using System; using System.ComponentModel.DataAnnotations; using System.Net.Mail; using System.Security.Cryptography; using System.Text; using System.Web.Mvc; using Portoa.Web.Controllers; using Portoa.Web.Filters; using Portoa.Web.Security; using Portoa.Web.Util; using VideoGameQuotes.Api; using VideoGameQuotes.Web.Models; namespace VideoGameQuotes.Web.Controllers { public static class CaptchaUtil { private static readonly Random random = new Random(); private static readonly string[] answers = new[] { "I AM ERROR", "shyron", "our princess is in another castle", "the cake is a lie", "all your base", "ganon not gannon", "thunderbird", "glad you came, pit", "ryu huyabasa" }; public static string GetRandomAnswer() { return answers[random.Next(answers.Length)]; } public static string Hash(string value) { return Convert.ToBase64String(MD5.Create().ComputeHash(Encoding.ASCII.GetBytes(value ?? string.Empty))); } } public class HomeController : Controller { private readonly IAuthenticationService authenticationService; private readonly ICurrentUserProvider userProvider; public HomeController(IAuthenticationService authenticationService, ICurrentUserProvider userProvider) { this.authenticationService = authenticationService; this.userProvider = userProvider; } protected new ActionResult Json(object data) { return this.SerializeToJson(data); } public ActionResult Index() { return View(); } public ActionResult About() { return View(); } public ActionResult Robots() { const string robotsTxt = @"User-Agent: * Disallow: /search/ "; return Content(robotsTxt, "text/plain", Encoding.UTF8); } public ActionResult Favicon() { return File("/media/images/favicon.png", "image/png"); } [HttpPost] public ActionResult Login([Required]string username, [Required]string password) { if (!ModelState.IsValid) { return Json(this.CreateJsonErrorResponse("Invalid request")); } if (!authenticationService.IsValid(username, password)) { return Json(this.CreateJsonErrorResponse("Invalid username/password")); } authenticationService.Login(username); return Json(this.CreateJsonResponse()); } [PrivateAction] public ActionResult MainMenu() { var model = new MainMenuModel { User = userProvider.CurrentUser }; return PartialView("MainMenu", model); } public ActionResult Logout(string redirectUrl) { authenticationService.Logout(); return Redirect(redirectUrl ?? "/"); } public ActionResult Contact() { var randomAnswer = CaptchaUtil.GetRandomAnswer(); var model = new ContactModel { UnhashedCaptchaAnswer = randomAnswer, HashedCaptchaAnswer = CaptchaUtil.Hash(randomAnswer) }; return View(model); } private static void ResetModel(ContactModel model) { model.UnhashedCaptchaAnswer = CaptchaUtil.GetRandomAnswer(); model.HashedCaptchaAnswer = CaptchaUtil.Hash(model.UnhashedCaptchaAnswer); model.CaptchaAnswer = null; } [HttpPost] public ActionResult Contact(ContactModel model) { if (CaptchaUtil.Hash(model.CaptchaAnswer) != model.HashedCaptchaAnswer) { ModelState.AddModelError("CaptchaAnswer", "You are not human"); } if (!ModelState.IsValid) { ResetModel(model); return View(model); } //send email var fromAddress = new MailAddress("contact@vgquotes.com", "Contact Bot"); var subject = string.Format("[vgquotes.com] Message from {0}", model.Name); var client = new SmtpClient { Host = "localhost" }; var message = new MailMessage(fromAddress, new MailAddress("tmont@tmont.com")) { Subject = subject, Body = model.Message }; message.ReplyToList.Add(new MailAddress(model.Email, model.Name)); try { client.Send(message); } catch (Exception e) { ModelState.AddModelError("client", e.Message); ResetModel(model); return View(model); } return View("ContactSuccess"); } } }