/// <summary> /// The get response attachment. /// </summary> /// <param name="context"> /// The context. /// </param> private void GetResponseAttachment([NotNull] HttpContext context) { try { // AttachmentID using (DataTable dt = this.GetRepository<Attachment>().List(null, context.Request.QueryString.GetFirstOrDefaultAs<int>("a"), null, 0, 1000)) { foreach (DataRow row in dt.Rows) { // TODO : check download permissions here if (!this.CheckAccessRights(row["BoardID"], row["MessageID"])) { // tear it down // no permission to download context.Response.Write( "You have insufficient rights to download this resource. Contact forum administrator for further details."); return; } byte[] data; if (row.IsNull("FileData")) { string sUpDir = YafBoardFolders.Current.Uploads; string oldFileName = context.Server.MapPath( "{0}/{1}.{2}".FormatWith(sUpDir, row["MessageID"], row["FileName"])); string newFileName = context.Server.MapPath( "{0}/{1}.{2}.yafupload".FormatWith(sUpDir, row["MessageID"], row["FileName"])); // use the new fileName (with extension) if it exists... string fileName = File.Exists(newFileName) ? newFileName : oldFileName; using (var input = new FileStream(fileName, FileMode.Open, FileAccess.Read, FileShare.Read)) { data = input.ToArray(); input.Close(); } } else { data = (byte[])row["FileData"]; } context.Response.ContentType = row["ContentType"].ToString(); context.Response.AppendHeader( "Content-Disposition", "attachment; filename={0}".FormatWith( HttpUtility.UrlPathEncode(row["FileName"].ToString()).Replace("+", "_"))); context.Response.OutputStream.Write(data, 0, data.Length); this.GetRepository<Attachment>().IncrementDownloadCounter(context.Request.QueryString.GetFirstOrDefaultAs<int>("a")); break; } } } catch (Exception x) { this.Get<ILogger>().Log(0, this, x, EventLogTypes.Information); context.Response.Write( "Error: Resource has been moved or is unavailable. Please contact the forum admin."); } }
// TommyB: Start MOD: PreviewImages ########## /// <summary> /// Gets the response image. /// </summary> /// <param name="context">The context.</param> private void GetResponseImage([NotNull] HttpContext context) { try { var eTag = @"""{0}""".FormatWith(context.Request.QueryString.GetFirstOrDefault("i")); if (context.Request.QueryString.GetFirstOrDefault("editor") == null) { // add a download count... this.GetRepository<Attachment>() .IncrementDownloadCounter(context.Request.QueryString.GetFirstOrDefaultAs<int>("i")); } if (CheckETag(context, eTag)) { // found eTag... no need to resend/create this image return; } // AttachmentID var attachment = this.GetRepository<Attachment>() .ListTyped(attachmentID: context.Request.QueryString.GetFirstOrDefaultAs<int>("i")) .FirstOrDefault(); var boardID = context.Request.QueryString.GetFirstOrDefault("b") != null ? context.Request.QueryString.GetFirstOrDefaultAs<int>("b") : YafContext.Current.BoardSettings.BoardID; // check download permissions here if (!this.CheckAccessRights(boardID, attachment.MessageID)) { // tear it down // no permission to download context.Response.Write( "You have insufficient rights to download this resource. Contact forum administrator for further details."); return; } byte[] data; if (attachment.FileData == null) { var uploadFolder = YafBoardFolders.Current.Uploads; var oldFileName = context.Server.MapPath( "{0}/{1}.{2}".FormatWith( uploadFolder, attachment.MessageID > 0 ? attachment.MessageID.ToString() : "u{0}".FormatWith(attachment.UserID), attachment.FileName)); var newFileName = context.Server.MapPath( "{0}/{1}.{2}.yafupload".FormatWith( uploadFolder, attachment.MessageID > 0 ? attachment.MessageID.ToString() : "u{0}-{1}".FormatWith(attachment.UserID, attachment.ID), attachment.FileName)); var fileName = oldFileName; if (File.Exists(oldFileName)) { fileName = oldFileName; } else { oldFileName = context.Server.MapPath( "{0}/{1}.{2}.yafupload".FormatWith( uploadFolder, attachment.MessageID > 0 ? attachment.MessageID.ToString() : "u{0}".FormatWith(attachment.UserID), attachment.FileName)); // use the new fileName (with extension) if it exists... fileName = File.Exists(newFileName) ? newFileName : oldFileName; } using (var input = new FileStream(fileName, FileMode.Open, FileAccess.Read, FileShare.Read)) { data = input.ToArray(); input.Close(); } } else { data = attachment.FileData; } context.Response.ContentType = attachment.ContentType; context.Response.Cache.SetCacheability(HttpCacheability.Public); context.Response.Cache.SetETag(eTag); context.Response.OutputStream.Write(data, 0, data.Length); } catch (Exception x) { this.Get<ILogger>() .Log( YafContext.Current.PageUserID, this, "URL: {0}<br />Referer URL: {1}<br />Exception: {2}".FormatWith( context.Request.Url, context.Request.UrlReferrer != null ? context.Request.UrlReferrer.AbsoluteUri : string.Empty, x), EventLogTypes.Information); context.Response.Write( "Error: Resource has been moved or is unavailable. Please contact the forum admin."); } }
