public int GetFileIdFromLinkClick(NameValueCollection queryParams)
{
var linkClickPortalSettings = GetPortalSettingsForLinkClick(GetPortalIdFromLinkClick(queryParams));
var strFileId = UrlUtils.DecryptParameter(queryParams["fileticket"], linkClickPortalSettings.PortalGUID);
return(Convert.ToInt32(strFileId));
}
void DecryptParameters(string key, out int tabId, out int moduleId)
{
var keyParts = UrlUtils.DecryptParameter(key).Split('-');
tabId = int.Parse(keyParts [0]);
moduleId = int.Parse(keyParts [1]);
}
public void ProcessRequest(HttpContext context)
{
// Validate the request for required inputs, return if no action possible
if (string.IsNullOrWhiteSpace(context.Request.QueryString["command"]))
{
return; // No command we cannot process
}
if (string.IsNullOrWhiteSpace(context.Request.QueryString["detail"]))
{
return; // No action we cannot return
}
// Only continue if our provider is current
if (!(CachingProvider.Instance() is Caching.SimpleWebFarmCachingProvider.SimpleWebFarmCachingProvider))
{
return;
}
// Get the values, noting that if in debug we are not encrypted
var command = Host.DebugMode
? context.Request.QueryString["command"]
: UrlUtils.DecryptParameter(context.Request.QueryString["command"], Host.GUID);
var detail = Host.DebugMode
? context.Request.QueryString["detail"]
: UrlUtils.DecryptParameter(context.Request.QueryString["detail"], Host.GUID);
// Pass the action on, if the current caching provider is ours
var provider = (Caching.SimpleWebFarmCachingProvider.SimpleWebFarmCachingProvider)CachingProvider.Instance();
provider.ProcessSynchronizationRequest(command, detail);
}
public int GetFileIdFromLinkClick(NameValueCollection queryParams)
{
var linkClickPortalSettings = this.GetPortalSettingsForLinkClick(this.GetPortalIdFromLinkClick(queryParams));
var strFileId = UrlUtils.DecryptParameter(queryParams["fileticket"], linkClickPortalSettings.PortalGUID);
int fileId;
return(int.TryParse(strFileId, out fileId) ? fileId : -1);
}
protected override void OnInit(EventArgs e)
{
base.OnInit(e);
UserId = Null.NullInteger;
if (Context.Request.QueryString["userticket"] != null)
{
UserId = Int32.Parse(UrlUtils.DecryptParameter(Context.Request.QueryString["userticket"]));
}
ctlProfile.ID = "Profile";
ctlProfile.UserId = UserId;
}
/// <summary>
/// Page_Init runs when the control is initialised
/// </summary>
/// <remarks>
/// </remarks>
/// <history>
/// [cnurse] 03/01/2006
/// </history>
protected void Page_Init(Object sender, EventArgs e)
{
// get userid from encrypted ticket
UserId = Null.NullInteger;
if (Context.Request.QueryString["userticket"] != null)
{
UserId = int.Parse(UrlUtils.DecryptParameter(Context.Request.QueryString["userticket"]));
}
ctlProfile.ID = "Profile";
ctlProfile.UserId = UserId;
}
protected override void OnInit(EventArgs e)
{
base.OnInit(e);
this.UserId = Null.NullInteger;
if (this.Context.Request.QueryString["userticket"] != null)
{
this.UserId = int.Parse(UrlUtils.DecryptParameter(this.Context.Request.QueryString["userticket"]));
}
this.ctlProfile.ID = "Profile";
this.ctlProfile.UserId = this.UserId;
}
private int GetFileIDFromURL(string url)
{
int returnValue = -1;
//add http
if (!(url.ToLower().StartsWith("http")))
{
if (url.ToLower().StartsWith("/"))
{
url = "http:/" + url;
}
else
{
url = "http://" + url;
}
}
Uri u = new Uri(url);
if (u != null && u.Query != null)
{
NameValueCollection @params = HttpUtility.ParseQueryString(u.Query);
if (@params != null && @params.Count > 0)
{
string fileTicket = @params.Get("fileticket");
if (!(string.IsNullOrEmpty(fileTicket)))
{
var strFileID = UrlUtils.DecryptParameter(fileTicket);
try
{
returnValue = int.Parse(strFileID);
}
catch (Exception ex)
{
returnValue = -1;
Logger.Error(ex);
}
}
}
}
return(returnValue);
}
