public async Task<ActionResult> google_login_callback() { // Get the current domain Domain domain = Tools.GetCurrentDomain(); // Get the state string state = ""; if (Request.Params["state"] != null) { state = Server.UrlDecode(Request.Params["state"]); } // Get the state stored in the session string sessionState = ""; if(Session["GoogleState"] != null) { sessionState = Session["GoogleState"].ToString(); } // Get the code string code = ""; if (Request.Params["code"] != null) { code = Server.UrlDecode(Request.Params["code"]); } // Check if this is a valid callback if (state != sessionState || code == "") { // Redirect the user return Redirect("/"); } // Get website settings KeyStringList websiteSettings = WebsiteSetting.GetAllFromCache(); string redirectHttps = websiteSettings.Get("REDIRECT-HTTPS"); // Get the access token string access_token = await AnnytabExternalLogin.GetGoogleAccessToken(domain, code); // Get the google user Dictionary<string, object> googleUser = await AnnytabExternalLogin.GetGoogleUser(domain, access_token); // Get the google data string googleId = googleUser.ContainsKey("id") == true ? googleUser["id"].ToString() : ""; string googleName = googleUser.ContainsKey("displayName") == true ? googleUser["displayName"].ToString() : ""; // Get the signed in user Administrator user = Administrator.GetSignedInAdministrator(); // Check if the user exists or not if (googleId != "" && user != null) { // Update the user user.google_user_id = googleId; Administrator.UpdateMasterPost(user); // Redirect the user to his start page return RedirectToAction("index", "user"); } else if (googleId != "" && user == null) { // Check if we can find a user with the google id user = Administrator.GetOneByGoogleUserId(googleId); // Check if the user exists if (user == null) { // Create a new administrator user = new Administrator(); user.admin_user_name = googleId + "_google"; user.admin_password = PasswordHash.CreateHash(Tools.GeneratePassword()); user.admin_role = "User"; user.author_name = "-"; user.google_user_id = googleId; // Add the new Administrator Int64 insertId = Administrator.AddMasterPost(user); user.id = Convert.ToInt32(insertId); Administrator.AddLanguagePost(user, domain.front_end_language); Administrator.UpdatePassword(user.id, PasswordHash.CreateHash(user.admin_password)); // Create the administrator cookie HttpCookie adminCookie = new HttpCookie("Administrator"); adminCookie.Value = Tools.ProtectCookieValue(user.id.ToString(), "Administration"); adminCookie.Expires = DateTime.UtcNow.AddDays(1); adminCookie.HttpOnly = true; adminCookie.Secure = redirectHttps.ToLower() == "true" ? true : false; Response.Cookies.Add(adminCookie); // Redirect the user to the edit user page return Redirect("/user/edit"); } else { // Create the administrator cookie HttpCookie adminCookie = new HttpCookie("Administrator"); adminCookie.Value = Tools.ProtectCookieValue(user.id.ToString(), "Administration"); adminCookie.Expires = DateTime.UtcNow.AddDays(1); adminCookie.HttpOnly = true; adminCookie.Secure = redirectHttps.ToLower() == "true" ? true : false; Response.Cookies.Add(adminCookie); // Redirect the user to the start page return RedirectToAction("index"); } } else { // Redirect the user to the login return RedirectToAction("login", "user"); } } // End of the google_login_callback method
public ActionResult edit(FormCollection collection) { // Get all the form values Int32 id = Convert.ToInt32(collection["txtId"]); string user_name = collection["txtUserName"]; string password = collection["txtPassword"]; string email = collection["txtEmail"]; string author_name = collection["txtAuthorName"]; string author_description = collection["txtAuthorDescription"]; HttpPostedFileBase authorImage = Request.Files["uploadMainImage"]; // Modify the author description author_description = author_description.Replace(Environment.NewLine, "<br />"); // Get the current domain Domain domain = Tools.GetCurrentDomain(); // Get translated texts KeyStringList tt = StaticText.GetAll(domain.front_end_language, "id", "ASC"); // Get