protected void Page_Load(object sender, EventArgs e) { int attachmentID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["AttachmentID"]); MessageEntity relatedMessage = MessageGuiHelper.GetMessageWithAttachmentLogic(attachmentID); if (relatedMessage == null) { // not found Response.Redirect("default.aspx", true); } // thread has been loaded into the related message object as well. This is needed for the forum access right check if (!SessionAdapter.CanPerformForumActionRight(relatedMessage.Thread.ForumID, ActionRights.AccessForum)) { // user can't access this forum Response.Redirect("default.aspx", true); } // Check if the thread is sticky, or that the user can see normal threads started // by others. If not, the user isn't allowed to view the thread the message is in, and therefore is denied access. if ((relatedMessage.Thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(relatedMessage.Thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !relatedMessage.Thread.IsSticky) { // user can't view the thread the message is in, because: // - the thread isn't sticky // AND // - the thread isn't posted by the calling user and the user doesn't have the right to view normal threads started by others Response.Redirect("default.aspx", true); } AttachmentEntity toStream = MessageGuiHelper.GetAttachment(attachmentID); if (toStream == null) { // not found Response.Redirect("default.aspx", true); } if (!toStream.Approved && !SessionAdapter.CanPerformForumActionRight(relatedMessage.Thread.ForumID, ActionRights.ApproveAttachment)) { // the attachment hasn't been approved yet, and the caller isn't entitled to approve attachments, so deny. // approval of attachments requires to be able to load the attachment without the attachment being approved Response.Redirect("default.aspx", true); } // all set, load stream the attachment data to the browser // create header Response.ClearHeaders(); Response.ClearContent(); Response.AddHeader("Content-Type", "application/unknown"); Response.AddHeader("Content-length", toStream.Filecontents.Length.ToString()); Response.AddHeader("Content-Disposition", "attachment; filename=" + toStream.Filename.Replace(" ", "_")); Response.AddHeader("Content-Transfer-Encoding", "Binary"); // stream the data Response.BinaryWrite(toStream.Filecontents); Response.Flush(); Response.End(); }
private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to default page Response.Redirect("default.aspx", true); } // Check access credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); bool userMayDoThreadManagement = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ForumSpecificThreadManagement) || SessionAdapter.HasSystemActionRight(ActionRights.SystemWideThreadManagement); if (!userHasAccess || !userMayDoThreadManagement) { // doesn't have access to this forum or may not alter the thread's properties. redirect Response.Redirect("default.aspx"); } if (!Page.IsPostBack) { chkIsClosed.Checked = _thread.IsClosed; chkIsSticky.Checked = _thread.IsSticky; tbxSubject.Value = _thread.Subject; } }
/// <summary> /// Handles the Load event of the Page control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to start page Response.Redirect("default.aspx"); } // Check credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx"); } // show user IP addresses if the user has system admin rights, security admin rights or user admin rights. _showIPAddresses = (SessionAdapter.HasSystemActionRight(ActionRights.SystemManagement) || SessionAdapter.HasSystemActionRight(ActionRights.SecurityManagement) || SessionAdapter.HasSystemActionRight(ActionRights.UserManagement)); // Get the forum entity related to the thread. Use BL class. We could have used Lazy loading, though for the sake of separation, we'll // call into the BL class. ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // not found, orphaned thread, return to default page. Response.Redirect("default.aspx"); } // check if the user can view this thread. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !_thread.IsSticky) { // can't view this thread, it isn't visible to the user Response.Redirect("default.aspx", true); } lblForumName_Header.Text = forum.ForumName; if (!Page.IsPostBack) { bool threadStartedByCurrentUser = (_thread.StartedByUserID == SessionAdapter.GetUserID()); // Get messages and bind it to the repeater control. Use the startmessage to get only the message visible on the current page. MessagesInThreadTypedList messages = ThreadGuiHelper.GetAllMessagesInThreadAsTypedList(threadID, 0, 0); rptMessages.DataSource = messages; rptMessages.DataBind(); } }
