public void ProcessRequest(HttpContext context) { if (context.Request.RequestType != "POST" || !context.Request.IsAuthenticated) return; IGraffitiUser user = GraffitiUsers.Current; if (user == null) return; if (!RolePermissionManager.CanViewControlPanel(user)) return; context.Response.ContentType = "text/plain"; switch (context.Request.QueryString["command"]) { case "deleteComment": Comment c = new Comment(context.Request.Form["commentid"]); if (RolePermissionManager.GetPermissions(c.Post.CategoryId, GraffitiUsers.Current).Publish) { Comment.Delete(context.Request.Form["commentid"]); context.Response.Write("success"); } break; case "deleteCommentWithStatus": Comment c1 = new Comment(context.Request.Form["commentid"]); if (RolePermissionManager.GetPermissions(c1.Post.CategoryId, GraffitiUsers.Current).Publish) { Comment.Delete(context.Request.Form["commentid"]); context.Response.Write("The comment was deleted. <a href=\"javascript:void(0);\" onclick=\"Comments.unDelete('" + new Urls().AdminAjax + "'," + context.Request.Form["commentid"] + "); return false;\">Undo?</a>"); } break; case "unDelete": Comment c2 = new Comment(context.Request.Form["commentid"]); if (RolePermissionManager.GetPermissions(c2.Post.CategoryId, GraffitiUsers.Current).Publish) { Comment comment = new Comment(context.Request.Form["commentid"]); comment.IsDeleted = false; comment.Save(); context.Response.Write("The comment was un-deleted. You may need to refresh the page to see it"); } break; case "approve": Comment c3 = new Comment(context.Request.Form["commentid"]); if (RolePermissionManager.GetPermissions(c3.Post.CategoryId, GraffitiUsers.Current).Publish) { Comment cmt = new Comment(context.Request.Form["commentid"]); cmt.IsDeleted = false; cmt.IsPublished = true; cmt.Save(); context.Response.Write("The comment was un-deleted and/or approved. You may need to refresh the page to see it"); } break; case "deletePost": try { Post postToDelete = new Post(context.Request.Form["postid"]); Permission perm = RolePermissionManager.GetPermissions(postToDelete.CategoryId, user); if (GraffitiUsers.IsAdmin(user) || perm.Publish) { postToDelete.IsDeleted = true; postToDelete.Save(user.Name, DateTime.Now); //Post.Delete(context.Request.Form["postid"]); //ZCache.RemoveByPattern("Posts-"); //ZCache.RemoveCache("Post-" + context.Request.Form["postid"]); context.Response.Write("The post was deleted. <a href=\"javascript:void(0);\" onclick=\"Posts.unDeletePost('" + new Urls().AdminAjax + "'," + context.Request.Form["postid"] + "); return false;\">Undo?</a>"); } } catch (Exception ex) { context.Response.Write(ex.Message); } break; case "unDeletePost": Post p = new Post(context.Request.Form["postid"]); p.IsDeleted = false; p.Save(); //ZCache.RemoveByPattern("Posts-"); //ZCache.RemoveCache("Post-" + context.Request.Form["postid"]); //context.Response.Write("The post was un-deleted. You may need to fresh the page to see it"); break; case "permanentDeletePost": Post tempPost = new Post(context.Request.Form["postid"]); Post.DestroyDeletedPost(tempPost.Id); context.Response.Write(tempPost.Title); break; case "createdWidget": string widgetID = context.Request.Form["id"]; List<WidgetDescription> the_widgets = Widgets.GetAvailableWidgets(); Widget widget = null; foreach (WidgetDescription wia in the_widgets) { if (wia.UniqueId == widgetID) { widget = Widgets.Create(wia.WidgetType); break; } } context.Response.Write(widget.Id.ToString()); break; case "updateWidgetsOrder": try { string listID = context.Request.Form["id"]; string list = "&" + context.Request.Form["list"]; Widgets.ReOrder(listID, list); //StreamWriter sw = new StreamWriter(context.Server.MapPath("~/widgets.txt"), true); //sw.WriteLine(DateTime.Now); //sw.WriteLine(); //sw.WriteLine(context.Request.Form["left"]); //sw.WriteLine(context.Request.Form["right"]); //sw.WriteLine(context.Request.Form["queue"]); //sw.WriteLine(); //sw.Close(); context.Response.Write("Saved!"); } catch (Exception ex) { context.Response.Write(ex.Message); } break; case "deleteWidget": string deleteID = context.Request.Form["id"]; Widgets.Delete(deleteID); context.Response.Write("The widget was removed!"); break; case "createTextLink": DynamicNavigationItem di = new DynamicNavigationItem(); di.NavigationType = DynamicNavigationType.Link; di.Text = context.Request.Form["text"]; di.Href = context.Request.Form["href"]; di.Id = Guid.NewGuid(); NavigationSettings.Add(di); context.Response.Write(di.Id); break; case "deleteTextLink": Guid g = new Guid(context.Request.Form["id"]); NavigationSettings.Remove(g); context.Response.Write("Success"); break; case "reOrderNavigation": try { string navItems = "&" + context.Request.Form["navItems"]; NavigationSettings.ReOrder(navItems); context.Response.Write("Success"); } catch (Exception ex) { context.Response.Write(ex.Message); } break; case "addNavigationItem": try { if (context.Request.Form["type"] == "Post") { Post navPost = Post.FetchByColumn(Post.Columns.UniqueId, new Guid(context.Request.Form["id"])); DynamicNavigationItem item = new DynamicNavigationItem(); item.PostId = navPost.Id; item.Id = navPost.UniqueId; item.NavigationType = DynamicNavigationType.Post; NavigationSettings.Add(item); context.Response.Write("Success"); } else if (context.Request.Form["type"] == "Category") { Category navCategory = Category.FetchByColumn(Category.Columns.UniqueId, new Guid(context.Request.Form["id"])); DynamicNavigationItem item = new DynamicNavigationItem(); item.CategoryId = navCategory.Id; item.Id = navCategory.UniqueId; item.NavigationType = DynamicNavigationType.Category; NavigationSettings.Add(item); context.Response.Write("Success"); } } catch (Exception exp) { context.Response.Write(exp.Message); } break; case "reOrderPosts": try { Dictionary<int, Post> posts = new Dictionary<int, Post>(); DataBuddy.Query query = Post.CreateQuery(); query.AndWhere(Post.Columns.CategoryId, int.Parse(context.Request.QueryString["id"])); foreach (Post post in PostCollection.FetchByQuery(query)) { posts[post.Id] = post; } string postOrder = context.Request.Form["posts"]; int orderNumber = 1; foreach (string sId in postOrder.Split('&')) { Post post = null; posts.TryGetValue(int.Parse(sId), out post); if (post != null && post.SortOrder != orderNumber) { post.SortOrder = orderNumber; post.Save(); } orderNumber++; } context.Response.Write("Success"); } catch (Exception ex) { context.Response.Write(ex.Message); } break; case "reOrderHomePosts": try { Dictionary<int, Post> posts = new Dictionary<int, Post>(); DataBuddy.Query query = Post.CreateQuery(); query.AndWhere(Post.Columns.IsHome, true); foreach (Post post in PostCollection.FetchByQuery(query)) { posts[post.Id] = post; } string postOrder = context.Request.Form["posts"]; int orderNumber = 1; foreach (string sId in postOrder.Split('&')) { Post post = null; posts.TryGetValue(int.Parse(sId), out post); if (post != null && post.HomeSortOrder != orderNumber) { post.HomeSortOrder = orderNumber; post.Save(); } orderNumber++; } context.Response.Write("Success"); } catch (Exception ex) { context.Response.Write(ex.Message); } break; case "categoryForm": int