private static FileUploadDto UploadFile( Stream stream, PortalSettings portalSettings, UserInfo userInfo, string folder, string filter, string fileName, bool overwrite, bool isHostPortal, bool extract) { var result = new FileUploadDto(); BinaryReader reader = null; Stream fileContent = null; try { var extension = Path.GetExtension(fileName).TextOrEmpty().Replace(".", ""); result.FileIconUrl = IconController.GetFileIconUrl(extension); if (!string.IsNullOrEmpty(filter) && !filter.ToLower().Contains(extension.ToLower())) { result.Message = GetLocalizedString("ExtensionNotAllowed"); return(result); } if (!IsAllowedExtension(extension)) { result.Message = GetLocalizedString("ExtensionNotAllowed"); return(result); } var folderManager = FolderManager.Instance; var effectivePortalId = isHostPortal ? Null.NullInteger : portalSettings.PortalId; // Check if this is a User Folder int userId; var folderInfo = folderManager.GetFolder(effectivePortalId, folder); if (IsUserFolder(folder, out userId)) { var user = UserController.GetUserById(effectivePortalId, userId); if (user != null) { folderInfo = folderManager.GetUserFolder(user); } } if (!FolderPermissionController.HasFolderPermission(portalSettings.PortalId, folder, "WRITE") && !FolderPermissionController.HasFolderPermission(portalSettings.PortalId, folder, "ADD")) { result.Message = GetLocalizedString("NoPermission"); return(result); } IFileInfo file; // FIX DNN-5917 fileName = SanitizeFileName(fileName); // END FIX if (!overwrite && FileManager.Instance.FileExists(folderInfo, fileName, true)) { result.Message = GetLocalizedString("AlreadyExists"); result.AlreadyExists = true; file = FileManager.Instance.GetFile(folderInfo, fileName, true); result.FileId = file.FileId; } else { file = FileManager.Instance.AddFile(folderInfo, fileName, stream, true, false, FileManager.Instance.GetContentType(Path.GetExtension(fileName)), userInfo.UserID); if (extract && extension.ToLower() == "zip") { var destinationFolder = FolderManager.Instance.GetFolder(file.FolderId); var invalidFiles = new List <string>(); var filesCount = FileManager.Instance.UnzipFile(file, destinationFolder, invalidFiles); var invalidFilesJson = invalidFiles.Count > 0 ? string.Format("\"{0}\"", string.Join("\",\"", invalidFiles)) : string.Empty; result.Prompt = string.Format("{{\"invalidFiles\":[{0}], \"totalCount\": {1}}}", invalidFilesJson, filesCount); } result.FileId = file.FileId; } fileContent = FileManager.Instance.GetFileContent(file); var path = GetUrl(result.FileId); using (reader = new BinaryReader(fileContent)) { Size size; if (IsImage(fileName)) { try { size = ImageHeader.GetDimensions(reader); } catch (ArgumentException exc) { Logger.Warn("Unable to get image dimensions for image file", exc); size = new Size(32, 32); } } else { size = new Size(32, 32); } result.Orientation = size.Orientation(); } result.Path = result.FileId > 0 ? path : string.Empty; result.FileName = fileName; if (extract && extension.ToLower() == "zip") { FileManager.Instance.DeleteFile(file); } return(result); } catch (Exception exe) { Logger.Error(exe.Message); result.Message = exe.Message; return(result); } finally { if (reader != null) { reader.Close(); reader.Dispose(); } if (fileContent != null) { fileContent.Close(); fileContent.Dispose(); } } }
