/// <summary> /// Setups the user profile. /// </summary> /// <param name="user"> /// The user. /// </param> /// <param name="userId"> /// The user identifier. /// </param> private void SetupUserProfile(MembershipUser user, int userId) { // this is the "Profile Information" step. Save the data to their profile (+ defaults). var timeZones = (DropDownList)this.CreateUserWizard1.FindWizardControlRecursive("TimeZones"); var country = (ImageListBox)this.CreateUserWizard1.FindWizardControlRecursive("Country"); var locationTextBox = (TextBox)this.CreateUserWizard1.FindWizardControlRecursive("Location"); var homepageTextBox = (TextBox)this.CreateUserWizard1.FindWizardControlRecursive("Homepage"); var dstUser = (CheckBox)this.CreateUserWizard1.FindWizardControlRecursive("DSTUser"); // setup/save the profile var userProfile = YafUserProfile.GetProfile(this.CreateUserWizard1.UserName); if (country.SelectedValue != null) { userProfile.Country = country.SelectedValue; } string result; if (this.Get <ISpamWordCheck>().CheckForSpamWord(homepageTextBox.Text.Trim(), out result)) { this.IsPossibleSpamBotInternalCheck = true; // Flag user as spam bot this.IsPossibleSpamBot = true; var userIpAddress = this.Get <HttpRequestBase>().GetUserRealIPAddress(); if (this.Get <YafBoardSettings>().BotHandlingOnRegister.Equals(1)) { this.Get <ISendNotification>().SendSpamBotNotificationToAdmins(user, userId); } else if (this.Get <YafBoardSettings>().BotHandlingOnRegister.Equals(2)) { // Kill user UserMembershipHelper.DeleteAndBanUser(userId, user, userIpAddress); this.PageContext.AddLoadMessage(this.GetText("BOT_MESSAGE"), MessageTypes.danger); } this.Logger.Log( null, "Bot Detected", "Internal Spam Word Check detected a SPAM BOT: (user name : '{0}', email : '{1}', ip: '{2}') reason word: {3}" .FormatWith(user.UserName, this.CreateUserWizard1.Email, userIpAddress, homepageTextBox.Text.Trim()), EventLogTypes.SpamBotDetected); } if (!this.IsPossibleSpamBotInternalCheck) { userProfile.Location = locationTextBox.Text.Trim(); // add http:// by default if (!Regex.IsMatch(homepageTextBox.Text.Trim(), @"^(http|https|ftp|ftps|git|svn|news)\://.*")) { homepageTextBox.Text = "http://{0}".FormatWith(homepageTextBox.Text.Trim()); } if (ValidationHelper.IsValidURL(homepageTextBox.Text)) { userProfile.Homepage = homepageTextBox.Text.Trim(); } userProfile.Save(); var autoWatchTopicsEnabled = this.Get <YafBoardSettings>().DefaultNotificationSetting == UserNotificationSetting.TopicsIPostToOrSubscribeTo; // save the time zone... LegacyDb.user_save( userID: userId, boardID: this.PageContext.PageBoardID, userName: null, displayName: null, email: null, timeZone: timeZones.SelectedValue.ToType <int>(), languageFile: null, culture: null, themeFile: null, textEditor: null, useMobileTheme: null, approved: null, pmNotification: this.Get <YafBoardSettings>().DefaultNotificationSetting, autoWatchTopics: autoWatchTopicsEnabled, dSTUser: dstUser.Checked, hideUser: null, notificationType: null); // save the settings... LegacyDb.user_savenotification( userId, true, autoWatchTopicsEnabled, this.Get <YafBoardSettings>().DefaultNotificationSetting, this.Get <YafBoardSettings>().DefaultSendDigestEmail); } }
/// <summary> /// Verifies the message allowed. /// </summary> /// <param name="count">The recipients count.</param> /// <param name="message">The message.</param> /// <returns> /// Returns if the user is allowed to send a message or not /// </returns> private bool VerifyMessageAllowed(int count, string message) { // Check if SPAM Message first... if (!this.PageContext.IsAdmin && !this.PageContext.ForumModeratorAccess && !this.Get <YafBoardSettings>().SpamServiceType.Equals(0)) { // Check content for spam if (this.Get <ISpamCheck>().CheckPostForSpam( this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, YafContext.Current.Get <HttpRequestBase>().GetUserRealIPAddress(), message, this.PageContext.User.Email, out var spamResult)) { switch (this.Get <YafBoardSettings>().SpamMessageHandling) { case 0: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", string .Format( "Spam Check detected possible SPAM ({1}) posted by User: {0}", this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); break; case 1: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", string .Format( "Spam Check detected possible SPAM ({1}) posted by User: {0}, it was flagged as unapproved post", this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); break; case 2: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", string .Format( "Spam Check detected possible SPAM ({1}) posted by User: {0}, post was rejected", this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); this.PageContext.AddLoadMessage(this.GetText("SPAM_MESSAGE"), MessageTypes.danger); break; case 3: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", string .Format( "Spam Check detected possible SPAM ({1}) posted by User: {0}, user was deleted and bannded", this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); var userIp = new CombinedUserDataHelper( this.PageContext.CurrentUserData.Membership, this.PageContext.PageUserID).LastIP; UserMembershipHelper.DeleteAndBanUser( this.PageContext.PageUserID, this.PageContext.CurrentUserData.Membership, userIp); break; } return(false); } // Check posts for urls if the user has only x posts if (YafContext.Current.CurrentUserData.NumPosts <= YafContext.Current.Get <YafBoardSettings>().IgnoreSpamWordCheckPostCount&& !this.PageContext.IsAdmin && !this.PageContext.ForumModeratorAccess) { var urlCount = UrlHelper.CountUrls(message); if (urlCount > this.PageContext.BoardSettings.AllowedNumberOfUrls) { spamResult = $"The user posted {urlCount} urls but allowed only {this.PageContext.BoardSettings.AllowedNumberOfUrls}"; switch (this.Get <YafBoardSettings>().SpamMessageHandling) { case 0: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", string.Format( "Spam Check detected possible SPAM ({1}) posted by User: {0}", this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); break; case 1: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", string .Format( "Spam Check detected possible SPAM ({1}) posted by User: {0}, it was flagged as unapproved post", this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); break; case 2: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", string .Format( "Spam Check detected possible SPAM ({1}) posted by User: {0}, post was rejected", this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); this.PageContext.AddLoadMessage(this.GetText("SPAM_MESSAGE"), MessageTypes.danger); break; case 3: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", string .Format( "Spam Check detected possible SPAM ({1}) posted by User: {0}, user was deleted and bannded", this.PageContext.PageUserName, spamResult), EventLogTypes.SpamMessageDetected); var userIp = new CombinedUserDataHelper( this.PageContext.CurrentUserData.Membership, this.PageContext.PageUserID).LastIP; UserMembershipHelper.DeleteAndBanUser( this.PageContext.PageUserID, this.PageContext.CurrentUserData.Membership, userIp); break; } return(false); } } return(true); } /////////////////////////////// // test sending user's PM count // get user's name var drPMInfo = this.GetRepository <PMessage>().UserMessageCount(YafContext.Current.PageUserID).Rows[0]; if (drPMInfo["NumberTotal"].ToType <int>() + count <= drPMInfo["NumberAllowed"].ToType <int>() || YafContext.Current.IsAdmin) { return(true); } // user has full PM box YafContext.Current.AddLoadMessage( this.GetTextFormatted("OWN_PMBOX_FULL", drPMInfo["NumberAllowed"]), MessageTypes.danger); return(false); }
/// <summary> /// Setups the user profile. /// </summary> /// <param name="user"> /// The user. /// </param> /// <param name="userId"> /// The user identifier. /// </param> private void SetupUserProfile(MembershipUser user, int userId) { // this is the "Profile Information" step. Save the data to their profile (+ defaults). var timeZones = (DropDownList)this.CreateUserWizard1.FindWizardControlRecursive("TimeZones"); var country = (CountryImageListBox)this.CreateUserWizard1.FindWizardControlRecursive("Country"); var locationTextBox = (TextBox)this.CreateUserWizard1.FindWizardControlRecursive("Location"); var homepageTextBox = (TextBox)this.CreateUserWizard1.FindWizardControlRecursive("Homepage"); var dstUser = (CheckBox)this.CreateUserWizard1.FindWizardControlRecursive("DSTUser"); // setup/save the profile var userProfile = Utils.UserProfile.GetProfile(this.CreateUserWizard1.UserName); if (country.SelectedValue != null) { userProfile.Country = country.SelectedValue; } if (this.Get <ISpamWordCheck>().CheckForSpamWord(homepageTextBox.Text.Trim(), out _)) { this.IsPossibleSpamBotInternalCheck = true; // Flag user as spam bot this.IsPossibleSpamBot = true; var userIpAddress = this.Get <HttpRequestBase>().GetUserRealIPAddress(); if (this.Get <BoardSettings>().BotHandlingOnRegister.Equals(1)) { this.Get <ISendNotification>().SendSpamBotNotificationToAdmins(user, userId); } else if (this.Get <BoardSettings>().BotHandlingOnRegister.Equals(2)) { // Kill user UserMembershipHelper.DeleteAndBanUser(userId, user, userIpAddress); this.PageContext.AddLoadMessage(this.GetText("BOT_MESSAGE"), MessageTypes.danger); } this.GetRepository <Registry>().IncrementDeniedRegistrations(); this.Logger.Log( null, "Bot Detected", $"Internal Spam Word Check detected a SPAM BOT: (user name : '{user.UserName}', email : '{this.CreateUserWizard1.Email}', ip: '{userIpAddress}') reason word: {homepageTextBox.Text.Trim()}", EventLogTypes.SpamBotDetected); } if (this.IsPossibleSpamBotInternalCheck) { return; } userProfile.Location = locationTextBox.Text.Trim(); // add http:// by default if (!Regex.IsMatch(homepageTextBox.Text.Trim(), @"^(http|https|ftp|ftps|git|svn|news)\://.*")) { homepageTextBox.Text = $"http://{homepageTextBox.Text.Trim()}"; } if (ValidationHelper.IsValidURL(homepageTextBox.Text)) { userProfile.Homepage = homepageTextBox.Text.Trim(); } userProfile.Save(); var autoWatchTopicsEnabled = this.Get <BoardSettings>().DefaultNotificationSetting == UserNotificationSetting.TopicsIPostToOrSubscribeTo; // save the time zone... this.GetRepository <User>().Save( userId, this.PageContext.PageBoardID, null, null, null, timeZones.SelectedValue, null, null, null, null, this.Get <BoardSettings>().DefaultNotificationSetting, autoWatchTopicsEnabled, dstUser.Checked, null, null); // save the settings... this.GetRepository <User>().SaveNotification( userId, true, autoWatchTopicsEnabled, this.Get <BoardSettings>().DefaultNotificationSetting.ToInt(), this.Get <BoardSettings>().DefaultSendDigestEmail); }
