public UserCookie( User user )
{
this.user = user;
//Allows different users on the same machine to hide unique sets of forums
cookieName = "CommunityServer-UserCookie" + user.UserID.ToString();
context = csContext.Context;
userCookie = context.Request.Cookies[cookieName];
//use a global key
cookieKey = string.Format("hfg-{0}",CSContext.Current.ApplicationType);
// Did we find a cookie?
//
if (userCookie == null) {
userCookie = new HttpCookie(cookieName);
} else {
userCookie = context.Request.Cookies[cookieName];
}
}
public static bool CheckUserLastPostDate(User user)
{
string cacheKey = "UserLastPostTable";
string userKey = "User:"******":IP:" + CSContext.Current.Context.Request.UserHostAddress;
// If the table is null, no posters to care about, so return true
if(userLastPostTable == null)
return true;
// Iterate through the table... remove all bad entries
// This may seem a little slower, but it helps to keep the table small
// Some users may only post once a day, but if the forums stay active all that time,
// their postdate will still be in memory... regularly walking it and removing unnecessary
// entries keeps it short
lock(userLastPostTable.SyncRoot)
{
string[] keys = new string[userLastPostTable.Count];
userLastPostTable.Keys.CopyTo(keys, 0);
foreach(string key in keys)
if(((DateTime)userLastPostTable[key]).AddSeconds(CSContext.Current.SiteSettings.PostInterval) <= DateTime.Now)
userLastPostTable.Remove(key);
}
// If they aren't in there, then they aren't still being blocked, return true;
if(!userLastPostTable.Contains(userKey))
return true;
// An entry for them is still in there, so they still can't post
return false;
}
protected static string GenericEmailFormatter(string stringToFormat, User user, Post post, bool html, bool truncateMessage )
{
// string timeSend = string.Format(ResourceManager.GetString("Utility_CurrentTime_formatGMT"), DateTime.Now.ToString(ResourceManager.GetString("Utility_CurrentTime_dateFormat")));
DateTime time = DateTime.Now;
// set the timesent and sitename
stringToFormat = Regex.Replace(stringToFormat, "\\[timesent\\]", time.ToString(ResourceManager.GetString("Utility_CurrentTime_dateFormat")) + " " + string.Format( ResourceManager.GetString("Utility_CurrentTime_formatGMT"), CSContext.Current.SiteSettings.TimezoneOffset.ToString() ), RegexOptions.IgnoreCase | RegexOptions.Compiled);
stringToFormat = Regex.Replace(stringToFormat, "\\[moderatorl\\]", Globals.GetSiteUrls().Moderate, RegexOptions.IgnoreCase | RegexOptions.Compiled);
stringToFormat = Regex.Replace(stringToFormat, "\\[sitename\\]", CSContext.Current.SiteSettings.SiteName.Trim(), RegexOptions.IgnoreCase | RegexOptions.Compiled);
stringToFormat = Regex.Replace(stringToFormat, "\\[websiteurl\\]", Globals.GetSiteUrls().Home, RegexOptions.IgnoreCase | RegexOptions.Compiled);
stringToFormat = Regex.Replace(stringToFormat, "\\[adminemail\\]", (CSContext.Current.SiteSettings.AdminEmailAddress.Trim() != "" ) ? CSContext.Current.SiteSettings.AdminEmailAddress.Trim() : "*****@*****.**", RegexOptions.IgnoreCase | RegexOptions.Compiled);
if(CSContext.Current.Context != null)
{
stringToFormat = Regex.Replace(stringToFormat, "\\[loginurl\\]", Globals.HostPath(CSContext.Current.Context.Request.Url) + Globals.GetSiteUrls().LoginReturnHome, RegexOptions.IgnoreCase | RegexOptions.Compiled);
stringToFormat = Regex.Replace(stringToFormat, "\\[passwordchange\\]", Globals.HostPath(CSContext.Current.Context.Request.Url) + Globals.GetSiteUrls().UserChangePassword, RegexOptions.IgnoreCase | RegexOptions.Compiled);
}
else
{
stringToFormat = Regex.Replace(stringToFormat, "\\[loginurl\\]", Globals.HostPath(new Uri(CSContext.Current.RawUrl)) + Globals.GetSiteUrls().LoginReturnHome, RegexOptions.IgnoreCase | RegexOptions.Compiled);
stringToFormat = Regex.Replace(stringToFormat, "\\[passwordchange\\]", Globals.HostPath(new Uri(CSContext.Current.RawUrl)) + Globals.GetSiteUrls().UserChangePassword, RegexOptions.IgnoreCase | RegexOptions.Compiled);
}
// return a generic email address if it isn't set.