private static FileUploadDto UploadFile( Stream stream, int portalId, UserInfo userInfo, string folder, string filter, string fileName, bool overwrite, bool isHostPortal, bool extract, string validationCode) { var result = new FileUploadDto(); BinaryReader reader = null; Stream fileContent = null; try { var extensionList = new List <string>(); if (!string.IsNullOrWhiteSpace(filter)) { extensionList = filter.Split(',').Select(i => i.Trim()).ToList(); } var validateParams = new List <object> { extensionList, userInfo.UserID }; if (!userInfo.IsSuperUser) { validateParams.Add(portalId); } if (!ValidationUtils.ValidationCodeMatched(validateParams, validationCode)) { throw new InvalidOperationException("Bad Request"); } var extension = Path.GetExtension(fileName).ValueOrEmpty().Replace(".", string.Empty); result.FileIconUrl = IconController.GetFileIconUrl(extension); if (!string.IsNullOrEmpty(filter) && !filter.ToLowerInvariant().Contains(extension.ToLowerInvariant())) { result.Message = GetLocalizedString("ExtensionNotAllowed"); return(result); } var folderManager = FolderManager.Instance; var effectivePortalId = isHostPortal ? Null.NullInteger : portalId; var folderInfo = folderManager.GetFolder(effectivePortalId, folder); int userId; if (folderInfo == null && IsUserFolder(folder, out userId)) { var user = UserController.GetUserById(effectivePortalId, userId); if (user != null) { folderInfo = folderManager.GetUserFolder(user); } } if (!FolderPermissionController.HasFolderPermission(portalId, folder, "WRITE") && !FolderPermissionController.HasFolderPermission(portalId, folder, "ADD")) { result.Message = GetLocalizedString("NoPermission"); return(result); } IFileInfo file; if (!overwrite && FileManager.Instance.FileExists(folderInfo, fileName, true)) { result.Message = GetLocalizedString("AlreadyExists"); result.AlreadyExists = true; file = FileManager.Instance.GetFile(folderInfo, fileName, true); result.FileId = file.FileId; } else { file = FileManager.Instance.AddFile(folderInfo, fileName, stream, true, false, FileContentTypeManager.Instance.GetContentType(Path.GetExtension(fileName)), userInfo.UserID); if (extract && extension.ToLowerInvariant() == "zip") { var destinationFolder = FolderManager.Instance.GetFolder(file.FolderId); var invalidFiles = new List <string>(); var filesCount = FileManager.Instance.UnzipFile(file, destinationFolder, invalidFiles); var invalidFilesJson = invalidFiles.Count > 0 ? string.Format("\"{0}\"", string.Join("\",\"", invalidFiles)) : string.Empty; result.Prompt = string.Format("{{\"invalidFiles\":[{0}], \"totalCount\": {1}}}", invalidFilesJson, filesCount); } result.FileId = file.FileId; } fileContent = FileManager.Instance.GetFileContent(file); var path = GetUrl(result.FileId); using (reader = new BinaryReader(fileContent)) { Size size; if (IsImage(fileName)) { try { size = ImageHeader.GetDimensions(reader); } catch (ArgumentException exc) { Logger.Warn("Unable to get image dimensions for image file", exc); size = new Size(32, 32); } } else { size = new Size(32, 32); } result.Orientation = size.Orientation(); } result.Path = result.FileId > 0 ? path : string.Empty; result.FileName = fileName; if (extract && extension.ToLowerInvariant() == "zip") { FileManager.Instance.DeleteFile(file); } return(result); } catch (InvalidFileExtensionException) { result.Message = GetLocalizedString("ExtensionNotAllowed"); return(result); } catch (Exception exe) { Logger.Error(exe); result.Message = exe.Message; return(result); } finally { if (reader != null) { reader.Close(); reader.Dispose(); } if (fileContent != null) { fileContent.Close(); fileContent.Dispose(); } } }
