本文整理汇总了C#中Connector.Query_Count方法的典型用法代码示例。如果您正苦于以下问题:C# Connector.Query_Count方法的具体用法?C# Connector.Query_Count怎么用?C# Connector.Query_Count使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Connector
的用法示例。
在下文中一共展示了Connector.Query_Count方法的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: pageProfile_Profile
public static void pageProfile_Profile(string pluginid, Connector conn, ref Misc.PageElements pageElements, HttpRequest request, HttpResponse response)
{
// Decide which user to display
string userid = null;
if (request.QueryString["userid"] != null) // Load via userid
{
// Ensure the userid is valid
if (conn.Query_Count("SELECT COUNT('') FROM bsa_users WHERE userid='" + Utils.Escape(request.QueryString["userid"]) + "'") != 1)
return;
userid = request.QueryString["userid"];
}
else if (request.QueryString["username"] != null) // Load via username
{
// Fetch the userid, if not found we'll 404 the request by returning
Result usernameToUserid = conn.Query_Read("SELECT userid FROM bsa_users WHERE username LIKE '" + Utils.Escape(request.QueryString["username"].Replace("%", "")) + "'");
if (usernameToUserid.Rows.Count != 1) return;
userid = usernameToUserid[0]["userid"];
}
else if (HttpContext.Current.User.Identity.IsAuthenticated) // Load the current logged-in user
userid = HttpContext.Current.User.Identity.Name;
else // No user specified, user is not authenticated - tell them to register
response.Redirect(pageElements["URL"] + "/register", true);
// By this point the userid should be valid and exist, hence we just need to grab the profile data
string rawProfileDataQuery = "SELECT p.*, u.username, u.registered, g.title AS group_title, g.access_admin FROM bsa_profiles AS p LEFT OUTER JOIN bsa_users AS u ON u.userid=p.userid LEFT OUTER JOIN bsa_user_groups AS g ON g.groupid=u.groupid WHERE p.userid='" + Utils.Escape(userid) + "'";
Result rawProfileData = conn.Query_Read(rawProfileDataQuery);
if (rawProfileData.Rows.Count == 0) // Profile doesn't exist, create it
{
conn.Query_Execute("INSERT INTO bsa_profiles (userid) VALUES('" + Utils.Escape(userid) + "')");
rawProfileData = conn.Query_Read(rawProfileDataQuery);
if (rawProfileData.Rows.Count == 0) return; // Something is wrong...
}
ResultRow profileData = rawProfileData[0];
// Check if admin or the owner of the profile - if so, we'll set the PROFILE_OWNER FLAG
bool owner = false;
if (HttpContext.Current.User.Identity.IsAuthenticated && (profileData["userid"] == HttpContext.Current.User.Identity.Name))
{
pageElements.setFlag("PROFILE_OWNER");
owner = true;
}
// Check the user is allowed to access the profile - if it's disabled, only the owner or an admin can access it
if (!owner && !profileData["disabled"].Equals("0"))
return;
// Check which page the user wants to access
switch (request.QueryString["1"])
{
default:
// -- About page is default
pageProfile_About(pluginid, ref profileData, conn, ref pageElements, request, response);
break;
case "settings":
pageProfile_Settings(pluginid, ref rawProfileDataQuery, ref profileData, conn, ref pageElements, request, response);
break;
case "upload":
pageProfile_Upload(pluginid, ref profileData, conn, ref pageElements, request, response);
break;
}
if (pageElements["PROFILE_CONTENT"] == null) return; // No content set, 404..
// Build frame
DateTime registered = profileData["registered"].Length > 0 ? DateTime.Parse(profileData["registered"]) : DateTime.MinValue;
pageElements["CONTENT"] =
Core.templates["bsa_profiles"]["profile_frame"]
.Replace("<USERID>", HttpUtility.HtmlEncode(profileData["userid"]))
.Replace("<PANE_BG_COLOUR>", profileData["colour_background"])
.Replace("<PANE_TEXT_COLOUR>", profileData["colour_text"])
.Replace("<BACKGROUND>", (profileData["background_url"].Length > 0 ? "url('" + HttpUtility.HtmlEncode(profileData["background_url"]) + "') " : string.Empty) + (profileData["background_colour"].Length > 0 ? "#" + profileData["background_colour"] : string.Empty))
.Replace("<USERNAME>", HttpUtility.HtmlEncode(profileData["username"]))
.Replace("<GROUP>", HttpUtility.HtmlEncode(profileData["group_title"]))
.Replace("<REGISTERED>", HttpUtility.HtmlEncode(registered.ToString("dd MMMM yyyy")))
.Replace("<REGISTERED_DAYS>", HttpUtility.HtmlEncode(Misc.Plugins.getTimeString(registered)))
.Replace("<COUNTRY_FLAG>", profileData["country_code"].Length > 0 ? profileData["country_code"] : "unknown")
.Replace("<COUNTRY_TITLE>", Common.Country.getCountryTitle(profileData["country_code"], conn) ?? "Unknown")
.Replace("<GENDER_CODE>", profileData["gender"])
.Replace("<GENDER>", profileData["gender"] == "1" ? "Male" : profileData["gender"] == "2" ? "Female" : "Not specified.")
.Replace("<OCCUPATION>", profileData["occupation"].Length > 0 ? HttpUtility.HtmlEncode(profileData["occupation"]) : "Not specified.");
;
pageElements["TITLE"] = "Profile - " + HttpUtility.HtmlEncode(profileData["username"]);
}
示例2: pageRecover_SecretQA
/// <summary>
/// Used to allow the user to recover their account using the secret question and answer mechanism.
