/// <summary> /// Initialize the class level variables with information from the query string. Returns false if the variables cannot /// be properly initialized. /// </summary> /// <param name="context">The HttpContext for the current request.</param> /// <returns>Returns true if all variables were initialized; returns false if there was a problem and one or more variables /// could not be set.</returns> private bool InitializeVariables(HttpContext context) { this._context = context; if (!ExtractQueryStringParms(context.Request.Url.Query)) { return(false); } this._isUserAuthenticated = Util.IsAuthenticated; this._filename = Path.GetFileName(this._filepath); if ((_albumId > 0) && (!String.IsNullOrEmpty(_filepath)) && (!String.IsNullOrEmpty(_filename)) && (MimeTypeEnumHelper.IsValidMimeTypeCategory(this._mimeTypeCategory)) && (DisplayObjectTypeEnumHelper.IsValidDisplayObjectType(this._displayType))) { return(true); } else { return(false); } }
/// <summary> /// Initialize the class level variables with information from the query string. Returns false if the /// variables cannot be properly initialized. /// </summary> /// <param name="context">The HttpContext for the current request.</param> /// <returns>Returns true if all variables were initialized; returns false if there was a problem and /// one or more variables could not be set.</returns> private bool InitializeVariables(HttpContext context) { _context = context; if (!ExtractQueryStringParms(context.Request.Url.Query)) { return(false); } ResourceType = DetermineResourceType(); return(DisplayObjectTypeEnumHelper.IsValidDisplayObjectType(_displayType)); }
/// <summary> /// Initialize the class level variables with information from the query string. Returns false if the variables cannot /// be properly initialized. /// </summary> /// <param name="context">The HttpContext for the current request.</param> /// <returns>Returns true if all variables were initialized; returns false if there was a problem and one or more variables /// could not be set.</returns> private bool InitializeVariables(HttpContext context) { this._context = context; if (!ExtractQueryStringParms(context.Request.Url.Query)) { return(false); } if (_bufferSize == 0) { _bufferSize = AppSetting.Instance.MediaObjectDownloadBufferSize; } if (DisplayObjectTypeEnumHelper.IsValidDisplayObjectType(this._displayType)) { return(true); } else { return(false); } }
private DisplayObjectType GetImageSize() { DisplayObjectType displayType = DEFAULT_IMAGE_SIZE; try { displayType = (DisplayObjectType)Convert.ToInt32(this.ddlImageSize.SelectedValue, CultureInfo.InvariantCulture); } catch (FormatException) { } // Suppress any parse errors catch (OverflowException) { } // Suppress any parse errors catch (ArgumentOutOfRangeException) { } // Suppress any parse errors if (!DisplayObjectTypeEnumHelper.IsValidDisplayObjectType(displayType)) { displayType = DEFAULT_IMAGE_SIZE; } if ((displayType == DisplayObjectType.Original) && (!this.IsUserAuthorized(SecurityActions.ViewOriginalMediaObject))) { displayType = DEFAULT_IMAGE_SIZE; } return(displayType); }
/// <summary> /// Retrieves the profile for the specified <paramref name="userName" />. Guaranteed to not return null. /// </summary> /// <param name="userName">Name of the user.</param> /// <returns>An instance of <see cref="IUserProfile" />.