/// <summary>
/// Handles verification of the PostReply. Adds java script message if there is a problem.
/// </summary>
/// <returns>
/// true if everything is verified
/// </returns>
protected bool IsPostReplyVerified()
{
// To avoid posting whitespace(s) or empty messages
var postedMessage = this.forumEditor.Text.Trim();
if (postedMessage.IsNotSet())
{
this.PageContext.AddLoadMessage(this.GetText("ISEMPTY"), MessageTypes.warning);
return(false);
}
// No need to check whitespace if they are actually posting something
if (this.PageContext.BoardSettings.MaxPostSize > 0 &&
this.forumEditor.Text.Length >= this.PageContext.BoardSettings.MaxPostSize)
{
this.PageContext.AddLoadMessage(this.GetText("ISEXCEEDED"), MessageTypes.warning);
return(false);
}
// Check if the Entered Guest Username is not too long
if (this.FromRow.Visible && this.From.Text.Trim().Length > 100)
{
this.PageContext.AddLoadMessage(this.GetText("GUEST_NAME_TOOLONG"), MessageTypes.warning);
this.From.Text = this.From.Text.Substring(100);
return(false);
}
if (this.SubjectRow.Visible && this.TopicSubjectTextBox.Text.IsNotSet())
{
this.PageContext.AddLoadMessage(this.GetText("NEED_SUBJECT"), MessageTypes.warning);
return(false);
}
if (!this.Get <IPermissions>().Check(this.PageContext.BoardSettings.AllowCreateTopicsSameName) &&
this.GetRepository <Topic>().CheckForDuplicate(this.TopicSubjectTextBox.Text.Trim()) &&
!this.EditMessageId.HasValue)
{
this.PageContext.AddLoadMessage(this.GetText("SUBJECT_DUPLICATE"), MessageTypes.warning);
return(false);
}
if ((!this.PageContext.IsGuest || !this.PageContext.BoardSettings.EnableCaptchaForGuests) &&
(!this.PageContext.BoardSettings.EnableCaptchaForPost || this.PageContext.User.UserFlags.IsCaptchaExcluded) ||
CaptchaHelper.IsValid(this.tbCaptcha.Text.Trim()))
{
return(true);
}
this.PageContext.AddLoadMessage(this.GetText("BAD_CAPTCHA"), MessageTypes.danger);
return(false);
}
/// <summary>
/// Handles the CreatingUser event of the CreateUserWizard1 control.
/// </summary>
/// <param name="sender">
/// The source of the event.
/// </param>
/// <param name="e">
/// The <see cref="LoginCancelEventArgs"/> instance containing the event data.
/// </param>
/// <exception cref="System.ArgumentNullException">
/// CreateUserWizard.UserName;UserName from CreateUserWizard is Null!
/// </exception>
/// <exception cref="ArgumentNullException">
/// Argument is null.
/// </exception>
protected void CreateUserWizard1_CreatingUser([NotNull] object sender, [NotNull] LoginCancelEventArgs e)
{
var userName = this.CreateUserWizard1.UserName;
if (userName.IsNotSet())
{
throw new ArgumentNullException("CreateUserWizard.UserName", "UserName from CreateUserWizard is Null!");
}
userName = userName.Trim();
// trim username on postback
this.CreateUserWizard1.UserName = userName;
// username cannot contain semi-colon or to be a bad word
var badWord =
this.Get <IBadWordReplace>()
.ReplaceItems.Any(i => userName.Equals(i.BadWord, StringComparison.CurrentCultureIgnoreCase));
var guestUserName = UserMembershipHelper.GuestUserName;
guestUserName = guestUserName.IsSet() ? guestUserName.ToLower() : string.Empty;
if (userName.Contains(";") || badWord || userName.ToLower().Equals(guestUserName))
{
this.PageContext.AddLoadMessage(this.GetText("BAD_USERNAME"), MessageTypes.warning);
e.Cancel = true;
return;
}
if (userName.Length < this.Get <YafBoardSettings>().DisplayNameMinLength)
{
this.PageContext.AddLoadMessage(
this.GetTextFormatted("USERNAME_TOOSMALL", this.Get <YafBoardSettings>().DisplayNameMinLength),
MessageTypes.danger);
e.Cancel = true;
return;
}
if (userName.Length > this.Get <YafBoardSettings>().UserNameMaxLength)
{
this.PageContext.AddLoadMessage(
this.GetTextFormatted("USERNAME_TOOLONG", this.Get <YafBoardSettings>().UserNameMaxLength),
MessageTypes.danger);
e.Cancel = true;
return;
}
if (this.Get <YafBoardSettings>().EnableDisplayName)
{
var displayName = this.CreateUserStepContainer.FindControlAs <TextBox>("DisplayName");
if (displayName != null)
{
// Check if name matches the required minimum length
if (displayName.Text.Trim().Length < this.Get <YafBoardSettings>().DisplayNameMinLength)
{
this.PageContext.AddLoadMessage(
this.GetTextFormatted("USERNAME_TOOSMALL", this.Get <YafBoardSettings>().DisplayNameMinLength),
MessageTypes.warning);
e.Cancel = true;
return;
}
// Check if name matches the required minimum length
if (displayName.Text.Length > this.Get <YafBoardSettings>().UserNameMaxLength)
{
this.PageContext.AddLoadMessage(
this.GetTextFormatted("USERNAME_TOOLONG", this.Get <YafBoardSettings>().UserNameMaxLength),
MessageTypes.warning);
e.Cancel = true;
return;
}
if (this.Get <IUserDisplayName>().GetId(displayName.Text.Trim()).HasValue)
{
this.PageContext.AddLoadMessage(
this.GetText("ALREADY_REGISTERED_DISPLAYNAME"),
MessageTypes.warning);
e.Cancel = true;
}
}
}
this.IsPossibleSpamBot = false;
// Check user for bot
var spamChecker = new YafSpamCheck();
string result;
var userIpAddress = this.Get <HttpRequestBase>().GetUserRealIPAddress();
// Check content for spam
if (spamChecker.CheckUserForSpamBot(userName, this.CreateUserWizard1.Email, userIpAddress, out result))
{
// Flag user as spam bot
this.IsPossibleSpamBot = true;
this.Logger.Log(
null,
"Bot Detected",
"Bot Check detected a possible SPAM BOT: (user name : '{0}', email : '{1}', ip: '{2}', reason : {3}), user was rejected."
