Patched Session Timeout exceptions.

Also added new OSAESecurity to Web UI Screens

Author: KHerron

UI/Web/Default.aspx.cs

@@ -9,7 +9,7 @@ public partial class _Default : System.Web.UI.Page
     protected void Page_Load(object sender, EventArgs e)
     {
         DataSet dataset = new DataSet();
-        dataset = OSAE.OSAESql.RunSQL("select count(object_id) from osae_v_object_property where object_type = 'PERSON' and property_name = 'password' and length(property_value) > 0");
+        dataset = OSAE.OSAESql.RunSQL("select count(object_id)from osae_v_object_property where object_type = 'PERSON' and property_name = 'password' and length(property_value) > 0");
         if (Convert.ToInt16(dataset.Tables[0].Rows[0][0].ToString()) > 0) txtUserName.Focus();
         else Response.Redirect("~/firstrun.aspx");
     }
@@ -33,6 +33,7 @@ protected void imgSubmit_Click(object sender, EventArgs e)
                     Session["UserName"] = OSAEObjectManager.GetObjectByName(this.txtUserName.Text.Trim()).Name;
                     Session["TrustLevel"] = OSAEObjectPropertyManager.GetObjectPropertyValue(this.txtUserName.Text.Trim(), "Trust Level").Value;
                     Session["SecurityLevel"] = OSAEObjectPropertyManager.GetObjectPropertyValue(this.txtUserName.Text.Trim(), "Security Level").Value;
+                    Session.Timeout = cto;
                 }
                 else
                 {
@@ -44,6 +45,7 @@ protected void imgSubmit_Click(object sender, EventArgs e)
                     Session["UserName"] = OSAEObjectManager.GetObjectByName(this.txtUserName.Text.Trim()).Name;
                     Session["TrustLevel"] = OSAEObjectPropertyManager.GetObjectPropertyValue(this.txtUserName.Text.Trim(), "Trust Level").Value;
                     Session["SecurityLevel"] = OSAEObjectPropertyManager.GetObjectPropertyValue(this.txtUserName.Text.Trim(), "Security Level").Value;
+                    Session.Timeout = cto;
                 }
 
                 // Do the redirect. 

UI/Web/Global.asax

@@ -12,7 +12,7 @@
     void Application_End(object sender, EventArgs e)
     {
         //  Code that runs on application shutdown
-
+        Session.Abandon();
     }
 
     void Application_Error(object sender, EventArgs e)
@@ -35,11 +35,11 @@
 
     }
 
-    //void Application_BeginRequest(object sender, EventArgs e)
-    //{
-    //    string culture = OSAE.OSAEObjectPropertyManager.GetObjectPropertyValue("System", "Culture").Value;
-    //    System.Threading.Thread.CurrentThread.CurrentUICulture = new System.Globalization.CultureInfo(culture);
-    //    System.Threading.Thread.CurrentThread.CurrentCulture = new System.Globalization.CultureInfo(culture);
-    //}
+    void Application_BeginRequest(object sender, EventArgs e)
+    {
+        string culture = OSAE.OSAEObjectPropertyManager.GetObjectPropertyValue("System", "Culture").Value;
+        System.Threading.Thread.CurrentThread.CurrentUICulture = new System.Globalization.CultureInfo(culture);
+        System.Threading.Thread.CurrentThread.CurrentCulture = new System.Globalization.CultureInfo(culture);
+    }
 
 </script>

UI/Web/MasterPage.master.cs

@@ -11,12 +11,15 @@ public partial class MasterPage : System.Web.UI.MasterPage
     protected void Page_Load(object sender, EventArgs e)
     {
 
