public ActionResult Report(ReportPostViewModel viewModel) { if (Settings.EnableSpamReporting) { using (UnitOfWorkManager.NewUnitOfWork()) { var post = PostService.Get(viewModel.PostId); // Banned link? if (BannedLinkService.ContainsBannedLink(viewModel.Reason)) { ShowMessage(new GenericMessageViewModel { Message = Lang("Errors.BannedLink"), MessageType = GenericMessages.Danger }); return(Redirect(post.Topic.Url)); } var report = new Report { Reason = viewModel.Reason, ReportedPost = post, Reporter = CurrentMember }; ReportService.PostReport(report, EmailService); var message = new GenericMessageViewModel { Message = Lang("Report.ReportSent"), MessageType = GenericMessages.Success }; ShowMessage(message); return(Redirect(post.Topic.Url)); } } return(ErrorToHomePage(Lang("Errors.GenericMessage"))); }
public ActionResult Report(ReportMemberViewModel viewModel) { if (Settings.EnableMemberReporting) { using (UnitOfWorkManager.NewUnitOfWork()) { var user = MemberService.Get(viewModel.MemberId); // Banned link? if (BannedLinkService.ContainsBannedLink(viewModel.Reason)) { ShowMessage(new GenericMessageViewModel { Message = Lang("Errors.BannedLink"), MessageType = GenericMessages.Danger }); return(Redirect(user.Url)); } var report = new Report { Reason = viewModel.Reason, ReportedMember = user, Reporter = CurrentMember }; ReportService.MemberReport(report, EmailService); ShowMessage(new GenericMessageViewModel { Message = Lang("Report.ReportSent"), MessageType = GenericMessages.Success }); return(Redirect(user.Url)); } } return(ErrorToHomePage(Lang("Errors.GenericMessage"))); }
public ActionResult Create(CreateTopicViewModel topicViewModel) { if (ModelState.IsValid) { // Quick check to see if user is locked out, when logged in if (CurrentMember.IsLockedOut || CurrentMember.DisablePosting == true || !CurrentMember.IsApproved) { MemberService.LogOff(); return(ErrorToHomePage(Lang("Errors.NoPermission"))); } var successfullyCreated = false; var moderate = false; Category category; var topic = new Topic(); using (var unitOfWork = UnitOfWorkManager.NewUnitOfWork()) { // Before we do anything DB wise, check it contains no bad links if (BannedLinkService.ContainsBannedLink(topicViewModel.TopicContent)) { ShowMessage(new GenericMessageViewModel { Message = Lang("Errors.BannedLink"), MessageType = GenericMessages.Danger }); return(Redirect(Urls.GenerateUrl(Urls.UrlType.TopicCreate))); } // Not using automapper for this one only, as a topic is a post and topic in one category = CategoryService.Get(topicViewModel.Category); // First check this user is allowed to create topics in this category var permissions = PermissionService.GetPermissions(category, _membersGroup, MemberService, CategoryPermissionService); // Check this users role has permission to create a post if (permissions[AppConstants.PermissionDenyAccess].IsTicked || permissions[AppConstants.PermissionReadOnly].IsTicked || !permissions[AppConstants.PermissionCreateTopics].IsTicked) { // Throw exception so Ajax caller picks it up ModelState.AddModelError(string.Empty, Lang("Errors.NoPermission")); } else { // We get the banned words here and pass them in, so its just one call // instead of calling it several times and each call getting all the words back topic = new Topic { Name = BannedWordService.SanitiseBannedWords(topicViewModel.TopicName, Dialogue.Settings().BannedWords), Category = category, CategoryId = category.Id, Member = CurrentMember, MemberId = CurrentMember.Id }; // See if the user has actually added some content to the topic if (!string.IsNullOrEmpty(topicViewModel.TopicContent)) { // Check for any banned words topicViewModel.TopicContent = BannedWordService.SanitiseBannedWords(topicViewModel.TopicContent, Dialogue.Settings().BannedWords); // See if this is a poll and add it to the topic if (topicViewModel.PollAnswers != null && topicViewModel.PollAnswers.Any(x => !string.IsNullOrEmpty(x.Answer))) { // Do they have permission to create a new poll if (permissions[AppConstants.PermissionCreatePolls].IsTicked) { // Create a new Poll var newPoll = new Poll { Member = CurrentMember, MemberId = CurrentMember.Id }; // Create the poll PollService.Add(newPoll); // Save the poll in the context so we can add answers unitOfWork.SaveChanges(); // Now sort the answers var newPollAnswers = new List <PollAnswer>(); foreach (var pollAnswer in topicViewModel.PollAnswers) { // Attach newly created poll to each answer pollAnswer.Poll = newPoll; PollService.Add(pollAnswer); newPollAnswers.Add(pollAnswer); } // Attach answers to poll newPoll.PollAnswers = newPollAnswers; // Save the new answers in the context unitOfWork.SaveChanges(); // Add the poll to the topic topic.Poll = newPoll; } else { //No permission to create a Poll so show a message but create the topic ShowMessage(new GenericMessageViewModel { Message = Lang("Errors.NoPermissionPolls"), MessageType = GenericMessages.Info }); } } // Check for moderation if (category.ModerateAllTopicsInThisCategory) { topic.Pending = true; moderate = true; } // Create the topic topic = TopicService.Add(topic); // Save the changes unitOfWork.SaveChanges(); // Now create and add the post to the topic TopicService.AddLastPost(topic, topicViewModel.TopicContent, PostService); // Update the users points score for posting MemberPointsService.Add(new MemberPoints { Points = Settings.PointsAddedPerNewPost, Member = CurrentMember, MemberId = CurrentMember.Id, RelatedPostId = topic.LastPost.Id }); // Now check its not spam var akismetHelper = new AkismetHelper(); if (akismetHelper.IsSpam(topic)) { // Could be spam, mark as pending topic.Pending = true; } // Subscribe the user to the topic as they have checked the checkbox if (topicViewModel.SubscribeToTopic) { // Create the notification var topicNotification = new TopicNotification { Topic = topic, Member = CurrentMember, MemberId = CurrentMember.Id }; //save TopicNotificationService.Add(topicNotification); } try { unitOfWork.Commit(); if (!moderate) { successfullyCreated = true; } // Update the users post count MemberService.AddPostCount(CurrentMember); } catch (Exception ex) { unitOfWork.Rollback(); LogError(ex); ModelState.AddModelError(string.Empty, Lang("Errors.GenericMessage")); } } else { ModelState.AddModelError(string.Empty, Lang("Errors.GenericMessage")); } } } using (UnitOfWorkManager.NewUnitOfWork()) { if (successfullyCreated) { // Success so now send the emails NotifyNewTopics(category); // Redirect to the newly created topic return(Redirect($"{topic.Url}?postbadges=true")); } if (moderate) { // Moderation needed // Tell the user the topic is awaiting moderation return(MessageToHomePage(Lang("Moderate.AwaitingModeration"))); } } } ShowMessage(); return(Redirect(Urls.GenerateUrl(Urls.UrlType.TopicCreate))); }
public PartialViewResult CreatePost(CreateAjaxPostViewModel post) { // Make sure correct culture on Ajax Call PermissionSet permissions; Post newPost; Topic topic; string postContent; using (var unitOfWork = UnitOfWorkManager.NewUnitOfWork()) { // Quick check to see if user is locked out, when logged in if (CurrentMember.IsLockedOut | !CurrentMember.IsApproved) { MemberService.LogOff(); throw new Exception(Lang("Errors.NoAccess")); } // Check for banned links if (BannedLinkService.ContainsBannedLink(post.PostContent)) { throw new Exception(Lang("Errors.BannedLink")); } topic = TopicService.Get(post.Topic); postContent = BannedWordService.SanitiseBannedWords(post.PostContent); var akismetHelper = new AkismetHelper(); // Create the new post newPost = PostService.AddNewPost(postContent, topic, CurrentMember, PermissionService, MemberService, CategoryPermissionService, MemberPointsService, out permissions); if (!akismetHelper.IsSpam(newPost)) { try { unitOfWork.Commit(); } catch (Exception ex) { unitOfWork.Rollback(); LogError(ex); throw new Exception(Lang("Errors.GenericMessage")); } } else { unitOfWork.Rollback(); throw new Exception(Lang("Errors.PossibleSpam")); } } //Check for moderation if (newPost.Pending) { return(PartialView(PathHelper.GetThemePartialViewPath("PostModeration"))); } // All good send the notifications and send the post back using (UnitOfWorkManager.NewUnitOfWork()) { // Create the view model var viewModel = PostMapper.MapPostViewModel(permissions, newPost, CurrentMember, Settings, topic, new List <Vote>(), new List <Favourite>()); // Success send any notifications NotifyNewTopics(topic, postContent); return(PartialView(PathHelper.GetThemePartialViewPath("Post"), viewModel)); } }
