private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to default page Response.Redirect("default.aspx", true); } // Check access credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); bool userMayDoThreadManagement = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ForumSpecificThreadManagement) || SessionAdapter.HasSystemActionRight(ActionRights.SystemWideThreadManagement); if (!userHasAccess || !userMayDoThreadManagement) { // doesn't have access to this forum or may not alter the thread's properties. redirect Response.Redirect("default.aspx"); } if (!Page.IsPostBack) { chkIsClosed.Checked = _thread.IsClosed; chkIsSticky.Checked = _thread.IsSticky; tbxSubject.Value = _thread.Subject; } }
/// <summary> /// Returns a tuple with an action result and the thread with the id specified if valid. /// if security check failed the action result will be set to the action to redirect to, otherwise it will return null. /// </summary> /// <param name="threadId">the threadid to check security for</param> /// <returns></returns> private async Task<(ActionResult redirectResult, ThreadEntity thread)> PerformSecurityCheckAsync(int threadId) { var thread = await ThreadGuiHelper.GetThreadAsync(threadId); if(thread == null) { // not found, return to start page return (RedirectToAction("Index", "Home"), null); } // Check credentials bool userHasAccess = this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, ActionRights.AccessForum); if(!userHasAccess) { // doesn't have access to this forum. redirect return (RedirectToAction("Index", "Home"), null); } // check if the user can view this thread. If not, don't continue. if(thread.StartedByUserID != this.HttpContext.Session.GetUserID() && !this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !thread.IsSticky) { // can't view this thread, it isn't visible to the user return (RedirectToAction("Index", "Home"), null); } if(!this.HttpContext.Session.HasSystemActionRight(ActionRights.QueueContentManagement)) { return (RedirectToAction("Index", "Home"), null); } // All ok return (null, thread); }
protected void PostMessageHandler(object sender, System.EventArgs e) { int userID = SessionAdapter.GetUserID(); // store the new message in the given thread string mailTemplate = ApplicationAdapter.GetEmailTemplate(EmailTemplate.ThreadUpdatedNotification); int messageID = ThreadManager.CreateNewMessageInThread(_thread.ThreadID, userID, meMessageEditor.MessageText, meMessageEditor.MessageTextHTML, Request.UserHostAddress.ToString(), meMessageEditor.MessageTextXML, meMessageEditor.SubscribeToThread, mailTemplate, ApplicationAdapter.GetEmailData(), CacheManager.GetSystemData().SendReplyNotifications); // invalidate forum RSS in cache ApplicationAdapter.InvalidateCachedForumRSS(_thread.ForumID); // if auditing is required, we've to do this now. if (SessionAdapter.CheckIfNeedsAuditing(AuditActions.AuditNewMessage)) { SecurityManager.AuditNewMessage(userID, messageID); } // invalidate forum in asp.net cache CacheManager.InvalidateCachedItem(CacheManager.ProduceCacheKey(CacheKeys.SingleForum, _thread.ForumID)); // all ok, redirect to message list int startAtMessageIndex = ThreadGuiHelper.GetStartAtMessageForGivenMessageAndThread(_thread.ThreadID, messageID, SessionAdapter.GetUserDefaultNumberOfMessagesPerPage()); if (meMessageEditor.AddAttachment) { // redirect to manage attachment form for this message Response.Redirect(string.Format("Attachments.aspx?SourceType=1&MessageID={0}", messageID), true); } else { Response.Redirect(string.Format("Messages.aspx?ThreadID={0}&StartAtMessage={1}&#{2}", _thread.ThreadID, startAtMessageIndex, messageID), true); } }
public async Task <ActionResult> Delete(int id = 0) { if (this.HttpContext.Session.IsAnonymousUser()) { return(RedirectToAction("Index", "Home")); } var message = await MessageGuiHelper.GetMessageAsync(id); if (message == null) { return(RedirectToAction("Index", "Home")); } var thread = await ThreadGuiHelper.GetThreadAsync(message.ThreadID); if (thread == null) { return(RedirectToAction("Index", "Home")); } // Only delete if the message isn't the first in the thread (as that's not allowed), and whether the user is allowed to delete messages in that forum at all. var messageIsFirstInThread = await ThreadGuiHelper.CheckIfMessageIsFirstInThreadAsync(thread.ThreadID, id); if (!messageIsFirstInThread && this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, ActionRights.EditDeleteOtherUsersMessages)) { await MessageManager.DeleteMessageAsync(id, thread.ThreadID); } return(RedirectToAction("Index", "Thread", new { threadId = thread.ThreadID, pageNo = 1 })); }
private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); int messageID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["MessageID"]); int startAtMessage = ThreadGuiHelper.GetStartAtMessageForGivenMessageAndThread(threadID, messageID, SessionAdapter.GetUserDefaultNumberOfMessagesPerPage()); Response.Redirect("Messages.aspx?ThreadID=" + threadID + "&StartAtMessage=" + startAtMessage + "&#" + messageID, true); }
/// <summary> /// Calculates the redirect to message with the id specified. This is a response to the index action on the thread controller, with the proper page and '#' id redirect. /// </summary> /// <param name="threadId">The thread identifier.</param> /// <param name="messageId">The message identifier.</param> /// <returns></returns> private async Task <ActionResult> CalculateRedirectToMessageAsync(int threadId, int messageId) { var maxAmountMessagesPerPage = this.HttpContext.Session.GetUserDefaultNumberOfMessagesPerPage(); var idOfStartMessage = await ThreadGuiHelper.GetStartAtMessageForGivenMessageAndThreadAsync(threadId, messageId, maxAmountMessagesPerPage); int startAtMessageNo = messageId > 0 ? idOfStartMessage : 0; int currentPageNo = (startAtMessageNo / maxAmountMessagesPerPage) + 1; return(Redirect(this.Url.Action("Index", "Thread", new { threadId = threadId, pageNo = currentPageNo }) + "#" + messageId)); }
private void Page_Load(object sender, System.EventArgs e) { // fill the page's content List <int> accessableForums = SessionAdapter.GetForumsWithActionRight(ActionRights.AccessForum); DataView activeThreads = ThreadGuiHelper.GetActiveThreadsAsDataView(accessableForums, CacheManager.GetSystemData().HoursThresholdForActiveThreads, SessionAdapter.GetForumsWithActionRight(ActionRights.ViewNormalThreadsStartedByOthers), SessionAdapter.GetUserID()); rpThreads.DataSource = activeThreads; rpThreads.DataBind(); }