//
string adminEmailAddress = (CSContext.Current.SiteSettings.AdminEmailAddress.Trim() != "" ) ? CSContext.Current.SiteSettings.AdminEmailAddress.Trim() : "*****@*****.**";
string siteName = CSContext.Current.SiteSettings.SiteName.Trim();
stringToFormat = Regex.Replace(stringToFormat, "\\[adminemailfrom\\]", string.Format( ResourceManager.GetString("AutomatedEmail").Trim(), siteName, adminEmailAddress), RegexOptions.IgnoreCase | RegexOptions.Compiled);
// Specific to a user
//
if (user != null) {
stringToFormat = Regex.Replace(stringToFormat, "\\[username\\]", user.Username.Trim(), RegexOptions.IgnoreCase | RegexOptions.Compiled);
stringToFormat = Regex.Replace(stringToFormat, "\\[email\\]", user.Email.Trim(), RegexOptions.IgnoreCase | RegexOptions.Compiled);
stringToFormat = Regex.Replace(stringToFormat, "\\[publicemail\\]", user.Profile.PublicEmail.Trim(), RegexOptions.IgnoreCase | RegexOptions.Compiled);
stringToFormat = Regex.Replace(stringToFormat, "\\[datecreated\\]", user.GetTimezone(user.DateCreated).ToString(user.Profile.DateFormat), RegexOptions.IgnoreCase | RegexOptions.Compiled);
stringToFormat = Regex.Replace(stringToFormat, "\\[lastlogin\\]", user.GetTimezone(user.LastLogin).ToString(user.Profile.DateFormat), RegexOptions.IgnoreCase | RegexOptions.Compiled);
stringToFormat = Regex.Replace(stringToFormat, "\\[profileurl\\]", Globals.GetSiteUrls().UserEditProfile, RegexOptions.IgnoreCase | RegexOptions.Compiled);
if (user.Password != null)
stringToFormat = Regex.Replace(stringToFormat, "\\[password\\]", user.Password.Trim(), RegexOptions.IgnoreCase | RegexOptions.Compiled);
}
// make urls clickable, don't do it if we have a post,
// because we're going to do it again before adding the post contents
if (html && post == null) stringToFormat = Regex.Replace(stringToFormat,@"(http|ftp|https):\/\/[\w]+(.[\w]+)([\w\-\.,@?^=%&:/~\+#]*[\w\-\@?^=%&/~\+#])?","<a href=\"$0\">$0</a>",RegexOptions.IgnoreCase | RegexOptions.Compiled);
if (post != null) {
stringToFormat = Regex.Replace(stringToFormat, "\\[postedby\\]", post.Username.Trim(), RegexOptions.IgnoreCase | RegexOptions.Compiled);
stringToFormat = Regex.Replace(stringToFormat, "\\[subject\\]", post.Subject.Trim(), RegexOptions.IgnoreCase | RegexOptions.Compiled);
stringToFormat = Regex.Replace(stringToFormat, "\\[postdate\\]", post.User.GetTimezone(post.PostDate).ToString(), RegexOptions.IgnoreCase | RegexOptions.Compiled);
stringToFormat = Regex.Replace(stringToFormat, "\\[replyurl\\]", Globals.GetSiteUrls().Post(post.PostID), RegexOptions.IgnoreCase | RegexOptions.Compiled);
stringToFormat = Regex.Replace(stringToFormat, "\\[moderatePostUrl\\]", Globals.GetSiteUrls().Post(post.PostID), RegexOptions.IgnoreCase | RegexOptions.Compiled);
if(CSContext.Current.Context != null)
stringToFormat = Regex.Replace(stringToFormat, "\\[posturl\\]", Globals.HostPath(CSContext.Current.Context.Request.Url) + Globals.GetSiteUrls().Post(post.PostID), RegexOptions.IgnoreCase | RegexOptions.Compiled);
else
stringToFormat = Regex.Replace(stringToFormat, "\\[posturl\\]", Globals.HostPath(new Uri(CSContext.Current.RawUrl)) + Globals.GetSiteUrls().Post(post.PostID), RegexOptions.IgnoreCase | RegexOptions.Compiled);
if(post.Section != null)
stringToFormat = Regex.Replace(stringToFormat, "\\[forumname\\]", post.Section.Name.Trim(), RegexOptions.IgnoreCase | RegexOptions.Compiled);
//stringToFormat = Regex.Replace(stringToFormat, "\\[forumUrl\\]", Globals.HostPath(CSContext.Current.Context.Request.Url) + ForumUrls.Instance().Forum(post.SectionID), RegexOptions.IgnoreCase | RegexOptions.Compiled);