the user Administrator user = Administrator.GetOneById(id, domain.front_end_language); // Check if the user exists if (user == null) { // Check if the user exists but not are translated user = Administrator.GetOneById(id); if(user == null) { // Create an empty user user = new Administrator(); } } // Update values user.admin_user_name = user_name; user.email = email; user.author_name = author_name; user.author_description = author_description; // Create a error message string errorMessage = string.Empty; // Get the user on user name Administrator userOnUserName = Administrator.GetOneByUserName(user.admin_user_name); // Check for errors if (userOnUserName != null && user.id != userOnUserName.id) { errorMessage += "• " + String.Format(tt.Get("error_field_unique"), tt.Get("user_name")) + "<br/>"; } if (user.admin_user_name.Length > 50) { errorMessage += "• " + String.Format(tt.Get("error_field_length"), tt.Get("user_name"), "50") + "<br/>"; } if (user.author_name.Length > 50) { errorMessage += "• " + String.Format(tt.Get("error_field_length"), tt.Get("name"), "50") + "<br/>"; } if (AnnytabDataValidation.IsEmailAddressValid(user.email) == null) { errorMessage += "• " + tt.Get("error_email_valid") + "<br/>"; } if (authorImage.ContentLength > 0 && Tools.IsImageJpeg(authorImage) == false) { errorMessage += "• " + tt.Get("error_invalid_jpeg") + "<br/>"; } if (authorImage.ContentLength > 262144) { errorMessage += "• " + String.Format(tt.Get("error_image_size"), "256 kb") + "<br/>"; ; } // Check if there is errors if (errorMessage == string.Empty) { // Check if we should add or update the user if (user.id == 0) { // Add the user user.admin_role = "User"; Int64 insertId = Administrator.AddMasterPost(user); user.id = Convert.ToInt32(insertId); Administrator.AddLanguagePost(user, domain.front_end_language); Administrator.UpdatePassword(user.id, PasswordHash.CreateHash(password)); // Get website settings KeyStringList websiteSettings = WebsiteSetting.GetAllFromCache(); string redirectHttps = websiteSettings.Get("REDIRECT-HTTPS"); // Create the administrator cookie HttpCookie adminCookie = new HttpCookie("Administrator"); adminCookie.Value = Tools.ProtectCookieValue(user.id.ToString(), "Administration"); adminCookie.Expires = DateTime.UtcNow.AddDays(1); adminCookie.HttpOnly = true; adminCookie.Secure = redirectHttps.ToLower() == "true" ? true : false; Response.Cookies.Add(adminCookie); } else { // Update the user Administrator.UpdateMasterPost(user); // Update or add the language post if (Administrator.GetOneById(id, domain.front_end_language) != null) { Administrator.UpdateLanguagePost(user, domain.front_end_language); } else { Administrator.AddLanguagePost(user, domain.front_end_language); } // Only update the password if it has changed if (password != "") { Administrator.UpdatePassword(user.id, PasswordHash.CreateHash(password)); } } // Update the image if (authorImage.ContentLength > 0) { UpdateImage(user.id, authorImage); } // Redirect the user to the start page return RedirectToAction("index"); } else { // Create the bread crumb list List<BreadCrumb> breadCrumbs = new List<BreadCrumb>(3); breadCrumbs.Add(new BreadCrumb(tt.Get("start_page"), "/")); breadCrumbs.Add(new BreadCrumb(tt.Get("my_pages"), "/user")); breadCrumbs.Add(new BreadCrumb(tt.Get("edit") + " " + tt.Get("user_details").ToLower(), "/user/edit")); // Set form values ViewBag.BreadCrumbs = breadCrumbs; ViewBag.ErrorMessage = errorMessage; ViewBag.CurrentCategory = new Category(); ViewBag.CurrentDomain = domain; ViewBag.CurrentLanguage = Language.GetOneById(domain.front_end_language); ViewBag.TranslatedTexts = tt; ViewBag.User = user; ViewBag.CultureInfo = Tools.GetCultureInfo(ViewBag.CurrentLanguage); // Return the edit view return domain.custom_theme_id == 0 ? View("edit") : View("/Views/theme/edit_user_details.cshtml"); } } // End of the edit method
