using System;
using System.Data;
using System.Web;
using System.Linq;
using umbraco.BusinessLogic;
using umbraco.DataLayer;
using umbraco.IO;
using System.Web.UI;
namespace umbraco.BasePages {
///
/// umbraco.BasePages.BasePage is the default page type for the umbraco backend.
/// The basepage keeps track of the current user and the page context. But does not
/// Restrict access to the page itself.
/// The keep the page secure, the umbracoEnsuredPage class should be used instead
///
public class BasePage : System.Web.UI.Page {
private User _user;
private bool _userisValidated = false;
private ClientTools m_clientTools;
// ticks per minute 600,000,000
private static long _ticksPrMinute = 600000000;
private static int _umbracoTimeOutInMinutes = GlobalSettings.TimeOutInMinutes;
///
/// The path to the umbraco root folder
///
protected string UmbracoPath = SystemDirectories.Umbraco;
///
/// The current user ID
///
protected int uid = 0;
///
/// The page timeout in seconds.
///
protected long timeout = 0;
///
/// Gets the SQL helper.
///
/// The SQL helper.
protected static ISqlHelper SqlHelper {
get { return umbraco.BusinessLogic.Application.SqlHelper; }
}
///
/// Initializes a new instance of the class.
///
public BasePage() {
}
///
/// Returns the current BasePage for the current request.
/// This assumes that the current page is a BasePage, otherwise, returns null;
///
public static BasePage Current
{
get
{
return HttpContext.Current.CurrentHandler as BasePage;
}
}
///
/// Returns a refernce of an instance of ClientTools for access to the pages client API
///
public ClientTools ClientTools
{
get
{
if (m_clientTools == null)
m_clientTools = new ClientTools(this);
return m_clientTools;
}
}
[Obsolete("Use ClientTools instead")]
public void RefreshPage(int Seconds)
{
ClientTools.RefreshAdmin(Seconds);
}
private void validateUser() {
if ((umbracoUserContextID != "")) {
uid = GetUserId(umbracoUserContextID);
timeout = GetTimeout(umbracoUserContextID);
if (timeout > DateTime.Now.Ticks) {
_user = BusinessLogic.User.GetUser(uid);
// Check for console access
if (_user.NoConsole && GlobalSettings.RequestIsInUmbracoApplication(HttpContext.Current) && !GlobalSettings.RequestIsLiveEditRedirector(HttpContext.Current))
{
throw new ArgumentException("You have no priviledges to the umbraco console. Please contact your administrator");
}
else
{
_userisValidated = true;
updateLogin();
}
} else {
throw new ArgumentException("User has timed out!!");
}
} else
throw new ArgumentException("The user has no umbraco contextid - try logging in");
}
///
/// Gets the user id.
///
/// The umbraco user context ID.
///
public static int GetUserId(string umbracoUserContextID) {
try {
if (System.Web.HttpRuntime.Cache["UmbracoUserContext" + umbracoUserContextID] == null) {
System.Web.HttpRuntime.Cache.Insert(
"UmbracoUserContext" + umbracoUserContextID,
SqlHelper.ExecuteScalar("select userID from umbracoUserLogins where contextID = @contextId",
SqlHelper.CreateParameter("@contextId", new Guid(umbracoUserContextID))
),
null,
System.Web.Caching.Cache.NoAbsoluteExpiration,
new TimeSpan(0, (int)(_umbracoTimeOutInMinutes / 10), 0));
}
return (int)System.Web.HttpRuntime.Cache["UmbracoUserContext" + umbracoUserContextID];
} catch {
return -1;
}
}
// Added by NH to use with webservices authentications
///
/// Validates the user context ID.
///
/// The umbraco user context ID.
