protected void Page_Load(object sender, EventArgs e) { Master.SelectedTab = tabID.tabUnknown; string szUser = String.Empty; if (!IsPostBack) { lblErr.Text = String.Empty; string szAuthToken = util.GetStringParam(Request, "auth"); if (!String.IsNullOrEmpty(szAuthToken)) { using (MFBWebService ws = new MFBWebService()) szUser = ws.GetEncryptedUser(szAuthToken); } bool fIsLocalOrSecure = MFBWebService.CheckSecurity(Request); // If no valid auth token, fall back to the authenticated name. if (String.IsNullOrEmpty(szUser) && Page.User.Identity.IsAuthenticated && fIsLocalOrSecure) { szUser = Page.User.Identity.Name; } // Require a secure connection for other than debugging. if (!fIsLocalOrSecure && !Request.IsSecureConnection) { szUser = string.Empty; } try { if (String.IsNullOrEmpty(szUser)) { throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized); } int idFlight = util.GetIntParam(Request, "idFlight", LogbookEntry.idFlightNew); if (idFlight == LogbookEntry.idFlightNew) { throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized); } LogbookEntry le = new LogbookEntry(); if (!le.FLoadFromDB(idFlight, szUser)) { throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized); } mfbSignFlight.Flight = le; CFIStudentMap sm = new CFIStudentMap(szUser); if (sm.Instructors.Count() == 0) { mfbSignFlight.SigningMode = Controls_mfbSignFlight.SignMode.AdHoc; mfbSignFlight.CFIProfile = null; mvSignFlight.SetActiveView(vwAcceptTerms); } else { cmbInstructors.DataSource = sm.Instructors; cmbInstructors.DataBind(); mvSignFlight.SetActiveView(vwPickInstructor); } lblHeader.Text = String.Format(System.Globalization.CultureInfo.CurrentCulture, Resources.SignOff.SignFlightHeader, MyFlightbook.Profile.GetUser(le.User).UserFullName); lblDisclaimerResponse.Text = Branding.ReBrand(Resources.SignOff.SignDisclaimerAgreement1); lblDisclaimerResponse2.Text = Branding.ReBrand(Resources.SignOff.SignDisclaimerAgreement2); } catch (MyFlightbookException ex) { lblErr.Text = ex.Message; } } }
protected void Page_Load(object sender, EventArgs e) { if (String.Compare(Request.HttpMethod, "GET", StringComparison.OrdinalIgnoreCase) == 0) { return; } if (!Request.IsSecureConnection) { throw new HttpException((int)HttpStatusCode.Forbidden, "Image upload MUST be on a secure channel"); } if (ShuntState.IsShunted) { throw new MyFlightbookException(ShuntState.ShuntMessage); } System.Web.UI.HtmlControls.HtmlInputFile imgPicture = (System.Web.UI.HtmlControls.HtmlInputFile)FindControl("imgPicture"); if (imgPicture == null) { throw new MyFlightbookException("No control named 'imgPicture' found!"); } string szErr = "OK"; try { string szUser = string.Empty; string szAuth = Request.Form["txtAuthToken"]; if (String.IsNullOrEmpty(szAuth)) { // check for an oAuth token using (OAuthServiceCall service = new OAuthServiceCall(Request)) { szAuth = service.GeneratedAuthToken; // Verify that you're allowed to modify images. if (!MFBOauthServer.CheckScope(service.Token.Scope, MFBOAuthScope.images)) { throw new UnauthorizedAccessException(String.Format(CultureInfo.CurrentCulture, "Requested action requires scope \"{0}\", which is not granted.", MFBOAuthScope.images.ToString())); } } } using (MFBWebService ws = new MFBWebService()) { szUser = ws.GetEncryptedUser(szAuth); } if (string.IsNullOrEmpty(szUser)) { throw new MyFlightbookException(Resources.WebService.errBadAuth); } HttpPostedFile pf = imgPicture.PostedFile; if (pf == null || pf.ContentLength == 0) { throw new MyFlightbookException(Resources.WebService.errNoImageProvided); } // Upload the image, and then perform a pseudo idempotency check on it. MFBImageInfo mfbii = UploadForUser(szUser, pf, Request.Form["txtComment"] ?? string.Empty); mfbii.IdempotencyCheck(); } catch (MyFlightbookException ex) { szErr = ex.Message; } Response.Clear(); Response.ContentType = "text/plain; charset=utf-8"; Response.Write(szErr); }
protected void Page_Load(object sender, EventArgs e) { Master.SelectedTab = tabID.tabUnknown; if (!IsPostBack) { lblErr.Text = String.Empty; string szAuthToken = util.GetStringParam(Request, "auth"); if (!String.IsNullOrEmpty(szAuthToken)) { Username = MFBWebService.GetEncryptedUser(szAuthToken); } bool fIsLocalOrSecure = MFBWebService.CheckSecurity(Request); // If no valid auth token, fall back to the authenticated name. if (String.IsNullOrEmpty(Username) && Page.User.Identity.IsAuthenticated && fIsLocalOrSecure) { Username = Page.User.Identity.Name; } // Require a secure connection for other than debugging. if (!fIsLocalOrSecure && !Request.IsSecureConnection) { Username = string.Empty; } try { if (String.IsNullOrEmpty(Username)) { throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized); } int idFlight = util.GetIntParam(Request, "idFlight", LogbookEntry.idFlightNew); if (idFlight == LogbookEntry.idFlightNew) { throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized); } LogbookEntry le = new LogbookEntry(); if (!le.FLoadFromDB(idFlight, Username)) { throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized); } mfbSignFlight.Flight = le; CFIStudentMap sm = new CFIStudentMap(Username); if (Username == null) { throw new MyFlightbookValidationException("No username for previously signed flights"); } Dictionary <string, LogbookEntry> d = PreviouslySignedAdhocFlights; // If no instructors, and no previously signed flights, assume ad-hoc and go straight to accept terms. if (!sm.Instructors.Any() && d.Keys.Count == 0) { mfbSignFlight.SigningMode = Controls_mfbSignFlight.SignMode.AdHoc; mfbSignFlight.CFIProfile = null; mvSignFlight.SetActiveView(vwAcceptTerms); } else { rptInstructors.DataSource = sm.Instructors; rptInstructors.DataBind(); List <string> lstKeys = new List <string>(d.Keys); lstKeys.Sort(); List <LogbookEntry> lstPrevInstructors = new List <LogbookEntry>(); foreach (string sz in lstKeys) { lstPrevInstructors.Add(d[sz]); } rptPriorInstructors.DataSource = lstPrevInstructors; rptPriorInstructors.DataBind(); mvSignFlight.SetActiveView(vwPickInstructor); } lblHeader.Text = String.Format(CultureInfo.CurrentCulture, Resources.SignOff.SignFlightHeader, MyFlightbook.Profile.GetUser(le.User).UserFullName); lblDisclaimerResponse.Text = Branding.ReBrand(Resources.SignOff.SignDisclaimerAgreement1); lblDisclaimerResponse2.Text = Branding.ReBrand(Resources.SignOff.SignDisclaimerAgreement2); } catch (MyFlightbookException ex) { lblErr.Text = ex.Message; } } }