protected void btnRequest_Click(object sender, System.EventArgs e)
{
if (txEmail.Text.Trim() != "")
{
if (tbImgCode.Text == (string)Session["CaptchaImageText"])
{
this.Cn.Open();
object res = Cn.ExecuteScalar("SELECT UserName FROM ForumUsers WHERE Email=?", txEmail.Text.Trim());
if (res == null)
{
Cn.Close();
lblEmailNotFound.Visible = true;
return; //no user found
}
string newPsw = CryptoUtils.GenerateRandomCode(7);
string newPswHash = Utils.Password.CalculateHash(newPsw);
Cn.ExecuteNonQuery("UPDATE ForumUsers SET [Password]=? WHERE Email=?", newPswHash, txEmail.Text.Trim());
this.Cn.Close();
SendPsw(txEmail.Text.Trim(), res.ToString(), newPsw);
tblMain.Visible = false;
lblOk.Visible = true;
}
else
{
lblWrongCode.Visible = true;
}
}
}
protected void btnAdd_Click(object sender, EventArgs e)
{
int parentid = 0, subforumid = 0;
int.TryParse(ddlParentForum.SelectedValue, out parentid);
int.TryParse(ddlSubForum.SelectedValue, out subforumid);
Cn.Open();
//reverse subforum check
object res = Cn.ExecuteScalar("SELECT ParentForumID FROM ForumSubforums WHERE ParentForumID=" + subforumid + " AND SubForumID=" + parentid);
if (parentid != 0 && parentid != subforumid && res == null)
{
lblError.Visible = false;
Cn.ExecuteNonQuery("INSERT INTO ForumSubforums (ParentForumID, SubForumID) VALUES (?, ?)", parentid, subforumid);
}
else
{
lblError.Visible = true;
}
Cn.Close();
BindDropDownLists();
BindSubForums();
}
protected void btnChangePsw_Click(object sender, System.EventArgs e)
{
if (tbNewPsw1.Text == "" || tbNewPsw2.Text == "" || tbNewPsw1.Text != tbNewPsw2.Text)
{
lblResult.Text = Resources.various.ErrorPasswordsDoNotMatch;
return;
}
if (tbNewPsw1.Text.Length < Utils.Settings.MinPasswordLength)
{
lblResult.Text = string.Format("Password is too short, {0} characters minimum", Utils.Settings.MinPasswordLength);
return;
}
Cn.Open();
var res = Cn.ExecuteScalar("SELECT UserID FROM ForumUsers WHERE (Password=?) AND UserID=?",
Utils.Password.CalculateHash(tbOldPsw.Text), _editedUserID);
if (IsAdministrator || res != null)
{
Cn.ExecuteNonQuery("UPDATE ForumUsers SET [Password]=? WHERE UserID=?", Utils.Password.CalculateHash(tbNewPsw1.Text), _editedUserID);
lblResult.Text = Resources.various.PasswordChanged;
}
else
{
lblResult.Text = Resources.various.ErrorWrongOldPassword;
}
Cn.Close();
}
protected void Page_Load(object sender, EventArgs e)
{
string username = Request.QueryString["user"];
string code = Request.QueryString["code"];
if (username == null || code == null)
{
Response.End();
return;
}
Cn.Open();
object res = Cn.ExecuteScalar(
"select UserID from ForumUsers WHERE UserName=? AND ActivationCode=?",
username,
code);
Cn.Close();
if (res != null)
{
Utils.User.EnableUser(Convert.ToInt32(res), false);
lblSuccess.Visible = true;
lblError.Visible = false;
}
else
{
lblError.Visible = true;
lblSuccess.Visible = false;
}
}
protected void btnSave_Click(object sender, System.EventArgs e)
{
if (tbForumGroup.Text.Trim() == "" && ddlForumGroup.Items.Count == 0)
{
Response.Write("error");
return;
}
Cn.Open();
int forumGroup = 0;
if (tbForumGroup.Text.Trim() != "")
{
Cn.ExecuteNonQuery("INSERT INTO ForumGroups (GroupName) VALUES (?)", tbForumGroup.Text);
forumGroup = Convert.ToInt32(Cn.ExecuteScalar("SELECT GroupID FROM ForumGroups WHERE GroupName='" + tbForumGroup.Text + "'"));
}
else
