protected void btnSubmit_Click(object sender, EventArgs e)
{
if ((txtUsername.Text == "Test") && (txtPassword.Text == "123"))
{
SessionIDManager manager = new SessionIDManager();
string sessionId = manager.CreateSessionID(HttpContext.Current);
HttpCookie sessionCookie = new HttpCookie("Session_Id");
sessionCookie.Value = sessionId;
Response.Cookies.Add(sessionCookie);
HttpCookie csrfCookie = new HttpCookie("CSRF_Token");
csrfCookie.Value = Guid.NewGuid().ToString("N");
Response.Cookies.Add(csrfCookie);
Response.Redirect("Home.aspx");
}
else
{
divFail.Visible = true;
lblFail.Visible = true;
lblFail.Text = "Invalid Credintials";
}
}
protected void btnLogin_Click(object sender, EventArgs e)
{
LoginUser login = new LoginUser();
login.userName = txtUserName.Text;
login.Password = txtPassword.Text;
ServiceLayer services = new ServiceLayer();
if (services.CheckIsUserValid(login))
{
SessionIDManager manager = new SessionIDManager();
string newID = manager.CreateSessionID(Context);
bool redirected = false;
bool isAdded = false;
manager.SaveSessionID(Context, newID, out redirected, out isAdded);
if (isAdded)
{
Session["IsValidUser"] = newID;
Response.Redirect("DashBoard.aspx");
}
}
else
{
Response.Redirect("Login.aspx");
}
}
protected void Session_End(object sender, EventArgs e)
{
try
{
SessionIDManager manager = new SessionIDManager();
manager.RemoveSessionID(System.Web.HttpContext.Current);
var newId = manager.CreateSessionID(System.Web.HttpContext.Current);
var isRedirected = true;
var isAdded = true;
manager.SaveSessionID(System.Web.HttpContext.Current, newId, out isRedirected, out isAdded);
SessionTracker sessionTracker = (SessionTracker)Session[SessionKeys.Tracker];
FormsAuthentication.SignOut();
if ((sessionTracker == null))
{
return;
}
else
{
SessionLog sLog = new SessionLog();
sLog.SessionLogEnd(sessionTracker);
}
}
catch
{
}
if (HttpContext.Current != null)
{
if (null != HttpContext.Current.Session)
{
HttpContext.Current.Session.Abandon();
}
}
}
public string GetSessionId()
{
SessionIDManager manager = new SessionIDManager();
string newSessionId = manager.CreateSessionID(System.Web.HttpContext.Current);
return(newSessionId);
}
protected void Session_Start()
{
if (done == false)
{
SessionIDManager manager = new SessionIDManager();
string newID = manager.CreateSessionID(Context);
bool redirected = false;
bool isAdded = false;
manager.SaveSessionID(Context, newID, out redirected, out isAdded);
done = true;
}
string sessionId = Session.SessionID;
if (Context.Session != null)
{
if (Context.Session.IsNewSession)
{
if (HttpContext.Current.Session.Count == 0)
{
HttpContext.Current.Response.Redirect("~/Account/Login/");
//KneaderPrototype.Error.toFile("Session_Start hapened", this.GetType().Name.ToString());
}
}
}
}
protected void LoginStatus1_LoggedOut(object sender, EventArgs e)
{
SetUserRoles(string.Empty);
SageFrameConfig sageConfig = new SageFrameConfig();
//create new sessionID
SessionIDManager manager = new SessionIDManager();
manager.RemoveSessionID(System.Web.HttpContext.Current);
var newId = manager.CreateSessionID(System.Web.HttpContext.Current);
var isRedirected = true;
var isAdded = true;
manager.SaveSessionID(System.Web.HttpContext.Current, newId, out isRedirected, out isAdded);
Session.Remove("Auth_Token");
//Catch activity log
if (!IsParent)
{
Response.Redirect(GetParentURL + "/portal/" + GetPortalSEOName + "/" + sageConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage) + Extension);
}
else
{
Response.Redirect(GetParentURL + "/" + sageConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage) + Extension);
}
}
protected void LoggOutUser()
{
try
{
SetUserRoles(string.Empty);
SageFrameConfig sageConfig = new SageFrameConfig();
SessionIDManager manager = new SessionIDManager();
manager.RemoveSessionID(System.Web.HttpContext.Current);