/// <summary> /// Saves the Updated Profile /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param> protected void UpdateProfile_Click([NotNull] object sender, [NotNull] EventArgs e) { var userName = UserMembershipHelper.GetUserNameFromID(this.currentUserID); if (this.HomePage.Text.IsSet()) { // add http:// by default if (!Regex.IsMatch(this.HomePage.Text.Trim(), @"^(http|https|ftp|ftps|git|svn|news)\://.*")) { this.HomePage.Text = "http://{0}".FormatWith(this.HomePage.Text.Trim()); } if (!ValidationHelper.IsValidURL(this.HomePage.Text)) { this.PageContext.AddLoadMessage(this.GetText("PROFILE", "BAD_HOME"), MessageTypes.warning); return; } if (this.UserData.NumPosts < this.Get <YafBoardSettings>().IgnoreSpamWordCheckPostCount) { string result; // Check for spam if (this.Get <ISpamWordCheck>().CheckForSpamWord(this.HomePage.Text, out result)) { // Log and Send Message to Admins if (this.Get <YafBoardSettings>().BotHandlingOnRegister.Equals(1)) { this.Logger.Log( null, "Bot Detected", "Internal Spam Word Check detected a SPAM BOT: (user name : '{0}', user id : '{1}') after the user changed the profile Homepage url to: {2}" .FormatWith(userName, this.currentUserID, this.HomePage.Text), EventLogTypes.SpamBotDetected); } else if (this.Get <YafBoardSettings>().BotHandlingOnRegister.Equals(2)) { this.Logger.Log( null, "Bot Detected", "Internal Spam Word Check detected a SPAM BOT: (user name : '{0}', user id : '{1}') after the user changed the profile Homepage url to: {2}, user was deleted and the name, email and IP Address are banned." .FormatWith(userName, this.currentUserID, this.HomePage.Text), EventLogTypes.SpamBotDetected); // Kill user if (!this.PageContext.CurrentForumPage.IsAdminPage) { var user = UserMembershipHelper.GetMembershipUserById(this.currentUserID); var userId = this.currentUserID; var userIp = new CombinedUserDataHelper(user, userId).LastIP; UserMembershipHelper.DeleteAndBanUser(this.currentUserID, user, userIp); } } } } } if (this.Weblog.Text.IsSet() && !ValidationHelper.IsValidURL(this.Weblog.Text.Trim())) { this.PageContext.AddLoadMessage(this.GetText("PROFILE", "BAD_WEBLOG"), MessageTypes.warning); return; } if (this.MSN.Text.IsSet() && !ValidationHelper.IsValidEmail(this.MSN.Text)) { this.PageContext.AddLoadMessage(this.GetText("PROFILE", "BAD_MSN"), MessageTypes.warning); return; } if (this.Xmpp.Text.IsSet() && !ValidationHelper.IsValidXmpp(this.Xmpp.Text)) { this.PageContext.AddLoadMessage(this.GetText("PROFILE", "BAD_XMPP"), MessageTypes.warning); return; } if (this.ICQ.Text.IsSet() && !(ValidationHelper.IsValidEmail(this.ICQ.Text) || ValidationHelper.IsNumeric(this.ICQ.Text))) { this.PageContext.AddLoadMessage(this.GetText("PROFILE", "BAD_ICQ"), MessageTypes.warning); return; } if (this.Facebook.Text.IsSet() && !ValidationHelper.IsValidURL(this.Facebook.Text)) { this.PageContext.AddLoadMessage(this.GetText("PROFILE", "BAD_FACEBOOK"), MessageTypes.warning); return; } if (this.Google.Text.IsSet() && !ValidationHelper.IsValidURL(this.Google.Text)) { this.PageContext.AddLoadMessage(this.GetText("PROFILE", "BAD_GOOGLE"), MessageTypes.warning); return; } string displayName = null; if (this.Get <YafBoardSettings>().EnableDisplayName && this.Get <YafBoardSettings>().AllowDisplayNameModification) { // Check if name matches the required minimum length if (this.DisplayName.Text.Trim().Length < this.Get <YafBoardSettings>().DisplayNameMinLength) { this.PageContext.AddLoadMessage( this.GetTextFormatted("USERNAME_TOOLONG", this.Get <YafBoardSettings>().DisplayNameMinLength), MessageTypes.warning); return; } // Check if name matches the required minimum length if (this.DisplayName.Text.Length > this.Get <YafBoardSettings>().UserNameMaxLength) { this.PageContext.AddLoadMessage( this.GetTextFormatted("USERNAME_TOOLONG", this.Get <YafBoardSettings>().UserNameMaxLength), MessageTypes.warning); return; } if (this.DisplayName.Text.Trim() != this.UserData.DisplayName) { if (this.Get <IUserDisplayName>().GetId(this.DisplayName.Text.Trim()).HasValue) { this.PageContext.AddLoadMessage( this.GetText("REGISTER", "ALREADY_REGISTERED_DISPLAYNAME"), MessageTypes.warning); return; } displayName = this.DisplayName.Text.Trim(); } } if (this.UpdateEmailFlag) { var newEmail = this.Email.Text.Trim(); if (!ValidationHelper.IsValidEmail(newEmail)) { this.PageContext.AddLoadMessage(this.GetText("PROFILE", "BAD_EMAIL"), MessageTypes.warning); return; } var userNameFromEmail = this.Get <MembershipProvider>().GetUserNameByEmail(this.Email.Text.Trim()); if (userNameFromEmail.IsSet() && userNameFromEmail != userName) { this.PageContext.AddLoadMessage(this.GetText("PROFILE", "BAD_EMAIL"), MessageTypes.warning); return; } if (this.Get <YafBoardSettings>().EmailVerification) { this.SendEmailVerification(newEmail); } else { // just update the e-mail... try { UserMembershipHelper.UpdateEmail(this.currentUserID, this.Email.Text.Trim()); } catch (ApplicationException) { this.PageContext.AddLoadMessage( this.GetText("PROFILE", "DUPLICATED_EMAIL"), MessageTypes.warning); return; } } } if (this.Interests.Text.Trim().Length > 400) { this.PageContext.AddLoadMessage( this.GetTextFormatted("FIELD_TOOLONG", this.GetText("CP_EDITPROFILE", "INTERESTS"), 400), MessageTypes.warning); return; } if (this.Occupation.Text.Trim().Length > 400) { this.PageContext.AddLoadMessage( this.GetTextFormatted("FIELD_TOOLONG", this.GetText("CP_EDITPROFILE", "OCCUPATION"), 400), MessageTypes.warning); return; } this.UpdateUserProfile(userName); // vzrus: We should do it as we need to write null value to db, else it will be empty. // Localizer currently treats only nulls. object language = null; object culture = this.Culture.SelectedValue; object theme = this.Theme.SelectedValue; object editor = this.ForumEditor.SelectedValue; if (this.Theme.SelectedValue.IsNotSet()) { theme = null; } if (this.ForumEditor.SelectedValue.IsNotSet()) { editor = null; } if (this.Culture.SelectedValue.IsNotSet()) { culture = null; } else { foreach (DataRow row in