Пример #1
0
        protected void Submit_ContentCommentForm(object sender, EventArgs e)
        {
            bool bCaptcha = false;

            Captcha captcha = (Captcha)GetEntryFormControl("ContentCommentCaptcha");
            if (captcha != null) {
                bCaptcha = captcha.Validate();
            } else {
                bCaptcha = true;
            }

            if (bCaptcha) {
                HttpRequest request = HttpContext.Current.Request;

                bool bIgnorePublishState = SecurityData.AdvancedEditMode || SecurityData.IsAdmin || SecurityData.IsSiteEditor;

                SiteNav navData = navHelper.GetLatestVersion(SiteData.CurrentSiteID, !bIgnorePublishState, SiteData.CurrentScriptName);

                Label lblContentCommentFormMsg = (Label)GetEntryFormControl("ContentCommentFormMsg");
                TextBox txtCommenterName = (TextBox)GetEntryFormControl("CommenterName");
                TextBox txtCommenterEmail = (TextBox)GetEntryFormControl("CommenterEmail");
                TextBox txtVisitorComments = (TextBox)GetEntryFormControl("VisitorComments");
                TextBox txtCommenterURL = (TextBox)GetEntryFormControl("CommenterURL");

                string sIP = request.ServerVariables["REMOTE_ADDR"].ToString();

                PostComment pc = new PostComment();
                pc.ContentCommentID = Guid.NewGuid();
                pc.Root_ContentID = navData.Root_ContentID;
                pc.CreateDate = SiteData.CurrentSite.Now;
                pc.IsApproved = false;
                pc.IsSpam = false;
                pc.CommenterIP = sIP;

                if (txtCommenterName != null) {
                    pc.CommenterName = txtCommenterName.Text;
                }
                if (txtCommenterEmail != null) {
                    pc.CommenterEmail = txtCommenterEmail.Text;
                }
                if (txtVisitorComments != null) {
                    pc.PostCommentText = txtVisitorComments.Text;
                }
                if (txtCommenterURL != null) {
                    pc.CommenterURL = txtCommenterURL.Text;
                }

                if (SiteData.IsWebView && HttpContext.Current.User.Identity.IsAuthenticated) {
                    if ((this.AutoApproveAdmin)) {
                        pc.IsApproved = SecurityData.IsAdmin;
                    }
                    if (!string.IsNullOrEmpty(this.AutoApproveGroupName)) {
                        pc.IsApproved = SecurityData.IsUserInRole(this.AutoApproveGroupName);
                    }
                }

                pc.Save();

                if (!string.IsNullOrEmpty(this.DirectEmail) || !string.IsNullOrEmpty(this.DirectEmailKeyName)) {
                    string sEmail = "";
                    EmailSender mailer = new EmailSender();

                    if (!string.IsNullOrEmpty(this.DirectEmail)) {
                        sEmail = this.DirectEmail.ToString();
                    }
                    if (!string.IsNullOrEmpty(this.DirectEmailKeyName)) {
                        sEmail = ConfigurationManager.AppSettings[this.DirectEmailKeyName].ToString();
                    }

                    mailer.MailSubject = "Comment Form " + request.ServerVariables["SERVER_NAME"];
                    mailer.Recepient = sEmail;
                    mailer.TemplateFile = null;
                    mailer.IsHTML = false;
                    mailer.WebControl = this;

                    string sBody = "Name:   " + pc.CommenterName
                        + "\r\nEmail:   " + pc.CommenterEmail
                        + "\r\nURL:   " + pc.CommenterURL
                        + "\r\n-----------------\r\nComment:\r\n" + pc.PostCommentText
                        + "\r\n=================\r\n\r\nIP:   " + pc.CommenterIP
                        + "\r\nSite Page:   " + request.ServerVariables["script_name"].ToString()
                        + "\r\nSite Time:   " + pc.CreateDate.ToString()
                        + "\r\nUTC Time:   " + DateTime.UtcNow.ToString();

                    mailer.Body = sBody;

                    mailer.SendMail();
                }

                //if (lbl != null && txt1 != null && txt2 != null) {
                //    lbl.Text = "Clicked the button: " + txt1.Text + " - " + txt2.Text;
                //}

                phEntry.Visible = false;
                phThanks.Visible = true;
            }
        }
		protected void Submit_ContentCommentForm(object sender, EventArgs e) {
			bool bCaptcha = false;

			Captcha captcha = (Captcha)GetEntryFormControl("ContentCommentCaptcha");
			if (captcha != null) {
				bCaptcha = captcha.Validate();
			} else {
				bCaptcha = true;
			}

			if (bCaptcha) {
				HttpRequest request = HttpContext.Current.Request;

				bool bIgnorePublishState = SecurityData.AdvancedEditMode || SecurityData.IsAdmin || SecurityData.IsSiteEditor;

				SiteNav navData = navHelper.GetLatestVersion(SiteData.CurrentSiteID, !bIgnorePublishState, SiteData.CurrentScriptName);

