public SobekCM_Page_Globals(bool isPostBack, string page_name) { // Pull out the http request HttpRequest request = HttpContext.Current.Request; // Get the base url string base_url = request.Url.AbsoluteUri.ToLower().Replace("sobekcm.aspx", ""); if (base_url.IndexOf("?") > 0) base_url = base_url.Substring(0, base_url.IndexOf("?")); try { tracer = new Custom_Tracer(); tracer.Add_Trace("SobekCM_Page_Globals.Constructor", String.Empty); // Don't really need to *build* these, so just define them as a new ones if null if (Global.Checked_List == null) Global.Checked_List = new Checked_Out_Items_List(); if (Global.Search_History == null) Global.Search_History = new Recent_Searches(); // Make sure all the needed data is loaded into the Application State Application_State_Builder.Build_Application_State(tracer, false, ref Global.Skins, ref Global.Translation, ref Global.Codes, ref Global.Item_List, ref Global.Icon_List, ref Global.Stats_Date_Range, ref Global.Thematic_Headings, ref Global.Collection_Aliases, ref Global.IP_Restrictions, ref Global.URL_Portals, ref Global.Mime_Types, ref Global.Item_Viewer_Priority); tracer.Add_Trace("SobekCM_Page_Globals.Constructor", "Application State validated or built"); // Check that something is saved for the original requested URL (may not exist if not forwarded) if (!HttpContext.Current.Items.Contains("Original_URL")) HttpContext.Current.Items["Original_URL"] = request.Url.ToString(); } catch (Exception ee) { // Send to the dashboard if ((HttpContext.Current.Request.UserHostAddress == "127.0.0.1") || (HttpContext.Current.Request.UserHostAddress == HttpContext.Current.Request.ServerVariables["LOCAL_ADDR"]) || (HttpContext.Current.Request.Url.ToString().IndexOf("localhost") >= 0)) { // Create an error message string errorMessage = "Error caught while validating application state"; if ((SobekCM_Library_Settings.Database_Connections.Count == 0) || (String.IsNullOrEmpty(SobekCM_Library_Settings.Database_Connections[0].Connection_String))) { errorMessage = "No database connection string found!"; string configFileLocation = AppDomain.CurrentDomain.BaseDirectory + "config/sobekcm.xml"; try { if (!File.Exists(configFileLocation)) { errorMessage = "Missing config/sobekcm.xml configuration file on the web server.<br />Ensure the configuration file 'sobekcm.xml' exists in a 'config' subfolder directly under the web application.<br />Example configuration is:" + "<div style=\"background-color: #bbbbbb; margin-left: 30px; margin-top:10px; padding: 3px;\"><?xml version="1.0" encoding="UTF-8" standalone="yes" ?><br /> <configuration><br />   <connection_string type="MSSQL">data source=localhost\\instance;initial catalog=SobekCM;integrated security=Yes;</connection_string><br />   <error_emails>[email protected]</error_emails><br />   <error_page>http://ufdc.ufl.edu/error.html</error_page><br /></configuration></div>"; } } catch { errorMessage = "No database connection string found.<br />Likely an error reading the configuration file due to permissions on the web server.<br />Ensure the configuration file 'sobekcm.xml' exists in a 'config' subfolder directly under the web application.<br />Example configuration is:" + "<div style=\"background-color: #bbbbbb; margin-left: 30px; margin-top:10px; padding: 3px;\"><?xml version="1.0" encoding="UTF-8" standalone="yes" ?><br /> <configuration><br />   <connection_string type="MSSQL">data source=localhost\\instance;initial catalog=SobekCM;integrated security=Yes;</connection_string><br />   <error_emails>[email protected]</error_emails><br />   <error_page>http://ufdc.ufl.edu/error.html</error_page><br /></configuration></div>"; } } else { if (ee.Message.IndexOf("The EXECUTE permission") >= 0) { errorMessage = "Permissions error while connecting to the database and pulling necessary data.<br /><br />Confirm the following:<ul><li>IIS is configured correctly to use anonymous authentication</li><li>Anonymous user (or service account) is part of the sobek_users role in the database.</li></ul>"; } else { errorMessage = "Error connecting to the database and pulling necessary data.<br /><br />Confirm the following:<ul><li>Database connection string is correct ( " + SobekCM_Library_Settings.Database_Connections[0].Connection_String + ")</li><li>IIS is configured correctly to use anonymous authentication</li><li>Anonymous user (or service account) is part of the sobek_users role in the database.