protected void Page_Load(object sender, EventArgs e)
{
string filename = Request["File"];
if (filename == null)
{
Response.StatusCode = 404;
Response.Write(Properties.Messages.FileNotFound);
return;
}
// Remove ".." sequences that might be a security issue
filename = filename.Replace("..", "");
bool isPageAttachment = !string.IsNullOrEmpty(Request["Page"]);
PageInfo pageInfo = isPageAttachment ? Pages.FindPage(Request["Page"]) : null;
if (isPageAttachment && pageInfo == null)
{
Response.StatusCode = 404;
Response.Write(Properties.Messages.FileNotFound);
return;
}
IFilesStorageProviderV30 provider;
if (!string.IsNullOrEmpty(Request["Provider"]))
{
provider = Collectors.FilesProviderCollector.GetProvider(Request["Provider"]);
}
else
{
if (isPageAttachment)
{
provider = FilesAndAttachments.FindPageAttachmentProvider(pageInfo, filename);
}
else
{
provider = FilesAndAttachments.FindFileProvider(filename);
}
}
if (provider == null)
{
Response.StatusCode = 404;
Response.Write("File not found.");
return;
}
// Use canonical path format (leading with /)
if (!isPageAttachment)
{
if (!filename.StartsWith("/"))
{
filename = "/" + filename;
}
filename = filename.Replace("\\", "/");
}
bool countHit = CountHit(filename);
// Verify permissions
bool canDownload = false;
if (isPageAttachment)
{
canDownload = AuthChecker.CheckActionForPage(pageInfo, Actions.ForPages.DownloadAttachments,
SessionFacade.GetCurrentUsername(), SessionFacade.GetCurrentGroupNames());
}
else
{
string dir = Tools.GetDirectoryName(filename);
canDownload = AuthChecker.CheckActionForDirectory(provider, dir,
Actions.ForDirectories.DownloadFiles, SessionFacade.GetCurrentUsername(),
SessionFacade.GetCurrentGroupNames());
}
if (!canDownload)
{
Response.StatusCode = 401;
return;
}
long size = -1;
FileDetails details = null;
if (isPageAttachment)
{
details = provider.GetPageAttachmentDetails(pageInfo, filename);
}
else
{
details = provider.GetFileDetails(filename);
}
if (details != null)
{
size = details.Size;
}
else
{
Log.LogEntry("Attempted to download an inexistent file/attachment (" + (pageInfo != null ? pageInfo.FullName + "/" : "") + filename + ")", EntryType.Warning, Log.SystemUsername);
Response.StatusCode = 404;
Response.Write("File not found.");
return;
}
string mime = "";
try {
string ext = Path.GetExtension(filename);
if (ext.StartsWith("."))
{
ext = ext.Substring(1).ToLowerInvariant(); // Remove trailing dot
}
mime = GetMimeType(ext);
}
catch {
// ext is null -> no mime type -> abort
Response.Write(filename + "<br />");
Response.StatusCode = 404;
Response.Write("File not found.");
//mime = "application/octet-stream";
return;
}
// Prepare response
Response.Clear();
Response.AddHeader("content-type", mime);
if (Request["AsStreamAttachment"] != null)
{
Response.AddHeader("content-disposition", "attachment;filename=\"" + Path.GetFileName(filename) + "\"");
}
else
{
Response.AddHeader("content-disposition", "inline;filename=\"" + Path.GetFileName(filename) + "\"");
}
Response.AddHeader("content-length", size.ToString());
bool retrieved = false;
if (isPageAttachment)
{
try {
retrieved = provider.RetrievePageAttachment(pageInfo, filename, Response.OutputStream, countHit);
}