				Label lblContentCommentFormMsg = (Label)GetEntryFormControl("ContentCommentFormMsg");
				TextBox txtCommenterName = (TextBox)GetEntryFormControl("CommenterName");
				TextBox txtCommenterEmail = (TextBox)GetEntryFormControl("CommenterEmail");
				TextBox txtVisitorComments = (TextBox)GetEntryFormControl("VisitorComments");
				TextBox txtCommenterURL = (TextBox)GetEntryFormControl("CommenterURL");

				string sIP = request.ServerVariables["REMOTE_ADDR"].ToString();

				PostComment pc = new PostComment();
				pc.ContentCommentID = Guid.NewGuid();
				pc.Root_ContentID = navData.Root_ContentID;
				pc.CreateDate = SiteData.CurrentSite.Now;
				pc.IsApproved = false;
				pc.IsSpam = false;
				pc.CommenterIP = sIP;

				if (txtCommenterName != null) {
					pc.CommenterName = txtCommenterName.Text;
				}
				if (txtCommenterEmail != null) {
					pc.CommenterEmail = txtCommenterEmail.Text;
				}
				if (txtVisitorComments != null) {
					pc.PostCommentText = txtVisitorComments.Text;
				}
				if (txtCommenterURL != null) {
					pc.CommenterURL = txtCommenterURL.Text;
				}

				if (SiteData.IsWebView && HttpContext.Current.User.Identity.IsAuthenticated) {
					if ((this.AutoApproveAdmin)) {
						pc.IsApproved = SecurityData.IsAdmin;
					}
					if (!String.IsNullOrEmpty(this.AutoApproveGroupName)) {
						pc.IsApproved = SecurityData.IsUserInRole(this.AutoApproveGroupName);
					}
				}

				pc.Save();

				if (!String.IsNullOrEmpty(this.DirectEmail) || this.NotifyEditors || !String.IsNullOrEmpty(this.DirectEmailKeyName)) {
					List<string> emails = new List<string>();

					EmailSender mailer = new EmailSender();

					if (!String.IsNullOrEmpty(this.DirectEmail)) {
						emails.Add(this.DirectEmail);
					}
					if (!String.IsNullOrEmpty(this.DirectEmailKeyName)) {
						emails.Add(ConfigurationManager.AppSettings[this.DirectEmailKeyName].ToString());
					}
					if (this.NotifyEditors) {
						ContentPage page = navData.GetContentPage();
						emails.Add(page.CreateUser.EmailAddress);

						if (page.EditUser.UserId != page.CreateUser.UserId) {
							emails.Add(page.EditUser.EmailAddress);
						}
						if (page.CreditUserId.HasValue) {
							emails.Add(page.CreditUser.EmailAddress);
						}
					}

					string sEmail = String.Join(",", emails.ToArray());

					mailer.MailSubject = "Comment Form " + request.ServerVariables["HTTP_HOST"];
					mailer.Recepient = sEmail;
					mailer.TemplateFile = null;
					mailer.IsHTML = false;
					mailer.WebControl = this;

					string strHTTPHost = String.Empty;
					try { strHTTPHost = request.ServerVariables["HTTP_HOST"] + String.Empty; } catch { strHTTPHost = String.Empty; }

					string strHTTPProto = "http://";
					try {
						strHTTPProto = request.ServerVariables["SERVER_PORT_SECURE"] + String.Empty;
						if (strHTTPProto == "1") {
							strHTTPProto = "https://";
						} else {
							strHTTPProto = "http://";
						}
					} catch { }

					strHTTPHost = String.Format("{0}{1}", strHTTPProto, strHTTPHost).ToLower();

					string sBody = "Name:   " + pc.CommenterName
						+ "\r\nEmail:   " + pc.CommenterEmail
						+ "\r\nURL:   " + pc.CommenterURL
						+ "\r\n-----------------\r\nComment:\r\n" + HttpUtility.HtmlEncode(pc.PostCommentText)
						+ "\r\n=================\r\n\r\nIP:   " + pc.CommenterIP
						//+ "\r\nSite Page:   " + request.ServerVariables["script_name"].ToString()
						+ "\r\nSite URL:   " + String.Format("{0}{1}", strHTTPHost, request.ServerVariables["script_name"])
						+ "\r\nSite Time:   " + SiteData.CurrentSite.Now.ToString()
						+ "\r\nUTC Time:   " + DateTime.UtcNow.ToString();

					mailer.Body = sBody;

					mailer.SendMail();
				}

				//if (lbl != null && txt1 != null && txt2 != null) {
				//    lbl.Text = "Clicked the button: " + txt1.Text + " - " + txt2.Text;
				//}

				phEntry.Visible = false;
				phThanks.Visible = true;
			}
		}
Пример #3
0
        public bool ResetPassword(string Email, Control theControl)
        {
            MembershipUser user = null;

