protected void btnCreateForumItem_Click(object sender, EventArgs e) { var categoryGUID = this.GetRedirectParameter("categoryGUID", false); if (categoryGUID != null && !String.IsNullOrEmpty(SessionProps.UserName) && SessionProps.HasPermission("USER") && Header.Text.Trim().Length > 0 && Body.Text.Trim().Length > 0) { using (var db = Global.GetConnection()) { var forum = new Ext_Forum(); forum.Header = Header.Text; forum.Body = Body.Text; forum.PostedDate = DateTime.Now; forum.ForumCategoryGUID = new Guid(categoryGUID.ToString()); forum.UserGUID = SessionProps.UserGuid; db.Ext_Forum.InsertOnSubmit(forum); db.SubmitChanges(); WebControlManager.RedirectWithQueryString("ForumViewThread.aspx", new string[] { "threadGUID" }, new string[] { forum.GUID.ToString() }); } } else { lblMessage.Text = "Det gick inte att spara inlägget. Är du inloggad? Har du fyllt i både rubrik och brödtext?"; } }
protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { var team = new UserTeamManagement(Global.ConnectionString, SessionProps).GetTeam(TeamId); //check that it's the users team //verify team owner if (team.UserGUID != SessionProps.UserGuid && !SessionProps.HasPermission("ADMIN")) { //log the attempted breach MailAndLog.SendMessage("Försök att sabba lag", String.Format("Användaren: {0} med guid: {1} försökte ändra bild på laget: {2} med guid: {3}", SessionProps.UserName, SessionProps.UserGuid.ToString(), team.Name, team.GUID), Parameters.Instance.MailSender, Parameters.Instance.SupportMail); throw new AccessViolationException("Attempt to tamper with other users team"); } if (!String.IsNullOrEmpty(team.Picture)) { uploadImage.UploadUserImage(team.Picture); } else { uploadImage.UploadUserImage(); } } }
protected void Page_Load(object sender, EventArgs e) { VerifyAccess("ADMIN", "USER_NEWS", "USER_MATCHUPDATE", "USER_ATHLETEUPDATE"); //initialt är alla knappar dolda if (SessionProps.HasPermission("ADMIN") || SessionProps.HasPermission("USER_NEWS")) { BtnNews.Visible = true; lnkNewsInstructions.Visible = true; } if (SessionProps.HasPermission("ADMIN") || SessionProps.HasPermission("USER_ATHLETEUPDATE")) { btnPlayers.Visible = true; } if (SessionProps.HasPermission("ADMIN") || SessionProps.HasPermission("USER_MATCHUPDATE")) { btnUpdateMatches.Visible = true; lnkUpdateMatchesInstructions.Visible = true; } if (SessionProps.HasPermission("ADMIN_TOURMASTER") || SessionProps.HasPermission("ADMIN_SYSTEM")) { btnTournaments.Visible = true; } if (SessionProps.HasPermission("ADMIN_TOURMASTER") || SessionProps.HasPermission("ADMIN_SYSTEM")) { btnRules.Visible = true; } if (SessionProps.HasPermission("ADMIN_SYSTEM")) { btnApproveTeams.Visible = true; } if (SessionProps.HasPermission("ADMIN_SYSTEM") || SessionProps.HasPermission("ADMIN_USERS")) { btnUsers.Visible = true; } if (SessionProps.HasPermission("ADMIN_SYSTEM")) { btnProfiling.Visible = true; } if (SessionProps.HasPermission("ADMIN_SYSTEM") && String.IsNullOrEmpty(Parameters.Instance.TwitterAccessTokenSecret)) { btnSignInToTwitter.Visible = true; } if (SessionProps.HasPermission("ADMIN_SYSTEM") && !String.IsNullOrEmpty(Parameters.Instance.TwitterAccessTokenSecret)) { btnSignOutFromTwitter.Visible = true; } LoadTopUpdaters(); }
