Beispiel #1
0
        /// <summary>
        /// The get response attachment.
        /// </summary>
        /// <param name="context">
        /// The context.
        /// </param>
        private void GetResponseAttachment([NotNull] HttpContext context)
        {
            try
            {
                // AttachmentID
                using (DataTable dt = this.GetRepository<Attachment>().List(null, context.Request.QueryString.GetFirstOrDefaultAs<int>("a"), null, 0, 1000))
                {
                    foreach (DataRow row in dt.Rows)
                    {
                        // TODO : check download permissions here
                        if (!this.CheckAccessRights(row["BoardID"], row["MessageID"]))
                        {
                            // tear it down
                            // no permission to download
                            context.Response.Write(
                                "You have insufficient rights to download this resource. Contact forum administrator for further details.");
                            return;
                        }

                        byte[] data;

                        if (row.IsNull("FileData"))
                        {
                            string sUpDir = YafBoardFolders.Current.Uploads;

                            string oldFileName =
                                context.Server.MapPath(
                                    "{0}/{1}.{2}".FormatWith(sUpDir, row["MessageID"], row["FileName"]));
                            string newFileName =
                                context.Server.MapPath(
                                    "{0}/{1}.{2}.yafupload".FormatWith(sUpDir, row["MessageID"], row["FileName"]));

                            // use the new fileName (with extension) if it exists...
                            string fileName = File.Exists(newFileName) ? newFileName : oldFileName;

                            using (var input = new FileStream(fileName, FileMode.Open, FileAccess.Read, FileShare.Read))
                            {
                                data = input.ToArray();
                                input.Close();
                            }
                        }
                        else
                        {
                            data = (byte[])row["FileData"];
                        }

                        context.Response.ContentType = row["ContentType"].ToString();
                        context.Response.AppendHeader(
                            "Content-Disposition",
                            "attachment; filename={0}".FormatWith(
                                HttpUtility.UrlPathEncode(row["FileName"].ToString()).Replace("+", "_")));
                        context.Response.OutputStream.Write(data, 0, data.Length);
                        this.GetRepository<Attachment>().IncrementDownloadCounter(context.Request.QueryString.GetFirstOrDefaultAs<int>("a"));
                        break;
                    }
                }
            }
            catch (Exception x)
            {
                this.Get<ILogger>().Log(0, this, x, EventLogTypes.Information);
                context.Response.Write(
                    "Error: Resource has been moved or is unavailable. Please contact the forum admin.");
            }
        }
        // TommyB: Start MOD: PreviewImages   ##########

        /// <summary>
        /// Gets the response image.
        /// </summary>
        /// <param name="context">The context.</param>
        private void GetResponseImage([NotNull] HttpContext context)
        {
            try
            {
                var eTag = @"""{0}""".FormatWith(context.Request.QueryString.GetFirstOrDefault("i"));

                if (context.Request.QueryString.GetFirstOrDefault("editor") == null)
                {
                    // add a download count...
                    this.GetRepository<Attachment>()
                        .IncrementDownloadCounter(context.Request.QueryString.GetFirstOrDefaultAs<int>("i"));
                }

                if (CheckETag(context, eTag))
                {
                    // found eTag... no need to resend/create this image 
                   return;
                }

                // AttachmentID
                var attachment =
                    this.GetRepository<Attachment>()
                        .ListTyped(attachmentID: context.Request.QueryString.GetFirstOrDefaultAs<int>("i"))
                        .FirstOrDefault();

                var boardID = context.Request.QueryString.GetFirstOrDefault("b") != null
                                  ? context.Request.QueryString.GetFirstOrDefaultAs<int>("b")
                                  : YafContext.Current.BoardSettings.BoardID;

