Esempio n. 1
0
        private void LoadSettings()
        {
            subscriptionGuid = WebUtils.ParseGuidFromQueryString("s", subscriptionGuid);
            if (subscriptionGuid != Guid.Empty)
            {
                subscription = subscriptions.Fetch(subscriptionGuid);
                if ((subscription != null) && (subscription.SiteGuid == siteSettings.SiteGuid))
                {
                    subscriptions.Verify(subscription.SubscribeGuid, true, Guid.Empty);
                    if (subscription.UserGuid == Guid.Empty)
                    {
                        SiteUser user = SiteUser.GetByEmail(siteSettings, subscription.EmailAddress);
                        if (user != null)
                        {
                            subscription.UserGuid = user.UserGuid;
                            subscriptions.Save(subscription);
                        }
                    }

                    LetterInfo.UpdateSubscriberCount(subscription.LetterInfoGuid);
                }
                else
                {
                    subscription = null;
                }
            }
        }
Esempio n. 2
0
 private void Btnlogin_Click(object sender, EventArgs e)
 {
     user = SiteUser.GetByEmail(siteSettings, txtEmail.Text);
     if (user == null)
     {
         message.ErrorMessage = "Email does not exist";
         return;
     }
     else
     {
         user.PasswordResetGuid = Guid.NewGuid();
         user.Save();
         string url  = SiteRoot + "/change-new-password?userid=" + user.UserGuid + "&tokenid=" + user.PasswordResetGuid;
         string link = "<div style='background-color: #3572b0;'><a href=" + url + " target='_blank' style='color:#ffffff;/* text-decoration:none; */font-weight:bold;' >Reset Pasword</a></div>";
         if (sendmail(link, user.Email))
         {
             formreset2.Visible  = true;
             spanemail.InnerText = user.Email;
             formreset.Visible   = false;
         }
         else
         {
             message.ErrorMessage = "The system failed to send email please try again";
             return;
         }
     }
 }
        private void UnsubscribeUserFromAll(string userEmail)
        {
            if (string.IsNullOrEmpty(userEmail))
            {
                return;
            }
            if (!Email.IsValidEmailAddressSyntax(userEmail))
            {
                return;
            }


            SiteUser user = SiteUser.GetByEmail(siteSettings, userEmail);

            if (user == null)
            {
                return;
            }
            if (user.UserGuid == Guid.Empty)
            {
                return;
            }

            ForumThread.UnsubscribeAll(user.UserId);
            Forum.UnsubscribeAll(user.UserId);

            lblUnsubscribe.Text = Resources.ForumResources.AdminUnsubscribeUserComplete;
        }
Esempio n. 4
0
        bool LoginAuthor()
        {
            if (!SiteUser.EmailExistsInDB(siteSettings.SiteId, txtEmail.Text))
            {
                message.Message = "Email Don't Exists";
                return(false);
            }
            else
            {
                string result = SiteUser.Login(siteSettings, txtEmail.Text, txtPass.Text);
                if (result != "")
                {
                    try
                    {
                        SiteUser temp        = SiteUser.GetByEmail(siteSettings, txtEmail.Text);
                        KLAuthor authorlogin = KLAuthor.GetKLAuthorByUserID(temp.UserId);
                        if (authorlogin.IsActive != false)
                        {
                            GeneralVariables.NameAuthor = temp.Name;
                            GeneralVariables.Level      = authorlogin.LevelAuthor;
                            if (temp.Email != "")
                            {
                                if ((siteSettings.UseEmailForLogin))
                                {
                                    FormsAuthentication.SetAuthCookie(temp.Email, false);
                                    SiteUtils.CreateAndStoreSessionToken(temp);
                                }
                            }
                            else
                            {
                                if ((!siteSettings.UseEmailForLogin))
                                {
                                    FormsAuthentication.SetAuthCookie(temp.LoginName, false);

                                    SiteUtils.CreateAndStoreSessionToken(temp);
                                }
                            }