// make urls clickable before adding post HTML
if (html) stringToFormat = Regex.Replace(stringToFormat,@"(http|ftp|https):\/\/[\w]+(.[\w]+)([\w\-\.,@?^=%&:\$/~\+#]*[\w\-\@?^=%&/~\+#])?","<a href=\"$0\">$0</a>",RegexOptions.IgnoreCase | RegexOptions.Compiled);
// strip html from post if necessary
string postbody = post.FormattedBody;
// if the user doesn't want HTML and the post is HTML, then strip it
if (!html && post.PostType == PostType.HTML)
postbody = Emails.FormatHtmlAsPlainText(postbody);
// if the user wants HTML and the post is PlainText, then add HTML to it
else if (html && post.PostType == PostType.BBCode)
postbody = Emails.FormatPlainTextAsHtml(postbody);
// Finally, trim this post so the user doesn't get a huge email
//
postbody.Trim();
if (truncateMessage) {
// if we throw an error, the post was too short to cut anyhow
//
try {
postbody = Formatter.CheckStringLength(postbody, 300);
}
catch {}
}
stringToFormat = Regex.Replace(stringToFormat, "\\[postbody\\]", postbody, RegexOptions.IgnoreCase | RegexOptions.Compiled);
}
return stringToFormat;
}
/// <summary>
/// Raises all AfterUser events. These events are raised after changes (created or update) are
/// made to the datastore
/// </summary>
public static void AfterUser(User user, ObjectState state)
{
CSApplication.Instance().ExecutePostUserUpdate(user,state);
}
/// <summary>
/// Raises all UserRemoved events. These events are raised before the user is removed from the data store
/// </summary>
/// <param name="user"></param>
public static void UserRemoved(User user)
{
CSApplication.Instance().ExecuteUserRemove(user);
}
/// <summary>
/// Validates if a user the owner of the current section. Owners are users who have
/// elevated permissions but no specific roles assigned. If the user is the owner,
/// their role based security will be ignored
/// </summary>
/// <param name="user">User to evaluate</param>
/// <returns>True if the user's UserName exists as part of the Owners property (split into an array)</returns>
protected virtual bool IsOwner(User user)
{
if(ownerArray == null)
ownerArray = Owners.Split(';');
if(ownerArray != null && ownerArray[0].Length > 0)
{
foreach(string owner in ownerArray)
{
if(string.Compare(owner,user.Username,true) == 0)
return true;
}
}
return false;
}
public abstract void ToggleUserForceLogin(User user);
public abstract User CreateUpdateDeleteUser(User user, DataProviderAction action, out CreateUserStatus status);
protected void ExecuteUserEvent(object EventKey, User user,ObjectState state, ApplicationType appType)
{
CSUserEventHandler handler = Events[EventKey] as CSUserEventHandler;
if (handler != null)
{
handler(user, new CSEventArgs(state,appType));
}
}
// *********************************************************************
// Update
//
/// <summary>
/// Updates a user's personal information.
/// </summary>
/// <param name="user">The user to update. The Username indicates what user to update.</param>
/// <param name="NewPassword">If the user is changing their password, the user's new password.
/// Otherwise, this should be the user's existing password.</param>
/// <returns>This method returns a boolean: it returns True if
/// the update succeeds, false otherwise. (The update might fail if the user enters an
/// incorrect password.)</returns>
/// <remarks>For the user to update their information, they must supply their password. Therefore,
/// the Password property of the user object passed in should be set to the user's existing password.