var newId = manager.CreateSessionID(System.Web.HttpContext.Current);
var isRedirected = true;
var isAdded = true;
manager.SaveSessionID(System.Web.HttpContext.Current, newId, out isRedirected, out isAdded);
if (!IsParent)
{
HttpContext.Current.Response.Redirect(GetParentURL + "/portal/" + GetPortalSEOName + "/" + sageConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage) + SageFrameSettingKeys.PageExtension);
}
else
{
HttpContext.Current.Response.Redirect(GetParentURL + "/" + sageConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage) + SageFrameSettingKeys.PageExtension);
}
}
catch (Exception ex)
{
throw ex;
}
}
protected void Page_Load(object sender, EventArgs e)
{
Response.Cookies["indico-usrnm"].Value = string.Empty;
Response.Cookies["indico-usrnm"].Expires = DateTime.Now.AddDays(-15);
Response.Cookies["indico-pswrd"].Value = string.Empty;
Response.Cookies["indico-pswrd"].Expires = DateTime.Now.AddDays(-15);
try
{
if (HttpContext.Current.Session["in_sid"] != null)
{
UserBO objUser = this.LoggedUser;
Session["UserMenuItemRoleView" + this.LoggedUser.ID] = null;
IndicoPage.EndSession(ref objUser);
}
Session.Abandon();
}
catch { }
SessionIDManager manager = new SessionIDManager();
var isRedirected = false; var isAdded = false;
manager.SaveSessionID(this.Context, manager.CreateSessionID(Context), out isRedirected, out isAdded);
Response.Redirect("/Login.aspx");
}
// adapted from https://stackoverflow.com/a/4420114/6121074
/// <summary>
/// prevent http session fixation attack by generating a new http session ID upon login
/// </summary>
/// <remarks>
/// https://www.owasp.org/index.php/Session_Fixation
/// </remarks>
/// <returns>new session ID</returns>
public static string RegenerateSessionId()
{
// create a new session id
var manager = new SessionIDManager();
var oldId = manager.GetSessionID(HttpContext.Current);
var newId = manager.CreateSessionID(HttpContext.Current);
manager.SaveSessionID(HttpContext.Current, newId, out bool redirected, out bool cookieAdded);
// retrieve the current session
var application = HttpContext.Current.ApplicationInstance;
var session = (SessionStateModule)application.Modules.Get("Session");
var fields = session.GetType().GetFields(BindingFlags.NonPublic | BindingFlags.Instance);
// parse the session fields
SessionStateStoreProviderBase store = null;
FieldInfo rqIdField = null, rqLockIdField = null, rqStateNotFoundField = null;
SessionStateStoreData rqItem = null;
foreach (var field in fields)
{
switch (field.Name)
{
case "_store":
store = (SessionStateStoreProviderBase)field.GetValue(session);
break;
case "_rqId":
rqIdField = field;
break;
case "_rqLockId":
rqLockIdField = field;
break;
case "_rqSessionStateNotFound":
rqStateNotFoundField = field;
break;
case "_rqItem":
rqItem = (SessionStateStoreData)field.GetValue(session);
break;
}
}
// remove the session from the store
var lockId = rqLockIdField.GetValue(session);
if (lockId != null && oldId != null)
{
store.RemoveItem(HttpContext.Current, oldId, lockId, rqItem);
}
// assign the new id to the session
// the session will be added back to the store, with the new id, on the next http request
rqStateNotFoundField.SetValue(session, true);
rqIdField.SetValue(session, newId);
return(newId);
}
protected void Session_Start(Object sender, EventArgs e)
{
Application.Lock();
Application["UsersOnline"] = (int)Application["UsersOnline"] + 1;
Application.UnLock();
SessionIDManager Manager = new SessionIDManager();
string NewID = Manager.CreateSessionID(Context);
string OldID = Context.Session.SessionID;
////Context.Response.Cookies.Add(new HttpCookie("LID", NewID));
//bool redirected = false;
//bool cookieAdded = false;
//Manager.SaveSessionID(Context, NewID, out redirected, out cookieAdded);
HttpContext.Current.Session.Add("__MyAppSession", NewID);