/// </summary>
/// <param name="pluginid"></param>
/// <param name="conn"></param>
/// <param name="pageElements"></param>
/// <param name="request"></param>
/// <param name="response"></param>
private static void pageRecover_SecretQA(string pluginid, Connector conn, ref Misc.PageElements pageElements, HttpRequest request, HttpResponse response)
{
// Add CSS file
Misc.Plugins.addHeaderCSS("/Content/CSS/BasicSiteAuth.css", ref pageElements);
if (request.QueryString["2"] != null && request.QueryString["2"] == "success")
{
// Display success page
pageElements["TITLE"] = "Account Recovery - Secret Question - Success";
pageElements["CONTENT"] = Core.templates["basic_site_auth"]["recovery_qa_success"];
// Add CSS file
Misc.Plugins.addHeaderCSS("/Content/CSS/BasicSiteAuth.css", ref pageElements);
}
else
{
string error = null;
string username = request.Form["username"];
string captcha = request.Form["captcha"];
string userid = null;
// Check if the user is looking up a user for the first time - we'll allow the user to answer if the captcha is valid - this is security against brute-force to test if users exist
if (username != null && captcha != null)
{
// Verify captcha
if (!Common.Validation.validCaptcha(captcha))
error = "Incorrect captcha code!";
else
HttpContext.Current.Session["recover_sqa"] = username;
}
// Check if the user exists
if (username != null)
{
string rawUserid = (conn.Query_Scalar("SELECT userid FROM bsa_users WHERE username LIKE '" + Utils.Escape(username.Replace("%", "")) + "'") ?? string.Empty).ToString();
if (rawUserid.Length > 0)
userid = rawUserid;
else
error = "User does not exist!";
}
// Check the user has not exceeded the maximum secret answering attempts
if (conn.Query_Count("SELECT COUNT('') FROM bsa_recovery_sqa_attempts WHERE ip='" + Utils.Escape(request.UserHostAddress) + "' AND datetime >= DATE_SUB(NOW(), INTERVAL " + Core.settings[SETTINGS_CATEGORY].getInt(SETTINGS_RECOVERY_SQA_ATTEMPTS_INTERVAL) + " MINUTE)") >= Core.settings[SETTINGS_CATEGORY].getInt(SETTINGS_RECOVERY_SQA_ATTEMPTS_MAX))
error = "You have exceeded the maximum attempts at answering a secret-question from this IP, come back in " + Core.settings[SETTINGS_CATEGORY].getInt(SETTINGS_RECOVERY_SQA_ATTEMPTS_INTERVAL) + " minutes!";
// Check if the user wants the form for answering a secret question - but only if a username has been posted, exists and captcha is valid
if (error == null && userid != null && HttpContext.Current.Session["recover_sqa"] != null && username == (string)HttpContext.Current.Session["recover_sqa"])
{
// Fetch the secret question & password
ResultRow sqa = conn.Query_Read("SELECT secret_question, secret_answer FROM bsa_users WHERE userid='" + Utils.Escape(userid) + "'")[0];
if (sqa["secret_question"].Length == 0 || sqa["secret_answer"].Length == 0)
error = "Secret question recovery for this account has been disabled!";
else
{
// Check for postback
string secretAnswer = request.Form["secret_answer"];
string newPassword = request.Form["newpassword"];
string newPasswordConfirm = request.Form["newpassword_confirm"];
if (username != null && secretAnswer != null)
{
const string incorrectAnswer = "Incorrect secret answer!";
// Validate
if (secretAnswer.Length < SECRET_ANSWER_MIN || secretAnswer.Length > SECRET_ANSWER_MAX)
error = incorrectAnswer;
else if (newPassword != newPasswordConfirm)
error = "Your new password and the confirm password are different, retype your password!";
else if (newPassword.Length < PASSWORD_MIN || newPassword.Length > PASSWORD_MAX)
error = "Password must be " + PASSWORD_MIN + " to " + PASSWORD_MAX + " characters in length!";
else if (sqa["secret_answer"] != secretAnswer)
{
// Insert the attempt
conn.Query_Execute("INSERT INTO bsa_recovery_sqa_attempts (ip, datetime) VALUES('" + Utils.Escape(request.UserHostAddress) + "', NOW())");
// Log the event
logEvent(userid, LogEvents.AccountRecovery_SQA_Incorrect, request.UserHostAddress + " - " + request.UserAgent, conn);
// Inform the user
error = "Incorrect secret answer!";
}
else
{
// Log the event
logEvent(userid, LogEvents.AccountRecovered_SQA, request.UserHostAddress + " - " + request.UserAgent, conn);
// Change the password
conn.Query_Execute("UPDATE bsa_users SET password='" + Utils.Escape(generateHash(newPassword, salt1, salt2)) + "' WHERE userid='" + Utils.Escape(userid) + "'");
// Redirect to success page
response.Redirect(pageElements["URL"] + "/recover/secret_qa/success");
}
}
// Display form
pageElements["TITLE"] = "Account Recovery - Secret Question";
pageElements["CONTENT"] = Core.templates["basic_site_auth"]["recovery_qa_question"]
.Replace("%USERNAME%", HttpUtility.HtmlEncode(username ?? string.Empty))
.Replace("%SECRET_QUESTION%", HttpUtility.HtmlEncode(sqa["secret_question"]))
.Replace("%SECRET_ANSWER%", HttpUtility.HtmlEncode(secretAnswer ?? string.Empty))
.Replace("%ERROR%", error != null ? Core.templates[pageElements["TEMPLATE"]]["error"].Replace("<ERROR>", HttpUtility.HtmlEncode(error)) : string.Empty);
// Add CSS file
Misc.Plugins.addHeaderCSS("/Content/CSS/BasicSiteAuth.css", ref pageElements);
}
}
//.........这里部分代码省略.........
示例3: pageRegister
//.........这里部分代码省略.........
}
break;
case null:
string error = null;
string username = request.Form["username"];
string password = request.Form["password"];
string confirmPassword = request.Form["confirm_password"];
string email = request.Form["email"];
string secretQuestion = request.Form["secret_question"];
string secretAnswer = request.Form["secret_answer"];
string captcha = request.Form["captcha"];
if (username != null && password != null && confirmPassword != null && email != null && secretQuestion != null && secretAnswer != null)
{
// Validate
if (!Common.Validation.validCaptcha(captcha))
error = "Incorrect captcha code!";
else if (username.Length < USERNAME_MIN || username.Length > USERNAME_MAX)
error = "Username must be " + USERNAME_MIN + " to " + USERNAME_MAX + " characters in length!";
else if ((error = validUsernameChars(username)) != null)
;
else if (password.Length < PASSWORD_MIN || password.Length > PASSWORD_MAX)