/// The NewPassword parameter should contain the user's new password (if they are changing it) or
/// existing password if they are not. From this method, only the user's personal information can
/// be updated (the user's password, forum view settings, email address, etc.); to update the user's
/// system-level settings (whether or not they are banned, their trusted status, etc.), use the
/// UpdateUserInfoFromAdminPage method. <seealso cref="UpdateUserInfoFromAdminPage"/></remarks>
///
// ********************************************************************/
public static bool UpdateUser(User user)
{
CSEvents.BeforeUser(user,ObjectState.Update);
//Make sure we update all references to User
CSContext context = CSContext.Current;
context.User = user;
// Create Instance of the CommonDataProvider
CommonDataProvider dp = CommonDataProvider.Instance();
bool updatePasswordSucceded = false;
CreateUserStatus status;
string cacheKey = "UserLookupTable";
string userKey = "User-";
user.Email = Globals.HtmlEncode(user.Email);
if(user.HasProfile && !user.Profile.IsReadOnly)
{
// we need to strip the <script> tags from input forms
user.Profile.Signature = HtmlScrubber.Clean(user.Profile.Signature, true, true); //Transforms.StripHtmlXmlTags(user.Profile.Signature);
user.Profile.AolIM = Globals.HtmlEncode(user.Profile.AolIM);
user.Profile.PublicEmail = Globals.HtmlEncode(user.Profile.PublicEmail);
user.Profile.IcqIM = Globals.HtmlEncode(user.Profile.IcqIM);
user.Profile.Interests = Globals.HtmlEncode(user.Profile.Interests);
user.Profile.Location = Globals.HtmlEncode(user.Profile.Location);
user.Profile.MsnIM = Globals.HtmlEncode(user.Profile.MsnIM);
user.Profile.Occupation = Globals.HtmlEncode(user.Profile.Occupation);
user.Profile.WebAddress = Globals.HtmlEncode(user.Profile.WebAddress);
user.Profile.WebLog = Globals.HtmlEncode(user.Profile.WebLog);
user.Profile.YahooIM = Globals.HtmlEncode(user.Profile.YahooIM);
user.Profile.QQIM = Globals.HtmlEncode(user.Profile.QQIM);
//Save the user's profile data
user.Profile.Save();
}
//Note: SHS does not support updating username
//user.Username = Transforms.StripHtmlXmlTags(user.Username);
user.AvatarUrl = Globals.HtmlEncode(user.AvatarUrl);
user.Nickname = Globals.HtmlEncode(user.Nickname);
// Call the underlying update
dp.CreateUpdateDeleteUser(user, DataProviderAction.Update, out status);
updatePasswordSucceded = true;
CSEvents.AfterUser(user,ObjectState.Update);
// Remove from the cache if it exists
Hashtable userLookupTable = CSCache.Get(cacheKey) as Hashtable;
if (userLookupTable != null)
{
userLookupTable.Remove(userKey + user.UserID);
userLookupTable.Remove(userKey + user.Username);
userLookupTable.Remove(userKey + user.Nickname);
}
return updatePasswordSucceded;
}
// *********************************************************************
// TrackAnonymousUsers
//
/// <summary>
/// Used to keep track of the number of anonymous users on the system
/// </summary>
/// <returns>A collection of user.</returns>
///
// ********************************************************************/
public static void TrackAnonymousUsers(HttpContext context)
{
// Ignore RSS requests
//
if (context.Request.Url.ToString().IndexOf("rss.aspx") > 0)
return;
// Ignore style sheet requests
//
if (context.Request.Url.ToString().IndexOf("style") > 0)
return;
SiteSettings siteSettings = SiteSettingsManager.GetSiteSettings(context);
// Is anonymous user tracking enabled?
//
if (!siteSettings.EnableAnonymousUserTracking)
return;
// Have we already done this work for this request?
//
if (context.Items["CheckedAnonymousCookie"] != null)
return;
else
context.Items["CheckedAnonymousCookie"] = "true";
string cookieName = siteSettings.AnonymousCookieName;
HttpCookie cookie =null;
// Is the user anonymous?