//Response.Write("Old SessionId Is : " + OldID);
//if (cookieAdded)
//{
Session["GUID"] = NewID;
//Response.Write("<br/> New Session ID Is : " + NewID);
//Response.Write("<br/> Old Session ID Is : " + OldID);
//Response.Write("<br/> No of Users : " + Application["UsersOnline"]);
//}
//else
//{
// Response.Write("<br/> Session Id did not saved : ");
//}
}
protected void Login(object sender, EventArgs e)
{
System.Threading.Thread.Sleep(3000);
UserModule userModule = new UserModule();
string userid = input_userid.Text;
string password = input_password.Text;
try
{
UserAccount authenticatedUser = userModule.login(userid, password);
SessionIDManager sessionIdManager = new SessionIDManager();
string newId = sessionIdManager.CreateSessionID(Context);
string oldUserId = "";
string oldUsername = "";
string oldUserRole = "";
if(Session["userid"] != null) oldUserId = Session["userid"].ToString();
if(Session["username"] != null) oldUsername = Session["username"].ToString();
if(Session["userRole"] != null) oldUserRole = Session["userRole"].ToString();
Session["userid"] = userid;
Session["username"] = authenticatedUser.USERNAME;
Session["userRole"] = authenticatedUser.ROLE;
//Session["Sessionid"] = Session.SessionID; //Unnecessary
if (Session["previous_url"] != null &&
userid.Equals(oldUserId)) //impt! potential security vulnerability
{
string previous_url = Session["previous_url"].ToString();
Session["previous_url"] = ""; //Clear session variable just in case
Response.Redirect(previous_url);
}
string redirectURL = UserRoleDispatcher.getPageByUserRole(authenticatedUser.ROLE);
if (redirectURL.Length <= 0)
{
throw new Exception("No role configured for " + authenticatedUser.ROLE + " yet, please contact administrator.");
}
Response.Redirect(redirectURL);
}
catch (LoginException lex)
{
login_message.Controls.Add(new LiteralControl(
"<div class='alert alert-danger col-sm-10 col-sm-offset-1'>"
+ lex.Message
+ "</div>"));
}
catch (Exception ex)
{
login_message.Controls.Add(new LiteralControl(
"<div class='alert alert-danger col-sm-10 col-sm-offset-1'>"
+ ex.Message
+ "</div>"));
}
}
private static string CreateSessionId(HttpContext httpContext)
{
var manager = new SessionIDManager();
string newSessionId = manager.CreateSessionID(httpContext);
return(newSessionId);
}
/// <inheritdoc cref="Owasp.Esapi.Interfaces.IHttpUtilities.ChangeSessionIdentifier()" />
public void ChangeSessionIdentifier()
{
SessionIDManager manager = new SessionIDManager();
string newSessionId = manager.CreateSessionID(HttpContext.Current);
bool redirected = false;
bool IsAdded = false;
manager.SaveSessionID(HttpContext.Current, newSessionId, out redirected, out IsAdded);
}
public void ChangeSessionId()
{
SessionIDManager sessionIdManager = new SessionIDManager();
string sessionId = sessionIdManager.CreateSessionID(HttpContext.Current);
bool redirected = false;
bool cookieAdded = false;
sessionIdManager.SaveSessionID(HttpContext.Current, sessionId, out redirected, out cookieAdded);
}
private string RegenrateSessionId()
{
var manager = new SessionIDManager();
HttpContext context = System.Web.HttpContext.Current;
string oldId = manager.GetSessionID(context);
string newId = manager.CreateSessionID(context);
bool isAdd = false, isRedir = false;
manager.SaveSessionID(context, newId, out isRedir, out isAdd);
var ctx = (HttpApplication)System.Web.HttpContext.Current.ApplicationInstance;
HttpModuleCollection mods = ctx.Modules;
var ssm = (SessionStateModule)mods.Get("Session");
FieldInfo[] fields = ssm.GetType().GetFields(BindingFlags.NonPublic | BindingFlags.Instance);
SessionStateStoreProviderBase store = null;
FieldInfo rqIdField = null, rqLockIdField = null, rqStateNotFoundField = null;
foreach (FieldInfo field in fields)
{
if (field.Name.Equals("_store"))
{