error = "Password must be " + PASSWORD_MIN + " to " + PASSWORD_MAX + " characters in length!";
else if (!validEmail(email))
error = "Invalid e-mail address!";
else if (secretQuestion.Length < SECRET_QUESTION_MIN || secretQuestion.Length > SECRET_QUESTION_MAX)
error = "Secret question must be " + SECRET_QUESTION_MIN + " to " + SECRET_QUESTION_MAX + " characters in length!";
else if (secretAnswer.Length < SECRET_ANSWER_MIN || secretAnswer.Length > SECRET_ANSWER_MAX)
error = "Secret answer must be " + SECRET_ANSWER_MIN + " to " + SECRET_ANSWER_MAX + " characters in length!";
else
{
// Attempt to insert the user
try
{
int userid = conn.Query_Count("INSERT INTO bsa_users (groupid, username, password, email, secret_question, secret_answer, registered) VALUES('" + Utils.Escape(Core.settings[SETTINGS_CATEGORY][SETTINGS_USER_GROUP_DEFAULT]) + "', '" + Utils.Escape(username) + "', '" + Utils.Escape(generateHash(password, salt1, salt2)) + "', '" + Utils.Escape(email) + "', '" + Utils.Escape(secretQuestion) + "', '" + Utils.Escape(secretAnswer) + "', NOW()); SELECT LAST_INSERT_ID();");
// Log registration
logEvent(userid.ToString(), LogEvents.Registered, null, conn);
// Send a welcome or activation e-mail
bool activation = conn.Query_Scalar("SELECT access_login FROM bsa_user_groups WHERE groupid='" + Utils.Escape(Core.settings[SETTINGS_CATEGORY][SETTINGS_USER_GROUP_DEFAULT]) + "'").ToString().Equals("0");
StringBuilder emailMessage;
if (activation)
{
// Generate activation key
string activationKey = Common.CommonUtils.randomText(16);
conn.Query_Execute("INSERT INTO bsa_activations (userid, code) VALUES('" + userid + "', '" + Utils.Escape(activationKey) + "');");
// Generate message
string baseURL = "http://" + request.Url.Host + (request.Url.Port != 80 ? ":" + request.Url.Port : string.Empty);
emailMessage = new StringBuilder(Core.templates["basic_site_auth"]["email_register_activate"]);
emailMessage
.Replace("%USERNAME%", username)
.Replace("%URL_ACTIVATE%", baseURL + "/register/activate/?key=" + activationKey)
.Replace("%URL_DELETE%", baseURL + "/register/deactivate/?key=" + activationKey)
.Replace("%IP_ADDRESS%", request.UserHostAddress)
.Replace("%BROWSER%", request.UserAgent)
.Replace("%DATE_TIME%", DateTime.Now.ToString("dd/MM/yyyy HH:mm:ss"));
}
else
{
emailMessage = new StringBuilder(Core.templates["basic_site_auth"]["email_register_welcome"]);
emailMessage
.Replace("%USERNAME%", username)
.Replace("%IP_ADDRESS%", request.UserHostAddress)
.Replace("%BROWSER%", request.UserAgent)
.Replace("%DATE_TIME%", DateTime.Now.ToString("dd/MM/yyyy HH:mm:ss"));
}
// Add e-mail to queue
Core.emailQueue.add(conn, email, Core.settings[SETTINGS_CATEGORY][SETTINGS_SITE_NAME] + " - Registration", emailMessage.ToString(), true);
示例4: pageLogin
/// <summary>
/// Used to authenticate existing users.
/// </summary>
/// <param name="pluginid"></param>
/// <param name="conn"></param>
/// <param name="pageElements"></param>
/// <param name="request"></param>
/// <param name="response"></param>
private static void pageLogin(string pluginid, Connector conn, ref Misc.PageElements pageElements, HttpRequest request, HttpResponse response)
{
const string incorrectUserPassword = "Incorrect username or password!";
string error = null;
string referral = request.Form["referral"];
// Check for login
if (request.Form["username"] != null && request.Form["password"] != null)
{
bool persist = request.Form["persist"] != null;
string username = request.Form["username"];
string password = request.Form["password"];
// Validate
if (!Common.Validation.validCaptcha(request.Form["captcha"]))
error = "Invalid captcha code!";
else if (username.Length < USERNAME_MIN || username.Length > USERNAME_MAX)
error = incorrectUserPassword;
else if (password.Length < PASSWORD_MIN || password.Length > PASSWORD_MAX)
error = incorrectUserPassword;
else
{
int maxLoginPeriod = int.Parse(Core.settings[SETTINGS_CATEGORY][SETTINGS_MAX_LOGIN_PERIOD]);
int maxLoginAttempts = int.Parse(Core.settings[SETTINGS_CATEGORY][SETTINGS_MAX_LOGIN_ATTEMPTS]);
// Check the IP has not tried to authenticate in the past
if (conn.Query_Count("SELECT COUNT('') FROM bsa_failed_logins WHERE ip='" + Utils.Escape(request.UserHostAddress) + "' AND datetime >= '" + Utils.Escape(DateTime.Now.AddMinutes(-maxLoginPeriod).ToString("yyyy-MM-dd HH:mm:ss")) + "'") >= maxLoginAttempts)
error = "You've exceeded the maximum login-attempts, try again in " + maxLoginPeriod + " minutes...";
else
{
// Set anti-injection flag
pageElements.setFlag(FLAG_PASSWORD_ACCESSED);
// Authenticate
Result res = conn.Query_Read("SELECT u.userid, u.password, g.access_login, COUNT(b.banid) AS active_bans FROM bsa_users AS u LEFT OUTER JOIN bsa_user_groups AS g ON g.groupid=u.groupid LEFT OUTER JOIN bsa_user_bans AS b ON (b.userid=u.userid AND ((b.unban_date IS NULL) OR (b.unban_date > NOW()) )) WHERE u.username='" + Utils.Escape(username) + "'");
if (res.Rows.Count != 1 || res[0]["password"] != generateHash(password, salt1, salt2))
{
// Incorrect login - log as an attempt
// -- Check if the user exists, if so we'll log it into the user_log table
res = conn.Query_Read("SELECT userid FROM bsa_users WHERE username LIKE '" + username.Replace("%", "") + "'");
conn.Query_Execute("INSERT INTO bsa_failed_logins (ip, attempted_username, datetime) VALUES('" + Utils.Escape(request.UserHostAddress) + "', '" + Utils.Escape(username) + "', NOW());");
// Log event
if(res.Rows.Count == 1)
logEvent(res[0]["userid"], LogEvents.Login_Incorrect, request.UserHostAddress + " - " + request.UserAgent, conn);
// Inform the user
error = incorrectUserPassword;
}
else if (!res[0]["access_login"].Equals("1"))
error = "Your account is not allowed to login; your account is either awaiting activation or you've been banned.";
else if (int.Parse(res[0]["active_bans"]) > 0)
{
Result currentBan = conn.Query_Read("SELECT reason, unban_date FROM bsa_user_bans WHERE userid='" + Utils.Escape(res[0]["userid"]) + "' ORDER BY unban_date DESC");
if (currentBan.Rows.Count == 0)
error = "You are currently banned.";
else
