protected void btnRequest_Click(object sender, System.EventArgs e) { if (txEmail.Text.Trim() != "") { if (tbImgCode.Text == (string)Session["CaptchaImageText"]) { this.Cn.Open(); object res = Cn.ExecuteScalar("SELECT UserName FROM ForumUsers WHERE Email=?", txEmail.Text.Trim()); if (res == null) { Cn.Close(); lblEmailNotFound.Visible = true; return; //no user found } string newPsw = CryptoUtils.GenerateRandomCode(7); string newPswHash = Utils.Password.CalculateHash(newPsw); Cn.ExecuteNonQuery("UPDATE ForumUsers SET [Password]=? WHERE Email=?", newPswHash, txEmail.Text.Trim()); this.Cn.Close(); SendPsw(txEmail.Text.Trim(), res.ToString(), newPsw); tblMain.Visible = false; lblOk.Visible = true; } else { lblWrongCode.Visible = true; } } }
protected void btnAdd_Click(object sender, EventArgs e) { int parentid = 0, subforumid = 0; int.TryParse(ddlParentForum.SelectedValue, out parentid); int.TryParse(ddlSubForum.SelectedValue, out subforumid); Cn.Open(); //reverse subforum check object res = Cn.ExecuteScalar("SELECT ParentForumID FROM ForumSubforums WHERE ParentForumID=" + subforumid + " AND SubForumID=" + parentid); if (parentid != 0 && parentid != subforumid && res == null) { lblError.Visible = false; Cn.ExecuteNonQuery("INSERT INTO ForumSubforums (ParentForumID, SubForumID) VALUES (?, ?)", parentid, subforumid); } else { lblError.Visible = true; } Cn.Close(); BindDropDownLists(); BindSubForums(); }
protected void btnChangePsw_Click(object sender, System.EventArgs e) { if (tbNewPsw1.Text == "" || tbNewPsw2.Text == "" || tbNewPsw1.Text != tbNewPsw2.Text) { lblResult.Text = Resources.various.ErrorPasswordsDoNotMatch; return; } if (tbNewPsw1.Text.Length < Utils.Settings.MinPasswordLength) { lblResult.Text = string.Format("Password is too short, {0} characters minimum", Utils.Settings.MinPasswordLength); return; } Cn.Open(); var res = Cn.ExecuteScalar("SELECT UserID FROM ForumUsers WHERE (Password=?) AND UserID=?", Utils.Password.CalculateHash(tbOldPsw.Text), _editedUserID); if (IsAdministrator || res != null) { Cn.ExecuteNonQuery("UPDATE ForumUsers SET [Password]=? WHERE UserID=?", Utils.Password.CalculateHash(tbNewPsw1.Text), _editedUserID); lblResult.Text = Resources.various.PasswordChanged; } else { lblResult.Text = Resources.various.ErrorWrongOldPassword; } Cn.Close(); }
protected void Page_Load(object sender, EventArgs e) { string username = Request.QueryString["user"]; string code = Request.QueryString["code"]; if (username == null || code == null) { Response.End(); return; } Cn.Open(); object res = Cn.ExecuteScalar( "select UserID from ForumUsers WHERE UserName=? AND ActivationCode=?", username, code); Cn.Close(); if (res != null) { Utils.User.EnableUser(Convert.ToInt32(res), false); lblSuccess.Visible = true; lblError.Visible = false; } else { lblError.Visible = true; lblSuccess.Visible = false; } }
protected void btnSave_Click(object sender, System.EventArgs e) { if (tbForumGroup.Text.Trim() == "" && ddlForumGroup.Items.Count == 0) { Response.Write("error"); return; } Cn.Open(); int forumGroup = 0; if (tbForumGroup.Text.Trim() != "") { Cn.ExecuteNonQuery("INSERT INTO ForumGroups (GroupName) VALUES (?)", tbForumGroup.Text); forumGroup = Convert.ToInt32(Cn.ExecuteScalar("SELECT GroupID FROM ForumGroups WHERE GroupName='" + tbForumGroup.Text + "'")); } else { forumGroup = int.Parse(ddlForumGroup.SelectedValue); } string uploadDir = Attachments.GetIconsDirAbsolutePath(); string iconFileName = iconUpload.PostedFile.FileName; if (iconFileName != "" && !Attachments.IsExtForbidden(iconFileName)) { //deleting old iconfile form disk object res = Cn.ExecuteScalar("SELECT IconFile FROM Forums WHERE ForumID=" + _forumId); if (res != null && res.ToString() != "") { File.Delete(uploadDir + "\\" + res); } iconFileName = Path.GetFileName(iconFileName); //rename if the file already exists iconFileName = Utils.Attachments.ChangeFileNameIfAlreadyExists(iconFileName, uploadDir); iconUpload.PostedFile.SaveAs(uploadDir + "\\" + iconFileName); //saving icon to DB Cn.ExecuteNonQuery("UPDATE Forums SET IconFile=? WHERE ForumID=?", iconFileName, _forumId); } Cn.ExecuteNonQuery("UPDATE Forums SET Title=?, Description=?, Premoderated=?, GroupID=?, MembersOnly=?, RestrictTopicCreation=? WHERE ForumID=?", tbTitle.Text, tbDescr.Text, cbPremoderated.Checked, forumGroup, cbMembersOnly.Checked, cbRestrictTopicCreation.Checked, _forumId); Cn.Close(); //to update the front-page with new name, icon etc. Forum.ClearFrontPageCacheForGuests(); Response.Redirect("admin.aspx", true); //tbForumGroup.Text = ""; //BindForumProperties(); }
protected void btnSave_Click(object sender, System.EventArgs e) { //reset avatar cache for current user (BECAUSE email can change!!!!) if (Utils.User.CurrentUserID == _editedUserID) { Session["AvatarPath"] = null; } string username = tbUsername.Text.Replace("<", "<").Replace(">", ">"); string email = tbEmail.Text.Replace("<", "<").Replace(">", ">"); string interests = tbInterests.Text.Replace("<", "<").Replace(">", ">"); string homepage = tbHomepage.Text.Replace("<", "<").Replace(">", ">"); string firstName = tbFirstName.Text.Trim().Replace("<", "<").Replace(">", ">"); string lastName = tbLastName.Text.Trim().Replace("<", "<").Replace(">", ">"); string signature = tbSignature.Text.Trim().Replace("<", "<").Replace(">", ">"); signature = (signature.Length > 1000 ? signature.Substring(0, 1000) : signature); //check is a user tries to change his username but IntegratedAuth is ON if (Utils.Settings.IntegratedAuthentication && _editedUserID == CurrentUserID && tbUsername.Text.ToLower() != Session["aspnetforumUserName"].ToString().ToLower()) { lblResult.Text = Resources.various.ErrorIntegratedUserName; return; } //check username uniqueness Cn.Open(); var res = Cn.ExecuteScalar("SELECT UserID FROM ForumUsers WHERE UserName=? AND UserID<>?", username, _editedUserID); if (res != null) { Cn.Close(); lblResult.Text = string.Format(Resources.various.ErrorUserExists, username); return; } //update settings Cn.ExecuteNonQuery("UPDATE ForumUsers SET UserName=?, Email=?, Homepage=?, Interests=?, Signature=?, FirstName=?, LastName=?, HidePresence=? WHERE UserID=?", username, email, homepage, interests, signature, firstName, lastName, cbHidePresence.Checked, _editedUserID); Cn.Close(); if (_editedUserID == CurrentUserID) { Session["aspnetforumUserName"] = username; } lblResult.Text = Resources.various.ProfileSaved; //to show avatar img ShowUserInfo(); }
private void SubscribeButtonVisibility() { if (!_bMailNotificationsEnabled || CurrentUserID == 0) { btnSubscribeTop.Visible = spanSubcriptionTop.Visible = false; btnUnsubscribeTop.Visible = false; return; } spanSubcriptionTop.Visible = true; object res = Cn.ExecuteScalar("SELECT TopicID FROM ForumSubscriptions WHERE UserID=" + CurrentUserID + " AND TopicID=" + _topicID); btnSubscribeTop.Visible = (res == null); btnUnsubscribeTop.Visible = (res != null); }
protected void btnReset_Click(object sender, System.EventArgs e) { string uploadDir = Utils.Attachments.GetIconsDirAbsolutePath(); Cn.Open(); //deleting old iconfile form disk object res = Cn.ExecuteScalar("SELECT IconFile FROM Forums WHERE ForumID=" + _forumId); if (res != null && res.ToString() != "") { File.Delete(uploadDir + "\\" + res); } //saving icon to DB Cn.ExecuteNonQuery("UPDATE Forums SET IconFile=? WHERE ForumID=?", "", _forumId); Cn.Close(); imgForumIcon.ImageUrl = forums.GetForumIcon(""); }
protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { Cn.Open(); object res = Cn.ExecuteScalar("SELECT ForumID FROM Forums"); Cn.Close(); if (res == null) { lblNoForumsFound.Visible = true; divAddSubforum.Visible = false; lblNoSubForums.Visible = true; return; } BindSubForums(); BindDropDownLists(); } }
protected void btnAdd_Click(object sender, EventArgs e) { if (!IsValid) { return; } string username = txUserName.Text.Trim(); Cn.Open(); var res = Cn.ExecuteScalar("select UserID from ForumUsers WHERE UserName=?", username); if (res == null) { res = Cn.ExecuteScalar("select UserID from ForumUsers WHERE Email=?", txEmail.Text); if (res == null) { int userId = Utils.User.CreateUser(username, txEmail.Text, Utils.Password.CalculateHash(txPsw.Text), txHomepage.Text, string.Empty, false); lblError.Visible = false; lblSuccess.Visible = true; Response.Redirect("viewprofile.aspx?UserID=" + userId); } else { lblError.Text = "Email address already exists!"; lblError.Visible = true; lblSuccess.Visible = false; } } else { lblError.Text = "User already exists!"; lblError.Visible = true; lblSuccess.Visible = false; } Cn.Close(); }
protected void Page_Load(object sender, System.EventArgs e) { //firefox html3.2 rendering fix cboWhoAmI.Style.Add("width", "30%"); tbSubj.Style.Add("width", "100%"); tbMsg.Style.Add("width", "100%"); tbSubj.Attributes["placeholder"] = Resources.various.Subject; btnSave.Text = Resources.various.AddMessage; cbSubscribe.Text = Resources.various.NotifyMeOnReply; _allowFileUploads = Utils.Settings.EnableFileUploads; divFiles.Visible = _allowFileUploads && (CurrentUserID != 0) && !_isIPhoneOrAndroid; _allowGuestPosts = Utils.Settings.AllowGuestPosts; if (Request.QueryString["TopicID"] != null) { _topicID = int.Parse(Request.QueryString["TopicID"]); } if (Request.QueryString["ForumID"] != null) { _forumID = int.Parse(Request.QueryString["ForumID"]); } if (_forumID == 0 && _topicID == 0) { Response.Write("Either Topic or Forum must be specified"); Response.End(); } //if we have an unauthorized user if (CurrentUserID == 0 && !_allowGuestPosts) { Response.Write("Sorry, posting and editing is allowed only for authenticated users"); Response.End(); } cbSubscribe.Visible = Utils.Settings.MailNotificationsEnabled && (CurrentUserID != 0) && !_isIPhoneOrAndroid; btnSmilies.Visible = Utils.Settings.AllowSmilies && !_isIPhoneOrAndroid; spanUtils.Visible = divEditbar.Visible = btnPreview.Visible = !_isIPhoneOrAndroid; Cn.Open(); // Figure out if we're editing or quoting a message, and extract the ID. _messageId = 0; if (Request.QueryString["Edit"] != null) { _messageId = int.Parse(Request.QueryString["Edit"]); _isEditing = true; btnSave.Text = "update message"; //check if it's the first msg in a topic - to see if we should allow changing the topic text object res = Cn.ExecuteScalar("SELECT MIN(MessageID) FROM ForumMessages WHERE TopicID=" + _topicID); _changeTopic = (Convert.ToInt32(res) == _messageId); } if (Request.QueryString["Quote"] != null) { _messageId = int.Parse(Request.QueryString["Quote"]); _isEditing = false; } if (_forumID == 0) //we're NOT adding a new topic to a forum, we're adding msg to an existing { _addTopic = false; bool isTopicClosed = false; string tWhoAmI = ""; DbDataReader dr = Cn.ExecuteReader("SELECT Forums.ForumID, Forums.Title, Forums.Premoderated, ForumTopics.IsClosed, ForumTopics.Subject, ForumTopics.WhoAmI FROM Forums INNER JOIN ForumTopics ON Forums.ForumID=ForumTopics.ForumID WHERE ForumTopics.TopicID=" + _topicID); if (dr.Read()) { _forumID = Convert.ToInt32(dr["ForumID"]); _premoderated = Convert.ToBoolean(dr["Premoderated"]); isTopicClosed = Convert.ToBoolean(dr["IsClosed"]); ForumTitle = dr["Title"].ToString(); cboWhoAmI.SelectedValue = dr["WhoAmI"].ToString(); if (_changeTopic) { if (!IsPostBack) { tbSubj.Text = dr["Subject"].ToString(); } } else { lblSubjectText.Text = dr["Subject"].ToString(); //let's hsow the subj when replying } } dr.Close(); if (isTopicClosed && !