public HttpResponseMessage UploadFromUrl(UploadByUrlDto dto) { WebResponse response = null; Stream responseStream = null; var mediaTypeFormatter = new JsonMediaTypeFormatter(); mediaTypeFormatter.SupportedMediaTypes.Add(new MediaTypeHeaderValue("text/plain")); try { var request = (HttpWebRequest)WebRequest.Create(dto.Url); request.Credentials = CredentialCache.DefaultCredentials; response = request.GetResponse(); responseStream = response.GetResponseStream(); if (responseStream == null) { throw new Exception("No server response"); } var inMemoryStream = new MemoryStream(); { var count = 0; do { var buffer = new byte[4096]; count = responseStream.Read(buffer, 0, 4096); inMemoryStream.Write(buffer, 0, count); } while (responseStream.CanRead && count > 0); string errorMessage; bool alreadyExists; var segments = dto.Url.Split('/'); var fileName = segments[segments.Length - 1]; var returnFilename = SaveFile(inMemoryStream, PortalSettings, UserInfo, dto.Folder.TextOrEmpty(), dto.Filter.TextOrEmpty(), fileName, dto.Overwrite, dto.IsHostMenu, dto.Unzip, out alreadyExists, out errorMessage); var root = AppDomain.CurrentDomain.BaseDirectory; returnFilename = returnFilename.Replace(root, "~/"); var size = IsImage(returnFilename) ? ImageHeader.GetDimensions(HostingEnvironment.MapPath(returnFilename)) : Size.Empty; /* Response Content Type cannot be application/json * because IE9 with iframe-transport manages the response * as a file download */ return(Request.CreateResponse( HttpStatusCode.OK, new UploadDto { AlreadyExists = alreadyExists, Message = errorMessage, Orientation = size.Orientation(), Path = VirtualPathUtility.ToAbsolute(returnFilename) }, mediaTypeFormatter, "text/plain")); } } catch (Exception ex) { return(Request.CreateResponse( HttpStatusCode.OK, new UploadDto { AlreadyExists = false, Message = ex.Message }, mediaTypeFormatter, "text/plain")); } finally { if (response != null) { response.Close(); } if (responseStream != null) { responseStream.Close(); } } }
private static FileUploadDto UploadFile( Stream stream, PortalSettings portalSettings, UserInfo userInfo, string folder, string filter, string fileName, bool overwrite, bool isHostPortal, bool extract) { var result = new FileUploadDto(); BinaryReader reader = null; Stream fileContent = null; try { var extension = Path.GetExtension(fileName).TextOrEmpty().Replace(".", ""); result.FileIconUrl = IconController.GetFileIconUrl(extension); if (!string.IsNullOrEmpty(filter) && !filter.ToLower().Contains(extension.ToLower())) { result.Message = GetLocalizedString("ExtensionNotAllowed"); return(result); } if (!IsAllowedExtension(extension)) { result.Message = GetLocalizedString("ExtensionNotAllowed"); return(result); } var folderManager = FolderManager.Instance; // Check if this is a User Folder var effectivePortalId = isHostPortal ? Null.NullInteger : PortalController.GetEffectivePortalId(portalSettings.PortalId); int userId; var folderInfo = folderManager.GetFolder(effectivePortalId, folder); if (IsUserFolder(folder, out userId)) { var user = UserController.GetUserById(effectivePortalId, userId); if (user != null) { folderInfo = folderManager.GetUserFolder(user); } } if (!PortalSecurity.IsInRoles(userInfo, portalSettings, folderInfo.FolderPermissions.ToString("WRITE")) && !PortalSecurity.IsInRoles(userInfo, portalSettings, folderInfo.FolderPermissions.ToString("ADD"))) { result.Message = GetLocalizedString("NoPermission"); return(result); } IFileInfo file; if (!overwrite && FileManager.Instance.FileExists(folderInfo, fileName, true)) { result.Message = GetLocalizedString("AlreadyExists"); result.AlreadyExists = true; file = FileManager.Instance.GetFile(folderInfo, fileName, true); result.FileId = file.FileId; } else { file = FileManager.Instance.AddFile(folderInfo, fileName, stream, true, false, FileManager.Instance.GetContentType(Path.GetExtension(fileName)), userInfo.UserID); if (extract && extension.ToLower() == "zip") { FileManager.Instance.UnzipFile(file); } result.FileId = file.FileId; } fileContent = FileManager.Instance.GetFileContent(file); var path = GetUrl(result.FileId); using (reader = new BinaryReader(fileContent)) { var size = IsImage(fileName) ? ImageHeader.GetDimensions(reader) : new Size(32, 32); result.Orientation = size.Orientation(); } result.Path = result.FileId > 0 ? path : string.Empty; result.FileName = fileName; if (extract && extension.ToLower() == "zip") { FileManager.Instance.DeleteFile(file); } return(result); } catch (Exception exe) { Logger.Error(exe.Message); result.Message = exe.Message; return(result); } finally { if (reader != null) { reader.Close(); reader.Dispose(); } if (fileContent != null) { fileContent.Close(); fileContent.Dispose(); } } }
public Task <HttpResponseMessage> UploadFromLocal() { HttpRequestMessage request = Request; if (!request.Content.IsMimeMultipartContent()) { throw new HttpResponseException(HttpStatusCode.UnsupportedMediaType); } var provider = new MultipartMemoryStreamProvider(); // local references for use in closure var portalSettings = PortalSettings; var currentSynchronizationContext = SynchronizationContext.Current; var userInfo = UserInfo; var task = request.Content.ReadAsMultipartAsync(provider) .ContinueWith(o => { string folder = string.Empty; string filter = string.Empty; string fileName = string.Empty; bool overwrite = false; bool isHostMenu = false; bool extract = false; Stream stream = null; string returnFilename = string.Empty; foreach (var item in provider.Contents) { var name = item.Headers.ContentDisposition.Name; switch (name.ToUpper()) { case "\"FOLDER\"": folder = item.ReadAsStringAsync().Result ?? ""; break; case "\"FILTER\"": filter = item.ReadAsStringAsync().Result ?? ""; break; case "\"OVERWRITE\"": bool.TryParse(item.ReadAsStringAsync().Result, out overwrite); break; case "\"ISHOSTMENU\"": bool.TryParse(item.ReadAsStringAsync().Result, out isHostMenu); break; case "\"EXTRACT\"": bool.TryParse(item.ReadAsStringAsync().Result, out extract); break; case "\"POSTFILE\"": fileName = item.Headers.ContentDisposition.FileName.Replace("\"", ""); if (fileName.IndexOf("\\", StringComparison.Ordinal) != -1) { fileName = Path.GetFileName(fileName); } stream = item.ReadAsStreamAsync().Result; break; } } var errorMessage = ""; var alreadyExists = false; if (!string.IsNullOrEmpty(fileName) && stream != null) { // Everything ready // The SynchronizationContext keeps the main thread context. Send method is synchronous currentSynchronizationContext.Send( delegate { returnFilename = SaveFile(stream, portalSettings, userInfo, folder, filter, fileName, overwrite, isHostMenu, extract, out alreadyExists, out errorMessage); }, null ); } var mediaTypeFormatter = new JsonMediaTypeFormatter(); mediaTypeFormatter.SupportedMediaTypes.Add(new MediaTypeHeaderValue("text/plain")); var root = AppDomain.CurrentDomain.BaseDirectory; returnFilename = returnFilename.Replace(root, "~/"); var size = IsImage(returnFilename) ? ImageHeader.GetDimensions(HostingEnvironment.MapPath(returnFilename)) : Size.Empty; /* Response Content Type cannot be application/json * because IE9 with iframe-transport manages the response * as a file download */ return(Request.CreateResponse( HttpStatusCode.OK, new UploadDto { AlreadyExists = alreadyExists, Message = errorMessage, Orientation = size.Orientation(), Path = VirtualPathUtility.ToAbsolute(returnFilename) }, mediaTypeFormatter, "text/plain")); }); return(task); }