protected void Page_Load(object sender, EventArgs e)
{
try
{
//link for the Chat Archives
//hlArchive.NavigateUrl = EditUrl("Archive",);
StartMessage = Settings.Contains("StartMessage") ? Settings["StartMessage"].ToString() : Localization.GetString("DefaultStartMessage", LocalResourceFile);
DefaultAvatarUrl = Settings.Contains("DefaultAvatarUrl") ? Settings["DefaultAvatarUrl"].ToString() : Localization.GetString("DefaultAvatarUrl", LocalResourceFile);
if (Settings.Contains("DefaultRoomId"))
{
DefaultRoomId = Settings["DefaultRoomId"].ToString();
}
else
{
//if we don't have a setting. go get the default room from the database.
var rc = new RoomController();
var r = rc.GetRoom("Lobby");
if (r == null || (r.ModuleId > 0 && r.ModuleId != ModuleId))
{
//todo: if there isn't a room we need display a message about creating one
}
else
{
//if the default room doesn't have a moduleid on it, set the module id
if (r.ModuleId < 0)
{
r.ModuleId = ModuleId;
}
rc.UpdateRoom(r);
}
if (r != null)
{
DefaultRoomId = r.RoomId.ToString();
}
}
//encrypt the user's roles so we can ensure security
var curRoles = UserInfo.Roles;
var section = (MachineKeySection)ConfigurationManager.GetSection("system.web/machineKey");
var pc = new PortalSecurity();
foreach (var c in curRoles)
{
EncryptedRoles += pc.Encrypt(section.ValidationKey, c) + ",";
}
if (UserInfo.IsSuperUser)
{
EncryptedRoles += pc.Encrypt(section.ValidationKey, "SuperUser");
}
}
catch (Exception exc) //Module failed to load
{
Exceptions.ProcessModuleLoadException(this, exc);
}
}
public bool SendMessage(EventMessage message, string eventName, bool encryptMessage)
{
//set the sent date if it wasn't set by the sender
if (message.SentDate == DateTime.MinValue)
{
message.SentDate = DateTime.Now;
}
string[] subscribers = new string[0];
if (EventQueueConfiguration.GetConfig().PublishedEvents[eventName] != null)
{
subscribers = EventQueueConfiguration.GetConfig().PublishedEvents[eventName].Subscribers.Split(";".ToCharArray());
}
else
{
subscribers[0] = "";
}
//send a message for each subscriber of the specified event
for (int indx = 0; indx <= subscribers.Length - 1; indx++)
{
StreamWriter oStream = File.CreateText(m_messagePath + MessageName(eventName, subscribers[indx], message.ID));
string messageString = message.Serialize();
if (encryptMessage)
{
PortalSecurity oPortalSecurity = new PortalSecurity();
messageString = oPortalSecurity.Encrypt(EventQueueConfiguration.GetConfig().EventQueueSubscribers[subscribers[indx]].PrivateKey, messageString);
}
oStream.WriteLine(messageString);
oStream.Close();
}
return(true);
}
public static string EncryptParameter(string Value)
{
PortalSettings _portalSettings = PortalController.GetCurrentPortalSettings();
string strKey = _portalSettings.GUID.ToString(); // restrict the key to 6 characters to conserve space
PortalSecurity objSecurity = new PortalSecurity();
return(HttpUtility.UrlEncode(objSecurity.Encrypt(strKey, Value)));
}
public static string EncryptParameter(string value, string encryptionKey)
{
var objSecurity = new PortalSecurity();
string strParameter = objSecurity.Encrypt(encryptionKey, value);
//[DNN-8257] - Can't do URLEncode/URLDecode as it introduces issues on decryption (with / = %2f), so we use a modifed Base64
strParameter = strParameter.Replace("/", "_");
strParameter = strParameter.Replace("+", "-");
strParameter = strParameter.Replace("=", "%3d");
return(strParameter);
}
public static string EncryptParameter(string value, string encryptionKey)
