private void BindAttach(string AttachIds)
{
if (UserId > 0)
{
string sOut = string.Empty;
Literal lit = new Literal();
if (AttachIds == string.Empty)
{
Data.AttachController adb = new Data.AttachController();
AttachIds = adb.GetAttachIds(AuthorId, ContentId);
}
sOut = BuildAttachGrid(AttachIds);
if (PendingAttach >= ForumInfo.AttachCount)
{
sOut += "<script type=\"text/javascript\">disableUpload();</script>";
}
else if (cbAttach.IsCallback)
{
sOut += "<script type=\"text/javascript\">enableUpload();</script>";
}
if (!(AttachIds == string.Empty))
{
sOut += "<script type=\"text/javascript\">window.amaf_setAttachIds('" + AttachIds + "');</script>";
}
lit.Text = sOut;
plhAttach.Controls.Add(lit);
}
}
public void Reply_Delete(int PortalId, int ForumId, int TopicId, int ReplyId, int DelBehavior)
{
DataProvider.Instance().Reply_Delete(ForumId, TopicId, ReplyId, DelBehavior);
var objectKey = string.Format("{0}:{1}:{2}", ForumId, TopicId, ReplyId);
JournalController.Instance.DeleteJournalItemByKey(PortalId, objectKey);
if (DelBehavior != 0)
{
return;
}
// If it's a hard delete, delete associated attachments
var attachmentController = new Data.AttachController();
var fileManager = FileManager.Instance;
var folderManager = FolderManager.Instance;
var attachmentFolder = folderManager.GetFolder(PortalId, "activeforums_Attach");
foreach (var attachment in attachmentController.ListForPost(TopicId, ReplyId))
{
attachmentController.Delete(attachment.AttachmentId);
var file = attachment.FileId.HasValue ? fileManager.GetFile(attachment.FileId.Value) : fileManager.GetFile(attachmentFolder, attachment.FileName);
// Only delete the file if it exists in the attachment folder
if (file != null && file.FolderId == attachmentFolder.FolderID)
{
fileManager.DeleteFile(file);
}
}
}
private void BindAttach(string AttachIds)
{
if (UserId > 0)
{
string sOut = string.Empty;
Literal lit = new Literal();
if (AttachIds == string.Empty)
{
Data.AttachController adb = new Data.AttachController();
AttachIds = adb.GetAttachIds(AuthorId, ContentId);
}
sOut = BuildAttachGrid(AttachIds);
if (PendingAttach >= ForumInfo.AttachCount)
{
sOut += "<script type=\"text/javascript\">disableUpload();</script>";
}
else if (cbAttach.IsCallback)
{
sOut += "<script type=\"text/javascript\">enableUpload();</script>";
}
if (!(AttachIds == string.Empty))
{
sOut += "<script type=\"text/javascript\">window.amaf_setAttachIds('" + AttachIds + "');</script>";
}
lit.Text = sOut;
plhAttach.Controls.Add(lit);
}
}
private void cbMyFiles_Callback(object sender, Modules.ActiveForums.Controls.CallBackEventArgs e)
{
string attachIds = e.Parameters[1].ToString();
switch (e.Parameters[0].ToLowerInvariant())
{
case "del":
if (SimulateIsNumeric.IsNumeric(e.Parameters[2]))
{
int aid = Convert.ToInt32(e.Parameters[2]);
Data.AttachController ac = new Data.AttachController();
int uid = -1;
if (SimulateIsNumeric.IsNumeric(e.Parameters[3]))
{
uid = Convert.ToInt32(e.Parameters[3]);
}
if ((uid == this.UserId && !(this.UserId == -1)) | Permissions.HasPerm(ForumInfo.Security.ModDelete, ForumUser.UserRoles) || UserInfo.IsSuperUser)
{
ac.Attach_Delete(aid, -1, uid);
}
}
break;
}
PendingAttach = 0;
plhMyFiles.Controls.Clear();
BindMyFiles();
System.IO.StringWriter stringWriter = new System.IO.StringWriter();
HtmlTextWriter htmlWriter = new HtmlTextWriter(stringWriter);
plhMyFiles.RenderControl(htmlWriter);
string html = stringWriter.GetStringBuilder().ToString();
html = Utilities.LocalizeControl(html);
LiteralControl lit = new LiteralControl();
lit.Text = html;
lit.RenderControl(e.Output);
}
public void Topics_Delete(int PortalId, int ModuleId, int ForumId, int TopicId, int DelBehavior)
{
DataProvider.Instance().Topics_Delete(ForumId, TopicId, DelBehavior);
var cachekey = string.Format("AF-FV-{0}-{1}", PortalId, ModuleId);
DataCache.CacheClearPrefix(cachekey);
try
{
var objectKey = string.Format("{0}:{1}", ForumId, TopicId);
JournalController.Instance.DeleteJournalItemByKey(PortalId, objectKey);
}
catch (Exception ex)
{
}
if (DelBehavior != 0)
{
return;
}
// If it's a hard delete, delete associated attachments
var attachmentController = new Data.AttachController();
var fileManager = FileManager.Instance;
var folderManager = FolderManager.Instance;
var attachmentFolder = folderManager.GetFolder(PortalId, "activeforums_Attach");
foreach (var attachment in attachmentController.ListForPost(TopicId, null))
{
attachmentController.Delete(attachment.AttachmentId);
var file = attachment.FileId.HasValue ? fileManager.GetFile(attachment.FileId.Value) : fileManager.GetFile(attachmentFolder, attachment.FileName);
// Only delete the file if it exists in the attachment folder
if (file != null && file.FolderId == attachmentFolder.FolderID)
{
fileManager.DeleteFile(file);
}
}
}
private void PrepareAttachments(int? contentId = null)
{
// Handle the case where we don't yet have a topic id (new posts)
if(!contentId.HasValue || contentId.Value <= 0)
{
hidAttachments.Value = "[]"; // JSON for an empty array
return;
}
var adb = new Data.AttachController();
var attachments = adb.ListForContent(contentId.Value);
var clientAttachments = attachments.Select(attachment => new ClientAttachment
{
AttachmentId = attachment.AttachmentId,
ContentType = attachment.ContentType,
FileId = attachment.FileId,
FileName = Regex.Replace(attachment.FileName.TextOrEmpty(), @"^__\d+__\d+__", string.Empty), // Remove our unique file prefix before sending to the client.
FileSize = attachment.FileSize
}).ToList();
var serializer = new DataContractJsonSerializer(typeof(List<ClientAttachment>));
using(var ms = new MemoryStream())
{
serializer.WriteObject(ms, clientAttachments);
ms.Seek(0, 0);
using(var sr = new StreamReader(ms, Encoding.UTF8))
{
hidAttachments.Value = sr.ReadToEnd();
}
}
}
protected override void OnLoad(EventArgs e)
{
base.OnLoad(e);
var attachmentId = Utilities.SafeConvertInt(Request.Params["AttachmentID"], -1); // Used for new attachments where the attachment is the actual file link (shouldn't appear in posts)
var attachFileId = Utilities.SafeConvertInt(Request.Params["AttachID"], -1); // Used for legacy attachments where the attachid was actually the file id. (appears in posts)
var portalId = Utilities.SafeConvertInt(Request.Params["PortalID"], -1);
var moduleId = Utilities.SafeConvertInt(Request.Params["ModuleID"], -1);
if (Page.IsPostBack || (attachmentId < 0 && attachFileId < 0) || portalId < 0 || moduleId < 0)
{
Response.StatusCode = 400;
Response.Write("Invalid Request");
Response.End();
return;
}
// Get the attachment including the "Can Read" permission for the associated content id.
var attachment = new Data.AttachController().Get(attachmentId, attachFileId, true);
// Make sure the attachment exists
if (attachment == null)
{
Response.StatusCode = 404;
Response.Write("Not Found");
Response.End();
return;
}
// Make sure the user has read access
var u = new UserController().GetUser(portalId, moduleId);
if (u == null || !Permissions.HasAccess(attachment.CanRead, u.UserRoles))
{
Response.StatusCode = 401;
Response.Write("Unauthorized");
Response.End();
return;
}
// Get the filename with the unique identifier prefix removed.
var filename = Regex.Replace(attachment.FileName.TextOrEmpty(), @"__\d+__\d+__", string.Empty);
// Some legacy attachments may still be stored in the DB.
