/// <summary> /// Initializes a new instance of the <see cref = "XslHelper" /> class. /// </summary> public XslHelper() { if (HttpContext.Current != null) { this.PortalSettings = (PortalSettings)HttpContext.Current.Items["PortalSettings"]; var users = new UsersDB(); this.user = users.GetSingleUser(HttpContext.Current.User.Identity.Name, this.PortalSettings.PortalAlias); } }
/// <summary> /// Single point logoff /// </summary> public static void SignOut(string urlToRedirect, bool removeLogin) { StackTrace st = new StackTrace(new StackFrame(2, true)); var frames = st.GetFrames(); string stackString = string.Empty; foreach (var frame in frames) { stackString+= "> " + frame.GetMethod().Name; } ErrorHandler.Publish(LogLevel.Info, "Hago signout: " + stackString); // Log User Off from Cookie Authentication System FormsAuthentication.SignOut(); // Invalidate roles token HttpCookie hck = HttpContext.Current.Response.Cookies["portalroles"]; hck.Value = null; hck.Expires = new DateTime(1999, 10, 12); hck.Path = "/"; if (removeLogin) { // Obtain PortalSettings from Current Context PortalSettings portalSettings = (PortalSettings)HttpContext.Current.Items[strPortalSettings]; // Invalidate Portal Alias Cookie security HttpCookie xhck = HttpContext.Current.Response.Cookies["Appleseed_" + portalSettings.PortalAlias.ToLower()]; xhck.Value = null; xhck.Expires = new DateTime(1999, 10, 12); xhck.Path = "/"; } // [START] [email protected] remove user window information // User Information // valid user if (HttpContext.Current.User != null) { // Obtain PortalSettings from Current Context //Ender 4 July 2003: Added to support the Monitoring module by Paul Yarrow PortalSettings portalSettings = (PortalSettings)HttpContext.Current.Items[strPortalSettings]; // User Information UsersDB users = new UsersDB(); MembershipUser user = users.GetSingleUser(HttpContext.Current.User.Identity.Name, portalSettings.PortalAlias); if (user != null) { // get user id Guid uid = (Guid)user.ProviderUserKey; if (!uid.Equals(Guid.Empty)) { try { if (Config.EnableMonitoring) { Monitoring.LogEntry(uid, portalSettings.PortalID, -1, "Logoff", string.Empty); } } catch { } } } } // [END ] [email protected] remove user window information //Redirect user back to the Portal Home Page if (urlToRedirect.Length > 0) HttpContext.Current.Response.Redirect(urlToRedirect); }
/// <summary> /// Single point get roles /// </summary> public static IList<AppleseedRole> GetRoles() { // Obtain PortalSettings from Current Context PortalSettings portalSettings = (PortalSettings)HttpContext.Current.Items[strPortalSettings]; int portalID = portalSettings.PortalID; // [email protected]: 29th May 2004 When retrieving/editing/adding roles or users etc then portalID should be 0 if it is shared // But I commented this out as this check is done in UsersDB.GetRoles Anyway //if (Config.UseSingleUserBase) portalID = 0; IList<AppleseedRole> roles; // TODO: figure out if we could persist role Guid in cookies //// Create the roles cookie if it doesn't exist yet for this session. //if ((HttpContext.Current.Request.Cookies["portalroles"] == null) || (HttpContext.Current.Request.Cookies["portalroles"].Value == string.Empty) || (HttpContext.Current.Request.Cookies["portalroles"].Expires < DateTime.Now)) //{ try { // Get roles from UserRoles table, and add to cookie UsersDB accountSystem = new UsersDB(); MembershipUser u = accountSystem.GetSingleUser(HttpContext.Current.User.Identity.Name, portalSettings.PortalAlias); roles = accountSystem.GetRoles(u.Email, portalSettings.PortalAlias); } catch (Exception exc) { ErrorHandler.Publish(LogLevel.Error, exc); //no roles roles = new List<AppleseedRole>(); } // // Create a string to persist the roles // string roleStr = string.Empty; // foreach ( AppleseedRole role in roles ) // { // roleStr += role.Name; // roleStr += ";"; // } // // Create a cookie authentication ticket. // FormsAuthenticationTicket ticket = new FormsAuthenticationTicket // ( // 1, // version // HttpContext.Current.User.Identity.Name, // user name // DateTime.Now, // issue time // DateTime.Now.AddHours(1), // expires every hour // false, // don't persist cookie // roleStr // roles // ); // // Encrypt the ticket // string cookieStr = FormsAuthentication.Encrypt(ticket); // // Send the cookie to the client // HttpContext.Current.Response.Cookies["portalroles"].Value = cookieStr; // HttpContext.Current.Response.Cookies["portalroles"].Path = "/"; // HttpContext.Current.Response.Cookies["portalroles"].Expires = DateTime.Now.AddMinutes(1); //} //else //{ // // Get roles from roles cookie // FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(HttpContext.Current.Request.Cookies["portalroles"].Value); // //convert the string representation of the role data into a string array // ArrayList userRoles = new ArrayList(); // //by Jes // string _ticket = ticket.UserData.TrimEnd(new char[] {';'}); // foreach (string role in _ticket.Split(new char[] {';'} )) // { // userRoles.Add(role + ";"); // } // roles = (string[]) userRoles.ToArray(typeof(string)); //} return roles; }
/// <summary> /// Fills all MDF settings. Returns true if no problems reading and /// parsing all MDF settings. /// </summary> /// <param name="pmc">The PMC.</param> /// <param name="itemTableName">Name of the item table.</param> /// <param name="titleFieldName">Name of the title field.</param> /// <param name="selectFieldList">The select field list.</param> /// <param name="searchFieldList">The search field list.</param> /// <returns></returns> public bool Populate(PortalModuleControl pmc, string itemTableName, string titleFieldName, string selectFieldList, string searchFieldList) { bool PopulateDone; try { _applyMDF = bool.Parse(pmc.Settings[NameApplyMDF].ToString()); string ds = pmc.Settings[NameDataSource].ToString(); if (ds == DataSourceType.This.ToString()) _dataSource = DataSourceType.This; else if (ds == DataSourceType.All.ToString()) _dataSource = DataSourceType.All; else if (ds == DataSourceType.List.ToString()) _dataSource = DataSourceType.List; _maxHits = int.Parse(pmc.Settings[NameMaxHits].ToString()); _moduleList = pmc.Settings[NameModuleList].ToString(); _allNotInList = bool.Parse(pmc.Settings[NameAllNotInList].ToString()); _sortField = pmc.Settings[NameSortField].ToString(); _sortDirection = pmc.Settings[NameSortDirection].ToString(); _searchString = pmc.Settings[NameSearchString].ToString(); _searchField = pmc.Settings[NameSearchField].ToString(); _mobileOnly = bool.Parse(pmc.Settings[NameMobileOnly].ToString()); if (_dataSource == DataSourceType.This) _moduleList = pmc.ModuleID.ToString(); if (_moduleList == "" && _dataSource == DataSourceType.List) { // Create data to lazy user that forgot to enter data in field Module List _moduleList = pmc.ModuleID.ToString(); } if (pmc.SupportsWorkflow) { _supportsWorkflow = pmc.SupportsWorkflow; _workflowVersion = pmc.Version; } _itemTableName = itemTableName; _titleFieldName = titleFieldName; _selectFieldList = selectFieldList; _searchFieldList = searchFieldList; _portalID = pmc.PortalID; UsersDB u = new UsersDB(); SqlDataReader dr = u.GetSingleUser(PortalSettings.CurrentUser.Identity.Email); if (dr.Read()) _userID = Int32.Parse(dr["UserID"].ToString()); PopulateDone = true; } catch (Exception) { PopulateDone = false; } return PopulateDone; }
/// <summary> /// The on load. /// </summary> /// <param name="e"> /// Event arguments. /// </param> protected override void OnLoad(EventArgs e) { base.OnLoad(e); if (!this.Page.IsPostBack) { // Edit check if (this.EditMode) { // Someone requested edit this record // True is use is editing himself, false if is edited by an admin this.SelfEdit = this.UserName == PortalSettings.CurrentUser.Identity.UserName; // Removed by Mario Endara <*****@*****.**> (2004/11/04) // if (PortalSecurity.IsInRoles("Admins") || selfEdit) if (PortalSecurity.HasEditPermissions(this.ModuleID) || PortalSecurity.HasAddPermissions(this.ModuleID) || this.SelfEdit) { // We can edit // Hide this.RequiredPassword.Visible = false; this.RequiredConfirm.Visible = false; this.EditPasswordRow.Visible = true; this.SaveChangesBtn.Visible = true; this.RegisterBtn.Visible = false; // Obtain a single row of event information var accountSystem = new UsersDB(); var memberUser = accountSystem.GetSingleUser(this.UserName, this.PortalSettings.PortalAlias); try { this.NameField.Text = memberUser.Name; this.EmailField.Text = memberUser.Email; this.CompanyField.Text = memberUser.Company; this.AddressField.Text = memberUser.Address; this.ZipField.Text = memberUser.Zip; this.CityField.Text = memberUser.City; this.CountryField.ClearSelection(); if (this.CountryField.Items.FindByValue(memberUser.CountryID) != null) { this.CountryField.Items.FindByValue(memberUser.CountryID).Selected = true; } this.BindState(); this.StateField.ClearSelection(); if (this.StateField.Items.Count > 0 && this.StateField.Items.FindByValue(memberUser.StateID.ToString()) != null) { this.StateField.Items.FindByValue(memberUser.StateID.ToString()).Selected = true; } this.FaxField.Text = memberUser.Fax; this.PhoneField.Text = memberUser.Phone; this.SendNewsletter.Checked = memberUser.SendNewsletter; // stores original password for later check this.OriginalPassword = memberUser.GetPassword(); this.OriginalUserId = memberUser.ProviderUserKey; } catch (ArgumentNullException) { // user doesn't exist } } else { // We do not have rights to do it! PortalSecurity.AccessDeniedEdit(); } } else { this.BindState(); // No edit this.RequiredPassword.Visible = true; this.RequiredConfirm.Visible = true; this.EditPasswordRow.Visible = false; this.SaveChangesBtn.Visible = false; this.RegisterBtn.Visible = true; } } }
/// <summary> /// Handles the Click event of the SendPasswordBtn control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void SendPasswordBtn_Click( object sender, EventArgs e ) { if ( email.Text == string.Empty ) { Message.Text = "Please enter you email address"; Message.TextKey = "SIGNIN_ENTER_EMAIL_ADDR"; return; } // generate random password string randomPassword = RandomPassword.Generate( 8, 10 ); CryptoHelper crypthelp = new CryptoHelper(); UsersDB usersDB = new UsersDB(); //Obtain single row of User information AppleseedUser user = usersDB.GetSingleUser( email.Text, this.PortalSettings.PortalAlias ); if ( user != null ) { string Pswrd; string AppName = this.PortalSettings.PortalName; bool encrypted = Config.EncryptPassword; string Name = user.Email; if ( encrypted ) { Pswrd = randomPassword; crypthelp.ResetPassword( Name, randomPassword ); } else { Pswrd = user.GetPassword(); } crypthelp.ResetPassword( Name, randomPassword ); string LoginUrl = Path.ApplicationFullPath + "DesktopModules/Admin/Logon.aspx?Usr="******"&Pwd=" + Pswrd + "&Alias=" + this.PortalSettings.PortalAlias; MailMessage mail = new MailMessage(); // [email protected] // Date 19 March 2003 // We have to use a correct sender address, // because most SMTP servers reject it otherwise //jes1111 - mail.From = ConfigurationSettings.AppSettings["EmailFrom"].ToString(); mail.From = Config.EmailFrom; mail.To = email.Text; mail.Subject = AppName + " - " + General.GetString( "SIGNIN_SEND_PWD", "Send me password", this ); StringBuilder sb = new StringBuilder(); sb.Append( Name ); sb.Append( "," ); sb.Append( "\r\n\r\n" ); sb.Append( General.GetString( "SIGNIN_PWD_REQUESTED", "This is the password you requested", this ) ); sb.Append( " " ); sb.Append( Pswrd ); sb.Append( "\r\n\r\n" ); sb.Append( General.GetString( "SIGNIN_THANK_YOU", "Thanks for your visit.", this ) ); sb.Append( " " ); sb.Append( AppName ); sb.Append( "\r\n\r\n" ); sb.Append( General.GetString( "SIGNIN_YOU_CAN_LOGIN_FROM", "You can login from", this ) ); sb.Append( ":" ); sb.Append( "\r\n" ); sb.Append( Path.ApplicationFullPath ); sb.Append( "\r\n\r\n" ); sb.Append( General.GetString( "SIGNIN_USE_DIRECT_URL", "Or using direct url", this ) ); sb.Append( "\r\n" ); sb.Append( LoginUrl ); sb.Append( "\r\n\r\n" ); sb.Append( General.GetString( "SIGNIN_URL_WARNING", "NOTE: The address above may not show up on your screen as one line. This would prevent you from using the link to access the web page. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL.", this ) ); mail.Body = sb.ToString(); mail.BodyFormat = MailFormat.Text; SmtpMail.SmtpServer = Config.SmtpServer; SmtpMail.Send( mail ); Message.Text = General.GetString( "SIGNIN_PWD_WAS_SENT", "Your password was sent to the addess you provided", this ); Message.TextKey = "SIGNIN_PWD_WAS_SENT"; } else { Message.Text = General.GetString( "SIGNIN_PWD_MISSING_IN_DB", "The email you specified does not exists on our database", this ); Message.TextKey = "SIGNIN_PWD_MISSING_IN_DB"; } }