.FormatWith(userName, this.CreateUserWizard1.Email, userIpAddress, result),
EventLogTypes.SpamBotDetected);
if (this.Get <YafBoardSettings>().BotHandlingOnRegister.Equals(2))
{
this.PageContext.AddLoadMessage(this.GetText("BOT_MESSAGE"), MessageTypes.danger);
if (this.Get <YafBoardSettings>().BanBotIpOnDetection)
{
this.GetRepository <BannedIP>()
.Save(
null,
userIpAddress,
"A spam Bot who was trying to register was banned by IP {0}".FormatWith(userIpAddress),
this.PageContext.PageUserID);
// Clear cache
this.Get <IDataCache>().Remove(Constants.Cache.BannedIP);
if (YafContext.Current.Get <YafBoardSettings>().LogBannedIP)
{
this.Get <ILogger>()
.Log(
this.PageContext.PageUserID,
"IP BAN of Bot During Registration",
"A spam Bot who was trying to register was banned by IP {0}".FormatWith(
userIpAddress),
EventLogTypes.IpBanSet);
}
}
e.Cancel = true;
}
}
switch (this.Get <YafBoardSettings>().CaptchaTypeRegister)
{
case 1:
{
// Check YAF Captcha
var yafCaptchaText = this.CreateUserStepContainer.FindControlAs <TextBox>("tbCaptcha");
if (!CaptchaHelper.IsValid(yafCaptchaText.Text.Trim()))
{
this.PageContext.AddLoadMessage(this.GetText("BAD_CAPTCHA"), MessageTypes.danger);
e.Cancel = true;
}
}
break;
case 2:
{
// Check reCAPTCHA
var recaptcha =
// this.CreateUserWizard1.FindWizardControlRecursive("Recaptcha1").ToClass<RecaptchaControl>();
this.CreateUserStepContainer.FindControlAs <RecaptchaControl>("Recaptcha1");
// Recupt;
if (!recaptcha.IsValid)
{
this.PageContext.AddLoadMessage(this.GetText("BAD_RECAPTCHA"), MessageTypes.danger);
e.Cancel = true;
}
}
break;
}
/*
*
*
* // vzrus: Here recaptcha should be always valid. This piece of code for testing only.
* if (this.Get<YafBoardSettings>().CaptchaTypeRegister == 2)
* {
* var recaptcha =
* this.CreateUserWizard1.FindWizardControlRecursive("Recaptcha1").ToClass<RecaptchaControl>();
*
* if (recaptcha != null && !recaptcha.IsValid)
* {
* this.PageContext.AddLoadMessage(this.GetText("BAD_CAPTCHA"), MessageTypes.Error);
* e.Cancel = true;
* }
* }
*
*/
}
/// <summary>
/// Validate user for user name and or display name, captcha and spam
/// </summary>
/// <returns>
/// The <see cref="bool"/>.
/// </returns>
private bool ValidateUser()
{
var userName = this.UserName.Text.Trim();
// username cannot contain semi-colon or to be a bad word
var badWord = this.Get <IBadWordReplace>().ReplaceItems.Any(
i => userName.Equals(i.BadWord, StringComparison.CurrentCultureIgnoreCase));
var guestUserName = this.Get <IAspNetUsersHelper>().GuestUserName;
guestUserName = guestUserName.IsSet() ? guestUserName.ToLower() : string.Empty;
if (userName.Contains(";") || badWord || userName.ToLower().Equals(guestUserName))
{
this.PageContext.AddLoadMessage(this.GetText("BAD_USERNAME"), MessageTypes.warning);
return(false);
}
if (userName.Length < this.Get <BoardSettings>().DisplayNameMinLength)
{
this.PageContext.AddLoadMessage(
this.GetTextFormatted("USERNAME_TOOSMALL", this.Get <BoardSettings>().DisplayNameMinLength),
MessageTypes.danger);
return(false);
}
if (userName.Length > this.Get <BoardSettings>().UserNameMaxLength)
{
this.PageContext.AddLoadMessage(
this.GetTextFormatted("USERNAME_TOOLONG", this.Get <BoardSettings>().UserNameMaxLength),
MessageTypes.danger);
return(false);
}
if (this.Get <BoardSettings>().EnableDisplayName&& this.DisplayName.Text.Trim().IsSet())
{
var displayName = this.DisplayName.Text.Trim();
// Check if name matches the required minimum length
if (displayName.Length < this.Get <BoardSettings>().DisplayNameMinLength)
{
this.PageContext.AddLoadMessage(
this.GetTextFormatted("USERNAME_TOOSMALL", this.Get <BoardSettings>().DisplayNameMinLength),
MessageTypes.warning);
return(false);
}
// Check if name matches the required minimum length
if (displayName.Length > this.Get <BoardSettings>().UserNameMaxLength)
{
this.PageContext.AddLoadMessage(
this.GetTextFormatted("USERNAME_TOOLONG", this.Get <BoardSettings>().UserNameMaxLength),
MessageTypes.warning);
return(false);
}
if (this.Get <IUserDisplayName>().FindUserByName(displayName.Trim()) != null)
{
this.PageContext.AddLoadMessage(
this.GetText("ALREADY_REGISTERED_DISPLAYNAME"),
MessageTypes.warning);
}
}
this.IsPossibleSpamBot = false;
// Check user for bot
var userIpAddress = this.Get <HttpRequestBase>().GetUserRealIPAddress();
// Check content for spam
if (this.Get <ISpamCheck>().CheckUserForSpamBot(userName, this.Email.Text, userIpAddress, out var result))
{
// Flag user as spam bot
this.IsPossibleSpamBot = true;
this.GetRepository <Registry>().IncrementDeniedRegistrations();
this.Logger.Log(
null,
"Bot Detected",
$"Bot Check detected a possible SPAM BOT: (user name : '{userName}', email : '{this.Email.Text}', ip: '{userIpAddress}', reason : {result}), user was rejected.",
EventLogTypes.SpamBotDetected);
if (this.Get <BoardSettings>().BotHandlingOnRegister.Equals(2))
{
this.GetRepository <Registry>().IncrementBannedUsers();
this.PageContext.AddLoadMessage(this.GetText("BOT_MESSAGE"), MessageTypes.danger);
if (this.Get <BoardSettings>().BanBotIpOnDetection)
{
this.GetRepository <BannedIP>().Save(
null,
userIpAddress,
$"A spam Bot who was trying to register was banned by IP {userIpAddress}",
this.PageContext.PageUserID);
if (this.PageContext.Get <BoardSettings>().LogBannedIP)
{
this.Logger.Log(
this.PageContext.PageUserID,
"IP BAN of Bot During Registration",
$"A spam Bot who was trying to register was banned by IP {userIpAddress}",
EventLogTypes.IpBanSet);
}
}
// Ban Name ?