-        if (Request.Headers["User-Agent"] != null && (Request.Browser["IsMobileDevice"] == "true" || Request.UserAgent.ToUpper().Contains("MIDP") || Request.UserAgent.ToUpper().Contains("CLDC") || Request.UserAgent.ToLower().Contains("iphone") || Request.UserAgent.ToLower().Contains("avant") || Request.UserAgent.ToLower().Contains("nokia") || Request.UserAgent.ToLower().Contains("pda") || Request.UserAgent.ToLower().Contains("moto") || Request.UserAgent.ToLower().Contains("windows ce") || Request.UserAgent.ToLower().Contains("hand") || Request.UserAgent.ToLower().Contains("mobi") || Request.UserAgent.ToUpper().Contains("HTC") || Request.UserAgent.ToLower().Contains("sony") || Request.UserAgent.ToLower().Contains("panasonic") || Request.UserAgent.ToLower().Contains("blackberry") || Request.UserAgent.ToLower().Contains("240x320") || Request.UserAgent.ToLower().Contains("voda")))
+        if (Request.Headers["User-Agent"] != null && (Request.Browser["IsMobileDevice"] == "true" || Request.UserAgent.ToUpper().Contains("MIDP") || Request.UserAgent.ToUpper().Contains("CLDC") || Request.UserAgent.ToLower().Contains("iphone") || Request.UserAgent.ToLower().Contains("avant") || Request.UserAgent.ToLower().Contains("nokia") || Request.UserAgent.ToLower().Contains("pda") || Request.UserAgent.ToLower().Contains("moto") || Request.UserAgent.ToLower().Contains("windows ce") || Request.UserAgent.ToLower().Contains("hand") || Request.UserAgent.ToLower().Contains("mobi") || Request.UserAgent.ToUpper().Contains("HTC") || Request.UserAgent.ToLower().Contains("sony") || Request.UserAgent.ToLower().Contains("panasonic") || Request.UserAgent.ToLower().Contains("SAMSUNG") || Request.UserAgent.ToLower().Contains("blackberry") || Request.UserAgent.ToLower().Contains("240x320") || Request.UserAgent.ToLower().Contains("voda")))
+        {
+            Log.Debug("Request User-Agent: " + Request.Headers["User-Agent"].ToString() + ". Redirecting to Mobile Site");
             Response.Redirect("mobile/index.aspx");
+        }
 
         OSAEObjectCollection screens = OSAEObjectManager.GetObjectsByType("SCREEN");
 
-        SetSessionTimeout();       
+        //SetSessionTimeout();       
 
         foreach (OSAEObject s in screens)
         {
@@ -41,10 +44,8 @@ protected void Page_Load(object sender, EventArgs e)
         {
             cog.ToolTip = "Config Settings: OSA service is running.";
         }
-        if (Session["UserName"] != null)
-        {
-            btnUser.Text = Session["UserName"].ToString();
-        }
+
+        btnUser.Text = Session["UserName"].ToString();
        // if (Session["SecurityLevel"].ToString() != "Admin") btnAdmin.Visible = false;
     }
 
@@ -79,9 +80,4 @@ protected void btnUser_Click(object sender, EventArgs e)
         Session.Abandon();
         Response.Redirect("default.aspx");
     }
-
-   // protected void btnAdmin_Click(object sender, EventArgs e)
-   // {
-   //     Response.Redirect("admin.aspx");
-   // }
 }

UI/Web/analytics.aspx.cs

@@ -18,13 +18,14 @@ public void RaisePostBackEvent(string eventArgument)
 
     protected void Page_Load(object sender, EventArgs e)
     {
-        if (Session["Username"] == null) Response.Redirect("~/Default.aspx");
+        if (Session["Username"] == null) Response.Redirect("~/Default.aspx?ReturnUrl=analytics.aspx");
         int objSet = OSAEAdminManager.GetAdminSettingsByName("Analytics Trust");
         int tLevel = Convert.ToInt32(Session["TrustLevel"].ToString());
         if (tLevel < objSet) Response.Redirect("~/permissionError.aspx");
         loadProperties();
         loadStates();
         getRestPort();
+        SetSessionTimeout();
     }
 
     protected void Page_PreRender(object sender, EventArgs e)
@@ -62,4 +63,20 @@ private void getRestPort()
         }
         hdnRestPort.Value = restPort.ToString();
     }
+
+    private void SetSessionTimeout()
+    {
+        try
+        {
+            int timeout = 0;
+            if (int.TryParse(OSAE.OSAEObjectPropertyManager.GetObjectPropertyValue("Web Server", "Timeout").Value, out timeout))
+                Session.Timeout = timeout;
+            else Session.Timeout = 60;
+        }
+        catch (Exception ex)
+        {
+            Master.Log.Error("Error setting session timeout", ex);
+            Response.Redirect("~/error.aspx");
+        }
+    }
 }

