protected void Page_Load(object sender, EventArgs e) { if (session.IsLoggedIn) { // redirect to the homepage if we are already logged in Response.Redirect("/"); } template.Parse("IS_CONTENT", "FALSE"); template.Parse("S_POST", core.Hyperlink.AppendSid("/register/", true)); string mode = Request.QueryString["mode"]; if (mode == "optout") { string emailKey = Request.QueryString["key"]; if (emailKey.Length == 32) { long rowsChanged = db.UpdateQuery(string.Format("UPDATE invite_keys SET invite_allow = 0 WHERE email_key = '{0}'", Mysql.Escape(emailKey))); if (rowsChanged > 0) { core.Display.ShowMessage("Opt-out of " + core.Settings.SiteTitle + " Mailings", "You have successfully opted-out of further " + core.Settings.SiteTitle + " mailings. If you continue to receive mailings send an e-mail to contact@" + Hyperlink.Domain + " with the subject \"opt-out\"."); return; } else { core.Display.ShowMessage("Cannot Opt-out", "The opt-out key you have given is missing or incomplete. To manually opt-out send an e-mail to contact@" + Hyperlink.Domain + " with the subject \"opt-out\"."); return; } } else { core.Display.ShowMessage("Cannot Opt-out", "The opt-out key you have given is missing or incomplete. To manually opt-out send an e-mail to contact@" + Hyperlink.Domain + " with the subject \"opt-out\"."); return; } } else if (mode == "activate") { long userId = 0; string activateKey = (string)Request.QueryString["key"]; try { userId = long.Parse(Request.QueryString["id"]); } catch { core.Display.ShowMessage("Error", "Error activating user."); return; } DataTable userTable = db.Query(string.Format("SELECT user_id FROM user_info WHERE user_id = {0} AND user_activate_code = '{1}';", userId, Mysql.Escape(activateKey))); if (userTable.Rows.Count == 1) { db.UpdateQuery(string.Format("UPDATE user_info SET user_active = 1 WHERE user_id = {0} AND user_activate_code = '{1}';", userId, Mysql.Escape(activateKey))); core.Display.ShowMessage("Success", "You have successfully activated your account. You may now [iurl=\"/sign-in/\"]sign in[/iurl].", ShowMessageOptions.Bbcode); return; } else { core.Display.ShowMessage("Error", "Error activating user."); return; } } else if (mode == "activate-password") { long userId = 0; string activateKey = (string)Request.QueryString["key"]; try { userId = long.Parse(Request.QueryString["id"]); } catch { core.Display.ShowMessage("Error", "Error activating new password."); return; } DataTable userTable = db.Query(string.Format("SELECT user_id, user_new_password FROM user_info WHERE user_id = {0} AND user_activate_code = '{1}';", userId, Mysql.Escape(activateKey))); if (userTable.Rows.Count == 1) { db.UpdateQuery(string.Format("UPDATE user_info SET user_password = '******', user_new_password = '' WHERE user_id = {0} AND user_activate_code = '{1}';", userId, Mysql.Escape(activateKey), Mysql.Escape(BoxSocial.Internals.User.HashPassword((string)userTable.Rows[0]["user_new_password"])))); core.Display.ShowMessage("Success", "You have successfully activated your new password. You may now [url=\"/sign-in/\"]sign in[/url]."); return; } else { core.Display.ShowMessage("Error", "Error activating new password."); return; } } else if (core.Http.Form["submit"] == null) { long groupId = core.Functions.FormLong("gid", core.Functions.RequestLong("gid", 0)); string emailKey = core.Http.Query["key"]; string referralKey = core.Http.Query["refer"]; bool continueSignup = false; Dictionary<string, InviteKey> keys = InviteKey.GetInvites(core, emailKey); Dictionary<string, ReferralKey> referrals = ReferralKey.GetReferrals(core, referralKey); if (core.Settings.SignupMode == "invite") { if (keys.Count == 0 && referrals.Count == 0) { continueSignup = false; } else { continueSignup = true; } } else { continueSignup = true; } if (continueSignup) { template.Parse("GID", groupId.ToString()); prepareNewCaptcha(); if (!string.IsNullOrEmpty(emailKey)) { template.Parse("EMAIL_KEY", emailKey); } if (!string.IsNullOrEmpty(referralKey)) { template.Parse("REFERRAL_KEY", referralKey); } if (groupId > 0) { try { UserGroup thisGroup = new UserGroup(core, groupId); if (loggedInMember != null) { if (loggedInMember.UserInfo.ShowCustomStyles) { template.Parse("USER_STYLE_SHEET", string.Format("group/{0}.css", thisGroup.Key)); } } else { template.Parse("USER_STYLE_SHEET", string.Format("group/{0}.css", thisGroup.Key)); } } catch { } } } else { core.Display.ShowMessage("Invite Only", "Sorry, registration is current on an invite-only basis at the moment. Check back later."); } } else { long groupId = core.Functions.FormLong("gid", core.Functions.RequestLong("gid", 0)); string emailKey = core.Http.Form["key"]; string