selectedCategory = int.Parse(context.Request.QueryString["category"] ?? "-1"); int postId = int.Parse(context.Request.QueryString["post"] ?? "-1"); NameValueCollection nvcCustomFields; if (postId > 0) nvcCustomFields = new Post(postId).CustomFields(); else nvcCustomFields = new NameValueCollection(); CustomFormSettings cfs = CustomFormSettings.Get(selectedCategory); if (cfs.HasFields) { foreach (CustomField cf in cfs.Fields) { if (context.Request.Form[cf.Id.ToString()] != null) nvcCustomFields[cf.Name] = context.Request.Form[cf.Id.ToString()]; } context.Response.Write(cfs.GetHtmlForm(nvcCustomFields, (postId < 1))); } else context.Response.Write(""); break; case "toggleEventStatus": try { EventDetails ed = Events.GetEvent(context.Request.QueryString["t"]); ed.Enabled = !ed.Enabled; if (ed.Enabled) ed.Event.EventEnabled(); else ed.Event.EventDisabled(); Events.Save(ed); context.Response.Write(ed.Enabled ? "Enabled" : "Disabled"); } catch (Exception ex) { context.Response.Write(ex.Message); } break; case "buildMainFeed": try { FileInfo mainFeedFileInfo = new FileInfo(HttpContext.Current.Server.MapPath("~/Feed/Default.aspx")); if (!mainFeedFileInfo.Directory.Exists) mainFeedFileInfo.Directory.Create(); using (StreamWriter sw = new StreamWriter(mainFeedFileInfo.FullName, false)) { sw.WriteLine("<%@ Page Language=\"C#\" Inherits=\"Graffiti.Core.RSS\" %>"); sw.Close(); } context.Response.Write("Success"); } catch (Exception ex) { context.Response.Write(ex.Message); return; } break; case "removeFeedData": try { FeedManager.RemoveFeedData(); context.Response.Write("Success"); } catch (Exception ex) { context.Response.Write(ex.Message); } break; case "buildCategoryPages": try { CategoryCollection cc = new CategoryController().GetCachedCategories(); foreach (Category cat in cc) cat.WritePages(); context.Response.Write("Success"); } catch (Exception ex) { context.Response.Write(ex.Message); return; } break; case "buildPages": try { Query q = Post.CreateQuery(); q.PageIndex = Int32.Parse(context.Request.Form["p"]); q.PageSize = 20; q.OrderByDesc(Post.Columns.Id); PostCollection pc = PostCollection.FetchByQuery(q); if (pc.Count > 0) { foreach (Post postToWrite in pc) { postToWrite.WritePages(); foreach (string tagName in Util.ConvertStringToList(postToWrite.TagList)) { if (!string.IsNullOrEmpty(tagName)) Tag.WritePage(tagName); } } context.Response.Write("Next"); } else { context.Response.Write("Success"); } } catch (Exception ex) { context.Response.Write(ex.Message); return; } break; case "importPosts": try { Post newPost = new Post(); newPost.Title = HttpContext.Current.Server.HtmlDecode(context.Request.Form["subject"].ToString()); string postName = HttpContext.Current.Server.HtmlDecode(context.Request.Form["name"].ToString()); PostCollection pc = new PostCollection(); if (!String.IsNullOrEmpty(postName)) { Query q = Post.CreateQuery(); q.AndWhere(Post.Columns.Name, Util.CleanForUrl(postName)); pc.LoadAndCloseReader(q.ExecuteReader()); } if (pc.Count > 0) { newPost.Name = "[RENAME ME - " + Guid.NewGuid().ToString().Substring(0, 7) + "]"; newPost.Status = (int)PostStatus.Draft; } else if (String.IsNullOrEmpty(postName)) { newPost.Name = "[RENAME ME - " + Guid.NewGuid().ToString().Substring(0, 7) + "]"; newPost.Status = (int)PostStatus.Draft; } else { newPost.Name = postName; newPost.Status = (int)PostStatus.Publish; } if (String.IsNullOrEmpty(newPost.Title)) newPost.Title = newPost.Name; newPost.PostBody = HttpContext.Current.Server.HtmlDecode(context.Request.Form["body"].ToString()); newPost.CreatedOn = Convert.ToDateTime(context.Request.Form["createdon"]); newPost.CreatedBy = context.Request.Form["author"]; newPost.ModifiedBy = context.Request.Form["author"]; newPost.TagList = context.Request.Form["tags"]; newPost.ContentType = "text/html"; newPost.CategoryId = Convert.ToInt32(context.Request.Form["category"]); newPost.UserName = context.Request.Form["author"]; newPost.EnableComments = true; newPost.Published = Convert.ToDateTime(context.Request.Form["createdon"]); newPost.IsPublished = Convert.ToBoolean(context.Request.Form["published"]); // this was causing too many posts to be in draft status. // updated text on migrator to flag users to just move their content/binary directory // into graffiti's root //if (context.Request.Form["method"] == "dasBlog") //{ // if (newPost.Body.ToLower().Contains("/content/binary/")) // newPost.Status = (int)PostStatus.Draft; //} newPost.Save(GraffitiUsers.Current.Name); int postid = Convert.ToInt32(context.Request.Form["postid"]); IMigrateFrom temp = null; switch (context.Request.Form["method"]) { case "CS2007Database": CS2007Database db = new CS2007Database(); temp = (IMigrateFrom)db; break; case "Wordpress": Wordpress wp = new Wordpress(); temp = (IMigrateFrom)wp; break; case "BlogML": BlogML bml = new BlogML(); temp = (IMigrateFrom)bml; break; case "CS21Database": CS21Database csDb = new CS21Database(); temp = (IMigrateFrom)csDb; break; case "dasBlog": dasBlog dasb = new dasBlog(); temp = (IMigrateFrom)dasb; break; } List<MigratorComment> comments = temp.GetComments(postid); foreach (MigratorComment cmnt in comments) { Comment ct = new Comment(); ct.PostId = newPost.Id; ct.Body = cmnt.Body; ct.Published = cmnt.PublishedOn; ct.IPAddress = cmnt.IPAddress; ct.WebSite = cmnt.WebSite; ct.Email = string.IsNullOrEmpty(cmnt.Email) ? "" : cmnt.Email; ct.Name = string.IsNullOrEmpty(cmnt.UserName) ? "" : cmnt.UserName; ct.IsPublished = cmnt.IsPublished; ct.IsTrackback = cmnt.IsTrackback; ct.SpamScore = cmnt.SpamScore; ct.DontSendEmail = true; ct.DontChangeUser = true; ct.Save(); Comment ctemp = new Comment(ct.Id); ctemp.DontSendEmail = true; ctemp.DontChangeUser = true; ctemp.Body = HttpContext.Current.Server.HtmlDecode(ctemp.Body); ctemp.Save(); } if (newPost.Status == (int)PostStatus.Publish) context.Response.Write("Success" + context.Request.Form["panel"]); else context.Response.Write("Warning" + context.Request.Form["panel"]); } catch (Exception ex) { context.Response.Write(context.Request.Form["panel"] + ":" + ex.Message); } break; case "saveHomeSortStatus": SiteSettings siteSettings = SiteSettings.Get(); siteSettings.UseCustomHomeList = bool.Parse(context.Request.Form["ic"]); siteSettings.Save(); context.Response.Write("Success"); break; case "checkCategoryPermission": try { int catID = Int32.Parse(context.Request.QueryString["category"]); string permissionName = context.Request.QueryString["permission"]; Permission perm = RolePermissionManager.GetPermissions(catID, user); bool permissionResult = false; switch (permissionName) { case "Publish": permissionResult = perm.Publish; break; case "Read": permissionResult = perm.Read; break; case "Edit": permissionResult = perm.Edit; break; } context.Response.Write(permissionResult.ToString().ToLower()); } catch (Exception ex) { context.Response.Write(ex.Message); } break; } }
