protected void Page_Load(object sender, EventArgs e) { Master.SelectedTab = tabID.tabUnknown; string szUser = String.Empty; if (!IsPostBack) { lblErr.Text = String.Empty; string szAuthToken = util.GetStringParam(Request, "auth"); if (!String.IsNullOrEmpty(szAuthToken)) { using (MFBWebService ws = new MFBWebService()) szUser = ws.GetEncryptedUser(szAuthToken); } bool fIsLocalOrSecure = MFBWebService.CheckSecurity(Request); // If no valid auth token, fall back to the authenticated name. if (String.IsNullOrEmpty(szUser) && Page.User.Identity.IsAuthenticated && fIsLocalOrSecure) { szUser = Page.User.Identity.Name; } // Require a secure connection for other than debugging. if (!fIsLocalOrSecure && !Request.IsSecureConnection) { szUser = string.Empty; } try { if (String.IsNullOrEmpty(szUser)) { throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized); } int idFlight = util.GetIntParam(Request, "idFlight", LogbookEntry.idFlightNew); if (idFlight == LogbookEntry.idFlightNew) { throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized); } LogbookEntry le = new LogbookEntry(); if (!le.FLoadFromDB(idFlight, szUser)) { throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized); } mfbSignFlight.Flight = le; CFIStudentMap sm = new CFIStudentMap(szUser); if (sm.Instructors.Count() == 0) { mfbSignFlight.SigningMode = Controls_mfbSignFlight.SignMode.AdHoc; mfbSignFlight.CFIProfile = null; mvSignFlight.SetActiveView(vwAcceptTerms); } else { cmbInstructors.DataSource = sm.Instructors; cmbInstructors.DataBind(); mvSignFlight.SetActiveView(vwPickInstructor); } lblHeader.Text = String.Format(System.Globalization.CultureInfo.CurrentCulture, Resources.SignOff.SignFlightHeader, MyFlightbook.Profile.GetUser(le.User).UserFullName); lblDisclaimerResponse.Text = Branding.ReBrand(Resources.SignOff.SignDisclaimerAgreement1); lblDisclaimerResponse2.Text = Branding.ReBrand(Resources.SignOff.SignDisclaimerAgreement2); } catch (MyFlightbookException ex) { lblErr.Text = ex.Message; } } }
protected void Page_Load(object sender, EventArgs e) { Master.SelectedTab = tabID.tabUnknown; if (!IsPostBack) { lblErr.Text = String.Empty; string szAuthToken = util.GetStringParam(Request, "auth"); if (!String.IsNullOrEmpty(szAuthToken)) { Username = MFBWebService.GetEncryptedUser(szAuthToken); } bool fIsLocalOrSecure = MFBWebService.CheckSecurity(Request); // If no valid auth token, fall back to the authenticated name. if (String.IsNullOrEmpty(Username) && Page.User.Identity.IsAuthenticated && fIsLocalOrSecure) { Username = Page.User.Identity.Name; } // Require a secure connection for other than debugging. if (!fIsLocalOrSecure && !Request.IsSecureConnection) { Username = string.Empty; } try { if (String.IsNullOrEmpty(Username)) { throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized); } int idFlight = util.GetIntParam(Request, "idFlight", LogbookEntry.idFlightNew); if (idFlight == LogbookEntry.idFlightNew) { throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized); } LogbookEntry le = new LogbookEntry(); if (!le.FLoadFromDB(idFlight, Username)) { throw new MyFlightbookException(Resources.SignOff.errSignNotAuthorized); } mfbSignFlight.Flight = le; CFIStudentMap sm = new CFIStudentMap(Username); if (Username == null) { throw new MyFlightbookValidationException("No username for previously signed flights"); } Dictionary <string, LogbookEntry> d = PreviouslySignedAdhocFlights; // If no instructors, and no previously signed flights, assume ad-hoc and go straight to accept terms. if (!sm.Instructors.Any() && d.Keys.Count == 0) { mfbSignFlight.SigningMode = Controls_mfbSignFlight.SignMode.AdHoc; mfbSignFlight.CFIProfile = null; mvSignFlight.SetActiveView(vwAcceptTerms); } else { rptInstructors.DataSource = sm.Instructors; rptInstructors.DataBind(); List <string> lstKeys = new List <string>(d.Keys); lstKeys.Sort(); List <LogbookEntry> lstPrevInstructors = new List <LogbookEntry>(); foreach (string sz in lstKeys) { lstPrevInstructors.Add(d[sz]); } rptPriorInstructors.DataSource = lstPrevInstructors; rptPriorInstructors.DataBind(); mvSignFlight.SetActiveView(vwPickInstructor); } lblHeader.Text = String.Format(CultureInfo.CurrentCulture, Resources.SignOff.SignFlightHeader, MyFlightbook.Profile.GetUser(le.User).UserFullName); lblDisclaimerResponse.Text = Branding.ReBrand(Resources.SignOff.SignDisclaimerAgreement1); lblDisclaimerResponse2.Text = Branding.ReBrand(Resources.SignOff.SignDisclaimerAgreement2); } catch (MyFlightbookException ex) { lblErr.Text = ex.Message; } } }