///
public static bool ValidateUserContextID(string umbracoUserContextID) {
if ((umbracoUserContextID != "")) {
int uid = GetUserId(umbracoUserContextID);
long timeout = GetTimeout(umbracoUserContextID);
if (timeout > DateTime.Now.Ticks) {
return true;
} else {
BusinessLogic.Log.Add(BusinessLogic.LogTypes.Logout, BusinessLogic.User.GetUser(uid), -1, "");
return false;
}
} else
return false;
}
private static long GetTimeout(string umbracoUserContextID) {
if (System.Web.HttpRuntime.Cache["UmbracoUserContextTimeout" + umbracoUserContextID] == null) {
System.Web.HttpRuntime.Cache.Insert(
"UmbracoUserContextTimeout" + umbracoUserContextID,
SqlHelper.ExecuteScalar("select timeout from umbracoUserLogins where contextId=@contextId",
SqlHelper.CreateParameter("@contextId", new Guid(umbracoUserContextID))
),
null,
DateTime.Now.AddMinutes(_umbracoTimeOutInMinutes / 10), System.Web.Caching.Cache.NoSlidingExpiration);
}
return (long)System.Web.HttpRuntime.Cache["UmbracoUserContextTimeout" + umbracoUserContextID];
}
// Changed to public by NH to help with webservice authentication
///
/// Gets or sets the umbraco user context ID.
///
/// The umbraco user context ID.
public static string umbracoUserContextID {
get
{
if (HttpContext.Current != null)
if (HttpContext.Current.Request != null)
if (HttpContext.Current.Request.Cookies != null)
{
HttpCookie userContext = HttpContext.Current.Request.Cookies.Get("UserContext");
if (userContext != null)
return userContext.Value;
}
return "";
}
set {
if (HttpContext.Current != null)
{
// Clearing all old cookies before setting a new one.
try
{
if (HttpContext.Current.Request != null)
if (HttpContext.Current.Request.Cookies["UserContext"] != null)
{
HttpContext.Current.Response.Cookies.Clear();
}
}
catch
{
}
// Create new cookie.
var c = new HttpCookie("UserContext");
c.Name = "UserContext";
c.Value = value;
c.Expires = DateTime.Now.AddDays(1);
HttpContext.Current.Response.Cookies.Add(c);
}
}
}
///
/// Clears the login.
///
public void ClearLogin() {
umbracoUserContextID = "";
}
private void updateLogin() {
// only call update if more than 1/10 of the timeout has passed
if (timeout - (((_ticksPrMinute * _umbracoTimeOutInMinutes) * 0.8)) < DateTime.Now.Ticks)
SqlHelper.ExecuteNonQuery(
"UPDATE umbracoUserLogins SET timeout = @timeout WHERE contextId = @contextId",
SqlHelper.CreateParameter("@timeout", DateTime.Now.Ticks + (_ticksPrMinute * _umbracoTimeOutInMinutes)),
SqlHelper.CreateParameter("@contextId", umbracoUserContextID));
}
///
/// Logs a user in.
///
/// The user
public static void doLogin(User u) {
Guid retVal = Guid.NewGuid();
SqlHelper.ExecuteNonQuery(
"insert into umbracoUserLogins (contextID, userID, timeout) values (@contextId,'" + u.Id + "','" +
(DateTime.Now.Ticks + (_ticksPrMinute * _umbracoTimeOutInMinutes)).ToString() +
"') ",
SqlHelper.CreateParameter("@contextId", retVal));
umbracoUserContextID = retVal.ToString();
BusinessLogic.Log.Add(BusinessLogic.LogTypes.Login, u, -1, "");
}
///
/// Gets the user.
///
///
public User getUser() {
if (!_userisValidated) validateUser();
return _user;
}
///
/// Ensures the page context.
///
public void ensureContext() {
validateUser();
}
[Obsolete("Use ClientTools instead")]
public void speechBubble(speechBubbleIcon i, string header, string body)
{
ClientTools.ShowSpeechBubble(i, header, body);
}
//[Obsolete("Use ClientTools instead")]
//public void reloadParentNode()
//{
// ClientTools.ReloadParentNode(true);
//}
///
/// a collection of available speechbubble icons
///
public enum speechBubbleIcon {
///
/// Save icon
///
save,
///
/// Info icon
///
info,
///
/// Error icon
///
error,
///
/// Success icon
///
success,
///
/// Warning icon
///
warning
}
///
/// Raises the event.
///
/// The object that contains the event data.
protected override void OnLoad(EventArgs e) {
base.OnLoad(e);
if (!Request.IsSecureConnection && GlobalSettings.UseSSL) {
string serverName = HttpUtility.UrlEncode(Request.ServerVariables["SERVER_NAME"]);
Response.Redirect(string.Format("https://{0}{1}", serverName, Request.FilePath));
}
}
///
/// Override client target.
///
[Obsolete("This is no longer supported")]
public bool OverrideClientTarget = false;
}
}