if (attachment.FileData != null)
{
Response.ContentType = attachment.ContentType;
if (attachmentId > 0)
{
Response.AddHeader("Content-Disposition", "attachment; filename=" + Server.HtmlEncode(filename));
}
else // Handle legacy inline attachments a bit differently
{
Response.AddHeader("Content-Disposition", "filename=" + Server.HtmlEncode(filename));
}
Response.BinaryWrite(attachment.FileData);
Response.End();
return;
}
var fileManager = FileManager.Instance;
string filePath = null;
// If there is a file id, access the file using the file manager
if (attachment.FileId.HasValue && attachment.FileId.Value > 0)
{
var file = fileManager.GetFile(attachment.FileId.Value);
if (file != null)
{
filePath = file.PhysicalPath;
}
}
// Otherwise check the attachments directory (current and legacy)
else
{
filePath = Server.MapPath(PortalSettings.HomeDirectory + "activeforums_Attach/") + attachment.FileName;
// This is another check to support legacy attachments.
if (!File.Exists(filePath))
{
filePath = Server.MapPath(PortalSettings.HomeDirectory + "NTForums_Attach/") + attachment.FileName;
}
}
// At this point, we should have a valid file path
if (string.IsNullOrWhiteSpace(filePath) || !File.Exists(filePath))
{
Response.StatusCode = 404;
Response.Write("Not Found");
Response.End();
return;
}
var length = attachment.FileSize;
if (length <= 0)
{
length = new System.IO.FileInfo(filePath).Length;
}
Response.Clear();
Response.ContentType = attachment.ContentType;
if (attachmentId > 0)
{
Response.AddHeader("Content-Disposition", "attachment; filename=" + Server.HtmlEncode(filename));
}
else // Handle legacy inline attachments a bit differently
{
Response.AddHeader("Content-Disposition", "filename=" + Server.HtmlEncode(filename));
}
Response.AddHeader("Content-Length", length.ToString());
Response.WriteFile(filePath);
Response.Flush();
Response.Close();
Response.End();
}
protected override void OnLoad(EventArgs e)
{
base.OnLoad(e);
try
{
UserController uc = new UserController();
User ui = uc.GetUser(PortalSettings.PortalId, -1);
ForumController fc = new ForumController();
Forum fi = fc.Forums_Get(Convert.ToInt32(Request.Params["ForumId"]), ui.UserId, true);
if (fi != null)
{
if (Permissions.HasPerm(fi.Security.Attach, ui.UserRoles))
{
if (inpFile.HasFile)
{
string sFile = string.Empty;
string sExt = string.Empty;
int maxImgHeight = fi.AttachMaxHeight;
int maxImgWidth = fi.AttachMaxWidth;
string contentType = inpFile.PostedFile.ContentType;
sFile = Path.GetFileName(inpFile.PostedFile.FileName).Replace(" ", "_");
sExt = Path.GetExtension(sFile);
if (sFile.Length >= 250)
{
sFile = sFile.Replace(sExt, string.Empty);
sFile = sFile.Substring(0, (250 - sExt.Length));
sFile = sFile + sExt;
}
sExt = sExt.Replace(".", string.Empty);
if (!(fi.AttachTypeAllowed.ToString().ToLower().Contains(sExt.ToLower())))
{
Response.Write("<script type=\"text/javascript\">window.top.af_setMessage('" + Utilities.GetSharedResource("[RESX:Error:BlockedFile]") + "');</script>");
return;
}
if (fi.AttachMaxSize > 0)
{
if ((inpFile.PostedFile.ContentLength / 1024.0) > fi.AttachMaxSize)
{
Response.Write("<script type=\"text/javascript\">window.top.af_setMessage('" + string.Format(Utilities.GetSharedResource("[RESX:Error:FileTooLarge]"), fi.AttachMaxSize) + "');</script>");
return;
}
}
Stream inpStream = inpFile.PostedFile.InputStream;
MemoryStream imgStream = new MemoryStream();
bool useMemStream = false;
bool allowDownload = true;
bool displayInline = false;
if (sExt.ToLower() == "jpg" || sExt.ToLower() == "gif" || sExt.ToLower() == "bmp" || sExt.ToLower() == "png" || sExt.ToLower() == "jpeg")
{
useMemStream = true;
imgStream = (MemoryStream)(Images.CreateImageForDB(inpStream, maxImgHeight, maxImgWidth));
contentType = "image/x-png";
allowDownload = false;
displayInline = true;
}
Data.AttachController ac = new Data.AttachController();
AttachInfo ai = new AttachInfo();
ai.ContentId = -1;
ai.UserID = ui.UserId;
ai.ContentType = contentType;
ai.DisplayInline = displayInline;
ai.AllowDownload = allowDownload;
ai.ParentAttachId = 0;
if (fi.AttachStore == AttachStores.DATABASE)
{
if (useMemStream)
{
ai.FileSize = Convert.ToInt32(imgStream.Length);
ai.FileData = imgStream.ToArray();
}
else
{
byte[] byteData = new byte[Convert.ToInt32(inpStream.Length - 1) + 1];
inpStream.Read(byteData, 0, Convert.ToInt32(inpStream.Length));
ai.FileSize = Convert.ToInt32(inpStream.Length);
ai.FileData = byteData;
}
ai.Filename = sFile;
}
else
{
if (useMemStream)
{
ai.FileSize = Convert.ToInt32(imgStream.Length);
ai.Filename = SaveToFile(imgStream, sFile);
}
else
{
byte[] byteData = new byte[Convert.ToInt32(inpStream.Length) + 1];
inpStream.Read(byteData, 0, Convert.ToInt32(inpStream.Length));
ai.FileSize = Convert.ToInt32(inpStream.Length);
ai.Filename = SaveToFile(inpFile, sFile);
}
}
int attachId = ac.Attach_Save(ai);
Response.Write("<script type=\"text/javascript\">window.top.af_isUploaded(" + attachId.ToString() + ");</script>");
}
}
else
{
inpFile.Visible = false;
}
}
else
{
inpFile.Visible = false;
}
}
catch (Exception ex)
{
Response.Write("<script type=\"text/javascript\">window.top.af_setMessage('" + ex.Message + "');</script>");
}
}
public void Reply_Delete(int PortalId, int ForumId, int TopicId, int ReplyId, int DelBehavior)
{
DataProvider.Instance().Reply_Delete(ForumId, TopicId, ReplyId, DelBehavior);
var objectKey = string.Format("{0}:{1}:{2}", ForumId, TopicId, ReplyId);
JournalController.Instance.DeleteJournalItemByKey(PortalId, objectKey);
if (DelBehavior != 0)
return;
// If it's a hard delete, delete associated attachments
var attachmentController = new Data.AttachController();
var fileManager = FileManager.Instance;
var folderManager = FolderManager.Instance;
var attachmentFolder = folderManager.GetFolder(PortalId, "activeforums_Attach");
foreach(var attachment in attachmentController.ListForPost(TopicId, ReplyId))
{
attachmentController.Delete(attachment.AttachmentId);
var file = attachment.FileId.HasValue ? fileManager.GetFile(attachment.FileId.Value) : fileManager.GetFile(attachmentFolder, attachment.FileName);
// Only delete the file if it exists in the attachment folder
if (file != null && file.FolderId == attachmentFolder.FolderID)
fileManager.DeleteFile(file);
}
}
protected override void OnLoad(EventArgs e)
{
base.OnLoad(e);
//Put user code to initialize the page here
try
{
byte[] bindata = null;
bool canView = false;
string sContentType = string.Empty;
if (!Page.IsPostBack)
{
int AttachId = 0;
int intPortalID = 0;
int intModuleID = 0;
if (Request.Params["AttachID"] != null)
{
if (SimulateIsNumeric.IsNumeric(Request.Params["AttachID"]))
{
AttachId = Int32.Parse(Request.Params["AttachID"]);
}
else
{
AttachId = 0;
}
}
else
{
AttachId = 0;
}
if (Request.Params["PortalID"] != null)
{
if (SimulateIsNumeric.IsNumeric(Request.Params["PortalID"]))
{
intPortalID = Int32.Parse(Request.Params["PortalID"]);
}
