public void ProcessRequest(HttpContext context)
{
int courseID = 0;
if (context.Request.QueryString["CourseID"] != null)
{
bool result = Int32.TryParse(context.Request.QueryString["CourseID"], out courseID);
if (result)
{
bool hasAccess = false; // flag to determine if the user has access to this course
bool isSaltAdmin = false;
BusinessServices.Course objCourse = new BusinessServices.Course();
// check if the user attempting to download this has valid permission/access to the course
// Salt Administrator can download the file without restriction
if (UserContext.UserData.UserType == UserType.SaltAdmin)
{
// Salt admin always have access
isSaltAdmin = true;
hasAccess = true;
}
else
{
// Course Object
DataTable dtbCourses = objCourse.GetCourseListAccessableToUser(UserContext.UserID);
// iterate to check if the user has access to this course
foreach (DataRow row in dtbCourses.Rows)
{
int rowCourseID = 0;
bool rslCourseID = Int32.TryParse(row["courseid"].ToString(), out rowCourseID);
if (rslCourseID && rowCourseID == courseID)
{
// user has access, break from the loop
hasAccess = true;
break;
}
}
}
// get ebook details
DataTable dtbEbook = objCourse.GetEbook(courseID, UserContext.UserData.OrgID);
// if ebook exists
if (dtbEbook.Rows.Count > 0)
{
string eBookPath = ConfigurationManager.AppSettings["EBookPath"];
// the location of the ebook in the server
string eBookFile = context.Server.MapPath(eBookPath + dtbEbook.Rows[0]["ServerFileName"].ToString());
// the original filename of the ebook
string eBookName = dtbEbook.Rows[0]["EbookFileName"].ToString();
// get the ebook id
int ebookID = 0;
bool rslEbookID = Int32.TryParse(dtbEbook.Rows[0]["ebookid"].ToString(), out ebookID);
if (!rslEbookID)
{
ebookID = 0; // shouldn't be error...
}
// log the user's activity to download this ebook
string userAgent = context.Request.UserAgent;
BusinessServices.User objUser = new BusinessServices.User();
// detect the request to see if the user is using iPad
if (!userAgent.ToLower().Contains("ipad") && !isSaltAdmin)
{
objUser.LogEbookDownload(UserContext.UserID, ebookID, userAgent, "unsupported device");
context.Response.Redirect("/General/Errors/NoSuchPage.aspx");
return;
}
// if the user has access to the course, we retrieve the ebook
if (hasAccess)
{
// retrieve the file from the server
FileInfo fileInfo = new FileInfo(eBookFile);
try
{
if (fileInfo.Exists)
{
context.Response.Clear();
context.Response.AddHeader("Content-Disposition", "inline;filename=\"" + eBookName + "\"");
context.Response.AddHeader("Content-Length", fileInfo.Length.ToString());
context.Response.ContentType = "application/epub+zip";
context.Response.TransmitFile(fileInfo.FullName);
context.Response.Flush();
}
}
catch (Exception ex)
{
context.Response.Redirect("/General/Errors/NoSuchPage.aspx");
// log the user's ebook log with the error message
objUser.LogEbookDownload(UserContext.UserID, ebookID, userAgent, ex.Message);
}
finally
{
context.Response.End();
objUser.LogEbookDownload(UserContext.UserID, ebookID, userAgent, "success");
}
}
else
{
// user has no access
objUser.LogEbookDownload(UserContext.UserID, ebookID, userAgent, "no access");
}
}
}
context.Response.Redirect("/General/Errors/NoSuchPage.aspx");
}
}
