public int GetFileIdFromLinkClick(NameValueCollection queryParams) { var linkClickPortalSettings = GetPortalSettingsForLinkClick(GetPortalIdFromLinkClick(queryParams)); var strFileId = UrlUtils.DecryptParameter(queryParams["fileticket"], linkClickPortalSettings.PortalGUID); return(Convert.ToInt32(strFileId)); }
void DecryptParameters(string key, out int tabId, out int moduleId) { var keyParts = UrlUtils.DecryptParameter(key).Split('-'); tabId = int.Parse(keyParts [0]); moduleId = int.Parse(keyParts [1]); }
public void ProcessRequest(HttpContext context) { // Validate the request for required inputs, return if no action possible if (string.IsNullOrWhiteSpace(context.Request.QueryString["command"])) { return; // No command we cannot process } if (string.IsNullOrWhiteSpace(context.Request.QueryString["detail"])) { return; // No action we cannot return } // Only continue if our provider is current if (!(CachingProvider.Instance() is Caching.SimpleWebFarmCachingProvider.SimpleWebFarmCachingProvider)) { return; } // Get the values, noting that if in debug we are not encrypted var command = Host.DebugMode ? context.Request.QueryString["command"] : UrlUtils.DecryptParameter(context.Request.QueryString["command"], Host.GUID); var detail = Host.DebugMode ? context.Request.QueryString["detail"] : UrlUtils.DecryptParameter(context.Request.QueryString["detail"], Host.GUID); // Pass the action on, if the current caching provider is ours var provider = (Caching.SimpleWebFarmCachingProvider.SimpleWebFarmCachingProvider)CachingProvider.Instance(); provider.ProcessSynchronizationRequest(command, detail); }
public int GetFileIdFromLinkClick(NameValueCollection queryParams) { var linkClickPortalSettings = this.GetPortalSettingsForLinkClick(this.GetPortalIdFromLinkClick(queryParams)); var strFileId = UrlUtils.DecryptParameter(queryParams["fileticket"], linkClickPortalSettings.PortalGUID); int fileId; return(int.TryParse(strFileId, out fileId) ? fileId : -1); }
protected override void OnInit(EventArgs e) { base.OnInit(e); UserId = Null.NullInteger; if (Context.Request.QueryString["userticket"] != null) { UserId = Int32.Parse(UrlUtils.DecryptParameter(Context.Request.QueryString["userticket"])); } ctlProfile.ID = "Profile"; ctlProfile.UserId = UserId; }
/// <summary> /// Page_Init runs when the control is initialised /// </summary> /// <remarks> /// </remarks> /// <history> /// [cnurse] 03/01/2006 /// </history> protected void Page_Init(Object sender, EventArgs e) { // get userid from encrypted ticket UserId = Null.NullInteger; if (Context.Request.QueryString["userticket"] != null) { UserId = int.Parse(UrlUtils.DecryptParameter(Context.Request.QueryString["userticket"])); } ctlProfile.ID = "Profile"; ctlProfile.UserId = UserId; }
protected override void OnInit(EventArgs e) { base.OnInit(e); this.UserId = Null.NullInteger; if (this.Context.Request.QueryString["userticket"] != null) { this.UserId = int.Parse(UrlUtils.DecryptParameter(this.Context.Request.QueryString["userticket"])); } this.ctlProfile.ID = "Profile"; this.ctlProfile.UserId = this.UserId; }
private int GetFileIDFromURL(string url) { int returnValue = -1; //add http if (!(url.ToLower().StartsWith("http"))) { if (url.ToLower().StartsWith("/")) { url = "http:/" + url; } else { url = "http://" + url; } } Uri u = new Uri(url); if (u != null && u.Query != null) { NameValueCollection @params = HttpUtility.ParseQueryString(u.Query); if (@params != null && @params.Count > 0) { string fileTicket = @params.Get("fileticket"); if (!(string.IsNullOrEmpty(fileTicket))) { var strFileID = UrlUtils.DecryptParameter(fileTicket); try { returnValue = int.Parse(strFileID); } catch (Exception ex) { returnValue = -1; Logger.Error(ex); } } } } return(returnValue); }