{
forumGroup = int.Parse(ddlForumGroup.SelectedValue);
}
string uploadDir = Attachments.GetIconsDirAbsolutePath();
string iconFileName = iconUpload.PostedFile.FileName;
if (iconFileName != "" && !Attachments.IsExtForbidden(iconFileName))
{
//deleting old iconfile form disk
object res = Cn.ExecuteScalar("SELECT IconFile FROM Forums WHERE ForumID=" + _forumId);
if (res != null && res.ToString() != "")
{
File.Delete(uploadDir + "\\" + res);
}
iconFileName = Path.GetFileName(iconFileName);
//rename if the file already exists
iconFileName = Utils.Attachments.ChangeFileNameIfAlreadyExists(iconFileName, uploadDir);
iconUpload.PostedFile.SaveAs(uploadDir + "\\" + iconFileName);
//saving icon to DB
Cn.ExecuteNonQuery("UPDATE Forums SET IconFile=? WHERE ForumID=?", iconFileName, _forumId);
}
Cn.ExecuteNonQuery("UPDATE Forums SET Title=?, Description=?, Premoderated=?, GroupID=?, MembersOnly=?, RestrictTopicCreation=? WHERE ForumID=?",
tbTitle.Text, tbDescr.Text, cbPremoderated.Checked, forumGroup, cbMembersOnly.Checked, cbRestrictTopicCreation.Checked, _forumId);
Cn.Close();
//to update the front-page with new name, icon etc.
Forum.ClearFrontPageCacheForGuests();
Response.Redirect("admin.aspx", true);
//tbForumGroup.Text = "";
//BindForumProperties();
}
protected void btnSave_Click(object sender, System.EventArgs e)
{
//reset avatar cache for current user (BECAUSE email can change!!!!)
if (Utils.User.CurrentUserID == _editedUserID)
{
Session["AvatarPath"] = null;
}
string username = tbUsername.Text.Replace("<", "<").Replace(">", ">");
string email = tbEmail.Text.Replace("<", "<").Replace(">", ">");
string interests = tbInterests.Text.Replace("<", "<").Replace(">", ">");
string homepage = tbHomepage.Text.Replace("<", "<").Replace(">", ">");
string firstName = tbFirstName.Text.Trim().Replace("<", "<").Replace(">", ">");
string lastName = tbLastName.Text.Trim().Replace("<", "<").Replace(">", ">");
string signature = tbSignature.Text.Trim().Replace("<", "<").Replace(">", ">");
signature = (signature.Length > 1000 ? signature.Substring(0, 1000) : signature);
//check is a user tries to change his username but IntegratedAuth is ON
if (Utils.Settings.IntegratedAuthentication &&
_editedUserID == CurrentUserID &&
tbUsername.Text.ToLower() != Session["aspnetforumUserName"].ToString().ToLower())
{
lblResult.Text = Resources.various.ErrorIntegratedUserName;
return;
}
//check username uniqueness
Cn.Open();
var res = Cn.ExecuteScalar("SELECT UserID FROM ForumUsers WHERE UserName=? AND UserID<>?", username, _editedUserID);
if (res != null)
{
Cn.Close();
lblResult.Text = string.Format(Resources.various.ErrorUserExists, username);
return;
}
//update settings
Cn.ExecuteNonQuery("UPDATE ForumUsers SET UserName=?, Email=?, Homepage=?, Interests=?, Signature=?, FirstName=?, LastName=?, HidePresence=? WHERE UserID=?",
username, email, homepage, interests, signature, firstName, lastName, cbHidePresence.Checked, _editedUserID);
Cn.Close();
if (_editedUserID == CurrentUserID)
{
Session["aspnetforumUserName"] = username;
}
lblResult.Text = Resources.various.ProfileSaved;
//to show avatar img
ShowUserInfo();
}
private void SubscribeButtonVisibility()
{
if (!_bMailNotificationsEnabled || CurrentUserID == 0)
{
btnSubscribeTop.Visible = spanSubcriptionTop.Visible = false;
btnUnsubscribeTop.Visible = false;
