/// <summary>
/// Registers a new user, using the properties of this class.
/// </summary>
/// <param name="nickName">Name of the nick.</param>
/// <param name="dateOfBirth">The date of birth.</param>
/// <param name="emailAddress">The email address.</param>
/// <param name="emailAddressIsPublic">flag to signal if the emailaddress is visible for everyone or not</param>
/// <param name="iconURL">The icon URL.</param>
/// <param name="ipNumber">The ip number.</param>
/// <param name="location">The location.</param>
/// <param name="occupation">The occupation.</param>
/// <param name="signature">The signature.</param>
/// <param name="website">The website.</param>
/// <param name="emailTemplatePath">The email template path.</param>
/// <param name="emailData">The email data.</param>
/// <param name="autoSubscribeThreads">Default value when user creates new threads.</param>
/// <param name="defaultMessagesPerPage">Messages per page to display</param>
/// <returns>
/// UserID of new user or 0 if registration failed.
/// </returns>
public static int RegisterNewUser(string nickName, DateTime?dateOfBirth, string emailAddress, bool emailAddressIsPublic, string iconURL,
string ipNumber, string location, string occupation, string signature, string website, string emailTemplatePath, Dictionary <string, string> emailData, ParserData parserData,
bool autoSubscribeThreads, short defaultMessagesPerPage)
{
UserEntity newUser = new UserEntity();
// initialize objects
newUser.AmountOfPostings = 0;
newUser.DateOfBirth = dateOfBirth;
newUser.EmailAddress = emailAddress;
newUser.EmailAddressIsPublic = emailAddressIsPublic;
newUser.IPNumber = ipNumber;
newUser.IconURL = iconURL;
newUser.IsBanned = false;
newUser.JoinDate = DateTime.Now;
newUser.Location = location;
newUser.NickName = nickName;
newUser.Occupation = occupation;
newUser.Signature = signature;
newUser.Website = website;
string password = HnDGeneralUtils.GenerateRandomPassword();
newUser.Password = HnDGeneralUtils.CreateMD5HashedBase64String(password);
//Preferences
newUser.AutoSubscribeToThread = autoSubscribeThreads;
newUser.DefaultNumberOfMessagesPerPage = defaultMessagesPerPage;
if (!string.IsNullOrEmpty(signature))
{
newUser.SignatureAsHTML = TextParser.TransformSignatureUBBStringToHTML(signature, parserData);
}
else
{
newUser.SignatureAsHTML = "";
}
//Fetch the SystemDataEntity to use the "DefaultUserTitleNewUser" as the user title & the "DefaultRoleNewUser"
// as the roleID of the newly created RoleUserEntity.
SystemDataEntity systemData = SystemGuiHelper.GetSystemSettings();
newUser.UserTitleID = systemData.DefaultUserTitleNewUser;
RoleUserEntity roleUser = new RoleUserEntity();
roleUser.RoleID = systemData.DefaultRoleNewUser;
roleUser.User = newUser;
// first encode fields which could lead to cross-site-scripting attacks
EncodeUserTextFields(newUser);
// now save the new user entity and the new RoleUser entity recursively in one go. This will create a transaction for us
// under the hood so we don't have to do that ourselves.
if (newUser.Save(true))
{
// all ok, Email the password
bool result = HnDGeneralUtils.EmailPassword(password, emailAddress, emailTemplatePath, emailData);
}
return(newUser.UserID);
}
/// <summary>
/// Updates the given user's profile data using the values of the properties of this class.
/// </summary>
/// <param name="userID">The user ID.</param>
/// <param name="dateOfBirth">The date of birth.</param>
/// <param name="emailAddress">The email address.</param>
/// <param name="emailAddressIsPublic">flag to signal if the emailaddress is visible for everyone or not</param>
/// <param name="iconURL">The icon URL.</param>
/// <param name="location">The location.</param>
/// <param name="occupation">The occupation.</param>
/// <param name="password">The password.</param>
/// <param name="signature">The signature.</param>
/// <param name="website">The website.</param>
/// <param name="userTitleID">The user title ID.</param>
/// <param name="parserData">The parser data.</param>
/// <param name="autoSubscribeThreads">Default value when user creates new threads.</param>
/// <param name="defaultMessagesPerPage">Messages per page to display</param>
/// <returns>true if succeeded, false otherwise</returns>
public static bool UpdateUserProfile(int userID, DateTime?dateOfBirth, string emailAddress, bool emailAddressIsPublic, string iconURL,
string location, string occupation, string password, string signature, string website, int userTitleID, ParserData parserData,
bool autoSubscribeThreads, short defaultMessagesPerPage)
{
UserEntity user = UserGuiHelper.GetUser(userID);
if (user == null)
{
// not found
return(false);
}
user.DateOfBirth = dateOfBirth;
user.EmailAddress = emailAddress;
user.EmailAddressIsPublic = emailAddressIsPublic;
user.IconURL = iconURL;
user.Location = location;
user.Occupation = occupation;
user.UserTitleID = userTitleID;
if (!string.IsNullOrEmpty(password))
{
user.Password = HnDGeneralUtils.CreateMD5HashedBase64String(password);
}
user.Signature = signature;
if (!string.IsNullOrEmpty(signature))
{
user.SignatureAsHTML = TextParser.TransformSignatureUBBStringToHTML(signature, parserData);
}
else
{
user.SignatureAsHTML = "";
}
user.Website = website;
//Preferences
user.AutoSubscribeToThread = autoSubscribeThreads;
user.DefaultNumberOfMessagesPerPage = defaultMessagesPerPage;
// first encode fields which could lead to cross-site-scripting attacks
EncodeUserTextFields(user);
// Update the record
return(user.Save(true));
}
/// <summary>
/// Authenticates the user with the given Nickname and the given Password.