else
{
intPortalID = 0;
}
}
else
{
intPortalID = 0;
}
if (Request.Params["ModuleID"] != null)
{
if (SimulateIsNumeric.IsNumeric(Request.Params["ModuleID"]))
{
intModuleID = Int32.Parse(Request.Params["ModuleID"]);
}
else
{
intModuleID = -1;
}
}
else
{
intModuleID = -1;
}
IFileManager _fileManager = FileManager.Instance;
IFileInfo _file = null;
if (AttachId > 0)
{
DotNetNuke.Entities.Users.UserInfo ui = DotNetNuke.Entities.Users.UserController.GetCurrentUserInfo();
//DotNetNuke.Modules.ActiveForums.Settings.LoadUser(objUserInfo.UserID, intPortalID, intModuleID)
UserController uc = new UserController();
User u = uc.GetUser(intPortalID, intModuleID);
Data.AttachController ac = new Data.AttachController();
AttachInfo ai = null;
try
{
if (Request.UrlReferrer.AbsolutePath.Contains("HtmlEditorProviders") | (Request.UrlReferrer.AbsolutePath.Contains("afv") & Request.UrlReferrer.AbsolutePath.Contains("post")))
{
ai = ac.Attach_Get(AttachId, -1, ui.UserID, false);
}
else
{
ai = ac.Attach_Get(AttachId, -1, ui.UserID, true);
}
}
catch (Exception ex)
{
ai = ac.Attach_Get(AttachId, -1, ui.UserID, true);
}
if (ai == null)
{
ai = new AttachInfo();
_file = _fileManager.GetFile(AttachId);
ai.AttachID = _file.FileId;
ai.AllowDownload = true;
ai.Filename = _file.FileName;
ai.FileUrl = _file.PhysicalPath;
ai.CanRead = "0;1;-3;-1;|||";
ai.ContentType = _file.ContentType;
}
if (ai != null & u != null)
{
Response.ContentType = ai.ContentType.ToString();
if (ai.FileData != null)
{
if (Permissions.HasAccess(ai.CanRead, u.UserRoles))
{
bindata = (byte[])ai.FileData;
Response.BinaryWrite(bindata);
Response.AddHeader("Content-Disposition", "attachment;filename=" + Server.HtmlEncode(ai.Filename.ToString()));
}
}
else
{
if (Permissions.HasAccess(ai.CanRead, u.UserRoles))
{
string fpath = string.Empty;
string fName = string.Empty;
if (string.IsNullOrEmpty(ai.FileUrl))
{
fpath = Server.MapPath(PortalSettings.HomeDirectory + "activeforums_Attach/");
fpath += ai.Filename;
fName = System.IO.Path.GetFileName(fpath);
}
else
{
_file = _fileManager.GetFile(ai.AttachID);
fpath = _file.PhysicalPath;
fName = _file.FileName;
}
if (System.IO.File.Exists(fpath))
{
//Dim vpath As String
//vpath = PortalSettings.HomeDirectory & "activeforums_Attach/" & Server.HtmlEncode(ai.Filename)
FileStream fs = new FileStream(fpath, FileMode.Open, FileAccess.Read);
long contentLength = 0;
if (fs != null)
{
bindata = GetStreamAsByteArray(fs);
fs.Close();
}
string sExt = System.IO.Path.GetExtension(fName);
Response.Clear();
Response.AddHeader("Content-Disposition", "attachment; filename=" + Server.HtmlEncode(fName));
Response.AddHeader("Content-Length", bindata.LongLength.ToString());
sContentType = ai.ContentType;
switch (sExt.ToLowerInvariant())
{
case ".png":
sContentType = "image/png";
break;
case ".jpg":
case ".jpeg":
sContentType = "image/jpeg";
break;
case ".gif":
sContentType = "image/gif";
break;
case ".bmp":
sContentType = "image/bmp";
break;
}
Response.ContentType = sContentType;
Response.OutputStream.Write(bindata, 0, bindata.Length);
Response.End();
}
else
{
fpath = Server.MapPath(PortalSettings.HomeDirectory + "NTForums_Attach/");
fpath += ai.Filename;
if (System.IO.File.Exists(fpath))
{
string vpath = null;
vpath = PortalSettings.HomeDirectory + "activeforums_Attach/" + Server.HtmlEncode(ai.Filename);
Response.Redirect(Page.ResolveUrl(vpath));
}
}
}
}
}
}
}
}
catch (Exception ex)
{
}
}
public void Topics_Delete(int PortalId, int ModuleId, int ForumId, int TopicId, int DelBehavior)
{
DataProvider.Instance().Topics_Delete(ForumId, TopicId, DelBehavior);
var cachekey = string.Format("AF-FV-{0}-{1}", PortalId, ModuleId);
DataCache.CacheClearPrefix(cachekey);
try
{
var objectKey = string.Format("{0}:{1}", ForumId, TopicId);
JournalController.Instance.DeleteJournalItemByKey(PortalId, objectKey);
}
catch (Exception ex)
{
}
if (DelBehavior != 0)
return;
// If it's a hard delete, delete associated attachments
var attachmentController = new Data.AttachController();
var fileManager = FileManager.Instance;
var folderManager = FolderManager.Instance;
var attachmentFolder = folderManager.GetFolder(PortalId, "activeforums_Attach");
foreach (var attachment in attachmentController.ListForPost(TopicId, null))
{
attachmentController.Delete(attachment.AttachmentId);
var file = attachment.FileId.HasValue ? fileManager.GetFile(attachment.FileId.Value) : fileManager.GetFile(attachmentFolder, attachment.FileName);
// Only delete the file if it exists in the attachment folder
if (file != null && file.FolderId == attachmentFolder.FolderID)
fileManager.DeleteFile(file);
}
}
private void SaveAttach(int contentId)
{
var attachIds = hidAttachIds.Value;
var fileManager = FileManager.Instance;
if (attachIds == string.Empty)
return;
foreach (var attachid in attachIds.Split(';'))
{
if (attachid.Trim() == string.Empty)
continue;
var tmpAttachId = Convert.ToInt32(attachid);
var file = fileManager.GetFile(tmpAttachId);
var adb = new Data.AttachController();
if (file == null)
adb.SaveToContent(contentId, tmpAttachId, null, null, false, null);
else
{
var fileUrl = "~/LinkClick.aspx?fileticket={0}";
var url = Page.ResolveUrl("~/LinkClick.aspx?fileid=" + file.FileId);
fileUrl = string.Format(fileUrl, UrlUtils.EncryptParameter(UrlUtils.GetParameterValue(url)));
adb.SaveToContent(contentId, tmpAttachId, fileUrl, file.FileName, true, file.ContentType);
}
}
}
protected override void OnLoad(EventArgs e)
{
base.OnLoad(e);
//Put user code to initialize the page here
try
{
byte[] bindata = null;
bool canView = false;
string sContentType = string.Empty;
if (!Page.IsPostBack)
{
int AttachId = 0;
int intPortalID = 0;
int intModuleID = 0;
if (Request.Params["AttachID"] != null)
{
if (SimulateIsNumeric.IsNumeric(Request.Params["AttachID"]))
{
AttachId = Int32.Parse(Request.Params["AttachID"]);
}
else
{
AttachId = 0;
}
}
else
{
AttachId = 0;
}
if (Request.Params["PortalID"] != null)
{
if (SimulateIsNumeric.IsNumeric(Request.Params["PortalID"]))
{
intPortalID = Int32.Parse(Request.Params["PortalID"]);
}
else
{
intPortalID = 0;
}
}
else
{
intPortalID = 0;
}
if (Request.Params["ModuleID"] != null)
{
if (SimulateIsNumeric.IsNumeric(Request.Params["ModuleID"]))
{
intModuleID = Int32.Parse(Request.Params["ModuleID"]);
}
else
{
intModuleID = -1;
}
}
else
{
intModuleID = -1;
}
IFileManager _fileManager = FileManager.Instance;
IFileInfo _file = null;
if (AttachId > 0)
{
DotNetNuke.Entities.Users.UserInfo ui = DotNetNuke.Entities.Users.UserController.GetCurrentUserInfo();
//DotNetNuke.Modules.ActiveForums.Settings.LoadUser(objUserInfo.UserID, intPortalID, intModuleID)
UserController uc = new UserController();
User u = uc.GetUser(intPortalID, intModuleID);
Data.AttachController ac = new Data.AttachController();
AttachInfo ai = null;
try
{
if (Request.UrlReferrer.AbsolutePath.Contains("HtmlEditorProviders") | (Request.UrlReferrer.AbsolutePath.Contains("afv") & Request.UrlReferrer.AbsolutePath.Contains("post")))