StaticDataHelper.Cultures() .Rows.Cast <DataRow>() .Where(row => culture.ToString() == row["CultureTag"].ToString())) { language = row["CultureFile"].ToString(); } } // save remaining settings to the DB LegacyDb.user_save( this.currentUserID, this.PageContext.PageBoardID, null, displayName, null, this.TimeZones.SelectedValue.ToType <int>(), language, culture, theme, editor, this.UseMobileTheme.Checked, null, null, null, this.DSTUser.Checked, this.HideMe.Checked, null); // vzrus: If it's a guest edited by an admin registry value should be changed DataTable dt = LegacyDb.user_list(this.PageContext.PageBoardID, this.currentUserID, true, null, null, false); if (dt.HasRows() && dt.Rows[0]["IsGuest"].ToType <bool>()) { LegacyDb.registry_save("timezone", this.TimeZones.SelectedValue, this.PageContext.PageBoardID); } // clear the cache for this user...) this.Get <IRaiseEvent>().Raise(new UpdateUserEvent(this.currentUserID)); this.Get <IDataCache>().Clear(); if (!this.PageContext.CurrentForumPage.IsAdminPage) { YafBuildLink.Redirect(ForumPages.cp_profile); } else { this._userData = null; this.BindData(); } }
/// <summary> /// The quick reply_ click. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> protected void QuickReplyClick([NotNull] object sender, [NotNull] EventArgs e) { try { if (this.quickReplyEditor.Text.Length <= 0) { YafContext.Current.PageElements.RegisterJsBlockStartup( name: "openModalJs", script: JavaScriptBlocks.OpenModalJs(clientId: "QuickReplyDialog")); this.PageContext.AddLoadMessage(message: this.GetText(tag: "EMPTY_MESSAGE"), messageType: MessageTypes.warning); return; } // No need to check whitespace if they are actually posting something if (this.Get <YafBoardSettings>().MaxPostSize > 0 && this.quickReplyEditor.Text.Length >= this.Get <YafBoardSettings>().MaxPostSize) { YafContext.Current.PageElements.RegisterJsBlockStartup( name: "openModalJs", script: JavaScriptBlocks.OpenModalJs(clientId: "QuickReplyDialog")); this.PageContext.AddLoadMessage(message: this.GetText(tag: "ISEXCEEDED"), messageType: MessageTypes.warning); return; } if (this.EnableCaptcha() && !CaptchaHelper.IsValid(captchaText: this.tbCaptcha.Text.Trim())) { YafContext.Current.PageElements.RegisterJsBlockStartup( name: "openModalJs", script: JavaScriptBlocks.OpenModalJs(clientId: "QuickReplyDialog")); this.PageContext.AddLoadMessage(message: this.GetText(tag: "BAD_CAPTCHA"), messageType: MessageTypes.warning); return; } if (!(this.PageContext.IsAdmin || this.PageContext.ForumModeratorAccess) && this.Get <YafBoardSettings>().PostFloodDelay > 0) { if (YafContext.Current.Get <IYafSession>().LastPost > DateTime.UtcNow.AddSeconds(value: -this.Get <YafBoardSettings>().PostFloodDelay)) { YafContext.Current.PageElements.RegisterJsBlockStartup( name: "openModalJs", script: JavaScriptBlocks.OpenModalJs(clientId: "QuickReplyDialog")); this.PageContext.AddLoadMessage( message: this.GetTextFormatted( tag: "wait", (YafContext.Current.Get <IYafSession>().LastPost - DateTime.UtcNow.AddSeconds(value: -this.Get <YafBoardSettings>().PostFloodDelay)).Seconds), messageType: MessageTypes.warning); return; } } YafContext.Current.Get <IYafSession>().LastPost = DateTime.UtcNow; // post message... long messageId = 0; object replyTo = -1; var message = this.quickReplyEditor.Text; long topicId = this.PageContext.PageTopicID; // SPAM Check // Check if Forum is Moderated var isForumModerated = false; var dt = this.GetRepository <Forum>().List( boardId: this.PageContext.PageBoardID, forumId: this.PageContext.PageForumID); var forumInfo = dt.FirstOrDefault(); if (forumInfo != null) { isForumModerated = this.CheckForumModerateStatus(forumInfo: forumInfo); } var spamApproved = true; var isPossibleSpamMessage = false; // Check for SPAM if (!this.PageContext.IsAdmin && !this.PageContext.ForumModeratorAccess && !this.Get <YafBoardSettings>().SpamServiceType.Equals(obj: 0)) { // Check content for spam if (this.Get <ISpamCheck>().CheckPostForSpam( userName: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, ipAddress: YafContext.Current.Get <HttpRequestBase>().GetUserRealIPAddress(), postMessage: this.quickReplyEditor.Text, emailAddress: this.PageContext.IsGuest ? null : this.PageContext.User.Email, result: out var spamResult)) { switch (this.Get <YafBoardSettings>().SpamMessageHandling) { case 0: this.Logger.Log( userId: this.PageContext.PageUserID, source: "Spam Message Detected", description: string.Format( format: "Spam Check detected possible SPAM ({1}) posted by User: {0}", arg0: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, arg1: spamResult), eventType: EventLogTypes.SpamMessageDetected); break; case 1: spamApproved = false; isPossibleSpamMessage = true; this.Logger.Log( userId: this.PageContext.PageUserID, source: "Spam Message Detected", description: string .Format( format: "Spam Check detected possible SPAM ({1}) posted by User: {0}, it was flagged as unapproved post", arg0: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, arg1: spamResult), eventType: EventLogTypes.SpamMessageDetected); break; case 2: this.Logger.Log( userId: this.PageContext.PageUserID, source: "Spam Message Detected", description: string .Format( format: "Spam Check detected possible SPAM ({1}) posted by User: {0}, post was rejected", arg0: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, arg1: spamResult), eventType: EventLogTypes.SpamMessageDetected); YafContext.Current.PageElements.RegisterJsBlockStartup( name: "openModalJs", script: JavaScriptBlocks.OpenModalJs(clientId: "QuickReplyDialog")); this.PageContext.AddLoadMessage(message: this.GetText(tag: "SPAM_MESSAGE"), messageType: MessageTypes.danger); return; case 3: this.Logger.Log( userId: this.PageContext.PageUserID, source: "Spam Message Detected", description: string .Format( format: "Spam Check detected possible SPAM ({1}) posted by User: {0}, user was deleted and bannded", arg0: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, arg1: spamResult), eventType: EventLogTypes.SpamMessageDetected); var userIp = new CombinedUserDataHelper( membershipUser: this.PageContext.CurrentUserData.Membership, userId: this.PageContext.PageUserID).LastIP; UserMembershipHelper.DeleteAndBanUser( userID: this.PageContext.PageUserID, user: this.PageContext.CurrentUserData.Membership, userIpAddress: userIp); return; } } // Check posts for urls if the user has only x posts if (YafContext.Current.CurrentUserData.NumPosts <= YafContext.Current.Get <YafBoardSettings>().IgnoreSpamWordCheckPostCount && !this.PageContext.IsAdmin && !this.PageContext.ForumModeratorAccess) { var urlCount = UrlHelper.CountUrls(message: this.quickReplyEditor.Text); if (urlCount > this.PageContext.BoardSettings.AllowedNumberOfUrls) { spamResult = $"The user posted {urlCount} urls but allowed only {this.PageContext.BoardSettings.AllowedNumberOfUrls}"; switch (this.Get <YafBoardSettings>().SpamMessageHandling) { case 0: this.Logger.Log( userId: this.PageContext.PageUserID, source: "Spam Message Detected", description: string.Format( format: "Spam Check detected possible SPAM ({1}) posted by User: {0}", arg0: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, arg1: spamResult), eventType: EventLogTypes.SpamMessageDetected); break; case 1: spamApproved = false; isPossibleSpamMessage = true; this.Logger.Log( userId: this.PageContext.PageUserID, source: "Spam Message Detected", description: string .Format( format: "Spam Check detected possible SPAM ({1}) posted by User: {0}, it was flagged as unapproved post", arg0: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, arg1: spamResult), eventType: EventLogTypes.SpamMessageDetected); break; case 2: this.Logger.Log( userId: this.PageContext.PageUserID, source: "Spam Message Detected", description: string .Format( format: "Spam Check detected possible SPAM ({1}) posted by User: {0}, post was rejected", arg0: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, arg1: spamResult), eventType: EventLogTypes.SpamMessageDetected); YafContext.Current.PageElements.RegisterJsBlockStartup( name: "openModalJs", script: JavaScriptBlocks.OpenModalJs(clientId: "QuickReplyDialog")); this.PageContext.AddLoadMessage(message: this.GetText(tag: "SPAM_MESSAGE"), messageType: MessageTypes.danger); return; case 3: this.Logger.Log( userId: this.PageContext.PageUserID, source: "Spam Message Detected", description: string .Format( format: "Spam Check detected possible SPAM ({1}) posted by User: {0}, user was deleted and bannded", arg0: this.PageContext.IsGuest ? "Guest" : this.PageContext.PageUserName, arg1: spamResult), eventType: EventLogTypes.SpamMessageDetected); var userIp = new CombinedUserDataHelper( membershipUser: this.PageContext.CurrentUserData.Membership, userId: this.PageContext.PageUserID).LastIP; UserMembershipHelper.DeleteAndBanUser( userID: this.PageContext.PageUserID, user: this.PageContext.CurrentUserData.Membership, userIpAddress: userIp); return; } } } if (!this.PageContext.IsGuest) { this.UpdateWatchTopic(userId: this.PageContext.PageUserID, topicId: this.PageContext.PageTopicID); } } // If Forum is Moderated if (isForumModerated) { spamApproved = false; } // Bypass Approval if Admin or Moderator if (this.PageContext.IsAdmin || this.PageContext.ForumModeratorAccess) { spamApproved = true; } var messageFlags = new MessageFlags { IsHtml = this.quickReplyEditor.UsesHTML, IsBBCode = this.quickReplyEditor.UsesBBCode, IsApproved = spamApproved }; // Bypass Approval if Admin or Moderator. this.GetRepository <Message>().Save( topicId: topicId, userId: this.PageContext.PageUserID, message: message, guestUserName: null, ip: this.Get <HttpRequestBase>().GetUserRealIPAddress(), posted: DateTime.UtcNow, replyTo: replyTo.ToType <int>(), flags: messageFlags.BitValue, messageID: ref messageId); // Check to see if the user has enabled "auto watch topic" option in his/her profile. if (this.PageContext.CurrentUserData.AutoWatchTopics) { var watchTopicId = this.GetRepository <WatchTopic>().Check( userId: this.PageContext.PageUserID, topicId: this.PageContext.PageTopicID); if (!watchTopicId.HasValue) { // subscribe to this topic this.GetRepository <WatchTopic>().Add(userID: this.PageContext.PageUserID, topicID: this.PageContext.PageTopicID); } } if (messageFlags.IsApproved) { // send new post notification to users watching this topic/forum this.Get <ISendNotification>().ToWatchingUsers(newMessageId: messageId.ToType <int>()); if (Config.IsDotNetNuke && !this.PageContext.IsGuest) { this.Get <IActivityStream>().AddReplyToStream( forumID: this.PageContext.PageForumID, topicID: this.PageContext.PageTopicID, messageID: messageId.ToType <int>(), topicTitle: this.PageContext.PageTopicName, message: message); } // redirect to newly posted message YafBuildLink.Redirect(page: ForumPages.posts, format: "m={0}&#post{0}", messageId); } else { if (this.Get <YafBoardSettings>().EmailModeratorsOnModeratedPost) { // not approved, notifiy moderators this.Get <ISendNotification>().ToModeratorsThatMessageNeedsApproval( forumId: this.PageContext.PageForumID, newMessageId: messageId.ToType <int>(), isSpamMessage: isPossibleSpamMessage); } var url = YafBuildLink.GetLink(page: ForumPages.topics, format: "f={0}", this.PageContext.PageForumID); if (Config.IsRainbow) { YafBuildLink.Redirect(page: ForumPages.info, format: "i=1"); } else { YafBuildLink.Redirect(page: ForumPages.info, format: "i=1&url={0}", this.Server.UrlEncode(s: url)); } } } catch (Exception exception) { if (exception.GetType() != typeof(ThreadAbortException)) { this.Logger.Log(userId: this.PageContext.PageUserID, source: this, exception: exception); } } }
