Hea")
{
TemplateName = "HealthCheckPayment";
}
ServiceBookingSendEmail(user.DisplayName, user.Email, ServiceName, ServicePackage, BookDate, Amount + ".00 INR", TemplateName);
}
else if (processName == "Out")
{
OutStandingSendEmail(sessionData.FacilityName, Amount + ".00 INR", "OutstandingPayment");
}
ds.Tables[0].Rows.Clear();
}
Session["Guid"] = null;
}
}
}
else
{
plcDivSucces.Visible = false;
plcDivError.Visible = true;
spnStatus.Attributes["Class"] = "highlight";
spnStatus.InnerText = "Payment Fail !";
}
}
else
{
Response.Write("Citrus Response Signature and Our (Merchant)Signature Mis - Match");
}
}
catch (Exception ex)
{
Exceptions.LogException(ex);
}
}
protected void Application_BeginRequest(Object sender, EventArgs e)
{
//Important patch http://support.microsoft.com/?kbid=887459
if (Request.Path.IndexOf('\\') >= 0 || System.IO.Path.GetFullPath(Request.PhysicalPath) != Request.PhysicalPath)
{
throw new HttpException(404, "not found");
}
// Check dbVersion
if (!Request.RawUrl.EndsWith("/Setup/Update.aspx") && PortalSettings.DatabaseVersion < PortalSettings.CodeVersion)
{
Response.Redirect(Rainbow.Settings.Path.ApplicationRoot + "/Setup/Update.aspx");
}
// [email protected]: If we are going to update and update.aspx doesn't call any portalsettings why call it. Especially when this may be with a fresh db.
if (!Request.RawUrl.EndsWith("/Setup/Update.aspx"))
{
//flags and variables for Alias and TabID
int tabID = 0;
// Another Alteration By [email protected]
//string portalAlias = null;
string portalAlias = Rainbow.Settings.Portal.UniqueID;
string cookiePortalAlias = null;
bool saveCookie = false;
bool refreshSite = false;
PortalSettings settings;
//Note: TabID, Alias, and Language can be passed in Querystring
// The HTTP Handler will make them appear as virtual directories
// Get TabID from QueryString
// by manu, change to faster execution testing with no try catch
if (Request.Params["TabID"] != null && IsInteger(Request.Params["TabID"]))
{
tabID = Int32.Parse(Request.Params["tabID"]);
}
//Try to get alias from cookie to determine if Alias has been changed
if (Request.Cookies["PortalAlias"] != null)
{
cookiePortalAlias = Request.Cookies["PortalAlias"].Value;
if (cookiePortalAlias.ToUpper() != portalAlias.ToUpper())
{
//Portal has changed since last page request
refreshSite = true;
saveCookie = true;
}
}
else
{
//First time visit to portal
// --- change by Thierry (tiptopweb) 12/4/2003
// removed : this is creating a deadlock if the user does not have cookies enabled!
//refreshSite = true;
// --- end change by Thierry (tiptopweb) 12/4/2003
saveCookie = true;
}
// Jes1111 - temporarily disabled because of new language stuff, until a solution is found
// if(ConfigurationSettings.AppSettings["PortalSettingCaching"] != null)
// {
// //Caching code
// int expireinseconds = Int32.Parse(ConfigurationSettings.AppSettings["PortalSettingCaching"]);
// if(expireinseconds > 0)
// {
// string uniqueCacheData = string.Concat(tabID, "-", portalAlias);
// if(Context.Cache[uniqueCacheData] == null)
// {
// settings = new PortalSettings(tabID, portalAlias);
// Context.Cache.Insert(uniqueCacheData, settings, null, Cache.NoAbsoluteExpiration, TimeSpan.FromSeconds(expireinseconds));
// }
// else
// {
// settings = (PortalSettings) Context.Cache[uniqueCacheData];
// }
// }
// else
// {
// //No cache
// settings = new PortalSettings(tabID, portalAlias);
// }
// //end Caching code
// }
// else
// {
// //No caching code
// settings = new PortalSettings(tabID, portalAlias);
// //end No caching code
// }
//[email protected]: Added Try Catch Here and added special redirect
//http://sourceforge.net/tracker/index.php?func=detail&aid=956528&group_id=66837&atid=515929
try
{
settings = new PortalSettings(tabID, portalAlias);
//Check to see that the current portalAlias was a valid Alias
if (settings.PortalAlias == null)
{
// try the default portal
//Domain is not a valid alias we revert to Default Alias set in web.config
//Rainbow.Helpers.LogHelper.Logger.Log(Rainbow.Configuration.LogLevel.Info, portalAlias + " is not a valid alias. We revert to Default Alias set in web.config");
portalAlias = ConfigurationSettings.AppSettings["DefaultPortal"];
settings = new PortalSettings(tabID, portalAlias);
if (settings.PortalAlias == null)
{
// Default Alias Failed Log Error And Redirect To Friendly Page
Rainbow.Helpers.LogHelper.Logger.Log(Rainbow.Configuration.LogLevel.Info, "Default Alias set in web.config did not work when called from global.asax");
Response.Redirect("~/app_support/ErrorNoPortal.html", true);
}
saveCookie = true;
}
portalAlias = settings.PortalAlias;
// Portal Settings has passed the test so add it to Context
Context.Items.Add("PortalSettings", settings);
}
catch (Exception ex)
{
// Had problems getting PortalSettings
Rainbow.Helpers.LogHelper.Logger.Log(Rainbow.Configuration.LogLevel.Info, "An Error Occurred In Global.asax when trying to get portalsettings. If the error is thread abort it means portalalias:" + portalAlias + " could not be found and the user was redirected.", ex);
Response.Redirect("~/app_support/ErrorNoPortal.html", true);
} // End of [email protected] Mod
// Save cookies
if (saveCookie)
{
Response.Cookies["PortalAlias"].Path = "/";
Response.Cookies["PortalAlias"].Value = portalAlias;
}
// --- change by Thierry (tiptopweb) 12/4/2003
// the previous refresh on the command line could be generating problems
// with links to the portal from emails...
// if switching portals then clean parameters
// Must be the last instruction in this method
if (refreshSite) // this should be called only if Cookies enabled!