error = "Your account is currently banned until '" + (currentBan[0]["unban_date"].Length > 0 ? HttpUtility.HtmlEncode(currentBan[0]["unban_date"]) : "the end of time (permanent)") + "' for the reason '" + HttpUtility.HtmlEncode(currentBan[0]["reason"]) + "'!";
}
else
{
// Authenticate the user
FormsAuthentication.SetAuthCookie(res[0]["userid"], persist);
// Log the event
logEvent(res[0]["userid"], LogEvents.Login_Authenticated, request.UserHostAddress + " - " + request.UserAgent, conn);
// Check if a ref-url exists, if so redirect to it
conn.Disconnect();
if (referral != null && referral.Length > 0)
response.Redirect(referral);
else
response.Redirect(pageElements["URL"]);
}
}
}
}
// Display page
pageElements["TITLE"] = "Login";
pageElements["CONTENT"] = Core.templates["basic_site_auth"]["login"]
.Replace("%REFERRAL%", HttpUtility.HtmlEncode(referral != null ? referral : request.UrlReferrer != null ? request.UrlReferrer.AbsoluteUri : pageElements["URL"] + "/home"))
.Replace("%USERNAME%", request.Form["username"] ?? string.Empty)
.Replace("%PERSIST%", request.Form["persist"] != null ? "checked" : string.Empty)
.Replace("%ERROR%", error != null ? Core.templates[pageElements["TEMPLATE"]]["error"].Replace("<ERROR>", error) : string.Empty);
// Add CSS file
Misc.Plugins.addHeaderCSS("/Content/CSS/BasicSiteAuth.css", ref pageElements);
}
示例5: pageRecover_Email
/// <summary>
/// Used to recover
/// </summary>
/// <param name="pluginid"></param>
/// <param name="conn"></param>
/// <param name="pageElements"></param>
/// <param name="request"></param>
/// <param name="response"></param>
private static void pageRecover_Email(string pluginid, Connector conn, ref Misc.PageElements pageElements, HttpRequest request, HttpResponse response)
{
string error = null;
if (request.QueryString["2"] != null)
{
// User has opened a recovery link
string code = request.QueryString["2"];
// Check the code is valid and retrieve the account
Result rec = conn.Query_Read("SELECT recoveryid, userid, datetime_dispatched FROM bsa_recovery_email WHERE code='" + Utils.Escape(code) + "'");
if (rec.Rows.Count == 1)
{
// Code exists, display change password form
string newPassword = request.Form["new_password"];
bool passwordChanged = false;
if (newPassword != null)
{
// User has specified new password
if (newPassword.Length < PASSWORD_MIN || newPassword.Length > PASSWORD_MAX)
error = "Password must be " + PASSWORD_MIN + " to " + PASSWORD_MAX + " characters in length!";
else
{
// Log the event
logEvent(rec[0]["userid"], LogEvents.AccountRecovered_Email, request.UserHostAddress + " - " + request.UserAgent, conn);
// Update the password and delete the recovery row
conn.Query_Execute("DELETE FROM bsa_recovery_email WHERE recoveryid='" + Utils.Escape(rec[0]["recoveryid"]) + "'; UPDATE bsa_users SET password='" + Utils.Escape(generateHash(newPassword, salt1, salt2)) + "' WHERE userid='" + Utils.Escape(rec[0]["userid"]) + "';");
passwordChanged = true;
}
}
// Display form
if (passwordChanged)
{
pageElements["TITLE"] = "Account Recovery - Password Changed";
pageElements["CONTENT"] = Core.templates["basic_site_auth"]["recovery_email_changed"];
}
else
{
pageElements["TITLE"] = "Account Recovery - New Password";
pageElements["CONTENT"] = Core.templates["basic_site_auth"]["recovery_email_newpass"]
.Replace("%CODE%", HttpUtility.UrlEncode(code))
.Replace("%ERROR%", error != null ? Core.templates[pageElements["TEMPLATE"]]["error"].Replace("<ERROR>", error) : string.Empty);
}
// Add CSS file
Misc.Plugins.addHeaderCSS("/Content/CSS/BasicSiteAuth.css", ref pageElements);
}
}
else
{
// Ask for username, if postback..validate and dispatch recovery e-mail
bool emailDispatched = false;
string captcha = request.Form["captcha"];
string username = request.Form["username"];
if (username != null && captcha != null)
{
if (!Common.Validation.validCaptcha(captcha))
error = "Incorrect captcha code!";
else
{
// Validate the user exists and check the current IP hasn't surpassed the number of e-mails deployed for the day
Result info = conn.Query_Read("SELECT u.username, u.userid, u.email, COUNT(re.recoveryid) AS dispatches FROM bsa_users AS u LEFT OUTER JOIN bsa_recovery_email AS re ON (re.userid=u.userid AND re.ip='" + Utils.Escape(request.UserHostAddress) + "' AND re.datetime_dispatched >= DATE_SUB(NOW(), INTERVAL 1 DAY)) WHERE u.username LIKE '" + Utils.Escape(username.Replace("%", "")) + "'");
if (info.Rows.Count != 1)
error = "User does not exist!";
else if (int.Parse(info[0]["dispatches"]) >= int.Parse(Core.settings[SETTINGS_CATEGORY][SETTINGS_RECOVERY_MAX_EMAILS]))
error = "You've already sent the maximum amount of recovery e-mails allowed within the last 24 hours!";
else
{
string baseURL = "http://" + request.Url.Host + (request.Url.Port != 80 ? ":" + request.Url.Port : string.Empty);
// Create recovery record
string code = null;
// Ensure the code doesn't already exist - this is a major security concern because the code is essentially a password to an account
int attempts = 0;
while (attempts < 5)
{
code = Common.CommonUtils.randomText(16);
if (conn.Query_Count("SELECT COUNT('') FROM bsa_recovery_email WHERE code LIKE '" + Utils.Escape(code) + "'") == 0)
break;
else
code = null;
attempts++;
}
if (code == null)
error = "Unable to generate recovery code, try again - apologies!";
else
{
conn.Query_Execute("INSERT INTO bsa_recovery_email (userid, code, datetime_dispatched, ip) VALUES('" + Utils.Escape(info[0]["userid"]) + "', '" + Utils.Escape(code) + "', NOW(), '" + Utils.Escape(request.UserHostAddress) + "')");
// Build e-mail message
StringBuilder message = new StringBuilder(Core.templates["basic_site_auth"]["recovery_email"]);
message
.Replace("%USERNAME%", info[0]["username"])
.Replace("%URL%", baseURL + "/recover/email/" + code)
.Replace("%IP_ADDRESS%", request.UserHostAddress)
.Replace("%BROWSER%", request.UserAgent)
.Replace("%DATE_TIME%", DateTime.Now.ToString("dd/MM/yyyy HH:mm:ss"));
//.........这里部分代码省略.........
示例6: pageLog
/// <summary>
/// Displays logged events of the users actions; this can also be accessed by administrators for all users if the preprocessor
/// BASIC_SITE_AUTH_ADMIN is defined.