return;
}
spanSubcriptionTop.Visible = true;
object res = Cn.ExecuteScalar("SELECT TopicID FROM ForumSubscriptions WHERE UserID=" + CurrentUserID + " AND TopicID=" + _topicID);
btnSubscribeTop.Visible = (res == null);
btnUnsubscribeTop.Visible = (res != null);
}
protected void btnReset_Click(object sender, System.EventArgs e)
{
string uploadDir = Utils.Attachments.GetIconsDirAbsolutePath();
Cn.Open();
//deleting old iconfile form disk
object res = Cn.ExecuteScalar("SELECT IconFile FROM Forums WHERE ForumID=" + _forumId);
if (res != null && res.ToString() != "")
{
File.Delete(uploadDir + "\\" + res);
}
//saving icon to DB
Cn.ExecuteNonQuery("UPDATE Forums SET IconFile=? WHERE ForumID=?", "", _forumId);
Cn.Close();
imgForumIcon.ImageUrl = forums.GetForumIcon("");
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
Cn.Open();
object res = Cn.ExecuteScalar("SELECT ForumID FROM Forums");
Cn.Close();
if (res == null)
{
lblNoForumsFound.Visible = true;
divAddSubforum.Visible = false;
lblNoSubForums.Visible = true;
return;
}
BindSubForums();
BindDropDownLists();
}
}
protected void btnAdd_Click(object sender, EventArgs e)
{
if (!IsValid)
{
return;
}
string username = txUserName.Text.Trim();
Cn.Open();
var res = Cn.ExecuteScalar("select UserID from ForumUsers WHERE UserName=?", username);
if (res == null)
{
res = Cn.ExecuteScalar("select UserID from ForumUsers WHERE Email=?", txEmail.Text);
if (res == null)
{
int userId = Utils.User.CreateUser(username, txEmail.Text, Utils.Password.CalculateHash(txPsw.Text), txHomepage.Text, string.Empty, false);
lblError.Visible = false;
lblSuccess.Visible = true;
Response.Redirect("viewprofile.aspx?UserID=" + userId);
}
else
{
lblError.Text = "Email address already exists!";
lblError.Visible = true;
lblSuccess.Visible = false;
}
}
else
{
lblError.Text = "User already exists!";
lblError.Visible = true;
lblSuccess.Visible = false;
}
Cn.Close();
}
protected void Page_Load(object sender, System.EventArgs e)
{
//firefox html3.2 rendering fix
cboWhoAmI.Style.Add("width", "30%");
tbSubj.Style.Add("width", "100%");
tbMsg.Style.Add("width", "100%");
tbSubj.Attributes["placeholder"] = Resources.various.Subject;
btnSave.Text = Resources.various.AddMessage;
cbSubscribe.Text = Resources.various.NotifyMeOnReply;
_allowFileUploads = Utils.Settings.EnableFileUploads;
divFiles.Visible = _allowFileUploads && (CurrentUserID != 0) && !_isIPhoneOrAndroid;
_allowGuestPosts = Utils.Settings.AllowGuestPosts;
if (Request.QueryString["TopicID"] != null)
{
_topicID = int.Parse(Request.QueryString["TopicID"]);
}
if (Request.QueryString["ForumID"] != null)
{
_forumID = int.Parse(Request.QueryString["ForumID"]);
}
if (_forumID == 0 && _topicID == 0)
{
Response.Write("Either Topic or Forum must be specified");
Response.End();
}
//if we have an unauthorized user
if (CurrentUserID == 0 && !_allowGuestPosts)
{
Response.Write("Sorry, posting and editing is allowed only for authenticated users");
Response.End();
}
cbSubscribe.Visible = Utils.Settings.MailNotificationsEnabled && (CurrentUserID != 0) && !_isIPhoneOrAndroid;
btnSmilies.Visible = Utils.Settings.AllowSmilies && !_isIPhoneOrAndroid;
spanUtils.Visible = divEditbar.Visible = btnPreview.Visible = !_isIPhoneOrAndroid;
Cn.Open();
// Figure out if we're editing or quoting a message, and extract the ID.
