/// <summary> /// Creates the facebook user /// </summary> /// <param name="facebookUser"> /// The facebook user. /// </param> /// <param name="userGender"> /// The user gender. /// </param> /// <param name="message"> /// The message. /// </param> /// <returns> /// Returns if the login was successfully or not /// </returns> private bool CreateFacebookUser(FacebookUser facebookUser, int userGender, out string message) { if (YafContext.Current.Get <YafBoardSettings>().DisableRegistrations) { message = YafContext.Current.Get <ILocalization>().GetText("LOGIN", "SSO_FAILED"); return(false); } // Check user for bot var spamChecker = new YafSpamCheck(); string result; var isPossibleSpamBot = false; var userIpAddress = YafContext.Current.Get <HttpRequestBase>().GetUserRealIPAddress(); // Check content for spam if (spamChecker.CheckUserForSpamBot(facebookUser.UserName, facebookUser.Email, userIpAddress, out result)) { YafContext.Current.Get <ILogger>().Log( null, "Bot Detected", "Bot Check detected a possible SPAM BOT: (user name : '{0}', email : '{1}', ip: '{2}', reason : {3}), user was rejected." .FormatWith(facebookUser.UserName, facebookUser.Email, userIpAddress, result), EventLogTypes.SpamBotDetected); if (YafContext.Current.Get <YafBoardSettings>().BotHandlingOnRegister.Equals(1)) { // Flag user as spam bot isPossibleSpamBot = true; } else if (YafContext.Current.Get <YafBoardSettings>().BotHandlingOnRegister.Equals(2)) { message = YafContext.Current.Get <ILocalization>().GetText("BOT_MESSAGE"); if (!YafContext.Current.Get <YafBoardSettings>().BanBotIpOnDetection) { return(false); } YafContext.Current.GetRepository <BannedIP>() .Save( null, userIpAddress, "A spam Bot who was trying to register was banned by IP {0}".FormatWith(userIpAddress), YafContext.Current.PageUserID); // Clear cache YafContext.Current.Get <IDataCache>().Remove(Constants.Cache.BannedIP); if (YafContext.Current.Get <YafBoardSettings>().LogBannedIP) { YafContext.Current.Get <ILogger>() .Log( null, "IP BAN of Bot During Registration", "A spam Bot who was trying to register was banned by IP {0}".FormatWith( userIpAddress), EventLogTypes.IpBanSet); } return(false); } } MembershipCreateStatus status; var memberShipProvider = YafContext.Current.Get <MembershipProvider>(); var pass = Membership.GeneratePassword(32, 16); var securityAnswer = Membership.GeneratePassword(64, 30); var user = memberShipProvider.CreateUser( facebookUser.UserName, pass, facebookUser.Email, memberShipProvider.RequiresQuestionAndAnswer ? "Answer is a generated Pass" : null, memberShipProvider.RequiresQuestionAndAnswer ? securityAnswer : null, true, null, out status); // setup initial roles (if any) for this user RoleMembershipHelper.SetupUserRoles(YafContext.Current.PageBoardID, facebookUser.UserName); // create the user in the YAF DB as well as sync roles... var userID = RoleMembershipHelper.CreateForumUser(user, YafContext.Current.PageBoardID); // create empty profile just so they have one var userProfile = YafUserProfile.GetProfile(facebookUser.UserName); // setup their initial profile information userProfile.Save(); userProfile.Facebook = facebookUser.ProfileURL; userProfile.FacebookId = facebookUser.UserID; userProfile.Homepage = facebookUser.ProfileURL; if (facebookUser.Birthday.IsSet()) { DateTime userBirthdate; var ci = CultureInfo.CreateSpecificCulture("en-US"); DateTime.TryParse(facebookUser.Birthday, ci, DateTimeStyles.None, out userBirthdate); if (userBirthdate > DateTimeHelper.SqlDbMinTime().Date) { userProfile.Birthday = userBirthdate; } } userProfile.RealName = facebookUser.Name; userProfile.Gender = userGender; if (facebookUser.Location != null && facebookUser.Location.Name.IsSet()) { userProfile.Location = facebookUser.Location.Name; } userProfile.Save(); // setup their initial profile information userProfile.Save(); if (userID == null) { // something is seriously wrong here -- redirect to failure... message = YafContext.Current.Get <ILocalization>().GetText("LOGIN", "SSO_FAILED"); return(false); } if (YafContext.Current.Get <YafBoardSettings>().NotificationOnUserRegisterEmailList.IsSet()) { // send user register notification to the following admin users... YafContext.Current.Get <ISendNotification>().SendRegistrationNotificationEmail(user, userID.Value); } if (isPossibleSpamBot) { YafContext.Current.Get <ISendNotification>().SendSpamBotNotificationToAdmins(user, userID.Value); } // send user register notification to the user... YafContext.Current.Get <ISendNotification>() .SendRegistrationNotificationToUser(user, pass, securityAnswer, "NOTIFICATION_ON_FACEBOOK_REGISTER"); // save the time zone... var userId = UserMembershipHelper.GetUserIDFromProviderUserKey(user.ProviderUserKey); LegacyDb.user_save( userId, YafContext.Current.PageBoardID, facebookUser.UserName, facebookUser.UserName, facebookUser.Email, 0, null, null, true, null, null, null, null, null, null, null, null); var autoWatchTopicsEnabled = YafContext.Current.Get <YafBoardSettings>().DefaultNotificationSetting == UserNotificationSetting.TopicsIPostToOrSubscribeTo; // save the settings... LegacyDb.user_savenotification( userId, true, autoWatchTopicsEnabled, YafContext.Current.Get <YafBoardSettings>().DefaultNotificationSetting, YafContext.Current.Get <YafBoardSettings>().DefaultSendDigestEmail); // save avatar LegacyDb.user_saveavatar( userId, "https://graph.facebook.com/{0}/picture".FormatWith(facebookUser.UserID), null, null); YafContext.Current.Get <IRaiseEvent>().Raise(new NewUserRegisteredEvent(user, userId)); YafSingleSignOnUser.LoginSuccess(AuthService.facebook, user.UserName, userId, true); message = string.Empty; return(true); }