/// </summary>
/// <param name="pluginid"></param>
/// <param name="conn"></param>
/// <param name="pageElements"></param>
/// <param name="request"></param>
/// <param name="response"></param>
private static void pageLog(string pluginid, Connector conn, ref Misc.PageElements pageElements, HttpRequest request, HttpResponse response)
{
string userid = null;
// Check what account we'll be displaying
#if ADMIN_PANEL
if (request.QueryString["1"] != null)
{
// Check the current user is admin and the userid exists
Result currUser = conn.Query_Read("SELECT g.access_admin FROM bsa_users AS u LEFT OUTER JOIN bsa_user_groups AS g ON g.groupid=u.groupid WHERE u.userid='" + Utils.Escape(HttpContext.Current.User.Identity.Name) + "'");
if (currUser.Rows.Count != 1 || !currUser[0]["access_admin"].Equals("1") || conn.Query_Count("SELECT COUNT('') FROM bsa_users WHERE userid='" + Utils.Escape(request.QueryString["1"]) + "'") != 1)
return;
else
// User is admin - allow them to view another user's log records
userid = request.QueryString["1"];
}
#endif
// Check a userid has been set, else return
if (userid == null)
userid = HttpContext.Current.User.Identity.Name;
// Get request parameters
int page;
if (request.QueryString["pg"] == null || !int.TryParse(request.QueryString["pg"], out page) || page < 1)
page = 1;
bool sortDateAsc = request.QueryString["sd"] != null && request.QueryString["sd"].Equals("a");
bool sortDateDesc = request.QueryString["sd"] != null && request.QueryString["sd"].Equals("d");
bool sortEventTypesAsc = request.QueryString["se"] != null && request.QueryString["se"].Equals("a");
bool sortEventTypesDesc = request.QueryString["se"] != null && request.QueryString["se"].Equals("d");
// Begin building the event log items
StringBuilder eventItems = new StringBuilder();
StringBuilder item;
const int eventItemsPerPage = 8;
foreach (ResultRow logEvent in conn.Query_Read("SELECT * FROM bsa_user_log WHERE userid='" + Utils.Escape(userid) + "' ORDER BY " + (sortEventTypesAsc ? "event_type ASC" : sortEventTypesDesc ? "event_type DESC" : sortDateAsc ? "date ASC" : "date DESC") + " LIMIT " + ((eventItemsPerPage * page) - eventItemsPerPage) + "," + eventItemsPerPage))
{
item = new StringBuilder(Core.templates["basic_site_auth"]["log_event"]);
item
.Replace("<DATE>", HttpUtility.HtmlEncode(logEvent["date"].Length > 0 ? Misc.Plugins.getTimeString(DateTime.Parse(logEvent["date"])) : "Unknown"))
.Replace("<DATE_RAW>", HttpUtility.HtmlEncode(logEvent["date"]))
.Replace("<ADDITIONAL_INFO>", HttpUtility.HtmlEncode(logEvent["additional_info"]));
switch ((LogEvents)int.Parse(logEvent["event_type"]))
{
case LogEvents.Registered:
item.Replace("<EVENT_TITLE>", "Registration")
.Replace("<EVENT_ICON>", "Content/Images/basic_site_auth/log/Registered.png");
break;
case LogEvents.Login_Incorrect:
item.Replace("<EVENT_TITLE>", "Login: Incorrect")
.Replace("<EVENT_ICON>", "Content/Images/basic_site_auth/log/Login_Incorrect.png");
break;
case LogEvents.Login_Authenticated:
item.Replace("<EVENT_TITLE>", "Login: Authenticated")
.Replace("<EVENT_ICON>", "Content/Images/basic_site_auth/log/Login_Success.png");
break;
case LogEvents.AccountRecovery_SQA_Incorrect:
item.Replace("<EVENT_TITLE>", "Recovery: Secret Answer Incorrect")
.Replace("<EVENT_ICON>", "Content/Images/basic_site_auth/log/Recovery_Secret_Incorrect.png");
break;
case LogEvents.AccountRecovered_Email:
item.Replace("<EVENT_TITLE>", "Recovery: Successful via E-mail")
.Replace("<EVENT_ICON>", "Content/Images/basic_site_auth/log/Recovery_Email.png");
break;
case LogEvents.AccountRecovered_SQA:
item.Replace("<EVENT_TITLE>", "Recovery: Successful via Secret Answer")
.Replace("<EVENT_ICON>", "Content/Images/basic_site_auth/log/Recovery_Secret.png");
break;
case LogEvents.MyAccountUpdated:
item.Replace("<EVENT_TITLE>", "Account Details Updated")
.Replace("<EVENT_ICON>", "Content/Images/basic_site_auth/log/Account_Details.png");
break;
}
eventItems.Append(item.ToString());
item = null;
}
// Check if no log events occurred - if so, inform the user
if (eventItems.Length == 0)
eventItems.Append(Core.templates["basic_site_auth"]["log_no_events"]);
// Set content
pageElements["TITLE"] = "Account Log";
pageElements["CONTENT"] = Core.templates["basic_site_auth"]["log"]
.Replace("<EVENTS>", eventItems.ToString())
.Replace("<PAGE>", page.ToString())
.Replace("<URL_PREVIOUS>", pageElements["URL"] + "/log/" + userid + "?sd=" + request.QueryString["sd"] + "&se=" + request.QueryString["se"] + "&pg=" + (page == 1 ? 1 : page - 1))
.Replace("<URL_NEXT>", pageElements["URL"] + "/log/" + userid + "?sd=" + request.QueryString["sd"] + "&se=" + request.QueryString["se"] + "&pg=" + (int.MaxValue - 1 == page ? 1 : page + 1))
.Replace("<SORT_DATE>", pageElements["URL"] + "/log/" + userid + "?sd=" + (sortDateAsc ? "d" : "a"))
.Replace("<SORT_EVENT>", pageElements["URL"] + "/log/" + userid + "?se=" + (sortEventTypesAsc ? "d" : "a"))
.Replace("<USERID>", userid != HttpContext.Current.User.Identity.Name ? userid : string.Empty);
// Add CSS file
Misc.Plugins.addHeaderCSS("/Content/CSS/BasicSiteAuth.css", ref pageElements);
}
示例7: enable
public static string enable(string pluginid, Connector conn)
{
string error = null;
string basePath = Misc.Plugins.getPluginBasePath(pluginid, conn);
// Add pre-processor directive
Misc.Plugins.preprocessorDirective_Add("BASIC_SITE_AUTH");
// Install SQL
error = Misc.Plugins.executeSQL(basePath + "\\SQL\\Enable.sql", conn);
if (error != null) return error;
// Check authentication salts exist - else create them
initSalts(pluginid, conn);
// -- Check if any groups exist, else install base groups
if (conn.Query_Count("SELECT COUNT('') FROM bsa_user_groups") == 0)
{
error = Misc.Plugins.executeSQL(basePath + "\\SQL\\Enable_DefaultGroups.sql", conn);
if (error != null) return error;
// Check if to create a default user
if (conn.Query_Count("SELECT COUNT('') FROM bsa_users") == 0)
{
try
{
conn.Query_Execute("INSERT INTO bsa_users (groupid, username, password, email) VALUES('4', 'root', '" + Utils.Escape(generateHash("password", salt1, salt2)) + "', '[email protected]');");
}
catch (Exception ex)
{
return "Failed to create a default user - " + ex.Message + "!";
}
}
}
// Install settings
Core.settings.updateSetting(conn, pluginid, SETTINGS_CATEGORY, SETTINGS_USER_GROUP_DEFAULT, "1", "The default groupid assigned to new registered users.", false);