_messageId = 0;
if (Request.QueryString["Edit"] != null)
{
_messageId = int.Parse(Request.QueryString["Edit"]);
_isEditing = true;
btnSave.Text = "update message";
//check if it's the first msg in a topic - to see if we should allow changing the topic text
object res = Cn.ExecuteScalar("SELECT MIN(MessageID) FROM ForumMessages WHERE TopicID=" + _topicID);
_changeTopic = (Convert.ToInt32(res) == _messageId);
}
if (Request.QueryString["Quote"] != null)
{
_messageId = int.Parse(Request.QueryString["Quote"]);
_isEditing = false;
}
if (_forumID == 0) //we're NOT adding a new topic to a forum, we're adding msg to an existing
{
_addTopic = false;
bool isTopicClosed = false;
string tWhoAmI = "";
DbDataReader dr = Cn.ExecuteReader("SELECT Forums.ForumID, Forums.Title, Forums.Premoderated, ForumTopics.IsClosed, ForumTopics.Subject, ForumTopics.WhoAmI FROM Forums INNER JOIN ForumTopics ON Forums.ForumID=ForumTopics.ForumID WHERE ForumTopics.TopicID=" + _topicID);
if (dr.Read())
{
_forumID = Convert.ToInt32(dr["ForumID"]);
_premoderated = Convert.ToBoolean(dr["Premoderated"]);
isTopicClosed = Convert.ToBoolean(dr["IsClosed"]);
ForumTitle = dr["Title"].ToString();
cboWhoAmI.SelectedValue = dr["WhoAmI"].ToString();
if (_changeTopic)
{
if (!IsPostBack)
{
tbSubj.Text = dr["Subject"].ToString();
}
}
else
{
lblSubjectText.Text = dr["Subject"].ToString(); //let's hsow the subj when replying
}
}
dr.Close();
if (isTopicClosed && !_isEditing)
{
Cn.Close();
Response.End();
return;
}
}
else //we're adding a NEW TOPIC to a forum
{
_addTopic = true;
DbDataReader dr = Cn.ExecuteReader("SELECT Forums.ForumID, Forums.Title, Forums.Premoderated FROM Forums WHERE Forums.ForumID=" + _forumID);
if (dr.Read())
{
_premoderated = Convert.ToBoolean(dr["Premoderated"]);
ForumTitle = dr["Title"].ToString();
}
dr.Close();
}
divPolls.Visible = _addTopic && !_isIPhoneOrAndroid;
if (!Utils.Forum.CheckForumPostPermissions(_forumID, CurrentUserID))
{
lblDenied.Visible = true;
divMain.Visible = false;
}
if (_addTopic || _changeTopic)
{
tbSubj.Visible = true;
reqSubject.Enabled = true;
}
if (!_addTopic)
{
if (!IsPostBack)
{
//set the "subscribe me" checkbox
if (cbSubscribe.Visible)
{
var res = Cn.ExecuteScalar("SELECT UserID FROM ForumSubscriptions WHERE UserID=" + CurrentUserID + " AND TopicID=" + _topicID);
cbSubscribe.Checked = (res != null);
}
if (!_isIPhoneOrAndroid)
{
//display previous messages in a topic
var dr = Cn.ExecuteReader(
@"SELECT ForumMessages.Body, ForumUsers.UserName, ForumMessages.CreationDate
FROM ForumMessages LEFT JOIN ForumUsers ON ForumUsers.UserID=ForumMessages.UserID
WHERE ForumMessages.TopicID=" + _topicID + " and ForumMessages.Visible=? ORDER BY ForumMessages.CreationDate DESC", true);
rptMessages.DataSource = dr;
rptMessages.DataBind();
dr.Close();
}
else
{
rptMessages.Visible = false;
}
}
}
//if we-re quoting or editing
if (_messageId != 0)
{
//get the author of the edited message