this.PageContext.GetRepository <BannedName>().Save(
null,
userName,
"Name was reported by the automatic spam system.");
// Ban User Email?
this.PageContext.GetRepository <BannedEmail>().Save(
null,
this.Email.Text,
"Email was reported by the automatic spam system.");
return(false);
}
}
switch (this.Get <BoardSettings>().CaptchaTypeRegister)
{
case 1:
{
// Check YAF Captcha
if (!CaptchaHelper.IsValid(this.tbCaptcha.Text.Trim()))
{
this.PageContext.AddLoadMessage(this.GetText("BAD_CAPTCHA"), MessageTypes.danger);
return(false);
}
}
break;
case 2:
{
// Check reCAPTCHA
if (!this.Recaptcha1.IsValid)
{
this.PageContext.AddLoadMessage(this.GetText("BAD_RECAPTCHA"), MessageTypes.danger);
return(false);
}
}
break;
}
return(true);
}
/// <summary>
/// The quick reply_ click.
/// </summary>
/// <param name="sender">
/// The sender.
/// </param>
/// <param name="e">
/// The e.
/// </param>
private void QuickReply_Click([NotNull] object sender, [NotNull] EventArgs e)
{
if (!this.PageContext.ForumReplyAccess || (this._topicFlags.IsLocked && !this.PageContext.ForumModeratorAccess))
{
YafBuildLink.AccessDenied();
}
if (this._quickReplyEditor.Text.Length <= 0)
{
this.PageContext.AddLoadMessage(this.GetText("EMPTY_MESSAGE"));
return;
}
if (((this.PageContext.IsGuest && this.PageContext.BoardSettings.EnableCaptchaForGuests) ||
(this.PageContext.BoardSettings.EnableCaptchaForPost && !this.PageContext.IsCaptchaExcluded)) &&
!CaptchaHelper.IsValid(this.tbCaptcha.Text.Trim()))
{
this.PageContext.AddLoadMessage(this.GetText("BAD_CAPTCHA"));
return;
}
if (!(this.PageContext.IsAdmin || this.PageContext.IsModerator) &&
this.PageContext.BoardSettings.PostFloodDelay > 0)
{
if (YafContext.Current.Get <YafSession>().LastPost > DateTime.UtcNow.AddSeconds(-this.PageContext.BoardSettings.PostFloodDelay))
{
this.PageContext.AddLoadMessage(
this.GetTextFormatted(
"wait",
(YafContext.Current.Get <YafSession>().LastPost - DateTime.UtcNow.AddSeconds(-this.PageContext.BoardSettings.PostFloodDelay)).Seconds));
return;
}
}
YafContext.Current.Get <YafSession>().LastPost = DateTime.UtcNow;
// post message...
long nMessageId = 0;
object replyTo = -1;
string msg = this._quickReplyEditor.Text;
long topicID = this.PageContext.PageTopicID;
var tFlags = new MessageFlags
{
IsHtml = this._quickReplyEditor.UsesHTML,
IsBBCode = this._quickReplyEditor.UsesBBCode,
IsApproved = this.PageContext.IsAdmin || this.PageContext.IsModerator
};
// Bypass Approval if Admin or Moderator.
if (
!DB.message_save(
topicID,
this.PageContext.PageUserID,
msg,
null,
this.Request.UserHostAddress,
null,
replyTo,
tFlags.BitValue,
ref nMessageId))
{
topicID = 0;
}
// Check to see if the user has enabled "auto watch topic" option in his/her profile.