                            return(true);
                        }
                        else
                        {
                            message.Message = "This Account not yet approved";
                        }
                    }
                    catch (Exception ex)
                    {
                        log.Error(ex.Message);
                    }
                }
                else
                {
                    message.Message = "Password Wrong";
                }
            }

            return(false);
        }
Esempio n. 5
0
 void checkpass()
 {
     if (SiteUser.GetByEmail(siteSettings, txtEmail.Text.Trim()) == null)
     {
         if (txtPass2.Text == txtPass.Text)
         {
             comfim        = true;
             lbcomfim.Text = "";
         }
         else
         {
             lbcomfim.Text = "Passwords must be the same";
         }
     }
     else
     {
         lbemail.Text = "Email already exists";
     }
 }
Esempio n. 6
0
        /// <summary>
        /// Determine if default admin account and password are in use
        /// </summary>
        /// <returns>(userExists, passwordIsDefault)</returns>
        public (bool userExists, bool passwordIsDefault) DefaultAdmin()
        {
            var defaultEmail     = "*****@*****.**";
            var defaultPassword  = "******";
            var encodedPassword  = string.Empty;
            var defaultAdminUser = SiteUser.GetByEmail(CacheHelper.GetCurrentSiteSettings(), defaultEmail);

            if (defaultAdminUser == null)
            {
                return(false, false);
            }

            if (Membership.Provider is mojoMembershipProvider membershipProvider)
            {
                encodedPassword = membershipProvider.EncodePassword(defaultAdminUser.PasswordSalt + defaultPassword, MembershipPasswordFormat.Encrypted);
            }

            return(true, defaultAdminUser.Password == defaultPassword || defaultAdminUser.Password == encodedPassword);
        }
Esempio n. 7
0
 private void LoadSettings()
 {
     currentUser  = SiteUtils.GetCurrentSiteUser();
     newsID       = WebUtils.ParseInt32FromQueryString("newsID", newsID);
     siteSettings = CacheHelper.GetCurrentSiteSettings();
     timeOffset   = SiteUtils.GetUserTimeOffset();
     timeZone     = SiteUtils.GetUserTimeZone();
     if (currentUser == null)
     {
         imgAvatar.ImageUrl = "/Data/Sites/1/Author/Authordefault.png";
         currentUser        = SiteUser.GetByEmail(siteSettings, "*****@*****.**");
     }
     else
     {
         author             = KLAuthor.GetKLAuthorByUserID(currentUser.UserId);
         imgAvatar.ImageUrl = AuthorHepper.MediaFolderPath(1, author.UserID) + author.Avatar;
         txtEmail.Text      = currentUser.Email;
         txtFullName.Text   = currentUser.Name;
     }
     news = new KLNews(newsID, 0);
 }
Esempio n. 8
0
        private void ProcessToken()
        {
            OpenIdRpxHelper   rpxHelper = new OpenIdRpxHelper(rpxApiKey, rpxBaseUrl);
            OpenIdRpxAuthInfo authInfo  = rpxHelper.AuthInfo(authToken, tokenUrl);

            if ((authInfo == null) || (!authInfo.IsValid))
            {
                log.Debug($"openid-debug: authInfo is null or authInfo.IsValid='false' ");

                Response.Redirect(SiteRoot + "/Secure/Login.aspx");
                return;
            }

            if (Request.IsAuthenticated)
            {
                log.Debug($"openid-debug: authInfo is valid and user exists, authenticated ");
                HandleAuthenticatedUser(rpxHelper, authInfo);
                return;
            }

            Guid     userGuid = Guid.Empty;
            SiteUser user     = null;