private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to default page Response.Redirect("default.aspx", true); } // Check credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx"); } bool userMayDeleteThread = SessionAdapter.HasSystemActionRight(ActionRights.SystemWideThreadManagement); if (!userMayDeleteThread) { // doesn't have the right to delete a thread. redirect Response.Redirect("Messages.aspx?ThreadID=" + threadID, true); } // check if the user can view this thread. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !_thread.IsSticky) { // can't view this thread, it isn't visible to the user Response.Redirect("default.aspx", true); } if (!Page.IsPostBack) { // fill the page's content ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // Orphaned thread Response.Redirect("default.aspx", true); } lblForumName.Text = forum.ForumName; lblThreadSubject.Text = HttpUtility.HtmlEncode(_thread.Subject); } }
private void Page_Load(object sender, System.EventArgs e) { int forumID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ForumID"]); _forum = CacheManager.GetForum(forumID); if (_forum == null) { // not found Response.Redirect("default.aspx", true); } bool userHasAccess = SessionAdapter.CanPerformForumActionRight(forumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx", true); } _userCanCreateNormalThreads = SessionAdapter.CanPerformForumActionRight(forumID, ActionRights.AddNormalThread); _userCanCreateStickyThreads = SessionAdapter.CanPerformForumActionRight(forumID, ActionRights.AddStickyThread); if (!(_userCanCreateNormalThreads || _userCanCreateStickyThreads)) { // doesn't have the right to add new threads to this forum. redirect Response.Redirect("default.aspx", true); } meMessageEditor.ShowAddAttachment = ((_forum.MaxNoOfAttachmentsPerMessage > 0) && SessionAdapter.CanPerformForumActionRight(forumID, ActionRights.AddAttachment)); if (!String.IsNullOrEmpty(_forum.NewThreadWelcomeTextAsHTML)) { phWelcomeText.Visible = true; litWelcomeText.Text = _forum.NewThreadWelcomeTextAsHTML; } if (!Page.IsPostBack) { // fill the page's content lnkThreads.Text = HttpUtility.HtmlEncode(_forum.ForumName); lnkThreads.NavigateUrl += "?ForumID=" + forumID; meMessageEditor.ForumName = _forum.ForumName; meMessageEditor.ForumDescription = HttpUtility.HtmlEncode(_forum.ForumDescription); meMessageEditor.CanBeSticky = _userCanCreateStickyThreads; meMessageEditor.CanBeNormal = _userCanCreateNormalThreads; meMessageEditor.IsThreadStart = true; lblSectionName.Text = CacheManager.GetSectionName(_forum.SectionID); } }
/// <summary> /// Handles the Load event of the Page control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void Page_Load(object sender, System.EventArgs e) { int forumID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ForumID"]); bool userHasAccess = SessionAdapter.CanPerformForumActionRight(forumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx"); } bool userCanCreateThreads = (SessionAdapter.CanPerformForumActionRight(forumID, ActionRights.AddNormalThread) || SessionAdapter.CanPerformForumActionRight(forumID, ActionRights.AddStickyThread)); // Controls are visible by default. Hide them when the user can't create threads on this forum if (!userCanCreateThreads) { lnkNewThreadBottom.Visible = false; lnkNewThreadTop.Visible = false; } // fill the page's content ForumEntity forum = CacheManager.GetForum(forumID); if (forum == null) { // not found. Response.Redirect("default.aspx"); } _forumName = forum.ForumName; if (!Page.IsPostBack) { cbxThreadListInterval.SelectedValue = forum.DefaultThreadListInterval.ToString(); string forumNameEncoded = HttpUtility.HtmlEncode(_forumName); lblForumName.Text = forumNameEncoded; lblForumName_Header.Text = HttpUtility.HtmlEncode(_forumName); lblForumDescription.Text = HttpUtility.HtmlEncode(forum.ForumDescription); lblSectionName.Text = CacheManager.GetSectionName(forum.SectionID); string newThreadURL = string.Format("{0}?ForumID={1}", lnkNewThreadTop.NavigateUrl, forumID); lnkNewThreadTop.NavigateUrl = newThreadURL; lnkNewThreadBottom.NavigateUrl = newThreadURL; if (forum.HasRSSFeed) { lnkForumRSS.NavigateUrl += string.Format("?ForumID={0}", forumID); } else { lnkForumRSS.Visible = false; litRssButtonSpacer.Visible = false; } } SystemDataEntity systemData = CacheManager.GetSystemData(); int postLimiter = HnDGeneralUtils.TryConvertToInt(cbxThreadListInterval.SelectedValue); DataView threadsView = ForumGuiHelper.GetAllThreadsInForumAsDataView(forumID, (ThreadListInterval)(byte)postLimiter, systemData.MinNumberOfThreadsToFetch, systemData.MinNumberOfNonStickyVisibleThreads, SessionAdapter.CanPerformForumActionRight(forumID, ActionRights.ViewNormalThreadsStartedByOthers), SessionAdapter.GetUserID()); rpThreads.DataSource = threadsView; rpThreads.DataBind(); threadsView.Dispose(); }