UI/Web/config.aspx.cs

@@ -10,10 +10,11 @@ public partial class config : System.Web.UI.Page
 {
     protected void Page_Load(object sender, EventArgs e)
     {
-        if (Session["Username"] == null) Response.Redirect("~/Default.aspx");
+        if (Session["Username"] == null) Response.Redirect("~/Default.aspx?ReturnUrl=config.aspx");
         int objSet = OSAEAdminManager.GetAdminSettingsByName("Config Trust");
         int tLevel = Convert.ToInt32(Session["TrustLevel"].ToString());
         if (tLevel < objSet) Response.Redirect("~/permissionError.aspx");
+        SetSessionTimeout();
         if (!IsPostBack)
         {
             lblVersion.Text = OSAEObjectPropertyManager.GetObjectPropertyValue("SYSTEM", "DB Version").Value;
@@ -165,5 +166,20 @@ protected void clearHistoryButton_Click(object sender, EventArgs e)
         DataSet d = OSAESql.RunSQL("CALL osae_sp_object_history_clear");
     }
 
-    
+    private void SetSessionTimeout()
+    {
+        try
+        {
+            int timeout = 0;
+            if (int.TryParse(OSAE.OSAEObjectPropertyManager.GetObjectPropertyValue("Web Server", "Timeout").Value, out timeout))
+                Session.Timeout = timeout;
+            else Session.Timeout = 60;
+        }
+        catch (Exception ex)
+        {
+            Master.Log.Error("Error setting session timeout", ex);
+            Response.Redirect("~/error.aspx");
+        }
+    }
+
 }

UI/Web/debuglog.aspx.cs

@@ -14,12 +14,13 @@ public partial class debuglog : System.Web.UI.Page
 
     protected void Page_Load(object sender, EventArgs e)
     {
-        if (Session["Username"] == null) Response.Redirect("~/Default.aspx");
+        if (Session["Username"] == null) Response.Redirect("~/Default.aspx?ReturnUrl=debuglog.aspx");
         int objSet = OSAEAdminManager.GetAdminSettingsByName("Debug Log Trust");
         int tLevel = Convert.ToInt32(Session["TrustLevel"].ToString());
         if (tLevel < objSet) Response.Redirect("~/permissionError.aspx");
         if (!IsPostBack) BindData();
         applySecurity();
+        SetSessionTimeout();
     }
 
     private void BindData()
@@ -58,4 +59,20 @@ protected void applySecurity()
         }
     }
     #endregion
+
+    private void SetSessionTimeout()
+    {
+        try
+        {
+            int timeout = 0;
+            if (int.TryParse(OSAE.OSAEObjectPropertyManager.GetObjectPropertyValue("Web Server", "Timeout").Value, out timeout))
+                Session.Timeout = timeout;
+            else Session.Timeout = 60;
+        }
+        catch (Exception ex)
+        {
+            Master.Log.Error("Error setting session timeout", ex);
+            Response.Redirect("~/error.aspx");
+        }
+    }
 }

UI/Web/eventlogs.aspx.cs

@@ -14,12 +14,13 @@ public partial class eventlogs : System.Web.UI.Page
 
     protected void Page_Load(object sender, EventArgs e)
     {
-        if (Session["Username"] == null) Response.Redirect("~/Default.aspx");
+        if (Session["Username"] == null) Response.Redirect("~/Default.aspx?ReturnUrl=eventlogs.aspx");
         int objSet = OSAEAdminManager.GetAdminSettingsByName("Event Log Trust");
         int tLevel = Convert.ToInt32(Session["TrustLevel"].ToString());
         if (tLevel < objSet) Response.Redirect("~/permissionError.aspx");
         if (!IsPostBack) BindData();
         applySecurity();
+        SetSessionTimeout();
     }
 
     private void BindData()
@@ -57,4 +58,20 @@ protected void applySecurity()
         }
     }
     #endregion
+
+    private void SetSessionTimeout()
+    {
+        try
+        {
+            int timeout = 0;
+            if (int.TryParse(OSAE.OSAEObjectPropertyManager.GetObjectPropertyValue("Web Server", "Timeout").Value, out timeout))
+                Session.Timeout = timeout;
+            else Session.Timeout = 60;
+        }
+        catch (Exception ex)
+        {
+            Master.Log.Error("Error setting session timeout", ex);
+            Response.Redirect("~/error.aspx");
+        }
+    }
 }