{
// Signout and force the browser to refresh
// only once to avoid any dead-lock
if (Request.Cookies["refreshed"] == null || (Request.Cookies["refreshed"] != null && Response.Cookies["refreshed"].Value == "false"))
{
string rawUrl = HttpContext.Current.Request.RawUrl;
//by Manu avoid endless loop when portal does not exists
if (rawUrl.EndsWith("init"))
{
Response.Redirect("~/app_support/ErrorNoPortal.html", true);
}
// add parameter at the end of the command line to detect the dead-lock
if (rawUrl.LastIndexOf(@"?") > 0)
{
rawUrl += "&init";
}
else
{
rawUrl += "?init";
}
Response.Cookies["refreshed"].Value = "true";
Response.Cookies["refreshed"].Path = "/";
Response.Cookies["refreshed"].Expires = DateTime.Now.AddMinutes(1);
// sign-out, if refreshed param on the command line we will not call it again
PortalSecurity.SignOut(rawUrl, false);
}
}
// invalidate cookie, so the page can be refreshed when needed
if (Request.Cookies["refreshed"] != null)
{
Response.Cookies["refreshed"].Path = "/";
Response.Cookies["refreshed"].Value = "false";
Response.Cookies["refreshed"].Expires = DateTime.Now.AddMinutes(1);
}
// --- end change by Thierry (tiptopweb) 12/4/2003
}
}
/// <summary>
/// Sets the current user so that checking authentication and roles works.
/// </summary>
/// <remarks>
/// Copies functionality from <c>DotNetNuke.HttpModules.Membership.MembershipModule.OnAuthenticateRequest</c>
/// to get the current user set as the "Current User"
/// </remarks>
private void SetCurrentUser()
{
// Obtain PortalSettings from Current Context
var portalSettings = PortalController.GetCurrentPortalSettings();
if (this.Context.Request.IsAuthenticated && portalSettings != null)
{
var roleController = new RoleController();
var cachedUser = UserController.GetCachedUser(portalSettings.PortalId, this.Context.User.Identity.Name);
if (this.Context.Request.Cookies["portalaliasid"] != null)
{
// ReSharper disable PossibleNullReferenceException
var portalCookie = FormsAuthentication.Decrypt(this.Context.Request.Cookies["portalaliasid"].Value);
// check if user has switched portals
if (portalSettings.PortalAlias.PortalAliasID != int.Parse(portalCookie.UserData))
{
// expire cookies if portal has changed
this.Context.Response.Cookies["portalaliasid"].Value = null;
this.Context.Response.Cookies["portalaliasid"].Path = "/";
this.Context.Response.Cookies["portalaliasid"].Expires = DateTime.Now.AddYears(-30);
this.Context.Response.Cookies["portalroles"].Value = null;
this.Context.Response.Cookies["portalroles"].Path = "/";
this.Context.Response.Cookies["portalroles"].Expires = DateTime.Now.AddYears(-30);
// ReSharper restore PossibleNullReferenceException
}
}
// authenticate user and set last login ( this is necessary for users who have a permanent Auth cookie set )
if (cachedUser == null || cachedUser.IsDeleted || cachedUser.Membership.LockedOut ||
cachedUser.Membership.Approved == false ||
cachedUser.Username.ToLower() != this.Context.User.Identity.Name.ToLower())
{
var portalSecurity = new PortalSecurity();
portalSecurity.SignOut();
// Remove user from cache
if (cachedUser != null)
{
DataCache.ClearUserCache(portalSettings.PortalId, this.Context.User.Identity.Name);
}
// Redirect browser back to home page
this.Context.Response.Redirect(this.Context.Request.RawUrl, true);
return;
}
// valid Auth cookie
// if users LastActivityDate is outside of the UsersOnlineTimeWindow then record user activity
if (
DateTime.Compare(
cachedUser.Membership.LastActivityDate.AddMinutes(Host.UsersOnlineTimeWindow), DateTime.Now) < 0)
{
// update LastActivityDate and IP Address for user
cachedUser.Membership.LastActivityDate = DateTime.Now;
cachedUser.LastIPAddress = this.Context.Request.UserHostAddress;
UserController.UpdateUser(portalSettings.PortalId, cachedUser);
}
// refreshroles is set when a role is added to a user by an administrator
bool refreshCookies = cachedUser.RefreshRoles;
// check for RSVP code
if (!cachedUser.RefreshRoles && this.Context.Request.QueryString["rsvp"] != null &&
string.IsNullOrEmpty(this.Context.Request.QueryString["rsvp"]) == false)
{
foreach (RoleInfo objRole in roleController.GetPortalRoles(portalSettings.PortalId))
{
if (objRole.RSVPCode == this.Context.Request.QueryString["rsvp"])
{
roleController.UpdateUserRole(portalSettings.PortalId, cachedUser.UserID, objRole.RoleID);
// clear portalroles so the new role is added to the cookie below
refreshCookies = true;
}
}
}
// create cookies if they do not exist yet for this session.
