private void OnSaveClick(object sender, EventArgs e) { PortalSecurity ps = new PortalSecurity(); PortalController.UpdatePortalSetting(PortalId, "Store_Username", ps.EncryptString(txtUsername.Text, Config.GetDecryptionkey())); PortalController.UpdatePortalSetting(PortalId, "Store_Password", ps.EncryptString(txtPassword.Text, Config.GetDecryptionkey())); Response.Redirect(Globals.NavigateURL()); }
/// <summary> /// persist profile value from PersonalizationInfo object, using naming container and key to organise /// function will automatically encrypt the value to plaintext /// </summary> /// <param name="personalization">Object containing user personalization info</param> /// <param name="namingContainer">Container for related set of values</param> /// <param name="key">Individual profile key</param> /// <param name="value">Individual profile value</param> public static void SetSecureProfile(PersonalizationInfo personalization, string namingContainer, string key, object value) { if (personalization != null) { var ps = new PortalSecurity(); personalization.Profile[namingContainer + ":" + key] = ps.EncryptString(value.ToString(), Config.GetDecryptionkey()); personalization.IsModified = true; } }
/// <summary> /// Property access, initially provided for TokenReplace /// </summary> /// <param name="propertyName">Name of the Property</param> /// <param name="format">format string</param> /// <param name="formatProvider">format provider for numbers, dates, currencies</param> /// <param name="accessingUser">userinfo of the user, who queries the data (used to determine permissions)</param> /// <param name="currentScope">requested maximum access level, might be restricted due to user level</param> /// <param name="propertyNotFound">out: flag, if property could be retrieved.</param> /// <returns>current value of the property for this userinfo object</returns> /// <history> /// 2007-10-20 [sleupold] documented and extended with differenciated access permissions /// 2007-10-20 [sleupold] role access added (for user himself or admin only). /// </history> public string GetProperty(string propertyName, string format, CultureInfo formatProvider, UserInfo accessingUser, Scope currentScope, ref bool propertyNotFound) { Scope internScope; if (UserID == -1 && currentScope > Scope.Configuration) { internScope = Scope.Configuration; //anonymous users only get access to displayname } else if (UserID != accessingUser.UserID && !isAdminUser(ref accessingUser) && currentScope > Scope.DefaultSettings) { internScope = Scope.DefaultSettings; //registerd users can access username and userID as well } else { internScope = currentScope; //admins and user himself can access all data } string outputFormat = format == string.Empty ? "g" : format; switch (propertyName.ToLower()) { case "verificationcode": if (internScope < Scope.SystemMessages) { propertyNotFound = true; return PropertyAccess.ContentLocked; } var ps = new PortalSecurity(); var code = ps.EncryptString(PortalID + "-" + UserID, Config.GetDecryptionkey()); return code.Replace("+", ".").Replace("/", "-").Replace("=", "_"); case "affiliateid": if (internScope < Scope.SystemMessages) { propertyNotFound = true; return PropertyAccess.ContentLocked; } return (AffiliateID.ToString(outputFormat, formatProvider)); case "displayname": if (internScope < Scope.Configuration) { propertyNotFound = true; return PropertyAccess.ContentLocked; } return PropertyAccess.FormatString(DisplayName, format); case "email": if (internScope < Scope.DefaultSettings) { propertyNotFound = true; return PropertyAccess.ContentLocked; } return (PropertyAccess.FormatString(Email, format)); case "firstname": //using profile property is recommended! if (internScope < Scope.DefaultSettings) { propertyNotFound = true; return PropertyAccess.ContentLocked; } return (PropertyAccess.FormatString(FirstName, format)); case "issuperuser": if (internScope < Scope.Debug) { propertyNotFound = true; return PropertyAccess.ContentLocked; } return (IsSuperUser.ToString(formatProvider)); case "lastname": //using profile property is recommended! if (internScope < Scope.DefaultSettings) { propertyNotFound = true; return PropertyAccess.ContentLocked; } return (PropertyAccess.FormatString(LastName, format)); case "portalid": if (internScope < Scope.Configuration) { propertyNotFound = true; return PropertyAccess.ContentLocked; } return (PortalID.ToString(outputFormat, formatProvider)); case "userid": if (internScope < Scope.DefaultSettings) { propertyNotFound = true; return PropertyAccess.ContentLocked; } return (UserID.ToString(outputFormat, formatProvider)); case "username": if (internScope < Scope.DefaultSettings) { propertyNotFound = true; return PropertyAccess.ContentLocked; } return (PropertyAccess.FormatString(Username, format)); case "fullname": //fullname is obsolete, it will return DisplayName if (internScope < Scope.Configuration) { propertyNotFound = true; return PropertyAccess.ContentLocked; } return (PropertyAccess.FormatString(DisplayName, format)); case "roles": if (currentScope < Scope.SystemMessages) { propertyNotFound = true; return PropertyAccess.ContentLocked; } return (PropertyAccess.FormatString(string.Join(", ", Roles), format)); } propertyNotFound = true; return string.Empty; }
private string GenerateScriptMarkup(TokenReplace tok, IEnumerable<UserInfo> users) { var scriptTemplate = GetLocalizedString("Script.Template", FeatureController.RESOURCEFILE_PERSONA_SWITCH); var userScriptTemplate = GetLocalizedString("ScriptItem.Template", FeatureController.RESOURCEFILE_PERSONA_SWITCH); var sbUserScript = new StringBuilder(); var sec = new PortalSecurity(); // create the user avatar listing foreach (UserInfo user in users) { /* * $('.dpc[User:UserId]') * .css('background', 'url([Profile:Photo]) no-repeat') * .css('background-position', 'center center') * .attr('title', '[User:DisplayName]') * .click(function(){ window.location = '[DemoPersona:Login]'; }) * .hover(function (){ $(this).css('opacity', '1.0'); }, function (){ $(this).css('opacity', '0.5'); }); */ if (user.UserID != UserId) { var userKeyForCookie = sec.EncryptString(user.UserID.ToString(), PortalSettings.GUID.ToString()); var userKeyForUrl = HttpUtility.UrlEncode(userKeyForCookie); var newUrl = Globals.NavigateURL(PortalSettings.ActiveTab.TabID, string.Empty, string.Concat(FeatureController.QS_LOGINID, "=", userKeyForUrl)); // executing this line of code breaks the JS, removing the BG images var alteredTemplate = userScriptTemplate.Replace(FeatureController.TOKEN_LOGIN, newUrl); // work around for a HTTP 301 redirect issue on homepages in DNN 07.01.00 // https://dnntracker.atlassian.net/browse/CONTENT-1561 alteredTemplate = alteredTemplate.Replace(FeatureController.TOKEN_COOKIE_NAME, FeatureController.QS_LOGINID); alteredTemplate = alteredTemplate.Replace(FeatureController.TOKEN_COOKIE_VALUE, userKeyForCookie); var userToken = new TokenReplace(Scope.DefaultSettings, user.Profile.PreferredLocale, PortalSettings, user); alteredTemplate = userToken.ReplaceEnvironmentTokens(alteredTemplate); sbUserScript.Append(alteredTemplate); } } // insert the persona scripts scriptTemplate = scriptTemplate.Replace(FeatureController.TOKEN_SCRIPT, sbUserScript.ToString()); // perform core token replace scriptTemplate = tok.ReplaceEnvironmentTokens(scriptTemplate); return scriptTemplate; }