store = (SessionStateStoreProviderBase)field.GetValue(ssm);
}
if (field.Name.Equals("_rqId"))
{
rqIdField = field;
}
if (field.Name.Equals("_rqLockId"))
{
rqLockIdField = field;
}
if (field.Name.Equals("_rqSessionStateNotFound"))
{
rqStateNotFoundField = field;
}
}
if (rqLockIdField != null)
{
object lockId = rqLockIdField.GetValue(ssm);
if ((lockId != null) && (oldId != null))
{
if (store != null)
{
store.ReleaseItemExclusive(context, oldId, lockId);
}
}
}
if (rqStateNotFoundField != null)
{
rqStateNotFoundField.SetValue(ssm, true);
}
if (rqIdField != null)
{
rqIdField.SetValue(ssm, newId);
}
return(newId);
}
public ActionResult GetSession()
{
SessionIDManager manager = new SessionIDManager();
string sessionId = manager.CreateSessionID(System.Web.HttpContext.Current);
bool redirected = false;
bool isAdded = false;
manager.SaveSessionID(System.Web.HttpContext.Current, sessionId, out redirected, out isAdded);
return(Json(sessionId));
}
protected void Page_Load(object sender, EventArgs e)
{
SessionIDManager manager = new SessionIDManager();
string newID = manager.CreateSessionID(Context);
bool redirected = false;
bool isAdded = false;
manager.SaveSessionID(Context, newID, out redirected, out isAdded);
}
public void Session_Start()
{
var sessionNumber = m.CreateSessionID(System.Web.HttpContext.Current);
AddNewSessionData(sessionNumber, new SessionDataContainer()
{
pocetakSesije = DateTime.Now
});
Session["brojSesije"] = sessionNumber;
}
void CreateNewSessionId()
{
SessionIDManager Manager = new SessionIDManager();
string NewID = Manager.CreateSessionID(Context);
string OldID = Context.Session.SessionID;
bool redirected = false;
bool IsAdded = false;
Manager.SaveSessionID(Context, NewID, out redirected, out IsAdded);
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["Username"] == null && Session.IsNewSession == false)
{
Response.Redirect("Logout.aspx", false);
return;
}
if (globle.UserValue != null && Session.IsNewSession == true)
{
Session["Username"] = globle.UserValue;
Session["Role"] = globle.Role;
Session["Location"] = "";
Session["PF_Index"] = globle.PF_Index;
Session["LoggedIn"] = "Yes";
}
else if (globle.UserValue == null)
{
Response.Redirect("Logout.aspx", false);
return;
}
if (!IsPostBack)
{
if (Session["Role"].ToString() == "admin")
{
AdminOptions.Visible = true;
lblUserLocation.Text = "Admin";
}
else
{
lblUserLocation.Text = Session["Location"].ToString() + "-" + Session["Role"].ToString();
AdminOptions.Visible = false;
}
if (globle.CallLogRequired == "false")
{
TicketReportID.Style.Add("Display", "None");
}
GetKioskHealth();
GetLastTxn(11);
if (Session.IsNewSession == false && Session["LoggedIn"] == null)
{
bool redirected = false;
bool isAdded = false;
SessionIDManager Manager = new SessionIDManager();
string NewID = Manager.CreateSessionID(Context);
string OldID = Context.Session.SessionID;
Manager.SaveSessionID(Context, NewID, out redirected, out isAdded);
Request.Cookies.Add(new HttpCookie("ASP.NET_SessionId", NewID));
}
}
}
protected void ReGenerateSessionId()
{
SessionIDManager manager = new SessionIDManager();
string oldId = manager.GetSessionID(System.Web.HttpContext.Current);
string newId = manager.CreateSessionID(System.Web.HttpContext.Current);
bool isAdd = false, isRedir = false;
manager.RemoveSessionID(System.Web.HttpContext.Current);
manager.SaveSessionID(System.Web.HttpContext.Current, newId, out isRedir, out isAdd);
//Store data from old session
HttpApplication ctx = System.Web.HttpContext.Current.ApplicationInstance;
HttpModuleCollection mods = ctx.Modules;
SessionStateModule ssm = (SessionStateModule)mods.Get("Session");
FieldInfo[] fields = ssm.GetType().GetFields(BindingFlags.NonPublic | BindingFlags.Instance);
SessionStateStoreProviderBase store = null;
FieldInfo rqIdField = null, rqLockIdField = null, rqStateNotFoundField = null;