if (this.Context.Request.Cookies["portalroles"] == null || refreshCookies)
{
// keep cookies in sync
var currentDateTime = DateTime.Now;
// create a cookie authentication ticket ( version, user name, issue time, expires every hour, don't persist cookie, roles )
var portalTicket = new FormsAuthenticationTicket(
1,
this.Context.User.Identity.Name,
currentDateTime,
currentDateTime.AddHours(1),
false,
portalSettings.PortalAlias.PortalAliasID.ToString());
// encrypt the ticket
string portalAliasId = FormsAuthentication.Encrypt(portalTicket);
// ReSharper disable PossibleNullReferenceException
// send portal cookie to client
this.Context.Response.Cookies["portalaliasid"].Value = portalAliasId;
this.Context.Response.Cookies["portalaliasid"].Path = "/";
this.Context.Response.Cookies["portalaliasid"].Expires = currentDateTime.AddMinutes(1);
// ReSharper restore PossibleNullReferenceException
// get roles from UserRoles table
string[] arrPortalRoles = roleController.GetRolesByUser(cachedUser.UserID, portalSettings.PortalId);
// create a string to persist the roles, attach a portalID so that cross-portal impersonation cannot occur
string strPortalRoles = portalSettings.PortalId + "!!" + string.Join(";", arrPortalRoles);
// create a cookie authentication ticket ( version, user name, issue time, expires every hour, don't persist cookie, roles )
var rolesTicket = new FormsAuthenticationTicket(
1,
this.Context.User.Identity.Name,
currentDateTime,
currentDateTime.AddHours(1),
false,
strPortalRoles);
// encrypt the ticket
string strRoles = FormsAuthentication.Encrypt(rolesTicket);
// ReSharper disable PossibleNullReferenceException
// send roles cookie to client
this.Context.Response.Cookies["portalroles"].Value = strRoles;
this.Context.Response.Cookies["portalroles"].Path = "/";
this.Context.Response.Cookies["portalroles"].Expires = currentDateTime.AddMinutes(1);
if (refreshCookies)
{
// if rsvp, update portalroles in context because it is being used later
this.Context.Request.Cookies["portalroles"].Value = strRoles;
}
}
if (this.Context.Request.Cookies["portalroles"] != null)
{
// get roles from roles cookie
if (this.Context.Request.Cookies["portalroles"].Value != string.Empty)
{
var roleTicket = FormsAuthentication.Decrypt(this.Context.Request.Cookies["portalroles"].Value);
// ReSharper restore PossibleNullReferenceException
if (roleTicket != null)
{
// get the role data and split it into portalid and a string array of role data
string rolesdata = roleTicket.UserData;
char[] separator = "!!".ToCharArray();
// need to use StringSplitOptions.None to preserve case where superuser has no roles
string[] rolesParts = rolesdata.Split(separator, StringSplitOptions.None);
// if cookie is for a different portal than current force a refresh of roles else used cookie cached version
if (Convert.ToInt32(rolesParts[0]) != portalSettings.PortalId)
{
cachedUser.Roles = roleController.GetRolesByUser(cachedUser.UserID, portalSettings.PortalId);
}
else
{
cachedUser.Roles = rolesParts[2].Split(';');
}
}
else
{
cachedUser.Roles = roleController.GetRolesByUser(cachedUser.UserID, portalSettings.PortalId);
}
// Clear RefreshRoles flag
if (cachedUser.RefreshRoles)
{
cachedUser.RefreshRoles = false;
UserController.UpdateUser(portalSettings.PortalId, cachedUser);
}
}
// save userinfo object in context
this.Context.Items.Add("UserInfo", cachedUser);
// load the personalization object
var personalizationController = new PersonalizationController();
personalizationController.LoadProfile(this.Context, cachedUser.UserID, cachedUser.PortalID);
// Localization.SetLanguage also updates the user profile, so this needs to go after the profile is loaded
Localization.SetLanguage(cachedUser.Profile.PreferredLocale);
}
}
if (HttpContext.Current.Items["UserInfo"] == null)
{
this.Context.Items.Add("UserInfo", new UserInfo());
}
}
public static void AuthenticateRequest(HttpContextBase context, bool allowUnknownExtensinons)
{
HttpRequestBase request = context.Request;
HttpResponseBase response = context.Response;
//First check if we are upgrading/installing
if (request == null || request.Url == null ||
request.Url.LocalPath.ToLower().EndsWith("install.aspx") ||
request.Url.LocalPath.ToLower().Contains("upgradewizard.aspx") ||
request.Url.LocalPath.ToLower().Contains("installwizard.aspx"))
{
return;
}
//exit if a request for a .net mapping that isn't a content page is made i.e. axd
if (allowUnknownExtensinons == false &&
request.Url.LocalPath.ToLower().EndsWith(".aspx") == false &&
request.Url.LocalPath.ToLower().EndsWith(".asmx") == false &&
request.Url.LocalPath.ToLower().EndsWith(".ashx") == false)
{
return;
}
//Obtain PortalSettings from Current Context
PortalSettings portalSettings = PortalController.GetCurrentPortalSettings();
bool isActiveDirectoryAuthHeaderPresent = false;
var auth = request.Headers.Get("Authorization");
if (!string.IsNullOrEmpty(auth))
{
if (auth.StartsWith("Negotiate"))
{
isActiveDirectoryAuthHeaderPresent = true;
}
}
if (request.IsAuthenticated && !isActiveDirectoryAuthHeaderPresent && portalSettings != null)
{
var roleController = new RoleController();
var user = UserController.GetCachedUser(portalSettings.PortalId, context.User.Identity.Name);
//if current login is from windows authentication, the ignore the process
if (user == null && context.User is WindowsPrincipal)
{
return;
}
//authenticate user and set last login ( this is necessary for users who have a permanent Auth cookie set )
if (user == null || user.IsDeleted || user.Membership.LockedOut ||
(!user.Membership.Approved && !user.IsInRole("Unverified Users")) ||
user.Username.ToLower() != context.User.Identity.Name.ToLower())
{
var portalSecurity = new PortalSecurity();
portalSecurity.SignOut();
//Remove user from cache
if (user != null)
{
DataCache.ClearUserCache(portalSettings.PortalId, context.User.Identity.Name);
}
//Redirect browser back to home page
response.Redirect(request.RawUrl, true);
return;
}
if (!user.IsSuperUser && user.IsInRole("Unverified Users") && !HttpContext.Current.Items.Contains(DotNetNuke.UI.Skins.Skin.OnInitMessage))
{
HttpContext.Current.Items.Add(DotNetNuke.UI.Skins.Skin.OnInitMessage, Localization.GetString("UnverifiedUser"));
}
if (!user.IsSuperUser && HttpContext.Current.Request.QueryString.AllKeys.Contains("VerificationSuccess") && !HttpContext.Current.Items.Contains(DotNetNuke.UI.Skins.Skin.OnInitMessage))
{
HttpContext.Current.Items.Add(DotNetNuke.UI.Skins.Skin.OnInitMessage, Localization.GetString("VerificationSuccess"));
HttpContext.Current.Items.Add(DotNetNuke.UI.Skins.Skin.OnInitMessageType, ModuleMessage.ModuleMessageType.GreenSuccess);
}
//if users LastActivityDate is outside of the UsersOnlineTimeWindow then record user activity
if (DateTime.Compare(user.Membership.LastActivityDate.AddMinutes(Host.UsersOnlineTimeWindow), DateTime.Now) < 0)
{
//update LastActivityDate and IP Address for user
user.Membership.LastActivityDate = DateTime.Now;
user.LastIPAddress = request.UserHostAddress;
UserController.UpdateUser(portalSettings.PortalId, user, false, false);
}
//check for RSVP code
if (request.QueryString["rsvp"] != null && !string.IsNullOrEmpty(request.QueryString["rsvp"]))
{
foreach (var role in TestableRoleController.Instance.GetRoles(portalSettings.PortalId, r => r.SecurityMode != SecurityMode.SocialGroup && r.Status == RoleStatus.Approved))
{
if (role.RSVPCode == request.QueryString["rsvp"])
{
roleController.UpdateUserRole(portalSettings.PortalId, user.UserID, role.RoleID);
}
}
}
//save userinfo object in context
context.Items.Add("UserInfo", user);
//Localization.SetLanguage also updates the user profile, so this needs to go after the profile is loaded
Localization.SetLanguage(user.Profile.PreferredLocale);
}
if (context.Items["UserInfo"] == null)
{
context.Items.Add("UserInfo", new UserInfo());
}
}
/// <summary>
/// Handles the BeginRequest event of the AppleseedApplication control.