/// <summary> /// Handles the CreatingUser event of the CreateUserWizard1 control. /// </summary> /// <param name="sender"> /// The source of the event. /// </param> /// <param name="e"> /// The <see cref="LoginCancelEventArgs"/> instance containing the event data. /// </param> /// <exception cref="System.ArgumentNullException"> /// CreateUserWizard.UserName;UserName from CreateUserWizard is Null! /// </exception> /// <exception cref="ArgumentNullException"> /// Argument is null. /// </exception> protected void CreateUserWizard1_CreatingUser([NotNull] object sender, [NotNull] LoginCancelEventArgs e) { var userName = this.CreateUserWizard1.UserName; if (userName.IsNotSet()) { throw new ArgumentNullException("CreateUserWizard.UserName", "UserName from CreateUserWizard is Null!"); } userName = userName.Trim(); // trim username on postback this.CreateUserWizard1.UserName = userName; // username cannot contain semi-colon or to be a bad word var badWord = this.Get <IBadWordReplace>() .ReplaceItems.Any(i => userName.Equals(i.BadWord, StringComparison.CurrentCultureIgnoreCase)); var guestUserName = UserMembershipHelper.GuestUserName; guestUserName = guestUserName.IsSet() ? guestUserName.ToLower() : string.Empty; if (userName.Contains(";") || badWord || userName.ToLower().Equals(guestUserName)) { this.PageContext.AddLoadMessage(this.GetText("BAD_USERNAME"), MessageTypes.warning); e.Cancel = true; return; } if (userName.Length < this.Get <YafBoardSettings>().DisplayNameMinLength) { this.PageContext.AddLoadMessage( this.GetTextFormatted("USERNAME_TOOSMALL", this.Get <YafBoardSettings>().DisplayNameMinLength), MessageTypes.danger); e.Cancel = true; return; } if (userName.Length > this.Get <YafBoardSettings>().UserNameMaxLength) { this.PageContext.AddLoadMessage( this.GetTextFormatted("USERNAME_TOOLONG", this.Get <YafBoardSettings>().UserNameMaxLength), MessageTypes.danger); e.Cancel = true; return; } if (this.Get <YafBoardSettings>().EnableDisplayName) { var displayName = this.CreateUserStepContainer.FindControlAs <TextBox>("DisplayName"); if (displayName != null) { // Check if name matches the required minimum length if (displayName.Text.Trim().Length < this.Get <YafBoardSettings>().DisplayNameMinLength) { this.PageContext.AddLoadMessage( this.GetTextFormatted("USERNAME_TOOSMALL", this.Get <YafBoardSettings>().DisplayNameMinLength), MessageTypes.warning); e.Cancel = true; return; } // Check if name matches the required minimum length if (displayName.Text.Length > this.Get <YafBoardSettings>().UserNameMaxLength) { this.PageContext.AddLoadMessage( this.GetTextFormatted("USERNAME_TOOLONG", this.Get <YafBoardSettings>().UserNameMaxLength), MessageTypes.warning); e.Cancel = true; return; } if (this.Get <IUserDisplayName>().GetId(displayName.Text.Trim()).HasValue) { this.PageContext.AddLoadMessage( this.GetText("ALREADY_REGISTERED_DISPLAYNAME"), MessageTypes.warning); e.Cancel = true; } } } this.IsPossibleSpamBot = false; // Check user for bot var spamChecker = new YafSpamCheck(); string result; var userIpAddress = this.Get <HttpRequestBase>().GetUserRealIPAddress(); // Check content for spam if (spamChecker.CheckUserForSpamBot(userName, this.CreateUserWizard1.Email, userIpAddress, out result)) { // Flag user as spam bot this.IsPossibleSpamBot = true; this.Logger.Log( null, "Bot Detected", "Bot Check detected a possible SPAM BOT: (user name : '{0}', email : '{1}', ip: '{2}', reason : {3}), user was rejected." .FormatWith(userName, this.CreateUserWizard1.Email, userIpAddress, result), EventLogTypes.SpamBotDetected); if (this.Get <YafBoardSettings>().BotHandlingOnRegister.Equals(2)) { this.PageContext.AddLoadMessage(this.GetText("BOT_MESSAGE"), MessageTypes.danger); if (this.Get <YafBoardSettings>().BanBotIpOnDetection) { this.GetRepository <BannedIP>() .Save( null, userIpAddress, "A spam Bot who was trying to register was banned by IP {0}".FormatWith(userIpAddress), this.PageContext.PageUserID); // Clear cache this.Get <IDataCache>().Remove(Constants.Cache.BannedIP); if (YafContext.Current.Get <YafBoardSettings>().LogBannedIP) { this.Get <ILogger>() .Log( this.PageContext.PageUserID, "IP BAN of Bot During Registration", "A spam Bot who was trying to register was banned by IP {0}".FormatWith( userIpAddress), EventLogTypes.IpBanSet); } } e.Cancel = true; } } switch (this.Get <YafBoardSettings>().CaptchaTypeRegister) { case 1: { // Check YAF Captcha var yafCaptchaText = this.CreateUserStepContainer.FindControlAs <TextBox>("tbCaptcha"); if (!CaptchaHelper.IsValid(yafCaptchaText.Text.Trim())) { this.PageContext.AddLoadMessage(this.GetText("BAD_CAPTCHA"), MessageTypes.danger); e.Cancel = true; } } break; case 2: { // Check reCAPTCHA var recaptcha = // this.CreateUserWizard1.FindWizardControlRecursive("Recaptcha1").ToClass<RecaptchaControl>(); this.CreateUserStepContainer.FindControlAs <RecaptchaControl>("Recaptcha1"); // Recupt; if (!recaptcha.IsValid) { this.PageContext.AddLoadMessage(this.GetText("BAD_RECAPTCHA"), MessageTypes.danger); e.Cancel = true; } } break; } /* * * * // vzrus: Here recaptcha should be always valid. This piece of code for testing only. * if (this.Get<YafBoardSettings>().CaptchaTypeRegister == 2) * { * var recaptcha = * this.CreateUserWizard1.FindWizardControlRecursive("Recaptcha1").ToClass<RecaptchaControl>(); * * if (recaptcha != null && !recaptcha.IsValid) * { * this.PageContext.AddLoadMessage(this.GetText("BAD_CAPTCHA"), MessageTypes.Error); * e.Cancel = true; * } * } * */ }
/// <summary> /// Handles the CreatingUser event of the CreateUserWizard1 control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="LoginCancelEventArgs" /> instance containing the event data.</param> /// <exception cref="System.ArgumentNullException">CreateUserWizard.UserName;UserName from CreateUserWizard is Null!</exception> /// <exception cref="ArgumentNullException">Argument is null.</exception> protected void CreateUserWizard1_CreatingUser([NotNull] object sender, [NotNull] LoginCancelEventArgs e) { string userName = this.CreateUserWizard1.UserName; if (userName.IsNotSet()) { throw new ArgumentNullException("CreateUserWizard.UserName", "UserName from CreateUserWizard is Null!"); } userName = userName.Trim(); // trim username on postback this.CreateUserWizard1.UserName = userName; // username cannot contain semi-colon or to be a bad word bool badWord = this.Get <IBadWordReplace>() .ReplaceItems.Any(i => userName.Equals(i.BadWord, StringComparison.CurrentCultureIgnoreCase)); string guestUserName = UserMembershipHelper.GuestUserName; guestUserName = guestUserName.IsSet() ? guestUserName.ToLower() : string.Empty; if (userName.Contains(";") || badWord || userName.ToLower().Equals(guestUserName)) { this.PageContext.AddLoadMessage(this.GetText("BAD_USERNAME"), MessageTypes.Warning); e.Cancel = true; return; } if (userName.Length > this.Get <YafBoardSettings>().UserNameMaxLength) { this.PageContext.AddLoadMessage( this.GetTextFormatted("USERNAME_TOOLONG", this.Get <YafBoardSettings>().UserNameMaxLength), MessageTypes.Error); e.Cancel = true; return; } if (this.Get <YafBoardSettings>().EnableDisplayName) { var displayName = this.CreateUserStepContainer.FindControlAs <TextBox>("DisplayName"); if (displayName != null) { if (displayName.Text.Length > this.Get <YafBoardSettings>().UserNameMaxLength) { this.PageContext.AddLoadMessage( this.GetTextFormatted("USERNAME_TOOLONG", this.Get <YafBoardSettings>().UserNameMaxLength), MessageTypes.Warning); e.Cancel = true; return; } if (this.Get <IUserDisplayName>().GetId(displayName.Text.Trim()).HasValue) { this.PageContext.AddLoadMessage( this.GetText("ALREADY_REGISTERED_DISPLAYNAME"), MessageTypes.Warning); e.Cancel = true; } } } this.IsPossibleSpamBot = false; // Check user for bot if (this.Get <YafBoardSettings>().BotSpamServiceType > 0) { var spamChecker = new YafSpamCheck(); string result; // Check content for spam if (spamChecker.CheckUserForSpamBot( userName, this.CreateUserWizard1.Email, this.Get <HttpRequestBase>().GetUserRealIPAddress(), out result)) { if (this.Get <YafBoardSettings>().BotHandlingOnRegister.Equals(1)) { // Flag user as spam bot this.IsPossibleSpamBot = true; this.Get <ILogger>() .Info( "Bot Check detected a possible SPAM BOT: (user name : '{0}', email : '{1}', ip: '{2}', reason : {3}).", userName, this.CreateUserWizard1.Email, this.Get <HttpRequestBase>().GetUserRealIPAddress(), result); } else if (this.Get <YafBoardSettings>().BotHandlingOnRegister.Equals(2)) { this.Get <ILogger>() .Info( "Bot Check detected a possible SPAM BOT: (user name : '{0}', email : '{1}', ip: '{2}', reason : {3}), user was rejected.", userName, this.CreateUserWizard1.Email, this.Get <HttpRequestBase>().GetUserRealIPAddress(), result); this.PageContext.AddLoadMessage(this.GetText("BOT_MESSAGE"), MessageTypes.Error); e.Cancel = true; } } } var yafCaptchaText = this.CreateUserStepContainer.FindControlAs <TextBox>("tbCaptcha"); // vzrus: Here recaptcha should be always valid. This piece of code for testing only. if (this.Get <YafBoardSettings>().CaptchaTypeRegister == 2) { var recaptcha = this.CreateUserWizard1.FindWizardControlRecursive("Recaptcha1").ToClass <RecaptchaControl>(); if (recaptcha != null && !recaptcha.IsValid) { this.PageContext.AddLoadMessage(this.GetText("BAD_CAPTCHA"), MessageTypes.Error); e.Cancel = true; } } // verify captcha if enabled if (this.Get <YafBoardSettings>().CaptchaTypeRegister != 1 || CaptchaHelper.IsValid(yafCaptchaText.Text.Trim())) { return; } this.PageContext.AddLoadMessage(this.GetText("BAD_CAPTCHA"), MessageTypes.Error); e.Cancel = true; }
