SharePoint – Custom Sign Out page

Developing Form Base Authentication (FBA) for Sharepoint project sometimes need big struggle, besides developing OOTB Sharepoint itself. After created custom login, I found new problem when tried to sign out from default link. It will show error page / internal server error. Caused by default page is not working properly, it signed out but doesn’t remove cookies from browser. So what I did is creating new application page, put method to clear cookies, then add a link inside default page which redirect to sign-out page.
Continue reading

Advertisements

Where is Sharepoint Logs ??

One day I worked for remote to Sharepoint Server and did deployment. For short a while, I already installed the solution and site was ready. Time to did some test. Then teeeeeeet.. I got some errors. Then opened windows explorer to see log files. You know, sharepoint logfiles is easy to find on this path:
– SP2007 : “c:\Program Files\Common Files\Microsoft Shared\web server extensions\12\LOGS”
– SP2010 : “c:\Program Files\Common Files\Microsoft Shared\web server extensions\14\LOGS”
– SP2013 : “c:\Program Files\Common Files\Microsoft Shared\web server extensions\15\LOGS”
notice that each version of Sharepoint is signed by number 12/14/15.

Continue reading

Sending email for SharePoint, with/without attachment

One of great things we can do with Sharepoint is sending an email. The most easiest way is using SPUtility. This will work if you have set up Outgoing email in Central Admin.
outgoing email

private void SendEmail()
{
	// Build the email message headers
	StringDictionary headers = new StringDictionary();
	headers.Add("to", "user@email.com");
	headers.Add("subject", "Item Records");	
	headers.Add("content-type", "text/html");
	
	// Send the email
	SPSecurity.RunWithElevatedPrivileges(delegate()
	{
		using (var elevatedSite = new SPSite(SPContext.Current.Site.ID))
		{
			using (var elevatedWeb = elevatedSite.OpenWeb())
			{
				SPUtility.SendEmail(elevatedWeb, headers, GetEmailBody());
			}
		}
	});
}

private String GetEmailBody()
{
	StringBuilder sb = new StringBuilder();
	sb.Append(String.Format("<p>Below is the {1} records on {0:dd MMM yyyy HH:mm}.</p>", DateTime.Now, "Item List"));
	
	return sb.ToString();
}

Continue reading

Export/Import CSV file from/to listitem Sharepoint

We are able to export items from Sharepoint list into CSV files (comma-separated-values) and do opposite too, import csv into Sharepoint list.

Export : using codes below, you will get csv as download-file. Prepare a list inside your site, named it “Item List”, with 3 columns : Title, Price, Description.

private void ExportToCsv()
{
	Response.Clear();
	Response.Buffer = true;
	Response.AddHeader("content-disposition", "attachment;filename=Itemrecord.csv");
	Response.Charset = "";
	Response.ContentType = "application/text";
		
	// get data
	DataTable dtItem = GetDataFromList();
	StringBuilder sb = new StringBuilder();
	if(dtItem != null)
	{
		// separate each column with comma
		foreach (DataColumn dc in dtItem.Columns)
		{
			sb.Append(dc.ColumnName + ',');
		}
		
		// newline for value
		sb.AppendLine();
		
		// get value
		foreach (DataRow dr in dtItem.Rows)
		{
			foreach (DataColumn dc in dtItem.Columns)
			{
				sb.Append(dr[dc.ColumnName].ToString() + ',');
			}
			sb.AppendLine();
		}
		
		Reponse.Output.Write(sb.ToString());
		Response.Flush();
		Response.End();
	}
}

private DataTable GetDataFromList()
{
	// I have a list 'Item List' with 3columns
	SPQuery query = new SPQuery();
	query.ViewFields = "<FieldRef Name='Title' />
						<FieldRef Name='Price' />
						<FieldRef Name='Description' />";
	SPList list = SPContext.Current.Site.RootWeb.Lists.TryGetList("Item List");
	SPListItemCollection itemColl = list.GetItems(query);
	
	return itemColl.GetDataTable();
}

As result, you will get file “Itemrecord.csv”, contains firstline as column name, nextline as values.

Continue reading

Sharepoint – Run code with elevated rights

Sometimes, visitors or non-admin users need to run a task which need higher rights to perform. Execute specific code to run with Full control even the user does not have it. Common block message is “Access denied”, remarks prohibit executing the codes. For such purpose,¬†Microsoft.SharePoint.dll provides method RunWithElevatedPrivilages.


SPSecurity.RunWithElevatedPrivileges(delegate()
{
    using (SPSite site = new SPSite("http://localsite/"))
    {
         using (SPWeb web = site.OpenWeb(site))
         {
            // code to run
         }
    }
});

Continue reading

SP.js not load on Sharepoint Pages

There is an issue I found when working on Sharepoint 2013. I got “SP.js” error right after published the page and cause some feature disable, such as ribbon and other scripts can not be executed. It seems that SP.js does not load properly for publishing page and anonymous users. Some articles said that sharepoint loads certain javascript files when it needs, after published the page, ribbon will close and several javasripts were unload automatically.

Actually Sharepoint provides some methods to call scripts for many conditions. So we could choose wisely among them to solved our problem. Take a look :

Continue reading

Security Validation For This Page Is Invalid

Once time I wrote code for sharepoint, I got message error when tried to update item of certain list,

“The security validation for this page is invalid. Click Back in your Web browser.”

Actually, this is warning message to prevent our page from cross-site scripting attack or know by XSS. In general, cross-site scripting refers to that hacking technique that leverages vulnerabilities in the code of a web application to allow an attacker to send malicious content from an end-user and collect some type of data from the victim.

To handle that issue, simply set “AllowUnsafeUpdates” into True to code before updating list. From msdn, SPWeb.AllowUnsafeUpdate means Gets or sets a Boolean value that specifies whether to allow updates to the database as a result of a GET request or without requiring a security validation. Setting this property to true opens security risks, potentially introducing cross-site scripting vulnerabilities.. Then finalizing the update by set AllowUnsafeUpadates back to default value : False.

Continue reading