/// </summary>
/// <param name="sender">
/// The source of the event.
/// </param>
/// <param name="e">
/// The <see cref="System.EventArgs"/> instance containing the event data.
/// </param>
protected void AppleseedApplication_BeginRequest(object sender, EventArgs e)
{
string rawUrlLower = Request.RawUrl.ToLower();
if (rawUrlLower != "/" && !rawUrlLower.Contains("/installer") && !rawUrlLower.Contains("/webresource.axd") && !File.Exists(Server.MapPath(rawUrlLower.Split('?')[0])))
{
Appleseed.Framework.Site.Data.PagesDB pagedb = new Framework.Site.Data.PagesDB();
string redirectToUrl = pagedb.GetDynamicPageUrl(rawUrlLower);
if (!string.IsNullOrEmpty(redirectToUrl))
{
Response.Redirect(redirectToUrl, true);
return;
}
}
//Appleseed.Framework.Site.Data.PagesDB pagedb = new Framework.Site.Data.PagesDB();
//string redirectToUrl = pagedb.GetDynamicPageUrl(Request.RawUrl);
//if (!string.IsNullOrEmpty(redirectToUrl))
//{
// Response.Redirect(redirectToUrl, true);
// return;
//}
string Addwww = System.Configuration.ConfigurationManager.AppSettings.Get("AddWwwToRequest");
if (Addwww != null && Addwww.Equals("true"))
{
if (!Request.IsSecureConnection)
{
if (!Request.Url.AbsoluteUri.ToLower().Contains("www"))
{
var newUrl = Request.Url.AbsoluteUri.Replace("http://", "http://www.");
Response.Redirect(newUrl, true);
}
}
}
/*Send a signal to allow custom js registration (not enabled yet)*/
Bus.Send(new JSRegisterDescriptor()
{
Scripts = new List <string>()
});
var contextReader = new Reader(new WebContextReader());
var context = contextReader.Current;
var currentUrl = context.Request.Path.ToLower();
if (Debugger.IsAttached && currentUrl.Contains("trace.axd"))
{
return;
}
context.Trace.Warn("Application_BeginRequest :: " + currentUrl);
if (Portal.PageID > 0)
{
var physicalPath = context.Server.MapPath(currentUrl.Substring(currentUrl.LastIndexOf("/") + 1));
if (!File.Exists(physicalPath))
{
// Rewrites the path
context.RewritePath("~/default.aspx?" + context.Request.ServerVariables["QUERY_STRING"]);
}
}
else
{
var pname = currentUrl.Substring(currentUrl.LastIndexOf("/") + 1);
// if the request was not caused by an MS Ajax Client script invoking a WS.
if (!currentUrl.ToLower().EndsWith(".asmx/js"))
{
if (!String.IsNullOrEmpty(pname) && pname.Length > 5)
{
pname = pname.Substring(0, pname.Length - 5);
}
if (Regex.IsMatch(pname, @"^\d+$"))
{
context.RewritePath(
string.Format(
"~/default.aspx?pageid={0}&{1}", pname, context.Request.ServerVariables["QUERY_STRING"]));
}
}
}
// 1st Check: is it a dangerously malformed request?
#region
// Important patch http://support.microsoft.com/?kbid=887459
if (context.Request.Path.IndexOf('\\') >= 0 ||
Path.GetFullPath(context.Request.PhysicalPath) != context.Request.PhysicalPath)
{
throw new AppleseedRedirect(LogLevel.Warn, HttpStatusCode.NotFound, "Malformed request", null);
}
#endregion
// 2nd Check: is the AllPortals Lock switched on?
// let the user through if client IP address is in LockExceptions list, otherwise throw...
#region
if (Config.LockAllPortals)
{
var rawUrl = context.Request.RawUrl.ToLower(CultureInfo.InvariantCulture);
var lockRedirect = Config.LockRedirect;
if (!rawUrl.EndsWith(lockRedirect))
{
// construct IPList
var lockKeyHolders = Config.LockKeyHolders.Split(new[] { ';' });
var ipList = new IPList();
foreach (var lockKeyHolder in lockKeyHolders)
{
if (lockKeyHolder.IndexOf("-") > -1)
{
ipList.AddRange(
lockKeyHolder.Substring(0, lockKeyHolder.IndexOf("-")),
lockKeyHolder.Substring(lockKeyHolder.IndexOf("-") + 1));
}
else
{
ipList.Add(lockKeyHolder);
}
}
// check if requestor's IP address is in allowed list
if (!ipList.CheckNumber(context.Request.UserHostAddress))
{
throw new PortalsLockedException();
}
}
}
#endregion
// 3rd Check: is database/code version correct?