referralKey = core.Http.Form["refer"]; bool continueSignup = false; List<long> invitedById = new List<long>(); Dictionary<string, InviteKey> keys = InviteKey.GetInvites(core, emailKey); Dictionary<string, ReferralKey> referrals = ReferralKey.GetReferrals(core, referralKey); if (core.Settings.SignupMode == "invite") { if (keys.Count == 0 && referrals.Count == 0) { continueSignup = false; } else { continueSignup = true; foreach (string key in keys.Keys) { invitedById.Add(keys[key].InviteUserId); } } } else { continueSignup = true; } if (continueSignup) { // submit the form template.Parse("USERNAME", (string)core.Http.Form["username"]); template.Parse("EMAIL", (string)core.Http.Form["email"]); template.Parse("CONFIRM_EMAIL", (string)core.Http.Form["confirm-email"]); template.Parse("GID", groupId.ToString()); if (!string.IsNullOrEmpty(emailKey)) { template.Parse("EMAIL_KEY", emailKey); } if (!string.IsNullOrEmpty(referralKey)) { template.Parse("REFERRAL_KEY", referralKey); } DataTable confirmTable = db.Query(string.Format("SELECT confirm_code FROM confirm WHERE confirm_type = 1 AND session_id = '{0}' LIMIT 1", Mysql.Escape(session.SessionId))); if (confirmTable.Rows.Count != 1) { template.Parse("ERROR", "Captcha is invalid, please try again."); prepareNewCaptcha(); } else if (((string)confirmTable.Rows[0]["confirm_code"]).ToLower() != ((string)core.Http.Form["captcha"]).ToLower()) { template.Parse("ERROR", "Captcha is invalid, please try again."); prepareNewCaptcha(); } else if (!BoxSocial.Internals.User.CheckUserNameValid(core.Http.Form["username"])) { template.Parse("ERROR", "Username is invalid, you may only use letters, numbers, period, underscores or a dash (a-z, 0-9, '_', '-', '.')."); prepareNewCaptcha(); } else if (!BoxSocial.Internals.User.CheckUserNameUnique(db, core.Http.Form["username"])) { template.Parse("ERROR", "Username is already taken, please choose another one."); prepareNewCaptcha(); } else if (!BoxSocial.Internals.User.CheckEmailValid(core.Http.Form["email"])) { template.Parse("ERROR", "You have entered an invalid e-mail address, you must use a valid e-mail address to complete registration."); prepareNewCaptcha(); } else if (!BoxSocial.Internals.User.CheckEmailUnique(core, core.Http.Form["email"])) { template.Parse("ERROR", "The e-mail address you have entered has already been registered."); prepareNewCaptcha(); } else if (core.Http.Form["email"] != core.Http.Form["confirm-email"]) { template.Parse("ERROR", "The e-mail addresses you entered do not match, may sure you have entered your e-mail address correctly."); prepareNewCaptcha(); } else if (core.Http.Form["password"] != core.Http.Form["confirm-password"]) { template.Parse("ERROR", "The passwords you entered do not match, make sure you have entered your desired password correctly."); prepareNewCaptcha(); } else if (((string)core.Http.Form["password"]).Length < 6) { template.Parse("ERROR", "The password you entered is too short. Please choose a strong password of 6 characters or more."); prepareNewCaptcha(); } else if ((string)core.Http.Form["agree"] != "true") { template.Parse("ERROR", "You must accept the " + core.Settings.SiteTitle + " Terms of Service to register an account."); prepareNewCaptcha(); } else { User newUser = BoxSocial.Internals.User.Register(Core, core.Http.Form["username"], core.Http.Form["email"], core.Http.Form["password"], core.Http.Form["confirm-password"]); if (newUser == null) { template.Parse("ERROR", "Bad registration details"); prepareNewCaptcha(); } else { // captcha is a use once thing, destroy all for this session db.UpdateQuery(string.Format("DELETE FROM confirm WHERE confirm_type = 1 AND session_id = '{0}'", Mysql.Escape(session.SessionId))); // Invite keys are single use if (!string.IsNullOrEmpty(emailKey)) { db.UpdateQuery(string.Format("DELETE FROM invite_keys WHERE email_key = '{0}'", Mysql.Escape(emailKey))); } foreach (long friendId in invitedById) { if (friendId > 0) { long relationId = db.UpdateQuery(string.Format("INSERT INTO user_relations (relation_me, relation_you, relation_time_ut, relation_type) VALUES ({0}, {1}, UNIX_TIMESTAMP(), 'FRIEND');", newUser.UserId, friendId)); long relationId2 = db.UpdateQuery(string.Format("INSERT INTO user_relations (relation_me, relation_you, relation_time_ut, relation_type) VALUES ({0}, {1}, UNIX_TIMESTAMP(), 'FRIEND');", friendId, newUser.UserId)); db.UpdateQuery(string.Format("UPDATE user_info ui SET ui.user_friends = ui.user_friends + 1 WHERE ui.user_id = {0};", friendId)); db.UpdateQuery(string.Format("UPDATE user_info ui SET ui.user_friends = ui.user_friends + 1 WHERE ui.user_id = {0};", newUser.UserId)); } } if (groupId > 0) { try { UserGroup thisGroup = new UserGroup(core, groupId); if (loggedInMember != null) { if (loggedInMember.UserInfo.ShowCustomStyles) { template.Parse("USER_STYLE_SHEET", string.Format("group/{0}.css", thisGroup.Key)); } } else { template.Parse("USER_STYLE_SHEET", string.Format("group/{0}.css", thisGroup.Key)); } int activated = 0; switch (thisGroup.GroupType) { case "OPEN": case "PRIVATE": // assume as you've been invited that it is enough for activation activated = 1; break; case "REQUEST": case "CLOSED": activated = 0; break; } bool isInvited = thisGroup.IsGroupInvitee(newUser); // do not need an invite unless the group is private // private groups you must be invited to if (thisGroup.GroupType != "PRIVATE" || (thisGroup.GroupType == "PRIVATE" && isInvited)) { db.BeginTransaction(); db.UpdateQuery(string.Format("INSERT INTO group_members (group_id, user_id, group_member_approved, group_member_ip, group_member_date_ut) VALUES ({0}, {1}, {2}, '{3}', UNIX_TIMESTAMP());", thisGroup.GroupId, newUser.Id, activated, Mysql.Escape(session.IPAddress.ToString()), true)); if (activated == 1) { db.UpdateQuery(string.Format("UPDATE group_info SET group_members = group_members + 1 WHERE group_id = {0}", thisGroup.GroupId)); } // just do it anyway, can be invited to any type of group db.UpdateQuery(string.Format("DELETE FROM group_invites WHERE group_id = {0} AND user_id = {1}", thisGroup.GroupId, newUser.Id)); } core.Template.Parse("REDIRECT_URI", thisGroup.Uri); } catch (InvalidGroupException) { } } //Response.Redirect("/", true); core.Display.ShowMessage("Registered", "You have registered. Before you can use your account you must verify your e-mail address by clicking a verification link sent to it."); return; /* stop processing the display of this page */ } } } else { core.Display.ShowMessage("Invite Only", "Sorry, registration is current on an invite-only basis at the moment. Check back later."); } } EndResponse(); }
void AccountGroupsMembershipsManage_Join_Save(object sender, EventArgs e) { AuthoriseRequestSid(); long groupId = core.Functions.FormLong("id", core.Functions.RequestLong("id", 0)); if (groupId == 0) { core.Display.ShowMessage("Error", "Unable to complete action, missing data. Go back and try again."); return; } if (core.Display.GetConfirmBoxResult() == ConfirmBoxResult.Yes || core.Functions.RequestLong("id", 0) == groupId) { try { UserGroup thisGroup = new UserGroup(core, groupId); int activated = 0; DataTable membershipTable = db.Query(string.Format("SELECT user_id FROM group_members WHERE group_id = {0} AND user_id = {1};", thisGroup.GroupId, LoggedInMember.Id)); if (membershipTable.Rows.Count > 0) { SetRedirectUri(thisGroup.Uri); core.Display.ShowMessage("Already a Member", "You are already a member of this group."); return; } switch (thisGroup.GroupType) { case "OPEN": case "PRIVATE": // assume as you've been invited that it is enough for activation activated = 1; break; case "REQUEST": case "CLOSED": activated = 0; break; } bool isInvited = thisGroup.IsGroupInvitee(LoggedInMember); // do not need an invite unless the group is private // private groups you must be invited to if (thisGroup.GroupType != "PRIVATE" || (thisGroup.GroupType == "PRIVATE" && isInvited)) { db.BeginTransaction(); db.UpdateQuery(string.Format("INSERT INTO group_members (group_id, user_id, group_member_approved, group_member_ip, group_member_date_ut) VALUES ({0}, {1}, {2}, '{3}', UNIX_TIMESTAMP());", thisGroup.GroupId, LoggedInMember.Id, activated, Mysql.Escape(session.IPAddress.ToString()), true)); if (activated == 1) { db.UpdateQuery(string.Format("UPDATE group_info SET group_members = group_members + 1 WHERE group_id = {0}", thisGroup.GroupId)); } // just do it anyway, can be invited to any type of group db.UpdateQuery(string.Format("DELETE FROM group_invites WHERE group_id = {0} AND user_id = {1}", thisGroup.GroupId, LoggedInMember.Id)); SetRedirectUri(thisGroup.Uri); if (thisGroup.GroupType == "OPEN" || thisGroup.GroupType == "PRIVATE") { core.Display.ShowMessage("Joined Group", "You have joined this group."); } else if (thisGroup.GroupType == "CLOSED") { core.Display.ShowMessage("Joined Group", "You applied to join this group. A group operator must approve your membership before you will be admitted into the group."); } return; } else { core.Display.ShowMessage("Cannot join group", "This group is private, you must be invited to be able to join it."); return; } } catch { core.Display.ShowMessage("Group does not Exist", "The group you are trying to join does not exist."); return; } } else { SetRedirectUri(BuildUri()); core.Display.ShowMessage("Cancelled", "You cancelled joining the group."); } }