object res = Cn.ExecuteScalar("SELECT UserID FROM ForumMessages WHERE MessageID=" + _messageId);
_messageAuthorID = (res == null ? -1 : Convert.ToInt32(res));
//IF not PostBack - lets pre-fill the body field with the message text and show attachments
if (!IsPostBack)
{
DbDataReader dr;
//show attachments
if (_isEditing)
{
dr = Cn.ExecuteReader("SELECT FileID, FileName FROM ForumUploadedFiles WHERE MessageID=" + _messageId);
rptExistingFiles.DataSource = dr;
rptExistingFiles.DataBind();
rptExistingFiles.Visible = (rptExistingFiles.Items.Count > 0);
dr.Close();
}
dr = Cn.ExecuteReader("SELECT ForumMessages.Body, ForumUsers.UserName, ForumUsers.FirstName, ForumUsers.LastName, ForumMessages.UserID FROM ForumMessages LEFT OUTER JOIN ForumUsers ON ForumUsers.UserID=ForumMessages.UserID WHERE ForumMessages.MessageID=" + _messageId);
if (dr.Read())
{
string body = dr["Body"].ToString().Replace("<br>", "\r\n").Replace("<br/>", "\r\n").Replace("<br />", "\r\n");
body = System.Text.RegularExpressions.Regex.Replace(body, @"<\S[^>]*>", "");
//if its quoting
if (!_isEditing)
{
//remove domain from username (in case its windows auth)
string uname = Utils.User.GetUserDisplayName(dr["UserName"].ToString(), dr["FirstName"].ToString(), dr["LastName"].ToString());
tbMsg.Text = "[quote=" + uname + "]" + body + "[/quote]\r\n\r\n";
}
else //if its editing
{
tbMsg.Text = body;
}
}
dr.Close();
}
}
Cn.Close();
}
protected void btnSave_Click(object sender, System.EventArgs e)
{
if (CurrentUserID == 0 && _allowGuestPosts)
{
if (tbImgCode.Text != (string)Session["CaptchaImageText"])
{
return;
}
}
string WhoAmI = cboWhoAmI.SelectedValue;
if (WhoAmI == "")
{
return;
}
string msg = tbMsg.Text.Trim();
if (msg == "")
{
return;
}
msg = msg.Replace("<", "<").Replace(">", ">");
bool isModer = IsModerator(_forumID);
bool shouldItBeVisible = (!_premoderated) || isModer;
if (!Utils.Attachments.CheckAttachmentsSize())
{
lblMaxSize.Text = Utils.Settings.MaxUploadFileSize / 1000 + " Kb";
lblMaxSize.Visible = lblFileSizeError.Visible = true;
return;
}
else
{
lblMaxSize.Visible = lblFileSizeError.Visible = false;
}
Cn.Open();
if (_addTopic || _changeTopic) //creating a new topic or editing topic title
{
string subj = tbSubj.Text.Trim();
if (subj == "")
{
Cn.Close(); return;
}
if (WhoAmI == "")
{
Cn.Close(); return;
}
subj = subj.Replace("<", "<").Replace(">", ">");
if (_addTopic)
{
//_topicID = Utils.Topic.CreateTopic(Cn, _forumID, CurrentUserID, subj, msg, WhoAmI, shouldItBeVisible);
//CREATE A POLL (if specified)
string pollQuestion = tbPollQuestion.Text.Trim().Replace("<", "<").Replace(">", ">");
if (pollQuestion.Length > 0)
{
//add poll
Utils.Topic.CreatePoll(Cn, _topicID, pollQuestion, GetPollOptionsFromRequestForm());
}
}
else if (_changeTopic) //edit topic subj
{
Utils.Topic.ChangeTopicSubject(Cn, _topicID, subj);
}
}
//saving notifications settings
Utils.SendNotifications.UpdateTopicNotificationSettings(CurrentUserID, _topicID, cbSubscribe.Checked, Cn);
// MESSAGE: Inserting or updating?
