public ActionResult Poll(string url, bool embed = false)
{
PollService PService = PollService.INSTANCE;
Poll poll = PService.getPollByUrl(url);
if (poll == null)
{
return RedirectToAction("Index");
}
string userId = "";
string cookieString = "";
string codeString = "";
Encoder encoder = new Encoder();
bool validCookie = false;
if (Request.Cookies["userId"] != null)
{
cookieString = Server.HtmlEncode(Request.Cookies["userId"].Value);
string[] stringList = cookieString.Split(new string[] { "|" }, StringSplitOptions.None);
if (stringList.Length > 1)
{
if (encoder.verifyHash(stringList[0], stringList[1]))
{
userId = stringList[0];
codeString = stringList[1];
validCookie = true;
}
}
}
if (!validCookie)
{
userId = PService.getNewUserId().ToString();
codeString = encoder.getHash(userId);
cookieString = userId + "|" + codeString;
Response.Cookies["userId"].Value = cookieString;
Response.Cookies["userId"].Expires = DateTime.Now.AddYears(10);
}
ViewBag.userId = userId;
ViewBag.codeString = codeString;
var json = new JavaScriptSerializer().Serialize(poll);
ViewBag.poll = json;
ViewBag.title = "PollerBear | " + poll.topic;
ViewBag.description = poll.topic;
ViewBag.home = false;
ViewBag.embed = embed;
return View();
}
public HttpResponseMessage saveVote(HttpRequestMessage request, string url, string id, string code, bool embed, [FromBody]List<Option> options)
{
try
{
PollService PService = PollService.INSTANCE;
Poll poll = PService.getPollByUrl(url);
if (poll == null) return Request.CreateErrorResponse(HttpStatusCode.BadRequest, "");
if (poll.type != 1) return Request.CreateErrorResponse(HttpStatusCode.BadRequest, "");
var validOptions = 0;
foreach (var option in options)
{
if (poll.options.Any(item => item.name == option.name))
{
validOptions++;
}
}
if (validOptions != poll.options.Count) return Request.CreateErrorResponse(HttpStatusCode.BadRequest, "");
poll.options = options;
Encoder encoder = new Encoder();
string ip = GetClientIp(request);
if (embed)
{
if (!PService.checkIfVotedByIp(url, ip))
{
id = PService.getUserByIp(ip);
if (id == null)
{
id = PService.getNewUserId().ToString();
PService.saveIpUser(id, ip);
}
PService.saveVote(poll, id, ip);
return Request.CreateResponse(HttpStatusCode.OK);
}
else
{
return Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Already voted");
}
}
else if (encoder.verifyHash(id, code))
{
if (!PService.checkIfVoted(url, id))
{
PService.saveVote(poll, id, ip);
return Request.CreateResponse(HttpStatusCode.OK);
}
else
{
return Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Already voted");
}
}
return Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Invalid ID");
}
catch (Exception)
{
return Request.CreateErrorResponse(HttpStatusCode.InternalServerError, "");
}
}
public HttpResponseMessage saveVoteMajority(HttpRequestMessage request, string url, int optionId, string id, string code, bool embed)
{
try
{
PollService PService = PollService.INSTANCE;
Poll poll = PService.getPollByUrl(url);
if (poll == null) return Request.CreateErrorResponse(HttpStatusCode.BadRequest, "");
if (poll.type != 2) return Request.CreateErrorResponse(HttpStatusCode.BadRequest, "");
if (!poll.options.Any(item => item.option_id == optionId)) return Request.CreateErrorResponse(HttpStatusCode.BadRequest, "");
Encoder encoder = new Encoder();
var ip = GetClientIp(request);
if (embed)
{
if (!PService.checkIfVotedByIp(url, ip))
{
id = PService.getUserByIp(ip);
if (id == null)
{
id = PService.getNewUserId().ToString();
PService.saveIpUser(id, ip);
}
PService.saveVoteMajority(poll, optionId, id, ip);
return Request.CreateResponse(HttpStatusCode.OK);
}
else
{
return Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Already voted");
}
}
else if (encoder.verifyHash(id, code))
{
if (!PService.checkIfVoted(url, id))
{
PService.saveVoteMajority(poll, optionId, id, ip);
return Request.CreateResponse(HttpStatusCode.OK);
}
else
{
return Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Already voted");
}
}
return Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Invalid ID");
}
catch (Exception)
{
return Request.CreateErrorResponse(HttpStatusCode.InternalServerError, "");
}
}