if (this.PageContext.CurrentUserData.AutoWatchTopics)
{
using (DataTable dt = DB.watchtopic_check(this.PageContext.PageUserID, this.PageContext.PageTopicID))
{
if (dt.Rows.Count == 0)
{
// subscribe to this forum
DB.watchtopic_add(this.PageContext.PageUserID, this.PageContext.PageTopicID);
}
}
}
bool bApproved = false;
using (DataTable dt = DB.message_list(nMessageId))
{
foreach (DataRow row in dt.Rows)
{
bApproved = ((int)row["Flags"] & 16) == 16;
}
}
if (bApproved)
{
// send new post notification to users watching this topic/forum
this.Get <YafSendNotification>().ToWatchingUsers(nMessageId.ToType <int>());
// redirect to newly posted message
YafBuildLink.Redirect(ForumPages.posts, "m={0}&#post{0}", nMessageId);
}
else
{
if (this.PageContext.BoardSettings.EmailModeratorsOnModeratedPost)
{
// not approved, notifiy moderators
this.Get <YafSendNotification>().ToModeratorsThatMessageNeedsApproval(
this.PageContext.PageForumID, (int)nMessageId);
}
string url = YafBuildLink.GetLink(ForumPages.topics, "f={0}", this.PageContext.PageForumID);
if (Config.IsRainbow)
{
YafBuildLink.Redirect(ForumPages.info, "i=1");
}
else
{
YafBuildLink.Redirect(ForumPages.info, "i=1&url={0}", this.Server.UrlEncode(url));
}
}
}
/// <summary>
/// Handles the CreatingUser event of the CreateUserWizard1 control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="LoginCancelEventArgs" /> instance containing the event data.</param>
/// <exception cref="System.ArgumentNullException">CreateUserWizard.UserName;UserName from CreateUserWizard is Null!</exception>
/// <exception cref="ArgumentNullException">Argument is null.</exception>
protected void CreateUserWizard1_CreatingUser([NotNull] object sender, [NotNull] LoginCancelEventArgs e)
{
string userName = this.CreateUserWizard1.UserName;
if (userName.IsNotSet())
{
throw new ArgumentNullException("CreateUserWizard.UserName", "UserName from CreateUserWizard is Null!");
}
userName = userName.Trim();
// trim username on postback
this.CreateUserWizard1.UserName = userName;
// username cannot contain semi-colon or to be a bad word
bool badWord =
this.Get <IBadWordReplace>()
.ReplaceItems.Any(i => userName.Equals(i.BadWord, StringComparison.CurrentCultureIgnoreCase));
string guestUserName = UserMembershipHelper.GuestUserName;
guestUserName = guestUserName.IsSet() ? guestUserName.ToLower() : string.Empty;
if (userName.Contains(";") || badWord || userName.ToLower().Equals(guestUserName))
{
this.PageContext.AddLoadMessage(this.GetText("BAD_USERNAME"), MessageTypes.Warning);
e.Cancel = true;
return;
}
if (userName.Length > this.Get <YafBoardSettings>().UserNameMaxLength)
{
this.PageContext.AddLoadMessage(
this.GetTextFormatted("USERNAME_TOOLONG", this.Get <YafBoardSettings>().UserNameMaxLength),
MessageTypes.Error);
e.Cancel = true;
return;
}
if (this.Get <YafBoardSettings>().EnableDisplayName)
{
var displayName = this.CreateUserStepContainer.FindControlAs <TextBox>("DisplayName");
if (displayName != null)
{
if (displayName.Text.Length > this.Get <YafBoardSettings>().UserNameMaxLength)
{
this.PageContext.AddLoadMessage(
this.GetTextFormatted("USERNAME_TOOLONG", this.Get <YafBoardSettings>().UserNameMaxLength),
MessageTypes.Warning);
e.Cancel = true;
return;
}
if (this.Get <IUserDisplayName>().GetId(displayName.Text.Trim()).HasValue)
{
this.PageContext.AddLoadMessage(
this.GetText("ALREADY_REGISTERED_DISPLAYNAME"),
MessageTypes.Warning);
e.Cancel = true;
}
}
}
this.IsPossibleSpamBot = false;
// Check user for bot
if (this.Get <YafBoardSettings>().BotSpamServiceType > 0)
{
var spamChecker = new YafSpamCheck();
string result;
// Check content for spam
if (spamChecker.CheckUserForSpamBot(
userName,
this.CreateUserWizard1.Email,
this.Get <HttpRequestBase>().GetUserRealIPAddress(),
out result))
{
if (this.Get <YafBoardSettings>().BotHandlingOnRegister.Equals(1))
{
// Flag user as spam bot
this.IsPossibleSpamBot = true;
this.Get <ILogger>()
.Info(
"Bot Check detected a possible SPAM BOT: (user name : '{0}', email : '{1}', ip: '{2}', reason : {3}).",
userName,
this.CreateUserWizard1.Email,
this.Get <HttpRequestBase>().GetUserRealIPAddress(),
result);
}
else if (this.Get <YafBoardSettings>().BotHandlingOnRegister.Equals(2))
{
this.Get <ILogger>()
.Info(
"Bot Check detected a possible SPAM BOT: (user name : '{0}', email : '{1}', ip: '{2}', reason : {3}), user was rejected.",
userName,
this.CreateUserWizard1.Email,
this.Get <HttpRequestBase>().GetUserRealIPAddress(),
result);
this.PageContext.AddLoadMessage(this.GetText("BOT_MESSAGE"), MessageTypes.Error);
e.Cancel = true;
}
}
}
var yafCaptchaText = this.CreateUserStepContainer.FindControlAs <TextBox>("tbCaptcha");
// vzrus: Here recaptcha should be always valid. This piece of code for testing only.