protected void Page_Load(object sender, EventArgs e) { int messageID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["MessageID"]); _message = MessageGuiHelper.GetMessage(messageID); if (_message == null) { // not found Response.Redirect("default.aspx", true); } _sourceType = HnDGeneralUtils.TryConvertToInt(Request.QueryString["SourceType"]); switch (_sourceType) { case 1: // new message, or message view, for now no action needed break; case 2: // new thread, for now no action needed break; default: // unknown, redirect Response.Redirect("default.aspx", true); break; } // We could have used Lazy loading here, but for the sake of separation, we use the BL method. _thread = ThreadGuiHelper.GetThread(_message.ThreadID); if (_thread == null) { // not found. Orphaned message. Response.Redirect("default.aspx", true); } _forum = CacheManager.GetForum(_thread.ForumID); if (_forum == null) { // not found. Response.Redirect("default.aspx", true); } // check if this forum accepts attachments. if (_forum.MaxNoOfAttachmentsPerMessage <= 0) { // no, so no right to be here nor is the user here via a legitimate route. Response.Redirect("default.aspx", true); } // Check credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx", true); } // check if the user can view this thread. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !_thread.IsSticky) { // can't view this thread, it isn't visible to the user Response.Redirect("default.aspx", true); } // Check if the current user is allowed to manage attachments of this message, and other rights. _userMayManageAttachments = ((_message.PostedByUserID == SessionAdapter.GetUserID()) || SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ManageOtherUsersAttachments)); _userCanAddAttachments = (((_message.PostedByUserID == SessionAdapter.GetUserID()) || SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ManageOtherUsersAttachments)) && SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAttachment)); _userCanApproveAttachments = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ApproveAttachment); phAttachmentLimits.Visible = _userMayManageAttachments; if (!Page.IsPostBack) { // fill the page's content lnkThreads.Text = HttpUtility.HtmlEncode(_forum.ForumName); lnkThreads.NavigateUrl += "?ForumID=" + _thread.ForumID; lblSectionName.Text = CacheManager.GetSectionName(_forum.SectionID); lnkMessages.NavigateUrl += _message.ThreadID; lnkMessages.Text = HttpUtility.HtmlEncode(_thread.Subject); lblMaxFileSize.Text = String.Format("{0} KB", _forum.MaxAttachmentSize); lblMaxNoOfAttachmentsPerMessage.Text = _forum.MaxNoOfAttachmentsPerMessage.ToString(); lnkMessage.Text += messageID.ToString(); lnkMessage.NavigateUrl += String.Format("MessageID={0}&ThreadID={1}", messageID, _thread.ThreadID); phAddNewAttachment.Visible = _userCanAddAttachments; BindAttachments(); } else { object numberOfAttachments = ViewState["numberOfAttachments"]; if (numberOfAttachments != null) { _numberOfAttachments = (int)numberOfAttachments; } } }
/// <summary> /// Handles the Click event of the btnUploadAttachment control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> protected void btnUploadAttachment_Click(object sender, EventArgs e) { if (!_userCanAddAttachments) { // can't add attachments return; } if (!phAddNewAttachment.Visible) { // custom http put request, deny return; } if (_numberOfAttachments >= _forum.MaxNoOfAttachmentsPerMessage) { // # of attachments is already on maximum. Deny phUploadResult.Visible = true; lblError.Visible = true; lblSuccess.Visible = false; lblError.Text = String.Format("You can't add another attachment to this message. Maximum # of attachments per message: {0}. Current # of attachments: {1}", _forum.MaxNoOfAttachmentsPerMessage, _numberOfAttachments); return; } byte[] fileContents = fuUploader.FileBytes; int lengthInKB = fileContents.Length / 1024; if (_forum.MaxAttachmentSize < (lengthInKB)) { // attachment is too big phUploadResult.Visible = true; lblError.Visible = true; lblSuccess.Visible = false; lblError.Text = String.Format("The attachment is too big. Maximum size: {0} KB. Attachment size: {1} KB", _forum.MaxAttachmentSize, lengthInKB); return; } if (fileContents.Length <= 0) { // file is empty phUploadResult.Visible = true; lblError.Visible = true; lblSuccess.Visible = false; lblError.Text = "The attachment is empty, the size is 0 bytes."; return; } string fileName = Path.GetFileName(fuUploader.FileName); if (fileName.Length > 255) { // too big, chop off fileName = fileName.Substring(fileName.Length - 200); } MessageManager.AddAttachment(_message.MessageID, fileName, fileContents, SessionAdapter.CanPerformForumActionRight(_forum.ForumID, ActionRights.GetsAttachmentsApprovedAutomatically)); phUploadResult.Visible = true; lblError.Visible = false; lblSuccess.Visible = true; lblSuccess.Text = string.Format("Upload of attachment '{0}' with size {1} was successful.", fileName, fileContents.Length.ToString("N0")); BindAttachments(); }