/// <summary> /// The save_ click. /// </summary> /// <param name="sender"> /// The sender. /// </param> /// <param name="e"> /// The e. /// </param> private void Save_Click([NotNull] object sender, [NotNull] EventArgs e) { var body = this._sig.Text; // find forbidden BBcodes in signature var detectedBbCode = this.Get <IFormatMessage>().BBCodeForbiddenDetector(body, this._allowedBbcodes, ','); if (this._allowedBbcodes.IndexOf("ALL") < 0) { if (detectedBbCode.IsSet() && detectedBbCode != "ALL") { this.PageContext.AddLoadMessage( this.GetTextFormatted("SIGNATURE_BBCODE_WRONG", detectedBbCode)); return; } if (detectedBbCode.IsSet() && detectedBbCode == "ALL") { this.PageContext.AddLoadMessage(this.GetText("BBCODE_FORBIDDEN")); return; } } // find forbidden HTMLTags in signature if (!this.PageContext.IsAdmin && this._allowedHtml.IndexOf("ALL") < 0) { var detectedHtmlTag = this.Get <IFormatMessage>().CheckHtmlTags(body, this._allowedHtml, ','); if (detectedHtmlTag.IsSet() && detectedHtmlTag != "ALL") { this.PageContext.AddLoadMessage(detectedHtmlTag); return; } if (detectedHtmlTag.IsSet() && detectedHtmlTag == "ALL") { this.PageContext.AddLoadMessage(this.GetText("HTML_FORBIDDEN")); return; } } // body = this.Get<IFormatMessage>().RepairHtml(this,body,false); if (this._sig.Text.Length > 0) { if (this._sig.Text.Length <= this._allowedNumberOfCharacters) { var userData = new CombinedUserDataHelper(this.CurrentUserID); if (userData.NumPosts < this.Get <YafBoardSettings>().IgnoreSpamWordCheckPostCount) { // Check for spam string result; if (this.Get <ISpamWordCheck>().CheckForSpamWord(body, out result)) { var user = UserMembershipHelper.GetMembershipUserById(this.CurrentUserID); var userId = this.CurrentUserID; // Log and Send Message to Admins if (this.Get <YafBoardSettings>().BotHandlingOnRegister.Equals(1)) { this.Logger.Log( null, "Bot Detected", "Internal Spam Word Check detected a SPAM BOT: (user name : '{0}', user id : '{1}') after the user included a spam word in his/her signature: {2}" .FormatWith(user.UserName, this.CurrentUserID, result), EventLogTypes.SpamBotDetected); } else if (this.Get <YafBoardSettings>().BotHandlingOnRegister.Equals(2)) { this.Logger.Log( null, "Bot Detected", "Internal Spam Word Check detected a SPAM BOT: (user name : '{0}', user id : '{1}') after the user included a spam word in his/her signature: {2}, user was deleted and the name, email and IP Address are banned." .FormatWith(user.UserName, this.CurrentUserID, result), EventLogTypes.SpamBotDetected); // Kill user if (!this.PageContext.CurrentForumPage.IsAdminPage) { var userIp = new CombinedUserDataHelper(user, userId).LastIP; UserMembershipHelper.DeleteAndBanUser(this.CurrentUserID, user, userIp); } } } } LegacyDb.user_savesignature(this.CurrentUserID, this.Get <IBadWordReplace>().Replace(body)); } else { this.PageContext.AddLoadMessage( this.GetTextFormatted("SIGNATURE_MAX", this._allowedNumberOfCharacters)); return; } } else { LegacyDb.user_savesignature(this.CurrentUserID, DBNull.Value); } // clear the cache for this user... this.Get <IRaiseEvent>().Raise(new UpdateUserEvent(this.CurrentUserID)); if (this.PageContext.CurrentForumPage.IsAdminPage) { this.BindData(); } else { this.DoRedirect(); } }
/// <summary> /// Saves the Updated Profile /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param> protected void UpdateProfileClick([NotNull] object sender, [NotNull] EventArgs e) { var userName = UserMembershipHelper.GetUserNameFromID(this.currentUserId); if (this.HomePage.Text.IsSet()) { // add http:// by default if (!Regex.IsMatch(this.HomePage.Text.Trim(), @"^(http|https|ftp|ftps|git|svn|news)\://.*")) { this.HomePage.Text = $"http://{this.HomePage.Text.Trim()}"; } if (!ValidationHelper.IsValidURL(this.HomePage.Text)) { this.PageContext.AddLoadMessage(this.GetText("PROFILE", "BAD_HOME"), MessageTypes.warning); return; } if (this.UserData.NumPosts < this.Get <BoardSettings>().IgnoreSpamWordCheckPostCount) { // Check for spam if (this.Get <ISpamWordCheck>().CheckForSpamWord(this.HomePage.Text, out _)) { // Log and Send Message to Admins if (this.Get <BoardSettings>().BotHandlingOnRegister.Equals(1)) { this.Logger.Log( null, "Bot Detected", $"Internal Spam Word Check detected a SPAM BOT: (user name : '{userName}', user id : '{this.currentUserId}') after the user changed the profile Homepage url to: {this.HomePage.Text}", EventLogTypes.SpamBotDetected); } else if (this.Get <BoardSettings>().BotHandlingOnRegister.Equals(2)) { this.Logger.Log( null, "Bot Detected", $"Internal Spam Word Check detected a SPAM BOT: (user name : '{userName}', user id : '{this.currentUserId}') after the user changed the profile Homepage url to: {this.HomePage.Text}, user was deleted and the name, email and IP Address are banned.", EventLogTypes.SpamBotDetected); // Kill user if (!this.PageContext.CurrentForumPage.IsAdminPage) { var user = UserMembershipHelper.GetMembershipUserById(this.currentUserId); var userId = this.currentUserId; var userIp = new CombinedUserDataHelper(user, userId).LastIP; UserMembershipHelper.DeleteAndBanUser(this.currentUserId, user, userIp); } } } } } if (this.Weblog.Text.IsSet() && !ValidationHelper.IsValidURL(this.Weblog.Text.Trim())) { this.PageContext.AddLoadMessage(this.GetText("PROFILE", "BAD_WEBLOG"), MessageTypes.warning); return; } if (this.Xmpp.Text.IsSet() && !ValidationHelper.IsValidXmpp(this.Xmpp.Text)) { this.PageContext.AddLoadMessage(this.GetText("PROFILE", "BAD_XMPP"), MessageTypes.warning); return; } if (this.ICQ.Text.IsSet() && !