//comment part
protected void PostCommentButton_Click(object sender, EventArgs e)
{
if (Session["dulyNoted"] != null)
{
// no blank comments
if (txtCommentTextBox.Text.Trim() != "")
{
DulyDBDataContext dc = new DulyDBDataContext();
int uId = int.Parse(Session["dulyNoted"].ToString());
int nId = int.Parse(Request.QueryString["Note"]);
//create new comment
var newComment = new Comment
{
userId = uId,
noteId = nId,
comment1 = txtCommentTextBox.Text,
commentedTime = DateTime.Now
};
dc.Comments.InsertOnSubmit(newComment);
dc.SubmitChanges();
showComments();
//reset the text box
txtCommentTextBox.Text = "";
}
}
else
{
doLogin();
}
}
protected void lnkDel_Click(object sender, EventArgs e)
{
DulyDBDataContext dc = new DulyDBDataContext();
var query = (from u in dc.Users
where u.userId == int.Parse(Session["dulyNoted"].ToString())
select u).First();
//get all the note
var note = from n in dc.Notes
where n.userId == query.userId
select n;
var comment = from c in dc.Comments
where c.userId == query.userId
select c;
//delete note
dc.Notes.DeleteAllOnSubmit(note);
dc.Comments.DeleteAllOnSubmit(comment);
//delete account
dc.Users.DeleteOnSubmit(query);
dc.SubmitChanges();
//abandon session
Session.Abandon();
Response.Redirect("~/LogoutConfirm.aspx");
}
//delete note
protected void GridView1_RowDeleting(object sender, GridViewDeleteEventArgs e)
{
//get note Id
int nId = int.Parse(GridView1.DataKeys[e.RowIndex].Value.ToString());
var dc = new DulyDBDataContext();
//get all comments
var comment = from c in dc.Comments
where c.noteId == nId
select c;
//delete the comments
dc.Comments.DeleteAllOnSubmit(comment);
/* This is one way to get the note to delete
* var note = (from n in dc.Notes
* where n.noteId == nId
* select n).Single();
*
* dc.Notes.DeleteOnSubmit(note);
*/
//same as above but using LAMBDA
dc.Notes.DeleteOnSubmit(dc.Notes.Single(n => n.noteId == nId));
dc.SubmitChanges();
BindData();
}
protected void OnSelectedIndexChanged(object sender, EventArgs e)
{
string title = GridView1.SelectedRow.Cells[0].Text;
var dc = new DulyDBDataContext();
var qNote = from n in dc.Notes
where n.title == title
select n;
foreach (var noteTitle in qNote)
{
dc.Notes.DeleteOnSubmit(noteTitle);
}
dc.SubmitChanges();
int sId = getSid();
if (sId != -1)
{
BindData(sId);
}
else
{
Response.Redirect("~/AdminPage.aspx");
}
}
protected void rating(string action)
{
//check for logged in
if (Session["dulyNoted"] == null)
{
doLogin();
}
else
{
int nId = int.Parse(Request.QueryString["Note"]);
var dc = new DulyDBDataContext();
var query = (from n in dc.Notes
where n.noteId == nId
select n).First();
//get user Id
int userId = int.Parse(Session["dulyNoted"].ToString());
//call the votingRecord
voteRecord(userId, nId);
//then just update the voting
var qvote = (from v in dc.VotingChecks
where v.userId == userId && v.noteId == nId
select v).First();
switch (action)
{
case "Up":
query.upVoteCounter += 1;
qvote.voted = true;
disableVoting();
break;
case "Down":
query.downVoteCounter += 1;
qvote.voted = true;
disableVoting();
break;
case "Flag":
query.numberTimesFlagged += 1;
qvote.flagged = true;
btnFlag.Enabled = false;
break;
}
dc.SubmitChanges();
}
}
protected void btnChangePass_Click(object sender, EventArgs e)
{
DulyDBDataContext dc = new DulyDBDataContext();
int userId = int.Parse(Session["dulyNoted"].ToString());
// retrieve the salt for the given username
//query the user table
var saltQuery = from u in dc.Users
where u.userId == userId
select u.salt;
string userSalt = saltQuery.First();
var query = from r in dc.PasswordRecoveries
where r.userId == userId && r.validCode == hashPassword(txtTempPass.Text.Trim(), userSalt)
select r;
if (query.Count() > 0)
{
var user = (from u in dc.Users
where u.userId == userId
select u).First();
// create a new salt for the new password
string newSalt = createSalt(24);
// update password and salt in database
user.password = hashPassword(txtNewPass.Text.Trim(), newSalt);
user.salt = newSalt;
//delete the temp pass
dc.PasswordRecoveries.DeleteOnSubmit(query.First());
dc.SubmitChanges();