//
if (context.Request.IsAuthenticated)
{
cookie = new HttpCookie(cookieName);
context.Response.Cookies[cookieName].Expires = new System.DateTime(1999, 10, 12);
context.Response.Cookies.Add(cookie);
return;
}
string userID = Guid.NewGuid().ToString();
Hashtable anonymousUsers = GetAnonymousUserList(siteSettings.SettingsID);
string lastAction = context.Request.Url.PathAndQuery;
User user = null;
// Check if the Tracking cookie exists
//
cookie = context.Request.Cookies[cookieName];
// Track anonymous user
//
if ((null == cookie) || (cookie.Value == null)) { // Only do the work if we don't have the cookie
// Set the UsedID value of the cookie
//
cookie = new HttpCookie(cookieName);
cookie.Value = userID;
cookie.Expires = DateTime.Now.AddMinutes(siteSettings.AnonymousCookieExpiration);
context.Response.Cookies.Add(cookie);
// Create a user
//
user = new User();
user.LastAction = SiteUrls.LocationKey();
user.LastActivity = DateTime.Now;
user.SettingsID = siteSettings.SettingsID;
// 2005-02-27: �������ݣ���¼�����û�IP
user.IPCreated = Globals.IPAddress;
user.IPLastActivity = Globals.IPAddress;
// Add the anonymous user
//
if (!anonymousUsers.Contains(userID) )
anonymousUsers[userID] = user;
} else {
if (cookie.Value != null)
userID = cookie.Value.ToString();
else
userID = null;
// Update the anonymous list
//
if ((userID == null) || (userID == string.Empty)) {
context.Response.Cookies[cookieName].Expires = new System.DateTime(1999, 10, 12);
} else {
// Find the cookie in the anonymous list
//
if (anonymousUsers[userID] == null) {
anonymousUsers[userID] = new User();
}
user = (User) anonymousUsers[userID];
user.LastAction = SiteUrls.LocationKey();
user.LastActivity = DateTime.Now;
// 2005-02-27: �������ݣ���¼�����û�IP
user.IPCreated = Globals.IPAddress;
user.IPLastActivity = Globals.IPAddress;
// Reset the expiration on the cookie
//
cookie = new HttpCookie(cookieName);
cookie.Value = userID;
cookie.Expires = DateTime.Now.AddMinutes(siteSettings.AnonymousCookieExpiration);
context.Response.Cookies.Add(cookie);
}
}
}
public static void ToggleForceLogin(User user)
{
// Update the setting in the database
CommonDataProvider dp = CommonDataProvider.Instance();
dp.ToggleUserForceLogin(user);
// Remove the cached user entry so it is force to reget it and not have ForceLogin true
string cacheKey = "UserLookupTable";
string userKey = "User-";
Hashtable userLookupTable = CSCache.Get(cacheKey) as Hashtable;
if (userLookupTable != null)
{
userLookupTable.Remove(userKey + user.UserID);
userLookupTable.Remove(userKey + user.Username);
userLookupTable.Remove(userKey + user.Nickname);
}
}
public static User GetAnonymousUser(string username)
{
User user = new User();
// Do we have a username or email address?
//
if ( username == null )
username = ResourceManager.GetString("DefaultAnonymousUsername");
//Find away to set this...or default it better
user.Username = username;
user.UserID = 0;
user.IsAnonymous = true;
// 2005-02-27: �������ݣ���¼�����û�IP
user.IPCreated = Globals.IPAddress;
user.IPLastActivity = Globals.IPAddress;
return user;
}
private static User GetUserFromDataProvider(int userID, string username, string nickname, bool isOnline, bool isEditable, bool autoCreateUser)
{
// Get an instance of the CommonDataProvider
//
CommonDataProvider dp = CommonDataProvider.Instance();
string lastAction = SiteUrls.LocationKey();
// Attempt to get the user from the dataprovider layer
//
try
{
// 2005-02-27: ��������¼���IP, ���������dzƻ�ȡ�û����Ϸ���
string ipAddress = Globals.IPAddress;
return dp.GetUser(userID, username, nickname, isOnline, isEditable, lastAction, ipAddress);
}
catch (CSException)
{
CSContext csContext = CSContext.Current;
if (autoCreateUser && csContext.IsWebRequest)
{
if (Regex.IsMatch(csContext.Context.User.Identity.AuthenticationType, "^(Negotiate|Digest|Basic|NTLM)$"))
{
bool bSendEmail = false;
User newUser = new User();
// What type of account activation are we using?
