/// <summary> /// cmdSend_Click runs when the Send Notification Button is clicked /// </summary> /// <remarks> /// </remarks> /// <history> /// [cnurse] 9/21/2004 Updated to reflect design changes for Help, 508 support /// and localisation /// </history> protected void cmdSend_Click(object sender, EventArgs e) { VendorController objVendors = new VendorController(); VendorInfo objVendor; objVendor = objVendors.GetVendor(VendorId, PortalId); if (objVendor != null) { if (!Null.IsNull(objVendor.Email)) { ArrayList custom = new ArrayList(); custom.Add(objVendor.VendorName); custom.Add(Globals.GetPortalDomainName(PortalSettings.PortalAlias.HTTPAlias, Request, true) + "/" + Globals.glbDefaultPage + "?AffiliateId=" + VendorId.ToString()); string errorMsg = Mail.SendMail(PortalSettings.Email, objVendor.Email, "", Localization.GetSystemMessage(PortalSettings, "EMAIL_AFFILIATE_NOTIFICATION_SUBJECT"), Localization.GetSystemMessage(PortalSettings, "EMAIL_AFFILIATE_NOTIFICATION_BODY", Localization.GlobalResourceFile, custom), "", "", "", "", "", ""); string strMessage; if (errorMsg == "") { //Success strMessage = Localization.GetString("NotificationSuccess", this.LocalResourceFile); UI.Skins.Skin.AddModuleMessage(this, strMessage, ModuleMessageType.GreenSuccess); } else { //Failed strMessage = Localization.GetString("NotificationFailure", this.LocalResourceFile); strMessage = string.Format(strMessage, errorMsg); UI.Skins.Skin.AddModuleMessage(this, strMessage, ModuleMessageType.RedError); } } } }
/// <summary> /// cmdCancel_Click runs when the Cancel button is clicked /// </summary> /// <history> /// [cnurse] 5/10/2004 Updated to reflect design changes for Help, 508 support /// and localisation /// </history> protected void cmdCancel_Click(object sender, EventArgs e) { try { Response.Redirect(Globals.GetPortalDomainName(PortalAlias.HTTPAlias, Request, true), true); } catch (Exception exc) //Module failed to load { Exceptions.ProcessModuleLoadException(this, exc); } }
/// ----------------------------------------------------------------------------- /// <summary> /// cmdSend_Click runs when the Send Notification Button is clicked /// </summary> /// <remarks> /// </remarks> /// <history> /// [cnurse] 9/21/2004 Updated to reflect design changes for Help, 508 support /// and localisation /// </history> /// ----------------------------------------------------------------------------- protected void OnSendClick(object sender, EventArgs e) { var objVendors = new VendorsController(); var objVendor = objVendors.GetVendor(VendorId, PortalId); if (objVendor != null) { if (!Null.IsNull(objVendor.Email)) { var custom = new ArrayList { objVendor.VendorName, Globals.GetPortalDomainName(PortalSettings.PortalAlias.HTTPAlias, Request, true) + "/" + Globals.glbDefaultPage + "?AffiliateId=" + AffiliateId }; var errorMsg = Mail.SendMail(PortalSettings.Email, objVendor.Email, "", Localization.GetSystemMessage(PortalSettings, "EMAIL_AFFILIATE_NOTIFICATION_SUBJECT"), Localization.GetSystemMessage(PortalSettings, "EMAIL_AFFILIATE_NOTIFICATION_BODY", Localization.GlobalResourceFile, custom), "", "", "", "", "", ""); string strMessage; if (String.IsNullOrEmpty(errorMsg)) { strMessage = Localization.GetString("NotificationSuccess", LocalResourceFile); DotNetNuke.UI.Skins.Skin.AddModuleMessage(this, strMessage, ModuleMessage.ModuleMessageType.GreenSuccess); } else { strMessage = Localization.GetString("NotificationFailure", LocalResourceFile); strMessage = string.Format(strMessage, errorMsg); DotNetNuke.UI.Skins.Skin.AddModuleMessage(this, strMessage, ModuleMessage.ModuleMessageType.RedError); } } } }
/// <summary> /// cmdDelete_Click runs when the Delete Button is clicked /// </summary> /// <history> /// [cnurse] 9/10/2004 Updated to reflect design changes for Help, 508 support /// and localisation /// [VMasanas] 30/09/2004 When a parent tab is deleted all child are also marked as deleted. /// </history> protected void cmdDelete_Click(object Sender, EventArgs e) { try { if (DeleteTab(TabId)) { string strURL = Globals.GetPortalDomainName(PortalAlias.HTTPAlias, Request, true); if (Request.QueryString["returntabid"] != null) { // return to admin tab strURL = Globals.NavigateURL(Convert.ToInt32(Request.QueryString["returntabid"].ToString())); } Response.Redirect(strURL, true); } } catch (Exception exc) //Module failed to load { Exceptions.ProcessModuleLoadException(this, exc); } }
/// ----------------------------------------------------------------------------- /// <summary> /// Contains the functionality to populate the Root aspx page with controls /// </summary> /// <param name="e"></param> /// <remarks> /// - obtain PortalSettings from Current Context /// - set global page settings. /// - initialise reference paths to load the cascading style sheets /// - add skin control placeholder. This holds all the modules and content of the page. /// </remarks> /// ----------------------------------------------------------------------------- protected override void OnInit(EventArgs e) { base.OnInit(e); //set global page settings InitializePage(); //load skin control and register UI js UI.Skins.Skin ctlSkin; if (PortalSettings.EnablePopUps) { ctlSkin = IsPopUp ? UI.Skins.Skin.GetPopUpSkin(this) : UI.Skins.Skin.GetSkin(this); //register popup js jQuery.RegisterJQueryUI(Page); var popupFilePath = HttpContext.Current.IsDebuggingEnabled ? "~/js/Debug/dnn.modalpopup.js" : "~/js/dnn.modalpopup.js"; ClientResourceManager.RegisterScript(this, popupFilePath, FileOrder.Js.DnnModalPopup); } else { ctlSkin = UI.Skins.Skin.GetSkin(this); } // DataBind common paths for the client resource loader ClientResourceLoader.DataBind(); //check for and read skin package level doctype SetSkinDoctype(); //Manage disabled pages if (PortalSettings.ActiveTab.DisableLink) { if (TabPermissionController.CanAdminPage()) { var heading = Localization.GetString("PageDisabled.Header"); var message = Localization.GetString("PageDisabled.Text"); UI.Skins.Skin.AddPageMessage(ctlSkin, heading, message, ModuleMessage.ModuleMessageType.YellowWarning); } else { if (PortalSettings.HomeTabId > 0) { Response.Redirect(Globals.NavigateURL(PortalSettings.HomeTabId), true); } else { Response.Redirect(Globals.GetPortalDomainName(PortalSettings.PortalAlias.HTTPAlias, Request, true), true); } } } //Manage canonical urls if (PortalSettings.PortalAliasMappingMode == PortalSettings.PortalAliasMapping.CanonicalUrl) { string primaryHttpAlias = null; if (Config.GetFriendlyUrlProvider() == "advanced") //advanced mode compares on the primary alias as set during alias identification { if (PortalSettings.PrimaryAlias != null && PortalSettings.PortalAlias != null) { if (string.Compare(PortalSettings.PrimaryAlias.HTTPAlias, PortalSettings.PortalAlias.HTTPAlias, StringComparison.InvariantCulture) != 0) { primaryHttpAlias = PortalSettings.PrimaryAlias.HTTPAlias; } } } else //other modes just depend on the default alias { if (string.Compare(PortalSettings.PortalAlias.HTTPAlias, PortalSettings.DefaultPortalAlias, StringComparison.InvariantCulture) != 0) { primaryHttpAlias = PortalSettings.DefaultPortalAlias; } } if (primaryHttpAlias != null)//a primary http alias was identified { var originalurl = Context.Items["UrlRewrite:OriginalUrl"].ToString(); //Add Canonical <link> using the primary alias var canonicalLink = new HtmlLink(); canonicalLink.Href = originalurl.Replace(PortalSettings.PortalAlias.HTTPAlias, primaryHttpAlias); canonicalLink.Attributes.Add("rel", "canonical"); // Add the HtmlLink to the Head section of the page. Page.Header.Controls.Add(canonicalLink); } } //check if running with known account defaults var messageText = ""; if (Request.IsAuthenticated && string.IsNullOrEmpty(Request.QueryString["runningDefault"]) == false) { var userInfo = HttpContext.Current.Items["UserInfo"] as UserInfo; //only show message to default users if ((userInfo.Username.ToLower() == "admin") || (userInfo.Username.ToLower() == "host")) { messageText = RenderDefaultsWarning(); var messageTitle = Localization.GetString("InsecureDefaults.Title", Localization.GlobalResourceFile); UI.Skins.Skin.AddPageMessage(ctlSkin, messageTitle, messageText, ModuleMessage.ModuleMessageType.RedError); } } //add CSS links ClientResourceManager.RegisterDefaultStylesheet(this, Globals.HostPath + "default.css"); ClientResourceManager.RegisterIEStylesheet(this, Globals.HostPath + "ie.css"); ClientResourceManager.RegisterStyleSheet(this, ctlSkin.SkinPath + "skin.css", FileOrder.Css.SkinCss); ClientResourceManager.RegisterStyleSheet(this, ctlSkin.SkinSrc.Replace(".ascx", ".css"), FileOrder.Css.SpecificSkinCss); //add skin to page SkinPlaceHolder.Controls.Add(ctlSkin); ClientResourceManager.RegisterStyleSheet(this, PortalSettings.HomeDirectory + "portal.css", FileOrder.Css.PortalCss); //add Favicon ManageFavicon(); //ClientCallback Logic ClientAPI.HandleClientAPICallbackEvent(this); //add viewstateuserkey to protect against CSRF attacks if (User.Identity.IsAuthenticated) { ViewStateUserKey = User.Identity.Name; } //set the async postback timeout. if (AJAX.IsEnabled()) { AJAX.GetScriptManager(this).AsyncPostBackTimeout = Host.AsyncTimeout; } }
/// ----------------------------------------------------------------------------- /// <summary> /// Contains the functionality to populate the Root aspx page with controls. /// </summary> /// <param name="e"></param> /// <remarks> /// - obtain PortalSettings from Current Context /// - set global page settings. /// - initialise reference paths to load the cascading style sheets /// - add skin control placeholder. This holds all the modules and content of the page. /// </remarks> /// ----------------------------------------------------------------------------- protected override void OnInit(EventArgs e) { base.OnInit(e); // set global page settings this.InitializePage(); // load skin control and register UI js UI.Skins.Skin ctlSkin; if (this.PortalSettings.EnablePopUps) { ctlSkin = UrlUtils.InPopUp() ? UI.Skins.Skin.GetPopUpSkin(this) : UI.Skins.Skin.GetSkin(this); // register popup js JavaScript.RequestRegistration(CommonJs.jQueryUI); var popupFilePath = HttpContext.Current.IsDebuggingEnabled ? "~/js/Debug/dnn.modalpopup.js" : "~/js/dnn.modalpopup.js"; ClientResourceManager.RegisterScript(this, popupFilePath, FileOrder.Js.DnnModalPopup); } else { ctlSkin = UI.Skins.Skin.GetSkin(this); } // DataBind common paths for the client resource loader this.ClientResourceLoader.DataBind(); this.ClientResourceLoader.PreRender += (sender, args) => JavaScript.Register(this.Page); // check for and read skin package level doctype this.SetSkinDoctype(); // Manage disabled pages if (this.PortalSettings.ActiveTab.DisableLink) { if (TabPermissionController.CanAdminPage()) { var heading = Localization.GetString("PageDisabled.Header"); var message = Localization.GetString("PageDisabled.Text"); UI.Skins.Skin.AddPageMessage(ctlSkin, heading, message, ModuleMessage.ModuleMessageType.YellowWarning); } else { if (this.PortalSettings.HomeTabId > 0) { this.Response.Redirect(this.NavigationManager.NavigateURL(this.PortalSettings.HomeTabId), true); } else { this.Response.Redirect(Globals.GetPortalDomainName(this.PortalSettings.PortalAlias.HTTPAlias, this.Request, true), true); } } } // Manage canonical urls if (this.PortalSettings.PortalAliasMappingMode == PortalSettings.PortalAliasMapping.CanonicalUrl) { string primaryHttpAlias = null; if (Config.GetFriendlyUrlProvider() == "advanced") // advanced mode compares on the primary alias as set during alias identification { if (this.PortalSettings.PrimaryAlias != null && this.PortalSettings.PortalAlias != null) { if (string.Compare(this.PortalSettings.PrimaryAlias.HTTPAlias, this.PortalSettings.PortalAlias.HTTPAlias, StringComparison.InvariantCulture) != 0) { primaryHttpAlias = this.PortalSettings.PrimaryAlias.HTTPAlias; } } } else // other modes just depend on the default alias { if (string.Compare(this.PortalSettings.PortalAlias.HTTPAlias, this.PortalSettings.DefaultPortalAlias, StringComparison.InvariantCulture) != 0) { primaryHttpAlias = this.PortalSettings.DefaultPortalAlias; } } if (primaryHttpAlias != null && string.IsNullOrEmpty(this.CanonicalLinkUrl)) // a primary http alias was identified { var originalurl = this.Context.Items["UrlRewrite:OriginalUrl"].ToString(); this.CanonicalLinkUrl = originalurl.Replace(this.PortalSettings.PortalAlias.HTTPAlias, primaryHttpAlias); if (UrlUtils.IsSecureConnectionOrSslOffload(this.Request)) { this.CanonicalLinkUrl = this.CanonicalLinkUrl.Replace("http://", "https://"); } } } // check if running with known account defaults if (this.Request.IsAuthenticated && string.IsNullOrEmpty(this.Request.QueryString["runningDefault"]) == false) { var userInfo = HttpContext.Current.Items["UserInfo"] as UserInfo; var usernameLower = userInfo?.Username?.ToLowerInvariant(); // only show message to default users if ("admin".Equals(usernameLower) || "host".Equals(usernameLower)) { var messageText = this.RenderDefaultsWarning(); var messageTitle = Localization.GetString("InsecureDefaults.Title", Localization.GlobalResourceFile); UI.Skins.Skin.AddPageMessage(ctlSkin, messageTitle, messageText, ModuleMessage.ModuleMessageType.RedError); } } // add CSS links ClientResourceManager.RegisterDefaultStylesheet(this, string.Concat(Globals.ApplicationPath, "/Resources/Shared/stylesheets/dnndefault/7.0.0/default.css")); ClientResourceManager.RegisterIEStylesheet(this, string.Concat(Globals.HostPath, "ie.css")); ClientResourceManager.RegisterStyleSheet(this, string.Concat(ctlSkin.SkinPath, "skin.css"), FileOrder.Css.SkinCss); ClientResourceManager.RegisterStyleSheet(this, ctlSkin.SkinSrc.Replace(".ascx", ".css"), FileOrder.Css.SpecificSkinCss); // add skin to page this.SkinPlaceHolder.Controls.Add(ctlSkin); ClientResourceManager.RegisterStyleSheet(this, string.Concat(this.PortalSettings.HomeDirectory, "portal.css"), FileOrder.Css.PortalCss); // add Favicon this.ManageFavicon(); // ClientCallback Logic ClientAPI.HandleClientAPICallbackEvent(this); // add viewstateuserkey to protect against CSRF attacks if (this.User.Identity.IsAuthenticated) { this.ViewStateUserKey = this.User.Identity.Name; } // set the async postback timeout. if (AJAX.IsEnabled()) { AJAX.GetScriptManager(this).AsyncPostBackTimeout = Host.AsyncTimeout; } }
/// ----------------------------------------------------------------------------- /// <summary> /// Contains the functionality to populate the Root aspx page with controls /// </summary> /// <param name="sender"></param> /// <param name="e"></param> /// <remarks> /// - obtain PortalSettings from Current Context /// - set global page settings. /// - initialise reference paths to load the cascading style sheets /// - add skin control placeholder. This holds all the modules and content of the page. /// </remarks> /// <history> /// [sun1] 1/19/2004 Created /// [jhenning] 8/24/2005 Added logic to look for post originating from a ClientCallback /// </history> /// ----------------------------------------------------------------------------- protected override void OnInit(EventArgs e) { base.OnInit(e); //set global page settings InitializePage(); //load skin control and register UI js UI.Skins.Skin ctlSkin; if (PortalSettings.EnablePopUps) { ctlSkin = IsPopUp ? UI.Skins.Skin.GetPopUpSkin(this) : UI.Skins.Skin.GetSkin(this); //register popup js jQuery.RegisterJQueryUI(Page); if (HttpContext.Current.IsDebuggingEnabled) { ClientScript.RegisterClientScriptInclude("modalPopUp", ResolveUrl("~/js/Debug/dnn.modalpopup.js")); } else { ClientScript.RegisterClientScriptInclude("modalPopUp", ResolveUrl("~/js/dnn.modalpopup.js")); } } else { ctlSkin = UI.Skins.Skin.GetSkin(this); } //check for and read skin package level doctype SetSkinDoctype(); //Manage disabled pages if (PortalSettings.ActiveTab.DisableLink) { if (TabPermissionController.CanAdminPage()) { var heading = Localization.GetString("PageDisabled.Header"); var message = Localization.GetString("PageDisabled.Text"); UI.Skins.Skin.AddPageMessage(ctlSkin, heading, message, ModuleMessage.ModuleMessageType.YellowWarning); } else { if (PortalSettings.HomeTabId > 0) { Response.Redirect(Globals.NavigateURL(PortalSettings.HomeTabId), true); } else { Response.Redirect(Globals.GetPortalDomainName(PortalSettings.PortalAlias.HTTPAlias, Request, true), true); } } } //Manage canonical urls if (PortalSettings.PortalAliasMappingMode == PortalSettings.PortalAliasMapping.CanonicalUrl && PortalSettings.PortalAlias.HTTPAlias != PortalSettings.DefaultPortalAlias) { var originalurl = Context.Items["UrlRewrite:OriginalUrl"].ToString(); //Add Canonical <link> var canonicalLink = new HtmlLink(); canonicalLink.Href = originalurl.Replace(PortalSettings.PortalAlias.HTTPAlias, PortalSettings.DefaultPortalAlias); canonicalLink.Attributes.Add("rel", "canonical"); // Add the HtmlLink to the Head section of the page. Page.Header.Controls.Add(canonicalLink); } //check if running with known account defaults var messageText = ""; if (Request.IsAuthenticated && string.IsNullOrEmpty(Request.QueryString["runningDefault"]) == false) { var userInfo = HttpContext.Current.Items["UserInfo"] as UserInfo; //only show message to default users if ((userInfo.Username.ToLower() == "admin") || (userInfo.Username.ToLower() == "host")) { messageText = RenderDefaultsWarning(); var messageTitle = Localization.GetString("InsecureDefaults.Title", Localization.GlobalResourceFile); UI.Skins.Skin.AddPageMessage(ctlSkin, messageTitle, messageText, ModuleMessage.ModuleMessageType.RedError); } } //add CSS links RegisterStyleSheet(this, Globals.HostPath + "default.css"); RegisterStyleSheet(this, ctlSkin.SkinPath + "skin.css"); RegisterStyleSheet(this, ctlSkin.SkinSrc.Replace(".ascx", ".css")); //add skin to page SkinPlaceHolder.Controls.Add(ctlSkin); RegisterStyleSheet(this, PortalSettings.HomeDirectory + "portal.css"); //add Favicon ManageFavicon(); //ClientCallback Logic ClientAPI.HandleClientAPICallbackEvent(this); //add viewstateuserkey to protect against CSRF attacks if (User.Identity.IsAuthenticated) { ViewStateUserKey = User.Identity.Name; } }