if (this.Get <YafBoardSettings>().CaptchaTypeRegister == 2)
{
var recaptcha =
this.CreateUserWizard1.FindWizardControlRecursive("Recaptcha1").ToClass <RecaptchaControl>();
if (recaptcha != null && !recaptcha.IsValid)
{
this.PageContext.AddLoadMessage(this.GetText("BAD_CAPTCHA"), MessageTypes.Error);
e.Cancel = true;
}
}
// verify captcha if enabled
if (this.Get <YafBoardSettings>().CaptchaTypeRegister != 1 ||
CaptchaHelper.IsValid(yafCaptchaText.Text.Trim()))
{
return;
}
this.PageContext.AddLoadMessage(this.GetText("BAD_CAPTCHA"), MessageTypes.Error);
e.Cancel = true;
}
/// <summary>
/// The quick reply_ click.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param>
protected void QuickReplyClick([NotNull] object sender, [NotNull] EventArgs e)
{
try
{
if (this.quickReplyEditor.Text.Length <= 0)
{
YafContext.Current.PageElements.RegisterJsBlockStartup(
name: "openModalJs",
script: JavaScriptBlocks.OpenModalJs(clientId: "QuickReplyDialog"));
this.PageContext.AddLoadMessage(message: this.GetText(tag: "EMPTY_MESSAGE"), messageType: MessageTypes.warning);
return;
}
// No need to check whitespace if they are actually posting something
if (this.Get <YafBoardSettings>().MaxPostSize > 0 &&
this.quickReplyEditor.Text.Length >= this.Get <YafBoardSettings>().MaxPostSize)
{
YafContext.Current.PageElements.RegisterJsBlockStartup(
name: "openModalJs",
script: JavaScriptBlocks.OpenModalJs(clientId: "QuickReplyDialog"));
this.PageContext.AddLoadMessage(message: this.GetText(tag: "ISEXCEEDED"), messageType: MessageTypes.warning);
return;
}
if (this.EnableCaptcha() && !CaptchaHelper.IsValid(captchaText: this.tbCaptcha.Text.Trim()))
{
YafContext.Current.PageElements.RegisterJsBlockStartup(
name: "openModalJs",
script: JavaScriptBlocks.OpenModalJs(clientId: "QuickReplyDialog"));
this.PageContext.AddLoadMessage(message: this.GetText(tag: "BAD_CAPTCHA"), messageType: MessageTypes.warning);
return;
}
if (!(this.PageContext.IsAdmin || this.PageContext.ForumModeratorAccess) &&
this.Get <YafBoardSettings>().PostFloodDelay > 0)
{
if (YafContext.Current.Get <IYafSession>().LastPost
> DateTime.UtcNow.AddSeconds(value: -this.Get <YafBoardSettings>().PostFloodDelay))
{
YafContext.Current.PageElements.RegisterJsBlockStartup(
name: "openModalJs",
script: JavaScriptBlocks.OpenModalJs(clientId: "QuickReplyDialog"));
this.PageContext.AddLoadMessage(
message: this.GetTextFormatted(
tag: "wait",
(YafContext.Current.Get <IYafSession>().LastPost
- DateTime.UtcNow.AddSeconds(value: -this.Get <YafBoardSettings>().PostFloodDelay)).Seconds),
messageType: MessageTypes.warning);
return;
}
}
YafContext.Current.Get <IYafSession>().LastPost = DateTime.UtcNow;
// post message...
long messageId = 0;
object replyTo = -1;
var message = this.quickReplyEditor.Text;
long topicId = this.PageContext.PageTopicID;
// SPAM Check
// Check if Forum is Moderated
var isForumModerated = false;
var dt = this.GetRepository <Forum>().List(
boardId: this.PageContext.PageBoardID,
forumId: this.PageContext.PageForumID);
var forumInfo = dt.FirstOrDefault();
if (forumInfo != null)
{
isForumModerated = this.CheckForumModerateStatus(forumInfo: forumInfo);
}
var spamApproved = true;
var isPossibleSpamMessage = false;
// Check for SPAM
if (!this.PageContext.IsAdmin && !this.PageContext.ForumModeratorAccess &&
!this.Get <YafBoardSettings>().SpamServiceType.Equals(obj: 0))
{
// Check content for spam
if (this.Get <ISpamCheck>().CheckPostForSpam(
userName: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName,
ipAddress: YafContext.Current.Get <HttpRequestBase>().GetUserRealIPAddress(),
postMessage: this.quickReplyEditor.Text,
emailAddress: this.PageContext.IsGuest ? null : this.PageContext.User.Email,
result: out var spamResult))
{
switch (this.Get <YafBoardSettings>().SpamMessageHandling)
{
case 0:
this.Logger.Log(
userId: this.PageContext.PageUserID,
source: "Spam Message Detected",
description: string.Format(
format: "Spam Check detected possible SPAM ({1}) posted by User: {0}",
arg0: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName,
arg1: spamResult),
eventType: EventLogTypes.SpamMessageDetected);
break;
case 1:
spamApproved = false;
isPossibleSpamMessage = true;
this.Logger.Log(
userId: this.PageContext.PageUserID,
source: "Spam Message Detected",
description: string
.Format(
format: "Spam Check detected possible SPAM ({1}) posted by User: {0}, it was flagged as unapproved post",
arg0: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName,
arg1: spamResult),
eventType: EventLogTypes.SpamMessageDetected);
break;
case 2:
this.Logger.Log(
userId: this.PageContext.PageUserID,
source: "Spam Message Detected",
description: string
.Format(
format: "Spam Check detected possible SPAM ({1}) posted by User: {0}, post was rejected",
arg0: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName,
arg1: spamResult),
eventType: EventLogTypes.SpamMessageDetected);
YafContext.Current.PageElements.RegisterJsBlockStartup(
name: "openModalJs",
script: JavaScriptBlocks.OpenModalJs(clientId: "QuickReplyDialog"));
this.PageContext.AddLoadMessage(message: this.GetText(tag: "SPAM_MESSAGE"), messageType: MessageTypes.danger);
return;
case 3:
this.Logger.Log(
userId: this.PageContext.PageUserID,
source: "Spam Message Detected",
description: string
.Format(
format: "Spam Check detected possible SPAM ({1}) posted by User: {0}, user was deleted and bannded",
arg0: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName,
arg1: spamResult),
eventType: EventLogTypes.SpamMessageDetected);
var userIp = new CombinedUserDataHelper(
membershipUser: this.PageContext.CurrentUserData.Membership,
userId: this.PageContext.PageUserID).LastIP;
UserMembershipHelper.DeleteAndBanUser(
userID: this.PageContext.PageUserID,
user: this.PageContext.CurrentUserData.Membership,
userIpAddress: userIp);
return;
}
}
// Check posts for urls if the user has only x posts
if (YafContext.Current.CurrentUserData.NumPosts
<= YafContext.Current.Get <YafBoardSettings>().IgnoreSpamWordCheckPostCount &&
!this.PageContext.IsAdmin && !this.PageContext.ForumModeratorAccess)
{
var urlCount = UrlHelper.CountUrls(message: this.quickReplyEditor.Text);
if (urlCount > this.PageContext.BoardSettings.AllowedNumberOfUrls)
{
spamResult =
$"The user posted {urlCount} urls but allowed only {this.PageContext.BoardSettings.AllowedNumberOfUrls}";
switch (this.Get <YafBoardSettings>().SpamMessageHandling)
{
case 0:
this.Logger.Log(
userId: this.PageContext.PageUserID,