protected override void OnLoad(EventArgs e)
{
base.OnLoad(e);
if (!string.IsNullOrEmpty(Request.QueryString["UserAgent"]))
{
var userAgent = UrlUtils.DecryptParameter(Request.QueryString["UserAgent"]);
if (Request.QueryString["SendAgent"] != "true")
{
userAgent = Request.UserAgent;
}
CreateViewProxy(userAgent);
}
this.Page.Title = LocalizeString("PageTitle");
ClientResourceManager.RegisterScript(this.Page, string.Format("{0}Scripts/PreviewEmulator.js", this.ControlPath));
if (!IsPostBack)
{
BindProfiles();
}
}
public override void HandleRequest()
{
string output = null;
DialogParams dialogParams = Content.FromJson <DialogParams>(); // This uses the new JSON Extensions in DotNetNuke.Common.Utilities.JsonExtensionsWeb
string link = dialogParams.LinkUrl;
dialogParams.LinkClickUrl = link;
if (dialogParams != null)
{
if (!(dialogParams.LinkAction == "GetLinkInfo"))
{
if (dialogParams.Track)
{
string tempVar = dialogParams.LinkUrl;
dialogParams.LinkClickUrl = GetLinkClickURL(ref dialogParams, ref tempVar);
dialogParams.LinkUrl = tempVar;
UrlTrackingInfo linkTrackingInfo = _urlController.GetUrlTracking(dialogParams.PortalId, dialogParams.LinkUrl, dialogParams.ModuleId);
if (linkTrackingInfo != null)
{
dialogParams.Track = linkTrackingInfo.TrackClicks;
dialogParams.TrackUser = linkTrackingInfo.LogActivity;
dialogParams.DateCreated = linkTrackingInfo.CreatedDate.ToString();
dialogParams.LastClick = linkTrackingInfo.LastClick.ToString();
dialogParams.Clicks = linkTrackingInfo.Clicks.ToString();
}
else
{
dialogParams.Track = false;
dialogParams.TrackUser = false;
}
dialogParams.LinkUrl = link;
}
}
switch (dialogParams.LinkAction)
{
case "GetLoggingInfo": //also meant for the tracking tab but this is to retrieve the user information
DateTime logStartDate = DateTime.MinValue;
DateTime logEndDate = DateTime.MinValue;
string logText = "<table><tr><th>Date</th><th>User</th></tr><tr><td colspan='2'>The selected date-range did<br /> not return any results.</td></tr>";
if (DateTime.TryParse(dialogParams.LogStartDate, out logStartDate))
{
if (!(DateTime.TryParse(dialogParams.LogEndDate, out logEndDate)))
{
logEndDate = logStartDate.AddDays(1);
}
UrlController _urlController = new UrlController();
ArrayList urlLog = _urlController.GetUrlLog(dialogParams.PortalId, GetLinkUrl(ref dialogParams, dialogParams.LinkUrl), dialogParams.ModuleId, logStartDate, logEndDate);
if (urlLog != null)
{
logText = GetUrlLoggingInfo(urlLog);
}
}
dialogParams.TrackingLog = logText;
break;
case "GetLinkInfo":
if (dialogParams.Track)
{
link = link.Replace(@"\", @"/");
//this section is for when the user clicks ok in the dialog box, we actually create a record for the linkclick urls.
if (!(dialogParams.LinkUrl.ToLower().Contains("linkclick.aspx")))
{
dialogParams.LinkClickUrl = GetLinkClickURL(ref dialogParams, ref link);
}
_urlController.UpdateUrl(dialogParams.PortalId, link, GetURLType(Globals.GetURLType(link)), dialogParams.TrackUser, true, dialogParams.ModuleId, false);
}
else
{
//this section is meant for retrieving/displaying the original links and determining if the links are being tracked(making sure the track checkbox properly checked)
UrlTrackingInfo linkTrackingInfo = null;
if (dialogParams.LinkUrl.Contains("fileticket"))
{
var queryString = dialogParams.LinkUrl.Split('=');
var encryptedFileId = queryString[1].Split('&')[0];
string fileID = UrlUtils.DecryptParameter(encryptedFileId, dialogParams.PortalGuid);
FileInfo savedFile = _fileController.GetFileById(Int32.Parse(fileID), dialogParams.PortalId);
linkTrackingInfo = _urlController.GetUrlTracking(dialogParams.PortalId, string.Format("fileID={0}", fileID), dialogParams.ModuleId);
}
else if (dialogParams.LinkUrl.ToLowerInvariant().Contains("linkclick.aspx"))
{
try
{
if (dialogParams.LinkUrl.Contains("?"))