/// <summary> /// Handles the Load event of the Page control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to default page Response.Redirect("default.aspx", true); } _startAtMessage = HnDGeneralUtils.TryConvertToInt(Request.QueryString["StartAtMessage"]); // Check credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx", true); } // check if the user can view this thread. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !_thread.IsSticky) { // can't view this thread, it isn't visible to the user Response.Redirect("default.aspx", true); } // Check if the current user is allowed to edit the memo if (!SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.EditThreadMemo)) { // is not allowed to edit the memo Response.Redirect("Messages.aspx?ThreadID=" + threadID, true); } // User may edit memo, proceed if (!Page.IsPostBack) { // fill the page's content ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // Orphaned thread Response.Redirect("default.aspx", true); } lnkThreads.Text = HttpUtility.HtmlEncode(forum.ForumName); lnkThreads.NavigateUrl += "?ForumID=" + _thread.ForumID; meMessageEditor.ForumName = forum.ForumName; meMessageEditor.ThreadSubject = "Memo for thread: " + HttpUtility.HtmlEncode(_thread.Subject); lblSectionName.Text = CacheManager.GetSectionName(forum.SectionID); lnkMessages.NavigateUrl += threadID; lnkMessages.Text = HttpUtility.HtmlEncode(_thread.Subject); string memoText = _thread.Memo; memoText += string.Format("{2}[b]-----------------------------------------------------------------{2}{1} [color value=\"0000AA\"]{0}[/color] wrote:[/b] ", SessionAdapter.GetUserNickName(), DateTime.Now.ToString(@"dd-MMM-yyyy HH:mm:ss"), Environment.NewLine); meMessageEditor.OriginalMessageText = memoText; } }
/// <summary> /// Handles the Load event of the Page control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to default page Response.Redirect("default.aspx", true); } _startAtMessageIndex = HnDGeneralUtils.TryConvertToInt(Request.QueryString["StartAtMessage"]); if (_thread.IsClosed) { // is already closed Response.Redirect("default.aspx", true); } // Check access credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); bool userMayDoThreadManagement = SessionAdapter.HasSystemActionRight(ActionRights.ForumSpecificThreadManagement) || SessionAdapter.HasSystemActionRight(ActionRights.SystemWideThreadManagement); if (!userHasAccess || !userMayDoThreadManagement) { // doesn't have access to this forum or may not alter the thread's properties. redirect Response.Redirect("default.aspx", true); } // check if the user can view this thread. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !_thread.IsSticky) { // can't view this thread, it isn't visible to the user Response.Redirect("default.aspx", true); } bool userMayAddNewMessages = false; if (!_thread.IsClosed) { if (_thread.IsSticky) { if (SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAndEditMessageInSticky)) { userMayAddNewMessages = true; } } else { if (SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAndEditMessage)) { userMayAddNewMessages = true; } } } if (!userMayAddNewMessages) { // is not allowed to post a new message. This forum allows the user to add a new message and close the thread at the same time. // deny. Response.Redirect("default.aspx", true); } if (!Page.IsPostBack) { // fill the page's content ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // Orphaned thread Response.Redirect("default.aspx", true); } meMessageEditor.ForumName = forum.ForumName; meMessageEditor.ThreadSubject = _thread.Subject; } }
/// <summary> /// Handles the Load event of the Page control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to default page Response.Redirect("default.aspx", true); } _startAtMessageIndex = HnDGeneralUtils.TryConvertToInt(Request.QueryString["StartAtMessage"]); _quoteMessageID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["QuoteMessageID"]); // Check credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx"); } // Check if the current user is allowed to add new messages to the thread. bool userMayAddNewMessages = false; if (!_thread.IsClosed) { if (_thread.IsSticky) { if (SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAndEditMessageInSticky)) { userMayAddNewMessages = true; } } else { if (SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAndEditMessage)) { userMayAddNewMessages = true; } } } if (!userMayAddNewMessages) { // is not allowed to post a new message Response.Redirect("Messages.aspx?ThreadID=" + threadID, true); } // use BL class. We could have used Lazy loading, though for the sake of separation, we'll call into the BL class. ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // orphaned thread Response.Redirect("default.aspx"); } // check if the user can view the thread the message is in. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers)) { // can't add a message, it's in a thread which isn't visible to the user Response.Redirect("default.aspx", true); } meMessageEditor.ShowAddAttachment = ((forum.MaxNoOfAttachmentsPerMessage > 0) && SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAttachment)); meMessageEditor.ShowSubscribeToThread = !UserGuiHelper.CheckIfThreadIsAlreadySubscribed(SessionAdapter.GetUserID(), _thread.ThreadID); // User is able to post a new message to the current thread. if (!Page.IsPostBack) { // fill the page's content lnkThreads.Text = HttpUtility.HtmlEncode(forum.ForumName); lnkThreads.NavigateUrl += "?ForumID=" + _thread.ForumID; meMessageEditor.ForumName = forum.ForumName; meMessageEditor.ThreadSubject = _thread.Subject; lblSectionName.Text = CacheManager.GetSectionName(forum.SectionID); lnkMessages.NavigateUrl += threadID; lnkMessages.Text = HttpUtility.HtmlEncode(_thread.Subject); phLastPostingInThread.Visible = (_quoteMessageID <= 0); bool userMayEditMemo = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.EditThreadMemo); // get quoted message if passed in. if (_quoteMessageID > 0) { // get message and insert it into the textbox including quote tags. MessageEntity messageToQuote = MessageGuiHelper.GetMessage(_quoteMessageID); if (messageToQuote != null) { // message found. UserEntity quotedUser = UserGuiHelper.GetUser(messageToQuote.PostedByUserID); if (quotedUser != null) { // user found. proceed meMessageEditor.OriginalMessageText = TextParser.MakeStringQuoted(messageToQuote.MessageText, quotedUser.NickName); } } } else { // no quoted message. Load the last message from the active thread and display it in the form. This // message entity has the poster user entity prefetched, together with the usertitle of the user. MessageEntity lastMessageInThread = ThreadGuiHelper.GetLastMessageInThreadWithUserInfo(threadID); if (lastMessageInThread != null) { litMessageBody.Text = lastMessageInThread.MessageTextAsHTML; lblPostingDate.Text = lastMessageInThread.PostingDate.ToString("dd-MMM-yyyy HH:mm:ss"); if (lastMessageInThread.PostedByUser != null) { UserEntity messagePoster = lastMessageInThread.PostedByUser; if (messagePoster.UserTitle != null) { lblUserTitleDescription.Text = messagePoster.UserTitle.UserTitleDescription; } lblLocation.Text = messagePoster.Location; if (messagePoster.JoinDate.HasValue) { lblJoinDate.Text = messagePoster.JoinDate.Value.ToString("dd-MMM-yyyy HH:mm:ss"); } if (messagePoster.AmountOfPostings.HasValue) { lblAmountOfPostings.Text = messagePoster.AmountOfPostings.Value.ToString(); } if (messagePoster.SignatureAsHTML != null) { litSignature.Text = messagePoster.SignatureAsHTML; } lblNickname.Text = messagePoster.NickName; } } } if ((_thread.Memo.Length > 0) && userMayEditMemo) { // convert memo contents to HTML so it's displayed above the thread. string parserLog, messageTextXml; bool errorsOccured = false; string memoAsHTML = TextParser.TransformUBBMessageStringToHTML(_thread.Memo, ApplicationAdapter.GetParserData(), out parserLog, out errorsOccured, out messageTextXml); lblMemo.Text = memoAsHTML; } phMemo.Visible = userMayEditMemo; } }
private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _deleteMessageID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["MessageID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to default page Response.Redirect("default.aspx", true); } // Check if the current user is allowed to delete the message. If not, don't continue. _userMayDeleteMessages = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.EditDeleteOtherUsersMessages); if (!_userMayDeleteMessages) { // is not allowed to delete the message Response.Redirect("Messages.aspx?ThreadID=" + threadID, true); } // check if the user can view this thread. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !_thread.IsSticky) { // can't view this thread, it isn't visible to the user Response.Redirect("default.aspx", true); } // check if the message is the first message in the thread. If so, delete isn't allowed. if (ThreadGuiHelper.CheckIfMessageIsFirstInThread(threadID, _deleteMessageID)) { // is first in thread, don't proceed. Caller has fabricated the url manually. Response.Redirect("default.aspx", true); } // Get the message MessageEntity message = MessageGuiHelper.GetMessage(_deleteMessageID); // User may delete current message. if (!Page.IsPostBack) { if (message != null) { // message is found. ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // Orphaned thread Response.Redirect("default.aspx", true); } lblForumName_Header.Text = forum.ForumName; lblMessageBody.Text = message.MessageTextAsHTML; lblPostingDate.Text = message.PostingDate.ToString(@"dd-MMM-yyyy HH:mm:ss"); } else { btnYes.Visible = false; } } }