var requestUri = context.Request.Url;
var requestPath = requestUri.AbsolutePath.ToLower(CultureInfo.InvariantCulture);
var returnToRequest = CheckAndUpdateDB(context, requestPath);
if (returnToRequest)
{
return;
}
// Get portalsettings and add both key "PortalSettings","PortalID" into the Context.Item if not exisit
// All neccessory checks and oprations are managed by this method
//[email protected] - 2014/12/16 - Get portalsettings by pageid and portal id
PortalSettings portalSettings = PortalSettings.GetPortalSettingsbyPageID(Portal.PageID, Portal.UniqueID);
Membership.Provider.ApplicationName = portalSettings.PortalAlias;
ProfileManager.Provider.ApplicationName = portalSettings.PortalAlias;
Roles.ApplicationName = portalSettings.PortalAlias;
var smartErrorRedirect = Config.SmartErrorRedirect;
if (smartErrorRedirect.StartsWith("~/"))
{
smartErrorRedirect = smartErrorRedirect.TrimStart(new[] { '~' });
}
if (requestPath.EndsWith(smartErrorRedirect.ToLower(CultureInfo.InvariantCulture)))
{
return; // this is SmartError page... so continue
}
// WLF: This was backwards before so it would always set refreshSite true because the cookie was changed before it was checked.
// WLF: REVIEW: This whole section needs a code review.
// Try to get alias from cookie to determine if alias has been changed
var refreshSite = false;
var portalAliasCookie = context.Request.Cookies["PortalAlias"];
if (portalAliasCookie != null && portalAliasCookie.Value.ToLower() != Portal.UniqueID)
{
refreshSite = true; // Portal has changed since last page request
}
if (portalSettings != null)
{
portalAliasCookie = new HttpCookie("PortalAlias")
{
Path = "/", Value = portalSettings.PortalAlias
};
if (context.Response.Cookies["PortalAlias"] == null)
{
context.Response.Cookies.Add(portalAliasCookie);
}
else
{
context.Response.Cookies.Set(portalAliasCookie);
}
}
// if switching portals then clean parameters [TipTopWeb]
// Must be the last instruction in this method
var refreshedCookie = context.Request.Cookies["refreshed"];
// 5/7/2006 Ed Daniel
// Added hack for Http 302 by extending condition below to check for more than 3 cookies
if (refreshSite && context.Request.Cookies.Keys.Count > 3)
{
// Sign out and force the browser to refresh only once to avoid any dead-lock
if (refreshedCookie == null || refreshedCookie.Value == "false")
{
var rawUrl = context.Request.RawUrl;
var newRefreshedCookie = new HttpCookie("refreshed", "true")
{
Path = "/",
Expires = DateTime.Now.AddMinutes(1)
};
if (refreshedCookie == null)
{
context.Response.Cookies.Add(newRefreshedCookie);
}
else
{
context.Response.Cookies.Set(newRefreshedCookie);
}
var msg =
string.Format(
"User logged out on global.asax line 423. Values -> refreshsite: {0}, context.Request.Cookies.Keys.count: {1}, rawurl: {2}",
refreshSite,
context.Request.Cookies.Keys.Count,
rawUrl);
ErrorHandler.Publish(
LogLevel.Warn,
msg);
// sign-out, if refreshed parameter on the command line we will not call it again
PortalSecurity.SignOut(rawUrl, false);
}
}
// invalidate cookie, so the page can be refreshed when needed
refreshedCookie = context.Request.Cookies["refreshed"];
if (refreshedCookie != null && context.Request.Cookies.Keys.Count > 3)
{
var newRefreshedCookie = new HttpCookie("refreshed", "false")
{
Path = "/",
Expires = DateTime.Now.AddMinutes(1)
};
context.Response.Cookies.Set(newRefreshedCookie);
}
// This is done in order to allow the sitemap to reference a page that is outside this website.
var targetPage = this.Request.Params["sitemapTargetPage"];
if (!string.IsNullOrEmpty(targetPage))
{
int mvcPageId;
if (int.TryParse(targetPage, out mvcPageId))
{
var url = HttpUrlBuilder.BuildUrl(mvcPageId);
this.Response.Redirect(url);
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
try
{
spnStatus.Visible = true;
lblMsg.Visible = false;
string secret_key = "ed70df7a017654499542ff0a5515812824b74142";
string data = "";
string txnId = Request["TxId"];
string txnStatus = Request["TxStatus"];
string amount = Request["amount"];
string pgTxnId = Request["pgTxnNo"];
string issuerRefNo = Request["issuerRefNo"];
string authIdCode = Request["authIdCode"];
string firstName = Request["firstName"];
string lastName = Request["lastName"];
string pgRespCode = Request["pgRespCode"];
string zipCode = Request["addressZip"];
string resSignature = Request["signature"];
bool flag = true;
if (txnId != null)
{
data += txnId;
}
if (txnStatus != null)
{
data += txnStatus;
}
if (amount != null)
{
data += amount;
}
if (pgTxnId != null)
{
data += pgTxnId;
}
if (issuerRefNo != null)
{
data += issuerRefNo;
}
if (authIdCode != null)
{
data += authIdCode;
}
if (firstName != null)
{
data += firstName;
}
if (lastName != null)
{
data += lastName;
}
if (pgRespCode != null)
{
data += pgRespCode;
}
if (zipCode != null)
{
data += zipCode;
}
System.Security.Cryptography.HMACSHA1 myhmacsha1 = new System.Security.Cryptography.HMACSHA1(Encoding.ASCII.GetBytes(secret_key));
System.IO.MemoryStream stream = new System.IO.MemoryStream(Encoding.ASCII.GetBytes(data));
string signature = BitConverter.ToString(myhmacsha1.ComputeHash(stream)).Replace("-", "").ToLower();
if (resSignature != null && !signature.Equals(resSignature))
{
flag = false;
}
if (flag == true)
{
//Response.Write("Thank You for using citrus payment Your Unique Transaction Status:" + Convert.ToString(txnStatus));
if (Session["Bed"] != null || Session["Surgery"] != null || Session["AppointmentDetail"] != null || Session["HealthCheck-upComprehensive"] != null || Session["OutstandingBillPayment"] != null || Session["permenantRegistration"] != null || Session["ConsultationAppointment"] != null)
{
DataAccessEntities sessionData = new DataAccessEntities();
if (Session["Bed"] != null)
{
sessionData = (DataAccessEntities)Session["Bed"];
}