/// <summary> /// Handles the Load event of the Page control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to start page Response.Redirect("default.aspx"); } // Check credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx"); } // show user IP addresses if the user has system admin rights, security admin rights or user admin rights. _showIPAddresses = (SessionAdapter.HasSystemActionRight(ActionRights.SystemManagement) || SessionAdapter.HasSystemActionRight(ActionRights.SecurityManagement) || SessionAdapter.HasSystemActionRight(ActionRights.UserManagement)); // Get the forum entity related to the thread. Use BL class. We could have used Lazy loading, though for the sake of separation, we'll // call into the BL class. ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // not found, orphaned thread, return to default page. Response.Redirect("default.aspx"); } // check if the user can view this thread. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !_thread.IsSticky) { // can't view this thread, it isn't visible to the user Response.Redirect("default.aspx", true); } lblForumName_Header.Text = forum.ForumName; if (!Page.IsPostBack) { bool threadStartedByCurrentUser = (_thread.StartedByUserID == SessionAdapter.GetUserID()); // Get messages and bind it to the repeater control. Use the startmessage to get only the message visible on the current page. MessagesInThreadTypedList messages = ThreadGuiHelper.GetAllMessagesInThreadAsTypedList(threadID, 0, 0); rptMessages.DataSource = messages; rptMessages.DataBind(); } }
protected void PostMessageHandler(object sender, System.EventArgs e) { string mailTemplate = ApplicationAdapter.GetEmailTemplate(EmailTemplate.ThreadUpdatedNotification); // store the new message in the given thread and close it directly. int messageID = ThreadManager.CreateNewMessageInThreadAndCloseThread(_thread.ThreadID, SessionAdapter.GetUserID(), meMessageEditor.MessageText, meMessageEditor.MessageTextHTML, Request.UserHostAddress.ToString(), meMessageEditor.MessageTextXML, mailTemplate, ApplicationAdapter.GetEmailData(), CacheManager.GetSystemData().SendReplyNotifications); // all ok, redirect to message list int startAtMessageID = ThreadGuiHelper.GetStartAtMessageForGivenMessageAndThread(_thread.ThreadID, messageID, SessionAdapter.GetUserDefaultNumberOfMessagesPerPage()); Response.Redirect("Messages.aspx?ThreadID=" + _thread.ThreadID + "&StartAtMessage=" + startAtMessageID + "&#" + messageID, true); }
private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to default page Response.Redirect("default.aspx", true); } // Check credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx"); } bool userMayDeleteThread = SessionAdapter.HasSystemActionRight(ActionRights.SystemWideThreadManagement); if (!userMayDeleteThread) { // doesn't have the right to delete a thread. redirect Response.Redirect("Messages.aspx?ThreadID=" + threadID, true); } // check if the user can view this thread. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !_thread.IsSticky) { // can't view this thread, it isn't visible to the user Response.Redirect("default.aspx", true); } if (!Page.IsPostBack) { // fill the page's content ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // Orphaned thread Response.Redirect("default.aspx", true); } lblForumName.Text = forum.ForumName; lblThreadSubject.Text = HttpUtility.HtmlEncode(_thread.Subject); } }
protected void PostMessageHandler(object sender, System.EventArgs e) { int userID = SessionAdapter.GetUserID(); bool result = MessageManager.UpdateEditedMessage(userID, _editMessageID, meMessageEditor.MessageText, meMessageEditor.MessageTextHTML, Request.UserHostAddress, meMessageEditor.MessageTextXML); if (SessionAdapter.CheckIfNeedsAuditing(AuditActions.AuditAlteredMessage)) { SecurityManager.AuditAlteredMessage(userID, _editMessageID); } // all ok, redirect to thread list int startAtMessageID = ThreadGuiHelper.GetStartAtMessageForGivenMessageAndThread(_thread.ThreadID, _editMessageID, SessionAdapter.GetUserDefaultNumberOfMessagesPerPage()); Response.Redirect("Messages.aspx?ThreadID=" + _thread.ThreadID + "&StartAtMessage=" + startAtMessageID + "&#" + _editMessageID, false); }
public async Task <ActionResult> Active() { var systemData = await _cache.GetSystemDataAsync(); var aggregatedActiveThreadsData = await ThreadGuiHelper.GetActiveThreadsAggregatedData(this.HttpContext.Session.GetForumsWithActionRight(ActionRights.AccessForum), systemData?.HoursThresholdForActiveThreads ?? 0, this.HttpContext.Session.GetForumsWithActionRight(ActionRights.ViewNormalThreadsStartedByOthers), this.HttpContext.Session.GetUserID()); var viewData = new ThreadsData() { ThreadRows = aggregatedActiveThreadsData }; return(View(viewData)); }
/// <summary> /// Performs the basic security check for the logged in user if that user has any access rights to this thread at all. It doesn't check specific thread actions. /// </summary> /// <param name="threadId">the thread id</param> /// <param name="allowAnonymous">if set to true, anonymous users are allowed, otherwise they're denied access</param> /// <returns>A tuple with a redirectaction and the thread of the threadId specified. /// The redirectaction is set to an action result to redirect to if the current user shouldn't be here, otherwise null</returns> private async Task <(ActionResult redirectResult, ThreadEntity thread)> PerformSecurityCheckAsync(int threadId, bool allowAnonymous) { var thread = await ThreadGuiHelper.GetThreadAsync(threadId); if (thread == null || !allowAnonymous && this.HttpContext.Session.IsAnonymousUser() || !this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, ActionRights.AccessForum)) { return(RedirectToAction("Index", "Home"), null); } // check if the user can view this thread. If not, don't continue. if ((thread.StartedByUserID != this.HttpContext.Session.GetUserID()) && !this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !thread.IsSticky) { return(RedirectToAction("Index", "Home"), null); } // All OK return(null, thread); }