{
var objSecurity = new PortalSecurity();
var parameterValue = new StringBuilder(objSecurity.Encrypt(encryptionKey, value));
//[DNN-8257] - Can't do URLEncode/URLDecode as it introduces issues on decryption (with / = %2f), so we use a modifed Base64
parameterValue.Replace("/", "_");
parameterValue.Replace("+", "-");
parameterValue.Replace("=", "%3d");
return(parameterValue.ToString());
}
public static String Encrypt(String value, String passkey = "")
{
var objSec = new PortalSecurity();
if (value == null)
{
return("");
}
if (passkey == "")
{
var ps = GetCurrentPortalSettings();
passkey = ps.GUID.ToString();
}
return(objSec.Encrypt(passkey, value));
}
public static void UpdateConfig(int PortalID, bool WindowsAuthentication, string RootDomain, string EmailDomain, string AuthenticationUserName, string AuthenticationPassword, bool SynchronizeRole, bool SynchronizePassword, string ProviderTypeName, string AuthenticationType)
{
PortalSettings _portalSettings = PortalController.GetCurrentPortalSettings();
ModuleController objModules = new ModuleController();
PortalSecurity objSecurity = new PortalSecurity();
ModuleInfo objModuleInfo = objModules.GetModuleByDefinition(PortalID, "Site Settings");
int intModuleId = objModuleInfo.ModuleID;
objModules.UpdateModuleSetting(intModuleId, "WindowsAuthentication", WindowsAuthentication.ToString());
objModules.UpdateModuleSetting(intModuleId, "SynchronizeRole", SynchronizeRole.ToString());
objModules.UpdateModuleSetting(intModuleId, "SynchronizePassword", SynchronizePassword.ToString());
objModules.UpdateModuleSetting(intModuleId, "RootDomain", RootDomain);
objModules.UpdateModuleSetting(intModuleId, "EmailDomain", EmailDomain);
objModules.UpdateModuleSetting(intModuleId, "UserName", AuthenticationUserName);
objModules.UpdateModuleSetting(intModuleId, "ProviderTypeName", ProviderTypeName);
objModules.UpdateModuleSetting(intModuleId, "AuthenticationType", AuthenticationType);
//Only update password if it has been changed
// HACK : Modified to not error if object is null.
//if (AuthenticationPassword.Length > 0)
if (!String.IsNullOrEmpty(AuthenticationPassword))
{
objModules.UpdateModuleSetting(intModuleId, "AuthenticationPassword", Convert.ToString(objSecurity.Encrypt(AUTHENTICATION_KEY, AuthenticationPassword)));
}
}
public static string EncryptParameter(string Value, string encryptionKey)
{
PortalSecurity objSecurity = new PortalSecurity();
string strParameter = objSecurity.Encrypt(encryptionKey, Value);
strParameter = strParameter.Replace("/", "_");
strParameter = strParameter.Replace("+", "-");
strParameter = strParameter.Replace("=", "%3d");
return strParameter;
}
/// <summary>
/// cmdUpdate_Click runs when the Update button is clicked
/// </summary>
/// <history>
/// [cnurse] 5/10/2004 Updated to reflect design changes for Help, 508 support
/// and localisation
/// </history>
protected void cmdUpdate_Click(Object sender, EventArgs e)
{
if (Page.IsValid)
{
try
{
bool blnChild;
string strMessage = String.Empty;
string strPortalAlias;
int intCounter;
string strServerPath;
string strChildPath = String.Empty;
PortalController objPortalController = new PortalController();
PortalSecurity objSecurity = new PortalSecurity();
// check template validity
ArrayList messages = new ArrayList();
string schemaFilename = Server.MapPath("admin/Portal/portal.template.xsd");
string xmlFilename = Globals.HostMapPath + cboTemplate.SelectedItem.Text + ".template";
PortalTemplateValidator xval = new PortalTemplateValidator();