/// <summary> /// Handles the Load event of the Page control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to default page Response.Redirect("default.aspx", true); } // Check credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx"); } bool userMayMoveThread = SessionAdapter.HasSystemActionRight(ActionRights.SystemWideThreadManagement); if (!userMayMoveThread) { // doesn't have access to this forum. redirect Response.Redirect("Messages.aspx?ThreadID=" + threadID, true); } // check if the user can view this thread. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !_thread.IsSticky) { // can't view this thread, it isn't visible to the user Response.Redirect("default.aspx", true); } if (!Page.IsPostBack) { // fill the page's content. Bind the known sections SectionCollection sections = CacheManager.GetAllSections(); cbxSections.DataSource = sections; cbxSections.DataBind(); lblThreadSubject.Text = HttpUtility.HtmlEncode(_thread.Subject); ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // Orphaned thread Response.Redirect("default.aspx", true); } // pre-select the section the forum is currently in. Do that with an in-memory search through the known sections. SectionEntity toFind = new SectionEntity(); toFind.Fields[(int)SectionFieldIndex.SectionID].ForcedCurrentValueWrite(forum.SectionID); toFind.IsNew = false; int index = sections.IndexOf(toFind); if (index >= 0) { cbxSections.SelectedIndex = index; } } }
/// <summary> /// Handles the Load event of the Page control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void Page_Load(object sender, System.EventArgs e) { int threadID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["ThreadID"]); _thread = ThreadGuiHelper.GetThread(threadID); if (_thread == null) { // not found, return to start page Response.Redirect("default.aspx"); } // Check credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx"); } _startMessageNo = HnDGeneralUtils.TryConvertToInt(Request.QueryString["StartAtMessage"]); bool highLightSearchResults = (HnDGeneralUtils.TryConvertToInt(Request.QueryString["HighLight"]) == 1); if (!_thread.IsClosed) { if (_thread.IsSticky) { _userMayAddNewMessages = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAndEditMessageInSticky); } else { _userMayAddNewMessages = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAndEditMessage); } // set show*link class members. These have to be set despite the postback status, as they're used in the repeater. Only set // them to true if the thread isn't closed. They've been initialized to false already. _showEditMessageLink = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.EditDeleteOtherUsersMessages); _showDeleteMessageLink = _showEditMessageLink; _showQuoteMessageLink = _userMayAddNewMessages; } // show user IP addresses if the user has system admin rights, security admin rights or user admin rights. _showIPAddresses = (SessionAdapter.HasSystemActionRight(ActionRights.SystemManagement) || SessionAdapter.HasSystemActionRight(ActionRights.SecurityManagement) || SessionAdapter.HasSystemActionRight(ActionRights.UserManagement)); // Get the forum entity related to the thread. Use BL class. We could have used Lazy loading, though for the sake of separation, we'll // call into the BL class. ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // not found, orphaned thread, return to default page. Response.Redirect("default.aspx"); } _forumAllowsAttachments = (forum.MaxNoOfAttachmentsPerMessage > 0); // check if the user can view this thread. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers) && !_thread.IsSticky) { // can't view this thread, it isn't visible to the user Response.Redirect("default.aspx", true); } _threadStartedByCurrentUser = (_thread.StartedByUserID == SessionAdapter.GetUserID()); _userMayAddAttachments = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAttachment); _userCanCreateThreads = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddNormalThread) || SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddStickyThread); _userMayDoForumSpecificThreadManagement = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ForumSpecificThreadManagement); _userMayDoSystemWideThreadManagement = SessionAdapter.HasSystemActionRight(ActionRights.SystemWideThreadManagement); _userMayEditMemo = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.EditThreadMemo); _userMayMarkThreadAsDone = (SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.FlagThreadAsDone) || _threadStartedByCurrentUser); _userMayManageSupportQueueContents = SessionAdapter.HasSystemActionRight(ActionRights.QueueContentManagement); _userMayDoBasicThreadOperations = (SessionAdapter.GetUserID() > 0); if (!Page.IsPostBack) { plPageListBottom.HighLight = highLightSearchResults; plPageListTop.HighLight = highLightSearchResults; litHighLightLogic.Visible = highLightSearchResults; if (highLightSearchResults) { // make highlighting of search results possible string searchTerms = SessionAdapter.GetSearchTerms(); if (searchTerms == null) { searchTerms = string.Empty; } this.ClientScript.RegisterHiddenField("searchTerms", searchTerms.Replace("AND", "").Replace("OR", "").Replace("and", "").Replace("or", "").Replace("\"", "")); } else { // replace hightlighting scriptblock. this.ClientScript.RegisterClientScriptBlock(this.GetType(), "onLoad", "<script language=\"javascript\" type=\"text/javascript\">function SearchHighlight() {}</script>"); } if (_userMayManageSupportQueueContents) { // fill support queue management area with data. SupportQueueCollection supportQueues = CacheManager.GetAllSupportQueues(); cbxSupportQueues.DataSource = supportQueues; cbxSupportQueues.DataBind(); SupportQueueEntity containingQueue = SupportQueueGuiHelper.GetQueueOfThread(_thread.ThreadID); if (containingQueue != null) { cbxSupportQueues.SelectedValue = containingQueue.QueueID.ToString(); // get claim info SupportQueueThreadEntity supportQueueThreadInfo = SupportQueueGuiHelper.GetSupportQueueThreadInfo(_thread.ThreadID, true); if ((supportQueueThreadInfo != null) && supportQueueThreadInfo.ClaimedByUserID.HasValue) { // claimed by someone lblClaimDate.Text = supportQueueThreadInfo.ClaimedOn.Value.ToString("dd-MMM-yyyy HH:mm.ss", DateTimeFormatInfo.InvariantInfo); lnkClaimerThread.Visible = true; lblNotClaimed.Visible = false; lnkClaimerThread.Text = supportQueueThreadInfo.ClaimedByUser.NickName; lnkClaimerThread.NavigateUrl += supportQueueThreadInfo.ClaimedByUserID.ToString(); btnClaim.Visible = false; btnRelease.Visible = true; } else { // not claimed lblClaimDate.Text = string.Empty; btnClaim.Visible = true; btnRelease.Visible = false; } } } phSupportQueueManagement.Visible = _userMayManageSupportQueueContents; if ((_thread.Memo.Length > 0) && _userMayEditMemo) { // convert memo contents to HTML so it's displayed above the thread. string parserLog, messageTextXml; bool errorsOccured = false; string memoAsHTML = TextParser.TransformUBBMessageStringToHTML(_thread.Memo, ApplicationAdapter.GetParserData(), out parserLog, out errorsOccured, out messageTextXml); lblMemo.Text = memoAsHTML; } phMemo.Visible = _userMayEditMemo; bool isBookmarked = UserGuiHelper.CheckIfThreadIsAlreadyBookmarked(SessionAdapter.GetUserID(), threadID); bool isSubscribed = UserGuiHelper.CheckIfThreadIsAlreadySubscribed(SessionAdapter.GetUserID(), threadID); btnBookmarkThread.Visible = !isBookmarked && _userMayDoBasicThreadOperations; btnUnbookmarkThread.Visible = isBookmarked && _userMayDoBasicThreadOperations; bool sendReplyNotifications = CacheManager.GetSystemData().SendReplyNotifications; btnSubscribeToThread.Visible = !isSubscribed && _userMayDoBasicThreadOperations && sendReplyNotifications; btnUnsubscribeFromThread.Visible = isSubscribed && _userMayDoBasicThreadOperations && sendReplyNotifications; // fill the page's content lnkThreads.Text = HttpUtility.HtmlEncode(forum.ForumName); lnkThreads.NavigateUrl += "?ForumID=" + _thread.ForumID; lblForumName_Header.Text = forum.ForumName; lblSectionName.Text = CacheManager.GetSectionName(forum.SectionID); // Check if the current user is allowed to add new messages to the thread. // these controls are not visible by default, show them if necessary if (_userMayDoForumSpecificThreadManagement || _userMayDoSystemWideThreadManagement) { if (!_thread.IsClosed && _userMayAddNewMessages) { lnkCloseThread.Visible = true; lnkCloseThread.NavigateUrl += "?ThreadID=" + threadID + "&StartAtMessage=" + _startMessageNo; } lnkEditThreadProperties.Visible = true; lnkEditThreadProperties.NavigateUrl += "?ThreadID=" + threadID; } if (_userMayDoSystemWideThreadManagement) { lnkMoveThread.Visible = true; lnkMoveThread.NavigateUrl += "?ThreadID=" + threadID; lnkDeleteThread.Visible = true; lnkDeleteThread.NavigateUrl += "?ThreadID=" + threadID; } btnThreadDone.Visible = _thread.MarkedAsDone; btnThreadNotDone.Visible = !