protected override void OnLoad(EventArgs e) { base.OnLoad(e); if (!string.IsNullOrEmpty(Request.QueryString["UserAgent"])) { var userAgent = UrlUtils.DecryptParameter(Request.QueryString["UserAgent"]); if (Request.QueryString["SendAgent"] != "true") { userAgent = Request.UserAgent; } CreateViewProxy(userAgent); } this.Page.Title = LocalizeString("PageTitle"); ClientResourceManager.RegisterScript(this.Page, string.Format("{0}Scripts/PreviewEmulator.js", this.ControlPath)); if (!IsPostBack) { BindProfiles(); } }
public override void HandleRequest() { string output = null; DialogParams dialogParams = Content.FromJson <DialogParams>(); // This uses the new JSON Extensions in DotNetNuke.Common.Utilities.JsonExtensionsWeb string link = dialogParams.LinkUrl; dialogParams.LinkClickUrl = link; if (dialogParams != null) { if (!(dialogParams.LinkAction == "GetLinkInfo")) { if (dialogParams.Track) { string tempVar = dialogParams.LinkUrl; dialogParams.LinkClickUrl = GetLinkClickURL(ref dialogParams, ref tempVar); dialogParams.LinkUrl = tempVar; UrlTrackingInfo linkTrackingInfo = _urlController.GetUrlTracking(dialogParams.PortalId, dialogParams.LinkUrl, dialogParams.ModuleId); if (linkTrackingInfo != null) { dialogParams.Track = linkTrackingInfo.TrackClicks; dialogParams.TrackUser = linkTrackingInfo.LogActivity; dialogParams.DateCreated = linkTrackingInfo.CreatedDate.ToString(); dialogParams.LastClick = linkTrackingInfo.LastClick.ToString(); dialogParams.Clicks = linkTrackingInfo.Clicks.ToString(); } else { dialogParams.Track = false; dialogParams.TrackUser = false; } dialogParams.LinkUrl = link; } } switch (dialogParams.LinkAction) { case "GetLoggingInfo": //also meant for the tracking tab but this is to retrieve the user information DateTime logStartDate = DateTime.MinValue; DateTime logEndDate = DateTime.MinValue; string logText = "<table><tr><th>Date</th><th>User</th></tr><tr><td colspan='2'>The selected date-range did<br /> not return any results.</td></tr>"; if (DateTime.TryParse(dialogParams.LogStartDate, out logStartDate)) { if (!(DateTime.TryParse(dialogParams.LogEndDate, out logEndDate))) { logEndDate = logStartDate.AddDays(1); } UrlController _urlController = new UrlController(); ArrayList urlLog = _urlController.GetUrlLog(dialogParams.PortalId, GetLinkUrl(ref dialogParams, dialogParams.LinkUrl), dialogParams.ModuleId, logStartDate, logEndDate); if (urlLog != null) { logText = GetUrlLoggingInfo(urlLog); } } dialogParams.TrackingLog = logText; break; case "GetLinkInfo": if (dialogParams.Track) { link = link.Replace(@"\", @"/"); //this section is for when the user clicks ok in the dialog box, we actually create a record for the linkclick urls. if (!(dialogParams.LinkUrl.ToLower().Contains("linkclick.aspx"))) { dialogParams.LinkClickUrl = GetLinkClickURL(ref dialogParams, ref link); } _urlController.UpdateUrl(dialogParams.PortalId, link, GetURLType(Globals.GetURLType(link)), dialogParams.TrackUser, true, dialogParams.ModuleId, false); } else { //this section is meant for retrieving/displaying the original links and determining if the links are being tracked(making sure the track checkbox properly checked) UrlTrackingInfo linkTrackingInfo = null; if (dialogParams.LinkUrl.Contains("fileticket")) { var queryString = dialogParams.LinkUrl.Split('='); var encryptedFileId = queryString[1].Split('&')[0]; string fileID = UrlUtils.DecryptParameter(encryptedFileId, dialogParams.PortalGuid); FileInfo savedFile = _fileController.GetFileById(Int32.Parse(fileID), dialogParams.PortalId); linkTrackingInfo = _urlController.GetUrlTracking(dialogParams.PortalId, string.Format("fileID={0}", fileID), dialogParams.ModuleId); } else if (dialogParams.LinkUrl.ToLowerInvariant().Contains("linkclick.aspx")) { try { if (dialogParams.LinkUrl.Contains("?")) { link = dialogParams.LinkUrl.Split('?')[1].Split('&')[0]; if (link.Contains("=")) { link = link.Split('=')[1]; } } int tabId; if (int.TryParse(link, out tabId)) //if it's a tabid get the tab path { dialogParams.LinkClickUrl = TabController.Instance.GetTab(tabId, dialogParams.PortalId, true).FullUrl; linkTrackingInfo = _urlController.GetUrlTracking(dialogParams.PortalId, tabId.ToString(), dialogParams.ModuleId); } else { dialogParams.LinkClickUrl = HttpContext.Current.Server.UrlDecode(link); //get the actual link linkTrackingInfo = _urlController.GetUrlTracking(dialogParams.PortalId, dialogParams.LinkClickUrl, dialogParams.ModuleId); } } catch (Exception ex) { Logger.Error(ex); dialogParams.LinkClickUrl = dialogParams.LinkUrl; } } if (linkTrackingInfo == null) { dialogParams.Track = false; dialogParams.TrackUser = false; } else { dialogParams.Track = linkTrackingInfo.TrackClicks; dialogParams.TrackUser = linkTrackingInfo.LogActivity; } } break; } output = dialogParams.ToJson(); } Response.Write(output); }