if (!xval.Validate(xmlFilename, schemaFilename))
{
strMessage = Localization.GetString("InvalidTemplate", this.LocalResourceFile);
lblMessage.Text = string.Format(strMessage, cboTemplate.SelectedItem.Text + ".template");
messages.AddRange(xval.Errors);
lstResults.Visible = true;
lstResults.DataSource = messages;
lstResults.DataBind();
return;
}
//Set Portal Name
txtPortalName.Text = txtPortalName.Text.ToLower();
txtPortalName.Text = txtPortalName.Text.Replace("http://", "");
//Validate Portal Name
if (PortalSettings.ActiveTab.ParentId != PortalSettings.SuperTabId)
{
blnChild = true;
// child portal
for (intCounter = 1; intCounter <= txtPortalName.Text.Length; intCounter++)
{
if ("abcdefghijklmnopqrstuvwxyz0123456789-".IndexOf(txtPortalName.Text.Substring(intCounter, 1)) == 0)
{
strMessage += "<br>" + Localization.GetString("InvalidName", this.LocalResourceFile);
}
}
strPortalAlias = txtPortalName.Text;
}
else
{
blnChild = optType.SelectedValue == "C";
if (blnChild)
{
strPortalAlias = txtPortalName.Text.Substring(txtPortalName.Text.LastIndexOf("/") + 1);
}
else
{
strPortalAlias = txtPortalName.Text;
}
string strValidChars = "abcdefghijklmnopqrstuvwxyz0123456789-";
if (!blnChild)
{
strValidChars += "./:";
}
for (intCounter = 1; intCounter <= strPortalAlias.Length; intCounter++)
{
if (strValidChars.IndexOf(strPortalAlias.Substring(intCounter - 1, 1)) == 0)
{
strMessage += "<br>" + Localization.GetString("InvalidName", this.LocalResourceFile);
}
}
}
//Validate Password
if (txtPassword.Text != txtConfirm.Text)
{
strMessage += "<br>" + Localization.GetString("InvalidPassword", this.LocalResourceFile);
}
strServerPath = Globals.GetAbsoluteServerPath(Request);
//Set Portal Alias for Child Portals
if (strMessage == "")
{
if (blnChild)
{
strChildPath = strServerPath + strPortalAlias;
if (Directory.Exists(strChildPath))
{
strMessage = Localization.GetString("ChildExists", this.LocalResourceFile);
}
else
{
if (PortalSettings.ActiveTab.ParentId != PortalSettings.SuperTabId)
{
strPortalAlias = Globals.GetDomainName(Request) + "/" + strPortalAlias;
}
else
{
strPortalAlias = txtPortalName.Text;
}
}
}
}
//Get Home Directory
string HomeDir;
if (txtHomeDirectory.Text != "Portals/[PortalID]")
{
HomeDir = txtHomeDirectory.Text;
}
else
{
HomeDir = "";
}
//Create Portal
if (strMessage == "")
{
string strTemplateFile = cboTemplate.SelectedItem.Text + ".template";
//Attempt to create the portal
int intPortalId;
try
{
intPortalId = objPortalController.CreatePortal(txtTitle.Text, txtFirstName.Text, txtLastName.Text, txtUsername.Text, objSecurity.Encrypt(Convert.ToString(Globals.HostSettings["EncryptionKey"]), txtPassword.Text), txtEmail.Text, txtDescription.Text, txtKeyWords.Text, Globals.HostMapPath, strTemplateFile, HomeDir, strPortalAlias, strServerPath, strChildPath, blnChild);
}
catch (Exception ex)
{
intPortalId = Null.NullInteger;
strMessage = ex.Message;
}
if (intPortalId != -1)
{
// notification
UserInfo objUser = UserController.GetUserByName(intPortalId, txtUsername.Text, false);
//Create a Portal Settings object for the new Portal
PortalSettings newSettings = new PortalSettings();
newSettings.PortalAlias = new PortalAliasInfo();
newSettings.PortalAlias.HTTPAlias = strPortalAlias;
newSettings.PortalId = intPortalId;
string webUrl = Globals.AddHTTP(strPortalAlias);
try
{
if (PortalSettings.ActiveTab.ParentId != PortalSettings.SuperTabId)
{