protected override void OnInit(EventArgs e) { base.OnInit(e); //First, check for the existence of the Anti-XSS cookie var requestCookie = Request.Cookies[AntiXsrfTokenKey]; Guid requestCookieGuidValue; //If the CSRF cookie is found, parse the token from the cookie. //Then, set the global page variable and view state user //key. The global variable will be used to validate that it matches //in the view state form field in the Page.PreLoad method. if (requestCookie != null && Guid.TryParse(requestCookie.Value, out requestCookieGuidValue)) { //Set the global token variable so the cookie value can be //validated against the value in the view state form field in //the Page.PreLoad method. _antiXsrfTokenValue = requestCookie.Value; //Set the view state user key, which will be validated by the //framework during each request Page.ViewStateUserKey = _antiXsrfTokenValue; } //If the CSRF cookie is not found, then this is a new session. else { //Generate a new Anti-XSRF token _antiXsrfTokenValue = Guid.NewGuid().ToString("N"); //Set the view state user key, which will be validated by the //framework during each request Page.ViewStateUserKey = _antiXsrfTokenValue; //Create the non-persistent CSRF cookie var responseCookie = new HttpCookie(AntiXsrfTokenKey) { //Set the HttpOnly property to prevent the cookie from //being accessed by client side script HttpOnly = true, //Add the Anti-XSRF token to the cookie value Value = _antiXsrfTokenValue }; //If we are using SSL, the cookie should be set to secure to //prevent it from being sent over HTTP connections if (System.Web.Security.FormsAuthentication.RequireSSL && Request.IsSecureConnection) { responseCookie.Secure = true; } //Add the CSRF cookie to the response Response.Cookies.Set(responseCookie); Page.PreLoad += master_Page_PreLoad; } //set global page settings InitializePage(); //load skin control and register UI js UI.Skins.Skin ctlSkin; if (PortalSettings.EnablePopUps) { ctlSkin = UrlUtils.InPopUp() ? UI.Skins.Skin.GetPopUpSkin(this) : UI.Skins.Skin.GetSkin(this); //register popup js JavaScript.RequestRegistration(CommonJs.jQueryUI); var popupFilePath = HttpContext.Current.IsDebuggingEnabled ? "~/js/Debug/dnn.modalpopup.js" : "~/js/dnn.modalpopup.js"; ClientResourceManager.RegisterScript(this, popupFilePath, FileOrder.Js.DnnModalPopup); } else { ctlSkin = UI.Skins.Skin.GetSkin(this); } // DataBind common paths for the client resource loader ClientResourceLoader.DataBind(); //check for and read skin package level doctype SetSkinDoctype(); //Manage disabled pages if (PortalSettings.ActiveTab.DisableLink) { if (TabPermissionController.CanAdminPage()) { var heading = Localization.GetString("PageDisabled.Header"); var message = Localization.GetString("PageDisabled.Text"); UI.Skins.Skin.AddPageMessage(ctlSkin, heading, message, ModuleMessage.ModuleMessageType.YellowWarning); } else { if (PortalSettings.HomeTabId > 0) { Response.Redirect(Globals.NavigateURL(PortalSettings.HomeTabId), true); } else { Response.Redirect(Globals.GetPortalDomainName(PortalSettings.PortalAlias.HTTPAlias, Request, true), true); } } } //Manage canonical urls if (PortalSettings.PortalAliasMappingMode == PortalSettings.PortalAliasMapping.CanonicalUrl) { string primaryHttpAlias = null; if (Config.GetFriendlyUrlProvider() == "advanced") //advanced mode compares on the primary alias as set during alias identification { if (PortalSettings.PrimaryAlias != null && PortalSettings.PortalAlias != null) { if (string.Compare(PortalSettings.PrimaryAlias.HTTPAlias, PortalSettings.PortalAlias.HTTPAlias, StringComparison.InvariantCulture) != 0) { primaryHttpAlias = PortalSettings.PrimaryAlias.HTTPAlias; } } } else //other modes just depend on the default alias { if (string.Compare(PortalSettings.PortalAlias.HTTPAlias, PortalSettings.DefaultPortalAlias, StringComparison.InvariantCulture) != 0) { primaryHttpAlias = PortalSettings.DefaultPortalAlias; } } if (primaryHttpAlias != null && string.IsNullOrEmpty(CanonicalLinkUrl))//a primary http alias was identified { var originalurl = Context.Items["UrlRewrite:OriginalUrl"].ToString(); CanonicalLinkUrl = originalurl.Replace(PortalSettings.PortalAlias.HTTPAlias, primaryHttpAlias); } } //check if running with known account defaults if (Request.IsAuthenticated && string.IsNullOrEmpty(Request.QueryString["runningDefault"]) == false) { var userInfo = HttpContext.Current.Items["UserInfo"] as UserInfo; //only show message to default users if ((userInfo.Username.ToLower() == "admin") || (userInfo.Username.ToLower() == "host")) { var messageText = RenderDefaultsWarning(); var messageTitle = Localization.GetString("InsecureDefaults.Title", Localization.GlobalResourceFile); UI.Skins.Skin.AddPageMessage(ctlSkin, messageTitle, messageText, ModuleMessage.ModuleMessageType.RedError); } } //add CSS links ClientResourceManager.RegisterDefaultStylesheet(this, string.Concat(Globals.HostPath, "default.css")); ClientResourceManager.RegisterIEStylesheet(this, string.Concat(Globals.HostPath, "ie.css")); ClientResourceManager.RegisterStyleSheet(this, string.Concat(ctlSkin.SkinPath, "skin.css"), FileOrder.Css.SkinCss); ClientResourceManager.RegisterStyleSheet(this, ctlSkin.SkinSrc.Replace(".ascx", ".css"), FileOrder.Css.SpecificSkinCss); //add skin to page SkinPlaceHolder.Controls.Add(ctlSkin); ClientResourceManager.RegisterStyleSheet(this, string.Concat(PortalSettings.HomeDirectory, "portal.css"), FileOrder.Css.PortalCss); //add Favicon ManageFavicon(); //ClientCallback Logic ClientAPI.HandleClientAPICallbackEvent(this); //add viewstateuserkey to protect against CSRF attacks if (User.Identity.IsAuthenticated) { ViewStateUserKey = User.Identity.Name; } //set the async postback timeout. if (AJAX.IsEnabled()) { AJAX.GetScriptManager(this).AsyncPostBackTimeout = Host.AsyncTimeout; } }