//
if (csContext.SiteSettings.AccountActivation == AccountActivation.Email)
{
bSendEmail = true;
newUser.AccountStatus = UserAccountStatus.Approved;
}
if (csContext.SiteSettings.AccountActivation == AccountActivation.AdminApproval)
{
newUser.AccountStatus = UserAccountStatus.ApprovalPending;
}
//ToDo: Fix this
//newUser.Username = GetLoggedOnUsername();
newUser.Email = username.Substring(username.IndexOf("\\") + 1) + CSContext.Current.SiteSettings.EmailDomain;
//newUser.Password = "******";
CreateUserStatus myStatus = Create(newUser, bSendEmail);
if (myStatus == CreateUserStatus.Created)
return newUser;
else
return null;
}
}
// if we made it to here, we can't figure out the user
//
return null;
}
}
public static CreateUserStatus Create(User user, bool sendEmail, bool ignoreDisallowNames)
{
CSEvents.BeforeUser(user, ObjectState.Create);
CSContext csContext = CSContext.Current;
SiteSettings settings = csContext.SiteSettings;
AccountActivation activation = settings.AccountActivation;
CreateUserStatus status;
string password = user.Password;
// 2005-02-26: ����ע��IP���������ʽ���dz�
user.Nickname = Globals.HtmlEncode(user.Nickname);
User nicknameUser = Users.GetUserByNickname(user.Nickname);
if (nicknameUser != null && nicknameUser.UserID > 0)
return CreateUserStatus.DuplicateNickname;
user.Email = Globals.HtmlEncode(user.Email);
user.DatabaseQuota = settings.UserDatabaseQuota;
user.IPCreated = Globals.IPAddress;
// Lucian: deprecated since it is not handled in CreateUser control
// and regEx validation on control's form.
// Make sure the username begins with an alpha character
//if (!Regex.IsMatch(user.Username, "^[A-Za-z].*"))
// return CreateUserStatus.InvalidFirstCharacter;
// Check if username is disallowed
if ((!ignoreDisallowNames) && ( DisallowedNames.NameIsDisallowed(user.Username) == true ))
return CreateUserStatus.DisallowedUsername;
// Strip the domain name from the username, if one is present
if( user.Username.IndexOf("\\") > 0 && settings.StripDomainName )
user.Username = user.Username.Substring( user.Username.LastIndexOf("\\") + 1 );
// Set the user's default moderation level
user.ModerationLevel = CSContext.Current.SiteSettings.NewUserModerationLevel;
// Create Instance of the CommonDataProvider
CommonDataProvider dp = CommonDataProvider.Instance();
try {
User createdUser = dp.CreateUpdateDeleteUser(user, DataProviderAction.Create, out status);
if(createdUser != null && status == CreateUserStatus.Created)
{
csContext.User = createdUser;
CSConfiguration config = csContext.Config;
if(settings.EnableDefaultRole && config.DefaultRoles.Length > 0)
{
foreach(string role in config.DefaultRoles)
{
Roles.AddUserToRole(createdUser.Username, role);
}
}
// ע��ʱĬ��ʱ����Ĭ������
createdUser.Profile.Timezone = settings.TimezoneOffset;
createdUser.Profile.Language = Globals.Language;
createdUser.Profile.Save();
CSEvents.AfterUser(createdUser,ObjectState.Create);
}
}
catch (CSException e) {
return e.CreateUserStatus;
}
// process the emails now
//
if(sendEmail == true)
{
User currentUser = CSContext.Current.User;
if (currentUser.IsForumAdministrator || currentUser.IsBlogAdministrator || currentUser.IsGalleryAdministrator)
{
activation = AccountActivation.Automatic;
}
// TDD HACK 7/19/2004
// we are about to send email to the user notifying them that their account was created, problem is
// when we create the user above we can't set the DateCreated property as this is set through the proc
// but the email needs to know the DateCreated property. So for now, we'll just set the date to the current
// datetime of the server. We don't care about the user local time at this point because the user hasn't
// logged in to set their user profile.