{
ai = ac.Attach_Get(AttachId, -1, ui.UserID, false);
}
else
{
ai = ac.Attach_Get(AttachId, -1, ui.UserID, true);
}
}
catch (Exception ex)
{
ai = ac.Attach_Get(AttachId, -1, ui.UserID, true);
}
if (ai == null)
{
ai = new AttachInfo();
_file = _fileManager.GetFile(AttachId);
ai.AttachID = _file.FileId;
ai.AllowDownload = true;
ai.Filename = _file.FileName;
ai.FileUrl = _file.PhysicalPath;
ai.CanRead = "0;1;-3;-1;|||";
ai.ContentType = _file.ContentType;
}
if (ai != null & u != null)
{
Response.ContentType = ai.ContentType.ToString();
if (ai.FileData != null)
{
if (Permissions.HasAccess(ai.CanRead, u.UserRoles))
{
bindata = (byte[])ai.FileData;
Response.BinaryWrite(bindata);
Response.AddHeader("Content-Disposition", "attachment;filename=" + Server.HtmlEncode(ai.Filename.ToString()));
}
}
else
{
if (Permissions.HasAccess(ai.CanRead, u.UserRoles))
{
string fpath = string.Empty;
string fName = string.Empty;
if (string.IsNullOrEmpty(ai.FileUrl))
{
fpath = Server.MapPath(PortalSettings.HomeDirectory + "activeforums_Attach/");
fpath += ai.Filename;
fName = System.IO.Path.GetFileName(fpath);
}
else
{
_file = _fileManager.GetFile(ai.AttachID);
fpath = _file.PhysicalPath;
fName = _file.FileName;
}
if (System.IO.File.Exists(fpath))
{
//Dim vpath As String
//vpath = PortalSettings.HomeDirectory & "activeforums_Attach/" & Server.HtmlEncode(ai.Filename)
FileStream fs = new FileStream(fpath, FileMode.Open, FileAccess.Read);
long contentLength = 0;
if (fs != null)
{
bindata = GetStreamAsByteArray(fs);
fs.Close();
}
string sExt = System.IO.Path.GetExtension(fName);
Response.Clear();
Response.AddHeader("Content-Disposition", "attachment; filename=" + Server.HtmlEncode(fName));
Response.AddHeader("Content-Length", bindata.LongLength.ToString());
sContentType = ai.ContentType;
switch (sExt.ToLowerInvariant())
{
case ".png":
sContentType = "image/png";
break;
case ".jpg":
case ".jpeg":
sContentType = "image/jpeg";
break;
case ".gif":
sContentType = "image/gif";
break;
case ".bmp":
sContentType = "image/bmp";
break;
}
Response.ContentType = sContentType;
Response.OutputStream.Write(bindata, 0, bindata.Length);
Response.End();
}
else
{
fpath = Server.MapPath(PortalSettings.HomeDirectory + "NTForums_Attach/");
fpath += ai.Filename;
if (System.IO.File.Exists(fpath))
{
string vpath = null;
vpath = PortalSettings.HomeDirectory + "activeforums_Attach/" + Server.HtmlEncode(ai.Filename);
Response.Redirect(Page.ResolveUrl(vpath));
}
}
}
}
}
}
}
}
catch (Exception ex)
{
}
}
protected override void OnLoad(EventArgs e)
{
base.OnLoad(e);
try
{
UserController uc = new UserController();
User ui = uc.GetUser(PortalSettings.PortalId, -1);
ForumController fc = new ForumController();
Forum fi = fc.Forums_Get(Convert.ToInt32(Request.Params["ForumId"]), ui.UserId, true);
if (fi != null)
{
if (Permissions.HasPerm(fi.Security.Attach, ui.UserRoles))
{
if (inpFile.HasFile)
{
string sFile = string.Empty;
string sExt = string.Empty;
int maxImgHeight = fi.AttachMaxHeight;
int maxImgWidth = fi.AttachMaxWidth;
string contentType = inpFile.PostedFile.ContentType;
sFile = Path.GetFileName(inpFile.PostedFile.FileName).Replace(" ", "_");
sExt = Path.GetExtension(sFile);
if (sFile.Length >= 250)
{
sFile = sFile.Replace(sExt, string.Empty);
sFile = sFile.Substring(0, (250 - sExt.Length));
sFile = sFile + sExt;
}
sExt = sExt.Replace(".", string.Empty);
if (!(fi.AttachTypeAllowed.ToString().ToLower().Contains(sExt.ToLower())))
{
Response.Write("<script type=\"text/javascript\">window.top.af_setMessage('" + Utilities.GetSharedResource("[RESX:Error:BlockedFile]") + "');</script>");
return;
}
if (fi.AttachMaxSize > 0)
{
if ((inpFile.PostedFile.ContentLength / 1024.0) > fi.AttachMaxSize)
{
Response.Write("<script type=\"text/javascript\">window.top.af_setMessage('" + string.Format(Utilities.GetSharedResource("[RESX:Error:FileTooLarge]"), fi.AttachMaxSize) + "');</script>");
return;
}
}
Stream inpStream = inpFile.PostedFile.InputStream;
MemoryStream imgStream = new MemoryStream();
bool useMemStream = false;
bool allowDownload = true;
bool displayInline = false;
if (sExt.ToLower() == "jpg" || sExt.ToLower() == "gif" || sExt.ToLower() == "bmp" || sExt.ToLower() == "png" || sExt.ToLower() == "jpeg")
{
useMemStream = true;
imgStream = (MemoryStream)(Images.CreateImageForDB(inpStream, maxImgHeight, maxImgWidth));
contentType = "image/x-png";
allowDownload = false;
displayInline = true;
}
Data.AttachController ac = new Data.AttachController();
AttachInfo ai = new AttachInfo();
ai.ContentId = -1;
ai.UserID = ui.UserId;
ai.ContentType = contentType;
ai.DisplayInline = displayInline;
ai.AllowDownload = allowDownload;
ai.ParentAttachId = 0;
if (fi.AttachStore == AttachStores.DATABASE)
{
if (useMemStream)
{
ai.FileSize = Convert.ToInt32(imgStream.Length);
ai.FileData = imgStream.ToArray();
}
else
{
byte[] byteData = new byte[Convert.ToInt32(inpStream.Length - 1) + 1];
inpStream.Read(byteData, 0, Convert.ToInt32(inpStream.Length));
ai.FileSize = Convert.ToInt32(inpStream.Length);
ai.FileData = byteData;
}
ai.Filename = sFile;
}
else
{
if (useMemStream)
{
ai.FileSize = Convert.ToInt32(imgStream.Length);
ai.Filename = SaveToFile(imgStream, sFile);
}
else
{
byte[] byteData = new byte[Convert.ToInt32(inpStream.Length) + 1];
inpStream.Read(byteData, 0, Convert.ToInt32(inpStream.Length));
ai.FileSize = Convert.ToInt32(inpStream.Length);
ai.Filename = SaveToFile(inpFile, sFile);
}
}
int attachId = ac.Attach_Save(ai);
Response.Write("<script type=\"text/javascript\">window.top.af_isUploaded(" + attachId.ToString() + ");</script>");
}
}
else
{
inpFile.Visible = false;
}
}
else
{
inpFile.Visible = false;
}
}
catch (Exception ex)
{
Response.Write("<script type=\"text/javascript\">window.top.af_setMessage('" + ex.Message + "');</script>");
}
}
// Note attachments are currently saved into the authors file directory
private void SaveAttachments(int contentId)
{
var fileManager = FileManager.Instance;
var folderManager = FolderManager.Instance;
var adb = new Data.AttachController();
var userFolder = folderManager.GetUserFolder(UserInfo);
const string uploadFolderName = "activeforums_Upload";
const string attachmentFolderName = "activeforums_Attach";
const string fileNameTemplate = "__{0}__{1}__{2}";
var attachmentFolder = folderManager.GetFolder(PortalId, attachmentFolderName) ?? folderManager.AddFolder(PortalId, attachmentFolderName);
// Read the attachment list sent in the hidden field as json
var attachmentsJson = hidAttachments.Value;
var serializer = new DataContractJsonSerializer(typeof (List<ClientAttachment>));
var ms = new MemoryStream(Encoding.UTF8.GetBytes(attachmentsJson));
var attachmentsNew = (List<ClientAttachment>)serializer.ReadObject(ms);
ms.Close();
// Read the list of existing attachments for the content. Must do this before saving any of the new attachments!