private async Task <(bool userMayAddMessages, ThreadEntity thread)> PerformAddMessageSecurityChecksAsync(int threadId) { if (this.HttpContext.Session.IsAnonymousUser()) { return(false, null); } var thread = await ThreadGuiHelper.GetThreadAsync(threadId); if (thread == null) { return(false, null); } if (!this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, ActionRights.AccessForum)) { return(false, null); } var userMayAddMessages = false; if (!thread.IsClosed) { userMayAddMessages = this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, thread.IsSticky ? ActionRights.AddAndEditMessageInSticky : ActionRights.AddAndEditMessage); } // check if the user can view the thread the message is in. If not, don't continue. if (thread.StartedByUserID != this.HttpContext.Session.GetUserID() && !this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers)) { // can't edit this message, it's in a thread which isn't visible to the user userMayAddMessages = false; } return(userMayAddMessages, thread); }
protected void rptRSS_ItemDataBound(object sender, RepeaterItemEventArgs e) { switch (e.Item.ItemType) { case ListItemType.AlternatingItem: case ListItemType.Item: DataRowView currentRow = (DataRowView)e.Item.DataItem; string nickName = currentRow["NickName"].ToString(); string message = currentRow["MessageTextAsHTML"].ToString(); string subject = currentRow["Subject"].ToString(); Literal title = (Literal)e.Item.FindControl("title"); title.Text = HttpUtility.HtmlEncode(String.Format("{0} by {1}", subject, nickName)); Literal description = (Literal)e.Item.FindControl("description"); description.Text = HttpUtility.HtmlEncode(message); Literal link = (Literal)e.Item.FindControl("itemLink"); int threadID = (int)currentRow["ThreadID"]; int messageID = (int)currentRow["MessageID"]; int startAtMessage = ThreadGuiHelper.GetStartAtMessageForGivenMessageAndThread(threadID, messageID, ApplicationAdapter.GetMaxAmountMessagesPerPage()); link.Text = HttpUtility.HtmlEncode("http://" + Request.Url.Host + ApplicationAdapter.GetVirtualRoot() + String.Format(@"Messages.aspx?ThreadID=" + threadID + "&StartAtMessage=" + startAtMessage + "#" + messageID)); Literal permaLink = (Literal)e.Item.FindControl("permaLink"); permaLink.Text = link.Text; Literal pubDate = (Literal)e.Item.FindControl("pubDate"); pubDate.Text = String.Format("{0:R}", ((DateTime)currentRow["PostingDate"]).AddHours(-2)); Literal author = (Literal)e.Item.FindControl("author"); author.Text = nickName; Literal category = (Literal)e.Item.FindControl("threadName"); category.Text = HttpUtility.HtmlEncode(subject); break; } }
/// <summary> /// Handles the Load event of the Page control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void Page_Load(object sender, System.EventArgs e) { _editMessageID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["MessageID"]); _message = MessageGuiHelper.GetMessage(_editMessageID); if (_message == null) { // not found Response.Redirect("default.aspx"); } // We could have used Lazy loading here, but for the sake of separation, we use the BL method. _thread = ThreadGuiHelper.GetThread(_message.ThreadID); if (_thread == null) { // not found. Orphaned message. Response.Redirect("default.aspx"); } // Check credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx", true); } // Check if the current user is allowed to edit the message. bool userMayEditMessages = false; if (!_thread.IsClosed) { if (_thread.IsSticky) { userMayEditMessages = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAndEditMessageInSticky); } else { userMayEditMessages = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAndEditMessage); } } // User has the right to generally edit messages. Check if the user has the right to edit other peoples messages // and if not, if the user is the poster of this message. If not, no can do. if (!SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.EditDeleteOtherUsersMessages)) { // cannot edit other people's messages. Check if this message is posted by the current user. if (_message.PostedByUserID != SessionAdapter.GetUserID()) { // not allowed userMayEditMessages = false; } } if (!userMayEditMessages) { // is not allowed to edit the message Response.Redirect("Messages.aspx?ThreadID=" + _message.ThreadID, true); } // use BL class. We could have used Lazy loading, though for the sake of separation, we'll call into the BL class. ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // orphaned thread Response.Redirect("default.aspx"); } // check if the user can view the thread the message is in. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers)) { // can't edit this message, it's in a thread which isn't visible to the user Response.Redirect("default.aspx", true); } _startAtMessageIndex = HnDGeneralUtils.TryConvertToInt(Request.QueryString["StartAtMessage"]); // User may edit current message. if (!Page.IsPostBack) { // fill the page's content lnkThreads.Text = HttpUtility.HtmlEncode(forum.ForumName); lnkThreads.NavigateUrl += "?ForumID=" + _thread.ForumID; meMessageEditor.ForumName = forum.ForumName; meMessageEditor.ThreadSubject = _thread.Subject; lblSectionName.Text = CacheManager.GetSectionName(forum.SectionID); lnkMessages.NavigateUrl += _message.ThreadID; lnkMessages.Text = HttpUtility.HtmlEncode(_thread.Subject); meMessageEditor.OriginalMessageText = _message.MessageText; } }
protected void Page_Load(object sender, EventArgs e) { int messageID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["MessageID"]); _message = MessageGuiHelper.GetMessage(messageID); if (_message == null) { // not found Response.Redirect("default.aspx", true); } _sourceType = HnDGeneralUtils.TryConvertToInt(Request.QueryString["SourceType"]); switch (_sourceType) { case 1: // new message, or message view, for now no action needed break; case 2: // new thread, for now no action needed break; default: // unknown, redirect Response.Redirect("default.aspx", true); break; } // We could have used Lazy loading here, but for the sake of separation, we use the BL method. _thread = ThreadGuiHelper.GetThread(_message.ThreadID); if (_thread == null) { // not found. Orphaned message. Response.Redirect("default.aspx", true); } _forum = CacheManager.GetForum(_thread.ForumID); if (_forum == null) { // not found. Response.Redirect("default.aspx", true); } // check if this forum accepts attachments. if (_forum.MaxNoOfAttachmentsPerMessage <= 0) { // no, so no right to be here nor is the user here via a legitimate route. Response.Redirect("default.aspx", true); } // Check credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx", true); } // check if the user can view this thread. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !_thread.IsSticky) { // can't view this thread, it isn't visible to the user Response.Redirect("default.aspx", true); } // Check if the current user is allowed to manage attachments of this message, and other rights. _userMayManageAttachments = ((_message.PostedByUserID == SessionAdapter.GetUserID()) || SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ManageOtherUsersAttachments)); _userCanAddAttachments = (((_message.PostedByUserID == SessionAdapter.GetUserID()) || SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ManageOtherUsersAttachments)) && SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAttachment)); _userCanApproveAttachments = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ApproveAttachment); phAttachmentLimits.Visible = _userMayManageAttachments; if (!Page.IsPostBack) { // fill the page's content lnkThreads.Text = HttpUtility.HtmlEncode(_forum.ForumName); lnkThreads.NavigateUrl += "?ForumID=" + _thread.ForumID; lblSectionName.Text = CacheManager.GetSectionName(_forum.SectionID); lnkMessages.NavigateUrl += _message.ThreadID; lnkMessages.Text = HttpUtility.HtmlEncode(_thread.Subject); lblMaxFileSize.Text = String.Format("{0} KB", _forum.MaxAttachmentSize); lblMaxNoOfAttachmentsPerMessage.Text = _forum.MaxNoOfAttachmentsPerMessage.ToString(); lnkMessage.Text += messageID.ToString(); lnkMessage.NavigateUrl += String.Format("MessageID={0}&ThreadID={1}", messageID, _thread.ThreadID); phAddNewAttachment.Visible = _userCanAddAttachments; BindAttachments(); } else { object numberOfAttachments = ViewState["numberOfAttachments"]; if (numberOfAttachments != null) { _numberOfAttachments = (int)numberOfAttachments; } } }
public async Task <ActionResult> Index(int threadId = 0, int pageNo = 1) { var(result, thread) = await PerformSecurityCheckAsync(threadId, allowAnonymous : true); if (result != null) { return(result); } var forum = await _cache.GetForumAsync(thread.ForumID); if (forum == null) { return(RedirectToAction("Index", "Home")); } int pageNoToFetch = pageNo < 1 ? 1 : pageNo; var numberOfMessages = await ThreadGuiHelper.GetTotalNumberOfMessagesInThreadAsync(threadId); var numberOfMessagesPerPage = this.HttpContext.Session.GetUserDefaultNumberOfMessagesPerPage(); var userID = this.HttpContext.Session.GetUserID(); var threadData = new ThreadData() { Thread = thread, ForumName = forum.ForumName, SectionName = await _cache.GetSectionNameAsync(forum.SectionID), PageNo = pageNo, PageSize = numberOfMessagesPerPage, NumberOfPages = ((numberOfMessages - 1) / numberOfMessagesPerPage) + 1, ShowIPAddresses = (this.HttpContext.Session.HasSystemActionRight(ActionRights.SystemManagement) || this.HttpContext.Session.HasSystemActionRight(ActionRights.SecurityManagement) || this.HttpContext.Session.HasSystemActionRight(ActionRights.UserManagement)), ForumMaxNumberOfAttachmentsPerMessage = forum.MaxNoOfAttachmentsPerMessage, ThreadStartedByCurrentUser = thread.StartedByUserID == userID, UserMayAddAttachments = this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, ActionRights.AddAttachment), UserCanCreateThreads = this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, ActionRights.AddNormalThread) || this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, ActionRights.AddStickyThread), UserCanApproveAttachments = this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, ActionRights.ApproveAttachment), UserMayDoForumSpecificThreadManagement = this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, ActionRights.ForumSpecificThreadManagement), UserMayDoSystemWideThreadManagement = this.HttpContext.Session.HasSystemActionRight(ActionRights.SystemWideThreadManagement), UserMayEditMemo = this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, ActionRights.EditThreadMemo), UserMayMarkThreadAsDone = (this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, ActionRights.FlagThreadAsDone) || (thread.StartedByUserID == userID)), UserMayManageSupportQueueContents = this.HttpContext.Session.HasSystemActionRight(ActionRights.QueueContentManagement), UserMayManageOtherUsersAttachments = this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, ActionRights.ManageOtherUsersAttachments), UserMayDoBasicThreadOperations = !this.HttpContext.Session.IsAnonymousUser(), ThreadIsBookmarked = await UserGuiHelper.CheckIfThreadIsAlreadyBookmarkedAsync(userID, threadId), ThreadIsSubscribed = await UserGuiHelper.CheckIfThreadIsAlreadySubscribedAsync(userID, threadId), ThreadMessages = await ThreadGuiHelper.GetAllMessagesInThreadAsDTOsAsync(threadId, pageNoToFetch, numberOfMessagesPerPage), }; if (!thread.IsClosed) { threadData.UserMayAddNewMessages = this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, thread.IsSticky ? ActionRights.AddAndEditMessageInSticky : ActionRights.AddAndEditMessage); threadData.ShowEditMessageLink = this.HttpContext.Session.CanPerformForumActionRight(thread.ForumID, ActionRights.EditDeleteOtherUsersMessages); } await FillSupportQueueInformationAsync(threadData); FillMemoInformation(threadData); return(View(threadData)); }
private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _deleteMessageID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["MessageID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to default page Response.Redirect("default.aspx", true); } // Check if the current user is allowed to delete the message. If not, don't continue. _userMayDeleteMessages = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.EditDeleteOtherUsersMessages); if (!_userMayDeleteMessages) { // is not allowed to delete the message Response.Redirect("Messages.aspx?ThreadID=" + threadID, true); } // check if the user can view this thread. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !_thread.IsSticky) { // can't view this thread, it isn't visible to the user Response.Redirect("default.aspx", true); } // check if the message is the first message in the thread. If so, delete isn't allowed. if (ThreadGuiHelper.CheckIfMessageIsFirstInThread(threadID, _deleteMessageID)) { // is first in thread, don't proceed. Caller has fabricated the url manually. Response.Redirect("default.aspx", true); } // Get the message MessageEntity message = MessageGuiHelper.GetMessage(_deleteMessageID); // User may delete current message. if (!Page.IsPostBack) { if (message != null) { // message is found. ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // Orphaned thread Response.Redirect("default.aspx", true); } lblForumName_Header.Text = forum.ForumName; lblMessageBody.Text = message.MessageTextAsHTML; lblPostingDate.Text = message.PostingDate.ToString(@"dd-MMM-yyyy HH:mm:ss"); } else { btnYes.Visible = false; } } }
