Пример #1
0
        public ActionResult RXSS_S3_Login(RXSS_S3_LoginRequest request)
        {
            RXSS_S3_UserListResponse response = XSS_BusinessServices.RXSS_S3_Login(request);

            Session["LoginUserRole" + Session.SessionID] = response.LoginUser != null ? response.LoginUser.UserRole : "User";
            return(PartialView("~/Views/Xss/ReflectedXss/_UserList.cshtml", response));
        }
Пример #2
0
        public JsonResult SXSS_S1_CommentList()
        {
            SXSS_S1_CommentListResponse response = XSS_BusinessServices.SXSS_S1_CommentList(Session.SessionID);
            string commentListHTML = RazorViewToString.RenderRazorViewToString(this, "~/Views/Xss/StoredXss/_CommentList.cshtml", response);

            return(Json(new object[] { commentListHTML, response }));
        }
Пример #3
0
        public JsonResult SXSS_S2_SaveStolenCookie(SXSS_S2_StealRequest request)
        {
            request.SessionID = Session.SessionID;
            BaseResponse response = XSS_BusinessServices.SXSS_S2_SaveStolenCookie(request);

            return(Json(response));
        }
Пример #4
0
        public JsonResult SXSS_S1_Comment(SXSS_S1_CommentRequest request)
        {
            SXSS_S1_CommentListResponse response = new SXSS_S1_CommentListResponse();

            if (!GoogleRecaptchaControl(request.SXSS_S1_CommentRequest_gReCaptcha))
            {
                response.IsSuccess    = false;
                response.Message      = "Not valid gReCaptcha!";
                response.ResponseCode = 400;
            }
            else
            {
                response = XSS_BusinessServices.SXSS_S1_Comment(request);
            }
            string commentListHTML = RazorViewToString.RenderRazorViewToString(this, "~/Views/Xss/StoredXss/_CommentList.cshtml", response);

            return(Json(new object[] { commentListHTML, response }));
        }
Пример #5
0
        public JsonResult RXSS_S3_Delete(RXSS_S3_DeleteRequest request)
        {
            RXSS_S3_UserListResponse response = new RXSS_S3_UserListResponse();

            if (Session["LoginUserRole" + Session.SessionID].ToString() == "Admin")
            {
                response = XSS_BusinessServices.RXSS_S3_Delete(request);
            }
            else
            {
                response.IsSuccess    = false;
                response.Message      = Lang.Global_Unauthorize;
                response.ResponseCode = 403;
            }
            string userListHTML = RazorViewToString.RenderRazorViewToString(this, "~/Views/Xss/ReflectedXss/_UserList.cshtml", response);

            return(Json(new object[] { userListHTML, response }));
        }
Пример #6
0
        public JsonResult RXSS_S3_Register(RXSS_S3_RegisterRequest request)
        {
            RXSS_S3_UserListResponse response = new RXSS_S3_UserListResponse();

            if (!GoogleRecaptchaControl(request.RXSS_S3_RegisterRequest_gReCaptcha))
            {
                response.IsSuccess    = false;
                response.Message      = Lang.Global_GReCaptcha;
                response.ResponseCode = 400;
            }
            else
            {
                response = XSS_BusinessServices.RXSS_S3_Register(request);
                Session["LoginUserRole" + Session.SessionID] = response.LoginUser.UserRole;
            }

            string userListHTML = RazorViewToString.RenderRazorViewToString(this, "~/Views/Xss/ReflectedXss/_UserList.cshtml", response);

            return(Json(new object[] { userListHTML, response }));
        }
Пример #7
0
        public ActionResult SXSS_S2_StolenCookieList()
        {
            SXSS_S2_CookieListResponse response = XSS_BusinessServices.SXSS_S2_CookieList(Session.SessionID);

            return(View("~/Views/Xss/StoredXss/CookieList.cshtml", response));
        }