/// <summary>
/// Initialize the class level variables with information from the query string. Returns false if the variables cannot
/// be properly initialized.
/// </summary>
/// <param name="context">The HttpContext for the current request.</param>
/// <returns>Returns true if all variables were initialized; returns false if there was a problem and one or more variables
/// could not be set.</returns>
private bool InitializeVariables(HttpContext context)
{
this._context = context;
if (!ExtractQueryStringParms(context.Request.Url.Query))
{
return(false);
}
this._isUserAuthenticated = Util.IsAuthenticated;
this._filename = Path.GetFileName(this._filepath);
if ((_albumId > 0) &&
(!String.IsNullOrEmpty(_filepath)) &&
(!String.IsNullOrEmpty(_filename)) &&
(MimeTypeEnumHelper.IsValidMimeTypeCategory(this._mimeTypeCategory)) &&
(DisplayObjectTypeEnumHelper.IsValidDisplayObjectType(this._displayType)))
{
return(true);
}
else
{
return(false);
}
}
/// <summary>
/// Initialize the class level variables with information from the query string. Returns false if the
/// variables cannot be properly initialized.
/// </summary>
/// <param name="context">The HttpContext for the current request.</param>
/// <returns>Returns true if all variables were initialized; returns false if there was a problem and
/// one or more variables could not be set.</returns>
private bool InitializeVariables(HttpContext context)
{
_context = context;
if (!ExtractQueryStringParms(context.Request.Url.Query))
{
return(false);
}
ResourceType = DetermineResourceType();
return(DisplayObjectTypeEnumHelper.IsValidDisplayObjectType(_displayType));
}
/// <summary>
/// Initialize the class level variables with information from the query string. Returns false if the variables cannot
/// be properly initialized.
/// </summary>
/// <param name="context">The HttpContext for the current request.</param>
/// <returns>Returns true if all variables were initialized; returns false if there was a problem and one or more variables
/// could not be set.</returns>
private bool InitializeVariables(HttpContext context)
{
this._context = context;
if (!ExtractQueryStringParms(context.Request.Url.Query))
{
return(false);
}
if (_bufferSize == 0)
{
_bufferSize = AppSetting.Instance.MediaObjectDownloadBufferSize;
}
if (DisplayObjectTypeEnumHelper.IsValidDisplayObjectType(this._displayType))
{
return(true);
}
else
{
return(false);
}
}
private DisplayObjectType GetImageSize()
{
DisplayObjectType displayType = DEFAULT_IMAGE_SIZE;
try
{
displayType = (DisplayObjectType)Convert.ToInt32(this.ddlImageSize.SelectedValue, CultureInfo.InvariantCulture);
}
catch (FormatException) { } // Suppress any parse errors
catch (OverflowException) { } // Suppress any parse errors
catch (ArgumentOutOfRangeException) { } // Suppress any parse errors
if (!DisplayObjectTypeEnumHelper.IsValidDisplayObjectType(displayType))
{
displayType = DEFAULT_IMAGE_SIZE;
}
if ((displayType == DisplayObjectType.Original) && (!this.IsUserAuthorized(SecurityActions.ViewOriginalMediaObject)))
{
displayType = DEFAULT_IMAGE_SIZE;
}
return(displayType);
}
/// <summary>
/// Retrieves the profile for the specified <paramref name="userName" />. Guaranteed to not return null.
/// </summary>
/// <param name="userName">Name of the user.</param>
/// <returns>An instance of <see cref="IUserProfile" />.</returns>
public static IUserProfile RetrieveFromDataStore(string userName)
{
IUserProfile profile = new UserProfile();
profile.UserName = userName;
IUserGalleryProfile gs = null;
int prevGalleryId = int.MinValue;
using (var repo = new ProfileRepository())
{
foreach (var profileDto in (repo.Where(p => p.UserName == userName, p => p.Gallery).OrderBy(p => p.FKGalleryId)))
{
// Loop through each user profile setting and assign to the relevant property. When we encounter a record with a new gallery ID,
// automatically create a new UserGalleryProfile instance and start populating that one. When we are done with the loop we will
// have created one UserGalleryProfile instance for each gallery the user has a profile for.