public ActionResult Edit(PostMemberEditViewModel userModel) { using (var unitOfWork = UnitOfWorkManager.NewUnitOfWork()) { var user = MemberService.Get(userModel.MemberEditViewModel.Id); var userEditUrl = $"{Urls.GenerateUrl(Urls.UrlType.EditMember)}?id={user.Id}"; // Before we do anything DB wise, check it contains no bad links if (BannedLinkService.ContainsBannedLink(userModel.MemberEditViewModel.Signature) || BannedLinkService.ContainsBannedLink(userModel.MemberEditViewModel.Website)) { ShowMessage(new GenericMessageViewModel { Message = Lang("Errors.BannedLink"), MessageType = GenericMessages.Danger }); return(Redirect(userEditUrl)); } // Sort image out first if (userModel.MemberEditViewModel.Files != null) { // Before we save anything, check the user already has an upload folder and if not create one //var uploadFolderPath = AppHelpers.GetMemberUploadPath(CurrentMember.Id); // Loop through each file and get the file info and save to the users folder and Db var file = userModel.MemberEditViewModel.Files[0]; if (file != null) { // If successful then upload the file var memberMediFolderId = MemberService.ConfirmMemberAvatarMediaFolder(); var uploadResult = UploadedFileService.UploadFile(file, memberMediFolderId, true); if (!uploadResult.UploadSuccessful) { ShowMessage(new GenericMessageViewModel { Message = uploadResult.ErrorMessage, MessageType = GenericMessages.Danger }); return(Redirect(userEditUrl)); } // Save avatar to user user.Avatar = uploadResult.UploadedFileUrl; } } user.Signature = BannedWordService.SanitiseBannedWords(AppHelpers.ScrubHtml(userModel.MemberEditViewModel.Signature)); if (userModel.MemberEditViewModel.Twitter != null && userModel.MemberEditViewModel.Twitter.IndexOf("http", StringComparison.OrdinalIgnoreCase) <= 0) { user.Twitter = BannedWordService.SanitiseBannedWords(AppHelpers.SafePlainText(userModel.MemberEditViewModel.Twitter)); } user.Website = BannedWordService.SanitiseBannedWords(AppHelpers.SafePlainText(userModel.MemberEditViewModel.Website)); user.Comments = BannedWordService.SanitiseBannedWords(AppHelpers.SafePlainText(userModel.MemberEditViewModel.Comments)); // User is trying to update their email address, need to // check the email is not already in use if (userModel.MemberEditViewModel.Email != user.Email) { // Add get by email address var sanitisedEmail = AppHelpers.SafePlainText(userModel.MemberEditViewModel.Email); var userWithSameEmail = MemberService.GetByEmail(sanitisedEmail); //Firstly check new email isn't banned! if (BannedEmailService.EmailIsBanned(sanitisedEmail)) { unitOfWork.Rollback(); ModelState.AddModelError(string.Empty, Lang("Error.EmailIsBanned")); ShowMessage(); return(Redirect(userEditUrl)); } // If the username doesn't match this user then someone else has this email address already if (userWithSameEmail != null && userWithSameEmail.UserName != user.UserName) { unitOfWork.Rollback(); ModelState.AddModelError(string.Empty, Lang("Members.Errors.DuplicateEmail")); ShowMessage(); return(Redirect(userEditUrl)); } user.Email = sanitisedEmail; } // User is trying to change username, need to check if a user already exists // with the username they are trying to change to var changedUsername = false; var sanitisedUsername = BannedWordService.SanitiseBannedWords(AppHelpers.SafePlainText(userModel.MemberEditViewModel.UserName)); if (sanitisedUsername != user.UserName) { if (MemberService.Get(sanitisedUsername) != null) { unitOfWork.Rollback(); ModelState.AddModelError(string.Empty, Lang("Members.Errors.DuplicateUserName")); ShowMessage(); return(Redirect(userEditUrl)); } user.UserName = sanitisedUsername; changedUsername = true; } // Update Everything MemberService.SaveMember(user, changedUsername); ActivityService.ProfileUpdated(user); ShowMessage(new GenericMessageViewModel { Message = Lang("Member.ProfileUpdated"), MessageType = GenericMessages.Success }); try { // Need to save member here unitOfWork.Commit(); if (changedUsername) { // User has changed their username so need to log them in // as there new username of var authCookie = Request.Cookies[FormsAuthentication.FormsCookieName]; if (authCookie != null) { var authTicket = FormsAuthentication.Decrypt(authCookie.Value); if (authTicket != null) { var newFormsIdentity = new FormsIdentity(new FormsAuthenticationTicket(authTicket.Version, user.UserName, authTicket.IssueDate, authTicket.Expiration, authTicket.IsPersistent, authTicket.UserData)); var roles = authTicket.UserData.Split("|".ToCharArray()); var newGenericPrincipal = new GenericPrincipal(newFormsIdentity, roles); System.Web.HttpContext.Current.User = newGenericPrincipal; } } // sign out current user FormsAuthentication.SignOut(); // Abandon the session Session.Abandon(); // Sign in new user FormsAuthentication.SetAuthCookie(user.UserName, false); } } catch (Exception ex) { unitOfWork.Rollback(); LogError(ex); ModelState.AddModelError(string.Empty, Lang("Errors.GenericMessage")); } ShowMessage(); return(Redirect(userEditUrl)); } }