/// ----------------------------------------------------------------------------- /// <summary> /// Contains the functionality to populate the Root aspx page with controls /// </summary> /// <param name="sender"></param> /// <param name="e"></param> /// <remarks> /// - obtain PortalSettings from Current Context /// - set global page settings. /// - initialise reference paths to load the cascading style sheets /// - add skin control placeholder. This holds all the modules and content of the page. /// </remarks> /// <history> /// [sun1] 1/19/2004 Created /// [jhenning] 8/24/2005 Added logic to look for post originating from a ClientCallback /// </history> /// ----------------------------------------------------------------------------- protected override void OnInit(EventArgs e) { base.OnInit(e); if (String.IsNullOrEmpty((String)Session["Login"])) { //Codigo Ruben Martinez 22/9/2012 //Parte del codigo donde se comprueba que el usuario posee cookies y se autologuea if (!Request.IsAuthenticated) { Session["Login"] = "******"; if (Request.Cookies["userName"] != null && Request.Cookies["password"] != null) { var loginStatus = UserLoginStatus.LOGIN_FAILURE; UserController.UserLogin(PortalSettings.PortalId, Request.Cookies["userName"].Value, Request.Cookies["password"].Value, "", PortalSettings.PortalName, "", ref loginStatus, false); if (loginStatus != UserLoginStatus.LOGIN_USERNOTAPPROVED && loginStatus != UserLoginStatus.LOGIN_USERLOCKEDOUT && loginStatus != UserLoginStatus.LOGIN_FAILURE) { Response.Redirect("/Home.aspx"); } } } } if (Request.IsAuthenticated) { if (Request.QueryString["TabId"] == null) { Response.Redirect("/Home.aspx"); } } /////////////////////////////////////////////////////////////// //set global page settings InitializePage(); //load skin control and register UI js UI.Skins.Skin ctlSkin; if (PortalSettings.EnablePopUps) { ctlSkin = IsPopUp ? UI.Skins.Skin.GetPopUpSkin(this) : UI.Skins.Skin.GetSkin(this); //register popup js jQuery.RegisterJQueryUI(Page); var popupFilePath = HttpContext.Current.IsDebuggingEnabled ? "~/js/Debug/dnn.modalpopup.js" : "~/js/dnn.modalpopup.js"; ClientResourceManager.RegisterScript(this, popupFilePath); } else { ctlSkin = UI.Skins.Skin.GetSkin(this); } // DataBind common paths for the client resource loader ClientResourceLoader.DataBind(); //check for and read skin package level doctype SetSkinDoctype(); //Manage disabled pages if (PortalSettings.ActiveTab.DisableLink) { if (TabPermissionController.CanAdminPage()) { var heading = Localization.GetString("PageDisabled.Header"); var message = Localization.GetString("PageDisabled.Text"); UI.Skins.Skin.AddPageMessage(ctlSkin, heading, message, ModuleMessage.ModuleMessageType.YellowWarning); } else { if (PortalSettings.HomeTabId > 0) { Response.Redirect(Globals.NavigateURL(PortalSettings.HomeTabId), true); } else { Response.Redirect(Globals.GetPortalDomainName(PortalSettings.PortalAlias.HTTPAlias, Request, true), true); } } } //Manage canonical urls if (PortalSettings.PortalAliasMappingMode == PortalSettings.PortalAliasMapping.CanonicalUrl && PortalSettings.PortalAlias.HTTPAlias != PortalSettings.DefaultPortalAlias) { var originalurl = Context.Items["UrlRewrite:OriginalUrl"].ToString(); //Add Canonical <link> var canonicalLink = new HtmlLink(); canonicalLink.Href = originalurl.Replace(PortalSettings.PortalAlias.HTTPAlias, PortalSettings.DefaultPortalAlias); canonicalLink.Attributes.Add("rel", "canonical"); // Add the HtmlLink to the Head section of the page. Page.Header.Controls.Add(canonicalLink); } //check if running with known account defaults var messageText = ""; if (Request.IsAuthenticated && string.IsNullOrEmpty(Request.QueryString["runningDefault"]) == false) { var userInfo = HttpContext.Current.Items["UserInfo"] as UserInfo; //only show message to default users if ((userInfo.Username.ToLower() == "admin") || (userInfo.Username.ToLower() == "host")) { messageText = RenderDefaultsWarning(); var messageTitle = Localization.GetString("InsecureDefaults.Title", Localization.GlobalResourceFile); UI.Skins.Skin.AddPageMessage(ctlSkin, messageTitle, messageText, ModuleMessage.ModuleMessageType.RedError); } } //add CSS links ClientResourceManager.RegisterStyleSheet(this, Globals.HostPath + "default.css", FileOrder.Css.DefaultCss); ClientResourceManager.RegisterStyleSheet(this, ctlSkin.SkinPath + "skin.css", FileOrder.Css.SkinCss); ClientResourceManager.RegisterStyleSheet(this, ctlSkin.SkinSrc.Replace(".ascx", ".css"), FileOrder.Css.SpecificSkinCss); //add skin to page SkinPlaceHolder.Controls.Add(ctlSkin); ClientResourceManager.RegisterStyleSheet(this, PortalSettings.HomeDirectory + "portal.css", 60); //add Favicon ManageFavicon(); //ClientCallback Logic ClientAPI.HandleClientAPICallbackEvent(this); //add viewstateuserkey to protect against CSRF attacks if (User.Identity.IsAuthenticated) { ViewStateUserKey = User.Identity.Name; } }