</returns> public static IUserProfile RetrieveFromDataStore(string userName) { IUserProfile profile = new UserProfile(); profile.UserName = userName; IUserGalleryProfile gs = null; int prevGalleryId = int.MinValue; using (var repo = new ProfileRepository()) { foreach (var profileDto in (repo.Where(p => p.UserName == userName, p => p.Gallery).OrderBy(p => p.FKGalleryId))) { // Loop through each user profile setting and assign to the relevant property. When we encounter a record with a new gallery ID, // automatically create a new UserGalleryProfile instance and start populating that one. When we are done with the loop we will // have created one UserGalleryProfile instance for each gallery the user has a profile for. #region Check for application-wide profile setting if (profileDto.Gallery.IsTemplate) { // Profile items associated with the template gallery are application-wide and map to properties // on the UserProfile object. switch (profileDto.SettingName.Trim()) { case ProfileNameEnableUserAlbum: case ProfileNameUserAlbumId: throw new DataException(String.Format("It is invalid for the profile setting '{0}' to be associated with a template gallery (Gallery ID {1}).", profileDto.SettingName, profileDto.FKGalleryId)); case ProfileNameAlbumProfiles: var albumProfiles = JsonConvert.DeserializeObject <List <AlbumProfile> >(profileDto.SettingValue.Trim()); if (albumProfiles != null) { profile.AlbumProfiles.AddRange(albumProfiles); } break; case ProfileNameMediaObjectProfiles: var moProfiles = JsonConvert.DeserializeObject <List <MediaObjectProfile> >(profileDto.SettingValue.Trim()); if (moProfiles != null) { profile.MediaObjectProfiles.AddRange(moProfiles); } break; } continue; } #endregion #region Check for new gallery int currGalleryId = profileDto.FKGalleryId; if ((gs == null) || (!currGalleryId.Equals(prevGalleryId))) { // We have encountered settings for a new user gallery profile. Create a new object and add it to our collection. gs = profile.GalleryProfiles.CreateNewUserGalleryProfile(currGalleryId); profile.GalleryProfiles.Add(gs); prevGalleryId = currGalleryId; } #endregion #region Assign property // For each setting in the data store, find the matching property and assign the value to it. switch (profileDto.SettingName.Trim()) { case ProfileNameEnableUserAlbum: gs.EnableUserAlbum = Convert.ToBoolean(profileDto.SettingValue.Trim(), CultureInfo.InvariantCulture); break; case ProfileNameUserAlbumId: gs.UserAlbumId = Convert.ToInt32(profileDto.SettingValue.Trim(), CultureInfo.InvariantCulture); break; case ProfileNameMediaViewSize: gs.MediaViewSize = DisplayObjectTypeEnumHelper.ParseDisplayObjectType(profileDto.SettingValue); break; case ProfileNameSlideShowType: gs.SlideShowType = SlideShowTypeEnumHelper.ParseSlideShowType(profileDto.SettingValue); break; case ProfileNameSlideShowLoop: gs.SlideShowLoop = profileDto.SettingValue.Trim().ToNullable <bool>(); break; case ProfileNameAlbumProfiles: case ProfileNameMediaObjectProfiles: throw new DataException(String.Format("It is invalid for the profile setting '{0}' to be associated with a non-template gallery (Gallery ID {1}).", profileDto.SettingName, profileDto.FKGalleryId)); } #endregion } } return(profile); }
/// <summary> /// Extract information from the query string and assign to our class level variables. Return false if /// something goes wrong and the variables cannot be set. This will happen when the query string is in /// an unexpected format. /// </summary> /// <param name="queryString">The query string for the current request. Can be populated with /// HttpContext.Request.Url.Query. Must start with a question mark (?).</param> /// <returns>Returns true if all relevant variables were assigned from the query string; returns false /// if there was a problem.</returns> private bool ExtractQueryStringParms(string queryString) { if (String.IsNullOrEmpty(queryString)) { return(false); } queryString = queryString.Remove(0, 1); // Strip off the ? bool filepathIsEncrypted = AppSetting.Instance.EncryptMediaObjectUrlOnClient; if (filepathIsEncrypted) { // Decode, then decrypt the query string. Note that we must replace spaces with a '+'. This is required when the the URL is // used in javascript to create the Silverlight media player. Apparently, Silverlight or the media player javascript decodes // the query string when it requests the URL, so that means any instances of '%2b' are decoded into '+' before it gets here. // Ideally, we wouldn't even call