public ActionResult edit(FormCollection collection) { // Get the current domain Domain currentDomain = Tools.GetCurrentDomain(); ViewBag.CurrentDomain = currentDomain; // Get the return url string returnUrl = collection["returnUrl"]; ViewBag.QueryParams = new QueryParams(returnUrl); // Check if the administrator is authorized if (Administrator.IsAuthorized(new string[] { "Administrator" }) == true) { ViewBag.AdminSession = true; } else if (Administrator.IsAuthorized(Administrator.GetAllAdminRoles()) == true) { ViewBag.AdminSession = true; ViewBag.AdminErrorCode = 1; ViewBag.TranslatedTexts = StaticText.GetAll(currentDomain.back_end_language, "id", "ASC"); return View("index"); } else { // Redirect the user to the start page return RedirectToAction("index", "admin_login"); } // Get all the form values Int32 id = Convert.ToInt32(collection["txtId"]); string user_name = collection["txtUserName"]; string password = collection["txtPassword"]; string role = collection["selectAdminRole"]; string email = collection["txtEmail"]; string author_name = collection["txtAuthorName"]; string author_description = collection["txtAuthorDescription"]; string facebook_user_id = collection["txtFacebookUserId"]; string google_user_id = collection["txtGoogleUserId"]; // Get the default admin language id Int32 adminLanguageId = currentDomain.back_end_language; // Get translated texts KeyStringList tt = StaticText.GetAll(adminLanguageId, "id", "ASC"); // Get the administrator Administrator administrator = Administrator.GetOneById(id, adminLanguageId); bool postExists = true; // Check if the administrator exists if (administrator == null) { // Create an empty administrator administrator = new Administrator(); postExists = false; } // Update values administrator.admin_user_name = user_name; administrator.admin_role = role; administrator.email = email; administrator.author_name = author_name; administrator.author_description = author_description; administrator.facebook_user_id = facebook_user_id; administrator.google_user_id = google_user_id; // Create a error message string errorMessage = string.Empty; // Get a administrator on user name Administrator adminOnUserName = Administrator.GetOneByUserName(user_name); // Check for errors in the administrator if (adminOnUserName != null && administrator.id != adminOnUserName.id) { errorMessage += "• " + String.Format(tt.Get("error_field_unique"), tt.Get("user_name")) + "<br/>"; } if (administrator.admin_user_name.Length > 50) { errorMessage += "• " + String.Format(tt.Get("error_field_length"), tt.Get("user_name"), "50") + "<br/>"; } if (administrator.author_name.Length > 50) { errorMessage += "• " + String.Format(tt.Get("error_field_length"), tt.Get("name"), "50") + "<br/>"; } if (AnnytabDataValidation.IsEmailAddressValid(administrator.email) == null) { errorMessage += "• " + tt.Get("error_email_valid") + "<br/>"; } if (administrator.facebook_user_id.Length > 50) { errorMessage += "• " + String.Format(tt.Get("error_field_length"), "Facebook user id", "50") + "<br/>"; } if (administrator.google_user_id.Length > 50) { errorMessage += "• " + String.Format(tt.Get("error_field_length"), "Google user id", "50") + "<br/>"; } // Check if there is errors if (errorMessage == string.Empty) { // Check if we should add or update the administrator if (postExists == false) { // Add the administrator Int32 insertId = (Int32)Administrator.AddMasterPost(administrator); administrator.id = insertId; Administrator.AddLanguagePost(administrator, adminLanguageId); Administrator.UpdatePassword(insertId, PasswordHash.CreateHash(password)); } else { // Update the administrator Administrator.UpdateMasterPost(administrator); Administrator.UpdateLanguagePost(administrator, adminLanguageId); // Only update the password if it has changed if (password != "") { Administrator.UpdatePassword(administrator.id, PasswordHash.CreateHash(password)); } } // Redirect the user to the list return Redirect(returnUrl); } else { // Set form values ViewBag.ErrorMessage = errorMessage; ViewBag.Administrator = administrator; ViewBag.TranslatedTexts = tt; ViewBag.ReturnUrl = returnUrl; // Return the edit view return View("edit"); } } // End of the edit method