Error out (nicely) if the file has been tampered with (if the username does not match the file name). This will only really be useful once we have encryption.

2017-08-05 10:26:48 -05:00 · 2017-08-05 10:26:48 -05:00 · 362b3a60a3
commit 362b3a60a3
parent 99ff6e092d
2 changed files with 10 additions and 0 deletions
--- a/EduNetworkBuilder/PersonClass.cs
+++ b/EduNetworkBuilder/PersonClass.cs
@ -65,6 +65,12 @@ namespace EduNetworkBuilder
        public PersonClass(string Filename)
        {
            Load(Filename);
+            string FileAndExtension = Path.GetFileName(Filename);
+            string JustFile = Path.GetFileNameWithoutExtension(Filename);
+            if(UserName != JustFile)
+            {
+                throw new Exception(string.Format(NB.Translate("PPF_TamperedFile"), FileAndExtension, UserName));
+            }
        }
        public PersonClass(XmlNode reader)
        {
--- a/EduNetworkBuilder/Resources/languages/edustrings.resx
+++ b/EduNetworkBuilder/Resources/languages/edustrings.resx
@ -1857,6 +1857,10 @@
    <value>Stats: {0} Students {1} New Files {2} Skipped (already existed)</value>
    <comment>PPF_StudentWriteStats Stats: {0} Students {1} New Files {2} Skipped (already existed)</comment>
  </data>
+  <data name="PPF_TamperedFile" xml:space="preserve">
+    <value>The filename (without extension) did not match the username to which it was assigned.  The file has been tampered with and is considered invalid.  Filename: {0}  Username: {1}</value>
+    <comment>PPF_TamperedFile = The filename (without extension) did not match the username to which it was assigned.  The file has been tampered with and is considered invalid.  Filename: {0}  Username: {1}</comment>
+  </data>
  <data name="PPF_UserDirectory" xml:space="preserve">
    <value>User File Directory</value>
    <comment>PPF_UserDirectory</comment>