protected override void BuildXml() { Config _Config = Config.Current; bool _IsEnabled = _Config.CheckAuthentication(); // Create the "ConnectorInfo" node. XmlNode oConnInfo = XmlUtil.AppendElement(this.ConnectorNode, "ConnectorInfo"); XmlUtil.SetAttribute(oConnInfo, "enabled", _IsEnabled.ToString().ToLower()); if (!_IsEnabled) { ConnectorException.Throw(Errors.ConnectorDisabled); } string ln = ""; string lc = _Config.LicenseKey.ToUpper(); int index = K_CHARS.IndexOf(lc[0]) % 5; if (1 == index || 4 == index) { ln = _Config.LicenseName.ToLower(); } XmlUtil.SetAttribute(oConnInfo, "imgWidth", _Config.Images.MaxWidth.ToString()); XmlUtil.SetAttribute(oConnInfo, "imgHeight", _Config.Images.MaxHeight.ToString()); XmlUtil.SetAttribute(oConnInfo, "s", ln); XmlUtil.SetAttribute(oConnInfo, "c", string.Concat(lc[11], lc[0], lc[8], lc[12], lc[26], lc[2], lc[3], lc[25], lc[1]).Trim()); XmlUtil.SetAttribute(oConnInfo, "thumbsEnabled", _Config.Thumbnails.Enabled.ToString().ToLower()); XmlUtil.SetAttribute(oConnInfo, "uploadCheckImages", _Config.CheckSizeAfterScaling ? "false" : "true"); if (_Config.Thumbnails.Enabled) { XmlUtil.SetAttribute(oConnInfo, "thumbsUrl", _Config.Thumbnails.Url); XmlUtil.SetAttribute(oConnInfo, "thumbsWidth", _Config.Thumbnails.MaxWidth.ToString()); XmlUtil.SetAttribute(oConnInfo, "thumbsHeight", _Config.Thumbnails.MaxHeight.ToString()); XmlUtil.SetAttribute(oConnInfo, "thumbsDirectAccess", _Config.Thumbnails.DirectAccess.ToString().ToLower()); } // Create the "ResourceTypes" node. XmlNode oResourceTypes = XmlUtil.AppendElement(this.ConnectorNode, "ResourceTypes"); XmlNode oPluginsInfo = XmlUtil.AppendElement(this.ConnectorNode, "PluginsInfo"); // Load the resource types in an array. string[] aTypes; if (Request.QueryString["type"] != null && Request.QueryString["type"].Length > 0) { aTypes = new string[] { Request.QueryString["type"] }; } else { string sDefaultTypes = Config.Current.DefaultResourceTypes; if (sDefaultTypes.Length == 0) { aTypes = new string[_Config.ResourceTypes.Count]; for (int i = 0; i < _Config.ResourceTypes.Count; i++) { aTypes[i] = _Config.ResourceTypes.GetByIndex(i).Name; } } else { aTypes = sDefaultTypes.Split(','); } } for (int i = 0; i < aTypes.Length; i++) { string resourceTypeName = aTypes[i]; int aclMask = Config.Current.AccessControl.GetComputedMask(resourceTypeName, "/"); if ((aclMask & (int)AccessControlRules.FolderView) != (int)AccessControlRules.FolderView) { continue; } Settings.ResourceType oTypeInfo = _Config.GetResourceTypeConfig(resourceTypeName); string sTargetDirectory = oTypeInfo.GetTargetDirectory(); bool bHasChildren = System.IO.Directory.Exists(sTargetDirectory) && this.hasChildren("/", new System.IO.DirectoryInfo(oTypeInfo.GetTargetDirectory()), resourceTypeName); XmlNode oResourceType = XmlUtil.AppendElement(oResourceTypes, "ResourceType"); XmlUtil.SetAttribute(oResourceType, "name", resourceTypeName); XmlUtil.SetAttribute(oResourceType, "url", oTypeInfo.Url); XmlUtil.SetAttribute(oResourceType, "maxSize", oTypeInfo.MaxSize.ToString()); XmlUtil.SetAttribute(oResourceType, "allowedExtensions", string.Join(",", oTypeInfo.AllowedExtensions)); XmlUtil.SetAttribute(oResourceType, "deniedExtensions", string.Join(",", oTypeInfo.DeniedExtensions)); XmlUtil.SetAttribute(oResourceType, "hash", Util.GetMACTripleDESHash(sTargetDirectory).Substring(0, 16)); XmlUtil.SetAttribute(oResourceType, "hasChildren", (bHasChildren ? "true" : "false")); XmlUtil.SetAttribute(oResourceType, "acl", aclMask.ToString()); } if (Connector.JavascriptPlugins != null && Connector.JavascriptPlugins.Count > 0) { string Plugins = ""; foreach (string pluginName in Connector.JavascriptPlugins) { if (Plugins.Length > 0) { Plugins += ","; } Plugins += pluginName; } XmlUtil.SetAttribute(oConnInfo, "plugins", Plugins); } Connector.CKFinderEvent.ActivateEvent(CKFinderEvent.Hooks.InitCommand, this.ConnectorNode); }