Core.settings.updateSetting(conn, pluginid, SETTINGS_CATEGORY, SETTINGS_USER_GROUP_USER, "2", "The groupid for basic users.", false);
Core.settings.updateSetting(conn, pluginid, SETTINGS_CATEGORY, SETTINGS_USER_GROUP_BANNED, "5", "The groupid of banned users.", false);
Core.settings.updateSetting(conn, pluginid, SETTINGS_CATEGORY, SETTINGS_MAX_LOGIN_ATTEMPTS, "5", "The maximum login attempts during a max-login period.", false);
Core.settings.updateSetting(conn, pluginid, SETTINGS_CATEGORY, SETTINGS_MAX_LOGIN_PERIOD, "20", "The period during which a maximum amount of login attempts can occur.", false);
Core.settings.updateSetting(conn, pluginid, SETTINGS_CATEGORY, SETTINGS_SITE_NAME, "Unnamed CMS", "The name of the site, as displayed in e-mails.", false);
Core.settings.updateSetting(conn, pluginid, SETTINGS_CATEGORY, SETTINGS_USERNAME_STRICT, "1", "If enabled, strict characters will only be allowed for usernames.", false);
Core.settings.updateSetting(conn, pluginid, SETTINGS_CATEGORY, SETTINGS_USERNAME_STRICT_CHARS, "abcdefghijklmnopqrstuvwxyz._àèòáéóñ0123456789", "The strict characters allowed for usernames if strict-mode is enabled.", false);
Core.settings.updateSetting(conn, pluginid, SETTINGS_CATEGORY, SETTINGS_RECOVERY_MAX_EMAILS, "3", "The maximum recovery e-mails to be dispatched from an IP per a day.", false);
Core.settings.updateSetting(conn, pluginid, SETTINGS_CATEGORY, SETTINGS_RECOVERY_SQA_ATTEMPTS_MAX, "3", "The maximum attempts of answering a secret question during a specified interval.", false);
Core.settings.updateSetting(conn, pluginid, SETTINGS_CATEGORY, SETTINGS_RECOVERY_SQA_ATTEMPTS_INTERVAL, "15", "The interval/number of minutes for maximum amounts of answering secret questions.", false);
// Install templates
Misc.Plugins.templatesInstall(basePath + "\\Templates\\basic_site_auth", conn);
if (error != null) return error;
// Install content
error = Misc.Plugins.contentInstall(basePath + "\\Content");
if (error != null) return error;
// Reserve URLs
Misc.Plugins.reserveURLs(pluginid, null, new string[] { "login", "logout", "register", "recover", "my_account", "log" }, conn);
if (error != null) return error;
#if ADMIN_PANEL
// Install admin pages
AdminPanel.adminPage_Install("UberCMS.BasicSiteAuth.Admin", "pageUsers", "Users", "Authentication", "Content/Images/basic_site_auth/admin/admin_users.png", conn);
AdminPanel.adminPage_Install("UberCMS.BasicSiteAuth.Admin", "pageUserGroups", "User Groups", "Authentication", "Content/Images/basic_site_auth/admin/admin_user_groups.png", conn);
AdminPanel.adminPage_Install("UberCMS.BasicSiteAuth.Admin", "pageUserLogs", "User Logs", "Authentication", "Content/Images/basic_site_auth/admin/admin_user_logs.png", conn);
#endif
// No error occurred, return null
return null;
}
示例8: pageUserGroups
public static void pageUserGroups(Connector conn, ref Misc.PageElements pageElements, HttpRequest request, HttpResponse response)
{
string error = null;
bool updatedSettings = false;
// Check for transfer of users
string transferGroupID = request.QueryString["transfer"];
if (transferGroupID != null)
{
// -- Transfer users to another group
// Grab the title of the origin group - this will also help to validate it exists too, else we'll 404
Result groupOrigin = conn.Query_Read("SELECT title FROM bsa_user_groups WHERE groupid='" + Utils.Escape(transferGroupID) + "'");
if (groupOrigin.Rows.Count != 1) return; // 404 - the group does not exist
string newTransferGroupID = request.QueryString["transfer_b"]; // The destination group ID
if (newTransferGroupID != null)
{
// Validate the group exists
if (conn.Query_Count("SELECT COUNT('') FROM bsa_user_groups WHERE groupid='" + Utils.Escape(newTransferGroupID) + "'") != 1)
error = "Destination group does not exist!";
else
{
// Transfer all the users http://memegenerator.net/instance/23587059
conn.Query_Execute("UPDATE bsa_users SET groupid='" + Utils.Escape(newTransferGroupID) + "' WHERE groupid='" + Utils.Escape(transferGroupID) + "'");
conn.Disconnect();
response.Redirect(pageElements["ADMIN_URL"]);
}
}
// Build a list of the current groups
StringBuilder currentGroups = new StringBuilder();
foreach (ResultRow group in conn.Query_Read("SELECT groupid, title FROM bsa_user_groups WHERE groupid != '" + Utils.Escape(transferGroupID) + "' ORDER BY title ASC"))
currentGroups.Append("<option value=\"").Append(group["groupid"]).Append("\">").Append(group["title"]).Append("</option>");
// Display form
pageElements["ADMIN_CONTENT"] =
Core.templates["basic_site_auth"]["admin_user_groupstransfer"]
.Replace("%GROUPID%", HttpUtility.HtmlEncode(transferGroupID))
.Replace("%TITLE%", HttpUtility.HtmlEncode(groupOrigin[0]["title"]))
.Replace("%GROUPS%", currentGroups.ToString())
.Replace("%ERROR%", error != null ? Core.templates[pageElements["TEMPLATE"]]["error"].Replace("<ERROR>", HttpUtility.HtmlEncode(error)) : string.Empty)
;
}
else
{
// -- List all user groups
// Check for postback - delete a group
string delete = request.QueryString["delete"];
if (delete != null)
{
if (conn.Query_Count("SELECT COUNT('') FROM bsa_users WHERE groupid='" + Utils.Escape(delete) + "'") > 0)
error = "Cannot delete group - the group contains users, transfer them to another group first!";
else
{
conn.Query_Execute("DELETE FROM bsa_user_groups WHERE groupid='" + Utils.Escape(delete) + "'");
conn.Disconnect();
response.Redirect(pageElements["ADMIN_URL"], true);
}
}
// Check for postback - added group
string groupAddTitle = request.Form["group_add_title"];
if (groupAddTitle != null)
{
if (groupAddTitle.Length < Plugins.BasicSiteAuth.USER_GROUP_TITLE_MIN || groupAddTitle.Length > Plugins.BasicSiteAuth.USER_GROUP_TITLE_MAX)
error = "Group title must be between " + Plugins.BasicSiteAuth.USER_GROUP_TITLE_MIN + " to " + Plugins.BasicSiteAuth.USER_GROUP_TITLE_MAX + " characters in length!";
else
conn.Query_Execute("INSERT INTO bsa_user_groups (title) VALUES('" + Utils.Escape(groupAddTitle) + "')");
}
// Grab the current permissions
const string dbPermissionsQuery = "SELECT * FROM bsa_user_groups ORDER BY title ASC";
Result dbPermissions = conn.Query_Read(dbPermissionsQuery);
// Check for postback - permissions
string groupid, column, value;
string[] parts;