else if (Session["Surgery"] != null)
{
sessionData = (DataAccessEntities)Session["Surgery"];
}
else if (Session["AppointmentDetail"] != null)
{
sessionData = (DataAccessEntities)Session["AppointmentDetail"];
}
else if (Session["HealthCheck-upComprehensive"] != null)
{
sessionData = (DataAccessEntities)Session["HealthCheck-upComprehensive"];
}
else if (Session["OutstandingBillPayment"] != null)
{
sessionData = (DataAccessEntities)Session["OutstandingBillPayment"];
}
else if (Session["permenantRegistration"] != null)
{
sessionData = (DataAccessEntities)Session["permenantRegistration"];
}
else if (Session["ConsultationAppointment"] != null)
{
sessionData = (DataAccessEntities)Session["ConsultationAppointment"];
}
//double Damount = Convert.ToDouble(amount);
sessionData.Tranrefid = Convert.ToString(issuerRefNo);
sessionData.Transtatus = Convert.ToString(txnStatus);
sessionData.Amount = Convert.ToInt32(Session["Amount"]);
sessionData.UserId = user.UserID;
lblUserName.Text = user.DisplayName;
lblMNo.Text = user.Username; //= Convert.ToString(user.UserID);
lblTxtnId.Text = sessionData.Transactionid = Convert.ToString(txnId);
lblPaidAgainst.Text = sessionData.FacilityName;
lblDateTime.Text = Convert.ToString(DateTime.Now.ToString("dd/MM/yyyy"));
lblAmount.Text = Convert.ToString(Session["Amount"]) + ".00 INR";
if (txnStatus != null)
{
PatIndex objDeposit = new PatIndex();
if (Session["Bed"] != null)
{
if (txnStatus == "CANCELED")
{
Session["Bed"] = null;
Response.Redirect("/Bed-Booking");
}
var detaisl = objPatIndex.SaveDeposit(lblTxtnId.Text, lblMNo.Text, Convert.ToDouble(Session["Amount"]), Convert.ToString(DateTime.Now.ToString("dd/MM/yyyy")), sessionData.FacilityName);
if (detaisl != null && !string.IsNullOrEmpty(detaisl.MRNO))
{
sessionData.JeevaStatus = detaisl.MRNO;
}
objBusinessLogic.SavePaymentBedSurgery(sessionData);
ServiceBookingSendEmail(user.DisplayName, user.Email, sessionData.FacilityName, sessionData.Category, lblDateTime.Text, Convert.ToString(Session["Amount"]) + ".00 INR", "BedBookingPayment");
Session["Bed"] = null;
}
else if (Session["Surgery"] != null)
{
if (txnStatus == "CANCELED")
{
Session["Surgery"] = null;
Response.Redirect("/surgery-booking");
}
var detaisl = objPatIndex.SaveDeposit(lblTxtnId.Text, lblMNo.Text, Convert.ToDouble(Session["Amount"]), Convert.ToString(DateTime.Now.ToString("dd/MM/yyyy")), sessionData.FacilityName);
if (detaisl != null && !string.IsNullOrEmpty(detaisl.MRNO))
{
sessionData.JeevaStatus = detaisl.MRNO;
}
objBusinessLogic.SavePaymentBedSurgery(sessionData);
ServiceBookingSendEmail(user.DisplayName, user.Email, sessionData.FacilityName, sessionData.Category, lblDateTime.Text, Convert.ToString(Session["Amount"]) + ".00 INR", "SurgeryBookingPayment");
Session["Surgery"] = null;
}
else if (Session["HealthCheck-upComprehensive"] != null)
{
if (txnStatus == "CANCELED")
{
Session["HealthCheck-upComprehensive"] = null;
Response.Redirect("/health-check-up-comprehensive");
}
var detaisl = objPatIndex.SaveDeposit(lblTxtnId.Text, lblMNo.Text, Convert.ToDouble(Session["Amount"]), Convert.ToString(DateTime.Now.ToString("dd/MM/yyyy")), sessionData.FacilityName);
if (detaisl != null && !string.IsNullOrEmpty(detaisl.MRNO))
{
sessionData.JeevaStatus = detaisl.MRNO;
}
objBusinessLogic.SavePaymentBedSurgery(sessionData);
string _categoryName = sessionData.Category;
if (_categoryName == "Male" || _categoryName == "Female")
{
_categoryName = "Package B (" + sessionData.Category + ")";
}
ServiceBookingSendEmail(user.DisplayName, user.Email, sessionData.FacilityName, _categoryName, lblDateTime.Text, Convert.ToString(Session["Amount"]) + ".00 INR", "HealthCheckPayment");
Session["HealthCheck-upComprehensive"] = null;
}
else if (Session["OutstandingBillPayment"] != null)
{
if (txnStatus == "CANCELED")
{
Session["OutstandingBillPayment"] = null;
Response.Redirect("/outstandingbillpayment");
}
var detaisl = objPatIndex.SaveDeposit(lblTxtnId.Text, lblMNo.Text, Convert.ToDouble(Session["Amount"]), Convert.ToString(DateTime.Now.ToString("dd/MM/yyyy")), sessionData.FacilityName);
if (detaisl != null && !string.IsNullOrEmpty(detaisl.MRNO))
{
sessionData.JeevaStatus = detaisl.MRNO;
}
objBusinessLogic.SavePaymentBedSurgery(sessionData);
OutStandingSendEmail(sessionData.FacilityName, Convert.ToString(Session["Amount"]) + ".00 INR", "OutstandingPayment");
Session["OutstandingBillPayment"] = null;
}
else if (Session["permenantRegistration"] != null)
{
if (txnStatus == "CANCELED")
{
Session["permenantRegistration"] = null;
Response.Redirect("/");
}
Session["permenantRegistration"] = null;
lblMsg.Visible = true;
string Gender = user.Profile.GetPropertyValue("Gender");
if (Gender == "Male")
{
Gender = "M";
}
else
{
Gender = "F";
}
string Age = user.Profile.GetPropertyValue("Age");
string Address = user.Profile.GetPropertyValue("Address");
string PhoneNumber = user.Profile.GetPropertyValue("PhoneNumber");
string[] X = PhoneNumber.Split('-');
PhoneNumber = X[1];
string Username;
string Fname;
string Lname;
string Email;
if (user.Username.Length > 20)
{
Username = user.Username.Substring(0, 20);
}
else
{
Username = user.Username;
}
if (user.FirstName.Length > 30)
{
Fname = user.FirstName.Substring(0, 30);
}
else
{
Fname = user.FirstName;
}
if (user.LastName.Length > 30)
{
Lname = user.LastName.Substring(0, 30);
}
else
{
Lname = user.LastName;
}
if (user.Email.Length > 50)
{
Email = user.Email.Substring(0, 50);
}
else
{
Email = user.Email;
}
if (Address.Length > 30)
{
Address = Address.Substring(0, 30);
}
if (PhoneNumber.Length > 12)
{
PhoneNumber = PhoneNumber.Substring(0, 12);
}
var PatientDetails = objPatIndex.UpdateorInsertPatient(user.Username, user.FirstName, user.LastName, Gender, Age, "01/01/2000", Address, Address, Address, PhoneNumber, Email);