/// ----------------------------------------------------------------------------- /// <summary> /// This handler handles requests for LinkClick.aspx, but only those specifc /// to file serving /// </summary> /// <param name="context">System.Web.HttpContext)</param> /// <remarks> /// </remarks> /// <history> /// [cpaterra] 4/19/2006 Created /// </history> /// ----------------------------------------------------------------------------- public void ProcessRequest(HttpContext context) { PortalSettings _portalSettings = PortalController.GetCurrentPortalSettings(); int TabId = -1; int ModuleId = -1; try { //get TabId if (context.Request.QueryString["tabid"] != null) { Int32.TryParse(context.Request.QueryString["tabid"], out TabId); } //get ModuleId if (context.Request.QueryString["mid"] != null) { Int32.TryParse(context.Request.QueryString["mid"], out ModuleId); } } catch (Exception) { //The TabId or ModuleId are incorrectly formatted (potential DOS) Exceptions.Exceptions.ProcessHttpException(context.Request); } //get Language string Language = _portalSettings.DefaultLanguage; if (context.Request.QueryString["language"] != null) { Language = context.Request.QueryString["language"]; } else { if (context.Request.Cookies["language"] != null) { Language = context.Request.Cookies["language"].Value; } } if (LocaleController.Instance.IsEnabled(ref Language, _portalSettings.PortalId)) { Localization.Localization.SetThreadCultures(new CultureInfo(Language), _portalSettings); Localization.Localization.SetLanguage(Language); } //get the URL string URL = ""; bool blnClientCache = true; bool blnForceDownload = false; if (context.Request.QueryString["fileticket"] != null) { URL = "FileID=" + FileLinkClickController.Instance.GetFileIdFromLinkClick(context.Request.QueryString); } if (context.Request.QueryString["userticket"] != null) { URL = "UserId=" + UrlUtils.DecryptParameter(context.Request.QueryString["userticket"]); } if (context.Request.QueryString["link"] != null) { URL = context.Request.QueryString["link"]; if (URL.ToLowerInvariant().StartsWith("fileid=")) { URL = ""; //restrict direct access by FileID } } if (!String.IsNullOrEmpty(URL)) { URL = URL.Replace(@"\", @"/"); //update clicks, this must be done first, because the url tracker works with unmodified urls, like tabid, fileid etc var objUrls = new UrlController(); objUrls.UpdateUrlTracking(_portalSettings.PortalId, URL, ModuleId, -1); TabType UrlType = Globals.GetURLType(URL); if (UrlType == TabType.Tab) { //verify whether the tab is exist, otherwise throw out 404. if (new TabController().GetTab(int.Parse(URL), _portalSettings.PortalId, false) == null) { Exceptions.Exceptions.ProcessHttpException(); } } if (UrlType != TabType.File) { URL = Globals.LinkClick(URL, TabId, ModuleId, false); } if (UrlType == TabType.File && URL.ToLowerInvariant().StartsWith("fileid=") == false) { //to handle legacy scenarios before the introduction of the FileServerHandler var fileName = Path.GetFileName(URL); var folderPath = URL.Substring(0, URL.LastIndexOf(fileName)); var folder = FolderManager.Instance.GetFolder(_portalSettings.PortalId, folderPath); var file = FileManager.Instance.GetFile(folder, fileName); URL = "FileID=" + file.FileId; } //get optional parameters if (context.Request.QueryString["clientcache"] != null) { blnClientCache = bool.Parse(context.Request.QueryString["clientcache"]); } if ((context.Request.QueryString["forcedownload"] != null) || (context.Request.QueryString["contenttype"] != null)) { blnForceDownload = bool.Parse(context.Request.QueryString["forcedownload"]); } var contentDisposition = blnForceDownload ? ContentDisposition.Attachment : ContentDisposition.Inline; //clear the current response context.Response.Clear(); var fileManager = FileManager.Instance; try { switch (UrlType) { case TabType.File: var download = false; var file = fileManager.GetFile(int.Parse(UrlUtils.GetParameterValue(URL))); if (file != null) { if (!file.IsEnabled) { if (context.Request.IsAuthenticated) { context.Response.Redirect(Globals.AccessDeniedURL(Localization.Localization.GetString("FileAccess.Error")), true); } else { context.Response.Redirect(Globals.AccessDeniedURL(), true); } } try { var folderMapping = FolderMappingController.Instance.GetFolderMapping(file.PortalId, file.FolderMappingID); var directUrl = fileManager.GetUrl(file); if (directUrl.Contains("LinkClick") || (blnForceDownload && folderMapping.FolderProviderType == "StandardFolderProvider")) { fileManager.WriteFileToResponse(file, contentDisposition); download = true; } else { context.Response.Redirect(directUrl, /*endResponse*/ true); } } catch (PermissionsNotMetException) { if (context.Request.IsAuthenticated) { context.Response.Redirect(Globals.AccessDeniedURL(Localization.Localization.GetString("FileAccess.Error")), true); } else { context.Response.Redirect(Globals.AccessDeniedURL(), true); } } catch (Exception ex) { Logger.Error(ex); } } if (!download) { Exceptions.Exceptions.ProcessHttpException(URL); } break; case TabType.Url: //prevent phishing by verifying that URL exists in URLs table for Portal if (objUrls.GetUrl(_portalSettings.PortalId, URL) != null) { context.Response.Redirect(URL, true); } break; default: //redirect to URL context.Response.Redirect(URL, true); break; } } catch (ThreadAbortException exc) { Logger.Error(exc); } catch (Exception) { Exceptions.Exceptions.ProcessHttpException(URL); } } else { Exceptions.Exceptions.ProcessHttpException(URL); } }
/// <Summary> /// This handler handles requests for LinkClick.aspx, but only those specifc /// to file serving /// </Summary> /// <Param name="context">System.Web.HttpContext)</Param> public virtual void ProcessRequest(HttpContext context) { PortalSettings portalSettings = PortalController.GetCurrentPortalSettings(); // get TabId int tabId = -1; if (context.Request.QueryString["tabid"] != null) { tabId = int.Parse(context.Request.QueryString["tabid"]); } // get ModuleId int moduleId = -1; if (context.Request.QueryString["mid"] != null) { moduleId = int.Parse(context.Request.QueryString["mid"]); } // get the URL string URL = ""; bool blnClientCache = true; bool blnForceDownload = false; if (context.Request.QueryString["fileticket"] != null) { URL = "FileID=" + UrlUtils.DecryptParameter(context.Request.QueryString["fileticket"]); } if (context.Request.QueryString["userticket"] != null) { URL = "UserId=" + UrlUtils.DecryptParameter(context.Request.QueryString["userticket"]); } if (context.Request.QueryString["link"] != null) { URL = context.Request.QueryString["link"]; if (URL.ToLower().StartsWith("fileid=")) { URL = ""; // restrict direct access by FileID } } if (!String.IsNullOrEmpty(URL)) { TabType UrlType = Globals.GetURLType(URL); if (UrlType != TabType.File) { URL = Globals.LinkClick(URL, tabId, moduleId, false); } if (UrlType == TabType.File && URL.ToLower().StartsWith("fileid=") == false) { // to handle legacy scenarios before the introduction of the FileServerHandler FileController objFiles = new FileController(); URL = "FileID=" + objFiles.ConvertFilePathToFileId(URL, portalSettings.PortalId); } // get optional parameters if (context.Request.QueryString["clientcache"] != null) { blnClientCache = bool.Parse(context.Request.QueryString["clientcache"]); } if ((context.Request.QueryString["forcedownload"] != null) || (context.Request.QueryString["contenttype"] != null)) { blnForceDownload = bool.Parse(context.Request.QueryString["forcedownload"]); } // update clicks UrlController objUrls = new UrlController(); objUrls.UpdateUrlTracking(portalSettings.PortalId, URL, moduleId, -1); // clear the current response context.Response.Clear(); if (UrlType == TabType.File) { // serve the file if (tabId == Null.NullInteger) { if (!