/// <summary> /// Creates the Google user /// </summary> /// <param name="googleUser"> /// The Google user. /// </param> /// <param name="userGender"> /// The user gender. /// </param> /// <param name="message"> /// The message. /// </param> /// <returns> /// Returns if the login was successfully or not /// </returns> private bool CreateGoogleUser(GoogleUser googleUser, int userGender, out string message) { if (YafContext.Current.Get<YafBoardSettings>().DisableRegistrations) { message = YafContext.Current.Get<ILocalization>().GetText("LOGIN", "SSO_FAILED"); return false; } // Check user for bot var spamChecker = new YafSpamCheck(); string result; var isPossibleSpamBot = false; var userIpAddress = YafContext.Current.Get<HttpRequestBase>().GetUserRealIPAddress(); // Check content for spam if (spamChecker.CheckUserForSpamBot(googleUser.UserName, googleUser.Email, userIpAddress, out result)) { YafContext.Current.Get<ILogger>().Log( null, "Bot Detected", "Bot Check detected a possible SPAM BOT: (user name : '{0}', email : '{1}', ip: '{2}', reason : {3}), user was rejected." .FormatWith(googleUser.UserName, googleUser.Email, userIpAddress, result), EventLogTypes.SpamBotDetected); if (YafContext.Current.Get<YafBoardSettings>().BotHandlingOnRegister.Equals(1)) { // Flag user as spam bot isPossibleSpamBot = true; } else if (YafContext.Current.Get<YafBoardSettings>().BotHandlingOnRegister.Equals(2)) { message = YafContext.Current.Get<ILocalization>().GetText("BOT_MESSAGE"); if (!YafContext.Current.Get<YafBoardSettings>().BanBotIpOnDetection) { return false; } YafContext.Current.GetRepository<BannedIP>() .Save( null, userIpAddress, "A spam Bot who was trying to register was banned by IP {0}".FormatWith(userIpAddress), YafContext.Current.PageUserID); // Clear cache YafContext.Current.Get<IDataCache>().Remove(Constants.Cache.BannedIP); if (YafContext.Current.Get<YafBoardSettings>().LogBannedIP) { YafContext.Current.Get<ILogger>() .Log( null, "IP BAN of Bot During Registration", "A spam Bot who was trying to register was banned by IP {0}".FormatWith( userIpAddress), EventLogTypes.IpBanSet); } return false; } } MembershipCreateStatus status; var memberShipProvider = YafContext.Current.Get<MembershipProvider>(); var pass = Membership.GeneratePassword(32, 16); var securityAnswer = Membership.GeneratePassword(64, 30); var user = memberShipProvider.CreateUser( googleUser.UserName, pass, googleUser.Email, memberShipProvider.RequiresQuestionAndAnswer ? "Answer is a generated Pass" : null, memberShipProvider.RequiresQuestionAndAnswer ? securityAnswer : null, true, null, out status); // setup initial roles (if any) for this user RoleMembershipHelper.SetupUserRoles(YafContext.Current.PageBoardID, googleUser.UserName); // create the user in the YAF DB as well as sync roles... var userID = RoleMembershipHelper.CreateForumUser(user, YafContext.Current.PageBoardID); // create empty profile just so they have one var userProfile = YafUserProfile.GetProfile(googleUser.UserName); userProfile.Google = googleUser.ProfileURL; userProfile.GoogleId = googleUser.UserID; userProfile.Homepage = googleUser.ProfileURL; userProfile.Gender = userGender; userProfile.Save(); // setup their initial profile information userProfile.Save(); if (userID == null) { // something is seriously wrong here -- redirect to failure... message = YafContext.Current.Get<ILocalization>().GetText("LOGIN", "SSO_FAILED"); return false; } if (YafContext.Current.Get<YafBoardSettings>().NotificationOnUserRegisterEmailList.IsSet()) { // send user register notification to the following admin users... YafContext.Current.Get<ISendNotification>().SendRegistrationNotificationEmail(user, userID.Value); } if (isPossibleSpamBot) { YafContext.Current.Get<ISendNotification>().SendSpamBotNotificationToAdmins(user, userID.Value); } // send user register notification to the user... YafContext.Current.Get<ISendNotification>() .SendRegistrationNotificationToUser(user, pass, securityAnswer, "NOTIFICATION_ON_GOOGLE_REGISTER"); // save the time zone... var userId = UserMembershipHelper.GetUserIDFromProviderUserKey(user.ProviderUserKey); LegacyDb.user_save( userId, YafContext.Current.PageBoardID, googleUser.UserName, googleUser.UserName, googleUser.Email, 0, null, null, true, null, null, null, null, null, null, null, null); var autoWatchTopicsEnabled = YafContext.Current.Get<YafBoardSettings>().DefaultNotificationSetting == UserNotificationSetting.TopicsIPostToOrSubscribeTo; // save the settings... LegacyDb.user_savenotification( userId, true, autoWatchTopicsEnabled, YafContext.Current.Get<YafBoardSettings>().DefaultNotificationSetting, YafContext.Current.Get<YafBoardSettings>().DefaultSendDigestEmail); // save avatar LegacyDb.user_saveavatar(userId, googleUser.ProfileImage, null, null); YafContext.Current.Get<IRaiseEvent>().Raise(new NewUserRegisteredEvent(user, userId)); YafSingleSignOnUser.LoginSuccess(AuthService.google, user.UserName, userId, true); message = string.Empty; return true; }