SessionStateStoreData rqItem = null;
foreach (FieldInfo field in fields)
{
if (field.Name.Equals("_store"))
{
store = (SessionStateStoreProviderBase)field.GetValue(ssm);
}
if (field.Name.Equals("_rqId"))
{
rqIdField = field;
}
if (field.Name.Equals("_rqLockId"))
{
rqLockIdField = field;
}
if (field.Name.Equals("_rqSessionStateNotFound"))
{
rqStateNotFoundField = field;
}
if ((field.Name.Equals("_rqItem")))
{
rqItem = (SessionStateStoreData)field.GetValue(ssm);
}
}
object lockId = rqLockIdField.GetValue(ssm);
if ((lockId != null) && (oldId != null))
{
store.RemoveItem(System.Web.HttpContext.Current, oldId, lockId, rqItem);
}
rqStateNotFoundField.SetValue(ssm, true);
rqIdField.SetValue(ssm, newId);
}
public ActionResult Login(int?id)
{
//Session.Abandon();
SessionIDManager manager = new SessionIDManager();
manager.RemoveSessionID(System.Web.HttpContext.Current);
var oldId = manager.GetSessionID(System.Web.HttpContext.Current);
var newId = manager.CreateSessionID(System.Web.HttpContext.Current);
var isRedirected = true;
var isAdded = true;
manager.SaveSessionID(System.Web.HttpContext.Current, newId, out isRedirected, out isAdded);
System.Web.HttpContext.Current.Session["sessionid"] = newId;
HttpApplication ctx = (HttpApplication)System.Web.HttpContext.Current.ApplicationInstance;
HttpModuleCollection mods = ctx.Modules;
System.Web.SessionState.SessionStateModule ssm = (SessionStateModule)mods.Get("Session");
System.Reflection.FieldInfo[] fields = ssm.GetType().GetFields(BindingFlags.NonPublic | BindingFlags.Instance);
SessionStateStoreProviderBase store = null;
System.Reflection.FieldInfo rqIdField = null, rqLockIdField = null, rqStateNotFoundField = null;
foreach (System.Reflection.FieldInfo field in fields)
{
if (field.Name.Equals("_store"))
{
store = (SessionStateStoreProviderBase)field.GetValue(ssm);
}
if (field.Name.Equals("_rqId"))
{
rqIdField = field;
}
if (field.Name.Equals("_rqLockId"))
{
rqLockIdField = field;
}
if (field.Name.Equals("_rqSessionStateNotFound"))
{
rqStateNotFoundField = field;
}
}
object lockId = rqLockIdField.GetValue(ssm);
if ((lockId != null) && (oldId != null))
{
store.ReleaseItemExclusive(System.Web.HttpContext.Current, oldId, lockId);
}
rqStateNotFoundField.SetValue(ssm, true);
rqIdField.SetValue(ssm, newId);
ViewBag.CompanyID = id;
ViewBag.Message = id.HasValue ? "" : "缺少公司标识";
ViewBag.ThirdLoginUrl = string.Format("{0}?client_id={1}&redirect_uri={2}&state={3}&response_type=code", authorizeUrl, clinetId, redirectUri, state);
return(View());
}
protected string CreateSession(HttpContext Context)
{
SessionIDManager Manager = new SessionIDManager();
string NewID = Manager.CreateSessionID(Context);
string OldID = Context.Session.SessionID;
bool redirected = false;
bool IsAdded = false;
Manager.SaveSessionID(Context, NewID, out redirected, out IsAdded);
return(NewID);
}
void CreateNewSessionId()
{
SessionIDManager Manager = new SessionIDManager();
string NewID = Manager.CreateSessionID(Context);
string OldID = Context.Session.SessionID;
bool redirected = false;
bool IsAdded = false;
Manager.SaveSessionID(Context, NewID, out redirected, out IsAdded);
}
private string GenerateNewSessionId()
{
SessionIDManager manager = new SessionIDManager();
string result = manager.CreateSessionID(HttpContext.Current);
string client = Request.Url.Host.Split('.')[0];
result = result.Substring(client.Length, result.Length - client.Length);
result = client + result;
return(result);
}
public static void Logout()
{
UserSession.CurrentUser = null;
var manager = new SessionIDManager();
bool redirected;
bool isAdded;
var id = manager.CreateSessionID(UserSession.CurrentContext);
manager.RemoveSessionID(UserSession.CurrentContext);
manager.SaveSessionID(UserSession.CurrentContext, id, out redirected, out isAdded);
}
// GET /api/Customer/1