protected override void BuildXml() { if (Request.Form["CKFinderCommand"] != "true") { ConnectorException.Throw(Errors.InvalidRequest); } if (!this.CurrentFolder.CheckAcl(AccessControlRules.FileRename | AccessControlRules.FileUpload | AccessControlRules.FileDelete)) { ConnectorException.Throw(Errors.Unauthorized); } if (Request.Form["files[0][type]"] == null) { ConnectorException.Throw(Errors.InvalidRequest); } int moved = 0; int movedAll = 0; if (Request.Form["moved"] != null) { movedAll = Int32.Parse(Request.Form["moved"]); } Settings.ResourceType resourceType; Hashtable resourceTypeConfig = new Hashtable(); Hashtable checkedPaths = new Hashtable(); int iFileNum = 0; while (Request.Form["files[" + iFileNum.ToString() + "][type]"] != null && Request.Form["files[" + iFileNum.ToString() + "][type]"].Length > 0) { string name = Request.Form["files[" + iFileNum.ToString() + "][name]"]; string type = Request.Form["files[" + iFileNum.ToString() + "][type]"]; string path = Request.Form["files[" + iFileNum.ToString() + "][folder]"]; string options = ""; if (name == null || name.Length < 1 || type == null || type.Length < 1 || path == null || path.Length < 1) { ConnectorException.Throw(Errors.InvalidRequest); return; } if (Request.Form["files[" + iFileNum.ToString() + "][options]"] != null) { options = Request.Form["files[" + iFileNum.ToString() + "][options]"]; } iFileNum++; // check #1 (path) if (!Connector.CheckFileName(name) || Regex.IsMatch(path, @"(/\.)|(\.\.)|(//)|([\\:\*\?""\<\>\|])")) { ConnectorException.Throw(Errors.InvalidRequest); return; } // get resource type config for current file if (!resourceTypeConfig.ContainsKey(type)) { resourceTypeConfig[type] = Config.Current.GetResourceTypeConfig(type); } // check #2 (resource type) if (resourceTypeConfig[type] == null) { ConnectorException.Throw(Errors.InvalidRequest); return; } resourceType = (Settings.ResourceType)resourceTypeConfig[type]; FolderHandler folder = new FolderHandler(type, path); string sourceFilePath = System.IO.Path.Combine(folder.ServerPath, name); // check #3 (extension) if (!resourceType.CheckExtension(System.IO.Path.GetExtension(name))) { this.appendErrorNode(Errors.InvalidExtension, name, type, path); continue; } // check #4 (extension) - when moving to another resource type, double check extension if (this.CurrentFolder.ResourceTypeName != type) { if (!this.CurrentFolder.ResourceTypeInfo.CheckExtension(System.IO.Path.GetExtension(name))) { this.appendErrorNode(Errors.InvalidExtension, name, type, path); continue; } } // check #5 (hidden folders) if (!checkedPaths.ContainsKey(path)) { checkedPaths[path] = true; if (Config.Current.CheckIsHidenPath(path)) { ConnectorException.Throw(Errors.InvalidRequest); return; } } // check #6 (hidden file name) if (Config.Current.CheckIsHiddenFile(name)) { ConnectorException.Throw(Errors.InvalidRequest); return; } // check #7 (Access Control, need file view permission to source files) if (!folder.CheckAcl(AccessControlRules.FileView)) { ConnectorException.Throw(Errors.Unauthorized); return; } // check #8 (invalid file name) if (!System.IO.File.Exists(sourceFilePath) || System.IO.Directory.Exists(sourceFilePath)) { this.appendErrorNode(Errors.FileNotFound, name, type, path); continue; } // check #9 (max size) if (this.CurrentFolder.ResourceTypeName != type) { System.IO.FileInfo fileInfo = new System.IO.FileInfo(sourceFilePath); if (this.CurrentFolder.ResourceTypeInfo.MaxSize > 0 && fileInfo.Length > this.CurrentFolder.ResourceTypeInfo.MaxSize) { this.appendErrorNode(Errors.UploadedTooBig, name, type, path); continue; } } string destinationFilePath = System.IO.Path.Combine(this.CurrentFolder.ServerPath, name); string thumbPath = System.IO.Path.Combine(folder.ThumbsServerPath, name); // finally, no errors so far, we may attempt to copy a file // protection