/// <summary> /// Creates the Google user /// </summary> /// <param name="googleUser"> /// The Google user. /// </param> /// <param name="userGender"> /// The user gender. /// </param> /// <param name="message"> /// The message. /// </param> /// <returns> /// Returns if the login was successfully or not /// </returns> private bool CreateGoogleUser(GoogleUser googleUser, int userGender, out string message) { if (YafContext.Current.Get <YafBoardSettings>().DisableRegistrations) { message = YafContext.Current.Get <ILocalization>().GetText("LOGIN", "SSO_FAILED"); return(false); } // Check user for bot var spamChecker = new YafSpamCheck(); string result; var isPossibleSpamBot = false; var userIpAddress = YafContext.Current.Get <HttpRequestBase>().GetUserRealIPAddress(); // Check content for spam if (spamChecker.CheckUserForSpamBot(googleUser.UserName, googleUser.Email, userIpAddress, out result)) { YafContext.Current.Get <ILogger>().Log( null, "Bot Detected", "Bot Check detected a possible SPAM BOT: (user name : '{0}', email : '{1}', ip: '{2}', reason : {3}), user was rejected." .FormatWith(googleUser.UserName, googleUser.Email, userIpAddress, result), EventLogTypes.SpamBotDetected); if (YafContext.Current.Get <YafBoardSettings>().BotHandlingOnRegister.Equals(1)) { // Flag user as spam bot isPossibleSpamBot = true; } else if (YafContext.Current.Get <YafBoardSettings>().BotHandlingOnRegister.Equals(2)) { message = YafContext.Current.Get <ILocalization>().GetText("BOT_MESSAGE"); if (!YafContext.Current.Get <YafBoardSettings>().BanBotIpOnDetection) { return(false); } YafContext.Current.GetRepository <BannedIP>() .Save( null, userIpAddress, "A spam Bot who was trying to register was banned by IP {0}".FormatWith(userIpAddress), YafContext.Current.PageUserID); // Clear cache YafContext.Current.Get <IDataCache>().Remove(Constants.Cache.BannedIP); if (YafContext.Current.Get <YafBoardSettings>().LogBannedIP) { YafContext.Current.Get <ILogger>() .Log( null, "IP BAN of Bot During Registration", "A spam Bot who was trying to register was banned by IP {0}".FormatWith( userIpAddress), EventLogTypes.IpBanSet); } return(false); } } MembershipCreateStatus status; var memberShipProvider = YafContext.Current.Get <MembershipProvider>(); var pass = Membership.GeneratePassword(32, 16); var securityAnswer = Membership.GeneratePassword(64, 30); var user = memberShipProvider.CreateUser( googleUser.UserName, pass, googleUser.Email, memberShipProvider.RequiresQuestionAndAnswer ? "Answer is a generated Pass" : null, memberShipProvider.RequiresQuestionAndAnswer ? securityAnswer : null, true, null, out status); // setup initial roles (if any) for this user RoleMembershipHelper.SetupUserRoles(YafContext.Current.PageBoardID, googleUser.UserName); // create the user in the YAF DB as well as sync roles... var userID = RoleMembershipHelper.CreateForumUser(user, YafContext.Current.PageBoardID); // create empty profile just so they have one var userProfile = YafUserProfile.GetProfile(googleUser.UserName); // setup their initial profile information userProfile.Save(); userProfile.GoogleId = googleUser.UserID; userProfile.Homepage = googleUser.ProfileURL; userProfile.Gender = userGender; if (YafContext.Current.Get <YafBoardSettings>().EnableIPInfoService&& this.UserIpLocator == null) { this.UserIpLocator = new IPDetails().GetData( YafContext.Current.Get <HttpRequestBase>().GetUserRealIPAddress(), "text", false, YafContext.Current.CurrentForumPage.Localization.Culture.Name, string.Empty, string.Empty); if (this.UserIpLocator != null && this.UserIpLocator["StatusCode"] == "OK" && this.UserIpLocator.Count > 0) { userProfile.Country = this.UserIpLocator["CountryCode"]; var location = new StringBuilder(); if (this.UserIpLocator["RegionName"] != null && this.UserIpLocator["RegionName"].IsSet() && !this.UserIpLocator["RegionName"].Equals("-")) { location.Append(this.UserIpLocator["RegionName"]); } if (this.UserIpLocator["CityName"] != null && this.UserIpLocator["CityName"].IsSet() && !this.UserIpLocator["CityName"].Equals("-")) { location.AppendFormat(", {0}", this.UserIpLocator["CityName"]); } userProfile.Location = location.ToString(); } } userProfile.Save(); if (userID == null) { // something is seriously wrong here -- redirect to failure... message = YafContext.Current.Get <ILocalization>().GetText("LOGIN", "SSO_FAILED"); return(false); } if (YafContext.Current.Get <YafBoardSettings>().NotificationOnUserRegisterEmailList.IsSet()) { // send user register notification to the following admin users... YafContext.Current.Get <ISendNotification>().SendRegistrationNotificationEmail(user, userID.Value); } if (isPossibleSpamBot) { YafContext.Current.Get <ISendNotification>().SendSpamBotNotificationToAdmins(user, userID.Value); } // send user register notification to the user... YafContext.Current.Get <ISendNotification>() .SendRegistrationNotificationToUser(user, pass, securityAnswer, "NOTIFICATION_ON_GOOGLE_REGISTER"); // save the time zone... var userId = UserMembershipHelper.GetUserIDFromProviderUserKey(user.ProviderUserKey); var autoWatchTopicsEnabled = YafContext.Current.Get <YafBoardSettings>().DefaultNotificationSetting == UserNotificationSetting.TopicsIPostToOrSubscribeTo; YafContext.Current.GetRepository <User>().Save( userID: userId, boardID: YafContext.Current.PageBoardID, userName: googleUser.UserName, displayName: googleUser.UserName, email: googleUser.Email, timeZone: TimeZoneInfo.Local.Id, languageFile: null, culture: null, themeFile: null, textEditor: null, approved: null, pmNotification: YafContext.Current.Get <YafBoardSettings>().DefaultNotificationSetting, autoWatchTopics: autoWatchTopicsEnabled, dSTUser: TimeZoneInfo.Local.SupportsDaylightSavingTime, hideUser: null, notificationType: null); // save the settings... YafContext.Current.GetRepository <User>().SaveNotification( userId, true, autoWatchTopicsEnabled, YafContext.Current.Get <YafBoardSettings>().DefaultNotificationSetting, YafContext.Current.Get <YafBoardSettings>().DefaultSendDigestEmail); // save avatar YafContext.Current.GetRepository <User>().SaveAvatar(userId, googleUser.ProfileImage, null, null); YafContext.Current.Get <IRaiseEvent>().Raise(new NewUserRegisteredEvent(user, userId)); YafSingleSignOnUser.LoginSuccess(AuthService.google, user.UserName, userId, true); message = string.Empty; return(true); }
/// <summary> /// Verifies the message allowed. /// </summary> /// <param name="count">The recipients count.</param> /// <param name="message">The message.</param> /// <returns> /// Returns if the user is allowed to send a message or not /// </returns> private bool VerifyMessageAllowed(int count, string message) { // Check if SPAM Message first... if (!this.PageContext.IsAdmin && !this.PageContext.ForumModeratorAccess && !this.Get <YafBoardSettings>().SpamServiceType.Equals(0)) { var spamChecker = new YafSpamCheck(); string spamResult; // Check content for spam if (spamChecker.CheckPostForSpam( this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, YafContext.Current.Get <HttpRequestBase>().GetUserRealIPAddress(), message, this.PageContext.User.Email, out spamResult)) { switch (this.Get <YafBoardSettings>().SpamMessageHandling) { case 0: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", "Spam Check detected possible SPAM ({1}) posted by User: {0}" .FormatWith( this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); break; case 1: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", "Spam Check detected possible SPAM ({1}) posted by User: {0}, it was flagged as unapproved post" .FormatWith( this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); break; case 2: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", "Spam Check detected possible SPAM ({1}) posted by User: {0}, post was rejected" .FormatWith( this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); this.PageContext.AddLoadMessage(this.GetText("SPAM_MESSAGE"), MessageTypes.danger); break; case 3: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", "Spam Check detected possible SPAM ({1}) posted by User: {0}, user was deleted and bannded" .FormatWith( this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); var userIp = new CombinedUserDataHelper( this.PageContext.CurrentUserData.Membership, this.PageContext.PageUserID).LastIP; UserMembershipHelper.DeleteAndBanUser( this.PageContext.PageUserID, this.PageContext.CurrentUserData.Membership, userIp); break; } return(false); } // Check posts for urls if the user has only x posts if (YafContext.Current.CurrentUserData.NumPosts <= YafContext.Current.Get <YafBoardSettings>().IgnoreSpamWordCheckPostCount&& !this.PageContext.IsAdmin && !this.PageContext.ForumModeratorAccess) { var urlCount = UrlHelper.CountUrls(message); if (urlCount > this.PageContext.BoardSettings.AllowedNumberOfUrls) { spamResult = "The user posted {0} urls but allowed only {1}".FormatWith( urlCount, this.PageContext.BoardSettings.AllowedNumberOfUrls); switch (this.Get <YafBoardSettings>().SpamMessageHandling) { case 0: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", "Spam Check detected possible SPAM ({1}) posted by User: {0}".FormatWith( this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); break; case 1: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", "Spam Check detected possible SPAM ({1}) posted by User: {0}, it was flagged as unapproved post" .FormatWith( this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); break; case 2: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", "Spam