lblError.Text = "Successfully changed Password. You will be redirected to member page shortly";
//redirect to member
string PageUrl = "Member.aspx";
Page.Header.Controls.Add(new LiteralControl(string.Format("<META http-equiv=\"REFRESH\" content=\"3;url={0}\" > ", PageUrl)));
}
else //no match
{
lblError.Text = "Please Check your Temporary password again!";
}
}
protected void banUser(object sender, EventArgs e)
{
var dc = new DulyDBDataContext();
var qUser = (from u in dc.Users
where u.displayName == txtUsername.Text
select u).First();
var banUser = new BannedEmail
{
email = qUser.email
};
dc.BannedEmails.InsertOnSubmit(banUser);
dc.SubmitChanges();
banStatus(qUser.email);
binddata(qUser.userId);
}
//--------------------change pass part --------------------------------------------
protected void btnChangePass_Click(object sender, EventArgs e)
{
DulyDBDataContext dc = new DulyDBDataContext();
// query db using the userID for the password salt
var saltQuery = from u in dc.Users
where u.userId == int.Parse(Session["dulyNoted"].ToString())
select u.salt;
string userSalt = saltQuery.First();
string hashedPassword = "******";
// make sure the user was found
if (saltQuery.Count() > 0)
{
// makes sure there was a valid salt
if (userSalt != null)
{
hashedPassword = hashPassword(txtCurrentPass.Text, userSalt);
}
}
var query = from u in dc.Users
where u.userId == int.Parse(Session["dulyNoted"].ToString()) && u.password == hashedPassword
select u;
if (query.Count() > 0)
{
var user = query.First();
userSalt = createSalt(24);
hashedPassword = hashPassword(txtNewPass.Text, userSalt);
user.password = hashedPassword;
user.salt = userSalt;
dc.SubmitChanges();
lblError.Text = "Password successfully changed";
lblError.ForeColor = System.Drawing.Color.Blue;
}
else //no match
{
lblError.ForeColor = System.Drawing.Color.Red;
lblError.Text = "Please Check your current password again!";
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!this.IsPostBack)
{
string nActivationCode = !string.IsNullOrEmpty(Request.QueryString["activationCode"]) ? Request.QueryString["activationCode"] : Guid.Empty.ToString();
DulyDBDataContext dc = new DulyDBDataContext();
if (dc.UserActivations.Any(a => a.activationCode == nActivationCode))
{
dc.UserActivations.DeleteOnSubmit(dc.UserActivations.Single(d => d.activationCode == nActivationCode));
dc.SubmitChanges();
ltMessage.Text = "Activation successful. Welcome to DulyNoted";
}
else
{
ltMessage.Text = "Invalid Activation code.";
}
}
}
protected void DeleteNote()
{
int nId = int.Parse(Request.QueryString["Note"]);
var dc = new DulyDBDataContext();
var comment = from c in dc.Comments
where c.noteId == nId
select c;
//delete the comments
dc.Comments.DeleteAllOnSubmit(comment);
//delete the note from the database
dc.Notes.DeleteOnSubmit(dc.Notes.Single(n => n.noteId == nId));
dc.SubmitChanges();
//return to member page
Response.Redirect("~/Member.aspx");
}
//register button
protected void RegisterUser(object sender, EventArgs e)
{
DulyDBDataContext dc = new DulyDBDataContext();
bool nameCheck = dc.Users.Any(u => u.displayName == txtDisplayName.Text.Trim());
bool emailCheck = dc.Users.Any(u => u.email == txtEmail.Text.Trim());
string message = string.Empty;
//check for exist user
if (nameCheck)
{
message = "Display name already exists.\\nPlease choose a different Display name.";
}
else if (emailCheck)
{
message = "This email address has already been used.";
}
else
{
string salt = createSalt(24);
var newUser = new User
{
email = txtEmail.Text.Trim(),
password = hashPassword(txtPassword.Text.Trim(), salt),
displayName = txtDisplayName.Text.Trim(),
firstName = txtFirstName.Text.Trim(),
lastName = txtLastName.Text.Trim(),
createdDate = DateTime.Now,
salt = salt,
};
dc.Users.InsertOnSubmit(newUser);
dc.SubmitChanges();
//send activation email
SendActivationEmail(newUser.userId);
//redirect to confirm page
string url = "~/Registration_Success.aspx?Email=" + txtEmail.Text.Trim();
Response.Redirect(url);
}
ClientScript.RegisterStartupScript(GetType(), "alert", "alert('" + message + "');", true);