#region Check for application-wide profile setting
if (profileDto.Gallery.IsTemplate)
{
// Profile items associated with the template gallery are application-wide and map to properties
// on the UserProfile object.
switch (profileDto.SettingName.Trim())
{
case ProfileNameEnableUserAlbum:
case ProfileNameUserAlbumId:
throw new DataException(String.Format("It is invalid for the profile setting '{0}' to be associated with a template gallery (Gallery ID {1}).", profileDto.SettingName, profileDto.FKGalleryId));
case ProfileNameAlbumProfiles:
var albumProfiles = JsonConvert.DeserializeObject <List <AlbumProfile> >(profileDto.SettingValue.Trim());
if (albumProfiles != null)
{
profile.AlbumProfiles.AddRange(albumProfiles);
}
break;
case ProfileNameMediaObjectProfiles:
var moProfiles = JsonConvert.DeserializeObject <List <MediaObjectProfile> >(profileDto.SettingValue.Trim());
if (moProfiles != null)
{
profile.MediaObjectProfiles.AddRange(moProfiles);
}
break;
}
continue;
}
#endregion
#region Check for new gallery
int currGalleryId = profileDto.FKGalleryId;
if ((gs == null) || (!currGalleryId.Equals(prevGalleryId)))
{
// We have encountered settings for a new user gallery profile. Create a new object and add it to our collection.
gs = profile.GalleryProfiles.CreateNewUserGalleryProfile(currGalleryId);
profile.GalleryProfiles.Add(gs);
prevGalleryId = currGalleryId;
}
#endregion
#region Assign property
// For each setting in the data store, find the matching property and assign the value to it.
switch (profileDto.SettingName.Trim())
{
case ProfileNameEnableUserAlbum:
gs.EnableUserAlbum = Convert.ToBoolean(profileDto.SettingValue.Trim(), CultureInfo.InvariantCulture);
break;
case ProfileNameUserAlbumId:
gs.UserAlbumId = Convert.ToInt32(profileDto.SettingValue.Trim(), CultureInfo.InvariantCulture);
break;
case ProfileNameMediaViewSize:
gs.MediaViewSize = DisplayObjectTypeEnumHelper.ParseDisplayObjectType(profileDto.SettingValue);
break;
case ProfileNameSlideShowType:
gs.SlideShowType = SlideShowTypeEnumHelper.ParseSlideShowType(profileDto.SettingValue);
break;
case ProfileNameSlideShowLoop:
gs.SlideShowLoop = profileDto.SettingValue.Trim().ToNullable <bool>();
break;
case ProfileNameAlbumProfiles:
case ProfileNameMediaObjectProfiles:
throw new DataException(String.Format("It is invalid for the profile setting '{0}' to be associated with a non-template gallery (Gallery ID {1}).", profileDto.SettingName, profileDto.FKGalleryId));
}
#endregion
}
}
return(profile);
}
/// <summary>
/// Extract information from the query string and assign to our class level variables. Return false if
/// something goes wrong and the variables cannot be set. This will happen when the query string is in
/// an unexpected format.
/// </summary>
/// <param name="queryString">The query string for the current request. Can be populated with
/// HttpContext.Request.Url.Query. Must start with a question mark (?).</param>
/// <returns>Returns true if all relevant variables were assigned from the query string; returns false
/// if there was a problem.</returns>
private bool ExtractQueryStringParms(string queryString)
{
if (String.IsNullOrEmpty(queryString))
{
return(false);
}
queryString = queryString.Remove(0, 1); // Strip off the ?
bool filepathIsEncrypted = AppSetting.Instance.EncryptMediaObjectUrlOnClient;
if (filepathIsEncrypted)
{
// Decode, then decrypt the query string. Note that we must replace spaces with a '+'. This is required when the the URL is
// used in javascript to create the Silverlight media player. Apparently, Silverlight or the media player javascript decodes
// the query string when it requests the URL, so that means any instances of '%2b' are decoded into '+' before it gets here.
// Ideally, we wouldn't even call UrlDecode in this case, but we don't have a way of knowing that it has already been decoded.