Check detected possible SPAM ({1}) posted by User: {0}, post was rejected" .FormatWith( this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); this.PageContext.AddLoadMessage(this.GetText("SPAM_MESSAGE"), MessageTypes.danger); break; case 3: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", "Spam Check detected possible SPAM ({1}) posted by User: {0}, user was deleted and bannded" .FormatWith( this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); var userIp = new CombinedUserDataHelper( this.PageContext.CurrentUserData.Membership, this.PageContext.PageUserID).LastIP; UserMembershipHelper.DeleteAndBanUser( this.PageContext.PageUserID, this.PageContext.CurrentUserData.Membership, userIp); break; } return(false); } } return(true); } /////////////////////////////// // test sending user's PM count // get user's name var drPMInfo = LegacyDb.user_pmcount(YafContext.Current.PageUserID).Rows[0]; if ((drPMInfo["NumberTotal"].ToType <int>() + count <= drPMInfo["NumberAllowed"].ToType <int>()) || YafContext.Current.IsAdmin) { return(true); } // user has full PM box YafContext.Current.AddLoadMessage( this.GetTextFormatted("OWN_PMBOX_FULL", drPMInfo["NumberAllowed"]), MessageTypes.danger); return(false); }
/// <summary> /// The quick reply_ click. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> protected void QuickReplyClick([NotNull] object sender, [NotNull] EventArgs e) { try { if (this.quickReplyEditor.Text.Length <= 0) { YafContext.Current.PageElements.RegisterJsBlockStartup( "openModalJs", JavaScriptBlocks.OpenModalJs("QuickReplyDialog")); this.PageContext.AddLoadMessage(this.GetText("EMPTY_MESSAGE"), MessageTypes.warning); return; } // No need to check whitespace if they are actually posting something if (this.Get <YafBoardSettings>().MaxPostSize > 0 && this.quickReplyEditor.Text.Length >= this.Get <YafBoardSettings>().MaxPostSize) { YafContext.Current.PageElements.RegisterJsBlockStartup( "openModalJs", JavaScriptBlocks.OpenModalJs("QuickReplyDialog")); this.PageContext.AddLoadMessage(this.GetText("ISEXCEEDED"), MessageTypes.warning); return; } if (this.EnableCaptcha() && !CaptchaHelper.IsValid(this.tbCaptcha.Text.Trim())) { YafContext.Current.PageElements.RegisterJsBlockStartup( "openModalJs", JavaScriptBlocks.OpenModalJs("QuickReplyDialog")); this.PageContext.AddLoadMessage(this.GetText("BAD_CAPTCHA"), MessageTypes.warning); return; } if (!(this.PageContext.IsAdmin || this.PageContext.ForumModeratorAccess) && this.Get <YafBoardSettings>().PostFloodDelay > 0) { if (YafContext.Current.Get <IYafSession>().LastPost > DateTime.UtcNow.AddSeconds(-this.Get <YafBoardSettings>().PostFloodDelay)) { YafContext.Current.PageElements.RegisterJsBlockStartup( "openModalJs", JavaScriptBlocks.OpenModalJs("QuickReplyDialog")); this.PageContext.AddLoadMessage( this.GetTextFormatted( "wait", (YafContext.Current.Get <IYafSession>().LastPost - DateTime.UtcNow.AddSeconds(-this.Get <YafBoardSettings>().PostFloodDelay)).Seconds), MessageTypes.warning); return; } } YafContext.Current.Get <IYafSession>().LastPost = DateTime.UtcNow; // post message... long messageId = 0; object replyTo = -1; var message = this.quickReplyEditor.Text; long topicId = this.PageContext.PageTopicID; // SPAM Check // Check if Forum is Moderated DataRow forumInfo; var isForumModerated = false; using (var dt = LegacyDb.forum_list(this.PageContext.PageBoardID, this.PageContext.PageForumID)) { forumInfo = dt.Rows[0]; } if (forumInfo != null) { isForumModerated = this.CheckForumModerateStatus(forumInfo); } var spamApproved = true; var isPossibleSpamMessage = false; // Check for SPAM if (!this.PageContext.IsAdmin && !this.PageContext.ForumModeratorAccess && !this.Get <YafBoardSettings>().SpamServiceType.Equals(0)) { var spamChecker = new YafSpamCheck(); string spamResult; // Check content for spam if (spamChecker.CheckPostForSpam( this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, YafContext.Current.Get <HttpRequestBase>().GetUserRealIPAddress(), this.quickReplyEditor.Text, this.PageContext.IsGuest ? null : this.PageContext.User.Email, out spamResult)) { switch (this.Get <YafBoardSettings>().SpamMessageHandling) { case 0: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", "Spam Check detected possible SPAM ({1}) posted by User: {0}".FormatWith( this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); break; case 1: spamApproved = false; isPossibleSpamMessage = true; this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", "Spam Check detected possible SPAM ({1}) posted by User: {0}, it was flagged as unapproved post" .FormatWith( this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); break; case 2: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", "Spam Check detected possible SPAM ({1}) posted by User: {0}, post was