} // End of the OnAuthorization method
/// <summary>
/// Handle a non https request
/// </summary>
/// <param name="filterContext">A reference to the context</param>
protected override void HandleNonHttpsRequest(AuthorizationContext filterContext)
{
// Get the current domain
Domain domain = Tools.GetCurrentDomain();
// Get the host
string host = filterContext.HttpContext.Request.Url.Host;
// Get website settings
KeyStringList websiteSettings = WebsiteSetting.GetAllFromCache();
string redirectHttps = websiteSettings.Get("REDIRECT-HTTPS");
if(redirectHttps.ToLower() == "true")
{
// Modify the url
UriBuilder uriBuilder = new UriBuilder(filterContext.HttpContext.Request.Url);
uriBuilder.Scheme = "https";
uriBuilder.Host = domain.web_address.Contains("www.") == true && uriBuilder.Host.Contains("www.") == false ? "www." + uriBuilder.Host : uriBuilder.Host;
uriBuilder.Port = 443;
// Redirect to https (301)
filterContext.HttpContext.Response.RedirectPermanent(uriBuilder.Uri.AbsoluteUri);
}
else if (domain.web_address.Contains("www.") == true && host.Contains("www.") == false)
{
// Modify the url
UriBuilder uriBuilder = new UriBuilder(filterContext.HttpContext.Request.Url);
uriBuilder.Host = domain.web_address.Contains("www.") == true && uriBuilder.Host.Contains("www.") == false ? "www." + uriBuilder.Host : uriBuilder.Host;
// Redirect to www (301)
filterContext.HttpContext.Response.RedirectPermanent(uriBuilder.Uri.AbsoluteUri);
}
} // End of the HandleNonHttpsRequest method
public ActionResult index(FormCollection collection)
{
// Get the current domain
Domain currentDomain = Tools.GetCurrentDomain();
ViewBag.CurrentDomain = currentDomain;
// Get the data from the form
string user_name = collection["txtUserName"];
string password = collection["txtPassword"];
// Get the administrator
Administrator administrator = Administrator.GetOneByUserName(user_name);
// Get the current language id for admins
Int32 adminLanguageId = currentDomain.back_end_language;
// Get translated texts
KeyStringList translatedTexts = StaticText.GetAll(adminLanguageId, "id", "ASC");
// Check if the user name exists and if the password is correct
if (administrator != null && Administrator.ValidatePassword(user_name, password) == true
&& Administrator.IsAuthorized(Administrator.GetAllAdminRoles(), administrator.admin_role) == true)
{
// Get website settings
KeyStringList websiteSettings = WebsiteSetting.GetAllFromCache();
string redirectHttps = websiteSettings.Get("REDIRECT-HTTPS");
// Create the administrator cookie
HttpCookie adminCookie = new HttpCookie("Administrator");
adminCookie.Value = Tools.ProtectCookieValue(administrator.id.ToString(), "Administration");
adminCookie.Expires = DateTime.UtcNow.AddDays(1);
adminCookie.HttpOnly = true;
adminCookie.Secure = redirectHttps.ToLower() == "true" ? true : false;
Response.Cookies.Add(adminCookie);
// Redirect the user to the default admin page
return RedirectToAction("index", "admin_default");
}
else
{
// Create a new administrator
Administrator admin = new Administrator();
admin.admin_user_name = user_name;
// Set the form data
ViewBag.Administrator = admin;
ViewBag.TranslatedTexts = translatedTexts;
ViewBag.ErrorMessage = "• " + translatedTexts.Get("error_login");
// Return the index view
return View("index");
}
} // End of the index method
} // End of the SendEmailToHost method
/// <summary>
/// Send an email to a user
/// </summary>
/// <param name="toAddress">The address to send the email to</param>
/// <param name="subject">The subject for the mail message</param>
/// <param name="message">The mail message</param>
public static bool SendEmailToUser(string toAddress, string subject, string message)
{
// Create the boolean to return
bool successful = true;
// Get the webshop settings
KeyStringList webshopSettings = WebsiteSetting.GetAllFromCache();
// Create variables
string host = webshopSettings.Get("SEND-EMAIL-HOST");
Int32 port = 0;
Int32.TryParse(webshopSettings.Get("SEND-EMAIL-PORT"), out port);
string emailAddress = webshopSettings.Get("SEND-EMAIL-ADDRESS");
string password = webshopSettings.Get("SEND-EMAIL-PASSWORD");
string useSSL = webshopSettings.Get("SEND-EMAIL-USE-SSL");