private void LoadTournament() { var tournamentGUID = this.GetRedirectParameter("tournamentGUID", false); if (tournamentGUID != null) { using (var db = Global.GetConnection()) { var tournament = db.Ext_PrivateTournament.Single(t => t.GUID == new Guid(tournamentGUID.ToString())); //verify tournament owner if (tournament.Sys_User.GUID != SessionProps.UserGuid && !SessionProps.HasPermission("ADMIN")) { //log the attempted breach MailAndLog.SendMessage("Försök att sabba turnering", String.Format("Användaren: {0} med guid: {1} försökte öppna turneringen: {2} med guid: {3}", SessionProps.UserName, SessionProps.UserGuid.ToString(), tournament.Name, tournament.GUID), Parameters.Instance.MailSender, Parameters.Instance.SupportMail); throw new AccessViolationException("Attempt to open other users tournament"); } Name.Text = tournament.Name; Description.Text = tournament.Description; IsVisibleForAll.Checked = (tournament.IsLimitedInTime ?? false); if (tournament.IsLimitedInTime ?? true) { rblDateLimitation.SelectedValue = "datum"; pnlDateLimitation.Visible = true; pnlDayLimitation.Visible = false; StartDate.Text = (tournament.StartDate ?? DateTime.Now).ToShortDateString(); EndDate.Text = (tournament.EndDate ?? DateTime.Now).ToShortDateString(); } else { rblDateLimitation.SelectedValue = "omg"; pnlDateLimitation.Visible = false; pnlDayLimitation.Visible = true; drpStartDay.SelectedIndex = (tournament.StartDay ?? 2) - 1; drpEndDay.SelectedIndex = (tournament.EndDay ?? 2) - 1; } LoadParticipants(tournament.GUID, db); } } }
private void LoadThreads() { using (var db = Global.GetConnection()) { var threads = from t in db.Ext_Forum where t.ForumCategoryGUID == new Guid(drpForumCategory.SelectedValue) && t.ResponseToGUID == null select new { t.GUID, t.Header, t.PostedDate, IsDeletable = SessionProps.HasPermission("ADMIN_FORUM") }; rptForum.DataSource = threads.OrderByDescending(t => t.PostedDate).ToList(); rptForum.DataBind(); } }
private void GetUserTeams() { using (var db = Global.GetConnection()) { IQueryable <Inti_Team> teamsQ; //for admins and the same users, show also non-paid teams if (SessionProps.UserGuid.Equals((Guid)ViewState["userGUID"])) { teamsQ = from t in db.Inti_Team where t.Sys_User.GUID == (Guid)ViewState["userGUID"] && t.Inti_Tournament.GUID == SessionProps.SelectedTournament.GUID select t; } else { if (SessionProps.HasPermission("ADMIN_SYSTEM")) { teamsQ = from t in db.Inti_Team where t.Sys_User.GUID == (Guid)ViewState["userGUID"] && t.Inti_Tournament.GUID == SessionProps.SelectedTournament.GUID select t; } else { teamsQ = from t in db.Inti_Team where t.Sys_User.GUID == (Guid)ViewState["userGUID"] && t.Inti_Tournament.GUID == SessionProps.SelectedTournament.GUID && t.IsPaid == true && t.IsActive == true select t; } } UserTeams.DataKeyNames = new string[] { "GUID" }; UserTeams.DataSource = teamsQ.ToList(); UserTeams.DataBind(); } }
protected void Page_Load(object sender, EventArgs e) { btnAddNewThread.Visible = (!String.IsNullOrEmpty(SessionProps.UserName)); //delete thread? if (SessionProps.HasPermission("ADMIN_FORUM")) { var deleteThreadGuid = this.GetRedirectParameter("deleteGUID", true); if (deleteThreadGuid != null) { using (var db = Global.GetConnection()) { //do the delete var thread = db.Ext_Forum.SingleOrDefault(f => f.GUID == new Guid(deleteThreadGuid.ToString())); if (thread != null) { db.Ext_Forum.DeleteOnSubmit(thread); db.SubmitChanges(); Response.Redirect("ForumViewThreads.aspx"); } } } } if (!IsPostBack) { LoadCategories(); LoadThreads(); } }