public IHttpActionResult GetCustomer(long id)
{
SessionIDManager manager = new SessionIDManager();
string newSessionId = manager.CreateSessionID(HttpContext.Current);
Customer customer = m_db.Customers.SingleOrDefault(cus => cus.Id == id);
if (customer == null)
{
return(NotFound());
}
return(Ok(customer));
}
public string createSession()
{
SessionIDManager manager = new SessionIDManager();
string newID = manager.CreateSessionID(HttpContext.Current);
bool redirected = false, isAdded = false;
manager.SaveSessionID(HttpContext.Current, newID, out redirected, out isAdded);
if (isAdded)
{
this.sessionID = newID;
this.sessionExpiration = (Int32)(DateTime.UtcNow.AddMinutes(10).Subtract(new DateTime(1970, 1, 1))).TotalSeconds;
}
return(Crypto.HashPassword(this.sessionID));
}
public static void RenewSessionID()
{
HttpContext context = HttpContext.Current;
SessionIDManager manager = new SessionIDManager();
string newID = manager.CreateSessionID(context);
bool redirected = false;
bool isAdded = false;
manager.SaveSessionID(context, newID, out redirected, out isAdded);
if (null != HttpContext.Current.Request.Cookies["ASP.NET_SessionId"])
{
HttpContext.Current.Response.Cookies["ASP.NET_SessionId"].Value = newID;
}
}
public void Destroy()
{
if (_httpSession != null)
{
GXLogging.Debug(log, "Destroy sessionId: " + _httpSession.SessionID);
_httpSession.RemoveAll();
_httpSession.Abandon();
#if !NETCORE
SessionIDManager manager = new SessionIDManager();
string newId = manager.CreateSessionID(HttpContext.Current);
bool isRedirected = false;
bool isAdded = false;
manager.SaveSessionID(HttpContext.Current, newId, out isRedirected, out isAdded);
#endif
}
}
public static void NewSession()
{
BaseSession.ClearSession();
// Create new SessionId ---------------------------------------------------------
SessionIDManager Manager = new SessionIDManager();
System.Web.HttpContext ctx = System.Web.HttpContext.Current;
string NewID = Manager.CreateSessionID(ctx);
string OldID = ctx.Session.SessionID;
bool redirected = false;
bool IsAdded = false;
Manager.SaveSessionID(ctx, NewID, out redirected, out IsAdded);
// -----------------------------------------------------------------------------
}
public static void RegenrateSessionId()
{
Authorization.AuthoCookie.RegenerateAuthoCookie();
SessionIDManager manager = new SessionIDManager();
string oldId = manager.GetSessionID(HttpContext.Current);
string newId = manager.CreateSessionID(HttpContext.Current);
bool isAdd = false, isRedir = false;
manager.SaveSessionID(HttpContext.Current, newId, out isRedir, out isAdd);
HttpApplication ctx = (HttpApplication)HttpContext.Current.ApplicationInstance;
HttpModuleCollection mods = ctx.Modules;
System.Web.SessionState.SessionStateModule ssm = (SessionStateModule)mods.Get("Session");
System.Reflection.FieldInfo[] fields = ssm.GetType().GetFields(BindingFlags.NonPublic | BindingFlags.Instance);
SessionStateStoreProviderBase store = null;
System.Reflection.FieldInfo rqIdField = null, rqLockIdField = null, rqStateNotFoundField = null;
foreach (System.Reflection.FieldInfo field in fields)
{
if (field.Name.Equals("_store"))
{
store = (SessionStateStoreProviderBase)field.GetValue(ssm);
}
if (field.Name.Equals("_rqId"))
{
rqIdField = field;
}
if (field.Name.Equals("_rqLockId"))
{
rqLockIdField = field;
}
if (field.Name.Equals("_rqSessionStateNotFound"))
{
rqStateNotFoundField = field;
}
}
object lockId = rqLockIdField.GetValue(ssm);
if ((lockId != null) && (oldId != null))
{
store.ReleaseItemExclusive(HttpContext.Current, oldId, lockId);
}
rqStateNotFoundField.SetValue(ssm, true);
rqIdField.SetValue(ssm, newId);
}
protected void LoginStatus1_LoggedOut(object sender, EventArgs e)
{
SetUserRoles(string.Empty);
SageFrameConfig sageConfig = new SageFrameConfig();
//create new sessionID
