public async Task <ActionResult> Register(NewProfileData data)
{
if (!ModelState.IsValid)
{
return(View(data));
}
data.Sanitize();
data.StripProtocolsFromUrls();
var nickNameExists = await UserGuiHelper.CheckIfNickNameExistAsync(data.NickName);
if (nickNameExists)
{
ModelState.AddModelError("NickName", "NickName already exists");
return(View(data));
}
var result = await UserManager.RegisterNewUserAsync(data.NickName, data.DateOfBirth, data.EmailAddress, data.EmailAddressIsPublic, data.IconURL,
HnDGeneralUtils.GetRemoteIPAddressAsIP4String(this.HttpContext.Connection.RemoteIpAddress), data.Location,
data.Occupation, data.Signature, data.Website,
ApplicationAdapter.GetEmailData(this.Request.Host.Host, EmailTemplate.RegistrationReply),
data.AutoSubscribeToThread, data.DefaultNumberOfMessagesPerPage);
if (result > 0)
{
this.HttpContext.Session.UpdateUserSettings(data);
return(RedirectToAction("Login", "Account"));
}
return(View(data));
}
public async Task <ActionResult> Add([Bind(nameof(MessageData.MessageText), nameof(MessageData.Subscribe))]
MessageData messageData, string submitButton,
int threadId = 0)
{
if (submitButton != "Post")
{
return(threadId <= 0 ? RedirectToAction("Index", "Home") : RedirectToAction("Index", "Thread", new { threadId = threadId }));
}
if (!ModelState.IsValid)
{
return(RedirectToAction("Index", "Home"));
}
var(userMayAddMessages, thread) = await PerformAddMessageSecurityChecksAsync(threadId);
if (!userMayAddMessages)
{
return(RedirectToAction("Index", "Home"));
}
int newMessageId = 0;
if (submitButton == "Post")
{
// allowed, proceed
// parse message text to html
var messageAsHtml = HnDGeneralUtils.TransformMarkdownToHtml(messageData.MessageText, ApplicationAdapter.GetEmojiFilenamesPerName(),
ApplicationAdapter.GetSmileyMappings());
var systemData = await _cache.GetSystemDataAsync();
var remoteIPAddress = HnDGeneralUtils.GetRemoteIPAddressAsIP4String(this.HttpContext.Connection.RemoteIpAddress);
newMessageId = await ThreadManager.CreateNewMessageInThreadAsync(threadId, this.HttpContext.Session.GetUserID(), messageData.MessageText, messageAsHtml,
remoteIPAddress, messageData.Subscribe,
ApplicationAdapter.GetEmailData(this.Request.Host.Host, EmailTemplate.ThreadUpdatedNotification),
systemData.SendReplyNotifications);
ApplicationAdapter.InvalidateCachedNumberOfThreadsInSupportQueues();
if (this.HttpContext.Session.CheckIfNeedsAuditing(AuditActions.AuditNewMessage))
{
await SecurityManager.AuditNewMessageAsync(this.HttpContext.Session.GetUserID(), newMessageId);
}
}
return(await CalculateRedirectToMessageAsync(thread.ThreadID, newMessageId));
}
public async Task Invoke(HttpContext context)
{
var ipAddress = context.Connection.RemoteIpAddress;
if (_cache != null)
{
var ipBans = await _cache.GetAllIPBansAsync();
var matchingIPBan = SecurityGuiHelper.GetIPBanMatchingUserIPAddress(ipBans, HnDGeneralUtils.GetRemoteIPAddressAsIP4String(ipAddress));
if (matchingIPBan != null)
{
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
context.Response.Redirect(ApplicationAdapter.GetVirtualRoot() + "banned.html");
}
}
await _next.Invoke(context);
}
