Exemplo n.º 1
0
        public async Task <ActionResult> Register(NewProfileData data)
        {
            if (!ModelState.IsValid)
            {
                return(View(data));
            }

            data.Sanitize();
            data.StripProtocolsFromUrls();

            var nickNameExists = await UserGuiHelper.CheckIfNickNameExistAsync(data.NickName);

            if (nickNameExists)
            {
                ModelState.AddModelError("NickName", "NickName already exists");
                return(View(data));
            }

            var result = await UserManager.RegisterNewUserAsync(data.NickName, data.DateOfBirth, data.EmailAddress, data.EmailAddressIsPublic, data.IconURL,
                                                                HnDGeneralUtils.GetRemoteIPAddressAsIP4String(this.HttpContext.Connection.RemoteIpAddress), data.Location,
                                                                data.Occupation, data.Signature, data.Website,
                                                                ApplicationAdapter.GetEmailData(this.Request.Host.Host, EmailTemplate.RegistrationReply),
                                                                data.AutoSubscribeToThread, data.DefaultNumberOfMessagesPerPage);

            if (result > 0)
            {
                this.HttpContext.Session.UpdateUserSettings(data);
                return(RedirectToAction("Login", "Account"));
            }

            return(View(data));
        }
Exemplo n.º 2
0
        public async Task <ActionResult> Add([Bind(nameof(MessageData.MessageText), nameof(MessageData.Subscribe))]
                                             MessageData messageData, string submitButton,
                                             int threadId = 0)
        {
            if (submitButton != "Post")
            {
                return(threadId <= 0 ? RedirectToAction("Index", "Home") : RedirectToAction("Index", "Thread", new { threadId = threadId }));
            }

            if (!ModelState.IsValid)
            {
                return(RedirectToAction("Index", "Home"));
            }

            var(userMayAddMessages, thread) = await PerformAddMessageSecurityChecksAsync(threadId);

            if (!userMayAddMessages)
            {
                return(RedirectToAction("Index", "Home"));
            }

            int newMessageId = 0;

            if (submitButton == "Post")
            {
                // allowed, proceed
                // parse message text to html
                var messageAsHtml = HnDGeneralUtils.TransformMarkdownToHtml(messageData.MessageText, ApplicationAdapter.GetEmojiFilenamesPerName(),
                                                                            ApplicationAdapter.GetSmileyMappings());
                var systemData = await _cache.GetSystemDataAsync();

                var remoteIPAddress = HnDGeneralUtils.GetRemoteIPAddressAsIP4String(this.HttpContext.Connection.RemoteIpAddress);
                newMessageId = await ThreadManager.CreateNewMessageInThreadAsync(threadId, this.HttpContext.Session.GetUserID(), messageData.MessageText, messageAsHtml,
                                                                                 remoteIPAddress, messageData.Subscribe,
                                                                                 ApplicationAdapter.GetEmailData(this.Request.Host.Host, EmailTemplate.ThreadUpdatedNotification),
                                                                                 systemData.SendReplyNotifications);

                ApplicationAdapter.InvalidateCachedNumberOfThreadsInSupportQueues();
                if (this.HttpContext.Session.CheckIfNeedsAuditing(AuditActions.AuditNewMessage))
                {
                    await SecurityManager.AuditNewMessageAsync(this.HttpContext.Session.GetUserID(), newMessageId);
                }
            }

            return(await CalculateRedirectToMessageAsync(thread.ThreadID, newMessageId));
        }
Exemplo n.º 3
0
        public async Task Invoke(HttpContext context)
        {
            var ipAddress = context.Connection.RemoteIpAddress;

            if (_cache != null)
            {
                var ipBans = await _cache.GetAllIPBansAsync();

                var matchingIPBan = SecurityGuiHelper.GetIPBanMatchingUserIPAddress(ipBans, HnDGeneralUtils.GetRemoteIPAddressAsIP4String(ipAddress));
                if (matchingIPBan != null)
                {
                    context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
                    context.Response.Redirect(ApplicationAdapter.GetVirtualRoot() + "banned.html");
                }
            }

            await _next.Invoke(context);
        }