SessionIDManager manager = new SessionIDManager();
manager.RemoveSessionID(System.Web.HttpContext.Current);
var newId = manager.CreateSessionID(System.Web.HttpContext.Current);
var isRedirected = true;
var isAdded = true;
manager.SaveSessionID(System.Web.HttpContext.Current, newId, out isRedirected, out isAdded);
Session.Remove("Auth_Token");
//Catch activity log
if (!IsParent)
{
Response.Redirect(GetParentURL + "/portal/" + GetPortalSEOName + "/" + sageConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage) + Extension);
}
else
{
Response.Redirect(GetParentURL + "/" + sageConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage) + Extension);
}
}
protected void lnkloginStatus_Click(object sender, EventArgs e)
{
try
{
SageFrameConfig SageConfig = new SageFrameConfig();
SageFrameSettingKeys.PageExtension = SageConfig.GetSettingsByKey(SageFrameSettingKeys.SettingPageExtension);
bool EnableSessionTracker = bool.Parse(SageConfig.GetSettingsByKey(SageFrameSettingKeys.EnableSessionTracker));
SessionTracker sessionTrackerNew = new SessionTracker();
if (EnableSessionTracker)
{
string sessionID = HttpContext.Current.Session.SessionID;
SageFrame.Web.SessionLog sLogNew = new SageFrame.Web.SessionLog();
sLogNew.SessionLogStart(sessionTrackerNew, sessionID);
}
string ReturnUrl = string.Empty;
string RedUrl = string.Empty;
SageFrameConfig sfConfig = new SageFrameConfig();
if (lnkloginStatus.CommandName == "LOGIN")
{
if (Request.QueryString["ReturnUrl"] == null)
{
ReturnUrl = Request.RawUrl.ToString();
if (!(ReturnUrl.ToLower().Contains(SageFrameSettingKeys.PageExtension)))
{
//ReturnUrl = ReturnUrl.Remove(strURL.LastIndexOf('/'));
if (ReturnUrl.EndsWith("/"))
{
ReturnUrl += sfConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage).Replace(" ", "-") + SageFrameSettingKeys.PageExtension;
}
else
{
ReturnUrl += '/' + sfConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage).Replace(" ", "-") + SageFrameSettingKeys.PageExtension;
}
}
}
else
{
ReturnUrl = Request.QueryString["ReturnUrl"].ToString();
}
if (!IsParent)
{
RedUrl = GetParentURL + "/portal/" + GetPortalSEOName + "/" + sfConfig.GetSettingsByKey(SageFrameSettingKeys.PortalLoginpage) + SageFrameSettingKeys.PageExtension;
}
else
{
RedUrl = GetParentURL + "/" + sfConfig.GetSettingsByKey(SageFrameSettingKeys.PortalLoginpage) + SageFrameSettingKeys.PageExtension;
}
}
else
{
if (EnableSessionTracker)
{
SageFrame.Web.SessionLog sLog = new SageFrame.Web.SessionLog();
sLog.SessionLogEnd(GetPortalID);
}
SecurityPolicy objSecurity = new SecurityPolicy();
HttpCookie authenticateCookie = new HttpCookie(objSecurity.FormsCookieName(GetPortalID));
authenticateCookie.Expires = DateTime.Now.AddYears(-1);
string randomCookieValue = GenerateRandomCookieValue();
HttpContext.Current.Session[SessionKeys.RandomCookieValue] = randomCookieValue;
Response.Cookies.Add(authenticateCookie);
lnkloginStatus.Text = "Login";
SetUserRoles(string.Empty);
//create new sessionID
SessionIDManager manager = new SessionIDManager();
manager.RemoveSessionID(System.Web.HttpContext.Current);
var newId = manager.CreateSessionID(System.Web.HttpContext.Current);
var isRedirected = true;
var isAdded = true;
manager.SaveSessionID(System.Web.HttpContext.Current, newId, out isRedirected, out isAdded);
if (!IsParent)
{
RedUrl = GetParentURL + "/portal/" + GetPortalSEOName + "/" + sfConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage).Replace(" ", "-") + SageFrameSettingKeys.PageExtension;
}
else
{
RedUrl = GetParentURL + "/" + sfConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage).Replace(" ", "-") + SageFrameSettingKeys.PageExtension;
}
}
CheckOutHelper cHelper = new CheckOutHelper();
cHelper.ClearSessions();
FormsAuthentication.SignOut();
Response.Redirect(RedUrl, false);
}
catch (Exception ex)
{
ProcessException(ex);
}
}