_thread.MarkedAsDone; btnThreadDone.Enabled = _userMayMarkThreadAsDone; btnThreadNotDone.Enabled = _userMayMarkThreadAsDone; if (_userMayEditMemo) { lnkEditMemo.Visible = true; lnkEditMemo.NavigateUrl += "?ThreadID=" + threadID + "&StartAtMessage=" + _startMessageNo; } // These controls are visible by default. Hide them when the user can't create threads on this forum if (_userCanCreateThreads) { lnkNewThreadBottom.NavigateUrl += "?ForumID=" + _thread.ForumID + "&StartAtMessage=" + _startMessageNo; lnkNewThreadTop.NavigateUrl += "?ForumID=" + _thread.ForumID + "&StartAtMessage=" + _startMessageNo; } else { lnkNewThreadBottom.Visible = false; lnkNewThreadTop.Visible = false; } if (_userMayAddNewMessages) { lnkNewMessageBottom.NavigateUrl += "?ThreadID=" + threadID + "&StartAtMessage=" + _startMessageNo; lnkNewMessageTop.NavigateUrl += "?ThreadID=" + threadID + "&StartAtMessage=" + _startMessageNo; } else { lnkNewMessageBottom.Visible = false; lnkNewMessageTop.Visible = false; } lblSeparatorTop.Visible = (_userMayAddNewMessages && _userCanCreateThreads); lblSeparatorBottom.Visible = (_userMayAddNewMessages && _userCanCreateThreads); // The amount of postings in this thread are in the dataview row, which should contain just 1 row. int maxAmountMessagesPerPage = SessionAdapter.GetUserDefaultNumberOfMessagesPerPage(); int amountOfMessages = ThreadGuiHelper.GetTotalNumberOfMessagesInThread(threadID); int amountOfPages = ((amountOfMessages - 1) / maxAmountMessagesPerPage) + 1; int currentPageNo = (_startMessageNo / maxAmountMessagesPerPage) + 1; lblCurrentPage.Text = currentPageNo.ToString(); lblTotalPages.Text = amountOfPages.ToString(); lnkPrintThread.NavigateUrl += "?ThreadID=" + threadID; plPageListBottom.AmountMessages = amountOfMessages; plPageListBottom.StartMessageNo = _startMessageNo; plPageListBottom.ThreadID = threadID; plPageListTop.AmountMessages = amountOfMessages; plPageListTop.StartMessageNo = _startMessageNo; plPageListTop.ThreadID = threadID; // Get messages and bind it to the repeater control. Use the startmessage to get only the message visible on the current page. MessagesInThreadTypedList messages = ThreadGuiHelper.GetAllMessagesInThreadAsTypedList(threadID, currentPageNo, maxAmountMessagesPerPage); rptMessages.DataSource = messages; rptMessages.DataBind(); } }
/// <summary> /// Handles the Load event of the Page control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/> instance containing the event data.</param> private void Page_Load(object sender, System.EventArgs e) { _editMessageID = HnDGeneralUtils.TryConvertToInt(Request.QueryString["MessageID"]); _message = MessageGuiHelper.GetMessage(_editMessageID); if (_message == null) { // not found Response.Redirect("default.aspx"); } // We could have used Lazy loading here, but for the sake of separation, we use the BL method. _thread = ThreadGuiHelper.GetThread(_message.ThreadID); if (_thread == null) { // not found. Orphaned message. Response.Redirect("default.aspx"); } // Check credentials bool userHasAccess = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AccessForum); if (!userHasAccess) { // doesn't have access to this forum. redirect Response.Redirect("default.aspx", true); } // Check if the current user is allowed to edit the message. bool userMayEditMessages = false; if (!_thread.IsClosed) { if (_thread.IsSticky) { userMayEditMessages = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAndEditMessageInSticky); } else { userMayEditMessages = SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.AddAndEditMessage); } } // User has the right to generally edit messages. Check if the user has the right to edit other peoples messages // and if not, if the user is the poster of this message. If not, no can do. if (!SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.EditDeleteOtherUsersMessages)) { // cannot edit other people's messages. Check if this message is posted by the current user. if (_message.PostedByUserID != SessionAdapter.GetUserID()) { // not allowed userMayEditMessages = false; } } if (!userMayEditMessages) { // is not allowed to edit the message Response.Redirect("Messages.aspx?ThreadID=" + _message.ThreadID, true); } // use BL class. We could have used Lazy loading, though for the sake of separation, we'll call into the BL class. ForumEntity forum = CacheManager.GetForum(_thread.ForumID); if (forum == null) { // orphaned thread Response.Redirect("default.aspx"); } // check if the user can view the thread the message is in. If not, don't continue. if ((_thread.StartedByUserID != SessionAdapter.GetUserID()) && !SessionAdapter.CanPerformForumActionRight(_thread.ForumID, ActionRights.ViewNormalThreadsStartedByOthers)) { // can't edit this message, it's in a thread which isn't visible to the user Response.Redirect("default.aspx", true); } _startAtMessageIndex = HnDGeneralUtils.TryConvertToInt(Request.QueryString["StartAtMessage"]); // User may edit current message. if (!Page.IsPostBack) { // fill the page's content lnkThreads.Text = HttpUtility.HtmlEncode(forum.ForumName); lnkThreads.NavigateUrl += "?ForumID=" + _thread.ForumID; meMessageEditor.ForumName = forum.ForumName; meMessageEditor.ThreadSubject = _thread.Subject; lblSectionName.Text = CacheManager.GetSectionName(forum.SectionID); lnkMessages.NavigateUrl += _message.ThreadID; lnkMessages.Text = HttpUtility.HtmlEncode(_thread.Subject); meMessageEditor.OriginalMessageText = _message.MessageText; } }