// Create the SmtpClient instance
SmtpClient smtp = new SmtpClient(host, port);
smtp.Credentials = new NetworkCredential(emailAddress, password);
// Check if SSL should be used
if (useSSL.ToLower() == "true")
{
smtp.EnableSsl = true;
}
// Try to send the mail message
try
{
// Create the mail message instance
MailMessage mailMessage = new MailMessage(emailAddress, toAddress);
// Create the mail message
mailMessage.Subject = subject;
mailMessage.Body = message;
mailMessage.IsBodyHtml = true;
// Send the mail message
smtp.Send(mailMessage);
}
catch (Exception ex)
{
string exceptionMessage = ex.Message;
successful = false;
}
// Return the boolean
return successful;
} // End of the SendEmailToUser method
public ActionResult layout(string id = "")
{
// Get website settings
KeyStringList websiteSettings = WebsiteSetting.GetAllFromCache();
string redirectHttps = websiteSettings.Get("REDIRECT-HTTPS");
// Create a new cookie
HttpCookie aCookie = new HttpCookie("LayoutType");
aCookie.Value = id;
// Set the expiration and add the cookie
aCookie.Expires = DateTime.UtcNow.AddDays(1);
aCookie.HttpOnly = true;
aCookie.Secure = redirectHttps.ToLower() == "true" ? true : false;
Response.Cookies.Add(aCookie);
// Redirect the user to the new url
return Redirect("/");
} // End of the layout method
public ActionResult index()
{
// Get the current domain
Domain currentDomain = Tools.GetCurrentDomain();
ViewBag.CurrentDomain = currentDomain;
// Get query paramaters
ViewBag.QueryParams = new QueryParams(Request);
// Check if the administrator is authorized
if (Administrator.IsAuthorized(new string[] { "Administrator", "Editor" }) == true)
{
ViewBag.AdminSession = true;
}
else if (Administrator.IsAuthorized(Administrator.GetAllAdminRoles()) == true)
{
ViewBag.AdminSession = true;
ViewBag.AdminErrorCode = 1;
ViewBag.TranslatedTexts = StaticText.GetAll(currentDomain.back_end_language, "id", "ASC");
return View("~/Views/admin_default/index.cshtml");
}
else
{
// Redirect the user to the start page
return RedirectToAction("index", "admin_login");
}
// Get the default admin language
Int32 adminLanguageId = currentDomain.back_end_language;
// Add data to the view
ViewBag.TranslatedTexts = StaticText.GetAll(adminLanguageId, "id", "ASC");
ViewBag.WebsiteSettings = WebsiteSetting.GetAllFromCache();
// Return the view
return View();
} // End of the index method
public ActionResult login(FormCollection collection)
{
// Get data from the form
string returnUrl = collection["hiddenReturnUrl"];
string user_name = collection["txtUserName"];
string password = collection["txtPassword"];
// Get the user
Administrator user = Administrator.GetOneByUserName(user_name);
// Get the current domain
Domain currentDomain = Tools.GetCurrentDomain();
// Get translated texts
KeyStringList tt = StaticText.GetAll(currentDomain.front_end_language, "id", "ASC");
// Check if the user exists and if the password is correct
if (user != null && Administrator.ValidatePassword(user_name, password) == true)
{
// Get website settings
KeyStringList websiteSettings = WebsiteSetting.GetAllFromCache();
string redirectHttps = websiteSettings.Get("REDIRECT-HTTPS");
// Create the administrator cookie
HttpCookie adminCookie = new HttpCookie("Administrator");
adminCookie.Value = Tools.ProtectCookieValue(user.id.ToString(), "Administration");
adminCookie.Expires = DateTime.UtcNow.AddDays(1);
adminCookie.HttpOnly = true;
adminCookie.Secure = redirectHttps.ToLower() == "true" ? true : false;
Response.Cookies.Add(adminCookie);
// Redirect the user to the checkout page
return Redirect(returnUrl);
}
else
{
// Create a new user
user = new Administrator();
user.admin_user_name = user_name;
string error_message = "• " + tt.Get("error_login");
// Create the bread crumb list
List<BreadCrumb> breadCrumbs = new List<BreadCrumb>(3);
breadCrumbs.Add(new BreadCrumb(tt.Get("start_page"), "/"));
breadCrumbs.Add(new BreadCrumb(tt.Get("my_pages"), "/user"));
breadCrumbs.Add(new BreadCrumb(tt.Get("log_in"), "/user/login"));
// Set values
ViewBag.BreadCrumbs = breadCrumbs;
ViewBag.CurrentCategory = new Category();
ViewBag.TranslatedTexts = tt;
ViewBag.CurrentDomain = currentDomain;