</li></ul>"; } } // Wrap this into the SobekCM Exception SobekCM_Traced_Exception newException = new SobekCM_Traced_Exception(errorMessage, ee, tracer); // Save this to the session state, and then forward to the dashboard HttpContext.Current.Session["Last_Exception"] = newException; HttpContext.Current.Response.Redirect("dashboard.aspx", false); HttpContext.Current.ApplicationInstance.CompleteRequest(); return; } else { throw ee; } } // Analyze the response and get the mode try { currentMode = new SobekCM_Navigation_Object(request.QueryString, base_url, request.UserLanguages, Global.Codes, Global.Collection_Aliases, ref Global.Item_List, Global.URL_Portals, tracer) { Base_URL = base_url, isPostBack = isPostBack, Browser_Type = request.Browser.Type.ToUpper() }; currentMode.Set_Robot_Flag(request.UserAgent, request.UserHostAddress); } catch { HttpContext.Current.Response.Status = "301 Moved Permanently"; HttpContext.Current.Response.AddHeader("Location", base_url); HttpContext.Current.ApplicationInstance.CompleteRequest(); return; } // If this was for HTML, but was at the data, just convert to XML if ((page_name == "SOBEKCM_DATA") && (currentMode.Writer_Type != Writer_Type_Enum.XML) && (currentMode.Writer_Type != Writer_Type_Enum.JSON) && (currentMode.Writer_Type != Writer_Type_Enum.DataSet) && (currentMode.Writer_Type != Writer_Type_Enum.Data_Provider)) currentMode.Writer_Type = Writer_Type_Enum.XML; tracer.Add_Trace("SobekCM_Page_Globals.Constructor", "Navigation Object created from URI query string"); // Need to ensure the list of items was pulled for several modes if (((currentMode.Writer_Type != Writer_Type_Enum.HTML) && (currentMode.Writer_Type != Writer_Type_Enum.HTML_Echo) && (currentMode.Writer_Type != Writer_Type_Enum.HTML_LoggedIn)) || (currentMode.Mode == Display_Mode_Enum.Item_Display) || (currentMode.Mode == Display_Mode_Enum.Item_Print) || (currentMode.Mode == Display_Mode_Enum.Results) || ((currentMode.Mode == Display_Mode_Enum.Aggregation) && ((currentMode.Aggregation_Type == Aggregation_Type_Enum.Browse_Info) || (currentMode.Aggregation_Type == Aggregation_Type_Enum.Child_Page_Edit) || (currentMode.Aggregation_Type == Aggregation_Type_Enum.Browse_Map))) || (currentMode.Mode == Display_Mode_Enum.Public_Folder) || ((currentMode.Mode == Display_Mode_Enum.My_Sobek) && ((currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Delete_Item) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Edit_Group_Behaviors) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Edit_Group_Serial_Hierarchy) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Edit_Item_Metadata) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.File_Management) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Folder_Management) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Group_Add_Volume) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Group_AutoFill_Volumes) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Group_Mass_Update_Items) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.New_Item) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Page_Images_Management)))) { SobekCM_Database.Verify_Item_Lookup_Object(true, ref Global.Item_List, tracer); } try { if (currentMode.Aggregation.ToUpper() == "EPCSANB") { HttpContext.Current.Response.Redirect(@"http://www.uflib.ufl.edu/epc/", false); HttpContext.Current.ApplicationInstance.CompleteRequest(); currentMode.Request_Completed = true; return; } // If this was an error, redirect now if (currentMode.Mode == Display_Mode_Enum.Error) { return; } // All the user stuff can be skipped if this was from a robot if (!currentMode.Is_Robot) { // Determine which IP Ranges this IP address belongs to, if not already determined. if (HttpContext.Current.Session["IP_Range_Membership"] == null) { int ip_mask = Global.IP_Restrictions.Restrictive_Range_Membership(request.UserHostAddress); HttpContext.Current.Session["IP_Range_Membership"] = ip_mask; } // Set the Session TOC, if provided if (currentMode.TOC_Display != TOC_Display_Type_Enum.Undetermined) { if (currentMode.TOC_Display == TOC_Display_Type_Enum.Hide) { HttpContext.Current.Session["Show TOC"] = false; } else { HttpContext.Current.Session["Show TOC"] = true; } } // Only do any of the user stuff if this is from the main SobekCM page