// Ignore any legacy inline attachments
var attachmentsOld = adb.ListForContent(contentId).Where(o => !o.AllowDownload.HasValue || o.AllowDownload.Value);
// Save all of the new attachments
foreach(var attachment in attachmentsNew)
{
// Don't need to do anything with existing attachments
if(attachment.AttachmentId.HasValue && attachment.AttachmentId.Value > 0)
continue;
IFileInfo file = null;
var fileId = attachment.FileId.GetValueOrDefault();
if(fileId > 0 && userFolder != null)
{
// Make sure that the file exists and it actually belongs to the user who is trying to attach it
file = fileManager.GetFile(fileId);
if(file == null || file.FolderId != userFolder.FolderID) continue;
}
else if(!string.IsNullOrWhiteSpace(attachment.UploadId) && !string.IsNullOrWhiteSpace(attachment.FileName))
{
if (!Regex.IsMatch(attachment.UploadId, @"^[\w\-. ]+$")) // Check for shenanigans.
continue;
var uploadFilePath = PathUtils.Instance.GetPhysicalPath(PortalId, uploadFolderName + "/" + attachment.UploadId);
if (!File.Exists(uploadFilePath))
continue;
// Store the files with a filename format that prevents overwrites.
var index = 0;
var fileName = string.Format(fileNameTemplate, contentId, index, Regex.Replace(attachment.FileName, @"[^\w\-. ]+", string.Empty));
while(fileManager.FileExists(attachmentFolder, fileName))
{
index++;
fileName = string.Format(fileNameTemplate, contentId, index, Regex.Replace(attachment.FileName, @"[^\w\-. ]+", string.Empty));
}
// Copy the file into the attachment folder with the correct name.
using (var fileStream = new FileStream(uploadFilePath, FileMode.Open, FileAccess.Read))
{
file = fileManager.AddFile(attachmentFolder, fileName, fileStream);
}
File.Delete(uploadFilePath);
}
if(file == null)
continue;
adb.Save(contentId, UserId, file.FileName, file.ContentType, file.Size, file.FileId);
}
// Remove any attachments that are no longer in the list of attachments
var attachmentsToRemove = attachmentsOld.Where(a1 => attachmentsNew.All(a2 => a2.AttachmentId != a1.AttachmentId));
foreach(var attachment in attachmentsToRemove)
{
adb.Delete(attachment.AttachmentId);
var file = attachment.FileId.HasValue ? fileManager.GetFile(attachment.FileId.Value) : fileManager.GetFile(attachmentFolder, attachment.FileName);
// Only delete the file if it exists in the attachment folder
if(file != null && file.FolderId == attachmentFolder.FolderID)
fileManager.DeleteFile(file);
}
}
private string BuildAttachGrid(int Uid, string AttachIds, int RowIndex, int MaxRows, string SortColumn, string Sort)
{
int mode = 0;
if (RowIndex > -1)
{
mode = 1;
}
PendingAttach = 0;
string sOut = string.Empty;
Data.AttachController ac = new Data.AttachController();
int i = 0;
string strHost = DotNetNuke.Common.Globals.AddHTTP(DotNetNuke.Common.Globals.GetDomainName(Request)) + "/";
List <AttachInfo> al = null;
if (RowIndex == -1)
{
al = ac.Attach_ListAttachFiles(Uid, AttachIds);
}
else
{
al = ac.Attach_ListMyFiles(Uid, RowIndex, MaxRows, SortColumn, Sort);
}
foreach (AttachInfo ai in al)
{
PendingAttach += 1;
string insertHTML = string.Empty;
string insertThumb = string.Empty;
string toggleInline = string.Empty;
string deleteAttach = Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/delete12.png");
if (mode == 1)
{
deleteAttach = "<img src=\"" + deleteAttach + "\" style=\"cursor:pointer;\" onclick=\"af_delAttach(" + ai.AttachID.ToString() + "," + ai.UserID.ToString() + ");\" />";
}
else
{
deleteAttach = "<img src=\"" + deleteAttach + "\" style=\"cursor:pointer;\" onclick=\"af_delContAttach(" + ai.AttachID.ToString() + "," + ai.UserID.ToString() + ");\" />";
}
if (ai.Filename.ToLowerInvariant().Contains(".jpg") | ai.Filename.ToLowerInvariant().Contains(".bmp") | ai.Filename.ToLowerInvariant().Contains(".gif") | ai.Filename.ToLowerInvariant().Contains(".png") | ai.Filename.ToLowerInvariant().Contains(".jpeg"))
{
int w = 0;
int h = 0;
string fpath = null;
fpath = Server.MapPath(PortalSettings.HomeDirectory + "activeforums_Attach/");
fpath += ai.Filename;
byte[] bindata = null;
bindata = (byte[])ai.FileData;
if (bindata != null)
{
System.IO.MemoryStream memStream = new System.IO.MemoryStream(bindata);
try
{
System.Drawing.Image g = System.Drawing.Image.FromStream(memStream);
if (g != null)
{
w = g.Width;
h = g.Height;
}
}
catch (Exception ex)
{
}
}
else
{
try
{
System.Drawing.Image g = System.Drawing.Image.FromFile(fpath);
if (g != null)
{
w = g.Width;
h = g.Height;
}
}
catch (Exception ex)
{
}
}
if (mode == 0)
{
string sInsert = string.Empty;
string sClose = string.Empty;
if (ai.ParentAttachId > 0)
{
sInsert = "<a href=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/viewer.aspx") + "?portalid=" + PortalId + "&moduleid=" + ModuleId + "&attachid=" + ai.ParentAttachId + "\" target=\"_blank\">";
sClose = "</a>";
}
if (ai.FileData == null)
{
string vpath = null;
vpath = PortalSettings.HomeDirectory + "activeforums_Attach/";
sInsert += "<img src=\"" + vpath + ai.Filename + "\" border=\"0\" class=\"afimg\" />";
}
else
{
sInsert += "<img src=" + Page.ResolveUrl("~/DesktopModules/ActiveForums/viewer.aspx") + "?portalid=" + PortalId + "&moduleid=" + ModuleId + "&attachid=" + ai.AttachID + " border=0 class=\"afimg\" />";
}
sInsert += sClose;
if (ForumInfo.AllowHTML && ForumInfo.EditorType != EditorTypes.TEXTBOX)
{
insertHTML = "<a href=\"javascript:amaf_insertHTML('" + Server.HtmlEncode(sInsert) + "');amaf_toggleInline(" + ai.AttachID + "," + ai.UserID + ",0);\"><img border=\"0\" src=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/image_insert.png") + "\" style=\"cursor:pointer;\" alt=\"[RESX:InsertImage]\" /></a>";
}
else
{
if (ai.ParentAttachId > 0)
{
insertHTML = "<a href=\"javascript:amaf_insertHTML('[THUMBNAIL:" + ai.AttachID + ":" + ai.ParentAttachId + "]');amaf_toggleInline(" + ai.AttachID + "," + ai.UserID + ",0);\"><img border=\"0\" src=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/image_insert.png") + "\" style=\"cursor:pointer;\" alt=\"[RESX:InsertImage]\" /></a>";
}
else
{
insertHTML = "<a href=\"javascript:amaf_insertHTML('[IMAGE:" + ai.AttachID + "]');amaf_toggleInline(" + ai.AttachID + "," + ai.UserID + ",0);\"><img border=\"0\" src=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/image_insert.png") + "\" style=\"cursor:pointer;\" alt=\"[RESX:InsertImage]\" /></a>";
}
}
insertThumb = "<a href=\"javascript:amaf_insertThumbnail(" + ai.AttachID + "," + ai.UserID + "," + w + "," + h + ");\"><img src=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/image_thumb.png") + "\" style=\"cursor:pointer;\" alt=\"[RESX:CreateThumbnail]\" border=\"0\" /></a>";
if (ai.AllowDownload)
{
toggleInline = "<a href=\"javascript:amaf_toggleInline(" + ai.AttachID + "," + ai.UserID + ",1);\"><img border=\"0\" src=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/checkbox.png") + "\" style=\"cursor:pointer;\" alt=\"[RESX:AllowDownload]\" /></a>";
}
else
{
toggleInline = "<a href=\"javascript:amaf_toggleInline(" + ai.AttachID + "," + ai.UserID + ",1);\"><img border=\"0\" src=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/checkbox_unchecked.png") + "\" style=\"cursor:pointer;\" alt=\"[RESX:AllowDownload]\" /></a>";
}
}
else
{