_isEditing) { Cn.Close(); Response.End(); return; } } else //we're adding a NEW TOPIC to a forum { _addTopic = true; DbDataReader dr = Cn.ExecuteReader("SELECT Forums.ForumID, Forums.Title, Forums.Premoderated FROM Forums WHERE Forums.ForumID=" + _forumID); if (dr.Read()) { _premoderated = Convert.ToBoolean(dr["Premoderated"]); ForumTitle = dr["Title"].ToString(); } dr.Close(); } divPolls.Visible = _addTopic && !_isIPhoneOrAndroid; if (!Utils.Forum.CheckForumPostPermissions(_forumID, CurrentUserID)) { lblDenied.Visible = true; divMain.Visible = false; } if (_addTopic || _changeTopic) { tbSubj.Visible = true; reqSubject.Enabled = true; } if (!_addTopic) { if (!IsPostBack) { //set the "subscribe me" checkbox if (cbSubscribe.Visible) { var res = Cn.ExecuteScalar("SELECT UserID FROM ForumSubscriptions WHERE UserID=" + CurrentUserID + " AND TopicID=" + _topicID); cbSubscribe.Checked = (res != null); } if (!_isIPhoneOrAndroid) { //display previous messages in a topic var dr = Cn.ExecuteReader( @"SELECT ForumMessages.Body, ForumUsers.UserName, ForumMessages.CreationDate FROM ForumMessages LEFT JOIN ForumUsers ON ForumUsers.UserID=ForumMessages.UserID WHERE ForumMessages.TopicID=" + _topicID + " and ForumMessages.Visible=? ORDER BY ForumMessages.CreationDate DESC", true); rptMessages.DataSource = dr; rptMessages.DataBind(); dr.Close(); } else { rptMessages.Visible = false; } } } //if we-re quoting or editing if (_messageId != 0) { //get the author of the edited message object res = Cn.ExecuteScalar("SELECT UserID FROM ForumMessages WHERE MessageID=" + _messageId); _messageAuthorID = (res == null ? -1 : Convert.ToInt32(res)); //IF not PostBack - lets pre-fill the body field with the message text and show attachments if (!IsPostBack) { DbDataReader dr; //show attachments if (_isEditing) { dr = Cn.ExecuteReader("SELECT FileID, FileName FROM ForumUploadedFiles WHERE MessageID=" + _messageId); rptExistingFiles.DataSource = dr; rptExistingFiles.DataBind(); rptExistingFiles.Visible = (rptExistingFiles.Items.Count > 0); dr.Close(); } dr = Cn.ExecuteReader("SELECT ForumMessages.Body, ForumUsers.UserName, ForumUsers.FirstName, ForumUsers.LastName, ForumMessages.UserID FROM ForumMessages LEFT OUTER JOIN ForumUsers ON ForumUsers.UserID=ForumMessages.UserID WHERE ForumMessages.MessageID=" + _messageId); if (dr.Read()) { string body = dr["Body"].ToString().Replace("<br>", "\r\n").Replace("<br/>", "\r\n").Replace("<br />", "\r\n"); body = System.Text.RegularExpressions.Regex.Replace(body, @"<\S[^>]*>", ""); //if its quoting if (!_isEditing) { //remove domain from username (in case its windows auth) string uname = Utils.User.GetUserDisplayName(dr["UserName"].ToString(), dr["FirstName"].ToString(), dr["LastName"].ToString()); tbMsg.Text = "[quote=" + uname + "]" + body + "[/quote]\r\n\r\n"; } else //if its editing { tbMsg.Text = body; } } dr.Close(); } } Cn.Close(); }
protected void btnSave_Click(object sender, System.EventArgs e) { if (CurrentUserID == 0 && _allowGuestPosts) { if (tbImgCode.Text != (string)Session["CaptchaImageText"]) { return; } } string WhoAmI = cboWhoAmI.SelectedValue; if (WhoAmI == "") { return; } string msg = tbMsg.Text.Trim(); if (msg == "") { return; } msg = msg.Replace("<", "<").Replace(">", ">"); bool isModer = IsModerator(_forumID); bool shouldItBeVisible = (!