                // check download permissions here
                if (!this.CheckAccessRights(boardID, attachment.MessageID))
                {
                    // tear it down
                    // no permission to download
                    context.Response.Write(
                        "You have insufficient rights to download this resource. Contact forum administrator for further details.");
                    return;
                }

                byte[] data;

                if (attachment.FileData == null)
                {
                    var uploadFolder = YafBoardFolders.Current.Uploads;

                    var oldFileName =
                         context.Server.MapPath(
                             "{0}/{1}.{2}".FormatWith(
                                 uploadFolder,
                                 attachment.MessageID > 0
                                     ? attachment.MessageID.ToString()
                                     : "u{0}".FormatWith(attachment.UserID),
                                 attachment.FileName));

                    var newFileName =
                        context.Server.MapPath(
                            "{0}/{1}.{2}.yafupload".FormatWith(
                                uploadFolder,
                                attachment.MessageID > 0
                                    ? attachment.MessageID.ToString()
                                    : "u{0}-{1}".FormatWith(attachment.UserID, attachment.ID),
                                attachment.FileName));

                    var fileName = oldFileName;

                    if (File.Exists(oldFileName))
                    {
                        fileName = oldFileName;

                    }
                    else
                    {
                        oldFileName =
                        context.Server.MapPath(
                            "{0}/{1}.{2}.yafupload".FormatWith(
                                uploadFolder,
                                attachment.MessageID > 0
                                    ? attachment.MessageID.ToString()
                                    : "u{0}".FormatWith(attachment.UserID),
                                attachment.FileName));

                        // use the new fileName (with extension) if it exists...
                        fileName = File.Exists(newFileName) ? newFileName : oldFileName;
                    }

                    using (var input = new FileStream(fileName, FileMode.Open, FileAccess.Read, FileShare.Read))
                    {
                        data = input.ToArray();
                        input.Close();
                    }
                }
                else
                {
                    data = attachment.FileData;
                }

                context.Response.ContentType = attachment.ContentType;
                context.Response.Cache.SetCacheability(HttpCacheability.Public);
                context.Response.Cache.SetETag(eTag);
                context.Response.OutputStream.Write(data, 0, data.Length);
            }
            catch (Exception x)
            {
                this.Get<ILogger>()
                    .Log(
                        YafContext.Current.PageUserID,
                        this,
                        "URL: {0}<br />Referer URL: {1}<br />Exception: {2}".FormatWith(
                            context.Request.Url,
                            context.Request.UrlReferrer != null ? context.Request.UrlReferrer.AbsoluteUri : string.Empty,
                            x),
                        EventLogTypes.Information);

                context.Response.Write(
                    "Error: Resource has been moved or is unavailable. Please contact the forum admin.");
            }
        }
Beispiel #3
0
        // TommyB: Start MOD: PreviewImages   ##########

        /// <summary>
        /// The get response image.
        /// </summary>
        /// <param name="context">
        /// The context.
        /// </param>
        private void GetResponseImage([NotNull] HttpContext context)
        {
            try
            {
                string eTag = @"""{0}""".FormatWith(context.Request.QueryString.GetFirstOrDefault("i"));

                if (CheckETag(context, eTag))
                {
                    // found eTag... no need to resend/create this image -- just mark another view?
                    this.GetRepository<Attachment>().Download(context.Request.QueryString.GetFirstOrDefaultAs<int>("i"));
                    return;
                }

                // AttachmentID
                using (DataTable dt = this.GetRepository<Attachment>().List(null, context.Request.QueryString.GetFirstOrDefaultAs<int>("i"), null, 0, 1000))
                {
                    foreach (DataRow row in dt.Rows)
                    {
                        // TODO : check download permissions here
                        if (!this.CheckAccessRights(row["BoardID"], row["MessageID"]))
                        {
                            // tear it down
                            // no permission to download
                            context.Response.Write(
                                "You have insufficient rights to download this resource. Contact forum administrator for further details.");
                            return;
                        }

                        byte[] data;

                        if (row.IsNull("FileData"))
                        {
                            string sUpDir = YafBoardFolders.Current.Uploads;

                            string oldFileName =
                                context.Server.MapPath(
                                    "{0}/{1}.{2}".FormatWith(sUpDir, row["MessageID"], row["FileName"]));
                            string newFileName =
                                context.Server.MapPath(
                                    "{0}/{1}.{2}.yafupload".FormatWith(sUpDir, row["MessageID"], row["FileName"]));

                            // use the new fileName (with extension) if it exists...
                            string fileName = File.Exists(newFileName) ? newFileName : oldFileName;