// So we decode anyway, which doesn't cause any harm *except* it converts '+' to a space, so we need to convert them back.
queryString = HelperFunctions.Decrypt(HttpUtility.UrlDecode(queryString).Replace(" ", "+"));
}
//moid={0}&dt={1}g={2}
foreach (string nameValuePair in queryString.Split(new[] { '&' }))
{
string[] nameOrValue = nameValuePair.Split(new[] { '=' });
switch (nameOrValue[0])
{
case "g":
{
int gid;
if (Int32.TryParse(nameOrValue[1], out gid))
{
_galleryIdInQueryString = gid;
}
else
{
return(false);
}
break;
}
case "moid":
{
int moid;
if (Int32.TryParse(nameOrValue[1], out moid))
{
_mediaObjectId = moid;
}
else
{
return(false);
}
break;
}
case "dt":
{
int dtInt;
if (Int32.TryParse(nameOrValue[1], out dtInt))
{
if (DisplayObjectTypeEnumHelper.IsValidDisplayObjectType((DisplayObjectType)dtInt))
{
_displayType = (DisplayObjectType)dtInt; break;
}
else
{
return(false);
}
}
else
{
return(false);
}
}
case "sa":
{
_sendAsAttachment = ((nameOrValue[1].Equals("1", StringComparison.Ordinal)) || (nameOrValue[1].Equals("TRUE", StringComparison.OrdinalIgnoreCase)));
break;
}
default: return(false); // Unexpected query string parm. Return false so execution is aborted.
}
}
ValidateDisplayType();
return(true);
}
/// <summary>
/// Extract information from the query string and assign to our class level variables. Return false if
/// something goes wrong and the variables cannot be set. This will happen when the query string is in
/// an unexpected format.
/// </summary>
/// <param name="queryString">The query string for the current request. Can be populated with
/// HttpContext.Request.Url.Query. Must start with a question mark (?).</param>
/// <returns>Returns true if all relevant variables were assigned from the query string; returns false
/// if there was a problem.</returns>
private bool ExtractQueryStringParms(string queryString)
{
if (String.IsNullOrEmpty(queryString))
{
return(false);
}
queryString = queryString.Remove(0, 1); // Strip off the ?
bool filepathIsEncrypted = AppSetting.Instance.EncryptMediaObjectUrlOnClient;
if (filepathIsEncrypted)
{
// Ex: getmedia.ashx?q=PneHH0S5VrXVtZWMki2k867KRGyCExF7 (most common)
// Ex: getmedia.ashx?q=PneHH0S5VrXVtZWMki2k867KRGyCExF7&sa=1 (created by client script when user downloads a single asset)
// Ex: getmedia.ashx?q=PneHH0S5VrXVtZWMki2k867KRGyCExF7&sa=1&extra=somevalue (user may add extra parameters)
foreach (var nameValuePair in queryString.Split(new[] { '&' }))
{
var nameOrValue = nameValuePair.Split(new[] { '=' });
switch (nameOrValue[0])
{
case "q":
queryString = nameOrValue[1];
break;
case "sa":
_sendAsAttachment = ((nameOrValue[1].Equals("1", StringComparison.Ordinal)) || (nameOrValue[1].Equals("TRUE", StringComparison.OrdinalIgnoreCase)));
break;
}
}
// Decode, then decrypt the query string. Note that we must replace spaces with a '+'. This is required when the the URL is
// used in javascript to create the Silverlight media player. Apparently, Silverlight or the media player javascript decodes
// the query string when it requests the URL, so that means any instances of '%2b' are decoded into '+' before it gets here.
// Ideally, we wouldn't even call UrlDecode in this case, but we don't have a way of knowing that it has already been decoded.
// So we decode anyway, which doesn't cause any harm *except* it converts '+' to a space, so we need to convert them back.
try
{
queryString = HelperFunctions.Decrypt(HttpUtility.UrlDecode(queryString).Replace(" ", "+"));
}
catch (FormatException)
{
// We'll get here when user creates a new album and the client script creates an URL like getmedia.ashx?moid=0&dt=1&g=1
// In this case ignore the error and process the string as normal.