catch (ArgumentException ex) {
Log.LogEntry("Attempted to download an inexistent attachment (" + pageInfo.FullName + "/" + filename + ")\n" + ex.ToString(), EntryType.Warning, Log.SystemUsername);
}
}
else
{
try {
retrieved = provider.RetrieveFile(filename, Response.OutputStream, countHit);
}
catch (ArgumentException ex) {
Log.LogEntry("Attempted to download an inexistent file/attachment (" + filename + ")\n" + ex.ToString(), EntryType.Warning, Log.SystemUsername);
}
}
if (!retrieved)
{
Response.StatusCode = 404;
Response.Write("File not found.");
return;
}
// Set the cache duration accordingly to the file date/time
//Response.AddFileDependency(filename);
//Response.Cache.SetETagFromFileDependencies();
//Response.Cache.SetLastModifiedFromFileDependencies();
Response.Cache.SetETag(filename.GetHashCode().ToString() + "-" + size.ToString());
Response.Cache.SetCacheability(HttpCacheability.Public);
Response.Cache.SetSlidingExpiration(true);
Response.Cache.SetValidUntilExpires(true);
Response.Cache.VaryByParams["File"] = true;
Response.Cache.VaryByParams["Provider"] = true;
Response.Cache.VaryByParams["Page"] = true;
Response.Cache.VaryByParams["IsPageAttachment"] = true;
}
public void PrintCat()
{
StringBuilder sb = new StringBuilder();
sb.Append("<ul>");
sb.Append(@"<li><a href=""");
UrlTools.BuildUrl(sb, "AllPages.aspx?Cat=-");
sb.Append(@""">");
sb.Append(Properties.Messages.UncategorizedPages);
sb.Append("</a> (");
sb.Append(Pages.GetUncategorizedPages(currentNamespace).Length.ToString());
sb.Append(")");
sb.Append(@" - <small><a href=""");
UrlTools.BuildUrl(sb, "RSS.aspx?Category=-");
sb.Append(@""" title=""");
sb.Append(Properties.Messages.RssForThisCategory);
sb.Append(@""">RSS</a> - <a href=""");
UrlTools.BuildUrl(sb, "RSS.aspx?Discuss=1&Category=-");
sb.Append(@""" title=""");
sb.Append(Properties.Messages.RssForThisCategoryDiscussion);
sb.Append(@""">");
sb.Append(Properties.Messages.DiscussionsRss);
sb.Append("</a>");
sb.Append("</small>");
sb.Append("</li></ul><br />");
sb.Append("<ul>");
List <CategoryInfo> categories = Pages.GetCategories(currentNamespace);
for (int i = 0; i < categories.Count; i++)
{
if (categories[i].Pages.Length > 0)
{
sb.Append(@"<li>");
sb.Append(@"<a href=""");
UrlTools.BuildUrl(sb, "AllPages.aspx?Cat=", Tools.UrlEncode(categories[i].FullName));
sb.Append(@""">");
sb.Append(NameTools.GetLocalName(categories[i].FullName));
sb.Append("</a> (");
sb.Append(categories[i].Pages.Length.ToString());
sb.Append(")");
sb.Append(@" - <small><a href=""");
UrlTools.BuildUrl(sb, "RSS.aspx?Category=", Tools.UrlEncode(categories[i].FullName));
sb.Append(@""" title=""");
sb.Append(Properties.Messages.RssForThisCategory);
sb.Append(@""">RSS</a> - <a href=""");
UrlTools.BuildUrl(sb, "RSS.aspx?Discuss=1&Category=", Tools.UrlEncode(categories[i].FullName));
sb.Append(@""" title=""");
sb.Append(Properties.Messages.RssForThisCategoryDiscussion);
sb.Append(@""">");
sb.Append(Properties.Messages.DiscussionsRss);
sb.Append("</a>");
sb.Append("</small>");
sb.Append("</li>");
}
else
{
sb.Append(@"<li><i>");
sb.Append(NameTools.GetLocalName(categories[i].FullName));
sb.Append("</i></li>");
}
}
sb.Append("</ul>");
lblCatList.Text = sb.ToString();
}