public async Task <ActionResult> Add(int threadId = 0, int messageIdToQuote = 0) { if (this.HttpContext.Session.IsAnonymousUser()) { return(RedirectToAction("Index", "Home")); } var(userMayAddMessages, thread) = await PerformAddMessageSecurityChecksAsync(threadId); if (!userMayAddMessages) { return(RedirectToAction("Index", "Home")); } MessageEntity messageToQuote = null; UserEntity userOfMessageToQuote = null; if (messageIdToQuote > 0) { messageToQuote = await MessageGuiHelper.GetMessageAsync(messageIdToQuote); if (messageToQuote == null || messageToQuote.ThreadID != threadId) { // doesn't exist, or is in another thread, ignore. return(RedirectToAction("Index", "Home")); } userOfMessageToQuote = await UserGuiHelper.GetUserAsync(messageToQuote.PostedByUserID); if (userOfMessageToQuote == null) { return(RedirectToAction("Index", "Home")); } } var forum = await _cache.GetForumAsync(thread.ForumID); if (forum == null) { return(RedirectToAction("Index", "Home")); } string messageTextForEditor = messageToQuote == null ? string.Empty : string.Format("@quote {0}{1}{2}{1}@end{1}", userOfMessageToQuote.NickName, Environment.NewLine, messageToQuote.MessageText); var messageData = new MessageData() { MessageText = messageTextForEditor, CurrentUserID = this.HttpContext.Session.GetUserID(), ForumID = forum.ForumID, ThreadID = thread.ThreadID, ForumName = forum.ForumName, SectionName = await _cache.GetSectionNameAsync(forum.SectionID), ThreadSubject = thread.Subject, PageNo = 1, LastMessageInThread = await ThreadGuiHelper.GetLastMessageInThreadDtoAsync(threadId), }; return(View(messageData)); }
/// <summary> /// Handles the Load event of the Page control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to default page Response.Redirect("default.aspx", true); } // Check credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx"); } bool userMayMoveThread = SessionAdapter.HasSystemActionRight(ActionRights.SystemWideThreadManagement); if (!userMayMoveThread) { // doesn't have access to this forum. redirect Response.Redirect("Messages.aspx?ThreadID=" + threadID, true); } // check if the user can view this thread. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !_thread.IsSticky) { // can't view this thread, it isn't visible to the user Response.Redirect("default.aspx", true); } if (!Page.IsPostBack) { // fill the page's content. Bind the known sections SectionCollection sections = CacheManager.GetAllSections(); cbxSections.DataSource = sections; cbxSections.DataBind(); lblThreadSubject.Text = HttpUtility.HtmlEncode(_thread.Subject); ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // Orphaned thread Response.Redirect("default.aspx", true); } // pre-select the section the forum is currently in. Do that with an in-memory search through the known sections. SectionEntity toFind = new SectionEntity(); toFind.Fields[(int)SectionFieldIndex.SectionID].ForcedCurrentValueWrite(forum.SectionID); toFind.IsNew = false; int index = sections.IndexOf(toFind); if (index >= 0) { cbxSections.SelectedIndex = index; } } }
private void Page_Load(object sender, System.EventArgs e) { if (!Page.IsPostBack) { this.Title += ApplicationAdapter.GetSiteName(); // first time loaded, fill in properties lblUserName.Text = SessionAdapter.GetUserNickName(); HttpContext hcCurrent = HttpContext.Current; DataTable bookmarkStatistics = null; // check if user is authenticated if (hcCurrent.Request.IsAuthenticated) { lblWelcomeTextLoggedIn.Visible = true; bookmarkStatistics = UserGuiHelper.GetBookmarkStatisticsAsDataTable(SessionAdapter.GetUserID()); } else { lblWelcomeTextNotLoggedIn.Visible = true; bookmarkStatistics = new DataTable(); } // check if the user has the action right to approve attachments on some forum. If so, show the # of attachments which need approval List <int> forumsWithApprovalRight = SessionAdapter.GetForumsWithActionRight(ActionRights.ApproveAttachment); bool canApproveAttachments = ((forumsWithApprovalRight != null) && (forumsWithApprovalRight.Count > 0)); if (canApproveAttachments) { int numberOfAttachmentsToApprove = MessageGuiHelper.GetTotalNumberOfAttachmentsToApprove( SessionAdapter.GetForumsWithActionRight(ActionRights.AccessForum), SessionAdapter.GetForumsWithActionRight(ActionRights.ApproveAttachment), SessionAdapter.GetForumsWithActionRight(ActionRights.ViewNormalThreadsStartedByOthers), SessionAdapter.GetUserID()); if (numberOfAttachmentsToApprove > 0) { phAttachmentsToApprove.Visible = true; phAttentionRemarks.Visible = true; } } if (SessionAdapter.HasSystemActionRight(ActionRights.QueueContentManagement)) { int numberOfThreadsInSupportQueues = SupportQueueGuiHelper.GetTotalNumberOfThreadsInSupportQueues( SessionAdapter.GetForumsWithActionRight(ActionRights.AccessForum)); if (numberOfThreadsInSupportQueues > 0) { phThreadsToSupport.Visible = true; phAttentionRemarks.Visible = true; } } DateTime lastVisitDate = SessionAdapter.GetLastVisitDate(); if (SessionAdapter.IsLastVisitDateValid()) { phLastVisitDate.Visible = true; lblLastVisitDate.Text = lastVisitDate.ToString("dd-MMM-yyyy HH:mm"); } // Get all sections which possibly can be displayed. Obtain this from the cache, as it's hardly changing data, and // this page is read a lot. _sectionsToDisplay = CacheManager.GetAllSections(); // Per section, create a view with all the forumdata and filter out the forums not visible for the current user. List <int> accessableForums = SessionAdapter.GetForumsWithActionRight(ActionRights.AccessForum); List <int> forumsWithThreadsFromOthers = SessionAdapter.GetForumsWithActionRight(ActionRights.ViewNormalThreadsStartedByOthers); _forumViewsPerDisplayedSection = ForumGuiHelper.GetAllAvailableForumsDataViews(_sectionsToDisplay, accessableForums, forumsWithThreadsFromOthers, SessionAdapter.GetUserID()); // filter out sections which do not have displayable forums for this user EntityView <SectionEntity> sectionsToUse = CreateFilteredSectionsCollection(); // show the sections with displayable forums, thus the displayable sections. rpSections.DataSource = sectionsToUse; rpSections.DataBind(); // get bookmarks and show them in the gui if ((bookmarkStatistics.Rows.Count <= 0) || ((bookmarkStatistics.Rows.Count == 1) && ((int)bookmarkStatistics.Rows[0][0] == 0))) { // no bookmarks yet lblAmountBookmarks.Text = "0"; lblAmountPostingsInBookmarks.Text = "0"; lblBookmarksLastPostingDate.Text = "Never"; imgIconBookmarkNoNewPosts.Visible = true; } else { lblAmountBookmarks.Text = bookmarkStatistics.Rows[0]["AmountThreads"].ToString(); lblAmountPostingsInBookmarks.Text = bookmarkStatistics.Rows[0]["AmountPostings"].ToString(); DateTime dateLastPosting = (DateTime)bookmarkStatistics.Rows[0]["LastPostingDate"]; lblBookmarksLastPostingDate.Text = dateLastPosting.ToString("dd-MMM-yyyy HH:mm"); if (dateLastPosting > lastVisitDate) { imgIconBookmarkNewPosts.Visible = true; } else { imgIconBookmarkNoNewPosts.Visible = true; } } DataTable activeThreadsStatistics = ThreadGuiHelper.GetActiveThreadsStatisticsAsDataTable(accessableForums, CacheManager.GetSystemData().HoursThresholdForActiveThreads, SessionAdapter.GetForumsWithActionRight(ActionRights.ViewNormalThreadsStartedByOthers), SessionAdapter.GetUserID()); if (activeThreadsStatistics != null) { if ((activeThreadsStatistics.Rows.Count <= 0) || ((activeThreadsStatistics.Rows.Count == 1) && ((int)activeThreadsStatistics.Rows[0][0] == 0))) { lblAmountActiveThreads.Text = "0"; lblAmountPostingsInActiveThreads.Text = "0"; lblActiveThreadsLastPostingDate.Text = "Never"; imgIconActiveThreadsNoNewPosts.Visible = true; } else { lblAmountActiveThreads.Text = activeThreadsStatistics.Rows[0]["AmountThreads"].ToString(); lblAmountPostingsInActiveThreads.Text = activeThreadsStatistics.Rows[0]["AmountPostings"].ToString(); DateTime dateLastPosting = (DateTime)activeThreadsStatistics.Rows[0]["LastPostingDate"]; lblActiveThreadsLastPostingDate.Text = dateLastPosting.ToString("dd-MMM-yyyy HH:mm"); if (dateLastPosting > lastVisitDate) { imgIconActiveThreadsNewPosts.Visible = true; } else { imgIconActiveThreadsNoNewPosts.Visible = true; } } } } RegisterCollapseExpandClientScript(); }
/// <summary> /// Handles the Load event of the Page control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to default page Response.Redirect("default.aspx", true); } _startAtMessageIndex = HnDGeneralUtils.TryConvertToInt(Request.QueryString["StartAtMessage"]); if (_thread.IsClosed) { // is already closed Response.Redirect("default.aspx", true); } // Check access credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); bool userMayDoThreadManagement = SessionAdapter.HasSystemActionRight(ActionRights.ForumSpecificThreadManagement) || SessionAdapter.HasSystemActionRight(ActionRights.SystemWideThreadManagement); if (!userHasAccess || !userMayDoThreadManagement) { // doesn't have access to this forum or may not alter the thread's properties. redirect Response.Redirect("default.aspx", true); } // check if the user can view this thread. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !_thread.IsSticky) { // can't view this thread, it isn't visible to the user Response.Redirect("default.aspx", true); } bool userMayAddNewMessages = false; if (!_thread.IsClosed) { if (_thread.IsSticky) { if (SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAndEditMessageInSticky)) { userMayAddNewMessages = true; } } else { if (SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAndEditMessage)) { userMayAddNewMessages = true; } } } if (!userMayAddNewMessages) { // is not allowed to post a new message. This forum allows the user to add a new message and close the thread at the same time. // deny. Response.Redirect("default.aspx", true); } if (!Page.IsPostBack) { // fill the page's content ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // Orphaned thread Response.Redirect("default.aspx", true); } meMessageEditor.ForumName = forum.ForumName; meMessageEditor.ThreadSubject = _thread.Subject; } }
/// <summary> /// Handles the Load event of the Page control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to default page Response.Redirect("default.aspx", true); } _startAtMessageIndex = HnDGeneralUtils.TryConvertToInt(Request.QueryString["StartAtMessage"]); _quoteMessageID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["QuoteMessageID"]); // Check credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx"); } // Check if the current user is allowed to add new messages to the thread. bool userMayAddNewMessages = false; if (!_thread.IsClosed) { if (_thread.IsSticky) { if (SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAndEditMessageInSticky)) { userMayAddNewMessages = true; } } else { if (SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAndEditMessage)) { userMayAddNewMessages = true; } } } if (!userMayAddNewMessages) { // is not allowed to post a new message Response.Redirect("Messages.aspx?ThreadID=" + threadID, true); } // use BL class. We could have used Lazy loading, though for the sake of separation, we'll call into the BL class. ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // orphaned thread Response.Redirect("default.aspx"); } // check if the user can view the thread the message is in. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers)) { // can't add a message, it's in a thread which isn't visible to the user Response.Redirect("default.aspx", true); } meMessageEditor.ShowAddAttachment = ((forum.MaxNoOfAttachmentsPerMessage > 0) && SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAttachment)); meMessageEditor.ShowSubscribeToThread = !UserGuiHelper.CheckIfThreadIsAlreadySubscribed(SessionAdapter.GetUserID(), _thread.ThreadID); // User is able to post a new message to the current thread. if (!Page.IsPostBack) { // fill the page's content lnkThreads.Text = HttpUtility.HtmlEncode(forum.ForumName); lnkThreads.NavigateUrl += "?ForumID=" + _thread.ForumID; meMessageEditor.ForumName = forum.ForumName; meMessageEditor.ThreadSubject = _thread.Subject; lblSectionName.Text = CacheManager.GetSectionName(forum.SectionID); lnkMessages.NavigateUrl += threadID; lnkMessages.Text = HttpUtility.HtmlEncode(_thread.Subject); phLastPostingInThread.Visible = (_quoteMessageID <= 0); bool userMayEditMemo = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.EditThreadMemo); // get quoted message if passed in. if (_quoteMessageID > 0) { // get message and insert it into the textbox including quote tags. MessageEntity messageToQuote = MessageGuiHelper.GetMessage(_quoteMessageID); if (messageToQuote != null) { // message found. UserEntity quotedUser = UserGuiHelper.GetUser(messageToQuote.PostedByUserID); if (quotedUser != null) { // user found. proceed meMessageEditor.OriginalMessageText = TextParser.MakeStringQuoted(messageToQuote.MessageText, quotedUser.NickName); } } } else { // no quoted message. Load the last message from the active thread and display it in the form. This // message entity has the poster user entity prefetched, together with the usertitle of the user. MessageEntity lastMessageInThread = ThreadGuiHelper.GetLastMessageInThreadWithUserInfo(threadID); if (lastMessageInThread != null) { litMessageBody.Text = lastMessageInThread.MessageTextAsHTML; lblPostingDate.Text = lastMessageInThread.PostingDate.ToString("dd-MMM-yyyy HH:mm:ss"); if (lastMessageInThread.PostedByUser != null) { UserEntity messagePoster = lastMessageInThread.PostedByUser; if (messagePoster.UserTitle != null) { lblUserTitleDescription.Text = messagePoster.UserTitle.UserTitleDescription; } lblLocation.Text = messagePoster.Location; if (messagePoster.JoinDate.HasValue) { lblJoinDate.Text = messagePoster.JoinDate.Value.ToString("dd-MMM-yyyy HH:mm:ss"); } if (messagePoster.AmountOfPostings.HasValue) { lblAmountOfPostings.Text = messagePoster.AmountOfPostings.Value.ToString(); } if (messagePoster.SignatureAsHTML != null) { litSignature.Text = messagePoster.SignatureAsHTML; } lblNickname.Text = messagePoster.NickName; } } } if ((_thread.Memo.Length > 0) && userMayEditMemo) { // convert memo contents to HTML so it's displayed above the thread. string parserLog, messageTextXml; bool errorsOccured = false; string memoAsHTML = TextParser.TransformUBBMessageStringToHTML(_thread.Memo, ApplicationAdapter.GetParserData(), out parserLog, out errorsOccured, out messageTextXml); lblMemo.Text = memoAsHTML; } phMemo.Visible = userMayEditMemo; } }
/// <summary> /// Handles the Load event of the Page control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to default page Response.Redirect("default.aspx", true); } _startAtMessage = HnDGeneralUtils.TryConvertToInt(Request.QueryString["StartAtMessage"]); // Check credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx", true); } // check if the user can view this thread. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !_thread.IsSticky) { // can't view this thread, it isn't visible to the user Response.Redirect("default.aspx", true); } // Check if the current user is allowed to edit the memo if (!SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.EditThreadMemo)) { // is not allowed to edit the memo Response.Redirect("Messages.aspx?ThreadID=" + threadID, true); } // User may edit memo, proceed if (!Page.IsPostBack) { // fill the page's content ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // Orphaned thread Response.Redirect("default.aspx", true); } lnkThreads.Text = HttpUtility.HtmlEncode(forum.ForumName); lnkThreads.NavigateUrl += "?ForumID=" + _thread.ForumID; meMessageEditor.ForumName = forum.ForumName; meMessageEditor.ThreadSubject = "Memo for thread: " + HttpUtility.HtmlEncode(_thread.Subject); lblSectionName.Text = CacheManager.GetSectionName(forum.SectionID); lnkMessages.NavigateUrl += threadID; lnkMessages.Text = HttpUtility.HtmlEncode(_thread.Subject); string memoText = _thread.Memo; memoText += string.Format("{2}[b]-----------------------------------------------------------------{2}{1} [color value=\"0000AA\"]{0}[/color] wrote:[/b] ", SessionAdapter.GetUserNickName(), DateTime.Now.ToString(@"dd-MMM-yyyy HH:mm:ss"), Environment.NewLine); meMessageEditor.OriginalMessageText = memoText; } }
/// <summary> /// Handles the Load event of the Page control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to start page Response.Redirect("default.aspx"); } // Check credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx"); } _startMessageNo = HnDGeneralUtils.TryConvertToInt(Request.QueryString["StartAtMessage"]); bool highLightSearchResults = (HnDGeneralUtils.TryConvertToInt(Request.QueryString["HighLight"]) == 1); if (!_thread.IsClosed) { if (_thread.IsSticky) { _userMayAddNewMessages = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAndEditMessageInSticky); } else { _userMayAddNewMessages = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAndEditMessage); } // set show*link class members. These have to be set despite the postback status, as they're used in the repeater. Only set // them to true if the thread isn't closed. They've been initialized to false already. _showEditMessageLink = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.EditDeleteOtherUsersMessages); _showDeleteMessageLink = _showEditMessageLink; _showQuoteMessageLink = _userMayAddNewMessages; } // show user IP addresses if the user has system admin rights, security admin rights or user admin rights. _showIPAddresses = (SessionAdapter.HasSystemActionRight(ActionRights.SystemManagement) || SessionAdapter.HasSystemActionRight(ActionRights.SecurityManagement) || SessionAdapter.HasSystemActionRight(ActionRights.UserManagement)); // Get the forum entity related to the thread. Use BL class. We could have used Lazy loading, though for the sake of separation, we'll // call into the BL class. ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // not found, orphaned thread, return to default page. Response.Redirect("default.aspx"); } _forumAllowsAttachments = (forum.MaxNoOfAttachmentsPerMessage > 0); // check if the user can view this thread. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !_thread.IsSticky) { // can't view this thread, it isn't visible to the user Response.Redirect("default.aspx", true); } _threadStartedByCurrentUser = (_thread.StartedByUserID == SessionAdapter.GetUserID()); _userMayAddAttachments = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAttachment); _userCanCreateThreads = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddNormalThread) || SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddStickyThread); _userMayDoForumSpecificThreadManagement = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ForumSpecificThreadManagement); _userMayDoSystemWideThreadManagement = SessionAdapter.HasSystemActionRight(ActionRights.SystemWideThreadManagement); _userMayEditMemo = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.EditThreadMemo); _userMayMarkThreadAsDone = (SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.FlagThreadAsDone) || _threadStartedByCurrentUser); _userMayManageSupportQueueContents = SessionAdapter.HasSystemActionRight(ActionRights.QueueContentManagement); _userMayDoBasicThreadOperations = (SessionAdapter.GetUserID() > 0); if (!Page.IsPostBack) { plPageListBottom.HighLight = highLightSearchResults; plPageListTop.HighLight = highLightSearchResults; litHighLightLogic.Visible = highLightSearchResults; if (highLightSearchResults) { // make highlighting of search results possible string searchTerms = SessionAdapter.GetSearchTerms(); if (searchTerms == null) { searchTerms = string.Empty; } this.ClientScript.RegisterHiddenField("searchTerms", searchTerms.Replace("AND", "").Replace("OR", "").Replace("and", "").Replace("or", "").Replace("\"", "")); } else { // replace hightlighting scriptblock. this.ClientScript.RegisterClientScriptBlock(this.GetType(), "onLoad", "<script language=\"javascript\" type=\"text/javascript\">function SearchHighlight() {}</script>"); } if (_userMayManageSupportQueueContents) { // fill support queue management area with data. SupportQueueCollection supportQueues = CacheManager.GetAllSupportQueues(); cbxSupportQueues.DataSource = supportQueues; cbxSupportQueues.DataBind(); SupportQueueEntity containingQueue = SupportQueueGuiHelper.GetQueueOfThread(_thread.ThreadID); if (containingQueue != null) { cbxSupportQueues.SelectedValue = containingQueue.QueueID.ToString(); // get claim info SupportQueueThreadEntity supportQueueThreadInfo = SupportQueueGuiHelper.GetSupportQueueThreadInfo(_thread.ThreadID, true); if ((supportQueueThreadInfo != null) && supportQueueThreadInfo.ClaimedByUserID.HasValue) { // claimed by someone lblClaimDate.Text = supportQueueThreadInfo.ClaimedOn.Value.ToString("dd-MMM-yyyy HH:mm.ss", DateTimeFormatInfo.InvariantInfo); lnkClaimerThread.Visible = true; lblNotClaimed.Visible = false; lnkClaimerThread.Text = supportQueueThreadInfo.ClaimedByUser.NickName; lnkClaimerThread.NavigateUrl += supportQueueThreadInfo.ClaimedByUserID.ToString(); btnClaim.Visible = false; btnRelease.Visible = true; } else { // not claimed lblClaimDate.Text = string.Empty; btnClaim.Visible = true; btnRelease.Visible = false; } } } phSupportQueueManagement.Visible = _userMayManageSupportQueueContents; if ((_thread.Memo.Length > 0) && _userMayEditMemo) { // convert memo contents to HTML so it's displayed above the thread. string parserLog, messageTextXml; bool errorsOccured = false; string memoAsHTML = TextParser.TransformUBBMessageStringToHTML(_thread.Memo, ApplicationAdapter.GetParserData(), out parserLog, out errorsOccured, out messageTextXml); lblMemo.Text = memoAsHTML; } phMemo.Visible = _userMayEditMemo; bool isBookmarked = UserGuiHelper.CheckIfThreadIsAlreadyBookmarked(SessionAdapter.GetUserID(), threadID); bool isSubscribed = UserGuiHelper.CheckIfThreadIsAlreadySubscribed(SessionAdapter.GetUserID(), threadID); btnBookmarkThread.Visible = !isBookmarked && _userMayDoBasicThreadOperations; btnUnbookmarkThread.Visible = isBookmarked && _userMayDoBasicThreadOperations; bool sendReplyNotifications = CacheManager.GetSystemData().SendReplyNotifications; btnSubscribeToThread.Visible = !isSubscribed && _userMayDoBasicThreadOperations && sendReplyNotifications; btnUnsubscribeFromThread.Visible = isSubscribed && _userMayDoBasicThreadOperations && sendReplyNotifications; // fill the page's content lnkThreads.Text = HttpUtility.HtmlEncode(forum.ForumName); lnkThreads.NavigateUrl += "?ForumID=" + _thread.ForumID; lblForumName_Header.Text = forum.ForumName; lblSectionName.Text = CacheManager.GetSectionName(forum.SectionID); // Check if the current user is allowed to add new messages to the thread. // these controls are not visible by default, show them if necessary if (_userMayDoForumSpecificThreadManagement || _userMayDoSystemWideThreadManagement) { if (!_thread.IsClosed && _userMayAddNewMessages) { lnkCloseThread.Visible = true; lnkCloseThread.NavigateUrl += "?ThreadID=" + threadID + "&StartAtMessage=" + _startMessageNo; } lnkEditThreadProperties.Visible = true; lnkEditThreadProperties.NavigateUrl += "?ThreadID=" + threadID; } if (_userMayDoSystemWideThreadManagement) { lnkMoveThread.Visible = true; lnkMoveThread.NavigateUrl += "?ThreadID=" + threadID; lnkDeleteThread.Visible = true; lnkDeleteThread.NavigateUrl += "?ThreadID=" + threadID; } btnThreadDone.Visible = _thread.MarkedAsDone; btnThreadNotDone.Visible = !_thread.MarkedAsDone; btnThreadDone.Enabled = _userMayMarkThreadAsDone; btnThreadNotDone.Enabled = _userMayMarkThreadAsDone; if (_userMayEditMemo) { lnkEditMemo.Visible = true; lnkEditMemo.NavigateUrl += "?ThreadID=" + threadID + "&StartAtMessage=" + _startMessageNo; } // These controls are visible by default. Hide them when the user can't create threads on this forum if (_userCanCreateThreads) { lnkNewThreadBottom.NavigateUrl += "?ForumID=" + _thread.ForumID + "&StartAtMessage=" + _startMessageNo; lnkNewThreadTop.NavigateUrl += "?ForumID=" + _thread.ForumID + "&StartAtMessage=" + _startMessageNo; } else { lnkNewThreadBottom.Visible = false; lnkNewThreadTop.Visible = false; } if (_userMayAddNewMessages) { lnkNewMessageBottom.NavigateUrl += "?ThreadID=" + threadID + "&StartAtMessage=" + _startMessageNo; lnkNewMessageTop.NavigateUrl += "?ThreadID=" + threadID + "&StartAtMessage=" + _startMessageNo; } else { lnkNewMessageBottom.Visible = false; lnkNewMessageTop.Visible = false; } lblSeparatorTop.Visible = (_userMayAddNewMessages && _userCanCreateThreads); lblSeparatorBottom.Visible = (_userMayAddNewMessages && _userCanCreateThreads); // The amount of postings in this thread are in the dataview row, which should contain just 1 row. int maxAmountMessagesPerPage = SessionAdapter.GetUserDefaultNumberOfMessagesPerPage(); int amountOfMessages = ThreadGuiHelper.GetTotalNumberOfMessagesInThread(threadID); int amountOfPages = ((amountOfMessages - 1) / maxAmountMessagesPerPage) + 1; int currentPageNo = (_startMessageNo / maxAmountMessagesPerPage) + 1; lblCurrentPage.Text = currentPageNo.ToString(); lblTotalPages.Text = amountOfPages.ToString(); lnkPrintThread.NavigateUrl += "?ThreadID=" + threadID; plPageListBottom.AmountMessages = amountOfMessages; plPageListBottom.StartMessageNo = _startMessageNo; plPageListBottom.ThreadID = threadID; plPageListTop.AmountMessages = amountOfMessages; plPageListTop.StartMessageNo = _startMessageNo; plPageListTop.ThreadID = threadID; // Get messages and bind it to the repeater control. Use the startmessage to get only the message visible on the current page. MessagesInThreadTypedList messages = ThreadGuiHelper.GetAllMessagesInThreadAsTypedList(threadID, currentPageNo, maxAmountMessagesPerPage); rptMessages.DataSource = messages; rptMessages.DataBind(); } }