Mail.SendMail(PortalSettings.Email, txtEmail.Text, PortalSettings.Email + ";" + Convert.ToString(PortalSettings.HostSettings["HostEmail"]), Localization.GetSystemMessage(newSettings, "EMAIL_PORTAL_SIGNUP_SUBJECT", objUser), Localization.GetSystemMessage(newSettings, "EMAIL_PORTAL_SIGNUP_BODY", objUser), "", "", "", "", "", "");
}
else
{
Mail.SendMail(Convert.ToString(PortalSettings.HostSettings["HostEmail"]), txtEmail.Text, Convert.ToString(PortalSettings.HostSettings["HostEmail"]), Localization.GetSystemMessage(newSettings, "EMAIL_PORTAL_SIGNUP_SUBJECT", objUser), Localization.GetSystemMessage(newSettings, "EMAIL_PORTAL_SIGNUP_BODY", objUser), "", "", "", "", "", "");
}
}
catch (Exception)
{
strMessage = string.Format(Localization.GetString("SendMail.Error", this.LocalResourceFile), webUrl, null);
}
EventLogController objEventLog = new EventLogController();
objEventLog.AddLog(objPortalController.GetPortal(intPortalId), PortalSettings, UserId, "", EventLogController.EventLogType.PORTAL_CREATED);
// Redirect to this new site
if (strMessage == Null.NullString)
{
Response.Redirect(webUrl, true);
}
}
}
lblMessage.Text = "<br>" + strMessage + "<br><br>";
}
catch (Exception exc) //Module failed to load
{
Exceptions.ProcessModuleLoadException(this, exc);
}
}
}
/// <summary>
/// Property access, initially provided for TokenReplace
/// </summary>
/// <param name="propertyName">Name of the Property</param>
/// <param name="format">format string</param>
/// <param name="formatProvider">format provider for numbers, dates, currencies</param>
/// <param name="accessingUser">userinfo of the user, who queries the data (used to determine permissions)</param>
/// <param name="currentScope">requested maximum access level, might be restricted due to user level</param>
/// <param name="propertyNotFound">out: flag, if property could be retrieved.</param>
/// <returns>current value of the property for this userinfo object</returns>
public string GetProperty(string propertyName, string format, CultureInfo formatProvider, UserInfo accessingUser, Scope currentScope, ref bool propertyNotFound)
{
Scope internScope;
if (UserID == -1 && currentScope > Scope.Configuration)
{
internScope = Scope.Configuration; //anonymous users only get access to displayname
}
else if (UserID != accessingUser.UserID && !isAdminUser(ref accessingUser) && currentScope > Scope.DefaultSettings)
{
internScope = Scope.DefaultSettings; //registerd users can access username and userID as well
}
else
{
internScope = currentScope; //admins and user himself can access all data
}
string outputFormat = format == string.Empty ? "g" : format;
switch (propertyName.ToLower())
{
case "verificationcode":
if (internScope < Scope.SystemMessages)
{
propertyNotFound = true;
return(PropertyAccess.ContentLocked);
}
var ps = new PortalSecurity();
var code = ps.Encrypt(Config.GetDecryptionkey(), PortalID + "-" + UserID);
return(code.Replace("+", ".").Replace("/", "-").Replace("=", "_"));
case "affiliateid":
if (internScope < Scope.SystemMessages)
{
propertyNotFound = true;
return(PropertyAccess.ContentLocked);
}
return(AffiliateID.ToString(outputFormat, formatProvider));
case "displayname":
if (internScope < Scope.Configuration)
{
propertyNotFound = true;
return(PropertyAccess.ContentLocked);
}
return(PropertyAccess.FormatString(DisplayName, format));
case "email":
if (internScope < Scope.DefaultSettings)
{
propertyNotFound = true;
return(PropertyAccess.ContentLocked);
}
return(PropertyAccess.FormatString(Email, format));
case "firstname": //using profile property is recommended!