rejected" .FormatWith( this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); YafContext.Current.PageElements.RegisterJsBlockStartup( "openModalJs", JavaScriptBlocks.OpenModalJs("QuickReplyDialog")); this.PageContext.AddLoadMessage(this.GetText("SPAM_MESSAGE"), MessageTypes.danger); return; case 3: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", "Spam Check detected possible SPAM ({1}) posted by User: {0}, user was deleted and bannded" .FormatWith( this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); var userIp = new CombinedUserDataHelper( this.PageContext.CurrentUserData.Membership, this.PageContext.PageUserID).LastIP; UserMembershipHelper.DeleteAndBanUser( this.PageContext.PageUserID, this.PageContext.CurrentUserData.Membership, userIp); return; } } // Check posts for urls if the user has only x posts if (YafContext.Current.CurrentUserData.NumPosts <= YafContext.Current.Get <YafBoardSettings>().IgnoreSpamWordCheckPostCount && !this.PageContext.IsAdmin && !this.PageContext.ForumModeratorAccess) { var urlCount = UrlHelper.CountUrls(this.quickReplyEditor.Text); if (urlCount > this.PageContext.BoardSettings.AllowedNumberOfUrls) { spamResult = "The user posted {0} urls but allowed only {1}".FormatWith( urlCount, this.PageContext.BoardSettings.AllowedNumberOfUrls); switch (this.Get <YafBoardSettings>().SpamMessageHandling) { case 0: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", "Spam Check detected possible SPAM ({1}) posted by User: {0}".FormatWith( this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); break; case 1: spamApproved = false; isPossibleSpamMessage = true; this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", "Spam Check detected possible SPAM ({1}) posted by User: {0}, it was flagged as unapproved post" .FormatWith( this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); break; case 2: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", "Spam Check detected possible SPAM ({1}) posted by User: {0}, post was rejected" .FormatWith( this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); YafContext.Current.PageElements.RegisterJsBlockStartup( "openModalJs", JavaScriptBlocks.OpenModalJs("QuickReplyDialog")); this.PageContext.AddLoadMessage(this.GetText("SPAM_MESSAGE"), MessageTypes.danger); return; case 3: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", "Spam Check detected possible SPAM ({1}) posted by User: {0}, user was deleted and bannded" .FormatWith( this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); var userIp = new CombinedUserDataHelper( this.PageContext.CurrentUserData.Membership, this.PageContext.PageUserID).LastIP; UserMembershipHelper.DeleteAndBanUser( this.PageContext.PageUserID, this.PageContext.CurrentUserData.Membership, userIp); return; } } } if (!this.PageContext.IsGuest) { this.UpdateWatchTopic(this.PageContext.PageUserID, this.PageContext.PageTopicID); } } // If Forum is Moderated if (isForumModerated) { spamApproved = false; } // Bypass Approval if Admin or Moderator if (this.PageContext.IsAdmin || this.PageContext.ForumModeratorAccess) { spamApproved = true; } var messageFlags = new MessageFlags { IsHtml = this.quickReplyEditor.UsesHTML, IsBBCode = this.quickReplyEditor.UsesBBCode, IsApproved = spamApproved }; // Bypass Approval if Admin or Moderator. LegacyDb.message_save( topicId, this.PageContext.PageUserID, message, null, this.Get <HttpRequestBase>().GetUserRealIPAddress(), null, replyTo, messageFlags.BitValue, ref messageId); // Check to see if the user has enabled "auto watch topic" option in his/her profile. if (this.PageContext.CurrentUserData.AutoWatchTopics) { var watchTopicId = this.GetRepository <WatchTopic>().Check( this.PageContext.PageUserID, this.PageContext.PageTopicID); if (!watchTopicId.HasValue) { // subscribe to this topic this.GetRepository <WatchTopic>().Add(this.PageContext.PageUserID, this.PageContext.PageTopicID); } } if (messageFlags.IsApproved) { // send new post notification to users watching this topic/forum this.Get <ISendNotification>().ToWatchingUsers(messageId.ToType <int>()); if (Config.IsDotNetNuke && !this.PageContext.IsGuest) { this.Get <IActivityStream>().AddReplyToStream( this.PageContext.PageForumID, this.PageContext.PageTopicID, messageId.ToType <int>(), this.PageContext.PageTopicName, message); } // redirect to newly posted message YafBuildLink.Redirect(ForumPages.posts, "m={0}&#post{0}", messageId); } else { if (this.Get <YafBoardSettings>().EmailModeratorsOnModeratedPost) { // not approved, notifiy moderators this.Get <ISendNotification>().ToModeratorsThatMessageNeedsApproval( this.PageContext.PageForumID, messageId.ToType <int>(), isPossibleSpamMessage); } var url = YafBuildLink.GetLink(ForumPages.topics, "f={0}", this.PageContext.PageForumID); if (Config.IsRainbow) { YafBuildLink.Redirect(ForumPages.info, "i=1"); } else { YafBuildLink.Redirect(ForumPages.info, "i=1&url={0}", this.Server.UrlEncode(url)); } } } catch (Exception exception) { if (exception.GetType() != typeof(ThreadAbortException)) { this.Logger.Log(this.PageContext.PageUserID, this, exception); } } }