Exemplo n.º 1
0
        public async Task UploadFiles(StreamStorageFile files, string userName)
        {
            // User Profile
            var profile = await _userManager.FindByNameAsync(userName);

            // Accumulate the form data key-value pairs in the request (formAccumulator).
            var trustedFileNameForDisplay     = string.Empty;
            var untrustedFileNameForStorage   = string.Empty;
            var trustedFilePathStorage        = string.Empty;
            var trustedFileNameForFileStorage = string.Empty;

            // Test Files
            List <ClamUserPersonalCategoryItem> userFiles = new List <ClamUserPersonalCategoryItem>();

            foreach (var file in files.File)
            {
                untrustedFileNameForStorage = file.FileName;
                // Don't trust the file name sent by the client. To display
                // the file name, HTML-encode the value.
                trustedFileNameForDisplay = WebUtility.HtmlEncode(
                    file.FileName);

                if (!Directory.Exists(_targetFilePath))
                {
                    string path = String.Format("{0}", _targetFilePath);
                    Directory.CreateDirectory(path);
                }

                // Bind form data to the model
                var keyPathFolder     = FilePathUrlHelper.GenerateKeyPath(profile.Id);
                var generateKeyFolder = GenerateSecurity.Encode(profile.Id);

                trustedFilePathStorage = String.Format("{0}\\{1}\\{2}\\{3}",
                                                       _targetFolderPath,
                                                       keyPathFolder,
                                                       generateKeyFolder,
                                                       Path.GetRandomFileName());
                Directory.CreateDirectory(trustedFilePathStorage);

                using (var fileStream = new FileStream(Path.Combine(trustedFilePathStorage, untrustedFileNameForStorage),
                                                       FileMode.Create, FileAccess.Write))
                {
                    await file.CopyToAsync(fileStream);

                    fileStream.Close();
                }

                userFiles.Add(new ClamUserPersonalCategoryItem()
                {
                    FileName     = trustedFileNameForDisplay,
                    ItemPath     = Path.Combine(trustedFilePathStorage, untrustedFileNameForStorage),
                    Size         = file.Length,
                    UserId       = profile.Id,
                    DateCreated  = DateTime.Now,
                    LastModified = DateTime.Now
                });
            }
            Task.WaitAll(_context.AddRangeAsync(userFiles));
            Task.WaitAll(_context.SaveChangesAsync());
        }
Exemplo n.º 2
0
        public async Task <IActionResult> MultipleFiles(StreamStorageFile files)
        {
            // User Profile
            var name    = User.Identity.Name;
            var profile = await _userManager.FindByNameAsync(name);

            // Accumulate the form data key-value pairs in the request (formAccumulator).
            var trustedFileNameForDisplay     = string.Empty;
            var untrustedFileNameForStorage   = string.Empty;
            var trustedFilePathStorage        = string.Empty;
            var trustedFileNameForFileStorage = string.Empty;
            var streamedFileImageContent      = new byte[0];
            var streamedFilePhysicalContent   = new byte[0];

            // List Byte for file storage
            List <byte[]> filesByteStorage         = new List <byte[]>();
            List <string> filesNameStorage         = new List <string>();
            List <string> storedPaths              = new List <string>();
            List <string> storedPathDictionaryKeys = new List <string>();
            var           fileStoredData           = new Dictionary <string, byte[]>();

            // Test Files
            List <ClamUserPersonalCategoryItem> userFiles = new List <ClamUserPersonalCategoryItem>();

            foreach (var file in files.File)
            {
                untrustedFileNameForStorage = file.FileName;
                // Don't trust the file name sent by the client. To display
                // the file name, HTML-encode the value.
                trustedFileNameForDisplay = WebUtility.HtmlEncode(
                    file.FileName);

                if (!Directory.Exists(_targetFilePath))
                {
                    string path = String.Format("{0}", _targetFilePath);
                    Directory.CreateDirectory(path);
                }

                // Bind form data to the model
                var keyPathFolder     = FilePathUrlHelper.GenerateKeyPath(profile.Id);
                var generateKeyFolder = GenerateSecurity.Encode(profile.Id);

                trustedFilePathStorage = String.Format("{0}\\{1}\\{2}\\{3}",
                                                       _targetFolderPath,
                                                       keyPathFolder,
                                                       generateKeyFolder,
                                                       Path.GetRandomFileName());
                Directory.CreateDirectory(trustedFilePathStorage);

                using (var fileStream = new FileStream(Path.Combine(trustedFilePathStorage, untrustedFileNameForStorage),
                                                       FileMode.Create, FileAccess.Write))
                {
                    await file.CopyToAsync(fileStream);

                    fileStream.Close();
                }

                userFiles.Add(new ClamUserPersonalCategoryItem()
                {
                    FileName     = trustedFileNameForDisplay,
                    ItemPath     = Path.Combine(trustedFilePathStorage, untrustedFileNameForStorage),
                    Size         = file.Length,
                    UserId       = profile.Id,
                    DateCreated  = DateTime.Now,
                    LastModified = DateTime.Now
                });
            }