if (_isEditing)
{
//if moderatro, admin or message author
if (isModer || _messageAuthorID == CurrentUserID)
{
Utils.Message.UpdateMessageText(Cn, _messageId, msg, shouldItBeVisible);
Utils.Attachments.SaveAttachments(_messageId, false, Cn);
}
}
else //inserting
{
_messageId = Utils.Message.AddMessage(Cn, _topicID, msg, shouldItBeVisible, Utils.Various.GetUserIpAddress(Request), _addTopic, WhoAmI);
Utils.Attachments.SaveAttachments(_messageId, false, Cn);
}
if (_premoderated && !isModer)
{
Cn.Close();
Response.Redirect("premoderatedmessage.aspx");
}
else
{
//count messages to compute the number of pages
//(needed to get the user redirected to the last page)
int numMessages = Convert.ToInt32(
Cn.ExecuteScalar("SELECT COUNT(MessageID) FROM ForumMessages WHERE Visible=? AND TopicID=" + _topicID, true));
int numPages = (numMessages - 1) / PageSize;
Cn.Close();
string subject = (_changeTopic || _addTopic) ? tbSubj.Text : lblSubjectText.Text;
string url = Utils.Various.GetTopicURL(_topicID, subject);
string sep = url.IndexOf("?") > -1 ? "&" : "?";
url = (numPages > 0) ? url + sep + "Page=" + numPages : url;
url += sep + "MessageID=" + _messageId;
Response.Redirect(url);
}
}
private void ShowPollIfAny()
{
object res = Cn.ExecuteScalar("SELECT PollID FROM ForumPolls WHERE TopicID=" + _topicID);
if (res == null) //it is NOT a poll
{
return;
}
_pollID = Convert.ToInt32(res);
divPoll.Visible = true;
bool bShowResults;
DbDataReader dr;
//get poll name
dr = Cn.ExecuteReader("SELECT * FROM ForumPolls WHERE PollID=" + _pollID);
dr.Read();
lblPollName.Text = dr["Question"].ToString();
dr.Close();
if (CurrentUserID != 0) //check if current user already voted
{
res = Cn.ExecuteScalar("SELECT UserID FROM ForumPollAnswers WHERE OptionID IN (SELECT OptionID FROM ForumPollOptions WHERE PollID=" + _pollID + ") AND UserID=" + CurrentUserID);
bShowResults = (res != null); //user has voted
}
else
{
bShowResults = true;
}
rblOptions.Visible = !bShowResults;
rptVoteResults.Visible = bShowResults;
btnVote.Visible = !bShowResults;
if (bShowResults) //showing poll results
{
DataTable dt = new DataTable();
dr = Cn.ExecuteReader(
@"SELECT COUNT(ForumPollAnswers.UserID) as VoteCount, ForumPollOptions.OptionID, ForumPollOptions.OptionText FROM ForumPollAnswers
RIGHT OUTER JOIN ForumPollOptions ON ForumPollOptions.OptionID = ForumPollAnswers.OptionID
WHERE ForumPollOptions.PollID=" + _pollID + @"
GROUP BY ForumPollOptions.OptionID, ForumPollOptions.OptionText" );
dt.Load(dr);
dr.Close();
//now let's fin max vote count\
_maxvotecount = 0;
foreach (DataRow row in dt.Rows)
{
if (_maxvotecount <= Convert.ToInt32(row["VoteCount"]))
{
_maxvotecount = Convert.ToInt32(row["VoteCount"]);
}
}
rptVoteResults.DataSource = dt;
rptVoteResults.DataBind();
}
else if (!IsNonLoginPostBack) //bind poll voting controls
{
dr = Cn.ExecuteReader("SELECT OptionID, OptionText FROM ForumPollOptions WHERE PollID=" + _pollID);
rblOptions.DataSource = dr;
rblOptions.DataBind();
dr.Close();
}
}