{
link = dialogParams.LinkUrl.Split('?')[1].Split('&')[0];
if (link.Contains("="))
{
link = link.Split('=')[1];
}
}
int tabId;
if (int.TryParse(link, out tabId)) //if it's a tabid get the tab path
{
dialogParams.LinkClickUrl = TabController.Instance.GetTab(tabId, dialogParams.PortalId, true).FullUrl;
linkTrackingInfo = _urlController.GetUrlTracking(dialogParams.PortalId, tabId.ToString(), dialogParams.ModuleId);
}
else
{
dialogParams.LinkClickUrl = HttpContext.Current.Server.UrlDecode(link); //get the actual link
linkTrackingInfo = _urlController.GetUrlTracking(dialogParams.PortalId, dialogParams.LinkClickUrl, dialogParams.ModuleId);
}
}
catch (Exception ex)
{
Logger.Error(ex);
dialogParams.LinkClickUrl = dialogParams.LinkUrl;
}
}
if (linkTrackingInfo == null)
{
dialogParams.Track = false;
dialogParams.TrackUser = false;
}
else
{
dialogParams.Track = linkTrackingInfo.TrackClicks;
dialogParams.TrackUser = linkTrackingInfo.LogActivity;
}
}
break;
}
output = dialogParams.ToJson();
}
Response.Write(output);
}
/// -----------------------------------------------------------------------------
/// <summary>
/// This handler handles requests for LinkClick.aspx, but only those specifc
/// to file serving
/// </summary>
/// <param name="context">System.Web.HttpContext)</param>
/// <remarks>
/// </remarks>
/// <history>
/// [cpaterra] 4/19/2006 Created
/// </history>
/// -----------------------------------------------------------------------------
public void ProcessRequest(HttpContext context)
{
PortalSettings _portalSettings = PortalController.GetCurrentPortalSettings();
int TabId = -1;
int ModuleId = -1;
try
{
//get TabId
if (context.Request.QueryString["tabid"] != null)
{
Int32.TryParse(context.Request.QueryString["tabid"], out TabId);
}
//get ModuleId
if (context.Request.QueryString["mid"] != null)
{
Int32.TryParse(context.Request.QueryString["mid"], out ModuleId);
}
}
catch (Exception)
{
//The TabId or ModuleId are incorrectly formatted (potential DOS)
Exceptions.Exceptions.ProcessHttpException(context.Request);
}
//get Language
string Language = _portalSettings.DefaultLanguage;
if (context.Request.QueryString["language"] != null)
{
Language = context.Request.QueryString["language"];
}
else
{
if (context.Request.Cookies["language"] != null)
{
Language = context.Request.Cookies["language"].Value;
}
}
if (LocaleController.Instance.IsEnabled(ref Language, _portalSettings.PortalId))
{
Localization.Localization.SetThreadCultures(new CultureInfo(Language), _portalSettings);
Localization.Localization.SetLanguage(Language);
}
//get the URL
string URL = "";
bool blnClientCache = true;
bool blnForceDownload = false;
if (context.Request.QueryString["fileticket"] != null)
{
URL = "FileID=" + FileLinkClickController.Instance.GetFileIdFromLinkClick(context.Request.QueryString);
}
if (context.Request.QueryString["userticket"] != null)
{
URL = "UserId=" + UrlUtils.DecryptParameter(context.Request.QueryString["userticket"]);
}
if (context.Request.QueryString["link"] != null)
{
URL = context.Request.QueryString["link"];
if (URL.ToLowerInvariant().StartsWith("fileid="))
{
URL = ""; //restrict direct access by FileID
}
}
if (!String.IsNullOrEmpty(URL))
{
URL = URL.Replace(@"\", @"/");
//update clicks, this must be done first, because the url tracker works with unmodified urls, like tabid, fileid etc
var objUrls = new UrlController();
objUrls.UpdateUrlTracking(_portalSettings.PortalId, URL, ModuleId, -1);
TabType UrlType = Globals.GetURLType(URL);
if (UrlType == TabType.Tab)
{
//verify whether the tab is exist, otherwise throw out 404.