//user.DateCreated = DateTime.Now;
//user.LastLogin = DateTime.Now;
// based on the account type, we send different emails
//
switch (activation) {
case AccountActivation.AdminApproval:
Emails.UserAccountPending (user);
break;
case AccountActivation.Email:
Emails.UserCreate(user, password);
break;
case AccountActivation.Automatic:
Emails.UserCreate(user, password);
break;
}
}
return CreateUserStatus.Created;
}
internal void ExecuteUserValidated(User user)
{
ExecuteUserEvent(EventUserValidated,user);
}
protected void ExecuteUserEvent(object EventKey, User user)
{
ExecuteUserEvent(EventKey,user,ObjectState.None,ApplicationType.Unknown);
}
public static void UpdateUserLastPostDate(User user)
{
string cacheKey = "UserLastPostTable";
string userKey = "User:"******":IP:" + CSContext.Current.Context.Request.UserHostAddress;
// Create the table if it doesn't exist
if(userLastPostTable == null)
{
userLastPostTable = new Hashtable();
CSCache.Max(cacheKey, userLastPostTable);
}
// If they have an entry already in there, remove it
if(userLastPostTable.Contains(userKey))
userLastPostTable.Remove(userKey);
// Add the new time
userLastPostTable.Add(userKey, DateTime.Now);
}
public static User PopulateUserFromIDataReader(IDataReader dr, MembershipUser member, bool isEditable)
{
Profile profile = null;
if (isEditable) {
ProfileBase pb = ProfileBase.Create(member.UserName,true);
profile = new Profile(pb);
}
else {
ProfileData pd = PopulateProfileDataFromIReader(dr);
profile = new Profile(pd);
}
// Read in the result set
User user = new User(member,profile);
user.UserID = (int) dr["cs_UserID"];
//Need to remove/remap this value
user.LastActivity = member.LastActivityDate;
user.AccountStatus = (UserAccountStatus) int.Parse( dr["cs_UserAccountStatus"].ToString() );
user.IsAnonymous = Convert.ToBoolean(dr["IsAnonymous"]);
user.LastAction = dr["cs_LastAction"] as string;
user.AppUserToken = dr["cs_AppUserToken"] as string;
user.ForceLogin = Convert.ToBoolean(dr["cs_ForceLogin"]);
// 2005-02-27: ���û��������Ե�ת��
user.Nickname = (string) dr["Nickname"];
user.IPCreated = (string) dr["IPCreated"];
user.IPLastActivity = (string) dr["IPLastActivity"];
if (dr["Birthday"] != DBNull.Value)
user.Birthday = (DateTime) dr["Birthday"];
user.DatabaseQuota = (int) dr["DatabaseQuota"];
user.DatabaseQuotaUsed = (int) dr["DatabaseQuotaUsed"];
SerializerData data = CommonDataProvider.PopulateSerializerDataIDataReader(dr, SerializationType.User);
user.SetSerializerData(data);
user.IsAvatarApproved = Convert.ToBoolean(dr["IsAvatarApproved"]);
user.ModerationLevel = (ModerationLevel) int.Parse( dr["ModerationLevel"].ToString());
user.EnableThreadTracking = Convert.ToBoolean(dr["EnableThreadTracking"]);
user.TotalPosts = (int) dr["TotalPosts"];
user.EnableAvatar = Convert.ToBoolean(dr["EnableAvatar"]);
user.PostSortOrder = (SortOrder) dr["PostSortOrder"];
user.PostRank = (byte[]) dr["PostRank"];
user.EnableDisplayInMemberList = Convert.ToBoolean(dr["EnableDisplayInMemberList"]);
user.EnableOnlineStatus = Convert.ToBoolean(dr["EnableOnlineStatus"]);
user.EnablePrivateMessages = Convert.ToBoolean(dr["EnablePrivateMessages"]);
user.EnableHtmlEmail = Convert.ToBoolean(dr["EnableHtmlEmail"]);
// Moderation counters
//
user.AuditCounters = CommonDataProvider.PopulateAuditSummaryFromIDataReader( dr );
return user;
}
// *********************************************************************
// ValidUser
//
/// <summary>
/// Determines if the user is a valid user.
/// </summary>
/// <param name="user">The user to check. Note that the Username and Password properties of the
/// User object must be set.</param>
/// <returns>A boolean: true if the user's Username/password are valid; false if they are not,
/// or if the user has been banned.</returns>
///
// ********************************************************************/
public static LoginUserStatus ValidUser(User user)
{
return ValidUser(user, true);
}
public abstract void SaveUserAuditEvent(ModerateUserSetting auditFlag, User user, int moderatorID);
protected static LoginUserStatus ValidUser(User user, bool retry)
{
if(!ms.Membership.ValidateUser(user.Username,user.Password))
{
//if the upgrade was a success, force the user login via the Membership API.