source: "Spam Message Detected",
description: string.Format(
format: "Spam Check detected possible SPAM ({1}) posted by User: {0}",
arg0: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName,
arg1: spamResult),
eventType: EventLogTypes.SpamMessageDetected);
break;
case 1:
spamApproved = false;
isPossibleSpamMessage = true;
this.Logger.Log(
userId: this.PageContext.PageUserID,
source: "Spam Message Detected",
description: string
.Format(
format: "Spam Check detected possible SPAM ({1}) posted by User: {0}, it was flagged as unapproved post",
arg0: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName,
arg1: spamResult),
eventType: EventLogTypes.SpamMessageDetected);
break;
case 2:
this.Logger.Log(
userId: this.PageContext.PageUserID,
source: "Spam Message Detected",
description: string
.Format(
format: "Spam Check detected possible SPAM ({1}) posted by User: {0}, post was rejected",
arg0: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName,
arg1: spamResult),
eventType: EventLogTypes.SpamMessageDetected);
YafContext.Current.PageElements.RegisterJsBlockStartup(
name: "openModalJs",
script: JavaScriptBlocks.OpenModalJs(clientId: "QuickReplyDialog"));
this.PageContext.AddLoadMessage(message: this.GetText(tag: "SPAM_MESSAGE"), messageType: MessageTypes.danger);
return;
case 3:
this.Logger.Log(
userId: this.PageContext.PageUserID,
source: "Spam Message Detected",
description: string
.Format(
format: "Spam Check detected possible SPAM ({1}) posted by User: {0}, user was deleted and bannded",
arg0: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName,
arg1: spamResult),
eventType: EventLogTypes.SpamMessageDetected);
var userIp = new CombinedUserDataHelper(
membershipUser: this.PageContext.CurrentUserData.Membership,
userId: this.PageContext.PageUserID).LastIP;
UserMembershipHelper.DeleteAndBanUser(
userID: this.PageContext.PageUserID,
user: this.PageContext.CurrentUserData.Membership,
userIpAddress: userIp);
return;
}
}
}
if (!this.PageContext.IsGuest)
{
this.UpdateWatchTopic(userId: this.PageContext.PageUserID, topicId: this.PageContext.PageTopicID);
}
}
// If Forum is Moderated
if (isForumModerated)
{
spamApproved = false;
}
// Bypass Approval if Admin or Moderator
if (this.PageContext.IsAdmin || this.PageContext.ForumModeratorAccess)
{
spamApproved = true;
}
var messageFlags = new MessageFlags
{
IsHtml = this.quickReplyEditor.UsesHTML,
IsBBCode = this.quickReplyEditor.UsesBBCode,
IsApproved = spamApproved
};
// Bypass Approval if Admin or Moderator.
this.GetRepository <Message>().Save(
topicId: topicId,
userId: this.PageContext.PageUserID,
message: message,
guestUserName: null,
ip: this.Get <HttpRequestBase>().GetUserRealIPAddress(),
posted: DateTime.UtcNow,
replyTo: replyTo.ToType <int>(),
flags: messageFlags.BitValue,
messageID: ref messageId);
// Check to see if the user has enabled "auto watch topic" option in his/her profile.
if (this.PageContext.CurrentUserData.AutoWatchTopics)
{
var watchTopicId = this.GetRepository <WatchTopic>().Check(
userId: this.PageContext.PageUserID,
topicId: this.PageContext.PageTopicID);
if (!watchTopicId.HasValue)
{
// subscribe to this topic
this.GetRepository <WatchTopic>().Add(userID: this.PageContext.PageUserID, topicID: this.PageContext.PageTopicID);
}
}
if (messageFlags.IsApproved)
{
// send new post notification to users watching this topic/forum
this.Get <ISendNotification>().ToWatchingUsers(newMessageId: messageId.ToType <int>());
if (Config.IsDotNetNuke && !this.PageContext.IsGuest)
{
this.Get <IActivityStream>().AddReplyToStream(
forumID: this.PageContext.PageForumID,
topicID: this.PageContext.PageTopicID,
messageID: messageId.ToType <int>(),
topicTitle: this.PageContext.PageTopicName,
message: message);
}
// redirect to newly posted message
YafBuildLink.Redirect(page: ForumPages.posts, format: "m={0}&#post{0}", messageId);
}
else
{
if (this.Get <YafBoardSettings>().EmailModeratorsOnModeratedPost)
{
// not approved, notifiy moderators
this.Get <ISendNotification>().ToModeratorsThatMessageNeedsApproval(
forumId: this.PageContext.PageForumID,
newMessageId: messageId.ToType <int>(),
isSpamMessage: isPossibleSpamMessage);
}
var url = YafBuildLink.GetLink(page: ForumPages.topics, format: "f={0}", this.PageContext.PageForumID);
if (Config.IsRainbow)
{
YafBuildLink.Redirect(page: ForumPages.info, format: "i=1");
}
else
{
YafBuildLink.Redirect(page: ForumPages.info, format: "i=1&url={0}", this.Server.UrlEncode(s: url));
}
}
}
catch (Exception exception)
{
if (exception.GetType() != typeof(ThreadAbortException))
{
this.Logger.Log(userId: this.PageContext.PageUserID, source: this, exception: exception);
}
}
}
/// <summary>
/// The quick reply_ click.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param>
protected void QuickReplyClick([NotNull] object sender, [NotNull] EventArgs e)
{
try
{
if (this.quickReplyEditor.Text.Length <= 0)
{
this.PageContext.PageElements.RegisterJsBlockStartup(
"openModalJs",
JavaScriptBlocks.OpenModalJs("QuickReplyDialog"));
this.PageContext.AddLoadMessage(this.GetText("EMPTY_MESSAGE"), MessageTypes.warning);
return;
}
// No need to check whitespace if they are actually posting something
if (this.Get <BoardSettings>().MaxPostSize > 0 &&
this.quickReplyEditor.Text.Length >= this.Get <BoardSettings>().MaxPostSize)
{
this.PageContext.PageElements.RegisterJsBlockStartup(
"openModalJs",
JavaScriptBlocks.OpenModalJs("QuickReplyDialog"));
this.PageContext.AddLoadMessage(this.GetText("ISEXCEEDED"), MessageTypes.warning);
return;
}
if (this.EnableCaptcha() && !CaptchaHelper.IsValid(this.tbCaptcha.Text.Trim()))
{
this.PageContext.PageElements.RegisterJsBlockStartup(
"openModalJs",
JavaScriptBlocks.OpenModalJs("QuickReplyDialog"));
this.PageContext.AddLoadMessage(this.GetText("BAD_CAPTCHA"), MessageTypes.warning);
return;
}
if (!(this.PageContext.IsAdmin || this.PageContext.ForumModeratorAccess) &&
this.Get <BoardSettings>().PostFloodDelay > 0)
{
if (this.PageContext.Get <ISession>().LastPost
> DateTime.UtcNow.AddSeconds(-this.Get <BoardSettings>().PostFloodDelay))
{
this.PageContext.PageElements.RegisterJsBlockStartup(
"openModalJs",
JavaScriptBlocks.OpenModalJs("QuickReplyDialog"));
this.PageContext.AddLoadMessage(
this.GetTextFormatted(
"wait",
(this.PageContext.Get <ISession>().LastPost
- DateTime.UtcNow.AddSeconds(-this.Get <BoardSettings>().PostFloodDelay)).Seconds),
MessageTypes.warning);
return;
}
}
this.PageContext.Get <ISession>().LastPost = DateTime.UtcNow;
// post message...