if (page_name == "SOBEKCM") { tracer.Add_Trace("SobekCM_Page_Globals.Constructor", "Checking for logged on user by cookie or session"); perform_user_checks(isPostBack); } // If this is a system admin, they can run as a different user actually if ((currentUser != null) && (currentUser.Is_System_Admin) && (request.QueryString["userid"] != null)) { try { int userid = Convert.ToInt32(request.QueryString["userid"]); User_Object mirroredUser = SobekCM_Database.Get_User(userid, tracer); if (mirroredUser != null) { // Replace the user information in the session state HttpContext.Current.Session["user"] = mirroredUser; currentUser = mirroredUser; } } catch (Exception) { // Nothing to do here.. shouldn't ever really be here.. } } if (currentMode.Request_Completed) return; // If this was a call for RESET, clear the memory if ((currentMode.Mode == Display_Mode_Enum.Administrative) && (currentMode.Admin_Type == Admin_Type_Enum.Reset)) { Reset_Memory(); // Since this reset, send to the admin, memory management portion currentMode.Mode = Display_Mode_Enum.Internal; currentMode.Internal_Type = Internal_Type_Enum.Cache; } } else // THIS IS A ROBOT REQUEST { Perform_Search_Engine_Robot_Checks(currentMode, request.QueryString); } // If this is for a public folder, get the data if (currentMode.Mode == Display_Mode_Enum.Public_Folder) { Public_Folder(); } // Get the item now, so that you can set the collection code, if there was none listed if ((currentMode.Mode == Display_Mode_Enum.Item_Display) || (currentMode.Mode == Display_Mode_Enum.Item_Print) || ((currentMode.Mode == Display_Mode_Enum.My_Sobek) && ((currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Edit_Item_Metadata) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Edit_Item_Behaviors))) || ((currentMode.Mode == Display_Mode_Enum.My_Sobek) && ((currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Edit_Group_Behaviors) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Edit_Group_Serial_Hierarchy) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Group_Add_Volume) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Group_AutoFill_Volumes) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Group_Mass_Update_Items) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.File_Management) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Page_Images_Management) || (currentMode.My_Sobek_Type == My_Sobek_Type_Enum.Delete_Item)))) { Display_Item(); } // Was this a robot? if (currentMode.Request_Completed) return; // Get the group, collection, or subcollection from the database or cache. // This also makes sure they are a proper hierarchy. Get_Entire_Collection_Hierarchy(); // Run the search if this should be done now if (currentMode.Mode == Display_Mode_Enum.Results) { Search_Block(); } // Run the browse/info work if it is of those modes if ((currentMode.Mode == Display_Mode_Enum.Aggregation) && ((currentMode.Aggregation_Type == Aggregation_Type_Enum.Browse_Info) || (currentMode.Aggregation_Type == Aggregation_Type_Enum.Child_Page_Edit))) { Browse_Info_Block(); } if (currentMode.Mode == Display_Mode_Enum.My_Sobek) { MySobekCM_Block(); } // Run the simple text block if this is that mode if (currentMode.Mode == Display_Mode_Enum.Simple_HTML_CMS) { Simple_Web_Content_Text_Block(); } } catch (OutOfMemoryException ee) { if (currentMode != null) { currentMode.Mode = Display_Mode_Enum.Error; currentMode.Error_Message = "Out of memory exception caught"; currentMode.Caught_Exception = ee; } else { Email_Information("Fatal Out of memory exception caught", ee); } } catch (Exception ee) { if (currentMode != null) { currentMode.Mode = Display_Mode_Enum.Error; currentMode.Error_Message = "Unknown error occurred"; currentMode.Caught_Exception = ee; } else { Email_Information("Unknown Fatal Error Occurred", ee); } } }