/// <summary> /// BindData binds the data from the DB to the controls /// </summary> /// <history> /// [cnurse] 9/13/2004 Updated to reflect design changes for Help, 508 support /// and localisation /// </history> private void BindData() { ModuleController objModules = new ModuleController(); userControl.ModuleId = objModules.GetModuleByDefinition(PortalId, "Site Settings").ModuleID; userControl.StartTabIndex = 1; addressUser.ModuleId = objModules.GetModuleByDefinition(PortalId, "Site Settings").ModuleID; addressUser.StartTabIndex = 9; if (Services == 1) { UserRow.Visible = false; PasswordManagementRow.Visible = false; RoleController objRoles = new RoleController(); grdServices.DataSource = objRoles.GetUserRoles(PortalId); grdServices.DataBind(); if (grdServices.Items.Count != 0) { lblServices.Text = string.Format(Localization.GetString("PleaseRegister", this.LocalResourceFile), Globals.GetPortalDomainName(PortalAlias.HTTPAlias, Request, true) + "/" + Globals.glbDefaultPage, TabId); } else { grdServices.Visible = false; lblServices.Text = Localization.GetString("MembershipNotOffered", this.LocalResourceFile); } lblServices.Visible = true; grdServices.Columns[0].Visible = false; // subscribe grdServices.Columns[9].Visible = false; // expiry date ServicesRow.Visible = true; } else { UserRow.Visible = true; //Populate the timezone combobox (look up timezone translations based on currently set culture) Localization.LoadTimeZoneDropDownList(cboTimeZone, ((PageBase)Page).PageCulture.Name, Convert.ToString(PortalSettings.TimeZoneOffset)); Localization.LoadCultureDropDownList(cboLocale, CultureDropDownTypes.NativeName, ((PageBase)Page).PageCulture.Name); if (cboLocale.Items.Count == 1) { cboLocale.Enabled = false; } if (Request.IsAuthenticated) { lblRegister.Text = Localization.GetString("RegisterNote", this.LocalResourceFile); cmdRegister.Text = Localization.GetString("cmdUpdate"); PasswordManagementRow.Visible = true; userControl.ShowPassword = false; if (UserInfo.UserID >= 0) { userControl.FirstName = UserInfo.FirstName; userControl.LastName = UserInfo.LastName; userControl.UserName = UserInfo.Username; userControl.Email = UserInfo.Email; userControl.IM = UserInfo.Profile.IM; userControl.Website = UserInfo.Profile.Website; if (cboTimeZone.Items.FindByValue(UserInfo.Profile.TimeZone.ToString()) != null) { cboTimeZone.ClearSelection(); cboTimeZone.Items.FindByValue(UserInfo.Profile.TimeZone.ToString()).Selected = true; } addressUser.Unit = UserInfo.Profile.Unit; addressUser.Street = UserInfo.Profile.Street; addressUser.City = UserInfo.Profile.City; addressUser.Region = UserInfo.Profile.Region; addressUser.Country = UserInfo.Profile.Country; addressUser.Postal = UserInfo.Profile.PostalCode; addressUser.Telephone = UserInfo.Profile.Telephone; addressUser.Fax = UserInfo.Profile.Fax; addressUser.Cell = UserInfo.Profile.Cell; if (cboLocale.Items.FindByValue(UserInfo.Profile.PreferredLocale) != null) { cboLocale.ClearSelection(); cboLocale.Items.FindByValue(UserInfo.Profile.PreferredLocale).Selected = true; } } RoleController objRoles = new RoleController(); grdServices.DataSource = objRoles.GetUserRoles(PortalId, UserInfo.UserID); grdServices.DataBind(); if (UserInfo.IsSuperUser) { cmdUnregister.Visible = false; ServicesRow.Visible = false; } else { // if no service available then hide options ServicesRow.Visible = grdServices.Items.Count > 0; } } else { switch (PortalSettings.UserRegistration) { case (int)Globals.PortalRegistrationType.PrivateRegistration: lblRegister.Text = Localization.GetString("PrivateMembership", this.LocalResourceFile); break; case (int)Globals.PortalRegistrationType.PublicRegistration: lblRegister.Text = Localization.GetString("PublicMembership", this.LocalResourceFile); break; case (int)Globals.PortalRegistrationType.VerifiedRegistration: lblRegister.Text = Localization.GetString("VerifiedMembership", this.LocalResourceFile); break; } lblRegister.Text += Localization.GetString("Required", this.LocalResourceFile); cmdRegister.Text = Localization.GetString("cmdRegister", this.LocalResourceFile); cmdUnregister.Visible = false; ServicesRow.Visible = false; PasswordManagementRow.Visible = false; userControl.ShowPassword = true; } } }
public void OnBeginRequest(object s, EventArgs e) { HttpApplication app = (HttpApplication)s; HttpServerUtility Server = app.Server; HttpRequest Request = app.Request; HttpResponse Response = app.Response; string requestedPath = app.Request.Url.AbsoluteUri; // URL validation // check for ".." escape characters commonly used by hackers to traverse the folder tree on the server // the application should always use the exact relative location of the resource it is requesting string strURL = Request.Url.AbsolutePath; string strDoubleDecodeURL = Server.UrlDecode(Server.UrlDecode(Request.RawUrl)); if (strURL.IndexOf("..") != -1 || strDoubleDecodeURL.IndexOf("..") != -1) { throw (new HttpException(404, "Not Found")); } //fix for ASP.NET canonicalization issues http://support.microsoft.com/?kbid=887459 if (Request.Path.IndexOf('\u005C') >= 0 || Path.GetFullPath(Request.PhysicalPath) != Request.PhysicalPath) { throw (new HttpException(404, "Not Found")); } //check if we are upgrading/installing if (Request.Url.LocalPath.ToLower().EndsWith("install.aspx")) { return; } // save original url in context app.Context.Items.Add("UrlRewrite:OriginalUrl", app.Request.Url.AbsoluteUri); // Friendly URLs are exposed externally using the following format // http://www.domain.com/tabid/###/mid/###/ctl/xxx/default.aspx // and processed internally using the following format // http://www.domain.com/default.aspx?tabid=###&mid=###&ctl=xxx // The system for accomplishing this is based on an extensible Regex rules definition stored in /SiteUrls.config string sendTo = ""; // save and remove the querystring as it gets added back on later // path parameter specifications will