ViewBag.CurrentLanguage = Language.GetOneById(currentDomain.front_end_language);
ViewBag.User = user;
ViewBag.ErrorMessage = error_message;
ViewBag.CultureInfo = Tools.GetCultureInfo(ViewBag.CurrentLanguage);
// Return the login view
return currentDomain.custom_theme_id == 0 ? View() : View("/Views/theme/user_login.cshtml");
}
} // End of the login method
public ActionResult edit(FormCollection collection)
{
// Get all the form values
Int32 id = Convert.ToInt32(collection["txtId"]);
string user_name = collection["txtUserName"];
string password = collection["txtPassword"];
string email = collection["txtEmail"];
string author_name = collection["txtAuthorName"];
string author_description = collection["txtAuthorDescription"];
HttpPostedFileBase authorImage = Request.Files["uploadMainImage"];
// Modify the author description
author_description = author_description.Replace(Environment.NewLine, "<br />");
// Get the current domain
Domain domain = Tools.GetCurrentDomain();
// Get translated texts
KeyStringList tt = StaticText.GetAll(domain.front_end_language, "id", "ASC");
// Get the user
Administrator user = Administrator.GetOneById(id, domain.front_end_language);
// Check if the user exists
if (user == null)
{
// Check if the user exists but not are translated
user = Administrator.GetOneById(id);
if(user == null)
{
// Create an empty user
user = new Administrator();
}
}
// Update values
user.admin_user_name = user_name;
user.email = email;
user.author_name = author_name;
user.author_description = author_description;
// Create a error message
string errorMessage = string.Empty;
// Get the user on user name
Administrator userOnUserName = Administrator.GetOneByUserName(user.admin_user_name);
// Check for errors
if (userOnUserName != null && user.id != userOnUserName.id)
{
errorMessage += "• " + String.Format(tt.Get("error_field_unique"), tt.Get("user_name")) + "<br/>";
}
if (user.admin_user_name.Length > 50)
{
errorMessage += "• " + String.Format(tt.Get("error_field_length"), tt.Get("user_name"), "50") + "<br/>";
}
if (user.author_name.Length > 50)
{
errorMessage += "• " + String.Format(tt.Get("error_field_length"), tt.Get("name"), "50") + "<br/>";
}
if (AnnytabDataValidation.IsEmailAddressValid(user.email) == null)
{
errorMessage += "• " + tt.Get("error_email_valid") + "<br/>";
}
if (authorImage.ContentLength > 0 && Tools.IsImageJpeg(authorImage) == false)
{
errorMessage += "• " + tt.Get("error_invalid_jpeg") + "<br/>";
}
if (authorImage.ContentLength > 262144)
{
errorMessage += "• " + String.Format(tt.Get("error_image_size"), "256 kb") + "<br/>"; ;
}
// Check if there is errors
if (errorMessage == string.Empty)
{
// Check if we should add or update the user
if (user.id == 0)
{
// Add the user
user.admin_role = "User";
Int64 insertId = Administrator.AddMasterPost(user);
user.id = Convert.ToInt32(insertId);
Administrator.AddLanguagePost(user, domain.front_end_language);
Administrator.UpdatePassword(user.id, PasswordHash.CreateHash(password));
// Get website settings
KeyStringList websiteSettings = WebsiteSetting.GetAllFromCache();
string redirectHttps = websiteSettings.Get("REDIRECT-HTTPS");
// Create the administrator cookie
HttpCookie adminCookie = new HttpCookie("Administrator");
adminCookie.Value = Tools.ProtectCookieValue(user.id.ToString(), "Administration");
adminCookie.Expires = DateTime.UtcNow.AddDays(1);
adminCookie.HttpOnly = true;
adminCookie.Secure = redirectHttps.ToLower() == "true" ? true : false;
Response.Cookies.Add(adminCookie);
}
else
{
// Update the user
Administrator.UpdateMasterPost(user);
// Update or add the language post
if (Administrator.GetOneById(id, domain.front_end_language) != null)
{
Administrator.UpdateLanguagePost(user, domain.front_end_language);
}
else
{
Administrator.AddLanguagePost(user, domain.front_end_language);
}
// Only update the password if it has changed
if (password != "")
{
Administrator.UpdatePassword(user.id, PasswordHash.CreateHash(password));
}
}
// Update the image
if (authorImage.ContentLength > 0)
{
UpdateImage(user.id, authorImage);
}
// Redirect the user to the start page
return RedirectToAction("index");
}
else
{