against copying files to itself if (sourceFilePath == destinationFilePath) { this.appendErrorNode(Errors.SourceAndTargetPathEqual, name, type, path); continue; } // check if file exists if we don't force overwriting else if (System.IO.File.Exists(destinationFilePath)) { if (options.Contains("overwrite")) { try { System.IO.File.Delete(destinationFilePath); } catch (Exception) { this.appendErrorNode(Errors.AccessDenied, name, type, path); continue; } try { System.IO.File.Move(sourceFilePath, destinationFilePath); moved++; try { System.IO.File.Delete(thumbPath); } catch { /* No errors if we are not able to delete the thumb. */ } } catch (Exception) { this.appendErrorNode(Errors.AccessDenied, name, type, path); continue; } } else if (options.Contains("autorename")) { int iCounter = 1; string fileName; string sFileNameNoExt = CKFinder.Connector.Util.GetFileNameWithoutExtension(name); string sFullExtension = CKFinder.Connector.Util.GetExtension(name); while (true) { fileName = sFileNameNoExt + "(" + iCounter.ToString() + ")" + sFullExtension; destinationFilePath = System.IO.Path.Combine(this.CurrentFolder.ServerPath, fileName); if (!System.IO.File.Exists(destinationFilePath)) { break; } else { iCounter++; } } try { System.IO.File.Move(sourceFilePath, destinationFilePath); moved++; try { System.IO.File.Delete(thumbPath); } catch { /* No errors if we are not able to delete the thumb. */ } } catch (ArgumentException) { this.appendErrorNode(Errors.InvalidName, name, type, path); continue; } catch (System.IO.PathTooLongException) { this.appendErrorNode(Errors.InvalidName, name, type, path); continue; } catch (Exception) { #if DEBUG throw; #else this.appendErrorNode(Errors.AccessDenied, name, type, path); continue; #endif } } else { this.appendErrorNode(Errors.AlreadyExist, name, type, path); continue; } } else { try { System.IO.File.Move(sourceFilePath, destinationFilePath); moved++; try { System.IO.File.Delete(thumbPath); } catch { /* No errors if we are not able to delete the thumb. */ } } catch (ArgumentException) { this.appendErrorNode(Errors.InvalidName, name, type, path); continue; } catch (System.IO.PathTooLongException) { this.appendErrorNode(Errors.InvalidName, name, type, path); continue; } catch (Exception) { #if DEBUG throw; #else this.appendErrorNode(Errors.AccessDenied, name, type, path); continue; #endif } } } XmlNode moveFilesNode = XmlUtil.AppendElement(this.ConnectorNode, "MoveFiles"); XmlUtil.SetAttribute(moveFilesNode, "moved", moved.ToString()); XmlUtil.SetAttribute(moveFilesNode, "movedTotal", (movedAll + moved).ToString()); if (this.ErrorsNode != null) { ConnectorException.Throw(Errors.MoveFailed); return; } }
protected override void BuildXml() { if (Request.Form["CKFinderCommand"] != "true") { ConnectorException.Throw(Errors.InvalidRequest); } if (!this.CurrentFolder.CheckAcl(AccessControlRules.FileDelete)) { ConnectorException.Throw(Errors.Unauthorized); } Settings.ResourceType resourceType; Hashtable resourceTypeConfig = new Hashtable(); Hashtable checkedPaths = new Hashtable(); XmlNode oDeletedFileNode = null; int iFileNum = 0; int deletedNum = 0; while (Request.Form["files[" + iFileNum.ToString() + "][type]"] != null && Request.Form["files[" + iFileNum.ToString() + "][type]"].Length > 0) { string name = Request.Form["files[" + iFileNum.ToString() + "][name]"]; string type = Request.Form["files[" + iFileNum.ToString() + "][type]"]; string path = Request.Form["files[" + iFileNum.ToString() + "][folder]"]; if (name == null || name.Length < 1 || type == null || type.Length < 1 || path == null || path.Length < 1) { ConnectorException.Throw(Errors.InvalidRequest); return; } iFileNum++; // check #1 (path) if (!Connector.CheckFileName(name) || Regex.IsMatch(path, @"(/\.)|(\.\.)|(//)|([\\:\*\?""