private void KillInvalidMemberCookies()
{
//WB updated as in 4.7 RC the member cookie merged into one cookie now
/*
* string UmbracoMemberIdCookieKey = "umbracoMemberId";
* string UmbracoMemberGuidCookieKey = "umbracoMemberGuid";
* string UmbracoMemberLoginCookieKey = "umbracoMemberLogin";
*/
string umbracoMemberCookieKey = "UMB_MEMBER";
string umbracoMemberCookieValue = StateHelper.GetCookieValue(umbracoMemberCookieKey);
if (HasCookieValue(umbracoMemberCookieKey))
{
//WB split the cookie values with 4.7 RC cookie change
string[] umbracoMemberCookieValueSplit = umbracoMemberCookieValue.Split(new Char[] { '+' });
string UmbracoMemberIdCookieValue = umbracoMemberCookieValueSplit[0].ToString();
string UmbracoMemberGuidCookieValue = umbracoMemberCookieValueSplit[1].ToString();
string UmbracoMemberLoginCookieValue = umbracoMemberCookieValueSplit[2].ToString();
int currentMemberId = 0;
string currentGuid = "";
/*
* int.TryParse(StateHelper.GetCookieValue(UmbracoMemberIdCookieKey), out currentMemberId);
* currentGuid = StateHelper.GetCookieValue(UmbracoMemberGuidCookieKey);
*/
int.TryParse(UmbracoMemberIdCookieValue, out currentMemberId);
currentGuid = UmbracoMemberGuidCookieValue;
if (currentMemberId > 0 && !memberValid(currentMemberId, currentGuid))
{
/*
* //not valid
* KillCookie(UmbracoMemberGuidCookieKey,"umbraco.com");
* KillCookie(UmbracoMemberLoginCookieKey, "umbraco.com");
* KillCookie(UmbracoMemberIdCookieKey,"umbraco.com");
*/
//WB updated as in 4.7 RC the member cookie merged into one cookie now
KillCookie(umbracoMemberCookieKey, "umbraco.com");
KillCookie(FormsAuthentication.FormsCookieName, "umbraco.com");
FormsAuthentication.SignOut();
Response.Redirect("/", true);
}
}
}
private bool validateAccess(XmlNode node)
{
// check if this area should be shown at all
string onlyOnceValue = StateHelper.GetCookieValue(generateCookieKey(node));
if (!String.IsNullOrEmpty(onlyOnceValue))
{
return(false);
}
// the root user can always see everything
if (CurrentUser.IsRoot())
{
return(true);
}
else if (node != null)
{
XmlNode accessRules = node.SelectSingleNode("access");
bool retVal = true;
if (accessRules != null && accessRules.HasChildNodes)
{
string currentUserType = CurrentUser.UserType.Alias.ToLower();
string allowedSections = ",";
foreach (BusinessLogic.Application app in CurrentUser.Applications)
{
allowedSections += app.alias.ToLower() + ",";
}
XmlNodeList grantedTypes = accessRules.SelectNodes("grant");
XmlNodeList grantedBySectionTypes = accessRules.SelectNodes("grantBySection");
XmlNodeList deniedTypes = accessRules.SelectNodes("deny");
// if there's a grant type, everyone who's not granted is automatically denied
if (grantedTypes.Count > 0 || grantedBySectionTypes.Count > 0)
{
retVal = false;
if (grantedBySectionTypes.Count > 0 && accessRules.SelectSingleNode(String.Format("grantBySection [contains('{0}', concat(',',.,','))]", allowedSections)) != null)
{
retVal = true;
}
else if (grantedTypes.Count > 0 && accessRules.SelectSingleNode(String.Format("grant [. = '{0}']", currentUserType)) != null)
{
retVal = true;
}
}
// if the current type of user is denied we'll say nay
if (deniedTypes.Count > 0 && accessRules.SelectSingleNode(String.Format("deny [. = '{0}']", currentUserType)) != null)
{
retVal = false;
}
}
return(retVal);
}
return(false);
}
/// <summary>
/// Gets the current visitors memberid
/// </summary>
/// <returns>The current visitors members id, if the visitor is not logged in it returns 0</returns>
public static int CurrentMemberId()
{
int _currentMemberId = 0;
if (StateHelper.HasCookieValue(UmbracoMemberIdCookieKey) &&
StateHelper.HasCookieValue(UmbracoMemberGuidCookieKey) &&
StateHelper.HasCookieValue(UmbracoMemberLoginCookieKey))
{
int.TryParse(StateHelper.GetCookieValue(UmbracoMemberIdCookieKey), out _currentMemberId);
}
return(_currentMemberId);
}
/// <summary>
/// This method will parse the attribute value to look for some special syntax such as
/// [@requestKey]
/// [%sessionKey]
/// [#pageElement]
/// [$recursiveValue]
/// </summary>
/// <param name="pageElements"></param>
/// <param name="attributeValue"></param>
/// <returns></returns>
/// <remarks>
/// You can even apply fallback's separated by comma's like:
///
/// [@requestKey],[%sessionKey]
///
/// </remarks>
public static string parseAttribute(IDictionary pageElements, string attributeValue)
{
// Check for potential querystring/cookie variables
// SD: not sure why we are checking for len 3 here?
if (attributeValue.Length > 3 && attributeValue.StartsWith("["))
{
var attributeValueSplit = (attributeValue).Split(',');
attributeValueSplit = attributeValueSplit.Select(x => x.Trim()).ToArray();
// before proceeding, we don't want to process anything here unless each item starts/ends with a [ ]
// this is because the attribute value could actually just be a json array like [1,2,3] which we don't want to parse
//
// however, the last one can be a literal, must take care of this!