            //first find a site user by email
            // this allows associating the openid user with an existing user.
            if ((authInfo.Email.Length > 0))
            {
                log.Debug($"openid-debug: found user by email ");

                user = SiteUser.GetByEmail(siteSettings, authInfo.Email);
            }

            if (authInfo.PrimaryKey.Length == 36)
            {
                try
                {
                    userGuid = new Guid(authInfo.PrimaryKey);
                }
                catch (FormatException) { }
                catch (OverflowException) { }
            }

            if ((user == null) && (userGuid == Guid.Empty))
            {
                userGuid = SiteUser.GetUserGuidFromOpenId(
                    siteSettings.SiteId,
                    authInfo.Identifier);
            }

            if ((user == null) && (userGuid != Guid.Empty))
            {
                user = new SiteUser(siteSettings, userGuid);
                if (WebConfigSettings.UseRelatedSiteMode)
                {
                    if (user.UserId == -1)
                    {
                        user = null;
                        log.Debug($"openid-debug: user not found ");
                    }
                }
                else if (user.SiteGuid != siteSettings.SiteGuid)
                {
                    user = null;
                    log.Debug($"openid-debug: user not connected to this site ({siteSettings.SiteId.ToString()}) ");
                }
            }

            if (user == null)
            {
                // not an existing user
                if (siteSettings.AllowNewRegistration)
                {
                    HandleNewUser(rpxHelper, authInfo);
                }
                else
                {
                    log.Debug($"openid-debug: user not found, AllowNewRegistrations='false' ");
                    WebUtils.SetupRedirect(this, SiteRoot);
                    return;
                }
            }
            else
            {
                log.Debug($"openid-debug: user found ({user.LoweredEmail}, {user.UserId.ToString()}) ");

                bool needToSave = false;
                if ((siteSettings.UseSecureRegistration) && (user.RegisterConfirmGuid != Guid.Empty))
                {
                    if (authInfo.VerifiedEmail.Length > 0)
                    {
                        user.SetRegistrationConfirmationGuid(Guid.Empty);
                        user.Email = authInfo.VerifiedEmail;
                        needToSave = true;
                    }
                }

                if (user.OpenIdUri.Length == 0)
                {
                    user.OpenIdUri = authInfo.Identifier;
                    needToSave     = true;
                }

                if (needToSave)
                {
                    user.Save();
                }

                if (WebConfigSettings.OpenIdRpxUseMappings)
                {
                    if ((authInfo.PrimaryKey.Length == 0) || (authInfo.PrimaryKey != user.UserGuid.ToString()))
                    {
                        rpxHelper.Map(authInfo.Identifier, user.UserGuid.ToString());
                    }
                }


                SignInUser(user, false);
            }
        }
Esempio n. 9
0
        private void DoSubscribe(LetterInfo letter, string email)
        {
            if (email == "*****@*****.**")
            {
                return;
            }                                           //I've been seeing a lot of this from a bot

            LetterSubscriber s = subscriptions.Fetch(siteSettings.SiteGuid, letter.LetterInfoGuid, email);

            bool needToSendVerification = false;

            if (s == null)
            {
                s                = new LetterSubscriber();
                s.SiteGuid       = siteSettings.SiteGuid;
                s.EmailAddress   = email;
                s.LetterInfoGuid = letter.LetterInfoGuid;
                if (showFormatOptions)
                {
                    s.UseHtml = rbHtmlFormat.Checked;
                }
                else
                {
                    s.UseHtml = htmlIsDefault;
                }

                if ((currentUser != null) && (string.Equals(currentUser.Email, email, StringComparison.InvariantCultureIgnoreCase)))
                {
                    s.UserGuid   = currentUser.UserGuid;
                    s.IsVerified = true;
                }
                else
                {
                    // user is not authenticated but may still exist
                    // attach userguid but don't flag as verified
                    // because we don't know that the user who submited the form is the account owner
                    SiteUser siteUser = SiteUser.GetByEmail(siteSettings, email);
                    if (siteUser != null)
                    {
                        s.UserGuid = siteUser.UserGuid;
                    }
                }
                s.IpAddress = SiteUtils.GetIP4Address();
                subscriptions.Save(s);