if (!string.IsNullOrEmpty(PatientDetails.WEBPWD))
{
DataSet ds = objBusinessLogic.IsExistMRNumber(PatientDetails.MRNO);
if (ds.Tables[0].Rows.Count > 0)
{
Clear();
lblMsg.ForeColor = System.Drawing.ColorTranslator.FromHtml("#FF0000");
lblMsg.Text = "You Are Allready Registered As A permanent User!";
}
else
{
bool IsUserExist = objBusinessLogic.IsUserExist(PatientDetails.MRNO);
if (!IsUserExist)
{
if (PatientDetails.PatSex == "M")
{
PatientDetails.PatSex = "Male";
}
else
{
PatientDetails.PatSex = "Female";
}
DataSet dsVal = InsertUpdateUserDetails(PatientDetails.MRNO, PatientDetails.PatFName, PatientDetails.PatLName, PatientDetails.PatEmail, PatientDetails.WEBPWD, PatientDetails.PatMobile, PatientDetails.PatSex, PatientDetails.PatAddr1, PatientDetails.PatAge);
lblMNo.Text = PatientDetails.MRNO;
var detaisl = objPatIndex.SaveDeposit(lblTxtnId.Text, lblMNo.Text, Convert.ToDouble(Session["Amount"]), Convert.ToString(DateTime.Now.ToString("dd/MM/yyyy")), sessionData.FacilityName);
if (detaisl != null && !string.IsNullOrEmpty(detaisl.MRNO))
{
sessionData.JeevaStatus = detaisl.MRNO;
}
objBusinessLogic.SavePaymentBedSurgery(sessionData);
if (dsVal.Tables[0].Rows.Count > 0)
{
// SendMail & MSG
try
{
PermanentUserSendEmail(PatientDetails.PatFName, PatientDetails.PatEmail, PatientDetails.MRNO, PatientDetails.WEBPWD, PhoneNumber, "PermanentRegistration");
lblMsg.Text = "You are now the permanent user! Please login with your MR Number that has been sent to your registered mobile number";
lblMsg.ForeColor = System.Drawing.ColorTranslator.FromHtml("#008000");
}
catch (Exception ex)
{
lblMsg.ForeColor = System.Drawing.ColorTranslator.FromHtml("#FF0000");
lblMsg.Text = "SMS Service is stoped Due to technical problem!";
}
UserController.DeleteUser(ref user, false, false);
UserController.RemoveUser(user);
if (user.UserID != -1)
{
secure.SignOut();
}
}
}
else
{
Clear();
lblMsg.ForeColor = System.Drawing.ColorTranslator.FromHtml("#FF0000");
lblMsg.Text = "UserName allready exist!";
}
}
}
else
{
Clear();
lblMsg.ForeColor = System.Drawing.ColorTranslator.FromHtml("#FF0000");
lblMsg.Text = "You are already register as a permanent user, Please login with MR Number";
}
}
else if (Session["ConsultationAppointment"] != null || Session["AppointmentDetail"] != null)
{
if (txnStatus == "CANCELED")
{
Session["ConsultationAppointment"] = null;
Session["AppointmentDetail"] = null;
Response.Redirect("/");
}
sessionData.FacilityName = "Appointment";
var detaisl = objPatIndex.SaveDeposit(lblTxtnId.Text, lblMNo.Text, Convert.ToDouble(Session["Amount"]), Convert.ToString(DateTime.Now.ToString("dd/MM/yyyy")), sessionData.FacilityName);
if (detaisl != null && !string.IsNullOrEmpty(detaisl.MRNO))
{
sessionData.JeevaStatus = detaisl.MRNO;
}
sessionData.FacilityName = "Consultation Appointment";
objBusinessLogic.SavePaymentBookAppointment(sessionData);
AppointmentSendEmail(Convert.ToString(sessionData.PhoneNo), Convert.ToString(sessionData.MobileNo), Convert.ToString(sessionData.Location), Convert.ToString(sessionData.Address), Convert.ToString(sessionData.TimeDate), Convert.ToString(Session["Amount"]) + ".00 INR", Convert.ToString(sessionData.Description), sessionData.dName, "ConsultationAppointment");
Session["ConsultationAppointment"] = null;
Session["AppointmentDetail"] = null;
}
}
else
{
plcDivSucces.Visible = false;
plcDivError.Visible = true;
spnStatus.Attributes["Class"] = "highlight";
spnStatus.InnerText = "Payment Fail !";
}
Session["Amount"] = null;
}
else
{
plcDivSucces.Visible = false;
plcDivError.Visible = true;
spnStatus.Attributes["Class"] = "highlight";
spnStatus.InnerText = "Payment Fail !";
}
}
else
{
Response.Write("Citrus Response Signature and Our (Merchant)Signature Mis - Match");
}
}
catch (Exception ex)
{
Response.Write(ex.ToString());
}
}
public void OnAuthenticateRequest(object s, EventArgs e)
{
HttpContext Context = ((HttpApplication)s).Context;
HttpRequest Request = Context.Request;
HttpResponse Response = Context.Response;
//First check if we are upgrading/installing
if (Request.Url.LocalPath.EndsWith("Install.aspx"))
{
return;
}
//exit if a request for a .net mapping that isn't a content page is made i.e. axd
if (Request.Url.LocalPath.ToLower().EndsWith(".aspx") == false && Request.Url.LocalPath.ToLower().EndsWith(".asmx") == false)
{
return;
}
// Obtain PortalSettings from Current Context
PortalSettings portalSettings = PortalController.GetCurrentPortalSettings();
if (Request.IsAuthenticated && portalSettings != null)
{
RoleController objRoleController = new RoleController();
UserInfo objUser = UserController.GetCachedUser(portalSettings.PortalId, Context.User.Identity.Name);
if (!Convert.ToBoolean(Request.Cookies["portalaliasid"] == null))
{
FormsAuthenticationTicket PortalCookie = FormsAuthentication.Decrypt(Context.Request.Cookies["portalaliasid"].Value);
// check if user has switched portals
if (portalSettings.PortalAlias.PortalAliasID != int.Parse(PortalCookie.UserData))
{
// expire cookies if portal has changed
Response.Cookies["portalaliasid"].Value = null;
Response.Cookies["portalaliasid"].Path = "/";
Response.Cookies["portalaliasid"].Expires = DateTime.Now.AddYears(-30);
Response.Cookies["portalroles"].Value = null;
Response.Cookies["portalroles"].Path = "/";
Response.Cookies["portalroles"].Expires = DateTime.Now.AddYears(-30);
}
}
// authenticate user and set last login ( this is necessary for users who have a permanent Auth cookie set )
if (objUser == null || objUser.Membership.LockedOut || objUser.Membership.Approved == false)
{
PortalSecurity objPortalSecurity = new PortalSecurity();
objPortalSecurity.SignOut();
// Redirect browser back to home page
Response.Redirect(Request.RawUrl, true);
return;
}
else // valid Auth cookie
{
// create cookies if they do not exist yet for this session.