if (new TabController().GetTab(int.Parse(URL), _portalSettings.PortalId, false) == null)
{
Exceptions.Exceptions.ProcessHttpException();
}
}
if (UrlType != TabType.File)
{
URL = Globals.LinkClick(URL, TabId, ModuleId, false);
}
if (UrlType == TabType.File && URL.ToLowerInvariant().StartsWith("fileid=") == false)
{
//to handle legacy scenarios before the introduction of the FileServerHandler
var fileName = Path.GetFileName(URL);
var folderPath = URL.Substring(0, URL.LastIndexOf(fileName));
var folder = FolderManager.Instance.GetFolder(_portalSettings.PortalId, folderPath);
var file = FileManager.Instance.GetFile(folder, fileName);
URL = "FileID=" + file.FileId;
}
//get optional parameters
if (context.Request.QueryString["clientcache"] != null)
{
blnClientCache = bool.Parse(context.Request.QueryString["clientcache"]);
}
if ((context.Request.QueryString["forcedownload"] != null) || (context.Request.QueryString["contenttype"] != null))
{
blnForceDownload = bool.Parse(context.Request.QueryString["forcedownload"]);
}
var contentDisposition = blnForceDownload ? ContentDisposition.Attachment : ContentDisposition.Inline;
//clear the current response
context.Response.Clear();
var fileManager = FileManager.Instance;
try
{
switch (UrlType)
{
case TabType.File:
var download = false;
var file = fileManager.GetFile(int.Parse(UrlUtils.GetParameterValue(URL)));
if (file != null)
{
if (!file.IsEnabled)
{
if (context.Request.IsAuthenticated)
{
context.Response.Redirect(Globals.AccessDeniedURL(Localization.Localization.GetString("FileAccess.Error")), true);
}
else
{
context.Response.Redirect(Globals.AccessDeniedURL(), true);
}
}
try
{
var folderMapping = FolderMappingController.Instance.GetFolderMapping(file.PortalId, file.FolderMappingID);
var directUrl = fileManager.GetUrl(file);
if (directUrl.Contains("LinkClick") || (blnForceDownload && folderMapping.FolderProviderType == "StandardFolderProvider"))
{
fileManager.WriteFileToResponse(file, contentDisposition);
download = true;
}
else
{
context.Response.Redirect(directUrl, /*endResponse*/ true);
}
}
catch (PermissionsNotMetException)
{
if (context.Request.IsAuthenticated)
{
context.Response.Redirect(Globals.AccessDeniedURL(Localization.Localization.GetString("FileAccess.Error")), true);
}
else
{
context.Response.Redirect(Globals.AccessDeniedURL(), true);
}
}
catch (Exception ex)
{
Logger.Error(ex);
}
}
if (!download)
{
Exceptions.Exceptions.ProcessHttpException(URL);
}
break;
case TabType.Url:
//prevent phishing by verifying that URL exists in URLs table for Portal
if (objUrls.GetUrl(_portalSettings.PortalId, URL) != null)
{
context.Response.Redirect(URL, true);
}
break;
default:
//redirect to URL
context.Response.Redirect(URL, true);
break;
}
}
catch (ThreadAbortException exc)
{
Logger.Error(exc);
}
catch (Exception)
{
Exceptions.Exceptions.ProcessHttpException(URL);
}
}
else
{
Exceptions.Exceptions.ProcessHttpException(URL);
}
}
/// <Summary>
/// This handler handles requests for LinkClick.aspx, but only those specifc
/// to file serving
/// </Summary>
/// <Param name="context">System.Web.HttpContext)</Param>
public virtual void ProcessRequest(HttpContext context)
{
PortalSettings portalSettings = PortalController.GetCurrentPortalSettings();
// get TabId
int tabId = -1;
if (context.Request.QueryString["tabid"] != null)
{
tabId = int.Parse(context.Request.QueryString["tabid"]);
}
// get ModuleId
int moduleId = -1;
if (context.Request.QueryString["mid"] != null)
{
moduleId = int.Parse(context.Request.QueryString["mid"]);
}
// get the URL
string URL = "";
bool blnClientCache = true;
bool blnForceDownload = false;