Dictionary<string, Dictionary<string, string>> groupRowsUpdate = new Dictionary<string, Dictionary<string, string>>();
for (int i = 0; i < request.Form.Count; i++)
{
parts = request.Form.Keys[i].Split('$');
if (parts.Length == 2 && parts[0].StartsWith("group_"))
{
groupid = parts[0].Substring(6);
column = parts[1];
value = request.Form[i];
if (!groupRowsUpdate.ContainsKey(groupid))
groupRowsUpdate.Add(groupid, new Dictionary<string, string>());
groupRowsUpdate[groupid].Add(column, value);
}
}
if (groupRowsUpdate.Count > 0)
{
// Postback made - generate query by going through each permissions row and checking for a state (or lack of state) change
StringBuilder queries = new StringBuilder();
StringBuilder query;
const string queryStart = "UPDATE bsa_user_groups SET ";
string currGroupId;
foreach (ResultRow dbPermissionsRow in dbPermissions)
{
currGroupId = dbPermissionsRow["groupid"];
// Check if this group has been updated at all
if (groupRowsUpdate.ContainsKey(currGroupId))
{
query = new StringBuilder(queryStart);
foreach (KeyValuePair<string, object> groupColumn in dbPermissionsRow.Columns)
{
//.........这里部分代码省略.........
示例9: pageArticle_View_Comments
public static void pageArticle_View_Comments(ref string pluginid, ref Connector conn, ref Misc.PageElements pageElements, ref HttpRequest request, ref HttpResponse response, ref bool permCreate, ref bool permDelete, ref bool permPublish, ref bool owner, ref StringBuilder content, ref ResultRow article)
{
bool allowComments = article["allow_comments_thread"].Equals("1");
if (!allowComments)
content.Append(Core.templates["articles"]["comments_disabled"]);
// -- Check for a new comment posted by the user
string commentError = null;
string commentBody = request.Form["comment_body"];
string commentCaptcha = request.Form["comment_captcha"];
if (commentBody != null && commentCaptcha != null)
{
if (!Common.Validation.validCaptcha(commentCaptcha))
commentError = "Incorrect captcha verification code!";
else if (commentBody.Length < Core.settings[SETTINGS_KEY].getInt(SETTINGS_COMMENTS_LENGTH_MIN) || commentBody.Length > Core.settings[SETTINGS_KEY].getInt(SETTINGS_COMMENTS_LENGTH_MAX))
commentError = "Your comment must be " + Core.settings[SETTINGS_KEY][SETTINGS_COMMENTS_LENGTH_MIN] + " to " + Core.settings[SETTINGS_KEY][SETTINGS_COMMENTS_LENGTH_MAX] + " in length!";
else if (commentBody.Replace(" ", string.Empty).Length == 0)
commentError = "Comment cannot be empty/contain just spaces!";
else if (conn.Query_Count("SELECT COUNT('') FROM articles_thread_comments WHERE userid='" + Utils.Escape(HttpContext.Current.User.Identity.Name) + "' AND datetime >= DATE_SUB(NOW(), INTERVAL 1 HOUR)") >= Core.settings[SETTINGS_KEY].getInt(SETTINGS_COMMENTS_MAX_PER_HOUR))
commentError = "You've already posted the maximum of " + Core.settings[SETTINGS_KEY][SETTINGS_COMMENTS_MAX_PER_HOUR] + " comments per an hour - try again later!";
else
{
// Insert the post
conn.Query_Execute("INSERT INTO articles_thread_comments (threadid, userid, message, datetime) VALUES('" + Utils.Escape(article["threadid"]) + "', '" + Utils.Escape(HttpContext.Current.User.Identity.Name) + "', '" + Utils.Escape(commentBody) + "', NOW())");
// Reset comment body
commentBody = null;
}
}
// -- Check if to delete a comment
string dcom = request.QueryString["dcom"];
if (dcom != null && HttpContext.Current.User.Identity.IsAuthenticated && Misc.Plugins.isNumeric(dcom))
{
bool canDelete = permDelete;
if (!canDelete)
{
// -- User cannot delete all comments, check if they're the owner
Result dcomData = conn.Query_Read("SELECT userid FROM articles_thread_comments WHERE commentid='" + Utils.Escape(dcom) + "'");
if (dcomData.Rows.Count == 1 && dcomData[0]["userid"] == HttpContext.Current.User.Identity.Name)
canDelete = true;
}
if (!canDelete) return;
else
conn.Query_Execute("DELETE FROM articles_thread_comments WHERE commentid='" + Utils.Escape(dcom) + "'");
}
// Build comments body
string commentsPageRaw = request.QueryString["apg"];
// -- Get the page
int commentsPage;
if (!int.TryParse(commentsPageRaw, out commentsPage) || commentsPage < 1) commentsPage = 1;
// -- Get the comments data associated with that page
int commentsPerPage = Core.settings[SETTINGS_KEY].getInt(SETTINGS_COMMENTS_PER_PAGE);
Result commentsData = conn.Query_Read("SELECT atc.*, u.username FROM articles_thread_comments AS atc LEFT OUTER JOIN bsa_users AS u ON u.userid=atc.userid WHERE threadid='" + Utils.Escape(article["threadid"]) + "' ORDER BY datetime DESC LIMIT " + ((commentsPerPage * commentsPage) - commentsPerPage) + "," + commentsPerPage);
// -- Build the data
if (commentsData.Rows.Count == 0)
content.Append(Core.templates["articles"]["comments_empty"]);
else
foreach (ResultRow comment in commentsData)
{
content.Append(
(HttpContext.Current.User.Identity.IsAuthenticated && (permDelete || HttpContext.Current.User.Identity.Name == comment["userid"]) ? Core.templates["articles"]["comment_delete"] : Core.templates["articles"]["comment"])
.Replace("<USERID>", comment["userid"])
.Replace("<ARTICLEID>", article["articleid"])
.Replace("<COMMENTID>", comment["commentid"])
.Replace("<USERNAME>", HttpUtility.HtmlEncode(comment["username"]))
.Replace("<DATETIME>", HttpUtility.HtmlEncode(comment["datetime"]))
.Replace("<BODY>", HttpUtility.HtmlEncode(comment["message"]))
);
}
// Set navigator
content.Append(
Core.templates["articles"]["page_nav"]
.Replace("<SUBPAGE>", "comments")
.Replace("<PAGE>", commentsPage.ToString())
.Replace("<PAGE_PREVIOUS>", (commentsPage > 1 ? commentsPage - 1 : 1).ToString())
.Replace("<PAGE_NEXT>", (commentsPage < int.MaxValue ? commentsPage + 1 : int.MaxValue).ToString())
);
// -- Set flags for the previous and next buttons - very simple solution but highly efficient
if (commentsPage > 1)
pageElements.setFlag("ARTICLE_PAGE_PREVIOUS");
if (commentsData.Rows.Count == commentsPerPage)
pageElements.setFlag("ARTICLE_PAGE_NEXT");
// Set the postbox
if (HttpContext.Current.User.Identity.IsAuthenticated && allowComments)
content.Append(
Core.templates["articles"]["comments_postbox"]
.Replace("<ERROR>", commentError != null ? Core.templates[pageElements["TEMPLATE"]]["error"].Replace("<ERROR>", commentError) : string.Empty)
.Replace("<COMMENT_BODY>", HttpUtility.HtmlEncode(commentBody))
);
}
示例10: pageArticle_View
//.........这里部分代码省略.........