_premoderated) || isModer; if (!Utils.Attachments.CheckAttachmentsSize()) { lblMaxSize.Text = Utils.Settings.MaxUploadFileSize / 1000 + " Kb"; lblMaxSize.Visible = lblFileSizeError.Visible = true; return; } else { lblMaxSize.Visible = lblFileSizeError.Visible = false; } Cn.Open(); if (_addTopic || _changeTopic) //creating a new topic or editing topic title { string subj = tbSubj.Text.Trim(); if (subj == "") { Cn.Close(); return; } if (WhoAmI == "") { Cn.Close(); return; } subj = subj.Replace("<", "<").Replace(">", ">"); if (_addTopic) { //_topicID = Utils.Topic.CreateTopic(Cn, _forumID, CurrentUserID, subj, msg, WhoAmI, shouldItBeVisible); //CREATE A POLL (if specified) string pollQuestion = tbPollQuestion.Text.Trim().Replace("<", "<").Replace(">", ">"); if (pollQuestion.Length > 0) { //add poll Utils.Topic.CreatePoll(Cn, _topicID, pollQuestion, GetPollOptionsFromRequestForm()); } } else if (_changeTopic) //edit topic subj { Utils.Topic.ChangeTopicSubject(Cn, _topicID, subj); } } //saving notifications settings Utils.SendNotifications.UpdateTopicNotificationSettings(CurrentUserID, _topicID, cbSubscribe.Checked, Cn); // MESSAGE: Inserting or updating? if (_isEditing) { //if moderatro, admin or message author if (isModer || _messageAuthorID == CurrentUserID) { Utils.Message.UpdateMessageText(Cn, _messageId, msg, shouldItBeVisible); Utils.Attachments.SaveAttachments(_messageId, false, Cn); } } else //inserting { _messageId = Utils.Message.AddMessage(Cn, _topicID, msg, shouldItBeVisible, Utils.Various.GetUserIpAddress(Request), _addTopic, WhoAmI); Utils.Attachments.SaveAttachments(_messageId, false, Cn); } if (_premoderated && !isModer) { Cn.Close(); Response.Redirect("premoderatedmessage.aspx"); } else { //count messages to compute the number of pages //(needed to get the user redirected to the last page) int numMessages = Convert.ToInt32( Cn.ExecuteScalar("SELECT COUNT(MessageID) FROM ForumMessages WHERE Visible=? AND TopicID=" + _topicID, true)); int numPages = (numMessages - 1) / PageSize; Cn.Close(); string subject = (_changeTopic || _addTopic) ? tbSubj.Text : lblSubjectText.Text; string url = Utils.Various.GetTopicURL(_topicID, subject); string sep = url.IndexOf("?") > -1 ? "&" : "?"; url = (numPages > 0) ? url + sep + "Page=" + numPages : url; url += sep + "MessageID=" + _messageId; Response.Redirect(url); } }
private void ShowPollIfAny() { object res = Cn.ExecuteScalar("SELECT PollID FROM ForumPolls WHERE TopicID=" + _topicID); if (res == null) //it is NOT a poll { return; } _pollID = Convert.ToInt32(res); divPoll.Visible = true; bool bShowResults; DbDataReader dr; //get poll name dr = Cn.ExecuteReader("SELECT * FROM ForumPolls WHERE PollID=" + _pollID); dr.Read(); lblPollName.Text = dr["Question"].ToString(); dr.Close(); if (CurrentUserID != 0) //check if current user already voted { res = Cn.ExecuteScalar("SELECT UserID FROM ForumPollAnswers WHERE OptionID IN (SELECT OptionID FROM ForumPollOptions WHERE PollID=" + _pollID + ") AND UserID=" + CurrentUserID); bShowResults = (res != null); //user has voted } else { bShowResults = true; } rblOptions.Visible = !bShowResults; rptVoteResults.Visible = bShowResults; btnVote.Visible = !bShowResults; if (bShowResults) //showing poll results { DataTable dt = new DataTable(); dr = Cn.ExecuteReader( @"SELECT COUNT(ForumPollAnswers.UserID) as VoteCount, ForumPollOptions.OptionID, ForumPollOptions.OptionText FROM ForumPollAnswers RIGHT OUTER JOIN ForumPollOptions ON ForumPollOptions.OptionID = ForumPollAnswers.OptionID WHERE ForumPollOptions.PollID=" + _pollID + @" GROUP BY ForumPollOptions.OptionID, ForumPollOptions.OptionText" ); dt.Load(dr); dr.Close(); //now let's fin max vote count\ _maxvotecount = 0; foreach (DataRow row in dt.Rows) { if (_maxvotecount <= Convert.ToInt32(row["VoteCount"])) { _maxvotecount = Convert.ToInt32(row["VoteCount"]); } } rptVoteResults.DataSource = dt; rptVoteResults.DataBind(); } else if (!IsNonLoginPostBack) //bind poll voting controls { dr = Cn.ExecuteReader("SELECT OptionID, OptionText FROM ForumPollOptions WHERE PollID=" + _pollID); rblOptions.DataSource = dr; rblOptions.DataBind(); dr.Close(); } }