if (Request.Cookies["portalroles"] == null)
{
// keep cookies in sync
DateTime CurrentDateTime = DateTime.Now;
// create a cookie authentication ticket ( version, user name, issue time, expires every hour, don't persist cookie, roles )
FormsAuthenticationTicket PortalTicket = new FormsAuthenticationTicket(1, objUser.Username, CurrentDateTime, CurrentDateTime.AddHours(1), false, portalSettings.PortalAlias.PortalAliasID.ToString());
// encrypt the ticket
string strPortalAliasID = FormsAuthentication.Encrypt(PortalTicket);
// send portal cookie to client
Response.Cookies["portalaliasid"].Value = strPortalAliasID;
Response.Cookies["portalaliasid"].Path = "/";
Response.Cookies["portalaliasid"].Expires = CurrentDateTime.AddMinutes(1);
// get roles from UserRoles table
string[] arrPortalRoles = objRoleController.GetRolesByUser(objUser.UserID, portalSettings.PortalId);
// create a string to persist the roles
string strPortalRoles = String.Join(";", arrPortalRoles);
// create a cookie authentication ticket ( version, user name, issue time, expires every hour, don't persist cookie, roles )
FormsAuthenticationTicket rolesTicket = new FormsAuthenticationTicket(1, objUser.Username, CurrentDateTime, CurrentDateTime.AddHours(1), false, strPortalRoles);
// encrypt the ticket
string strRoles = FormsAuthentication.Encrypt(rolesTicket);
// send roles cookie to client
Response.Cookies["portalroles"].Value = strRoles;
Response.Cookies["portalroles"].Path = "/";
Response.Cookies["portalroles"].Expires = CurrentDateTime.AddMinutes(1);
}
if (Request.Cookies["portalroles"] != null)
{
// get roles from roles cookie
if (!String.IsNullOrEmpty(Request.Cookies["portalroles"].Value))
{
FormsAuthenticationTicket RoleTicket = FormsAuthentication.Decrypt(Context.Request.Cookies["portalroles"].Value);
// convert the string representation of the role data into a string array
// and store it in the Roles Property of the User
objUser.Roles = RoleTicket.UserData.Split(';');
}
Context.Items.Add("UserInfo", objUser);
Localization.SetLanguage(objUser.Profile.PreferredLocale);
}
}
}
if (HttpContext.Current.Items["UserInfo"] == null)
{
Context.Items.Add("UserInfo", new UserInfo());
}
}
private void Page_Load(object sender, System.EventArgs e)
{
// Signout
PortalSecurity.SignOut();
}
protected void Page_Load(object sender, EventArgs e)
{
try
{
DotNetNuke.Framework.ServicesFramework.Instance.RequestAjaxAntiForgerySupport();
DotNetNuke.Framework.ServicesFramework.Instance.RequestAjaxScriptSupport();
if (Request["iu"] != null)
{
if (Request["iu"].ToString() != "")
{
// impersoniamo un caro utonto
int uid = int.Parse(Request["iu"].ToString());
//UserInfo MyUserInfo = UserController.GetUser(this.PortalId, uid, true);
UserInfo MyUserInfo = UserController.GetUserById(this.PortalId, uid);
if ((MyUserInfo != null))
{
//Remove user from cache
if (Page.User != null)
{
DotNetNuke.Common.Utilities.DataCache.ClearUserCache(this.PortalSettings.PortalId, Context.User.Identity.Name);
}
// sign current user out
PortalSecurity objPortalSecurity = new PortalSecurity();
objPortalSecurity.SignOut();
// sign new user in
UserController.UserLogin(PortalId, MyUserInfo, PortalSettings.PortalName, Request.UserHostAddress, false);
// redirect to the base url
if (HttpContext.Current.Request.IsSecureConnection)
{
Response.Redirect("https://" + PortalSettings.PortalAlias.HTTPAlias, true);
}
else
{
Response.Redirect("http://" + PortalSettings.PortalAlias.HTTPAlias, true);
}
}
}
}
//Module is not usuable by unauthenticated users
if (UserInfo.UserID <= 0)
{
this.panel_unregistereduser.Visible = true;
this.panel_normal.Visible = false;
return;
}
if (this.IsPostBack == false)
{
if (Session["UManage_StopAutoLauncher"] == null)
{
LaunchModule();
}
}
}
catch (Exception exc) //Module failed to load
{
Exceptions.ProcessModuleLoadException(this, exc);
}
}