private void CreatePingBack(string sourceURI, string targetURI) { // Check Parameters if (string.IsNullOrEmpty(sourceURI)) { throw new XmlRpcFaultException(errorCode_SourceURIDoesNotExist, "No source URI parameter found, please try harder!"); } if (string.IsNullOrEmpty(targetURI)) { throw new XmlRpcFaultException(errorCode_TargetURIDoesNotExist, "The target URI does not exist!"); } // Retrieve referenced post Post trackedEntry = null; try { trackedEntry = GetPostFromUrl(targetURI); } catch { throw new XmlRpcFaultException(errorCode_TargetURIInvalid, "The target URI is invalid."); } if (trackedEntry == null) { throw new XmlRpcFaultException(errorCode_TargetURIInvalid, "The target URI is invalid."); } // Check if trackbacks/pingbacks are enabled if (!trackedEntry.EnableComments || !trackedEntry.EnableNewComments) { throw new XmlRpcFaultException(errorCode_AccessDenied, "Pingbacks are not enabled."); } // Check if this is a duplicate pingback (or trackback) if (!IsNewTrackBack(trackedEntry.Id, sourceURI)) { throw new XmlRpcFaultException(errorCode_DuplicatePingBack, "A pingback for this source URI already exists."); } // Retrieve the source document and check if it actually contains a link to the target string pageTitle = null; if (!LinkParser.SourceContainsTarget(sourceURI, new Macros().FullUrl(trackedEntry.Url), out pageTitle)) { throw new XmlRpcFaultException(errorCode_SourceDoesNotContainTarget, "Sorry couldn't find a relevant link in " + sourceURI); } if (string.IsNullOrEmpty(pageTitle)) throw new XmlRpcFaultException(errorCode_SourceDoesNotContainTarget, "Could not find a readable HTML title in the remote page at " + sourceURI); // Create the Trackback item Comment comment = new Comment(); comment.IsTrackback = true; comment.PostId = trackedEntry.Id; comment.Name = pageTitle; comment.WebSite = sourceURI; comment.Body = "Pingback from " + pageTitle; comment.IPAddress = Context.Request.UserHostAddress; comment.Published = DateTime.Now.AddHours(SiteSettings.Get().TimeZoneOffSet); comment.Save(); // Log success message to EventLog string message = String.Format("Pingback request received from {0} and saved to post {1}.", sourceURI, trackedEntry.Title); Log.Info("Pingback Received", message); }
public void ProcessRequest(HttpContext context) { Macros macros = new Macros(); context.Response.ContentType = "text/xml"; int postId = 0; try { postId = int.Parse(context.Request.QueryString["id"]); } catch { } if (postId <= 0) TrackbackResponse(context, "PostId is invalid or missing"); if (context.Request.HttpMethod == "POST") { string title = SafeParam(context, "title"); string excerpt = SafeParam(context, "excerpt"); string url = SafeParam(context, "url"); string blog_name = SafeParam(context, "blog_name"); try { // Check if params are valid if (string.IsNullOrEmpty(url) || string.IsNullOrEmpty(title) || string.IsNullOrEmpty(blog_name) || string.IsNullOrEmpty(excerpt)) { TrackbackResponse(context, "One or more parameters are invalid or missing"); } Post trackedEntry = Post.GetCachedPost(postId); if (trackedEntry == null) { TrackbackResponse(context, "The link does not exist"); return; } if (!trackedEntry.EnableComments || !trackedEntry.EnableNewComments) { TrackbackResponse(context, "Trackbacks are not enabled"); return; } if (!IsNewTrackBack(trackedEntry.Id, url)) { TrackbackResponse(context, "Trackbacks already exists"); return; } string pageTitle = null; if (!LinkParser.SourceContainsTarget(url, macros.FullUrl(trackedEntry.Url), out pageTitle)) { TrackbackResponse(context, "Sorry couldn't find a relevant link in " + url); } if (string.IsNullOrEmpty(pageTitle)) { TrackbackResponse(context, "Could not find a readable HTML title in the remote page at " + url); return; } if (!string.IsNullOrEmpty(excerpt)) excerpt = Util.RemoveHtml(excerpt, 