/// <summary>
/// Uploads the whole file.
/// </summary>
/// <param name="context">The context.</param>
/// <param name="statuses">The statuses.</param>
private void UploadWholeFile(HttpContext context, ICollection <FilesUploadStatus> statuses)
{
var forumId = HttpContext.Current.Request["forumID"].ToType <int>();
var boardId = HttpContext.Current.Request["boardID"].ToType <int>();
var yafUserId = HttpContext.Current.Request["userID"].ToType <int>();
var uploadFolder = HttpContext.Current.Request["uploadFolder"];
if (!this.CheckAccessRights(boardId, forumId))
{
throw new HttpRequestValidationException("No Access");
}
try
{
var allowedExtensions = this.Get <BoardSettings>().AllowedFileExtensions.ToLower().Split(',');
for (var i = 0; i < context.Request.Files.Count; i++)
{
var file = context.Request.Files[i];
var fileName = Path.GetFileName(file.FileName);
var extension = Path.GetExtension(fileName).Replace(".", string.Empty).ToLower();
if (!allowedExtensions.Contains(extension))
{
throw new HttpRequestValidationException("Invalid File");
}
if (!MimeTypes.FileMatchContentType(file))
{
throw new HttpRequestValidationException("Invalid File");
}
if (fileName.IsSet())
{
// Check for Illegal Chars
if (FileHelper.ValidateFileName(fileName))
{
fileName = FileHelper.CleanFileName(fileName);
}
}
else
{
throw new HttpRequestValidationException("File does not have a name");
}
if (fileName.Length > 220)
{
fileName = fileName.Substring(fileName.Length - 220);
}
// verify the size of the attachment
if (this.Get <BoardSettings>().MaxFileSize > 0 &&
file.ContentLength > this.Get <BoardSettings>().MaxFileSize)
{
throw new HttpRequestValidationException(
this.Get <ILocalization>().GetTextFormatted(
"UPLOAD_TOOBIG",
file.ContentLength / 1024,
this.Get <BoardSettings>().MaxFileSize / 1024));
}
int newAttachmentId;
if (this.Get <BoardSettings>().UseFileTable)
{
newAttachmentId = this.GetRepository <Attachment>().Save(
yafUserId,
fileName,
file.ContentLength,
file.ContentType,
file.InputStream.ToArray());
}
else
{
var previousDirectory = this.Get <HttpRequestBase>()
.MapPath(Path.Combine(BaseUrlBuilder.ServerFileRoot, uploadFolder));
// check if Uploads folder exists
if (!Directory.Exists(previousDirectory))
{
Directory.CreateDirectory(previousDirectory);
}
newAttachmentId = this.GetRepository <Attachment>().Save(
yafUserId,
fileName,
file.ContentLength,
file.ContentType);
file.SaveAs($"{previousDirectory}/u{yafUserId}-{newAttachmentId}.{fileName}.yafupload");
}
var fullName = Path.GetFileName(fileName);
statuses.Add(new FilesUploadStatus(fullName, file.ContentLength, newAttachmentId));
}
}
catch (Exception ex)
{
this.Get <ILogger>().Error(ex, "Error during Attachment upload");
}
}