protected void Page_Load(object Sender, EventArgs E) { // Pull out the http request HttpRequest request = HttpContext.Current.Request; if (String.IsNullOrEmpty(SobekCM_Database.Connection_String)) { Custom_Tracer tracer = new Custom_Tracer(); try { tracer.Add_Trace("SobekCM_Page_Globals.Constructor", String.Empty); // Don't really need to *build* these, so just define them as a new ones if null if (Global.Checked_List == null) Global.Checked_List = new Checked_Out_Items_List(); if (Global.Search_History == null) Global.Search_History = new Recent_Searches(); // Make sure all the needed data is loaded into the Application State Application_State_Builder.Build_Application_State(tracer, false, ref Global.Skins, ref Global.Translation, ref Global.Codes, ref Global.Item_List, ref Global.Icon_List, ref Global.Stats_Date_Range, ref Global.Thematic_Headings, ref Global.Collection_Aliases, ref Global.IP_Restrictions, ref Global.URL_Portals, ref Global.Mime_Types, ref Global.Item_Viewer_Priority); tracer.Add_Trace("SobekCM_Page_Globals.Constructor", "Application State validated or built"); // Check that something is saved for the original requested URL (may not exist if not forwarded) if (!HttpContext.Current.Items.Contains("Original_URL")) HttpContext.Current.Items["Original_URL"] = request.Url.ToString(); } catch (Exception ee) { // Send to the dashboard if ((HttpContext.Current.Request.UserHostAddress == "127.0.0.1") || (HttpContext.Current.Request.UserHostAddress == HttpContext.Current.Request.ServerVariables["LOCAL_ADDR"]) || (HttpContext.Current.Request.Url.ToString().IndexOf("localhost") >= 0)) { // Create an error message string errorMessage; if ((SobekCM_Library_Settings.Database_Connections.Count == 0) || (String.IsNullOrEmpty(SobekCM_Library_Settings.Database_Connections[0].Connection_String))) { errorMessage = "No database connection string found!"; string configFileLocation = AppDomain.CurrentDomain.BaseDirectory + "config/sobekcm.xml"; try { if (!File.Exists(configFileLocation)) { errorMessage = "Missing config/sobekcm.xml configuration file on the web server.<br />Ensure the configuration file 'sobekcm.xml' exists in a 'config' subfolder directly under the web application.<br />Example configuration is:" + "<div style=\"background-color: #bbbbbb; margin-left: 30px; margin-top:10px; padding: 3px;\"><?xml version="1.0" encoding="UTF-8" standalone="yes" ?><br /> <configuration><br />   <connection_string type="MSSQL">data source=localhost\\instance;initial catalog=SobekCM;integrated security=Yes;</connection_string><br />   <error_emails>[email protected]</error_emails><br />   <error_page>http://ufdc.ufl.edu/error.html</error_page><br /></configuration></div>"; } } catch { errorMessage = "No database connection string found.<br />Likely an error reading the configuration file due to permissions on the web server.<br />Ensure the configuration file 'sobekcm.xml' exists in a 'config' subfolder directly under the web application.<br />Example configuration is:" + "<div style=\"background-color: #bbbbbb; margin-left: 30px; margin-top:10px; padding: 3px;\"><?xml version="1.0" encoding="UTF-8" standalone="yes" ?><br /> <configuration><br />   <connection_string type="MSSQL">data source=localhost\\instance;initial catalog=SobekCM;integrated security=Yes;</connection_string><br />   <error_emails>[email protected]</error_emails><br />   <error_page>http://ufdc.ufl.edu/error.html</error_page><br /></configuration></div>"; } } else { if (ee.Message.IndexOf("The EXECUTE permission") >= 0) { errorMessage = "Permissions error while connecting to the database and pulling necessary data.<br /><br />Confirm the following:<ul><li>IIS is configured correctly to use anonymous authentication</li><li>Anonymous user (or service account) is part of the sobek_users role in the database.</li></ul>"; } else { errorMessage = "Error connecting to the database and pulling necessary data.<br /><br />Confirm the following:<ul><li>Database connection string is correct ( " + SobekCM_Library_Settings.Database_Connections[0].Connection_String + ")</li><li>IIS is configured correctly to use anonymous authentication</li><li>Anonymous user (or service account) is part of the sobek_users role in the database.