// so here, don't check the last one, which can be just anything
if (attributeValueSplit.Take(attributeValueSplit.Length - 1).All(x =>
//must end with [
x.EndsWith("]") &&
//must start with [ and a special char
(x.StartsWith("[@") || x.StartsWith("[%") || x.StartsWith("[#") || x.StartsWith("[$"))) == false)
{
return(attributeValue);
}
foreach (var attributeValueItem in attributeValueSplit)
{
attributeValue = attributeValueItem;
var trimmedValue = attributeValue.Trim();
// Check for special variables (always in square-brackets like [name])
if (trimmedValue.StartsWith("[") &&
trimmedValue.EndsWith("]"))
{
attributeValue = trimmedValue;
// find key name
var keyName = attributeValue.Substring(2, attributeValue.Length - 3);
var keyType = attributeValue.Substring(1, 1);
switch (keyType)
{
case "@":
attributeValue = HttpContext.Current.Request[keyName];
break;
case "%":
attributeValue = StateHelper.GetSessionValue <string>(keyName);
if (String.IsNullOrEmpty(attributeValue))
{
attributeValue = StateHelper.GetCookieValue(keyName);
}
break;
case "#":
if (pageElements == null)
{
pageElements = GetPageElements();
}
if (pageElements[keyName] != null)
{
attributeValue = pageElements[keyName].ToString();
}
else
{
attributeValue = "";
}
break;
case "$":
if (pageElements == null)
{
pageElements = GetPageElements();
}
if (pageElements[keyName] != null && pageElements[keyName].ToString() != string.Empty)
{
attributeValue = pageElements[keyName].ToString();
}
else
{
// reset attribute value in case no value has been found on parents
attributeValue = String.Empty;
XmlDocument umbracoXML = presentation.UmbracoContext.Current.GetXml();
String[] splitpath = (String[])pageElements["splitpath"];
for (int i = 0; i < splitpath.Length - 1; i++)
{
XmlNode element = umbracoXML.GetElementById(splitpath[splitpath.Length - i - 1].ToString());
if (element == null)
{
continue;
}
string xpath = UmbracoConfig.For.UmbracoSettings().Content.UseLegacyXmlSchema ? "./data [@alias = '{0}']" : "{0}";
XmlNode currentNode = element.SelectSingleNode(string.Format(xpath,
keyName));
if (currentNode != null && currentNode.FirstChild != null &&
!string.IsNullOrEmpty(currentNode.FirstChild.Value) &&
!string.IsNullOrEmpty(currentNode.FirstChild.Value.Trim()))
{
HttpContext.Current.Trace.Write("parameter.recursive", "Item loaded from " + splitpath[splitpath.Length - i - 1]);
attributeValue = currentNode.FirstChild.Value;
break;
}
}
}
break;
}
if (attributeValue != null)
{
attributeValue = attributeValue.Trim();
if (attributeValue != string.Empty)
{
break;
}
}
else
{
attributeValue = string.Empty;
}
}
}
}
return(attributeValue);
}
public static string parseAttribute(IDictionary pageElements, string attributeValue)
{
// Check for potential querystring/cookie variables
if (attributeValue.Length > 3 && attributeValue.Substring(0, 1) == "[")
{
string[] attributeValueSplit = (attributeValue).Split(',');
foreach (string attributeValueItem in attributeValueSplit)
{
attributeValue = attributeValueItem;
// Check for special variables (always in square-brackets like [name])
if (attributeValueItem.Substring(0, 1) == "[" &&
attributeValueItem.Substring(attributeValueItem.Length - 1, 1) == "]")
{
// find key name
string keyName = attributeValueItem.Substring(2, attributeValueItem.Length - 3);
string keyType = attributeValueItem.Substring(1, 1);
switch (keyType)
{
case "@":
attributeValue = HttpContext.Current.Request[keyName];
break;
case "%":
attributeValue = StateHelper.GetSessionValue <string>(keyName);
if (String.IsNullOrEmpty(attributeValue))
{
attributeValue = StateHelper.GetCookieValue(keyName);
}
break;
case "#":
if (pageElements[keyName] != null)
{
attributeValue = pageElements[keyName].ToString();
}
else
{
attributeValue = "";
}
break;
case "$":
if (pageElements[keyName] != null && pageElements[keyName].ToString() != string.Empty)
{
attributeValue = pageElements[keyName].ToString();
}
else
{
// reset attribute value in case no value has been found on parents
attributeValue = String.Empty;
XmlDocument umbracoXML = presentation.UmbracoContext.Current.GetXml();
String[] splitpath = (String[])pageElements["splitpath"];
for (int i = 0; i < splitpath.Length - 1; i++)
{
XmlNode element = umbracoXML.GetElementById(splitpath[splitpath.Length - i - 1].ToString());
if (element == null)
{
continue;
}
string xpath = UmbracoSettings.UseLegacyXmlSchema ? "./data [@alias = '{0}']" : "{0}";
XmlNode currentNode = element.SelectSingleNode(string.Format(xpath,
keyName));
if (currentNode != null && currentNode.FirstChild != null &&
!string.IsNullOrEmpty(currentNode.FirstChild.Value) &&
!string.IsNullOrEmpty(currentNode.FirstChild.Value.Trim()))
{
HttpContext.Current.Trace.Write("parameter.recursive", "Item loaded from " + splitpath[splitpath.Length - i - 1]);
attributeValue = currentNode.FirstChild.Value;
break;
}
}
}
break;
}
if (attributeValue != null)
{
attributeValue = attributeValue.Trim();
if (attributeValue != string.Empty)
{
break;
}
}
else
{
attributeValue = string.Empty;
}
}
}
}
return(attributeValue);
}