On this blog entry I'm going to explain what you need to do to be able to encrypt data when using Sitefinity Forms.
When I was looking at this area, the documentation on this was very limited.
Setup a Sitefinity Form
- Lets assume you know how to create a form and you have created your Sitefinity Form. In my case, I have a simple form with 2 Fields; NAME and SURNAME. One key element to take note at this stage is the [Developers code name] for the form and fields. So my form is called TEST, therefore the developers name is sf_test for the form, and the fields names are txtNAME are txtSURNAME.
- I have used a TextBox field to store my data, please note that there are scenarios where you need limitations eg. max amount of characters, I used the TextBox limitations on the Form Field Properties.
Setup Sitefinity To Encrypt Form Data
- Create New Class Called [ CustomFormsControl.cs ] with the code below
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 | using System; using System.Collections.Generic; using System.Linq; using System.Web; using Telerik.Sitefinity.Configuration; using Telerik.Sitefinity.Modules.Forms; using Telerik.Sitefinity.Modules.Forms.Web.UI; using Telerik.Sitefinity.Services; using Telerik.Sitefinity.Web.Mail; using Telerik.Sitefinity.Model; using System.ComponentModel; namespace SitefinityWebApp.Forms.CustomFormsControl { public class CustomFormsControl : FormsControl { protected override void InitializeControls(Telerik.Sitefinity.Web.UI.GenericContainer container) { base.InitializeControls(container); this.BeforeFormAction += new EventHandler<System.ComponentModel.CancelEventArgs>(CustomFormsControl_BeforeFormAction); } private void CustomFormsControl_BeforeFormAction(object sender, CancelEventArgs e) { try { if (FormData.Name == "sf_test") { FormsManager manager = FormsManager.GetManager(); var formResponse = manager.GetFormEntries(FormData).Where(fE => fE.ReferralCode == FormData.FormEntriesSeed.ToString()).SingleOrDefault(); if (formResponse.GetValue<string>("txtNAME") != null) { formResponse.SetValue("txtNAME", SitefinityWebApp.Crypto.EncryptStringAES(formResponse.GetValue<string>("txtNAME"), formResponse.Id.ToString())); } if (formResponse.GetValue<string>("txtNAME") != null) { formResponse.SetValue("txtNAME", SitefinityWebApp.Crypto.EncryptStringAES(formResponse.GetValue<string>("txtNAME"), formResponse.Id.ToString())); } manager.SaveChanges(); this.FormData.SubmitAction = Telerik.Sitefinity.Forms.Model.SubmitAction.PageRedirect; this.FormData.RedirectPageUrl = Page.ResolveUrl("~/yourthankyoupage"); } } catch (Exception ex) { throw new Exception("Error" + ex.InnerException); } } } } |
So in the sample above our logic is very simple, we are checking if the form name is called sf_test and if it is then we will be getting our form data like so; formResponse.GetValue<string>("txtNAME") and then we are calling our encryption class Crypto, this will encrypt the Field Values to be saved into our Sitefinity.
Please note if you have a custom page and you wish to redirect the user to it, then you need to do the following:
this.FormData.SubmitAction = Telerik.Sitefinity.Forms.Model.SubmitAction.PageRedirect; this.FormData.RedirectPageUrl = Page.ResolveUrl("~/yourthankyoupage");
2. Registering the custom Forms control
After the class being implemented we have to substitute the built in one, with the custom one. To do this, go to Administration -> Settings -> Advanced -> Toolboxes -> PageControls -> Sections -> ContentToolboxSection -> Tools -> FormsControl. There edit the Control CLR Type or Virtual Path property. Substitute the original value with the CLR Type of the custom control. Now, whenever a user adds the Forms control to pages the custom one will be used instead of the built-in one.
Setup Sitefinity To Decrypt Your Data
So now that we have created a Form, and we have encrypted the data, we will need to export it in a encrypted manned. The following steps are going to show you what you have to do to override the Export Button functionality in the form responses action with our own custom logic
- Override the Export Button
- So you need to Create a Class called CustomExcelExporter which you need to inherit from ExcelExporter. Inside our Class the method we are using is ExportToStream on this method we are getting the instance of that form we are on then we loop through all the responses one by one, as we are looping we are de-crypting the relevant fields back using our Crypto class.
- Please note you need to setup the relevant Override of the Export button by using the BootStrap like so inside theGlobal.asax
ObjectFactory.Container.RegisterType<IDataItemExporter, CustomExcelExporter>(new InjectionConstructor());
What to Setup in the Global.asax
Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 | using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Security; using System.Web.SessionState; using Telerik.Microsoft.Practices.Unity; using Telerik.Sitefinity.Abstractions; using Telerik.Sitefinity.Data.Utilities.Exporters; using Telerik.Sitefinity.Modules.Forms; using Telerik.Sitefinity.Model; using Telerik.Sitefinity.Modules.Forms.Web.UI; using System.Security.Cryptography; using System.Text; using System.IO; using System.Web.Http; using System.Web.Routing; namespace SitefinityWebApp { public class CustomExcelExporter : ExcelExporter { public override void ExportToStream(System.IO.Stream streamToExportTo, IEnumerable<Telerik.Sitefinity.Model.IDataItem> itemsToExport, System.Text.Encoding encoding) { FormsManager formsManager = FormsManager.GetManager(); var form = formsManager.GetFormByName("sf_YOUR_FORM"); var entries = formsManager.GetFormEntries(form).ToList(); int intRowCounter = 0; foreach (var item in entries) { entries[intRowCounter].SetValue("YOUR_FIELD", SitefinityWebApp.Crypto.DecryptStringAES(item.GetValue<string>("YOUR_FIELD"), item.Id.ToString())); intRowCounter++; } base.ExportToStream(streamToExportTo, (IEnumerable<Telerik.Sitefinity.Model.IDataItem>)entries, encoding); } } public static class Crypto { public static string EncryptString(string plainText, string sharedSecret) { // YOUR LOGIC HERE return ""; } public static string DecryptStringAES(string cipherText, string sharedSecret) { // YOUR LOGIC HERE return ""; } } public class Global : System.Web.HttpApplication { protected void Application_Start(object sender, EventArgs e) { Bootstrapper.Initialized += Bootstrapper_Initialized; } void Bootstrapper_Initialized(object sender, Telerik.Sitefinity.Data.ExecutedEventArgs e) { if (e.CommandName == "Bootstrapped") { ObjectFactory.Container.RegisterType<IDataItemExporter, CustomExcelExporter>(new InjectionConstructor()); } } } } |
Setup Sitefinity To Export The Excel File Over SSL
Now that we can Encrypt and Decrypt information using the forms, the last touch to this functionality, which is optional, we need to make sure the stream will go over SSL, to do this you need to do the following:Administration > Back End Pages > Sitefinity->Content->Types of Content -> Forms -> FormResponses
On the FormResponses you will need to go to edit Title and Properties and you must enable SSL.
NOTES: Would like to thank your for the support team to help me to put this solution together.
EXTERNAL RESOURCES:
- http://www.sitefinity.com/blogs/radoslav-georgievs-blog/2011/12/23/how_to_implement_notifications_for_incoming_forms_responses
No comments:
Post a Comment