// Create the bread crumb list
List<BreadCrumb> breadCrumbs = new List<BreadCrumb>(3);
breadCrumbs.Add(new BreadCrumb(tt.Get("start_page"), "/"));
breadCrumbs.Add(new BreadCrumb(tt.Get("my_pages"), "/user"));
breadCrumbs.Add(new BreadCrumb(tt.Get("edit") + " " + tt.Get("user_details").ToLower(), "/user/edit"));
// Set form values
ViewBag.BreadCrumbs = breadCrumbs;
ViewBag.ErrorMessage = errorMessage;
ViewBag.CurrentCategory = new Category();
ViewBag.CurrentDomain = domain;
ViewBag.CurrentLanguage = Language.GetOneById(domain.front_end_language);
ViewBag.TranslatedTexts = tt;
ViewBag.User = user;
ViewBag.CultureInfo = Tools.GetCultureInfo(ViewBag.CurrentLanguage);
// Return the edit view
return domain.custom_theme_id == 0 ? View("edit") : View("/Views/theme/edit_user_details.cshtml");
}
} // End of the edit method
public async Task<ActionResult> google_login_callback()
{
// Get the current domain
Domain domain = Tools.GetCurrentDomain();
// Get the state
string state = "";
if (Request.Params["state"] != null)
{
state = Server.UrlDecode(Request.Params["state"]);
}
// Get the state stored in the session
string sessionState = "";
if(Session["GoogleState"] != null)
{
sessionState = Session["GoogleState"].ToString();
}
// Get the code
string code = "";
if (Request.Params["code"] != null)
{
code = Server.UrlDecode(Request.Params["code"]);
}
// Check if this is a valid callback
if (state != sessionState || code == "")
{
// Redirect the user
return Redirect("/");
}
// Get website settings
KeyStringList websiteSettings = WebsiteSetting.GetAllFromCache();
string redirectHttps = websiteSettings.Get("REDIRECT-HTTPS");
// Get the access token
string access_token = await AnnytabExternalLogin.GetGoogleAccessToken(domain, code);
// Get the google user
Dictionary<string, object> googleUser = await AnnytabExternalLogin.GetGoogleUser(domain, access_token);
// Get the google data
string googleId = googleUser.ContainsKey("id") == true ? googleUser["id"].ToString() : "";
string googleName = googleUser.ContainsKey("displayName") == true ? googleUser["displayName"].ToString() : "";
// Get the signed in user
Administrator user = Administrator.GetSignedInAdministrator();
// Check if the user exists or not
if (googleId != "" && user != null)
{
// Update the user
user.google_user_id = googleId;
Administrator.UpdateMasterPost(user);
// Redirect the user to his start page
return RedirectToAction("index", "user");
}
else if (googleId != "" && user == null)
{
// Check if we can find a user with the google id
user = Administrator.GetOneByGoogleUserId(googleId);
// Check if the user exists
if (user == null)
{
// Create a new administrator
user = new Administrator();
user.admin_user_name = googleId + "_google";
user.admin_password = PasswordHash.CreateHash(Tools.GeneratePassword());
user.admin_role = "User";
user.author_name = "-";
user.google_user_id = googleId;
// Add the new Administrator
Int64 insertId = Administrator.AddMasterPost(user);
user.id = Convert.ToInt32(insertId);
Administrator.AddLanguagePost(user, domain.front_end_language);
Administrator.UpdatePassword(user.id, PasswordHash.CreateHash(user.admin_password));
// Create the administrator cookie
HttpCookie adminCookie = new HttpCookie("Administrator");
adminCookie.Value = Tools.ProtectCookieValue(user.id.ToString(), "Administration");
adminCookie.Expires = DateTime.UtcNow.AddDays(1);
adminCookie.HttpOnly = true;
adminCookie.Secure = redirectHttps.ToLower() == "true" ? true : false;
Response.Cookies.Add(adminCookie);
// Redirect the user to the edit user page
return Redirect("/user/edit");
}
else
{
// Create the administrator cookie
HttpCookie adminCookie = new HttpCookie("Administrator");
adminCookie.Value = Tools.ProtectCookieValue(user.id.ToString(), "Administration");
adminCookie.Expires = DateTime.UtcNow.AddDays(1);
adminCookie.HttpOnly = true;
adminCookie.Secure = redirectHttps.ToLower() == "true" ? true : false;
Response.Cookies.Add(adminCookie);
// Redirect the user to the start page
return RedirectToAction("index");
}
}
else
{
// Redirect the user to the login
return RedirectToAction("login", "user");
}
} // End of the google_login_callback method