}
//activation
private void SendActivationEmail(int Id)
{
DulyDBDataContext dc = new DulyDBDataContext();
string nActivationCode = Guid.NewGuid().ToString();//generate the code using Guid
var activation = new UserActivation
{
userId = Id,
activationCode = nActivationCode
};
dc.UserActivations.InsertOnSubmit(activation);
dc.SubmitChanges();
//sending email
using (MailMessage mm = new MailMessage("*****@*****.**", txtEmail.Text))
{
mm.Subject = "DulyNoted Account Activation";
string body = "Hi " + txtDisplayName.Text.Trim() + ",";
body += "<br /><br />You're one step away from becoming a DulyNoted member.";
body += "<br/> <br/> Below is your account login information:";
body += "<br/> email: " + txtEmail.Text.Trim();
body += "<br/> First Name: " + txtFirstName.Text.Trim();
body += "<br/> Last Name: " + txtLastName.Text.Trim();
body += "<br /><br />Please click the following link to activate your account";
body += "<br /><a href = '" + Request.Url.AbsoluteUri.Replace("Register.aspx", "Activation_Page.aspx?activationCode=" + nActivationCode + "'>Click here to activate</a>");
body += "<br /><br />If you have any problems verifying your account please reply to this email";
body += "<br /><br />Welcome to DulyNoted";
body += "<br /> DulyNoted Development Team";
mm.Body = body;
mm.IsBodyHtml = true;
SmtpClient smtp = new SmtpClient();
//SMTP , using gmail... will switch to our own if if we have time to create our SMTP host.
smtp.Host = "smtp.gmail.com";
smtp.EnableSsl = true;
//lol it the username and password (I know it's not encrypted) for gmail account.
NetworkCredential NetworkCred = new NetworkCredential("*****@*****.**", "DulyPassword");
smtp.UseDefaultCredentials = true;
smtp.Credentials = NetworkCred;
smtp.Port = 587;
smtp.Send(mm);
}
}
protected void voteRecord(int userId, int nId)
{
var dc = new DulyDBDataContext();
VotingCheck votestatus = doVotingCheck(userId);
//if there is no record, create new one
if (votestatus == null)
{
var newVotingRec = new VotingCheck
{
userId = userId,
noteId = nId,
flagged = false,
voted = false
};
dc.VotingChecks.InsertOnSubmit(newVotingRec);
dc.SubmitChanges();
}
}
////////END OF COPY FROM SEARCH
protected void OnSelectedIndexChanged(object sender, EventArgs e)
{
int NoteID = int.Parse(GridView1.SelectedRow.Cells[1].Text);
var dc = new DulyDBDataContext();
var qNote = from n in dc.Notes
where n.noteId == NoteID
select n;
foreach (var nId in qNote)
{
dc.Notes.DeleteOnSubmit(nId);
}
dc.SubmitChanges();
var qUser = (from u in dc.Users
where u.displayName == txtUsername.Text
select u).First();
binddata(qUser.userId);
}
protected void UploadButton_Click(object sender, EventArgs e)
{
if (FileUpload1.HasFile)
{
try
{
if (ddlSection.SelectedIndex != -1)
{
DulyDBDataContext dc = new DulyDBDataContext();
//get the extension
string extension = System.IO.Path.GetExtension(FileUpload1.FileName);
//generate RandomName
string random = randomName();
string newFileName = random + extension;
FileUpload1.SaveAs(HttpContext.Current.Server.MapPath("~") + "/Uploads/" +
newFileName);
//THIS IS WHERE THE PREVIEW IMG IS CREATED
//open the document
PdfManager objPdf = new PdfManager();
PdfDocument objDoc = objPdf.OpenDocument(HttpContext.Current.Server.MapPath("~") + "/Uploads/" + newFileName);
//get the first page
PdfPage firstPage = objDoc.Pages[1];
//convert to img
PdfPreview objPreview = firstPage.ToImage("ResolutionX=100; ResolutionY=100");
//save
objPreview.Save(HttpContext.Current.Server.MapPath("~") + "/Preview/" + random + ".png", true);
//END OF PREVIEW
//test link
hyperlink.NavigateUrl = "http://dulynoted-001-site1.smarterasp.net/Uploads/" + newFileName;
hyperlink.Visible = true;
var newNote = new Note
{
sId = int.Parse(ddlSection.SelectedValue),
userId = int.Parse(Session["dulyNoted"].ToString()),
numberTimesFlagged = 0,
upVoteCounter = 0,
downVoteCounter = 0,
source = "http://dulynoted-001-site1.smarterasp.net/Uploads/" + newFileName,
preview = "http://dulynoted-001-site1.smarterasp.net/Preview/" + random + ".png",
title = NoteTitle.Text,