                LetterInfo.UpdateSubscriberCount(s.LetterInfoGuid);

                if (WebConfigSettings.LogNewsletterSubscriptions)
                {
                    log.Info(s.EmailAddress + " just subscribed to newsletter " + letter.Title);
                }


                if (!s.IsVerified)
                {
                    needToSendVerification = true;
                }
            }
            else
            {
                // we found an existing subscription

                if (!s.IsVerified)
                {
                    // if the current authenticated user has the same email mark it as verified
                    if ((currentUser != null) && (string.Equals(currentUser.Email, email, StringComparison.InvariantCultureIgnoreCase)))
                    {
                        s.UserGuid = currentUser.UserGuid;
                        if (showFormatOptions)
                        {
                            s.UseHtml = rbHtmlFormat.Checked;
                        }
                        subscriptions.Save(s);
                        subscriptions.Verify(s.SubscribeGuid, true, Guid.Empty);
                    }
                    else if (s.BeginUtc < DateTime.UtcNow.AddDays(-WebConfigSettings.NewsletterReVerifcationAfterDays))
                    {
                        // if the user never verifed before and its been at least x days go ahead and send another chance to verify
                        needToSendVerification = true;
                        // TODO: maybe we should log this in case some spam script is using the same email over and over
                        // or maybe we should add a verification sent count on subscription
                    }
                }
            }

            //added 2012-05-16 to support intranet scenarios where verification is not required
            if (!WebConfigSettings.NewsletterRequireVerification)
            {
                if (!s.IsVerified)
                {
                    s.IsVerified = true;
                    subscriptions.Save(s);
                }
                needToSendVerification = false;
            }

            if (needToSendVerification)
            {
                NewsletterHelper.SendSubscriberVerificationEmail(
                    siteRoot,
                    email,
                    s.SubscribeGuid,
                    letter,
                    siteSettings);
            }
        }
Esempio n. 10
0
        private void DoSubscribe(LetterInfo letter, string email)
        {
            LetterSubscriber s = subscriptions.Fetch(siteSettings.SiteGuid, letter.LetterInfoGuid, email);

            bool needToSendVerification = false;

            if (s == null)
            {
                s                = new LetterSubscriber();
                s.SiteGuid       = siteSettings.SiteGuid;
                s.EmailAddress   = email;
                s.LetterInfoGuid = letter.LetterInfoGuid;
                if (showFormatOptions)
                {
                    s.UseHtml = rbHtmlFormat.Checked;
                }
                else
                {
                    s.UseHtml = htmlIsDefault;
                }

                if ((currentUser != null) && (string.Equals(currentUser.Email, email, StringComparison.InvariantCultureIgnoreCase)))
                {
                    s.UserGuid   = currentUser.UserGuid;
                    s.IsVerified = true;
                }
                else
                {
                    // user is not authenticated but may still exist
                    // attach userguid but don't flag as verified
                    // because we don't know that the user who submited the form is the account owner
                    SiteUser siteUser = SiteUser.GetByEmail(siteSettings, email);
                    if (siteUser != null)
                    {
                        s.UserGuid = siteUser.UserGuid;
                    }
                }
                s.IpAddress = SiteUtils.GetIP4Address();
                subscriptions.Save(s);

                LetterInfo.UpdateSubscriberCount(s.LetterInfoGuid);

                if (!s.IsVerified)
                {
                    needToSendVerification = true;
                }
            }
            else
            {
                // we found an existing subscription

                if (!s.IsVerified)
                {
                    // if the current authenticated user has the same email mark it as verified
                    if ((currentUser != null) && (string.Equals(currentUser.Email, email, StringComparison.InvariantCultureIgnoreCase)))
                    {
                        s.UserGuid = currentUser.UserGuid;
                        if (showFormatOptions)
                        {
                            s.UseHtml = rbHtmlFormat.Checked;
                        }
                        subscriptions.Save(s);
                        subscriptions.Verify(s.SubscribeGuid, true, Guid.Empty);
                    }
                    else if (s.BeginUtc < DateTime.UtcNow.AddDays(-WebConfigSettings.NewsletterReVerifcationAfterDays))
                    {
                        // if the user never verifed before and its been at least x days go ahead and send another chance to verify
                        needToSendVerification = true;
                        // TODO: maybe we should log this in case some spam script is using the same email over and over
                        // or maybe we should add a verification sent count on subscription
                    }
                }
            }