            ToDatabase(userFiles);

            return(RedirectToAction(nameof(Index)));
        }
Exemplo n.º 3
0
        public async Task UpdateProject(ProjectFormData model, ModelStateDictionary modelState, Guid id, string userName)
        {
            var user = await _userManager.FindByNameAsync(userName);

            var trustedFileNameForDisplay     = string.Empty;
            var streamedFileImageContent      = new byte[0];
            var untrustedFileNameForStorage   = string.Empty;
            var trustedFilePathStorage        = string.Empty;
            var trustedFileNameForFileStorage = string.Empty;
            var checkState = string.Empty;

            // Get Project Id and update all new fields
            var getProject = await _context.ClamUserProjects.FindAsync(id);

            if (model.File != null)
            {
                streamedFileImageContent =
                    await FileHelpers.ProcessFormFile <ProjectFormData>(
                        model.File, modelState, _permittedExtentions,
                        _fileSizeLimit);

                // Filter Check the state of the file
                if (!modelState.IsValid)
                {
                    checkState = "ModelState is Invalid";
                }

                untrustedFileNameForStorage = model.File.FileName;
                // Don't trust the file name sent by the client. To display
                // the file name, HTML-encode the value.
                trustedFileNameForDisplay = WebUtility.HtmlEncode(
                    model.File.FileName);

                // Bind form data to the model
                var keyPathFolder     = FilePathUrlHelper.GenerateKeyPath(user.Id);
                var generateKeyFolder = GenerateSecurity.Encode(user.Id);

                // Path Location & Directory Check
                trustedFilePathStorage = String.Format("{0}\\{1}\\{2}\\{3}",
                                                       _targetFolderPath,
                                                       keyPathFolder,
                                                       generateKeyFolder,
                                                       Path.GetRandomFileName());

                Directory.CreateDirectory(trustedFilePathStorage);

                using (var fileStream = new FileStream(Path.Combine(trustedFilePathStorage, untrustedFileNameForStorage),
                                                       FileMode.Create, FileAccess.Write))
                {
                    await model.File.CopyToAsync(fileStream);

                    fileStream.Close();
                }
                // Remove Physical Location
                await RemoveProject(id);

                _context.Entry(getProject).Entity.Title            = model.Title;
                _context.Entry(getProject).Entity.Author           = model.Author;
                _context.Entry(getProject).Entity.Description      = model.Description;
                _context.Entry(getProject).Entity.Language         = model.Language;
                _context.Entry(getProject).Entity.GithubLink       = model.GithubLink;
                _context.Entry(getProject).Entity.Status           = bool.Parse(model.Status);
                _context.Entry(getProject).Entity.LastModified     = DateTime.Now;
                _context.Entry(getProject).Entity.ImageGifLocation = Path.Combine(trustedFilePathStorage, untrustedFileNameForStorage);
                _context.Update(getProject);
                await _context.SaveChangesAsync();
            }
            else
            {
                _context.Entry(getProject).Entity.Title        = model.Title;
                _context.Entry(getProject).Entity.Author       = model.Author;
                _context.Entry(getProject).Entity.Description  = model.Description;
                _context.Entry(getProject).Entity.Language     = model.Language;
                _context.Entry(getProject).Entity.GithubLink   = model.GithubLink;
                _context.Entry(getProject).Entity.Status       = bool.Parse(model.Status);
                _context.Entry(getProject).Entity.LastModified = DateTime.Now;
                _context.Update(getProject);
                await _context.SaveChangesAsync();
            }
        }
Exemplo n.º 4
0
        public async Task <IActionResult> UploadDatabase()
        {
            if (!MultipartRequestHelper.IsMultipartContentType(Request.ContentType))
            {
                ModelState.AddModelError("File",
                                         $"The request couldn't be processed (Error 1).");
                // Log error

                return(BadRequest(ModelState));
            }

            // User Profile
            var name    = User.Identity.Name;
            var profile = await _userManager.FindByNameAsync(name);