UI/Web/images.aspx.cs

@@ -17,14 +17,15 @@ public void RaisePostBackEvent(string eventArgument)
 
     protected void Page_Load(object sender, EventArgs e)
     {
-        if (Session["Username"] == null) Response.Redirect("~/Default.aspx");
+        if (Session["Username"] == null) Response.Redirect("~/Default.aspx?ReturnUrl=images.aspx");
         int objSet = OSAEAdminManager.GetAdminSettingsByName("Images Trust");
         int tLevel = Convert.ToInt32(Session["TrustLevel"].ToString());
         if (tLevel < objSet) Response.Redirect("~/permissionError.aspx");
+        SetSessionTimeout();
         if (!Page.IsPostBack)
             loadImages();
-        //else
-      
+        else
+            if (fileUpload.HasFile) txtName.Text = fileUpload.FileName;
 
         applyObjectSecurity();
     }
@@ -50,18 +51,14 @@ protected void btnAdd_Click(object sender, EventArgs e)
                 {
                     if (fileUpload.PostedFile.ContentLength < 2502400) //202400
                     {
-                        if (fileUpload.HasFile && txtName.Text.Length == 0) txtName.Text = fileUpload.FileName.Replace(System.IO.Path.GetExtension(fileUpload.FileName).ToLower(), "");
-
-                        OSAEImage img = new OSAEImage
-                        {
-                            Data = fileUpload.FileBytes,
-                            Name = txtName.Text,
-                            Type = System.IO.Path.GetExtension(fileUpload.FileName).ToLower().Substring(1)
-                        };                    
+                        OSAEImage img = new OSAEImage();
+                        img.Data = fileUpload.FileBytes;
+                        img.Name = txtName.Text;
+                        img.Type = System.IO.Path.GetExtension(fileUpload.FileName).ToLower().Substring(1);
 
                         var imageManager = new OSAE.OSAEImageManager();
                         imageManager.AddImage(img);
-                        txtName.Text = "";
+
                         loadImages();
                     }
                     else
@@ -111,4 +108,20 @@ protected void gvImages_RowDataBound(object sender, GridViewRowEventArgs e)
 
         }
     }
+
+    private void SetSessionTimeout()
+    {
+        try
+        {
+            int timeout = 0;
+            if (int.TryParse(OSAE.OSAEObjectPropertyManager.GetObjectPropertyValue("Web Server", "Timeout").Value, out timeout))
+                Session.Timeout = timeout;
+            else Session.Timeout = 60;
+        }
+        catch (Exception ex)
+        {
+            Master.Log.Error("Error setting session timeout", ex);
+            Response.Redirect("~/error.aspx");
+        }
+    }
 }

UI/Web/logs.aspx.cs

@@ -13,12 +13,15 @@ public partial class logs : System.Web.UI.Page
 
     protected void Page_Load(object sender, EventArgs e)
     {
-        if (Session["Username"] == null) Response.Redirect("~/Default.aspx");
+        if (Session["Username"] == null) Response.Redirect("~/Default.aspx?ReturnUrl=logs.aspx");
         int objSet = OSAEAdminManager.GetAdminSettingsByName("Server Log Trust");
         int tLevel = Convert.ToInt32(Session["TrustLevel"].ToString());
         if (tLevel < objSet) Response.Redirect("~/permissionError.aspx");
+        SetSessionTimeout();
         if (!IsPostBack) GetLogs();
-
+        DropDownList ddlSource2 = (DropDownList)gvLog.HeaderRow.FindControl("ddlSource");
+        btnClear.ToolTip = "Clears " + ddlSource2.Text + " Log Entries";
+        btnClear2.ToolTip = "Clears " + ddlSource2.Text + " Log Entries";
         // Apply Security Admin Settings
         applySecurity();
     }
@@ -54,9 +57,19 @@ protected void btnRefresh_Click(object sender, EventArgs e)
     }
     protected void btnClear_Click(object sender, EventArgs e)
     {
-        OSAE.General.OSAELog.Clear();
+        DropDownList ddlSource2 = (DropDownList)gvLog.HeaderRow.FindControl("ddlSource");
+        if (ddlSource2.Text == "All")
+        {
+            OSAE.General.OSAELog.Clear();
+        }
+        else
+        {
+            OSAE.General.OSAELog.Clear_Log(ddlSource2.Text);
+            Response.Redirect("~/logs.aspx");
+        }
         GetLogs();   
     }
+
     protected void CheckedChanged(object sender, EventArgs e)
     {
         GetLogs();
@@ -75,4 +88,20 @@ protected void applySecurity()
         }
     }
     #endregion
+
+    private void SetSessionTimeout()
+    {
+        try
+        {
+            int timeout = 0;
+            if (int.TryParse(OSAE.OSAEObjectPropertyManager.GetObjectPropertyValue("Web Server", "Timeout").Value, out timeout))
+                Session.Timeout = timeout;
+            else Session.Timeout = 60;
+        }
+        catch (Exception ex)
+        {
+            Master.Log.Error("Error setting session timeout", ex);
+            Response.Redirect("~/error.aspx");
+        }
+    }
 }