public ActionResult SelectionSetting(string level_1_id /*selection_id*/, string board_list) { if (!Util.IsAjaxRequest(Request)) { Util.ThrowBadRequestException("Not ajax post."); } if (!ReCaptcha.Validate()) { Util.ThrowBadRequestException("驗證碼不正確。"); } int cnt = SandId.CountBoardList(board_list); if (cnt == -1) { Util.ThrowBadRequestException("留言板ID格式不正確。"); } else if (cnt == 0) { Util.ThrowBadRequestException("未包含任何留言板ID。"); } else if (cnt > HeartsConfiguration.MAX_NUM_OF_BOARDS_IN_A_SELECTION) { Util.ThrowBadRequestException("留言板數量超過" + HeartsConfiguration.MAX_NUM_OF_BOARDS_IN_A_SELECTION + "個。"); } SelectionInfoStore.SetSelectionSetting(level_1_id, board_list); return(Json(new { ok = true })); }
public ActionResult AjaxRegister(RegisterModel model) { if (!Util.IsAjaxRequest(Request)) { Util.ThrowBadRequestException("Not ajax post."); } // bool is_lau = model.UserName[0] == '_'; bool is_lau = SandId.IsLau(model.UserName); if (!is_lau) { object ret_obj = Warehouse.RateLimiter.Validate(CarryType.Register); if (ret_obj != null) { return(Json(ret_obj)); } } string check_name = is_lau ? model.UserName.Substring(1) : model.UserName; if (!Util.WithinCharSetUserName(check_name)) { Util.ThrowBadRequestException("使用者名稱含有不合法的字元。"); } if (ModelState.IsValid) { try { WebSecurity.CreateUserAndAccount(model.UserName, model.Password); WebSecurity.Login(model.UserName, model.Password); int user_id = WebSecurity.GetUserId(model.UserName); onLogin(model.UserName, model.m_id, user_id); Trace.TraceInformation("註冊成功。UserName={0}, m_id={1}.", model.UserName, model.m_id); } catch (MembershipCreateUserException e) { ModelState.AddModelError("", ErrorCodeToString(e.StatusCode)); Trace.TraceWarning("註冊失敗。UserName={0}, m_id={1}.", model.UserName, model.m_id); // Util.ThrowBadRequestException("Ajax register failed. " + Util.ValidationSummary(ModelState)); return(new ErrorResult("Ajax register failed. " + Util.ValidationSummary(ModelState))); } } else { Util.ThrowBadRequestException("Ajax register failed. " + Util.ValidationSummary(ModelState)); } return(Json(new { ok = true })); }
public ActionResult ControlLetter(string board_id, string discussion_id, string letter_id, string delta_flags, string reason) { if (!Util.IsAjaxRequest(Request)) { Util.ThrowBadRequestException("Not ajax post."); } object ret_obj = Warehouse.RateLimiter.Validate(CarryType.ControlLetter); if (ret_obj != null) { return(Json(ret_obj)); } checkControlFlags(delta_flags, letter_id == SandId.HEADING_LETTER_ID); if (reason.Length > 500 * HeartsConfiguration.LENGTH_CHECK_MARGIN /*counting into foreword*/) { Util.ThrowBadRequestException("理由長度過長。"); } ControlHistory mh = DiscussionLoadStore.ControlLetter(board_id, discussion_id, letter_id, delta_flags); if (letter_id == SandId.HEADING_LETTER_ID) { delta_flags = SandFlags.Remove(delta_flags, SandFlags.MT_REPORT); DiscussionListStore.OperateFlags(board_id, discussion_id, new FlagMergeOperation(delta_flags)); } if (mh.ReportCount != 0) { DiscussionListStore.OperateFlags(board_id, discussion_id, new FlagOperation { type = FlagOperation.Type.Add, MetaTitle = SandFlags.MT_REPORT, N = mh.ReportCount }); } int id_num = SandId.ExtractIdNumber(letter_id); string remark_delta_flags = SandFlags.Add(string.Empty, SandFlags.MT_REPLY_TO, id_num); string remark_letter_id = DiscussionLoadStore.CreateLetter(board_id, discussion_id, null, reason, Subtype.d, remark_delta_flags, null); // while deleting/undeleting discussion, the remark_delta_flags is ,r0, and will be removed. return(Json(new { ok = true })); }
public ActionResult AjaxLogin(LoginModel model) { if (!Util.IsAjaxRequest(Request)) { Util.ThrowBadRequestException("Not ajax post."); } // bool is_lau = model.UserName[0] == '_'; bool is_lau = SandId.IsLau(model.UserName); if (!is_lau) { object ret_obj = Warehouse.RateLimiter.Validate(CarryType.Login); if (ret_obj != null) { return(Json(ret_obj)); } } if (!ModelState.IsValid) { Trace.TraceWarning("登入失敗。UserName={0}, m_id={1}.", model.UserName, model.m_id); Util.ThrowBadRequestException("Ajax login failed. " + Util.ValidationSummary(ModelState)); } else if (WebSecurity.Login(model.UserName, model.Password, persistCookie: model.RememberMe)) { int user_id = WebSecurity.GetUserId(model.UserName); onLogin(model.UserName, model.m_id, user_id); Trace.TraceInformation("登入成功。UserName={0}, m_id={1}.", model.UserName, model.m_id); } else { Trace.TraceWarning("登入失敗。UserName={0}, m_id={1}.", model.UserName, model.m_id); Util.ThrowBadRequestException("所提供的使用者名稱或密碼不正確。"); } return(Json(new { ok = true })); }
public ActionResult BoardSetting(string level_1_id /*board_id*/, string board_name, string group_id, string add_users, string remove_users, string delta_flags) { if (!Util.IsAjaxRequest(Request)) { Util.ThrowBadRequestException("Not ajax post."); } if (!ReCaptcha.Validate()) { Util.ThrowBadRequestException("驗證碼不正確。"); } if (board_name != null) { if (!GroupStore.IsChairOwner(level_1_id)) { Util.ThrowUnauthorizedException("只有板主可以變更板名。"); } checkBoardName(board_name); BoardInfoStore.SetBoardSetting(level_1_id, board_name + '板'); } else if (delta_flags != null) { if (GroupStore.HasChairOwner(level_1_id) && !GroupStore.IsChairOwner(level_1_id) && !GroupStore.IsSiteOwner()) { Util.ThrowUnauthorizedException("只有板主可以變更留言板設定。"); } checkFlags(delta_flags, null, SandFlags.MT_LOW_KEY + SandFlags.MTV_SEPARATOR + "0", SandFlags.MT_LOW_KEY + SandFlags.MTV_SEPARATOR + "1"); BoardInfoStore.SetBoardFlags(level_1_id, delta_flags); } else if (group_id != null && add_users != null && remove_users != null) { if (GroupStore.HasChairOwner(level_1_id) && !GroupStore.IsChairOwner(level_1_id)) { Util.ThrowUnauthorizedException("只有板主可以變更板主、副板主、或內部群組列表。"); } if (group_id != GroupStore.ChairOwnerGroupName && group_id != GroupStore.ViceOwnerGroupName && group_id != GroupStore.InsiderGroupName) { Util.ThrowBadRequestException("群組ID格式不正確。"); } int add_cnt = SandId.CountUserNameList(add_users); int remove_cnt = SandId.CountUserNameList(remove_users); if (!Warehouse.BsMapPond.Get().IsValidBoardId(level_1_id)) { Util.ThrowBadRequestException("Invalid board ID."); } GroupStore.UpdateGroup(level_1_id, group_id, add_users, remove_users); } return(Json(new { ok = true })); }