            // Accumulate the form data key-value pairs in the request (formAccumulator).
            var formAccumulator               = new KeyValueAccumulator();
            var trustedFileNameForDisplay     = string.Empty;
            var untrustedFileNameForStorage   = string.Empty;
            var trustedFilePathStorage        = string.Empty;
            var trustedFileNameForFileStorage = string.Empty;
            var streamedFileImageContent      = new byte[0];
            var streamedFilePhysicalContent   = new byte[0];


            // List Byte for file storage
            List <byte[]> filesByteStorage         = new List <byte[]>();
            List <string> filesNameStorage         = new List <string>();
            var           fileStoredData           = new Dictionary <string, byte[]>();
            List <string> storedPaths              = new List <string>();
            List <string> storedPathDictionaryKeys = new List <string>();

            var boundary = MultipartRequestHelper.GetBoundary(
                MediaTypeHeaderValue.Parse(Request.ContentType),
                _defaultFormOptions.MultipartBoundaryLengthLimit);
            var reader = new MultipartReader(boundary, HttpContext.Request.Body);

            var section = await reader.ReadNextSectionAsync();

            while (section != null)
            {
                var hasContentDispositionHeader =
                    ContentDispositionHeaderValue.TryParse(
                        section.ContentDisposition, out var contentDisposition);

                if (hasContentDispositionHeader)
                {
                    if (MultipartRequestHelper
                        .HasFileContentDisposition(contentDisposition))
                    {
                        untrustedFileNameForStorage = contentDisposition.FileName.Value;
                        // Don't trust the file name sent by the client. To display
                        // the file name, HTML-encode the value.
                        trustedFileNameForDisplay = WebUtility.HtmlEncode(
                            contentDisposition.FileName.Value);

                        if (!Directory.Exists(_targetFilePath))
                        {
                            string path = String.Format("{0}", _targetFilePath);
                            Directory.CreateDirectory(path);
                        }

                        //streamedFileContent =
                        //    await FileHelpers.ProcessStreamedFile(section, contentDisposition,
                        //        ModelState, _permittedExtentions, _fileSizeLimit);

                        streamedFilePhysicalContent = await FileHelpers.ProcessStreamedFile(
                            section, contentDisposition, ModelState,
                            _permittedExtentions, _fileSizeLimit);

                        filesNameStorage.Add(trustedFileNameForDisplay);
                        filesByteStorage.Add(streamedFilePhysicalContent);
                        fileStoredData.Add(trustedFileNameForDisplay, streamedFilePhysicalContent);

                        if (!ModelState.IsValid)
                        {
                            return(BadRequest(ModelState));
                        }
                    }
                    else if (MultipartRequestHelper
                             .HasFormDataContentDisposition(contentDisposition))
                    {
                        // Don't limit the key name length because the
                        // multipart headers length limit is already in effect.
                        var key = HeaderUtilities
                                  .RemoveQuotes(contentDisposition.Name).Value;
                        var encoding = GetEncoding(section);

                        if (encoding == null)
                        {
                            ModelState.AddModelError("File",
                                                     $"The request couldn't be processed (Error 2).");
                            // Log error

                            return(BadRequest(ModelState));
                        }

                        using (var streamReader = new StreamReader(
                                   section.Body,
                                   encoding,
                                   detectEncodingFromByteOrderMarks: true,
                                   bufferSize: 1024,
                                   leaveOpen: true))
                        {
                            // The value length limit is enforced by
                            // MultipartBodyLengthLimit
                            var value = await streamReader.ReadToEndAsync();

                            if (string.Equals(value, "undefined",
                                              StringComparison.OrdinalIgnoreCase))
                            {
                                value = string.Empty;
                            }

                            formAccumulator.Append(key, value);

                            if (formAccumulator.ValueCount >
                                _defaultFormOptions.ValueCountLimit)
                            {
                                // Form key count limit of
                                // _defaultFormOptions.ValueCountLimit
                                // is exceeded.
                                ModelState.AddModelError("File",
                                                         $"The request couldn't be processed (Error 3).");
                                // Log error

                                return(BadRequest(ModelState));
                            }
                        }
                    }
                }

                // Drain any remaining section body that hasn't been consumed and
                // read the headers for the next section.
                section = await reader.ReadNextSectionAsync();
            }