            if (needToSendVerification)
            {
                string verificationTemplate = ResourceHelper.GetMessageTemplate(SiteUtils.GetDefaultCulture(), "NewsletterVerificationEmailMessage.config");
                string confirmLink          = siteRoot + "/eletter/Confirm.aspx?s=" + s.SubscribeGuid.ToString();
                string messageBody          = verificationTemplate.Replace("{NewsletterName}", letter.Title).Replace("{ConfirmationLink}", confirmLink).Replace("{SiteLink}", siteRoot);
                string subject = string.Format(CultureInfo.InvariantCulture, Resource.NewsletterVerifySubjectFormat, letter.Title);

                EmailMessageTask messageTask = new EmailMessageTask(SiteUtils.GetSmtpSettings());
                messageTask.SiteGuid = siteSettings.SiteGuid;
                if (letter.FromAddress.Length > 0)
                {
                    messageTask.EmailFrom = letter.FromAddress;
                }
                else
                {
                    messageTask.EmailFrom = siteSettings.DefaultEmailFromAddress;
                }
                messageTask.EmailTo  = email;
                messageTask.Subject  = subject;
                messageTask.TextBody = messageBody;


                messageTask.QueueTask();
                WebTaskManager.StartOrResumeTasks();
            }
        }
Esempio n. 11
0
        void Register_Click(object sender, EventArgs e)
        {
            if (!Page.IsValid)
            {
                return;
            }

            var email    = Email.Text;
            var password = Password.Text;
            var userName = SiteUtils.SuggestLoginNameFromEmail(siteSettings.SiteId, email);

            SiteUser existingUser = null;

            if (SiteUser.EmailExistsInDB(siteSettings.SiteId, email))
            {
                if (WebConfigSettings.AllowNewRegistrationToActivateDeletedAccountWithSameEmail)
                {
                    existingUser = SiteUser.GetByEmail(siteSettings, email);
                    if ((existingUser != null) && (!existingUser.IsDeleted))
                    {
                        existingUser = null;
                    }
                }

                if (existingUser == null)
                {
                    RegisterResults.Text = ResourceHelper.GetResourceString("Resource", "DuplicateEmailMessage");
                    return;
                }
            }

            if (SiteUser.LoginExistsInDB(siteSettings.SiteId, userName))
            {
                RegisterResults.Text = ResourceHelper.GetResourceString("Resource", "DuplicateUserNameMessage");
                return;
            }

            if (password.Length < siteSettings.MinRequiredPasswordLength)
            {
                RegisterResults.Text = ResourceHelper.GetResourceString("ProductResources", "CheckoutRegisterInvalidPassword");
                return;
            }

            int nonAlphaNumericCharactersUsedCount = 0;

            for (int i = 0; i < password.Length; i++)
            {
                if (!char.IsLetterOrDigit(password, i))
                {
                    nonAlphaNumericCharactersUsedCount++;
                }
            }

            if (nonAlphaNumericCharactersUsedCount < siteSettings.MinRequiredNonAlphanumericCharacters)
            {
                RegisterResults.Text = ResourceHelper.GetResourceString("ProductResources", "CheckoutRegisterInvalidPassword");
                return;
            }

            if (siteSettings.PasswordStrengthRegularExpression.Length > 0)
            {
                if (!Regex.IsMatch(password, siteSettings.PasswordStrengthRegularExpression))
                {
                    RegisterResults.Text = ResourceHelper.GetResourceString("ProductResources", "CheckoutRegisterInvalidPassword");
                    return;
                }
            }