toggleInline = "<a href=\"javascript:amaf_addAttach(" + ai.AttachID + "," + ai.UserID + ");\"><img border=\"0\" src=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/add.png") + "\" style=\"cursor:pointer;\" alt=\"[RESX:AddAttach]\" /></a>";
}
}
else
{
if (mode == 1)
{
toggleInline = "<a href=\"javascript:amaf_addAttach(" + ai.AttachID + "," + ai.UserID + ");\"><img border=\"0\" src=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/add.png") + "\" style=\"cursor:pointer;\" alt=\"[RESX:AddAttach]\" /></a>";
}
}
string rClass = "afrow";
if (i % 2 == 0)
{
rClass += " afhighlight";
}
sOut += "<tr onmouseout=\"this.className='" + rClass + "';\" class=\"" + rClass + "\"><td>" + ai.Filename + "</td><td>" + Utilities.FormatFileSize(ai.FileSize) + "</td><td align=\"center\">" + insertThumb + "</td><td align=\"center\">" + insertHTML + "</td><td align=\"center\">" + toggleInline + "</td><td align=\"center\">" + deleteAttach + "</td></tr>";
i += 1;
}
string tbl = string.Empty;
string createThumbHD = string.Empty;
string insertImageHD = string.Empty;
string downloadHD = string.Empty;
if (sOut != "")
{
if (mode == 0)
{
createThumbHD = "[RESX:CreateThumbnail]";
insertImageHD = "[RESX:InsertImage]";
downloadHD = "[RESX:AllowDownload]";
}
else
{
downloadHD = "[RESX:AddAttach]";
}
tbl = "<table cellpadding=\"0\" cellspacing=\"0\" width=\"95%\"><tr><td class=\"afattachhead\">[RESX:FileName]</td><td class=\"afattachhead\">[RESX:FileSize]</td><td class=\"afattachhead\" align=\"center\">" + createThumbHD + "</td><td class=\"afattachhead\" align=\"center\">" + insertImageHD + "</td><td class=\"afattachhead\" align=\"center\">" + downloadHD;
tbl += "</td><td class=\"afattachhead\" align=\"center\">[RESX:Delete]</td></tr>" + sOut + "</table>";
}
return(tbl);
}
private string BuildAttachGrid(int Uid, string AttachIds, int RowIndex, int MaxRows, string SortColumn, string Sort)
{
int mode = 0;
if (RowIndex > -1)
{
mode = 1;
}
PendingAttach = 0;
string sOut = string.Empty;
Data.AttachController ac = new Data.AttachController();
int i = 0;
string strHost = DotNetNuke.Common.Globals.AddHTTP(DotNetNuke.Common.Globals.GetDomainName(Request)) + "/";
List<AttachInfo> al = null;
if (RowIndex == -1)
{
al = ac.Attach_ListAttachFiles(Uid, AttachIds);
}
else
{
al = ac.Attach_ListMyFiles(Uid, RowIndex, MaxRows, SortColumn, Sort);
}
foreach (AttachInfo ai in al)
{
PendingAttach += 1;
string insertHTML = string.Empty;
string insertThumb = string.Empty;
string toggleInline = string.Empty;
string deleteAttach = Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/delete12.png");
if (mode == 1)
{
deleteAttach = "<img src=\"" + deleteAttach + "\" style=\"cursor:pointer;\" onclick=\"af_delAttach(" + ai.AttachID.ToString() + "," + ai.UserID.ToString() + ");\" />";
}
else
{
deleteAttach = "<img src=\"" + deleteAttach + "\" style=\"cursor:pointer;\" onclick=\"af_delContAttach(" + ai.AttachID.ToString() + "," + ai.UserID.ToString() + ");\" />";
}
if (ai.Filename.ToLowerInvariant().Contains(".jpg") | ai.Filename.ToLowerInvariant().Contains(".bmp") | ai.Filename.ToLowerInvariant().Contains(".gif") | ai.Filename.ToLowerInvariant().Contains(".png") | ai.Filename.ToLowerInvariant().Contains(".jpeg"))
{
int w = 0;
int h = 0;
string fpath = null;
fpath = Server.MapPath(PortalSettings.HomeDirectory + "activeforums_Attach/");
fpath += ai.Filename;
byte[] bindata = null;
bindata = (byte[])ai.FileData;
if (bindata != null)
{
System.IO.MemoryStream memStream = new System.IO.MemoryStream(bindata);
try
{
System.Drawing.Image g = System.Drawing.Image.FromStream(memStream);
if (g != null)
{
w = g.Width;
h = g.Height;
}
}
catch (Exception ex)
{
}
}
else
{
try
{
System.Drawing.Image g = System.Drawing.Image.FromFile(fpath);
if (g != null)
{
w = g.Width;
h = g.Height;
}
}
catch (Exception ex)
{
}
}
if (mode == 0)
{
string sInsert = string.Empty;
string sClose = string.Empty;
if (ai.ParentAttachId > 0)
{
sInsert = "<a href=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/viewer.aspx") + "?portalid=" + PortalId + "&moduleid=" + ModuleId + "&attachid=" + ai.ParentAttachId + "\" target=\"_blank\">";
sClose = "</a>";
}
if (ai.FileData == null)
{
string vpath = null;
vpath = PortalSettings.HomeDirectory + "activeforums_Attach/";
sInsert += "<img src=\"" + vpath + ai.Filename + "\" border=\"0\" class=\"afimg\" />";
}
else
{
sInsert += "<img src=" + Page.ResolveUrl("~/DesktopModules/ActiveForums/viewer.aspx") + "?portalid=" + PortalId + "&moduleid=" + ModuleId + "&attachid=" + ai.AttachID + " border=0 class=\"afimg\" />";
}
sInsert += sClose;
if (ForumInfo.AllowHTML && ForumInfo.EditorType != EditorTypes.TEXTBOX)
{
insertHTML = "<a href=\"javascript:amaf_insertHTML('" + Server.HtmlEncode(sInsert) + "');amaf_toggleInline(" + ai.AttachID + "," + ai.UserID + ",0);\"><img border=\"0\" src=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/image_insert.png") + "\" style=\"cursor:pointer;\" alt=\"[RESX:InsertImage]\" /></a>";
}
else
{
if (ai.ParentAttachId > 0)
{
insertHTML = "<a href=\"javascript:amaf_insertHTML('[THUMBNAIL:" + ai.AttachID + ":" + ai.ParentAttachId + "]');amaf_toggleInline(" + ai.AttachID + "," + ai.UserID + ",0);\"><img border=\"0\" src=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/image_insert.png") + "\" style=\"cursor:pointer;\" alt=\"[RESX:InsertImage]\" /></a>";
}
else
{
insertHTML = "<a href=\"javascript:amaf_insertHTML('[IMAGE:" + ai.AttachID + "]');amaf_toggleInline(" + ai.AttachID + "," + ai.UserID + ",0);\"><img border=\"0\" src=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/image_insert.png") + "\" style=\"cursor:pointer;\" alt=\"[RESX:InsertImage]\" /></a>";
}
}
insertThumb = "<a href=\"javascript:amaf_insertThumbnail(" + ai.AttachID + "," + ai.UserID + "," + w + "," + h + ");\"><img src=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/image_thumb.png") + "\" style=\"cursor:pointer;\" alt=\"[RESX:CreateThumbnail]\" border=\"0\" /></a>";
if (ai.AllowDownload)
{
toggleInline = "<a href=\"javascript:amaf_toggleInline(" + ai.AttachID + "," + ai.UserID + ",1);\"><img border=\"0\" src=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/checkbox.png") + "\" style=\"cursor:pointer;\" alt=\"[RESX:AllowDownload]\" /></a>";
}
else
{
toggleInline = "<a href=\"javascript:amaf_toggleInline(" + ai.AttachID + "," + ai.UserID + ",1);\"><img border=\"0\" src=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/checkbox_unchecked.png") + "\" style=\"cursor:pointer;\" alt=\"[RESX:AllowDownload]\" /></a>";
}
}
else
{
toggleInline = "<a href=\"javascript:amaf_addAttach(" + ai.AttachID + "," + ai.UserID + ");\"><img border=\"0\" src=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/add.png") + "\" style=\"cursor:pointer;\" alt=\"[RESX:AddAttach]\" /></a>";
}
}
else
{
if (mode == 1)
{
toggleInline = "<a href=\"javascript:amaf_addAttach(" + ai.AttachID + "," + ai.UserID + ");\"><img border=\"0\" src=\"" + Page.ResolveUrl("~/DesktopModules/ActiveForums/Images/add.png") + "\" style=\"cursor:pointer;\" alt=\"[RESX:AddAttach]\" /></a>";
}
}
string rClass = "afrow";
if (i % 2 == 0)
{
rClass += " afhighlight";
}