if(retry && CSConfiguration.GetConfig().BackwardsCompatiblePasswords && CommonDataProvider.Instance().UpgradePassword(user.Username,user.Password))
return ValidUser(user, false);
return LoginUserStatus.InvalidCredentials;
}
// Create Instance of the CommonDataProvider
//
//CommonDataProvider dp = CommonDataProvider.Instance();
// Lookup account by provided username
//
User userLookup = Users.FindUserByUsername( user.Username );
if (userLookup == null)
return LoginUserStatus.InvalidCredentials;
if(!userLookup.Member.IsApproved)
return LoginUserStatus.AccountPending;
// Check Account Status
// (This could be done before to validate credentials because
// system doesn't allow duplicate usernames)
//
if (userLookup.IsBanned && DateTime.Now <= userLookup.BannedUntil) {
// It's a banned account
return LoginUserStatus.AccountBanned;
}
// LN 5/21/04: Update user to DB if ban expired
else if (userLookup.IsBanned && DateTime.Now > userLookup.BannedUntil) {
// Update to back to datastore
userLookup.AccountStatus = UserAccountStatus.Approved;
userLookup.BannedUntil = DateTime.Now;
Users.UpdateUser(userLookup);
}
if (userLookup.AccountStatus == UserAccountStatus.ApprovalPending) {
// It's a pending account
return LoginUserStatus.AccountPending;
}
if (userLookup.AccountStatus == UserAccountStatus.Disapproved) {
// It's a disapproved account
return LoginUserStatus.AccountDisapproved;
}
//Set current user
CSContext.Current.User = userLookup;
//allow others to take action here
CSEvents.UserValidated(userLookup);
return LoginUserStatus.Success;
//MOVED TO SHS
//// if (HttpContext.Current.User.Identity.AuthenticationType == "" )
// {
//
// // We have a valid account so far.
// //
// // Get Salt & Passwd format
// user.Salt = userLookup.Salt;
// user.PasswordFormat = userLookup.PasswordFormat; // Lucian: I think it must be reused. Usefull when there are a wide range of passwd formats.
// // Set the Password
// //should be able to safely drop this since it will happen in SHS
// //user.Password = Users.Encrypt(user.PasswordFormat, user.Password, user.Salt );
// }
//
// return (LoginUserStatus) dp.ValidateUser(user);
}
/// <summary>
/// A user can be in multiple roles. Resolved Permission Merges the permissions
/// for the user and those valid for the current section
/// </summary>
/// <param name="user">User we are evaluating</param>
/// <returns>A single unified permission for the section/user combination</returns>
public PermissionBase ResolvePermission( User user )
{
if(IsOwner(user))
return OwnerPermission;
PermissionBase pbMaster = DefaultRolePermission;
string[] roles = Roles.GetUserRoleNames(user.Username);
PermissionBase pb = null;
foreach(string role in roles)
{
pb = PermissionSet[role] as PermissionBase;
if(pb !=null)
pbMaster.Merge(pb);
}
return pbMaster;
}
// *********************************************************************
// CreateNewUser
//
/// <summary>
/// Creates a new user.
/// </summary>
/// <param name="user">A User object containing information about the user to create. Only the
/// Username and Email properties are used here.</param>
/// <returns></returns>
/// <remarks>This method chooses a random password for the user and emails the user his new Username/password.
/// From that point on, the user can configure their settings.</remarks>
///
// ********************************************************************/
public static CreateUserStatus Create(User user, bool sendEmail)
{
return Create(user, sendEmail, false);
}
/// <summary>
/// Raises all UserKnown events. These events are raised the first time CS "recognizes" the current user.
/// </summary>
/// <param name="user"></param>
public static void UserKnown(User user)
{
CSApplication.Instance().ExecuteUserKnown(user);
}
internal void ExecutePreUserUpdate(User user, ObjectState state)
{
ExecuteUserEvent(EventPreUserUpdate,user,state,ApplicationType.Unknown);
}
/// <summary>
/// Raises all UserValidated events. These events are raised after a users credentials have been validated
/// </summary>
/// <param name="user"></param>
public static void UserValidated(User user)
{
CSApplication.Instance().ExecuteUserValidated(user);
}
internal void ExecuteUserKnown(User user)
{
ExecuteUserEvent(EventUserKnown,user);
}
/// <summary>
/// Raises all BeforeUser events. These events are raised before any committements are
/// made to the User (create or update)
/// </summary>
public static void BeforeUser(User user, ObjectState state)
{
CSApplication.Instance().ExecutePreUserUpdate(user,state);
}
internal void ExecuteUserRemove(User user)
{
ExecuteUserEvent(EventUserRemove,user,ObjectState.Delete,ApplicationType.Unknown);
}