\<\>\|])")) { ConnectorException.Throw(Errors.InvalidRequest); return; } // get resource type config for current file if (!resourceTypeConfig.ContainsKey(type)) { resourceTypeConfig[type] = Config.Current.GetResourceTypeConfig(type); } // check #2 (resource type) if (resourceTypeConfig[type] == null) { ConnectorException.Throw(Errors.InvalidRequest); return; } resourceType = (Settings.ResourceType)resourceTypeConfig[type]; FolderHandler folder = new FolderHandler(type, path); string filePath = System.IO.Path.Combine(folder.ServerPath, name); // check #3 (extension) if (!resourceType.CheckExtension(System.IO.Path.GetExtension(name))) { ConnectorException.Throw(Errors.InvalidRequest); return; } // check #5 (hidden folders) if (!checkedPaths.ContainsKey(path)) { checkedPaths[path] = true; if (Config.Current.CheckIsHidenPath(path)) { ConnectorException.Throw(Errors.InvalidRequest); return; } } // check #6 (hidden file name) if (Config.Current.CheckIsHiddenFile(name)) { ConnectorException.Throw(Errors.InvalidRequest); return; } // check #7 (Access Control, need file view permission to source files) if (!folder.CheckAcl(AccessControlRules.FileDelete)) { ConnectorException.Throw(Errors.Unauthorized); return; } // check #8 (invalid file name) if (!System.IO.File.Exists(filePath) || System.IO.Directory.Exists(filePath)) { this.appendErrorNode(Errors.FileNotFound, name, type, path); continue; } bool bDeleted = false; try { System.IO.File.Delete(filePath); bDeleted = true; deletedNum++; } catch (System.UnauthorizedAccessException) { this.appendErrorNode(Errors.AccessDenied, name, type, path); } catch (System.Security.SecurityException) { this.appendErrorNode(Errors.AccessDenied, name, type, path); } catch (System.ArgumentException) { this.appendErrorNode(Errors.FileNotFound, name, type, path); } catch (System.IO.PathTooLongException) { this.appendErrorNode(Errors.FileNotFound, name, type, path); } catch { #if DEBUG throw; #else this.appendErrorNode(Errors.Unknown, name, type, path); #endif } if (bDeleted) { try { string thumbPath = System.IO.Path.Combine(folder.ThumbsServerPath, name); System.IO.File.Delete(thumbPath); } catch { /* No errors if we are not able to delete the thumb. */ } } } oDeletedFileNode = XmlUtil.AppendElement(this.ConnectorNode, "DeleteFiles"); XmlUtil.SetAttribute(oDeletedFileNode, "deleted", deletedNum.ToString()); if (this.ErrorsNode != null) { ConnectorException.Throw(Errors.DeleteFailed); return; } }
protected override void BuildXml() { if (!this.CurrentFolder.CheckAcl(AccessControlRules.FileView)) { ConnectorException.Throw(Errors.Unauthorized); } string fileName = Request["FileName"]; System.Drawing.Image sourceImage; if (!Connector.CheckFileName(fileName) || Config.Current.CheckIsHiddenFile(fileName)) { ConnectorException.Throw(Errors.InvalidRequest); return; } if (!this.CurrentFolder.ResourceTypeInfo.CheckExtension(System.IO.Path.GetExtension(fileName))) { ConnectorException.Throw(Errors.InvalidRequest); return; } string filePath = System.IO.Path.Combine(this.CurrentFolder.ServerPath, fileName); if (!System.IO.File.Exists(filePath)) { ConnectorException.Throw(Errors.FileNotFound); } try { sourceImage = System.Drawing.Image.FromFile(filePath); XmlNode oImageInfo = XmlUtil.AppendElement(this.ConnectorNode, "ImageInfo"); XmlUtil.SetAttribute(oImageInfo, "width", sourceImage.Width.ToString()); XmlUtil.SetAttribute(oImageInfo, "height", sourceImage.Height.ToString()); sourceImage.Dispose(); } catch (OutOfMemoryException) { ConnectorException.Throw(Errors.InvalidName); } catch (System.UnauthorizedAccessException) { ConnectorException.Throw(Errors.AccessDenied); } catch (System.Security.SecurityException) { ConnectorException.Throw(Errors.AccessDenied); } catch (System.ArgumentException) { ConnectorException.Throw(Errors.FileNotFound); } catch (System.IO.PathTooLongException) { ConnectorException.Throw(Errors.FileNotFound); } catch { #if DEBUG throw; #else ConnectorException.Throw(Errors.Unknown); #endif } }