sOut += "<tr onmouseout=\"this.className='" + rClass + "';\" class=\"" + rClass + "\"><td>" + ai.Filename + "</td><td>" + Utilities.FormatFileSize(ai.FileSize) + "</td><td align=\"center\">" + insertThumb + "</td><td align=\"center\">" + insertHTML + "</td><td align=\"center\">" + toggleInline + "</td><td align=\"center\">" + deleteAttach + "</td></tr>";
i += 1;
}
string tbl = string.Empty;
string createThumbHD = string.Empty;
string insertImageHD = string.Empty;
string downloadHD = string.Empty;
if (sOut != "")
{
if (mode == 0)
{
createThumbHD = "[RESX:CreateThumbnail]";
insertImageHD = "[RESX:InsertImage]";
downloadHD = "[RESX:AllowDownload]";
}
else
{
downloadHD = "[RESX:AddAttach]";
}
tbl = "<table cellpadding=\"0\" cellspacing=\"0\" width=\"95%\"><tr><td class=\"afattachhead\">[RESX:FileName]</td><td class=\"afattachhead\">[RESX:FileSize]</td><td class=\"afattachhead\" align=\"center\">" + createThumbHD + "</td><td class=\"afattachhead\" align=\"center\">" + insertImageHD + "</td><td class=\"afattachhead\" align=\"center\">" + downloadHD;
tbl += "</td><td class=\"afattachhead\" align=\"center\">[RESX:Delete]</td></tr>" + sOut + "</table>";
}
return tbl;
}
private void cbAttach_Callback(object sender, Modules.ActiveForums.Controls.CallBackEventArgs e)
{
string attachIds = e.Parameters[1].ToString();
switch (e.Parameters[0].ToLowerInvariant())
{
case "delcont":
{
if (SimulateIsNumeric.IsNumeric(e.Parameters[2]))
{
int aid = Convert.ToInt32(e.Parameters[2]);
int uid = -1;
if (SimulateIsNumeric.IsNumeric(e.Parameters[3]))
{
uid = Convert.ToInt32(e.Parameters[3]);
}
if ((uid == this.UserId && !(this.UserId == -1)) | Permissions.HasPerm(ForumInfo.Security.ModDelete, ForumUser.UserRoles) || UserInfo.IsSuperUser)
{
Data.AttachController adb = new Data.AttachController();
adb.Attach_Delete(aid, ContentId);
//ac.Attach_Delete(aid, -1, uid)
}
}
break;
}
case "thumb":
{
if (SimulateIsNumeric.IsNumeric(e.Parameters[2]))
{
int aid = Convert.ToInt32(e.Parameters[2]);
Data.AttachController ac = new Data.AttachController();
int uid = -1;
if (SimulateIsNumeric.IsNumeric(e.Parameters[3]))
{
uid = Convert.ToInt32(e.Parameters[3]);
}
AttachInfo ai = ac.Attach_Get(aid, -1, uid, false);
if (ai != null)
{
int w = Convert.ToInt32(e.Parameters[4]);
int h = Convert.ToInt32(e.Parameters[5]);
System.IO.MemoryStream imgStream = new System.IO.MemoryStream();
string fpath = string.Empty;
int fileSize = 0;
string tmpFilename = string.Empty;
if (ai.FileData != null)
{
byte[] bindata = null;
bindata = (byte[])ai.FileData;
System.IO.MemoryStream memStream = new System.IO.MemoryStream(bindata);
imgStream = (System.IO.MemoryStream)(Images.CreateImageForDB(memStream, h, w));
fileSize = Convert.ToInt32(imgStream.Length);
tmpFilename = "thumb_" + ai.Filename;
}
else
{
fpath = Server.MapPath(PortalSettings.HomeDirectory + "activeforums_Attach/");
//fpath &= "thumb_" & ai.Filename
tmpFilename = "thumb_" + ai.Filename;
string sFullFile = fpath + tmpFilename;
int i = 0;
while (File.Exists(sFullFile))
{
i += 1;
tmpFilename = i.ToString().PadLeft(3, '0') + "_thumb_" + ai.Filename;
sFullFile = fpath + tmpFilename;
}
File.Copy(fpath + ai.Filename, sFullFile);
Images.CreateImage(sFullFile, h, w);
fileSize = (int)new FileInfo(sFullFile).Length;
}
AttachInfo aiThumb = new AttachInfo();
aiThumb.ContentId = -1;
aiThumb.UserID = ai.UserID;
aiThumb.Filename = tmpFilename;
aiThumb.ContentType = "image/x-png";
aiThumb.FileSize = fileSize;
if (ForumInfo.AttachStore == AttachStores.DATABASE)
{
aiThumb.FileData = imgStream.ToArray();
//File.Delete(fpath & "thumb_" & ai.Filename)
}
aiThumb.ParentAttachId = aid;
int thumbId = ac.Attach_Save(aiThumb);
attachIds += thumbId.ToString() + ";";
BindMyFiles();
if (Convert.ToBoolean(e.Parameters[4]))
{
string strHost = DotNetNuke.Common.Globals.AddHTTP(DotNetNuke.Common.Globals.GetDomainName(Request)) + "/";
string s = "<script type=\"text/javascript\">";
string sInsert = string.Empty;
if (ForumInfo.AllowHTML && ForumInfo.EditorType != EditorTypes.TEXTBOX)
{
sInsert = "<a href=\"" + strHost + "DesktopModules/ActiveForums/viewer.aspx?portalid=" + PortalId + "&moduleid=" + ModuleId + "&attachid=" + aid + "\" target=\"_blank\"><img src=" + strHost + "DesktopModules/ActiveForums/viewer.aspx?portalid=" + PortalId + "&moduleid=" + ModuleId + "&attachid=" + thumbId + " border=0 /></a>";
}
else
{
sInsert = "[THUMBNAIL:" + thumbId.ToString() + ":" + aid + "]";
}
s += "amaf_insertHTML('" + sInsert + "');";
s += "</script>";
LiteralControl litScript = new LiteralControl();
litScript.Text = s;
plhAttach.Controls.Add(litScript);
}
}
}
break;
}
case "inline":
{
if (SimulateIsNumeric.IsNumeric(e.Parameters[2]))
{
int aid = Convert.ToInt32(e.Parameters[2]);
Data.AttachController ac = new Data.AttachController();
int uid = -1;
if (SimulateIsNumeric.IsNumeric(e.Parameters[3]))
{
uid = Convert.ToInt32(e.Parameters[3]);
}
AttachInfo ai = ac.Attach_Get(aid, -1, uid, false);
if (ai != null)
{
int opt = Convert.ToInt32(e.Parameters[4]);
if (opt == 0)
{
ai.DisplayInline = true;
ai.AllowDownload = false;
}
else
{
if (ai.AllowDownload)
{
ai.DisplayInline = true;
ai.AllowDownload = false;
}
else
{
ai.DisplayInline = false;
ai.AllowDownload = true;
}
}
ac.Attach_Save(ai);
}
}
break;
}
}
BindAttach(attachIds);
System.IO.StringWriter stringWriter = new System.IO.StringWriter();
HtmlTextWriter htmlWriter = new HtmlTextWriter(stringWriter);
plhAttach.RenderControl(htmlWriter);
string html = stringWriter.GetStringBuilder().ToString();
html = Utilities.LocalizeControl(html);
LiteralControl lit = new LiteralControl();
lit.Text = html;
lit.RenderControl(e.Output);
}
private void cbMyFiles_Callback(object sender, Modules.ActiveForums.Controls.CallBackEventArgs e)
{
string attachIds = e.Parameters[1].ToString();
switch (e.Parameters[0].ToLowerInvariant())
{
case "del":
if (SimulateIsNumeric.IsNumeric(e.Parameters[2]))
{
int aid = Convert.ToInt32(e.Parameters[2]);
Data.AttachController ac = new Data.AttachController();
int uid = -1;
if (SimulateIsNumeric.IsNumeric(e.Parameters[3]))
{
uid = Convert.ToInt32(e.Parameters[3]);
}
if ((uid == this.UserId && !(this.UserId == -1)) | Permissions.HasPerm(ForumInfo.Security.ModDelete, ForumUser.UserRoles) || UserInfo.IsSuperUser)
{
ac.Attach_Delete(aid, -1, uid);
}
}
break;
}
PendingAttach = 0;
plhMyFiles.Controls.Clear();
BindMyFiles();
System.IO.StringWriter stringWriter = new System.IO.StringWriter();
HtmlTextWriter htmlWriter = new HtmlTextWriter(stringWriter);
plhMyFiles.RenderControl(htmlWriter);
string html = stringWriter.GetStringBuilder().ToString();
html = Utilities.LocalizeControl(html);
LiteralControl lit = new LiteralControl();
lit.Text = html;
lit.RenderControl(e.Output);
}
private void cbAttach_Callback(object sender, Modules.ActiveForums.Controls.CallBackEventArgs e)
{
string attachIds = e.Parameters[1].ToString();
switch (e.Parameters[0].ToLowerInvariant())
{
case "delcont":
{
if (SimulateIsNumeric.IsNumeric(e.Parameters[2]))
{
int aid = Convert.ToInt32(e.Parameters[2]);
int uid = -1;
if (SimulateIsNumeric.IsNumeric(e.Parameters[3]))
{
uid = Convert.ToInt32(e.Parameters[3]);
}
if ((uid == this.UserId && !(this.UserId == -1)) | Permissions.HasPerm(ForumInfo.Security.ModDelete, ForumUser.UserRoles) || UserInfo.IsSuperUser)
{
Data.AttachController adb = new Data.AttachController();
adb.Attach_Delete(aid, ContentId);