case "permissions":
if (!permPublish) return;
pageArticle_View_Permissions(ref pluginid, ref conn, ref pageElements, ref request, ref response, ref permCreate, ref permDelete, ref permPublish, ref owner, ref subpageContent, ref article);
break;
case "pdf":
pageArticle_View_Pdf(ref pluginid, ref conn, ref pageElements, ref request, ref response, ref article);
break;
default:
return; // 404 - unknown sub-page
}
content.Replace("<BODY>", subpageContent.ToString());
}
else
{
if (!published && article["allow_html"].Equals("1"))
{
// Wrap content in HTML protection container (against e.g. malicious uploads)
subpageContent.Append(
Core.templates["articles"]["article_html_protect"]
.Replace("<DATA>", article["body_cached"].Replace("<", "<").Replace(">", ">"))
);
}
else
subpageContent.Append(article["body_cached"]);
// Insert article dependencies
Common.formatProvider_formatIncludes(request, response, conn, ref pageElements, true, true);
// Generate tags
StringBuilder tags = new StringBuilder();
StringBuilder metaTags = new StringBuilder("<meta name=\"keywords\" content=\"");
foreach (ResultRow tag in conn.Query_Read("SELECT at.keyword FROM articles_tags_article AS ata LEFT OUTER JOIN articles_tags AS at ON at.tagid=ata.tagid WHERE ata.articleid='" + Utils.Escape(article["articleid"]) + "'"))
{
// Append tag for the bottom of the article
tags.Append(
Core.templates["articles"]["article_tag"].Replace("<TITLE_ENCODED>", HttpUtility.HtmlEncode(tag["keyword"])).Replace("<TITLE>", HttpUtility.HtmlEncode(tag["keyword"]))
);
// Append tag for meta
metaTags.Append(HttpUtility.HtmlEncode(tag["keyword"])).Append(",");
}
metaTags.Remove(metaTags.Length - 1, 1);
// -- Append meta keywords
pageElements["HEADER"] += metaTags.Append("\">").ToString();
// -- Append meta author
pageElements["HEADER"] += "<meta name=\"author\" content=\"" + article["username"] + "\" />";
// Set the article's body
content.Replace("<BODY>", subpageContent.ToString())
.Append(
Core.templates["articles"]["article_footer"]
.Replace("<TAGS>", tags.Length == 0 ? "(none)" : tags.ToString()))
.Replace("<DATE>", article["datetime"].Length > 0 ? Misc.Plugins.getTimeString(DateTime.Parse(article["datetime"])) : "unknown")
.Replace("<FULL_DATE>", article["datetime"].Length > 0 ? DateTime.Parse(article["datetime"]).ToString("dd/MM/yyyy HH:mm:ss") : "unknown")
.Replace("<REVISION>", HttpUtility.HtmlEncode(article["revision"]))
;
}
// Add pane
content
.Replace("<ARTICLEID>", HttpUtility.HtmlEncode(article["articleid"]))
.Replace("<THREADID>", HttpUtility.HtmlEncode(article["threadid"]))
.Replace("<COMMENTS>", conn.Query_Count("SELECT COUNT('') FROM articles_thread_comments WHERE threadid='" + Utils.Escape(article["threadid"]) + "'").ToString())
.Replace("<PDF_NAME>", HttpUtility.HtmlEncode(article["pdf_name"]))
;
bool pdf = request.QueryString["pdf"] != null;
// Set flag for showing pane - this can be overriden if a querystring force_pane is specified
if (article["show_pane"].Equals("1") || !published || request.QueryString["force_pane"] != null || subpage)
pageElements.setFlag("ARTICLE_SHOW_PANE");
// Set published flag
if (published)
pageElements.setFlag("ARTICLE_PUBLISHED");
// Set download as PDF flag
if (Core.settings[SETTINGS_KEY].getBool(SETTINGS_PDF_ENABLED) && article["pdf_name"].Length > 0)
pageElements.setFlag("ARTICLE_PDF_DOWNLOAD");
//Set current article flag
if (article["articleid_current"] == article["articleid"])
pageElements.setFlag("ARTICLE_CURRENT");
// Check if to use the PDF template
if (pdf)
{
pageElements["TEMPLATE"] = "articles_pdf";
pageElements.setFlag("ARTICLE_PDF_MODE");
}
// Set permission flags
if (permCreate)
pageElements.setFlag("ARTICLE_PERM_CREATE");
if (permDelete)
pageElements.setFlag("ARTICLE_PERM_DELETE");
if (permPublish)
pageElements.setFlag("ARTICLE_PERM_PUBLISH");
pageElements["TITLE"] = HttpUtility.HtmlEncode(article["title"]);
pageElements["CONTENT"] = content.ToString();
Misc.Plugins.addHeaderCSS(pageElements["URL"] + "/Content/CSS/Article.css", ref pageElements);
Misc.Plugins.addHeaderJS(pageElements["URL"] + "/Content/JS/Article.js", ref pageElements);
}