take precedence over querystring parameters string strQueryString = ""; if (!String.IsNullOrEmpty(app.Request.Url.Query)) { strQueryString = Request.QueryString.ToString(); requestedPath = requestedPath.Replace(app.Request.Url.Query, ""); } // get url rewriting rules RewriterRuleCollection rules = RewriterConfiguration.GetConfig().Rules; // iterate through list of rules int intMatch = -1; for (int intRule = 0; intRule <= rules.Count - 1; intRule++) { // check for the existence of the LookFor value string strLookFor = "^" + RewriterUtils.ResolveUrl(app.Context.Request.ApplicationPath, rules[intRule].LookFor) + "$"; Regex objLookFor = new Regex(strLookFor, RegexOptions.IgnoreCase); // if there is a match if (objLookFor.IsMatch(requestedPath)) { // create a new URL using the SendTo regex value sendTo = RewriterUtils.ResolveUrl(app.Context.Request.ApplicationPath, objLookFor.Replace(requestedPath, rules[intRule].SendTo)); // obtain the RegEx match group which contains the parameters Match objMatch = objLookFor.Match(requestedPath); string strParameters = objMatch.Groups[2].Value; // process the parameters if (strParameters.Trim(null).Length > 0) { // split the value into an array based on "/" ( ie. /tabid/##/ ) strParameters = strParameters.Replace("\\", "/"); string[] arrParameters = strParameters.Split('/'); string strParameterDelimiter; string strParameterName; string strParameterValue; // icreate a well formed querystring based on the array of parameters for (int intParameter = 1; intParameter <= arrParameters.Length - 1; intParameter++) { // ignore the page name if (arrParameters[intParameter].ToLower().IndexOf(".aspx") == -1) { // get parameter name strParameterName = arrParameters[intParameter].Trim(null); if (strParameterName.Length > 0) { // add parameter to SendTo if it does not exist already if (sendTo.ToLower().IndexOf("?" + strParameterName.ToLower()) == -1 && sendTo.ToLower().IndexOf("&" + strParameterName.ToLower()) == -1) { // get parameter delimiter if (sendTo.IndexOf("?") != -1) { strParameterDelimiter = "&"; } else { strParameterDelimiter = "?"; } sendTo = sendTo + strParameterDelimiter + strParameterName; // get parameter value strParameterValue = ""; if (intParameter < (arrParameters.Length - 1)) { intParameter++; if (arrParameters[intParameter].Trim() != "") { strParameterValue = arrParameters[intParameter].Trim(null); } } // add the parameter value if (strParameterValue.Length > 0) { sendTo = sendTo + "=" + strParameterValue; } } } } } } intMatch = intRule; break; // exit as soon as it processes the first match } } // add querystring parameters back to SendTo if (!String.IsNullOrEmpty(strQueryString)) { string[] arrParameters = strQueryString.Split('&'); // iterate through the array of parameters for (int intParameter = 0; intParameter <= arrParameters.Length - 1; intParameter++) { // get parameter name string strParameterName = arrParameters[intParameter]; if (strParameterName.IndexOf("=") != -1) { strParameterName = strParameterName.Substring(0, strParameterName.IndexOf("=")); } // check if parameter already exists if (sendTo.ToLower().IndexOf("?" + strParameterName.ToLower()) == -1 && sendTo.ToLower().IndexOf("&" + strParameterName.ToLower()) == -1) { // add parameter to SendTo value if (sendTo.IndexOf("?") != -1) { sendTo = sendTo + "&" + arrParameters[intParameter]; } else { sendTo = sendTo + "?" + arrParameters[intParameter]; } } } } // if a match was found to the urlrewrite rules if (intMatch != -1) { if (rules[intMatch].SendTo.StartsWith("~")) { // rewrite the URL for internal processing RewriterUtils.RewriteUrl(app.Context, sendTo); } else { // it is not possible to rewrite the domain portion of the URL so redirect to the new URL Response.Redirect(sendTo, true); } } // *Note: from this point on we are dealing with a "standard" querystring ( ie. http://www.domain.com/default.aspx?tabid=## ) int TabId = -1; int PortalId = -1; string DomainName = null; string PortalAlias = null; PortalAliasInfo objPortalAliasInfo; // get TabId from querystring ( this is mandatory for maintaining portal context for child portals ) try { if (!(Request.QueryString["tabid"] == null)) { TabId = int.Parse(Request.QueryString["tabid"]); } // get PortalId from querystring ( this is used for host menu options as well as child portal navigation ) if (!(Request.QueryString["portalid"] == null)) { PortalId = int.Parse(Request.QueryString["portalid"]); } } catch (Exception) { //The tabId or PortalId are incorrectly formatted (potential DOS) throw (new HttpException(404, "Not Found")); } // alias parameter can be used to switch portals if (!(Request.QueryString["alias"] == null)) { // check if the alias is valid if (PortalSettings.GetPortalAliasInfo(Request.QueryString["alias"]) != null) { // check if the domain name contains the alias if (Strings.InStr(1, Request.QueryString["alias"], DomainName, CompareMethod.Text) == 0) { // redirect to the url defined in the alias Response.Redirect(Globals.GetPortalDomainName(Request.QueryString["alias"], Request, true)); } else // the alias is the same as the current domain { PortalAlias = Request.QueryString["alias"]; } } } // parse the Request URL into a Domain Name token DomainName = Globals.GetDomainName(Request); // PortalId identifies a portal when set if (PortalAlias == null) { if (PortalId != -1) { PortalAlias = PortalSettings.GetPortalByID(PortalId, DomainName); } } // TabId uniquely identifies a Portal if (PortalAlias == null) { if (TabId != -1) { // get the alias from the tabid, but only if it is for a tab in that domain PortalAlias = PortalSettings.GetPortalByTab(TabId, DomainName); if (PortalAlias == null || PortalAlias == "") { //if the TabId is not for the correct domain //see if the correct domain can be found and redirect it