//ac.Attach_Delete(aid, -1, uid)
}
}
break;
}
case "thumb":
{
if (SimulateIsNumeric.IsNumeric(e.Parameters[2]))
{
int aid = Convert.ToInt32(e.Parameters[2]);
Data.AttachController ac = new Data.AttachController();
int uid = -1;
if (SimulateIsNumeric.IsNumeric(e.Parameters[3]))
{
uid = Convert.ToInt32(e.Parameters[3]);
}
AttachInfo ai = ac.Attach_Get(aid, -1, uid, false);
if (ai != null)
{
int w = Convert.ToInt32(e.Parameters[4]);
int h = Convert.ToInt32(e.Parameters[5]);
System.IO.MemoryStream imgStream = new System.IO.MemoryStream();
string fpath = string.Empty;
int fileSize = 0;
string tmpFilename = string.Empty;
if (ai.FileData != null)
{
byte[] bindata = null;
bindata = (byte[])ai.FileData;
System.IO.MemoryStream memStream = new System.IO.MemoryStream(bindata);
imgStream = (System.IO.MemoryStream)(Images.CreateImageForDB(memStream, h, w));
fileSize = Convert.ToInt32(imgStream.Length);
tmpFilename = "thumb_" + ai.Filename;
}
else
{
fpath = Server.MapPath(PortalSettings.HomeDirectory + "activeforums_Attach/");
//fpath &= "thumb_" & ai.Filename
tmpFilename = "thumb_" + ai.Filename;
string sFullFile = fpath + tmpFilename;
int i = 0;
while (File.Exists(sFullFile))
{
i += 1;
tmpFilename = i.ToString().PadLeft(3, '0') + "_thumb_" + ai.Filename;
sFullFile = fpath + tmpFilename;
}
File.Copy(fpath + ai.Filename, sFullFile);
Images.CreateImage(sFullFile, h, w);
fileSize = (int)new FileInfo(sFullFile).Length;
}
AttachInfo aiThumb = new AttachInfo();
aiThumb.ContentId = -1;
aiThumb.UserID = ai.UserID;
aiThumb.Filename = tmpFilename;
aiThumb.ContentType = "image/x-png";
aiThumb.FileSize = fileSize;
if (ForumInfo.AttachStore == AttachStores.DATABASE)
{
aiThumb.FileData = imgStream.ToArray();
//File.Delete(fpath & "thumb_" & ai.Filename)
}
aiThumb.ParentAttachId = aid;
int thumbId = ac.Attach_Save(aiThumb);
attachIds += thumbId.ToString() + ";";
BindMyFiles();
if (Convert.ToBoolean(e.Parameters[4]))
{
string strHost = DotNetNuke.Common.Globals.AddHTTP(DotNetNuke.Common.Globals.GetDomainName(Request)) + "/";
string s = "<script type=\"text/javascript\">";
string sInsert = string.Empty;
if (ForumInfo.AllowHTML && ForumInfo.EditorType != EditorTypes.TEXTBOX)
{
sInsert = "<a href=\"" + strHost + "DesktopModules/ActiveForums/viewer.aspx?portalid=" + PortalId + "&moduleid=" + ModuleId + "&attachid=" + aid + "\" target=\"_blank\"><img src=" + strHost + "DesktopModules/ActiveForums/viewer.aspx?portalid=" + PortalId + "&moduleid=" + ModuleId + "&attachid=" + thumbId + " border=0 /></a>";
}
else
{
sInsert = "[THUMBNAIL:" + thumbId.ToString() + ":" + aid + "]";
}
s += "amaf_insertHTML('" + sInsert + "');";
s += "</script>";
LiteralControl litScript = new LiteralControl();
litScript.Text = s;
plhAttach.Controls.Add(litScript);
}
}
}
break;
}
case "inline":
{
if (SimulateIsNumeric.IsNumeric(e.Parameters[2]))
{
int aid = Convert.ToInt32(e.Parameters[2]);
Data.AttachController ac = new Data.AttachController();
int uid = -1;
if (SimulateIsNumeric.IsNumeric(e.Parameters[3]))
{
uid = Convert.ToInt32(e.Parameters[3]);
}
AttachInfo ai = ac.Attach_Get(aid, -1, uid, false);
if (ai != null)
{
int opt = Convert.ToInt32(e.Parameters[4]);
if (opt == 0)
{
ai.DisplayInline = true;
ai.AllowDownload = false;
}
else
{
if (ai.AllowDownload)
{
ai.DisplayInline = true;
ai.AllowDownload = false;
}
else
{
ai.DisplayInline = false;
ai.AllowDownload = true;
}
}
ac.Attach_Save(ai);
}
}
break;
}
}
BindAttach(attachIds);
System.IO.StringWriter stringWriter = new System.IO.StringWriter();
HtmlTextWriter htmlWriter = new HtmlTextWriter(stringWriter);
plhAttach.RenderControl(htmlWriter);
string html = stringWriter.GetStringBuilder().ToString();
html = Utilities.LocalizeControl(html);
LiteralControl lit = new LiteralControl();
lit.Text = html;
lit.RenderControl(e.Output);
}
protected override void OnLoad(EventArgs e)
{
base.OnLoad(e);
var attachmentId = Utilities.SafeConvertInt(Request.Params["AttachmentID"], -1);// Used for new attachments where the attachment is the actual file link (shouldn't appear in posts)
var attachFileId = Utilities.SafeConvertInt(Request.Params["AttachID"], -1); // Used for legacy attachments where the attachid was actually the file id. (appears in posts)
var portalId = Utilities.SafeConvertInt(Request.Params["PortalID"], -1);
var moduleId = Utilities.SafeConvertInt(Request.Params["ModuleID"], -1);
if (Page.IsPostBack || (attachmentId < 0 && attachFileId < 0) || portalId < 0 || moduleId < 0)
{
Response.StatusCode = 400;
Response.Write("Invalid Request");
Response.End();
return;
}
// Get the attachment including the "Can Read" permission for the associated content id.
var attachment = new Data.AttachController().Get(attachmentId, attachFileId, true);
// Make sure the attachment exists
if (attachment == null)
{
Response.StatusCode = 404;
Response.Write("Not Found");
Response.End();
return;
}
// Make sure the user has read access
var u = new UserController().GetUser(portalId, moduleId);
if (u == null || !Permissions.HasAccess(attachment.CanRead, u.UserRoles))
{
Response.StatusCode = 401;
Response.Write("Unauthorized");
Response.End();
return;
}
// Get the filename with the unique identifier prefix removed.
var filename = Regex.Replace(attachment.FileName.TextOrEmpty(), @"__\d+__\d+__", string.Empty);
// Some legacy attachments may still be stored in the DB.
if (attachment.FileData != null)
{
Response.ContentType = attachment.ContentType;
if (attachmentId > 0)
Response.AddHeader("Content-Disposition", "attachment; filename=" + Server.HtmlEncode(filename));
else // Handle legacy inline attachments a bit differently
Response.AddHeader("Content-Disposition", "filename=" + Server.HtmlEncode(filename));
Response.BinaryWrite(attachment.FileData);
Response.End();
return;
}
var fileManager = FileManager.Instance;
string filePath = null;
// If there is a file id, access the file using the file manager
if (attachment.FileId.HasValue && attachment.FileId.Value > 0)
{
var file = fileManager.GetFile(attachment.FileId.Value);
if (file != null)
{
filePath = file.PhysicalPath;
}
}
// Otherwise check the attachments directory (current and legacy)
else
{
filePath = Server.MapPath(PortalSettings.HomeDirectory + "activeforums_Attach/") + attachment.FileName;
// This is another check to support legacy attachments.
if (!File.Exists(filePath))
{
filePath = Server.MapPath(PortalSettings.HomeDirectory + "NTForums_Attach/") + attachment.FileName;
}
}
// At this point, we should have a valid file path
if (string.IsNullOrWhiteSpace(filePath) || !File.Exists(filePath))
{
Response.StatusCode = 404;
Response.Write("Not Found");
Response.End();
return;
}
var length = attachment.FileSize;
if (length <= 0)
length = new System.IO.FileInfo(filePath).Length;
Response.Clear();
Response.ContentType = attachment.ContentType;
if(attachmentId > 0)
Response.AddHeader("Content-Disposition", "attachment; filename=" + Server.HtmlEncode(filename));
else // Handle legacy inline attachments a bit differently
Response.AddHeader("Content-Disposition", "filename=" + Server.HtmlEncode(filename));
Response.AddHeader("Content-Length", length.ToString());
Response.WriteFile(filePath);
Response.Flush();
Response.Close();
Response.End();
}