protected override void BuildXml() { if (Request.Form["CKFinderCommand"] != "true") { ConnectorException.Throw(Errors.InvalidRequest); } if (!this.CurrentFolder.CheckAcl(AccessControlRules.FolderRename)) { ConnectorException.Throw(Errors.Unauthorized); } // The root folder cannot be deleted. if (this.CurrentFolder.ClientPath == "/") { ConnectorException.Throw(Errors.InvalidRequest); return; } string newFileName = Request["NewFolderName"]; if (!Connector.CheckFolderName(newFileName) || Config.Current.CheckIsHiddenFolder(newFileName)) { ConnectorException.Throw(Errors.InvalidName); return; } // Get the current folder. System.IO.DirectoryInfo oDir = new System.IO.DirectoryInfo(this.CurrentFolder.ServerPath); bool bMoved = false; try { if (!oDir.Exists) { ConnectorException.Throw(Errors.InvalidRequest); } else { // Build the new folder path. string newFolderPath = System.IO.Path.Combine(oDir.Parent.FullName, newFileName); if (System.IO.Directory.Exists(newFolderPath) || System.IO.File.Exists(newFolderPath)) { ConnectorException.Throw(Errors.AlreadyExist); } oDir.MoveTo(newFolderPath); bMoved = true; } } catch (System.UnauthorizedAccessException) { ConnectorException.Throw(Errors.AccessDenied); } catch (System.Security.SecurityException) { ConnectorException.Throw(Errors.AccessDenied); } catch (System.ArgumentException) { ConnectorException.Throw(Errors.InvalidName); } catch (System.NotSupportedException) { ConnectorException.Throw(Errors.InvalidName); } catch (System.IO.PathTooLongException) { ConnectorException.Throw(Errors.InvalidName); } catch (System.IO.IOException) { ConnectorException.Throw(Errors.Unknown); } catch (ConnectorException connectorException) { throw connectorException; } catch { #if DEBUG throw; #else ConnectorException.Throw(Errors.Unknown); #endif } if (bMoved) { try { // Get the thumbnails folder. System.IO.DirectoryInfo oThumbsDir = new System.IO.DirectoryInfo(this.CurrentFolder.ThumbsServerPath); // Build the new folder path. string newThumbsFolderPath = System.IO.Path.Combine(oThumbsDir.Parent.FullName, newFileName); if (System.IO.Directory.Exists(newThumbsFolderPath)) { System.IO.File.Delete(this.CurrentFolder.ThumbsServerPath); } else { try { oThumbsDir.MoveTo(newThumbsFolderPath); } catch { System.IO.File.Delete(this.CurrentFolder.ThumbsServerPath); } } } catch { /* No errors if we are not able to delete the thumb. */ } string newFolderPath = Regex.Replace(this.CurrentFolder.ClientPath, "[^/]+/?$", newFileName) + "/"; string newFolderUrl = this.CurrentFolder.ResourceTypeInfo.Url + newFolderPath.TrimStart('/'); XmlNode oRenamedNode = XmlUtil.AppendElement(this.ConnectorNode, "RenamedFolder"); XmlUtil.SetAttribute(oRenamedNode, "newName", newFileName); XmlUtil.SetAttribute(oRenamedNode, "newPath", newFolderPath); XmlUtil.SetAttribute(oRenamedNode, "newUrl", newFolderUrl); } }
public override void SendResponse(HttpResponse response) { // Cleans the response buffer. response.ClearHeaders(); response.Clear(); // Prevent the browser from caching the result. response.CacheControl = "no-cache"; // Set the response format. response.ContentEncoding = System.Text.UTF8Encoding.UTF8; response.ContentType = "text/xml"; _Xml = new XmlDocument(); // Create the XML document header. _Xml.AppendChild(_Xml.CreateXmlDeclaration("1.0", "utf-8", null)); // Create the main "Connector" node. _ConnectorNode = XmlUtil.AppendElement(_Xml, "Connector"); XmlNode oErrorNode = XmlUtil.AppendElement(this.ConnectorNode, "Error"); try { this.CheckConnector(); if (this.MustCheckRequest()) { this.CheckRequest(); } if (this.CurrentFolder.ResourceTypeName.Length > 0) { XmlUtil.SetAttribute(_ConnectorNode, "resourceType", this.CurrentFolder.ResourceTypeName); } if (this.MustIncludeCurrentFolder()) { // Add the current folder node. XmlNode currentFolder = XmlUtil.AppendElement(_ConnectorNode, "CurrentFolder"); XmlUtil.SetAttribute(currentFolder, "path", this.CurrentFolder.ClientPath); try { XmlUtil.SetAttribute(currentFolder, "url", this.CurrentFolder.Url); } catch { XmlUtil.SetAttribute(currentFolder, "url", ""); } XmlUtil.SetAttribute(currentFolder, "acl", this.CurrentFolder.AclMask.ToString()); } this.BuildXml(); XmlUtil.SetAttribute(oErrorNode, "number", "0"); } catch (ConnectorException connectorException) { XmlUtil.SetAttribute(oErrorNode, "number", connectorException.Number.ToString()); } catch { #if DEBUG throw; #else XmlUtil.SetAttribute(oErrorNode, "number", Errors.Unknown.ToString()); #endif } // Output the resulting XML. response.Write(_Xml.OuterXml); response.End(); }
protected override void BuildXml() { if (!this.CurrentFolder.CheckAcl(AccessControlRules.FileDelete)) { ConnectorException.Throw(Errors.Unauthorized); } string fileName = Request["FileName"]; if (!Connector.CheckFileName(fileName) || Config.Current.CheckIsHiddenFile(fileName)) { ConnectorException.Throw(Errors.InvalidRequest); return; } if (!this.CurrentFolder.ResourceTypeInfo.CheckExtension(System.IO.Path.GetExtension(fileName))) { ConnectorException.Throw(Errors.InvalidRequest); return; } string filePath = System.IO.Path.Combine(this.CurrentFolder.ServerPath, fileName); bool bDeleted = false; if (!System.IO.File.Exists(filePath)) { ConnectorException.Throw(Errors.FileNotFound); } try { System.IO.File.Delete(filePath); bDeleted = true; } catch (System.UnauthorizedAccessException) { ConnectorException.Throw(Errors.AccessDenied); } catch (System.Security.SecurityException) { ConnectorException.Throw(Errors.AccessDenied); } catch (System.ArgumentException) { ConnectorException.Throw(Errors.FileNotFound); } catch (System.IO.PathTooLongException) { ConnectorException.Throw(Errors.FileNotFound); } catch (Exception) { ConnectorException.Throw(Errors.Unknown); } try { string thumbPath = System.IO.Path.Combine(this.CurrentFolder.ThumbsServerPath, fileName); System.IO.File.Delete(thumbPath); } catch { /* No errors if we are not able to delete the thumb. */ } if (bDeleted) { XmlNode oDeletedFileNode = XmlUtil.AppendElement(this.ConnectorNode, "DeletedFile"); XmlUtil.SetAttribute(oDeletedFileNode, "name", fileName); } }
protected override void BuildXml() { if (Request.Form["CKFinderCommand"] != "true") { ConnectorException.Throw(Errors.InvalidRequest); } if (!this.CurrentFolder.CheckAcl(AccessControlRules.FileRename)) { ConnectorException.Throw(Errors.Unauthorized); } string fileName = Request["fileName"]; string newFileName = Request["newFileName"]; XmlNode oRenamedFileNode = XmlUtil.AppendElement(this.ConnectorNode, "RenamedFile"); XmlUtil.SetAttribute(oRenamedFileNode, "name", fileName); if (!Connector.CheckFileName(fileName) || Config.Current.CheckIsHiddenFile(fileName)) { ConnectorException.Throw(Errors.InvalidRequest); return; } if (!this.CurrentFolder.ResourceTypeInfo.CheckExtension(System.IO.Path.GetExtension(fileName))) { ConnectorException.Throw(Errors.InvalidRequest); return; } if (!Connector.CheckFileName(newFileName) || Config.Current.CheckIsHiddenFile(newFileName)) { ConnectorException.Throw(Errors.InvalidName); return; } if (!this.CurrentFolder.ResourceTypeInfo.CheckExtension(System.IO.Path.GetExtension(newFileName))) { ConnectorException.Throw(Errors.InvalidExtension); } if (Config.Current.DisallowUnsafeCharacters) { newFileName = newFileName.Replace(";", "_"); } // Replace dots in the name with underscores (only one dot can be there... security issue). if (Config.Current.ForceSingleExtension) { newFileName = Regex.Replace(newFileName, @"\.(?![^.]