public ActionResult Create(RegisterModel model) { string restrictedErr = "Sorry, access from your host is restricted. It is possible this restriction is no longer valid. If you think this is the case, please contact support."; if (!ModelState.IsValidField("Extra")) { log.Warn(string.Format("An attempt was made to fill the bot decoy field from {0}.", Hostname)); MvcApplication.BannedIPs.Add(Hostname); return View(model); } if (!ReCaptcha.Validate(ConfigurationManager.AppSettings["ReCAPTCHAKey"])) { ErrorLogger.LogMessage(Request, "Invalid CAPTCHA", LogLevel.Warn); Services.Other.AuditLog("failed CAPTCHA", Hostname, AuditLogCategory.UserCreateFailCaptcha); ModelState.AddModelError("CAPTCHA", ViewRes.User.CreateStrings.CaptchaInvalid); } if (!ModelState.IsValid) return View(model); if (!MvcApplication.IPRules.IsAllowed(Hostname)) { ModelState.AddModelError("Restricted", restrictedErr); return View(model); } var time = TimeSpan.FromTicks(DateTime.Now.Ticks - model.EntryTime); if (time < TimeSpan.FromSeconds(5)) { log.Warn(string.Format("Suspicious registration form fill time ({0}) from {1}.", time, Hostname)); ModelState.AddModelError("Restricted", restrictedErr); MvcApplication.BannedIPs.Add(Hostname); return View(model); } // Attempt to register the user var user = Service.Create(model.UserName, model.Password, model.Email ?? string.Empty, Hostname, time); if (HandleCreate(user)) return RedirectToAction("Index", "Home"); return View(model); }
public ActionResult Create(RegisterModel model) { string restrictedErr = "Sorry, access from your host is restricted. It is possible this restriction is no longer valid. If you think this is the case, please contact support."; if (!ModelState.IsValidField("Extra")) { log.Warn(string.Format("An attempt was made to fill the bot decoy field from {0}.", Hostname)); MvcApplication.BannedIPs.Add(Hostname); return View(model); } if (!ReCaptcha.Validate(ConfigurationManager.AppSettings["ReCAPTCHAKey"])) { var captchaResponse = Request.Params["recaptcha_response_field"] ?? string.Empty; ErrorLogger.LogMessage(Request, string.Format("Invalid CAPTCHA (response was {0})", captchaResponse), LogLevel.Warn); Services.Other.AuditLog("failed CAPTCHA", Hostname, AuditLogCategory.UserCreateFailCaptcha); ModelState.AddModelError("CAPTCHA", ViewRes.User.CreateStrings.CaptchaInvalid); } if (!ModelState.IsValid) return View(model); if (!MvcApplication.IPRules.IsAllowed(Hostname)) { ModelState.AddModelError("Restricted", restrictedErr); return View(model); } var time = TimeSpan.FromTicks(DateTime.Now.Ticks - model.EntryTime); // Attempt to register the user try { var url = VocaUriBuilder.CreateAbsolute(Url.Action("VerifyEmail", "User")).ToString(); var user = Data.Create(model.UserName, model.Password, model.Email ?? string.Empty, Hostname, time, MvcApplication.BannedIPs, url); FormsAuthentication.SetAuthCookie(user.Name, false); return RedirectToAction("Index", "Home"); } catch (UserNameAlreadyExistsException) { ModelState.AddModelError("UserName", ViewRes.User.CreateStrings.UsernameTaken); return View(model); } catch (UserEmailAlreadyExistsException) { ModelState.AddModelError("Email", ViewRes.User.CreateStrings.EmailTaken); return View(model); } catch (InvalidEmailFormatException) { ModelState.AddModelError("Email", ViewRes.User.MySettingsStrings.InvalidEmail); return View(model); } catch (TooFastRegistrationException) { ModelState.AddModelError("Restricted", restrictedErr); return View(model); } }