description = NoteDescription.Text,
noteDate = Calendar_NoteDate.SelectedDate,
uploadDate = DateTime.Now
};
dc.Notes.InsertOnSubmit(newNote);
dc.SubmitChanges();
//AFTER THE FILE IS UPLOADED HERE
NoteTitle.Text = "";
NoteDescription.Text = "";
}
else
{
UploadLabel1.Text = "You must select a section.";
}
}
catch (Exception ex)
{
UploadLabel1.Text = "ERROR: " + ex.Message.ToString();
}
}
else
{
UploadLabel1.Text = "You have not specified a file.";
}
}
protected void btnReset_Click(object sender, EventArgs e)
{
DulyDBDataContext dc = new DulyDBDataContext();
if (txtEmail.Text.Trim() != "")
{
var query = from u in dc.Users
where u.email == txtEmail.Text
select u;
if (query.Count() > 0)
{
var user = query.First();
string temp = Membership.GeneratePassword(10, 5);
string hashedTemp = hashPassword(temp, user.salt);
//using userId to check if there is any record in UserActivations table
if (dc.UserActivations.Any(a => a.userId == user.userId))
{
lblError.Text = "Your account has not been activated";
}
else
{
// check the password recoveries table for existed record
var recover = from r in dc.PasswordRecoveries
where r.userId == user.userId
select r;
//if the user already asked for a temp pass, renew the temp pass
if (recover.Count() > 0)
{
var recoverEdit = recover.First();
recoverEdit.validCode = hashedTemp; //assign new pass
}
else //if this is the first attempt, create a new record
{
var recoverNew = new PasswordRecovery
{
userId = user.userId,
validCode = hashedTemp,
email = user.email
};
dc.PasswordRecoveries.InsertOnSubmit(recoverNew);
}
//yep submit the changes.
dc.SubmitChanges();
//send email
forgotPass(user.userId, user.displayName, temp);
Response.Redirect("~/Reset_Success.aspx?Email=" + txtEmail.Text);
}
}
else
{
lblError.Text = "This email has not been registered";
}
}
}
protected void btnLogin_Click(object sender, EventArgs e)
{
DulyDBDataContext dc = new DulyDBDataContext();
//check if user leave blank fields
if (txtEmail.Text.Trim() != "" && txtPassword.Text.Trim() != "")
{
//update 04-06-2015
//check if the email is banned
if (dc.BannedEmails.Any(b => b.email == txtEmail.Text))
{
lblError.Text = "Your account has been banned. Please contact customer service!";
}
else //not banned
{
// retrieve the salt for the given username
//query the user table
var saltQuery = from u in dc.Users
where u.email == txtEmail.Text
select u.salt;
string hashedPassword = "******";
// make sure the user was found
if (saltQuery.Count() > 0)
{
string userSalt = saltQuery.First();
// makes sure there was a valid salt
if (userSalt != null)
{
hashedPassword = hashPassword(txtPassword.Text.Trim(), userSalt);
}
}
//query the user table
var query = from u in dc.Users
where u.email == txtEmail.Text && u.password == hashedPassword
select u;
//query the temp password table
var fquery = from f in dc.PasswordRecoveries
where f.email == txtEmail.Text && f.validCode == hashedPassword
select f;
//check if correct email and pass "Normal login"
if (query.Count() > 0)
{
//get the user record (row) from Users table
var user = query.First();
//using userId to check if there is any record in UserActivations table
if (dc.UserActivations.Any(a => a.userId == user.userId))
{
lblError.Text = "Your account has not been activated";
}
else //already activate
{
//using session for secured page
Session["dulyNoted"] = user.userId;
//update last login date
user.lastLoginDate = DateTime.Now;
dc.SubmitChanges();
//redirect to previous page
string returnUrl = Request.QueryString["ReturnURL"];
Response.Redirect("~/" + returnUrl);
}
}
//if this user has request a forgot password
else if (fquery.Count() > 0)
{
var user = fquery.First();
//using session for secured page
Session["dulyNoted"] = user.userId;
//ask user to change his password
ScriptManager.RegisterStartupScript(this, this.GetType(), "alert",
"alert('You Should change your temporary password');window.location ='ChangeTemp.aspx';", true);
}
else // this user really has no clue about his account ;)
{
lblError.Text = "Please check your Email / password";
lnkForgotPass.Visible = true;
}
}
}
}