*$)", "_", RegexOptions.None); } if (Config.Current.CheckDoubleExtension) { newFileName = this.CurrentFolder.ResourceTypeInfo.ReplaceInvalidDoubleExtensions(newFileName); } string filePath = System.IO.Path.Combine(this.CurrentFolder.ServerPath, fileName); string newFilePath = System.IO.Path.Combine(this.CurrentFolder.ServerPath, newFileName); bool bMoved = false; if (!System.IO.File.Exists(filePath)) { ConnectorException.Throw(Errors.FileNotFound); } if (System.IO.File.Exists(newFilePath) || System.IO.Directory.Exists(newFilePath)) { ConnectorException.Throw(Errors.AlreadyExist); } try { System.IO.File.Move(filePath, newFilePath); bMoved = true; XmlUtil.SetAttribute(oRenamedFileNode, "newName", newFileName); } catch (System.UnauthorizedAccessException) { ConnectorException.Throw(Errors.AccessDenied); } catch (System.Security.SecurityException) { ConnectorException.Throw(Errors.AccessDenied); } catch (System.ArgumentException) { ConnectorException.Throw(Errors.InvalidName); } catch (System.NotSupportedException) { ConnectorException.Throw(Errors.InvalidName); } catch (System.IO.PathTooLongException) { ConnectorException.Throw(Errors.InvalidName); } catch (System.IO.IOException) { ConnectorException.Throw(Errors.Unknown); } catch { #if DEBUG throw; #else ConnectorException.Throw(Errors.Unknown); #endif } if (bMoved) { try { string thumbPath = System.IO.Path.Combine(this.CurrentFolder.ThumbsServerPath, fileName); System.IO.File.Delete(thumbPath); } catch { /* No errors if we are not able to delete the thumb. */ } } }
protected override void BuildXml() { if (Request.Form["CKFinderCommand"] != "true") { ConnectorException.Throw(Errors.InvalidRequest); } if (!this.CurrentFolder.CheckAcl(AccessControlRules.FolderCreate)) { ConnectorException.Throw(Errors.Unauthorized); } string sNewFolderName = HttpContext.Current.Request.QueryString["newFolderName"]; if (!Connector.CheckFileName(sNewFolderName) || Config.Current.CheckIsHiddenFolder(sNewFolderName)) { ConnectorException.Throw(Errors.InvalidName); } else { // Map the virtual path to the local server path of the current folder. string sServerDir = System.IO.Path.Combine(this.CurrentFolder.ServerPath, sNewFolderName); bool bCreated = false; if (System.IO.Directory.Exists(sServerDir)) { ConnectorException.Throw(Errors.AlreadyExist); } try { Util.CreateDirectory(sServerDir); bCreated = true; } catch (ArgumentException) { ConnectorException.Throw(Errors.InvalidName); } catch (System.IO.PathTooLongException) { ConnectorException.Throw(Errors.InvalidName); } catch (System.Security.SecurityException) { ConnectorException.Throw(Errors.AccessDenied); } catch (ConnectorException connectorException) { throw connectorException; } catch (Exception) { #if DEBUG throw; #else ConnectorException.Throw(Errors.Unknown); #endif } if (bCreated) { XmlNode oNewFolderNode = XmlUtil.AppendElement(this.ConnectorNode, "NewFolder"); XmlUtil.SetAttribute(oNewFolderNode, "name", sNewFolderName); } } }
protected override void BuildXml() { if (!this.CurrentFolder.CheckAcl(AccessControlRules.FileView)) { ConnectorException.Throw(Errors.Unauthorized); } // Map the virtual path to the local server path. string sServerDir = this.CurrentFolder.ServerPath; bool bShowThumbs = Request.QueryString["showThumbs"] != null && Request.QueryString["showThumbs"].ToString().Equals("1"); // Create the "Files" node. XmlNode oFilesNode = XmlUtil.AppendElement(this.ConnectorNode, "Files"); System.IO.DirectoryInfo oDir = new System.IO.DirectoryInfo(sServerDir); System.IO.FileInfo[] aFiles = oDir.GetFiles(); for (int i = 0; i < aFiles.Length; i++) { System.IO.FileInfo oFile = aFiles[i]; string sExtension = System.IO.Path.GetExtension(oFile.Name); if (Config.Current.CheckIsHiddenFile(oFile.Name)) { continue; } if (!this.CurrentFolder.ResourceTypeInfo.CheckExtension(sExtension)) { continue; } Decimal iFileSize = Math.Round((Decimal)oFile.Length / 1024); if (iFileSize < 1 && oFile.Length != 0) { iFileSize = 1; } //md5 zhh 2013-07-05 string md5String = Util.GetMd5Hash(oFile.OpenRead()); // Create the "File" node. XmlNode oFileNode = XmlUtil.AppendElement(oFilesNode, "File"); XmlUtil.SetAttribute(oFileNode, "name", oFile.Name); XmlUtil.SetAttribute(oFileNode, "date", oFile.LastWriteTime.ToString("yyyy-MM-dd HH:mm:ss")); XmlUtil.SetAttribute(oFileNode, "md5", md5String); XmlUtil.SetAttribute(oFileNode, "resourcetype", this.CurrentFolder.ResourceTypeName); XmlUtil.SetAttribute(oFileNode, "md5", md5String); //XmlUtil.SetAttribute(oFileNode, "fullname", oFile.FullName); if (Config.Current.Thumbnails.Enabled && (Config.Current.Thumbnails.DirectAccess || bShowThumbs) && ImageTools.IsImageExtension(sExtension.TrimStart('.'))) { bool bFileExists = false; try { bFileExists = System.IO.File.Exists(System.IO.Path.Combine(this.CurrentFolder.ThumbsServerPath, oFile.Name)); } catch {} if (bFileExists) { XmlUtil.SetAttribute(oFileNode, "thumb", oFile.Name); } else if (bShowThumbs) { XmlUtil.SetAttribute(oFileNode, "thumb", "?" + oFile.Name); } } XmlUtil.SetAttribute(oFileNode, "size", iFileSize.ToString(CultureInfo.InvariantCulture)); } }
protected override void BuildXml() { Config _Config = Config.Current; bool _IsEnabled = _Config.CheckAuthentication(); // Create the "ConnectorInfo" node. XmlNode oConnInfo = XmlUtil.AppendElement(this.ConnectorNode, "ConnectorInfo"); XmlUtil.SetAttribute(oConnInfo, "enabled", _IsEnabled.ToString().ToLower()); if (!_IsEnabled) { ConnectorException.Throw(Errors.ConnectorDisabled); } string ln = ""; string lc = _Config.LicenseKey.ToUpper(); if (1 == (K_CHARS.IndexOf(lc[0]) % 5)) { ln = _Config.LicenseName.ToLower(); } XmlUtil.SetAttribute(oConnInfo, "s", ln); XmlUtil.SetAttribute(oConnInfo, "c", string.Concat(lc[11], lc[0], lc[8], lc[12]).Trim()); XmlUtil.SetAttribute(oConnInfo, "thumbsEnabled", _Config.Thumbnails.Enabled.ToString().ToLower()); if (_Config.Thumbnails.Enabled) { XmlUtil.SetAttribute(oConnInfo, "thumbsUrl", _Config.Thumbnails.Url); XmlUtil.SetAttribute(oConnInfo, "thumbsDirectAccess", _Config.Thumbnails.DirectAccess.ToString().ToLower()); } // Create the "ResourceTypes" node. XmlNode oResourceTypes = XmlUtil.AppendElement(this.ConnectorNode, "ResourceTypes"); // Load the resource types in an array. string[] aTypes; if (Request.QueryString["type"] != null && Request.QueryString["type"].Length > 0) { aTypes = new string[] { Request.QueryString["type"] }; } else { string sDefaultTypes = Config.Current.DefaultResourceTypes; if (sDefaultTypes.Length == 0) { aTypes = new string[_Config.ResourceTypes.Count]; for (int i = 0; i < _Config.ResourceTypes.Count; i++) { aTypes[i] = _Config.ResourceTypes.GetByIndex(i).Name; } } else { aTypes = sDefaultTypes.Split(','); } } for (int i = 0; i < aTypes.Length; i++) { string resourceTypeName = aTypes[i]; int aclMask = Config.Current.AccessControl.GetComputedMask(resourceTypeName, "/"); if ((aclMask & (int)AccessControlRules.FolderView) != (int)AccessControlRules.FolderView) { continue; } Settings.ResourceType oTypeInfo = _Config.GetResourceTypeConfig(resourceTypeName); string sTargetDirectory = oTypeInfo.GetTargetDirectory(); bool bHasChildren = System.IO.Directory.Exists(sTargetDirectory) && (System.IO.Directory.GetDirectories(oTypeInfo.GetTargetDirectory()).Length > 0); XmlNode oResourceType = XmlUtil.AppendElement(oResourceTypes, "ResourceType"); XmlUtil.SetAttribute(oResourceType, "name", resourceTypeName); XmlUtil.SetAttribute(oResourceType, "url", oTypeInfo.Url); XmlUtil.SetAttribute(oResourceType, "allowedExtensions", string.Join(",", oTypeInfo.AllowedExtensions)); XmlUtil.SetAttribute(oResourceType, "deniedExtensions", string.Join(",", oTypeInfo.DeniedExtensions)); XmlUtil.SetAttribute(oResourceType, "hash", Util.GetMd5Hash(sTargetDirectory).Substring(0, 16)); XmlUtil.SetAttribute(oResourceType, "defaultView", "Thumbnails"); XmlUtil.SetAttribute(oResourceType, "hasChildren", (bHasChildren ? "true" : "false")); XmlUtil.SetAttribute(oResourceType, "acl", aclMask.ToString()); } }