(ValidationHelper.IsValidEmail(this.ICQ.Text) || ValidationHelper.IsNumeric(this.ICQ.Text))) { this.PageContext.AddLoadMessage(this.GetText("PROFILE", "BAD_ICQ"), MessageTypes.warning); return; } if (this.Facebook.Text.IsSet() && !ValidationHelper.IsValidURL(this.Facebook.Text)) { this.PageContext.AddLoadMessage(this.GetText("PROFILE", "BAD_FACEBOOK"), MessageTypes.warning); return; } string displayName = null; if (this.Get <BoardSettings>().EnableDisplayName && this.Get <BoardSettings>().AllowDisplayNameModification) { // Check if name matches the required minimum length if (this.DisplayName.Text.Trim().Length < this.Get <BoardSettings>().DisplayNameMinLength) { this.PageContext.AddLoadMessage( this.GetTextFormatted("USERNAME_TOOLONG", this.Get <BoardSettings>().DisplayNameMinLength), MessageTypes.warning); return; } // Check if name matches the required minimum length if (this.DisplayName.Text.Length > this.Get <BoardSettings>().UserNameMaxLength) { this.PageContext.AddLoadMessage( this.GetTextFormatted("USERNAME_TOOLONG", this.Get <BoardSettings>().UserNameMaxLength), MessageTypes.warning); return; } if (this.DisplayName.Text.Trim() != this.UserData.DisplayName) { if (this.Get <IUserDisplayName>().GetId(this.DisplayName.Text.Trim()).HasValue) { this.PageContext.AddLoadMessage( this.GetText("REGISTER", "ALREADY_REGISTERED_DISPLAYNAME"), MessageTypes.warning); return; } displayName = this.DisplayName.Text.Trim(); } } if (this.Interests.Text.Trim().Length > 400) { this.PageContext.AddLoadMessage( this.GetTextFormatted("FIELD_TOOLONG", this.GetText("CP_EDITPROFILE", "INTERESTS"), 400), MessageTypes.warning); return; } if (this.Occupation.Text.Trim().Length > 400) { this.PageContext.AddLoadMessage( this.GetTextFormatted("FIELD_TOOLONG", this.GetText("CP_EDITPROFILE", "OCCUPATION"), 400), MessageTypes.warning); return; } this.UpdateUserProfile(userName); // save remaining settings to the DB this.GetRepository <User>().Save( this.currentUserId, this.PageContext.PageBoardID, null, displayName, null, this.UserData.TimeZoneInfo.Id, this.UserData.LanguageFile, this.UserData.CultureUser, this.UserData.ThemeFile, this.UserData.TextEditor, null, null, null, false, this.UserData.IsActiveExcluded, null); // clear the cache for this user...) this.Get <IRaiseEvent>().Raise(new UpdateUserEvent(this.currentUserId)); this.Get <IDataCache>().Clear(); if (!this.PageContext.CurrentForumPage.IsAdminPage) { BuildLink.Redirect(ForumPages.cp_profile); } else { this.userData = null; this.BindData(); } }
/// <summary> /// Handles the PostReply click including: Replying, Editing and New post. /// </summary> /// <param name="sender"> /// The Sender Object. /// </param> /// <param name="e"> /// The Event Arguments. /// </param> protected void PostReply_Click([NotNull] object sender, [NotNull] EventArgs e) { if (!this.IsPostReplyVerified()) { return; } if (this.IsPostReplyDelay()) { return; } var isPossibleSpamMessage = false; // Check for SPAM if (!this.PageContext.IsAdmin && !this.PageContext.ForumModeratorAccess && !this.PageContext.BoardSettings.SpamServiceType.Equals(0)) { // Check content for spam if ( this.Get <ISpamCheck>().CheckPostForSpam( this.PageContext.IsGuest ? this.From.Text : this.PageContext.PageUserName, this.Get <HttpRequestBase>().GetUserRealIPAddress(), BBCodeHelper.StripBBCode( HtmlHelper.StripHtml(HtmlHelper.CleanHtmlString(this.forumEditor.Text))) .RemoveMultipleWhitespace(), this.PageContext.IsGuest ? null : this.PageContext.User.Email, out var spamResult)) { switch (this.PageContext.BoardSettings.SpamMessageHandling) { case 0: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", $"Spam Check detected possible SPAM posted by User: {(this.PageContext.IsGuest ? this.From.Text : this.PageContext.PageUserName)}", EventLogTypes.SpamMessageDetected); break; case 1: this.spamApproved = false; isPossibleSpamMessage = true; this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", $"Spam Check detected possible SPAM ({spamResult}) posted by User: {(this.PageContext.IsGuest ? this.From.Text : this.PageContext.PageUserName)}, it was flagged as unapproved post.", EventLogTypes.SpamMessageDetected); break; case 2: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", $"Spam Check detected possible SPAM ({spamResult}) posted by User: {(this.PageContext.IsGuest ? this.From.Text : this.PageContext.PageUserName)}, post was rejected", EventLogTypes.SpamMessageDetected); this.PageContext.AddLoadMessage(this.GetText("SPAM_MESSAGE"), MessageTypes.danger); return; case 3: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", $"Spam Check detected possible SPAM ({spamResult}) posted by User: {(this.PageContext.IsGuest ? this.From.Text : this.PageContext.PageUserName)}, user was deleted and banned", EventLogTypes.SpamMessageDetected); var userIp = new CombinedUserDataHelper( this.PageContext.CurrentUserData.Membership, this.PageContext.PageUserID).LastIP; UserMembershipHelper.DeleteAndBanUser( this.PageContext.PageUserID, this.PageContext.CurrentUserData.Membership, userIp); return; } } } // Check posts for