// TommyB: Start MOD: PreviewImages ########## /// <summary> /// The get response image. /// </summary> /// <param name="context"> /// The context. /// </param> private void GetResponseImage([NotNull] HttpContext context) { try { string eTag = @"""{0}""".FormatWith(context.Request.QueryString.GetFirstOrDefault("i")); if (CheckETag(context, eTag)) { // found eTag... no need to resend/create this image -- just mark another view? this.GetRepository<Attachment>().Download(context.Request.QueryString.GetFirstOrDefaultAs<int>("i")); return; } // AttachmentID using (DataTable dt = this.GetRepository<Attachment>().List(null, context.Request.QueryString.GetFirstOrDefaultAs<int>("i"), null, 0, 1000)) { foreach (DataRow row in dt.Rows) { // TODO : check download permissions here if (!this.CheckAccessRights(row["BoardID"], row["MessageID"])) { // tear it down // no permission to download context.Response.Write( "You have insufficient rights to download this resource. Contact forum administrator for further details."); return; } byte[] data; if (row.IsNull("FileData")) { string sUpDir = YafBoardFolders.Current.Uploads; string oldFileName = context.Server.MapPath( "{0}/{1}.{2}".FormatWith(sUpDir, row["MessageID"], row["FileName"])); string newFileName = context.Server.MapPath( "{0}/{1}.{2}.yafupload".FormatWith(sUpDir, row["MessageID"], row["FileName"])); // use the new fileName (with extension) if it exists... string fileName = File.Exists(newFileName) ? newFileName : oldFileName; using (var input = new FileStream(fileName, FileMode.Open, FileAccess.Read, FileShare.Read)) { data = input.ToArray(); input.Close(); } } else { data = (byte[])row["FileData"]; } context.Response.ContentType = row["ContentType"].ToString(); context.Response.Cache.SetCacheability(HttpCacheability.Public); context.Response.Cache.SetETag(eTag); context.Response.OutputStream.Write(data, 0, data.Length); // add a download count... this.GetRepository<Attachment>().Download(context.Request.QueryString.GetFirstOrDefaultAs<int>("i")); break; } } } catch (Exception x) { this.Get<ILogger>().Log(0, this, x, EventLogTypes.Information); context.Response.Write( "Error: Resource has been moved or is unavailable. Please contact the forum admin."); } }
/// <summary> /// The get response attachment. /// </summary> /// <param name="context"> /// The context. /// </param> private void GetResponseAttachment([NotNull] HttpContext context) { try { // AttachmentID var attachment = this.GetRepository<Attachment>() .ListTyped(attachmentID: context.Request.QueryString.GetFirstOrDefaultAs<int>("a")) .FirstOrDefault(); var boardID = context.Request.QueryString.GetFirstOrDefault("b") != null ? context.Request.QueryString.GetFirstOrDefaultAs<int>("b") : YafContext.Current.BoardSettings.BoardID; if (!this.CheckAccessRights(boardID, attachment.MessageID)) { // tear it down // no permission to download context.Response.Write( "You have insufficient rights to download this resource. Contact forum administrator for further details."); return; } byte[] data; if (attachment.FileData == null) { var uploadFolder = YafBoardFolders.Current.Uploads; var oldFileName = context.Server.MapPath( "{0}/{1}.{2}".FormatWith( uploadFolder, attachment.MessageID > 0 ? attachment.MessageID.ToString() : "u{0}".FormatWith(attachment.UserID), attachment.FileName)); var newFileName = context.Server.MapPath( "{0}/{1}.{2}.yafupload".FormatWith( uploadFolder, attachment.MessageID > 0 ? attachment.MessageID.ToString() : "u{0}".FormatWith(attachment.UserID), attachment.FileName)); // use the new fileName (with extension) if it exists... var fileName = File.Exists(newFileName) ? newFileName : oldFileName; using (var input = new FileStream(fileName, FileMode.Open, FileAccess.Read, FileShare.Read)) { data = input.ToArray(); input.Close(); } } else { data = attachment.FileData; } context.Response.ContentType = attachment.ContentType; context.Response.AppendHeader( "Content-Disposition", "attachment; filename={0}".FormatWith( HttpUtility.UrlPathEncode(attachment.FileName).Replace("+", "_"))); context.Response.OutputStream.Write(data, 0, data.Length); this.GetRepository<Attachment>() .IncrementDownloadCounter(context.Request.QueryString.GetFirstOrDefaultAs<int>("a")); } catch (Exception x) { this.Get<ILogger>() .Log( YafContext.Current.PageUserID, this, "URL: {0}<br />Referer URL: {1}<br />Exception: {2}".FormatWith( context.Request.Url, context.Request.UrlReferrer != null ? context.Request.UrlReferrer.AbsoluteUri : string.Empty, x), EventLogTypes.Information); context.Response.Write( "Error: Resource has been moved or is unavailable. Please contact the forum admin."); } }