}
}
//moid={0}&dt={1}g={2}
foreach (string nameValuePair in queryString.Split(new[] { '&' }))
{
string[] nameOrValue = nameValuePair.Split(new[] { '=' });
switch (nameOrValue[0])
{
case "g":
{
int gid;
if (Int32.TryParse(nameOrValue[1], out gid))
{
_galleryIdInQueryString = gid;
}
else
{
return(false);
}
break;
}
case "moid":
{
int moid;
if (Int32.TryParse(nameOrValue[1], out moid))
{
_mediaObjectId = moid;
}
else
{
return(false);
}
break;
}
case "dt":
{
int dtInt;
if (Int32.TryParse(nameOrValue[1], out dtInt))
{
if (DisplayObjectTypeEnumHelper.IsValidDisplayObjectType((DisplayObjectType)dtInt))
{
_displayType = (DisplayObjectType)dtInt; break;
}
else
{
return(false);
}
}
else
{
return(false);
}
}
case "sa":
{
_sendAsAttachment = ((nameOrValue[1].Equals("1", StringComparison.Ordinal)) || (nameOrValue[1].Equals("TRUE", StringComparison.OrdinalIgnoreCase)));
break;
}
// NEW in 4.0: Allow unrecognized query string parameters. This allows adding an arbitrary parameter to force a browser refresh of an image.
//default: return false; // Unexpected query string parm. Return false so execution is aborted.
}
}
ValidateDisplayType();
return(true);
}
/// <summary>
/// Extract information from the query string and assign to our class level variables. Return false if something goes wrong
/// and the variables cannot be set. This will happen when the query string is in an unexpected format.
/// </summary>
/// <param name="queryString">The query string for the current request. Can be populated with HttpContext.Request.Url.Query.
/// Must start with a question mark (?).</param>
/// <returns>Returns true if all relevant variables were assigned from the query string; returns false if there was a problem.</returns>
private bool ExtractQueryStringParms(string queryString)
{
if (String.IsNullOrEmpty(queryString))
{
return(false);
}
queryString = queryString.Remove(0, 1); // Strip off the ?
bool filepathIsEncrypted = Config.GetCore().EncryptMediaObjectUrlOnClient;
if (filepathIsEncrypted)
{
// Decode, then decrypt the query string. Note that we must replace spaces with a '+'. This is required when the the URL is
// used in javascript to create the Silverlight media player. Apparently, Silverlight or the media player javascript decodes
// the query string when it requests the URL, so that means any instances of '%2b' are decoded into '+' before it gets here.
// Ideally, we wouldn't even call UrlDecode in this case, but we don't have a way of knowing that it has already been decoded.
// So we decode anyway, which doesn't cause any harm *except* it converts '+' to a space, so we need to convert them back.
queryString = HelperFunctions.Decrypt(HttpUtility.UrlDecode(queryString).Replace(" ", "+"));
}
//moid={0}&aid={1}&mo={2}&mtc={3}&dt={4}&isp={5}
foreach (string nameValuePair in queryString.Split(new char[] { '&' }))
{
string[] nameOrValue = nameValuePair.Split(new char[] { '=' });
switch (nameOrValue[0])
{
case "moid":
{
int moid;
if (Int32.TryParse(nameOrValue[1], out moid))
{
_mediaObjectId = moid;
}
else
{
return(false);
}
break;
}
case "aid":
{
int aid;
if (Int32.TryParse(nameOrValue[1], out aid))
{
_albumId = aid;
}
else
{
return(false);
}
break;
}
case "mo": _filepath = Uri.UnescapeDataString(nameOrValue[1]); break;
case "mtc":
{
int mtcInt;
if (Int32.TryParse(nameOrValue[1], out mtcInt))
{
if (MimeTypeEnumHelper.IsValidMimeTypeCategory((MimeTypeCategory)mtcInt))
{
_mimeTypeCategory = (MimeTypeCategory)mtcInt; break;
}
else
{
return(false);
}
}
else
{
return(false);
}
}
case "dt":
{
int dtInt;
if (Int32.TryParse(nameOrValue[1], out dtInt))
{
if (DisplayObjectTypeEnumHelper.IsValidDisplayObjectType((DisplayObjectType)dtInt))
{
_displayType = (DisplayObjectType)dtInt; break;
}
else
{
return(false);
}
}
else
{
return(false);
}
}
case "isp":
{
bool isPrivate;
if (Boolean.TryParse(nameOrValue[1], out isPrivate))
{
_isPrivate = isPrivate;
}
else
{
_isPrivate = true;
}
break;
}
default: return(false); // Unexpected query string parm. Return false so execution is aborted.
}
}
return(true);
}