</li></ul>"; } } // Wrap this into the SobekCM Exception SobekCM_Traced_Exception newException = new SobekCM_Traced_Exception(errorMessage, ee, tracer); // Save this to the session state, and then forward to the dashboard HttpContext.Current.Session["Last_Exception"] = newException; HttpContext.Current.Response.Redirect("dashboard.aspx", true); } else { throw ee; } } } string bibID = null; string vid = null; // Is this a robot? They should never get access to files this way if (SobekCM_Navigation_Object.Is_UserAgent_IP_Robot(request.UserAgent, request.UserHostAddress)) { Response.Clear(); Response.Output.WriteLine("RESTRICTED ITEM"); return; } // Get any url rewrite which occurred if (Request.QueryString["urlrelative"] != null) { string urlrewrite = Request.QueryString["urlrelative"].ToLower(); if (urlrewrite.Length > 4) { // Split the url relative list string[] url_relative_info = urlrewrite.Split("/".ToCharArray()); List<string> url_relative_list = (from thisPart in url_relative_info where thisPart.Length > 0 select thisPart.ToLower()).ToList(); // Now, look for BIBID and VID //if ((SobekCM_Database.Verify_Item_Lookup_Object(true, ref Global.Item_List, null)) && (Global.Item_List.Contains_BibID(url_relative_list[2].ToUpper()))) if ((url_relative_list.Count > 2) && (url_relative_list[2].Length == 10)) { // This is a BibID for an existing title with at least one public item bibID = url_relative_list[2].ToUpper(); // Is the next part a VID? if (url_relative_list.Count > 3) { string possible_vid = url_relative_list[3].Trim().PadLeft(5, '0'); int vid_as_int; if (Int32.TryParse(possible_vid, out vid_as_int)) vid = possible_vid; } } // Only continue if there is a BibID / VID if ((!String.IsNullOrEmpty(bibID)) && (!String.IsNullOrEmpty(vid))) { // Determine the new URL StringBuilder urlBuilder = new StringBuilder(SobekCM_Library_Settings.Image_Server_Network + bibID.Substring(0, 2) + "\\" + bibID.Substring(2, 2) + "\\" + bibID.Substring(4, 2) + "\\" + bibID.Substring(6, 2) + "\\" + bibID.Substring(8) + "\\" + vid + "\\" + url_relative_list[4], 250); for (int i = 5; i < url_relative_list.Count; i++) { urlBuilder.Append("\\" + url_relative_list[i]); } file_url = urlBuilder.ToString(); // Get the extension string extension = Path.GetExtension(file_url); if (extension != null) { // Lookup the MIME type by extension Mime_Type_Info mimeType = null; if (Global.Mime_Types.ContainsKey(extension.ToLower())) mimeType = Global.Mime_Types[extension.ToLower()]; if ((mimeType != null) && (!mimeType.isBlocked)) { // Since everything is valid, check the database bool isDark; short restrictions; SobekCM_Database.Get_Item_Restrictions(bibID, vid, null, out isDark, out restrictions); // If not DARK, and is restricted, check for access here if ((!isDark) && (restrictions > 0)) { // Does this user already have IP restriction mask determined? // Determine which IP Ranges this IP address belongs to, if not already determined. if (HttpContext.Current.Session["IP_Range_Membership"] == null) { int ip_mask = Global.IP_Restrictions.Restrictive_Range_Membership(request.UserHostAddress); HttpContext.Current.Session["IP_Range_Membership"] = ip_mask; } int current_user_mask = Convert.ToInt32(HttpContext.Current.Session["IP_Range_Membership"]); // Perform bitwise comparison int comparison = restrictions & current_user_mask; if (comparison == 0) { // If the user is Shibboleth authenticated, that is okay User_Object possible_user = HttpContext.Current.Session["user"] as User_Object; if (( possible_user == null ) || ( possible_user.Authentication_Type != User_Authentication_Type_Enum.Shibboleth )) isDark = true; } } if (!isDark) { // Should this be forwarded for this mimetype? if (mimeType.shouldForward) { StringBuilder forwardBuilder = new StringBuilder(SobekCM_Library_Settings.Image_URL + bibID.Substring(0, 2) + "/" + bibID.Substring(2, 2) + "/" + bibID.Substring(4, 2) + "/" + bibID.Substring(6, 2) + "/" + bibID.Substring(8) + "/" + vid + "/" + url_relative_list[4], 250); for (int i = 5; i < url_relative_list.Count; i++) { forwardBuilder.Append("/" + url_relative_list[i]); } Response.Redirect(forwardBuilder.ToString()); } else { Response.Clear(); Response.ContentType = mimeType.MIME_Type; string filename = file_url; if (File.Exists(filename)) { using (FileStream sourceStream = File.OpenRead(filename)) { sourceStream.CopyTo(Response.OutputStream, 32768); } } Response.End(); } } else { Response.Clear(); Response.Output.WriteLine("RESTRICTED ITEM"); } } } } } } //public static async Task CopyToAsync(this Stream source, Stream destination) //{ // int i = 0; // var buffers = new [] { new byte[0x1000], new byte[0x1000] }; // Task writeTask = null; // while(true) // { // var readTask = source.ReadAsync(buffers[i], 0, buffers[i].Length))>0; // if (writeTask != null) await Task.WhenAll(readTask, writeTask); // int bytesRead = await readTask; // if (bytesRead == 0) break; // writeTask = destination.WriteAsync(buffers[i], 0, bytesRead); // i ^= 1; // swap buffers // } //} }