            // Bind form data to the model
            var formData          = new StreamFormFilmflixData();
            var formValueProvider = new FormValueProvider(
                BindingSource.Form,
                new FormCollection(formAccumulator.GetResults()),
                CultureInfo.CurrentCulture);
            var bindingSuccessful = await TryUpdateModelAsync(formData, prefix : "",
                                                              valueProvider : formValueProvider);

            var keyPathFolder = FilePathUrlHelper.GenerateKeyPath(profile.Id);

            trustedFilePathStorage = String.Format("{0}\\{1}\\{2}\\{3}",
                                                   //_targetFilePath,
                                                   _targetFolderPath,
                                                   keyPathFolder,
                                                   GenerateSecurity.Encode(profile.Id),
                                                   Path.GetRandomFileName());

            if (!bindingSuccessful)
            {
                ModelState.AddModelError("File",
                                         "The request couldn't be processed (Error 5).");
                // Log error

                return(BadRequest(ModelState));
            }

            // **WARNING!**
            // In the following example, the file is saved without
            // scanning the file's contents. In most production
            // scenarios, an anti-virus/anti-malware scanner API
            // is used on the file before making the file available
            // for download or for use by other systems.
            // For more information, see the topic that accompanies
            // this sample app.

            Directory.CreateDirectory(trustedFilePathStorage);

            foreach (var item in fileStoredData)
            {
                using (var targetStream = System.IO.File.Create(
                           Path.Combine(trustedFilePathStorage, item.Key)))
                {
                    await targetStream.WriteAsync(item.Value);

                    _logger.LogInformation(
                        "Uploaded file '{TrustedFileNameForDisplay}' saved to " +
                        "'{TargetFilePath}' as {TrustedFileNameForFileStorage}",
                        item.Key, trustedFilePathStorage,
                        item.Key);
                }
                storedPaths.Add(Path.Combine(trustedFilePathStorage, item.Key));
                storedPathDictionaryKeys.Add(item.Key);
            }

            var keyValue   = storedPathDictionaryKeys[0];
            var keyConvert = fileStoredData[keyValue];
            var file       = new ClamUserFilm()
            {
                ItemPath         = storedPaths[0],
                ImagePath        = storedPaths[1],
                WallpaperPath    = storedPaths[2],
                FilmTitle        = formData.FilmTitle,
                Size             = keyConvert.Length,
                DateAdded        = DateTime.Now,
                UrlEmbeddedVideo = FilePathUrlHelper.YoutubePathFilter(formData.UrlEmbeddedVideo),
                Year             = formData.Year,
                Status           = bool.Parse(formData.Status),
                UserId           = profile.Id
            };

            _context.Add(file);
            await _context.SaveChangesAsync();

            return(RedirectToAction("Index", "Film"));
        }
Exemplo n.º 5
0
        public async Task AddAsyncInterests(ProjectImageData model, ModelStateDictionary modelState, string userName)
        {
            var user = await _userManager.FindByNameAsync(userName);

            var trustedFileNameForDisplay     = string.Empty;
            var streamedFileImageContent      = new byte[0];
            var untrustedFileNameForStorage   = string.Empty;
            var trustedFilePathStorage        = string.Empty;
            var trustedFileNameForFileStorage = string.Empty;

            var test = string.Empty;

            streamedFileImageContent =
                await FileHelpers.ProcessFormFile <ProjectFormData>(
                    model.File, modelState, _permittedExtentions,
                    _fileSizeLimit);

            if (!modelState.IsValid)
            {
                test = "ModelState is Invalid";
            }

            untrustedFileNameForStorage = model.File.FileName;
            // Don't trust the file name sent by the client. To display
            // the file name, HTML-encode the value.
            trustedFileNameForDisplay = WebUtility.HtmlEncode(
                model.File.FileName);

            // Bind form data to the model
            var keyPathFolder     = FilePathUrlHelper.GenerateKeyPath(user.Id);
            var generateKeyFolder = GenerateSecurity.Encode(user.Id);

            // Path Location & Directory Check
            trustedFilePathStorage = String.Format("{0}\\{1}\\{2}\\{3}",
                                                   _targetFolderPath,
                                                   keyPathFolder,
                                                   generateKeyFolder,
                                                   Path.GetRandomFileName());

            Directory.CreateDirectory(trustedFilePathStorage);

            using (var fileStream = new FileStream(Path.Combine(trustedFilePathStorage, untrustedFileNameForStorage),
                                                   FileMode.Create, FileAccess.Write))
            {
                await model.File.CopyToAsync(fileStream);

                fileStream.Close();
            }

            ClamProjectInterestsImageDisplay result = new ClamProjectInterestsImageDisplay()
            {
                Title         = Path.GetFileNameWithoutExtension(model.File.FileName),
                ImageLocation = Path.Combine(trustedFilePathStorage, untrustedFileNameForStorage),
                Status        = bool.Parse(model.Status),
                UserId        = user.Id,
                LastModified  = DateTime.Now,
                DateCreated   = DateTime.Now
            };

            await _context.AddAsync(result);

            await _context.SaveChangesAsync();
        }