            SiteUser siteUser;

            if (existingUser != null)
            {
                siteUser = existingUser;
            }
            else
            {
                siteUser = new SiteUser(siteSettings);
            }

            siteUser.Name      = userName;
            siteUser.LoginName = userName;
            siteUser.Email     = email;
            siteUser.FirstName = FullName.Text.Trim();

            var PasswordFormat = (MembershipPasswordFormat)siteSettings.PasswordFormat;

            if (PasswordFormat != MembershipPasswordFormat.Clear)
            {
                siteUser.PasswordSalt = SiteUser.CreateRandomPassword(128, WebConfigSettings.PasswordGeneratorChars);
                password = (new gbMembershipProvider()).EncodePassword(siteUser.PasswordSalt + password, PasswordFormat);
            }

            siteUser.Password         = password;
            siteUser.ApprovedForLogin = !siteSettings.RequireApprovalBeforeLogin;
            bool created = siteUser.Save();

            if (existingUser != null)
            {
                SiteUser.FlagAsNotDeleted(siteUser.UserId);
            }

            if (created)
            {
                if (siteSettings.UseEmailForLogin)
                {
                    FormsAuthentication.SetAuthCookie(siteUser.Email, false);
                }
                SiteUtils.CreateAndStoreSessionToken(siteUser);
                siteUser.UpdateLastLoginTime();
            }

            if (config.CheckoutNextZoneId > 0)
            {
                WebUtils.SetupRedirect(this, CartHelper.GetZoneUrl(config.CheckoutNextZoneId));
            }
        }
        private void ProcessToken()
        {
            OpenIdRpxHelper   rpxHelper = new OpenIdRpxHelper(rpxApiKey, rpxBaseUrl);
            OpenIdRpxAuthInfo authInfo  = rpxHelper.AuthInfo(authToken, tokenUrl);

            if ((authInfo == null) || (!authInfo.IsValid))
            {
                Response.Redirect(SiteRoot + "/Secure/Login.aspx");
                return;
            }

            if (Request.IsAuthenticated)
            {
                HandleAuthenticatedUser(rpxHelper, authInfo);
                return;
            }

            Guid     userGuid = Guid.Empty;
            SiteUser user     = null;

            //first find a site user by email
            if ((authInfo.Email.Length > 0))
            {
                user = SiteUser.GetByEmail(siteSettings, authInfo.Email);
            }

            if (authInfo.PrimaryKey.Length == 36)
            {
                try
                {
                    userGuid = new Guid(authInfo.PrimaryKey);
                }
                catch (FormatException) { }
                catch (OverflowException) { }
            }

            if ((user == null) && (userGuid == Guid.Empty))
            {
                userGuid = SiteUser.GetUserGuidFromOpenId(
                    siteSettings.SiteId,
                    authInfo.Identifier);
            }

            if ((user == null) && (userGuid != Guid.Empty))
            {
                user = new SiteUser(siteSettings, userGuid);
                if (user.SiteGuid != siteSettings.SiteGuid)
                {
                    user = null;
                }
            }

            if (user == null)
            {
                // not an existing user
                if (siteSettings.AllowNewRegistration)
                {
                    HandleNewUser(rpxHelper, authInfo);
                }
                else
                {
                    WebUtils.SetupRedirect(this, SiteRoot);
                    return;
                }
            }
            else
            {
                bool needToSave = false;
                if ((siteSettings.UseSecureRegistration) && (user.RegisterConfirmGuid != Guid.Empty))
                {
                    if (authInfo.VerifiedEmail.Length > 0)
                    {
                        user.SetRegistrationConfirmationGuid(Guid.Empty);
                        user.Email = authInfo.VerifiedEmail;
                        needToSave = true;
                    }
                }

                if (user.OpenIdUri.Length == 0)
                {
                    user.OpenIdUri = authInfo.Identifier;
                    needToSave     = true;
                }

                if (needToSave)
                {
                    user.Save();
                }

                if (WebConfigSettings.OpenIdRpxUseMappings)
                {
                    if ((authInfo.PrimaryKey.Length == 0) || (authInfo.PrimaryKey != user.UserGuid.ToString()))
                    {
                        rpxHelper.Map(authInfo.Identifier, user.UserGuid.ToString());
                    }
                }


                SignInUser(user);
            }
        }