protected void Page_Load(object sender, EventArgs e) { string szDestErr = "~/Default.aspx"; string szUser = util.GetStringParam(Request, "u"); string szPass = util.GetStringParam(Request, "p"); string szDest = util.GetStringParam(Request, "d"); if (!MFBWebService.CheckSecurity(Request) || String.IsNullOrEmpty(szUser) || String.IsNullOrEmpty(szPass) || String.IsNullOrEmpty(szDest)) { Response.Redirect(szDestErr); } // look for admin emulation in the form of string[] rgUsers = szUser.Split(new char[] { ':' }, StringSplitOptions.RemoveEmptyEntries); string szEmulate = string.Empty; if (rgUsers != null && rgUsers.Length == 2) { szEmulate = rgUsers[0]; szUser = rgUsers[1]; } szUser = Membership.GetUserNameByEmail(szUser); if (Membership.ValidateUser(szUser, szPass)) { if (!String.IsNullOrEmpty(szEmulate)) // emulation requested - validate that the authenticated user is actually authorized!!! { Profile pf = MyFlightbook.Profile.GetUser(szUser); if (pf.CanSupport || pf.CanManageData) { // see if the emulated user actually exists pf = MyFlightbook.Profile.GetUser(szEmulate); if (!pf.IsValid()) { throw new MyFlightbookException("No such user: "******"iPhone") || Request.UserAgent.Contains("iPad")) { if (String.Compare(szDest, "students", StringComparison.CurrentCultureIgnoreCase) == 0) { szDest = "instructors"; } else if (String.Compare(szDest, "instructors", StringComparison.CurrentCultureIgnoreCase) == 0) { szDest = "students"; } } szDest = RedirForDest(szDest, lstParams); // this is something of a hack, but pass on any additional parameters foreach (string szKey in Request.QueryString.Keys) { if (szKey != "u" && szKey != "p" && szKey != "d") { lstParams.Add(String.Format(CultureInfo.InvariantCulture, "{0}={1}", szKey, Request.Params[szKey])); } } if (lstParams.Contains("naked=1")) { Session["IsNaked"] = true; } if (szDest.Length == 0) { Response.Redirect(szDestErr); } else { string szUrlRedir = String.Format(CultureInfo.InvariantCulture, "javascript:window.top.location='{0}?{1}'", ResolveUrl(szDest), String.Join("&", lstParams.ToArray())); Page.ClientScript.RegisterStartupScript(this.GetType(), "StartupRedir", szUrlRedir, true); } }
protected void Page_Load(object sender, EventArgs e) { string szDest = ""; string szDestErr = "~/Default.aspx"; string szUser = util.GetStringParam(Request, "u"); string szPass = util.GetStringParam(Request, "p"); szDest = util.GetStringParam(Request, "d"); if (!MFBWebService.CheckSecurity(Request) || String.IsNullOrEmpty(szUser) || String.IsNullOrEmpty(szPass) || String.IsNullOrEmpty(szDest)) { Response.Redirect(szDestErr); } szUser = Membership.GetUserNameByEmail(szUser); if (Membership.ValidateUser(szUser, szPass)) { FormsAuthentication.SetAuthCookie(szUser, false); } List <string> lstParams = new List <string>(); // BUGBUG: I got students/instructors reversed in iPhone. if (Request.UserAgent.Contains("iPhone") || Request.UserAgent.Contains("iPad")) { if (String.Compare(szDest, "students", StringComparison.CurrentCultureIgnoreCase) == 0) { szDest = "instructors"; } else if (String.Compare(szDest, "instructors", StringComparison.CurrentCultureIgnoreCase) == 0) { szDest = "students"; } } szDest = RedirForDest(szDest, lstParams); // this is something of a hack, but pass on any additional parameters foreach (string szKey in Request.QueryString.Keys) { if (szKey != "u" && szKey != "p" && szKey != "d") { lstParams.Add(String.Format(CultureInfo.InvariantCulture, "{0}={1}", szKey, Request.Params[szKey])); } } if (lstParams.Contains("naked=1")) { Session["IsNaked"] = true; } if (szDest.Length == 0) { Response.Redirect(szDestErr); } else { string szUrlRedir = String.Format(CultureInfo.InvariantCulture, "javascript:window.top.location='{0}?{1}'", ResolveUrl(szDest), String.Join("&", lstParams.ToArray())); Page.ClientScript.RegisterStartupScript(this.GetType(), "StartupRedir", szUrlRedir, true); } }