if (internScope < Scope.DefaultSettings)
{
propertyNotFound = true;
return(PropertyAccess.ContentLocked);
}
return(PropertyAccess.FormatString(FirstName, format));
case "issuperuser":
if (internScope < Scope.Debug)
{
propertyNotFound = true;
return(PropertyAccess.ContentLocked);
}
return(IsSuperUser.ToString(formatProvider));
case "lastname": //using profile property is recommended!
if (internScope < Scope.DefaultSettings)
{
propertyNotFound = true;
return(PropertyAccess.ContentLocked);
}
return(PropertyAccess.FormatString(LastName, format));
case "portalid":
if (internScope < Scope.Configuration)
{
propertyNotFound = true;
return(PropertyAccess.ContentLocked);
}
return(PortalID.ToString(outputFormat, formatProvider));
case "userid":
if (internScope < Scope.DefaultSettings)
{
propertyNotFound = true;
return(PropertyAccess.ContentLocked);
}
return(UserID.ToString(outputFormat, formatProvider));
case "username":
if (internScope < Scope.DefaultSettings)
{
propertyNotFound = true;
return(PropertyAccess.ContentLocked);
}
return(PropertyAccess.FormatString(Username, format));
case "fullname": //fullname is obsolete, it will return DisplayName
if (internScope < Scope.Configuration)
{
propertyNotFound = true;
return(PropertyAccess.ContentLocked);
}
return(PropertyAccess.FormatString(DisplayName, format));
case "roles":
if (currentScope < Scope.SystemMessages)
{
propertyNotFound = true;
return(PropertyAccess.ContentLocked);
}
return(PropertyAccess.FormatString(string.Join(", ", Roles), format));
}
propertyNotFound = true;
return(string.Empty);
}
public static void UpdateConfig(int PortalID, bool WindowsAuthentication, string RootDomain, string EmailDomain, string AuthenticationUserName, string AuthenticationPassword, bool SynchronizeRole, bool SynchronizePassword, string ProviderTypeName, string AuthenticationType)
{
PortalSettings _portalSettings = PortalController.GetCurrentPortalSettings();
ModuleController objModules = new ModuleController();
PortalSecurity objSecurity = new PortalSecurity();
ModuleInfo objModuleInfo = objModules.GetModuleByDefinition(PortalID, "Site Settings");
int intModuleId = objModuleInfo.ModuleID;
objModules.UpdateModuleSetting(intModuleId, "WindowsAuthentication", WindowsAuthentication.ToString());
objModules.UpdateModuleSetting(intModuleId, "SynchronizeRole", SynchronizeRole.ToString());
objModules.UpdateModuleSetting(intModuleId, "SynchronizePassword", SynchronizePassword.ToString());
objModules.UpdateModuleSetting(intModuleId, "RootDomain", RootDomain);
objModules.UpdateModuleSetting(intModuleId, "EmailDomain", EmailDomain);
objModules.UpdateModuleSetting(intModuleId, "UserName", AuthenticationUserName);
objModules.UpdateModuleSetting(intModuleId, "ProviderTypeName", ProviderTypeName);
objModules.UpdateModuleSetting(intModuleId, "AuthenticationType", AuthenticationType);
//Only update password if it has been changed
// HACK : Modified to not error if object is null.
//if (AuthenticationPassword.Length > 0)
if (!String.IsNullOrEmpty(AuthenticationPassword))
{
objModules.UpdateModuleSetting(intModuleId, "AuthenticationPassword", Convert.ToString(objSecurity.Encrypt(AUTHENTICATION_KEY, AuthenticationPassword)));
}
}