objPortalAliasInfo = PortalSettings.GetPortalAliasInfo(DomainName); if (objPortalAliasInfo != null) { if (app.Request.Url.AbsoluteUri.ToLower().StartsWith("https://")) { strURL = "https://" + objPortalAliasInfo.HTTPAlias.Replace("*.", ""); } else { strURL = "http://" + objPortalAliasInfo.HTTPAlias.Replace("*.", ""); } if (strURL.ToLower().IndexOf(DomainName.ToLower()) == -1) { strURL += app.Request.Url.PathAndQuery; } Response.Redirect(strURL, true); } } } } // else use the domain name if (PortalAlias == null || PortalAlias == "") { PortalAlias = DomainName; } //using the DomainName above will find that alias that is the domainname portion of the Url //ie. dotnetnuke.com will be found even if zzz.dotnetnuke.com was entered on the Url objPortalAliasInfo = PortalSettings.GetPortalAliasInfo(PortalAlias); if (objPortalAliasInfo != null) { PortalId = objPortalAliasInfo.PortalID; } // if the portalid is not known if (PortalId == -1) { if (!Request.Url.LocalPath.ToLower().EndsWith(Globals.glbDefaultPage.ToLower())) { // allows requests for aspx pages in custom folder locations to be processed return; } else { //the domain name was not found so try using the host portal's first alias if (Convert.ToString(Globals.HostSettings["HostPortalId"]) != "") { PortalId = Convert.ToInt32(Globals.HostSettings["HostPortalId"]); // use the host portal PortalAliasController objPortalAliasController = new PortalAliasController(); ArrayList arrPortalAliases; arrPortalAliases = objPortalAliasController.GetPortalAliasArrayByPortalID(int.Parse(Convert.ToString(Globals.HostSettings["HostPortalId"]))); if (arrPortalAliases.Count > 0) { //Get the first Alias objPortalAliasInfo = (PortalAliasInfo)arrPortalAliases[0]; if (app.Request.Url.AbsoluteUri.ToLower().StartsWith("https://")) { strURL = "https://" + objPortalAliasInfo.HTTPAlias.Replace("*.", ""); } else { strURL = "http://" + objPortalAliasInfo.HTTPAlias.Replace("*.", ""); } if (TabId != -1) { strURL += app.Request.Url.Query; } Response.Redirect(strURL, true); } } } } if (PortalId != -1) { // load the PortalSettings into current context PortalSettings _portalSettings = new PortalSettings(TabId, objPortalAliasInfo); app.Context.Items.Add("PortalSettings", _portalSettings); } else { // alias does not exist in database // and all attempts to find another have failed //this should only happen if the HostPortal does not have any aliases StreamReader objStreamReader; objStreamReader = File.OpenText(Server.MapPath("~/404.htm")); string strHTML = objStreamReader.ReadToEnd(); objStreamReader.Close(); strHTML = strHTML.Replace("[DOMAINNAME]", DomainName); Response.Write(strHTML); Response.End(); } }
//Log Display //Tasks /// <summary> /// BindData binds the controls to the Data /// </summary> /// <remarks> /// </remarks> /// <history> /// [cnurse] 9/15/2004 Updated to reflect design changes for Help, 508 support /// and localisation /// </history> private void BindData() { string strPortalAlias; strPortalAlias = Globals.GetPortalDomainName(PortalAlias.HTTPAlias, Request, false); if (strPortalAlias.IndexOf("/") != 0) // child portal { strPortalAlias = strPortalAlias.Substring(0, strPortalAlias.LastIndexOf("/") - 1); } string strStartDate = txtStartDate.Text; DateTime dtStart = DateTime.Parse(strStartDate); if (!String.IsNullOrEmpty(strStartDate)) { strStartDate = strStartDate + " 00:00"; } string strEndDate = txtEndDate.Text; DateTime dtEnd = DateTime.Parse(strEndDate); if (!String.IsNullOrEmpty(strEndDate)) { strEndDate = strEndDate + " 23:59"; } UserController objUsers = new UserController(); UserInfo objUser; if (cboReportType.SelectedItem.Value == "10") { //User Registrations By Date ArrayList arrUsers = UserController.GetUsers(PortalId, false); DataTable dt = new DataTable(); DataRow dr; dt.Columns.Add(new DataColumn("Full Name", typeof(string))); dt.Columns.Add(new DataColumn("User Name", typeof(string))); dt.Columns.Add(new DataColumn("Date Registered", typeof(DateTime))); foreach (UserInfo tempLoopVar_objUser in arrUsers) { objUser = tempLoopVar_objUser; if (objUser.Membership.CreatedDate >= dtStart && objUser.Membership.CreatedDate <= dtEnd && objUser.IsSuperUser == false) { dr = dt.NewRow(); dr["Date Registered"] = objUser.Membership.CreatedDate; dr["Full Name"] = objUser.Profile.FullName; dr["User Name"] = objUser.Username; dt.Rows.Add(dr); } } DataView dv = new DataView(dt); dv.Sort = "Date Registered DESC"; grdLog.DataSource = dv; grdLog.DataBind(); } else if (cboReportType.SelectedItem.Value == "11") { //User Registrations By Country ArrayList arrUsers = UserController.GetUsers(PortalId, false); DataTable dt = new DataTable(); DataRow dr; dt.Columns.Add(new DataColumn("Full Name", typeof(string))); dt.Columns.Add(new DataColumn("User Name", typeof(string))); dt.Columns.Add(new DataColumn("Country", typeof(string))); foreach (UserInfo tempLoopVar_objUser in arrUsers) { objUser = tempLoopVar_objUser; if (objUser.Membership.CreatedDate >= dtStart && objUser.Membership.CreatedDate <= dtEnd && objUser.IsSuperUser == false) { dr = dt.NewRow(); dr["Country"] = objUser.Profile.Country; dr["Full Name"] = objUser.Profile.FullName; dr["User Name"] = objUser.Username; dt.Rows.Add(dr); } } DataView dv = new DataView(dt); dv.Sort = "Country"; grdLog.DataSource = dv; grdLog.DataBind(); } else { SiteLogController objSiteLog = new SiteLogController(); IDataReader dr = objSiteLog.GetSiteLog(PortalId, strPortalAlias, Convert.ToInt32(cboReportType.SelectedItem.Value), Convert.ToDateTime(strStartDate), Convert.ToDateTime(strEndDate)); grdLog.DataSource = dr; // we are using a DataReader here because the resultset returned by GetSiteLog varies based on the report type selected and therefore does not conform to a static business object grdLog.DataBind(); dr.Close(); } }