private void VerifyRequest()
{
Config _Config = Config.Current;
if (string.Equals(Request.HttpMethod, "POST", StringComparison.OrdinalIgnoreCase))
{
if (_Config.EnableCsrfProtection && !CheckCsrfToken())
{
ConnectorException.Throw(Errors.InvalidRequest);
}
}
}
private static void CreateDirectoryUsingDll(DirectoryInfo dir)
{
// On some occasion, the DirectoryInfo.Create() function will
// throw an error due to a bug in the .Net Framework design. For
// example, it may happen that the user has no permissions to
// list entries in a lower level in the directory path, and the
// Create() call will simply fail.
// To workaround it, we use mkdir directly.
ArrayList oDirsToCreate = new ArrayList();
// Check the entire path structure to find directories that must be created.
while (dir != null && !dir.Exists)
{
oDirsToCreate.Add(dir.FullName);
dir = dir.Parent;
}
// "dir == null" means that the check arrives in the root and it doesn't exist too.
if (dir == null)
{
throw (new System.IO.DirectoryNotFoundException("Directory \"" + oDirsToCreate[oDirsToCreate.Count - 1] + "\" not found."));
}
// Create all directories that must be created (from bottom to top).
for (int i = oDirsToCreate.Count - 1; i >= 0; i--)
{
string sPath = (string)oDirsToCreate[i];
int iReturn = _mkdir(sPath);
if (iReturn != 0)
{
#if DEBUG
throw new ApplicationException("Error calling [msvcrt.dll]:_wmkdir(" + sPath + "), error code: " + iReturn);
#else
ConnectorException.Throw(Errors.AccessDenied);
#endif
}
}
}
protected override void OnLoad(EventArgs e)
{
// Set the config file instance as the current one (to avoid singleton issues).
ConfigFile.SetCurrent();
// Load the config file settings.
ConfigFile.SetConfig();
// Load plugins.
LoadPlugins();
#if (DEBUG)
// For testing purposes, we may force the user to get the Admin role.
// Session[ "CKFinder_UserRole" ] = "Admin";
// Simulate slow connections.
// System.Threading.Thread.Sleep( 2000 );
#endif
CommandHandlers.CommandHandlerBase commandHandler = null;
try
{
// Take the desired command from the querystring.
string command = Request.QueryString["command"];
if (command == null)
{
ConnectorException.Throw(Errors.InvalidCommand);
}
else
{
CKFinderEvent.ActivateEvent(CKFinderEvent.Hooks.BeforeExecuteCommand, command, Response);
// Create an instance of the class that handles the
// requested command.
switch (command)
{
case "Init":
commandHandler = new CommandHandlers.InitCommandHandler();
break;
case "LoadCookies":
commandHandler = new CommandHandlers.LoadCookiesCommandHandler();
break;
case "GetFolders":
commandHandler = new CommandHandlers.GetFoldersCommandHandler();
break;
case "GetFiles":
commandHandler = new CommandHandlers.GetFilesCommandHandler();
break;
case "Thumbnail":
commandHandler = new CommandHandlers.ThumbnailCommandHandler();
break;
case "CreateFolder":
commandHandler = new CommandHandlers.CreateFolderCommandHandler();
break;
case "RenameFolder":
commandHandler = new CommandHandlers.RenameFolderCommandHandler();
break;
case "DeleteFolder":
commandHandler = new CommandHandlers.DeleteFolderCommandHandler();
break;
case "FileUpload":
commandHandler = new CommandHandlers.FileUploadCommandHandler();
break;
case "QuickUpload":
commandHandler = new CommandHandlers.QuickUploadCommandHandler();
break;
case "DownloadFile":
commandHandler = new CommandHandlers.DownloadFileCommandHandler();
break;
case "RenameFile":
commandHandler = new CommandHandlers.RenameFileCommandHandler();
break;
case "DeleteFiles":
commandHandler = new CommandHandlers.DeleteFilesCommandHandler();
break;
case "CopyFiles":
commandHandler = new CommandHandlers.CopyFilesCommandHandler();
break;
case "MoveFiles":
commandHandler = new CommandHandlers.MoveFilesCommandHandler();
break;
default:
ConnectorException.Throw(Errors.InvalidCommand);
break;
}
}
// Send the appropriate response.
if (commandHandler != null)
{
commandHandler.SendResponse(Response);
}
}
catch (ConnectorException connectorException)
{
#if DEBUG
// While debugging, throwing the error gives us more useful
// information.
throw connectorException;
#else
commandHandler = new CommandHandlers.ErrorCommandHandler(connectorException);
commandHandler.SendResponse(Response);
#endif
}
}