            if (!String.IsNullOrEmpty(Email)) {
                MembershipUserCollection membershipCollection = Membership.FindUsersByEmail(Email);
                foreach (MembershipUser userEnum in membershipCollection) {
                    user = userEnum;
                    break;
                }
            }

            if (user != null) {

                Assembly _assembly = Assembly.GetExecutingAssembly();

                string sBody = String.Empty;
                using (StreamReader oTextStream = new StreamReader(_assembly.GetManifestResourceStream("Carrotware.CMS.Core.Security.EmailForgotPassMsg.txt"))) {
                    sBody = oTextStream.ReadToEnd();
                }

                if (user.IsLockedOut && user.LastLockoutDate < DateTime.Now.AddMinutes(-45)) {
                    user.UnlockUser();
                }

                string tmpPassword = user.ResetPassword(); // set to known password
                string newPassword = GenerateSimplePassword(); // create simpler password

                user.ChangePassword(tmpPassword, newPassword); // set to simpler password

                EmailSender mailer = new EmailSender {
                    Recepient = user.Email,
                    MailSubject = "Password Reset",
                    TemplateFile = null,
                    Body = sBody,
                    IsHTML = false,
                    WebControl = theControl
                };

                string strHTTPHost = "";
                try { strHTTPHost = HttpContext.Current.Request.ServerVariables["HTTP_HOST"] + ""; } catch { strHTTPHost = ""; }

                string strHTTPProto = "http://";
                try {
                    strHTTPProto = HttpContext.Current.Request.ServerVariables["SERVER_PORT_SECURE"] + "";
                    if (strHTTPProto == "1") {
                        strHTTPProto = "https://";
                    } else {
                        strHTTPProto = "http://";
                    }
                } catch { }

                strHTTPHost = strHTTPProto + strHTTPHost.ToLower();

                mailer.ContentPlaceholders.Add("{%%UserName%%}", user.UserName);
                mailer.ContentPlaceholders.Add("{%%Password%%}", newPassword);
                mailer.ContentPlaceholders.Add("{%%SiteURL%%}", strHTTPHost);
                if (SiteData.CurretSiteExists) {
                    mailer.ContentPlaceholders.Add("{%%Time%%}", SiteData.CurrentSite.Now.ToString());
                } else {
                    mailer.ContentPlaceholders.Add("{%%Time%%}", DateTime.Now.ToString());
                }

                mailer.SendMail();

                return true;
            } else {
                return false;
            }
        }
Пример #4
0
        public bool ResetPassword(string Email, Control theControl)
        {
            MembershipUser user = null;

            if (!String.IsNullOrEmpty(Email))
            {
                MembershipUserCollection membershipCollection = Membership.FindUsersByEmail(Email);
                foreach (MembershipUser userEnum in membershipCollection)
                {
                    user = userEnum;
                    break;
                }
            }

            if (user != null)
            {
                Assembly _assembly = Assembly.GetExecutingAssembly();

                string sBody = String.Empty;
                using (StreamReader oTextStream = new StreamReader(_assembly.GetManifestResourceStream("Carrotware.CMS.Core.Security.EmailForgotPassMsg.txt"))) {
                    sBody = oTextStream.ReadToEnd();
                }

                if (user.IsLockedOut && user.LastLockoutDate < DateTime.Now.AddMinutes(-45))
                {
                    user.UnlockUser();
                }

                string tmpPassword = user.ResetPassword();                 // set to known password
                string newPassword = GenerateSimplePassword();             // create simpler password

                user.ChangePassword(tmpPassword, newPassword);             // set to simpler password

                EmailSender mailer = new EmailSender {
                    Recepient    = user.Email,
                    MailSubject  = "Password Reset",
                    TemplateFile = null,
                    Body         = sBody,
                    IsHTML       = false,
                    WebControl   = theControl
                };

                string strHTTPHost = "";
                try { strHTTPHost = HttpContext.Current.Request.ServerVariables["HTTP_HOST"] + ""; } catch { strHTTPHost = ""; }

                string strHTTPProto = "http://";
                try {
                    strHTTPProto = HttpContext.Current.Request.ServerVariables["SERVER_PORT_SECURE"] + "";
                    if (strHTTPProto == "1")
                    {
                        strHTTPProto = "https://";
                    }
                    else
                    {
                        strHTTPProto = "http://";
                    }
                } catch { }

                strHTTPHost = strHTTPProto + strHTTPHost.ToLower();

                mailer.ContentPlaceholders.Add("{%%UserName%%}", user.UserName);
                mailer.ContentPlaceholders.Add("{%%Password%%}", newPassword);
                mailer.ContentPlaceholders.Add("{%%SiteURL%%}", strHTTPHost);
                if (SiteData.CurretSiteExists)
                {
                    mailer.ContentPlaceholders.Add("{%%Time%%}", SiteData.CurrentSite.Now.ToString());
                }
                else
                {
                    mailer.ContentPlaceholders.Add("{%%Time%%}", DateTime.Now.ToString());
                }

                mailer.SendMail();

                return(true);
            }
            else
            {
                return(false);
            }
        }