/// </summary>
/// <param name="nickName">Nickname of the user</param>
/// <param name="password">Password of the user</param>
/// <returns>AuthenticateResult.AllOk if the user could be authenticated,
/// AuthenticateResult.WrongUsernamePassword if user couldn't be authenticated given the current credentials,
/// AuthenticateResult.IsBanned if the user is banned. </returns>
public static AuthenticateResult AuthenticateUser(string nickName, string password, out UserEntity user)
{
// fetch the Roles related to the user when fetching the user, using a prefetchPath object.
PrefetchPath prefetchPath = new PrefetchPath((int)EntityType.UserEntity);
prefetchPath.Add(UserEntity.PrefetchPathRoles);
// fetch the user data using the nickname which has a unique constraint
user = new UserEntity();
bool fetchResult = user.FetchUsingUCNickName(nickName, prefetchPath);
if (!fetchResult)
{
// not found. Simply return that the user has specified a wrong username/password combination.
return(AuthenticateResult.WrongUsernamePassword);
}
// user was found, check if the user can be authenticated and has specified the correct password.
if (user.IsBanned)
{
// user is banned. We'll report that to the caller
return(AuthenticateResult.IsBanned);
}
else
{
// check password and UserID. We disallow the user with id 0 to login as that's the anonymous coward ID for a user not logged in.
string md5HashedPassword = HnDGeneralUtils.CreateMD5HashedBase64String(password);
if ((md5HashedPassword == user.Password) && (user.UserID != Globals.UserIDToDenyLogin))
{
// correct username/password combination
return(AuthenticateResult.AllOk);
}
else
{
// something was wrong, report wrong authentication combination
return(AuthenticateResult.WrongUsernamePassword);
}
}
}
/// <summary>
/// Resets the user's Password by generating a new random password which is mailed to
/// the emailaddress specified. Will fail if the nickname doesn't exist or the emailaddress
/// doesn't match with the specified emailaddress of the nickname in the database.
/// </summary>
/// <param name="nickName">Nickname of user which password should be reset</param>
/// <param name="emailAddress">Emailaddress of user</param>
/// <param name="emailTemplate">The email template.</param>
/// <param name="emailData">The email data.</param>
/// <returns>true if succeed, false otherwise</returns>
/// <exception cref="NickNameNotFoundException">Throws NickNameNotFoundException when the nickname isn't found.</exception>
/// <exception cref="EmailAddressDoesntMatchException">Throws EmailAddressDoesntMatchException when the emailaddress of the nickname isn't matching
/// with the emailaddress specified.</exception>
public static bool ResetPassword(string nickName, string emailAddress, string emailTemplate, Dictionary <string, string> emailData)
{
UserEntity user = new UserEntity();
// fetch the user using the unique constraint fetch logic on nickname
bool fetchResult = user.FetchUsingUCNickName(nickName);
if (!fetchResult)
{
// not found
throw new NickNameNotFoundException("Nickname: '" + nickName + "' not found");
}
// check emailaddress
if (user.EmailAddress.ToLowerInvariant() != emailAddress.ToLowerInvariant())
{
// no match
throw new EmailAddressDoesntMatchException("Emailaddress '" + emailAddress + "' doesn't match.");
}
// does match, reset the password
string newPassword = HnDGeneralUtils.GenerateRandomPassword();
// hash the password with an MD5 hash and store that hashed value into the database.
user.Password = HnDGeneralUtils.CreateMD5HashedBase64String(newPassword);
// store it
bool result = user.Save();
if (result)
{
// mail it
result = HnDGeneralUtils.EmailPassword(newPassword, emailAddress, emailTemplate, emailData);
}
//done
return(result);
}