urls if the user has only x posts if (BoardContext.Current.CurrentUserData.NumPosts <= BoardContext.Current.Get <BoardSettings>().IgnoreSpamWordCheckPostCount&& !this.PageContext.IsAdmin && !this.PageContext.ForumModeratorAccess) { var urlCount = UrlHelper.CountUrls(this.forumEditor.Text); if (urlCount > this.PageContext.BoardSettings.AllowedNumberOfUrls) { var spamResult = $"The user posted {urlCount} urls but allowed only {this.PageContext.BoardSettings.AllowedNumberOfUrls}"; switch (this.PageContext.BoardSettings.SpamMessageHandling) { case 0: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", $"Spam Check detected possible SPAM ({spamResult}) posted by User: {(this.PageContext.IsGuest ? this.From.Text : this.PageContext.PageUserName)}", EventLogTypes.SpamMessageDetected); break; case 1: this.spamApproved = false; isPossibleSpamMessage = true; this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", $"Spam Check detected possible SPAM ({spamResult}) posted by User: {(this.PageContext.IsGuest ? this.From.Text : this.PageContext.PageUserName)}, it was flagged as unapproved post.", EventLogTypes.SpamMessageDetected); break; case 2: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", $"Spam Check detected possible SPAM ({spamResult}) posted by User: {(this.PageContext.IsGuest ? this.From.Text : this.PageContext.PageUserName)}, post was rejected", EventLogTypes.SpamMessageDetected); this.PageContext.AddLoadMessage(this.GetText("SPAM_MESSAGE"), MessageTypes.danger); return; case 3: this.Logger.Log( this.PageContext.PageUserID, "Spam Message Detected", $"Spam Check detected possible SPAM ({spamResult}) posted by User: {(this.PageContext.IsGuest ? this.From.Text : this.PageContext.PageUserName)}, user was deleted and banned", EventLogTypes.SpamMessageDetected); var userIp = new CombinedUserDataHelper( this.PageContext.CurrentUserData.Membership, this.PageContext.PageUserID).LastIP; UserMembershipHelper.DeleteAndBanUser( this.PageContext.PageUserID, this.PageContext.CurrentUserData.Membership, userIp); return; } } } // update the last post time... this.Get <ISession>().LastPost = DateTime.UtcNow.AddSeconds(30); // New Topic var messageId = this.PostReplyHandleNewPost(out var newTopic); // Check if message is approved var isApproved = this.GetRepository <Message>().GetById(messageId.ToType <int>()).MessageFlags.IsApproved; // vzrus^ the poll access controls are enabled and this is a new topic - we add the variables var attachPollParameter = string.Empty; var returnForum = string.Empty; if (this.PageContext.ForumPollAccess && this.PostOptions1.PollOptionVisible) { // new topic poll token attachPollParameter = $"&t={newTopic}"; // new return forum poll token returnForum = $"&f={this.PageContext.PageForumID}"; } // Create notification emails if (isApproved) { this.Get <ISendNotification>().ToWatchingUsers(messageId.ToType <int>()); if (!this.PageContext.IsGuest && this.PageContext.CurrentUserData.Activity) { // Handle Mentions BBCodeHelper.FindMentions(this.forumEditor.Text).ForEach( user => { var userId = this.Get <IUserDisplayName>().GetId(user).Value; if (userId != this.PageContext.PageUserID) { this.Get <IActivityStream>().AddMentionToStream( userId, newTopic.ToType <int>(), messageId.ToType <int>(), this.PageContext.PageUserID); } }); // Handle User Quoting BBCodeHelper.FindUserQuoting(this.forumEditor.Text).ForEach( user => { var userId = this.Get <IUserDisplayName>().GetId(user).Value; if (userId != this.PageContext.PageUserID) { this.Get <IActivityStream>().AddQuotingToStream( userId, newTopic.ToType <int>(), messageId.ToType <int>(), this.PageContext.PageUserID); } }); this.Get <IActivityStream>().AddTopicToStream( Config.IsDotNetNuke ? this.PageContext.PageForumID : this.PageContext.PageUserID, newTopic, messageId.ToType <int>(), this.TopicSubjectTextBox.Text, this.forumEditor.Text); // Add tags if (this.Tags.Text.IsSet()) { var tags = this.Tags.Text.Split(','); var boardTags = this.GetRepository <Tag>().GetByBoardId(); tags.ForEach( tag => { var existTag = boardTags.FirstOrDefault(t => t.TagName == tag); if (existTag != null) { // add to topic this.GetRepository <TopicTag>().Add( existTag.ID, newTopic.ToType <int>()); } else { // save new Tag var newTagId = this.GetRepository <Tag>().Add(tag); // add to topic this.GetRepository <TopicTag>().Add(newTagId, newTopic.ToType <int>()); } }); } } if (attachPollParameter.IsNotSet() || !this.PostOptions1.PollChecked) { // regular redirect... BuildLink.Redirect(ForumPages.Posts, "m={0}#post{0}", messageId); } else { // poll edit redirect... BuildLink.Redirect(ForumPages.PollEdit, "{0}", attachPollParameter); } } else { // Not Approved if (this.PageContext.BoardSettings.EmailModeratorsOnModeratedPost) { // not approved, notify moderators this.Get <ISendNotification>() .ToModeratorsThatMessageNeedsApproval( this.PageContext.PageForumID, messageId.ToType <int>(), isPossibleSpamMessage); } // 't' variable is required only for poll and this is a attach poll token for attachments page if (!this.PostOptions1.PollChecked) { attachPollParameter = string.Empty; } // Tell user that his message will have to be approved by a moderator var url = BuildLink.GetLink(ForumPages.Topics, "f={0}", this.PageContext.PageForumID); if (attachPollParameter.Length <= 0) { BuildLink.Redirect(ForumPages.Info, "i=1&url={0}", this.Server.UrlEncode(url)); } else { BuildLink.Redirect(ForumPages.PollEdit, "&ra=1{0}{1}", attachPollParameter, returnForum); } if (Config.IsRainbow) { BuildLink.Redirect(ForumPages.Info, "i=1"); } } }