var message = this.quickReplyEditor.Text;
long topicId = this.PageContext.PageTopicID;
// SPAM Check
// Check if Forum is Moderated
var isForumModerated = false;
var dt = this.GetRepository <Forum>().List(
this.PageContext.PageBoardID,
this.PageContext.PageForumID);
var forumInfo = dt.FirstOrDefault();
if (forumInfo != null)
{
isForumModerated = this.CheckForumModerateStatus(forumInfo);
}
var spamApproved = true;
var isPossibleSpamMessage = false;
// Check for SPAM
if (!this.PageContext.IsAdmin && !this.PageContext.ForumModeratorAccess &&
!this.Get <BoardSettings>().SpamServiceType.Equals(0))
{
// Check content for spam
if (this.Get <ISpamCheck>().CheckPostForSpam(
this.PageContext.IsGuest ? "Guest" : this.PageContext.User.DisplayOrUserName(),
this.PageContext.Get <HttpRequestBase>().GetUserRealIPAddress(),
this.quickReplyEditor.Text,
this.PageContext.IsGuest ? null : this.PageContext.MembershipUser.Email,
out var spamResult))
{
var description =
$@"Spam Check detected possible SPAM ({spamResult})
posted by User: {(this.PageContext.IsGuest ? "Guest" : this.PageContext.User.DisplayOrUserName())}";
switch (this.Get <BoardSettings>().SpamMessageHandling)
{
case 0:
this.Logger.SpamMessageDetected(
this.PageContext.PageUserID,
description);
break;
case 1:
spamApproved = false;
isPossibleSpamMessage = true;
this.Logger.SpamMessageDetected(
this.PageContext.PageUserID,
$"{description}, it was flagged as unapproved post");
break;
case 2:
this.Logger.SpamMessageDetected(
this.PageContext.PageUserID,
$"{description}, post was rejected");
this.PageContext.PageElements.RegisterJsBlockStartup(
"openModalJs",
JavaScriptBlocks.OpenModalJs("QuickReplyDialog"));
this.PageContext.AddLoadMessage(this.GetText("SPAM_MESSAGE"), MessageTypes.danger);
return;
case 3:
this.Logger.SpamMessageDetected(
this.PageContext.PageUserID,
$"{description}, user was deleted and bannded");
this.Get <IAspNetUsersHelper>().DeleteAndBanUser(
this.PageContext.PageUserID,
this.PageContext.MembershipUser,
this.PageContext.User.IP);
return;
}
}
if (this.Get <ISpamCheck>().ContainsSpamUrls(this.quickReplyEditor.Text))
{
return;
}
if (!this.PageContext.IsGuest)
{
this.UpdateWatchTopic(this.PageContext.PageUserID, this.PageContext.PageTopicID);
}
}
// If Forum is Moderated
if (isForumModerated)
{
spamApproved = false;
}
// Bypass Approval if Admin or Moderator
if (this.PageContext.IsAdmin || this.PageContext.ForumModeratorAccess)
{
spamApproved = true;
}
var messageFlags = new MessageFlags
{
IsHtml = this.quickReplyEditor.UsesHTML,
IsBBCode = this.quickReplyEditor.UsesBBCode,
IsApproved = spamApproved
};
// Bypass Approval if Admin or Moderator.
var messageId = this.GetRepository <Message>().SaveNew(
topicId,
this.PageContext.PageUserID,
message,
null,
this.Get <HttpRequestBase>().GetUserRealIPAddress(),
DateTime.UtcNow,
null,
messageFlags);
// Check to see if the user has enabled "auto watch topic" option in his/her profile.