                            using (var input = new FileStream(fileName, FileMode.Open, FileAccess.Read, FileShare.Read))
                            {
                                data = input.ToArray();
                                input.Close();
                            }
                        }
                        else
                        {
                            data = (byte[])row["FileData"];
                        }

                        context.Response.ContentType = row["ContentType"].ToString();
                        context.Response.Cache.SetCacheability(HttpCacheability.Public);
                        context.Response.Cache.SetETag(eTag);
                        context.Response.OutputStream.Write(data, 0, data.Length);

                        // add a download count...
                        this.GetRepository<Attachment>().Download(context.Request.QueryString.GetFirstOrDefaultAs<int>("i"));
                        break;
                    }
                }
            }
            catch (Exception x)
            {
                this.Get<ILogger>().Log(0, this, x, EventLogTypes.Information);
                context.Response.Write(
                    "Error: Resource has been moved or is unavailable. Please contact the forum admin.");
            }
        }
        /// <summary>
        /// The get response attachment.
        /// </summary>
        /// <param name="context">
        /// The context.
        /// </param>
        private void GetResponseAttachment([NotNull] HttpContext context)
        {
            try
            {
                // AttachmentID
                var attachment =
                    this.GetRepository<Attachment>()
                        .ListTyped(attachmentID: context.Request.QueryString.GetFirstOrDefaultAs<int>("a"))
                        .FirstOrDefault();

                var boardID = context.Request.QueryString.GetFirstOrDefault("b") != null
                                  ? context.Request.QueryString.GetFirstOrDefaultAs<int>("b")
                                  : YafContext.Current.BoardSettings.BoardID;

                if (!this.CheckAccessRights(boardID, attachment.MessageID))
                {
                    // tear it down
                    // no permission to download
                    context.Response.Write(
                        "You have insufficient rights to download this resource. Contact forum administrator for further details.");
                    return;
                }

                byte[] data;

                if (attachment.FileData == null)
                {
                    var uploadFolder = YafBoardFolders.Current.Uploads;

                    var oldFileName =
                        context.Server.MapPath(
                            "{0}/{1}.{2}".FormatWith(
                                uploadFolder,
                                attachment.MessageID > 0
                                    ? attachment.MessageID.ToString()
                                    : "u{0}".FormatWith(attachment.UserID),
                                attachment.FileName));

                    var newFileName =
                        context.Server.MapPath(
                            "{0}/{1}.{2}.yafupload".FormatWith(
                                uploadFolder,
                                attachment.MessageID > 0
                                    ? attachment.MessageID.ToString()
                                    : "u{0}".FormatWith(attachment.UserID),
                                attachment.FileName));

                    // use the new fileName (with extension) if it exists...
                    var fileName = File.Exists(newFileName) ? newFileName : oldFileName;

                    using (var input = new FileStream(fileName, FileMode.Open, FileAccess.Read, FileShare.Read))
                    {
                        data = input.ToArray();
                        input.Close();
                    }
                }
                else
                {
                    data = attachment.FileData;
                }

                context.Response.ContentType = attachment.ContentType;
                context.Response.AppendHeader(
                    "Content-Disposition",
                    "attachment; filename={0}".FormatWith(
                        HttpUtility.UrlPathEncode(attachment.FileName).Replace("+", "_")));
                context.Response.OutputStream.Write(data, 0, data.Length);
                this.GetRepository<Attachment>()
                    .IncrementDownloadCounter(context.Request.QueryString.GetFirstOrDefaultAs<int>("a"));
            }
            catch (Exception x)
            {
                this.Get<ILogger>()
                    .Log(
                        YafContext.Current.PageUserID,
                        this,
                        "URL: {0}<br />Referer URL: {1}<br />Exception: {2}".FormatWith(
                            context.Request.Url,
                            context.Request.UrlReferrer != null ? context.Request.UrlReferrer.AbsoluteUri : string.Empty,
                            x),
                        EventLogTypes.Information);
                context.Response.Write(
                    "Error: Resource has been moved or is unavailable. Please contact the forum admin.");
            }
        }