UrlDecode in this case, but we don't have a way of knowing that it has already been decoded. // So we decode anyway, which doesn't cause any harm *except* it converts '+' to a space, so we need to convert them back. queryString = HelperFunctions.Decrypt(HttpUtility.UrlDecode(queryString).Replace(" ", "+")); } //moid={0}&dt={1}g={2} foreach (string nameValuePair in queryString.Split(new[] { '&' })) { string[] nameOrValue = nameValuePair.Split(new[] { '=' }); switch (nameOrValue[0]) { case "g": { int gid; if (Int32.TryParse(nameOrValue[1], out gid)) { _galleryIdInQueryString = gid; } else { return(false); } break; } case "moid": { int moid; if (Int32.TryParse(nameOrValue[1], out moid)) { _mediaObjectId = moid; } else { return(false); } break; } case "dt": { int dtInt; if (Int32.TryParse(nameOrValue[1], out dtInt)) { if (DisplayObjectTypeEnumHelper.IsValidDisplayObjectType((DisplayObjectType)dtInt)) { _displayType = (DisplayObjectType)dtInt; break; } else { return(false); } } else { return(false); } } case "sa": { _sendAsAttachment = ((nameOrValue[1].Equals("1", StringComparison.Ordinal)) || (nameOrValue[1].Equals("TRUE", StringComparison.OrdinalIgnoreCase))); break; } default: return(false); // Unexpected query string parm. Return false so execution is aborted. } } ValidateDisplayType(); return(true); }
/// <summary> /// Extract information from the query string and assign to our class level variables. Return false if /// something goes wrong and the variables cannot be set. This will happen when the query string is in /// an unexpected format. /// </summary> /// <param name="queryString">The query string for the current request. Can be populated with /// HttpContext.Request.Url.Query. Must start with a question mark (?).</param> /// <returns>Returns true if all relevant variables were assigned from the query string; returns false /// if there was a problem.</returns> private bool ExtractQueryStringParms(string queryString) { if (String.IsNullOrEmpty(queryString)) { return(false); } queryString = queryString.Remove(0, 1); // Strip off the ? bool filepathIsEncrypted = AppSetting.Instance.EncryptMediaObjectUrlOnClient; if (filepathIsEncrypted) { // Ex: getmedia.ashx?q=PneHH0S5VrXVtZWMki2k867KRGyCExF7 (most common) // Ex: getmedia.ashx?q=PneHH0S5VrXVtZWMki2k867KRGyCExF7&sa=1 (created by client script when user downloads a single asset) // Ex: getmedia.ashx?q=PneHH0S5VrXVtZWMki2k867KRGyCExF7&sa=1&extra=somevalue (user may add extra parameters) foreach (var nameValuePair in queryString.Split(new[] { '&' })) { var nameOrValue = nameValuePair.Split(new[] { '=' }); switch (nameOrValue[0]) { case "q": queryString = nameOrValue[1]; break; case "sa": _sendAsAttachment = ((nameOrValue[1].Equals("1", StringComparison.Ordinal)) || (nameOrValue[1].Equals("TRUE", StringComparison.OrdinalIgnoreCase))); break; } } // Decode, then decrypt the query string. Note that we must replace spaces with a '+'. This is required when the the URL is // used in javascript to create the Silverlight media player. Apparently, Silverlight or the media player javascript decodes // the query string when it requests the URL, so that means any instances of '%2b' are decoded into '+' before it gets here. // Ideally, we wouldn't even call UrlDecode in this case, but we don't have a way of knowing that it has already been decoded. // So we decode anyway, which doesn't cause any harm *except* it converts '+' to a space, so we need to convert them back. try { queryString = HelperFunctions.Decrypt(HttpUtility.UrlDecode(queryString).Replace(" ", "+")); } catch (FormatException) { // We'll get here when user creates a new album and the client script creates an URL like getmedia.ashx?moid=0&dt=1&g=1 // In this case ignore the error and process the string as normal. } } //moid={0}&dt={1}g={2} foreach (string nameValuePair in queryString.Split(new[] { '&' })) { string[] nameOrValue = nameValuePair.Split(new[] { '=' }); switch (nameOrValue[0]) { case "g": { int gid; if (Int32.TryParse(nameOrValue[1], out gid)) { _galleryIdInQueryString = gid; } else { return(false); } break; } case "moid": { int moid; if (Int32.TryParse(nameOrValue[1], out moid)) { _mediaObjectId = moid; } else { return(false); } break; } case "dt": { int dtInt; if (Int32.TryParse(nameOrValue[1], out dtInt)) { if (DisplayObjectTypeEnumHelper.IsValidDisplayObjectType((DisplayObjectType)dtInt)) { _displayType = (DisplayObjectType)dtInt; break; } else { return(false); } } else { return(false); } } case "sa": { _sendAsAttachment = ((nameOrValue[1].Equals("1", StringComparison.Ordinal)) || (nameOrValue[1].Equals("TRUE", StringComparison.OrdinalIgnoreCase))); break; } // NEW in 4.0: Allow unrecognized query string parameters. This allows adding an arbitrary parameter to force a browser refresh of an image. //default: return false; // Unexpected query string parm. Return false so execution is aborted. } } ValidateDisplayType(); return(true); }
/// <summary> /// Extract information from the query string and assign to our class level variables. Return false if something goes wrong /// and the variables cannot be set. This will happen when the query string is in an unexpected format. /// </summary> /// <param name="queryString">The query string for the current request. Can be populated with HttpContext.Request.Url.Query. /// Must start with a question mark (?).</param> /// <returns>Returns true if all relevant variables were assigned from the query string; returns false if there was a problem.</returns> private bool ExtractQueryStringParms(string queryString) { if (String.IsNullOrEmpty(queryString)) { return(false); } queryString = queryString.Remove(0, 1); // Strip off the ? bool filepathIsEncrypted = Config.GetCore().EncryptMediaObjectUrlOnClient; if (filepathIsEncrypted) { // Decode, then decrypt the query string. Note that we must replace spaces with a '+'. This is required when the the URL is // used in javascript to create the Silverlight media player. Apparently, Silverlight or the media player javascript decodes // the query string when it requests the URL, so that means any instances of '%2b' are decoded into '+' before it gets here. // Ideally, we wouldn't even call UrlDecode in this case, but we don't have a way of knowing that it has already been decoded. // So we decode anyway, which doesn't cause any harm *except* it converts '+' to a space, so we need to convert them back. queryString = HelperFunctions.Decrypt(HttpUtility.UrlDecode(queryString).Replace(" ", "+")); } //moid={0}&aid={1}&mo={2}&mtc={3}&dt={4}&isp={5} foreach (string nameValuePair in queryString.Split(new char[] { '&' })) { string[] nameOrValue = nameValuePair.Split(new char[] { '=' }); switch (nameOrValue[0]) { case "moid": { int moid; if (Int32.TryParse(nameOrValue[1], out moid)) { _mediaObjectId = moid; } else { return(false); } break; } case "aid": { int aid; if (Int32.TryParse(nameOrValue[1], out aid)) { _albumId = aid; } else { return(false); } break; } case "mo": _filepath = Uri.UnescapeDataString(nameOrValue[1]); break; case "mtc": { int mtcInt; if (Int32.TryParse(nameOrValue[1], out mtcInt)) { if (MimeTypeEnumHelper.IsValidMimeTypeCategory((MimeTypeCategory)mtcInt)) { _mimeTypeCategory = (MimeTypeCategory)mtcInt; break; } else { return(false); } } else { return(false); } } case "dt": { int dtInt; if (Int32.TryParse(nameOrValue[1], out dtInt)) { if (DisplayObjectTypeEnumHelper.IsValidDisplayObjectType((DisplayObjectType)dtInt)) { _displayType = (DisplayObjectType)dtInt; break; } else { return(false); } } else { return(false); } } case "isp": { bool isPrivate; if (Boolean.TryParse(nameOrValue[1], out isPrivate)) { _isPrivate = isPrivate; } else { _isPrivate = true; } break; } default: return(false); // Unexpected query string parm. Return false so execution is aborted. } } return(true); }