if (this.PageContext.User.AutoWatchTopics)
{
var watchTopicId = this.GetRepository <WatchTopic>().Check(
this.PageContext.PageUserID,
this.PageContext.PageTopicID);
if (!watchTopicId.HasValue)
{
// subscribe to this topic
this.GetRepository <WatchTopic>().Add(this.PageContext.PageUserID, this.PageContext.PageTopicID);
}
}
if (messageFlags.IsApproved)
{
// send new post notification to users watching this topic/forum
this.Get <ISendNotification>().ToWatchingUsers(messageId.ToType <int>());
if (!this.PageContext.IsGuest && this.PageContext.User.Activity)
{
this.Get <IActivityStream>().AddReplyToStream(
this.PageContext.PageForumID,
this.PageContext.PageTopicID,
messageId.ToType <int>(),
this.PageContext.PageTopicName,
message);
}
// redirect to newly posted message
BuildLink.Redirect(
ForumPages.Posts,
"m={0}&name={1}&#post{0}",
messageId,
this.PageContext.PageTopicName);
}
else
{
if (this.Get <BoardSettings>().EmailModeratorsOnModeratedPost)
{
// not approved, notify moderators
this.Get <ISendNotification>().ToModeratorsThatMessageNeedsApproval(
this.PageContext.PageForumID,
messageId.ToType <int>(),
isPossibleSpamMessage);
}
var url = BuildLink.GetForumLink(this.PageContext.PageForumID, this.PageContext.PageForumName);
BuildLink.Redirect(ForumPages.Info, "i=1&url={0}", this.Server.UrlEncode(url));
}
}
catch (Exception exception)
{
if (exception.GetType() != typeof(ThreadAbortException))
{
this.Logger.Log(this.PageContext.PageUserID, this, exception);
}
}
}
/// <summary>
/// The create user wizard 1_ creating user.
/// </summary>
/// <param name="sender">
/// The sender.
/// </param>
/// <param name="e">
/// The e.
/// </param>
/// <exception cref="ArgumentNullException">Argument is null.</exception>
protected void CreateUserWizard1_CreatingUser(object sender, LoginCancelEventArgs e)
{
string userName = this.CreateUserWizard1.UserName;
if (userName.IsNotSet())
{
throw new ArgumentNullException("CreateUserWizard.UserName", "UserName from CreateUserWizard is Null!");
}
else
{
userName = userName.Trim();
}
// trim username on postback
this.CreateUserWizard1.UserName = userName;
// username cannot contain semi-colon or to be a bad word
bool badWord =
this.Get <YafBadWordReplace>().ReplaceItems.Exists(
i => userName.Equals(i.BadWord, StringComparison.CurrentCultureIgnoreCase));
string guestUserName = UserMembershipHelper.GuestUserName;
guestUserName = guestUserName.IsSet() ? guestUserName.ToLower() : String.Empty;
if (userName.Contains(";") || badWord || userName.ToLower().Equals(guestUserName))
{
this.PageContext.AddLoadMessage(this.GetText("BAD_USERNAME"));
e.Cancel = true;
return;
}
if (userName.Length > this.PageContext.BoardSettings.UserNameMaxLength)
{
this.PageContext.AddLoadMessage(
this.GetTextFormatted("USERNAME_TOOLONG", this.PageContext.BoardSettings.UserNameMaxLength));
e.Cancel = true;
return;
}
if (this.PageContext.BoardSettings.EnableDisplayName)
{
var displayName = this.CreateUserStepContainer.FindControlAs <TextBox>("DisplayName");
if (displayName != null)
{
if (displayName.Text.Length > this.PageContext.BoardSettings.UserNameMaxLength)
{
this.PageContext.AddLoadMessage(
this.GetTextFormatted("USERNAME_TOOLONG", this.PageContext.BoardSettings.UserNameMaxLength));
e.Cancel = true;
return;
}
if (this.PageContext.UserDisplayName.GetId(displayName.Text.Trim()).HasValue)
{
this.PageContext.AddLoadMessage(this.GetText("ALREADY_REGISTERED_DISPLAYNAME"));
e.Cancel = true;
}
}
}
var yafCaptchaText = this.CreateUserStepContainer.FindControlAs <TextBox>("tbCaptcha");
// vzrus: Here recaptcha should be always valid. This piece of code for testing only.
if (this.PageContext.BoardSettings.CaptchaTypeRegister == 2)
{
var recaptcha = this.CreateUserWizard1.FindWizardControlRecursive("Recaptcha1").ToClass <RecaptchaControl>();
if (recaptcha != null && !recaptcha.IsValid)
{
this.PageContext.AddLoadMessage(this.GetText("BAD_CAPTCHA"));
e.Cancel = true;
}
}
// verify captcha if enabled
if (this.PageContext.BoardSettings.CaptchaTypeRegister == 1 && !CaptchaHelper.IsValid(yafCaptchaText.Text.Trim()))
{
this.PageContext.AddLoadMessage(this.GetText("BAD_CAPTCHA"));
e.Cancel = true;
}
}
/// <summary>
/// Handles verification of the PostReply. Adds javascript message if there is a problem.
/// </summary>
/// <returns>
/// true if everything is verified
/// </returns>
protected bool IsPostReplyVerified()
{
// To avoid posting whitespace(s) or empty messages
string postedMessage = this._forumEditor.Text.Trim();
if (postedMessage.IsNotSet())
{
this.PageContext.AddLoadMessage(this.GetText("ISEMPTY"));
return(false);
}
// No need to check whitespace if they are actually posting something
if (this._forumEditor.Text.Length >= YafContext.Current.BoardSettings.MaxPostSize)
{
this.PageContext.AddLoadMessage(this.GetText("ISEXCEEDED"));
return(false);
}
if (this.SubjectRow.Visible && this.TopicSubjectTextBox.Text.IsNotSet())
{
this.PageContext.AddLoadMessage(this.GetText("NEED_SUBJECT"));
return(false);
}
if (DB.topic_findduplicate(this.TopicSubjectTextBox.Text.Trim()) == 1 && this.TopicID == null && this.EditMessageID == null)
{
this.PageContext.AddLoadMessage(this.GetText("SUBJECT_DUPLICATE"));
return(false);
}
if (((this.PageContext.IsGuest && this.PageContext.BoardSettings.EnableCaptchaForGuests) ||
(this.PageContext.BoardSettings.EnableCaptchaForPost && !this.PageContext.IsCaptchaExcluded)) && !CaptchaHelper.IsValid(this.tbCaptcha.Text.Trim()))
{
this.PageContext.AddLoadMessage(this.GetText("BAD_CAPTCHA"));
return(false);
}
return(true);
}