250); // Create the Trackback item Comment comment = new Comment(); comment.IsTrackback = true; comment.PostId = trackedEntry.Id; comment.Name = title; comment.WebSite = url; comment.Body = excerpt; comment.IPAddress = context.Request.UserHostAddress; comment.Published = DateTime.Now.AddHours(SiteSettings.Get().TimeZoneOffSet); comment.Save(); // Log success message to EventLog string message = String.Format("Trackback request received from {0} and saved to post {1}.", url, trackedEntry.Title); Log.Info("Trackback Received", message); context.Response.Write(successResponseXML); context.Response.End(); } catch (System.Threading.ThreadAbortException) { } catch (System.Exception ex) { if (ex.Message != null) TrackbackResponse(context, string.Format("Error occurred while processing Trackback: {0}", ex.Message)); else TrackbackResponse(context, "Unknown error occurred while processing Trackback."); } } }
public void ProcessRequest(HttpContext context) { if (context.Request.RequestType != "POST") return; if (context.Items["UserId"] == null) return; context.Response.ContentType = "text/plain"; switch (context.Request.QueryString["command"]) { case "newComment": Comment comment = new Comment(); comment.Name = context.Request.Form["author"]; comment.WebSite = context.Request.Form["url"]; comment.Email = context.Request.Form["email"]; comment.Body = context.Request.Form["comment"]; if (!context.Request.IsAuthenticated && String.IsNullOrEmpty(comment.Name)) { context.Response.Write("Please enter your name"); return; } if (String.IsNullOrEmpty(comment.Body)) { context.Response.Write("Please enter a comment"); return; } comment.IPAddress = context.Request.UserHostAddress; comment.PostId = Int32.Parse(context.Request.Form["comment_post_ID"]); comment.Published = DateTime.Now.AddHours(SiteSettings.Get().TimeZoneOffSet); comment.Save(); context.Response.Write("Your comment has been received and will be published shortly. Thanks!"); break; case "newContactMessage": string subject = context.Request.Form["subject"]; string email = context.Request.Form["email"]; string name = context.Request.Form["name"]; string message = context.Request.Form["message"]; if (string.IsNullOrEmpty(subject) || string.IsNullOrEmpty(email) || string.IsNullOrEmpty(name) || string.IsNullOrEmpty(message)) { context.Response.Write("All of the fields are required, your message has not been sent"); context.Response.End(); return; } if (!Regex.IsMatch(email, @"\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}\b", RegexOptions.IgnoreCase)) { context.Response.Write("The email address you entered is not valid"); context.Response.End(); return; } EmailTemplateToolboxContext templateContext = new EmailTemplateToolboxContext(); templateContext.Put("subject", context.Server.HtmlEncode(subject)); templateContext.Put("email", context.Server.HtmlEncode(email)); templateContext.Put("name", context.Server.HtmlEncode(name)); templateContext.Put("message", Util.ConvertTextToHTML(message)); templateContext.Put("ip", context.Request.UserHostAddress); EmailTemplate et = new EmailTemplate(); et.Subject = "Contact Request: " + subject; et.Context = templateContext; et.From = email; et.TemplateName = "contact.view"; Log.Info("Contact Received", "Subject: {0}\nFrom:{1} ({2})\nIP:{3}\n\n{4}", subject, name, email, context.Request.UserHostAddress, message); foreach (IGraffitiUser user in GraffitiUsers.GetUsers(GraffitiUsers.AdminRole)) { et.To = user.Email; Emailer.Send(et); } context.Response.Write("Your message was received. Thanks!"); break; } }