(FileSystemUtils.DownloadFile(portalSettings.PortalId, int.Parse(UrlUtils.GetParameterValue(URL)), blnClientCache, blnForceDownload))) { context.Response.Write(Services.Localization.Localization.GetString("FilePermission.Error")); } } else { if (!(FileSystemUtils.DownloadFile(portalSettings, int.Parse(UrlUtils.GetParameterValue(URL)), blnClientCache, blnForceDownload))) { context.Response.Write(Services.Localization.Localization.GetString("FilePermission.Error")); } } } else { // redirect to URL context.Response.Redirect(URL, true); } } }
public void ProcessRequest(System.Web.HttpContext context) { PortalSettings _portalSettings = PortalController.GetCurrentPortalSettings(); int TabId = -1; int ModuleId = -1; try { if (context.Request.QueryString["tabid"] != null) { Int32.TryParse(context.Request.QueryString["tabid"], out TabId); } if (context.Request.QueryString["mid"] != null) { Int32.TryParse(context.Request.QueryString["mid"], out ModuleId); } } catch (Exception ex) { ex.ToString(); throw new HttpException(404, "Not Found"); } string Language = _portalSettings.DefaultLanguage; if (context.Request.QueryString["language"] != null) { Language = context.Request.QueryString["language"]; } else { if (context.Request.Cookies["language"] != null) { Language = context.Request.Cookies["language"].Value; } } if (Localization.Localization.LocaleIsEnabled(Language)) { System.Threading.Thread.CurrentThread.CurrentCulture = new CultureInfo(Language); Localization.Localization.SetLanguage(Language); } string URL = ""; bool blnClientCache = true; bool blnForceDownload = false; if (context.Request.QueryString["fileticket"] != null) { URL = "FileID=" + UrlUtils.DecryptParameter(context.Request.QueryString["fileticket"]); } if (context.Request.QueryString["userticket"] != null) { URL = "UserId=" + UrlUtils.DecryptParameter(context.Request.QueryString["userticket"]); } if (context.Request.QueryString["link"] != null) { URL = context.Request.QueryString["link"]; if (URL.ToLowerInvariant().StartsWith("fileid=")) { URL = ""; } } if (!String.IsNullOrEmpty(URL)) { UrlController objUrls = new UrlController(); objUrls.UpdateUrlTracking(_portalSettings.PortalId, URL, ModuleId, -1); TabType UrlType = Globals.GetURLType(URL); if (UrlType != TabType.File) { URL = Common.Globals.LinkClick(URL, TabId, ModuleId, false); } if (UrlType == TabType.File && URL.ToLowerInvariant().StartsWith("fileid=") == false) { FileController objFiles = new FileController(); URL = "FileID=" + objFiles.ConvertFilePathToFileId(URL, _portalSettings.PortalId); } if (context.Request.QueryString["clientcache"] != null) { blnClientCache = bool.Parse(context.Request.QueryString["clientcache"]); } if ((context.Request.QueryString["forcedownload"] != null) || (context.Request.QueryString["contenttype"] != null)) { blnForceDownload = bool.Parse(context.Request.QueryString["forcedownload"]); } context.Response.Clear(); try { switch (UrlType) { case TabType.File: if (TabId == Null.NullInteger) { if (!FileSystemUtils.DownloadFile(_portalSettings.PortalId, int.Parse(UrlUtils.GetParameterValue(URL)), blnClientCache, blnForceDownload)) { throw new HttpException(404, "Not Found"); } } else { if (!FileSystemUtils.DownloadFile(_portalSettings, int.Parse(UrlUtils.GetParameterValue(URL)), blnClientCache, blnForceDownload)) { throw new HttpException(404, "Not Found"); } } break; case TabType.Url: if (objUrls.GetUrl(_portalSettings.PortalId, URL) != null) { context.Response.Redirect(URL, true); } break; default: context.Response.Redirect(URL, true); break; } } catch (ThreadAbortException ex) { ex.ToString(); } catch (Exception ex) { ex.ToString(); throw new HttpException(404, "Not Found"); } } else { throw new HttpException(404, "Not Found"); } }