if (context.Request.QueryString["fileticket"] != null)
{
URL = "FileID=" + UrlUtils.DecryptParameter(context.Request.QueryString["fileticket"]);
}
if (context.Request.QueryString["userticket"] != null)
{
URL = "UserId=" + UrlUtils.DecryptParameter(context.Request.QueryString["userticket"]);
}
if (context.Request.QueryString["link"] != null)
{
URL = context.Request.QueryString["link"];
if (URL.ToLower().StartsWith("fileid="))
{
URL = ""; // restrict direct access by FileID
}
}
if (!String.IsNullOrEmpty(URL))
{
TabType UrlType = Globals.GetURLType(URL);
if (UrlType != TabType.File)
{
URL = Globals.LinkClick(URL, tabId, moduleId, false);
}
if (UrlType == TabType.File && URL.ToLower().StartsWith("fileid=") == false)
{
// to handle legacy scenarios before the introduction of the FileServerHandler
FileController objFiles = new FileController();
URL = "FileID=" + objFiles.ConvertFilePathToFileId(URL, portalSettings.PortalId);
}
// get optional parameters
if (context.Request.QueryString["clientcache"] != null)
{
blnClientCache = bool.Parse(context.Request.QueryString["clientcache"]);
}
if ((context.Request.QueryString["forcedownload"] != null) || (context.Request.QueryString["contenttype"] != null))
{
blnForceDownload = bool.Parse(context.Request.QueryString["forcedownload"]);
}
// update clicks
UrlController objUrls = new UrlController();
objUrls.UpdateUrlTracking(portalSettings.PortalId, URL, moduleId, -1);
// clear the current response
context.Response.Clear();
if (UrlType == TabType.File)
{
// serve the file
if (tabId == Null.NullInteger)
{
if (!(FileSystemUtils.DownloadFile(portalSettings.PortalId, int.Parse(UrlUtils.GetParameterValue(URL)), blnClientCache, blnForceDownload)))
{
context.Response.Write(Services.Localization.Localization.GetString("FilePermission.Error"));
}
}
else
{
if (!(FileSystemUtils.DownloadFile(portalSettings, int.Parse(UrlUtils.GetParameterValue(URL)), blnClientCache, blnForceDownload)))
{
context.Response.Write(Services.Localization.Localization.GetString("FilePermission.Error"));
}
}
}
else
{
// redirect to URL
context.Response.Redirect(URL, true);
}
}
}
public void ProcessRequest(System.Web.HttpContext context)
{
PortalSettings _portalSettings = PortalController.GetCurrentPortalSettings();
int TabId = -1;
int ModuleId = -1;
try
{
if (context.Request.QueryString["tabid"] != null)
{
Int32.TryParse(context.Request.QueryString["tabid"], out TabId);
}
if (context.Request.QueryString["mid"] != null)
{
Int32.TryParse(context.Request.QueryString["mid"], out ModuleId);
}
}
catch (Exception ex)
{
ex.ToString();
throw new HttpException(404, "Not Found");
}
string Language = _portalSettings.DefaultLanguage;
if (context.Request.QueryString["language"] != null)
{
Language = context.Request.QueryString["language"];
}
else
{
if (context.Request.Cookies["language"] != null)
{
Language = context.Request.Cookies["language"].Value;
}
}
if (Localization.Localization.LocaleIsEnabled(Language))
{
System.Threading.Thread.CurrentThread.CurrentCulture = new CultureInfo(Language);
Localization.Localization.SetLanguage(Language);
}
string URL = "";
bool blnClientCache = true;
bool blnForceDownload = false;
if (context.Request.QueryString["fileticket"] != null)
{
URL = "FileID=" + UrlUtils.DecryptParameter(context.Request.QueryString["fileticket"]);
}
if (context.Request.QueryString["userticket"] != null)
{
URL = "UserId=" + UrlUtils.DecryptParameter(context.Request.QueryString["userticket"]);
}
if (context.Request.QueryString["link"] != null)
{
URL = context.Request.QueryString["link"];
if (URL.ToLowerInvariant().StartsWith("fileid="))
{
URL = "";
}
}
if (!String.IsNullOrEmpty(URL))
{
UrlController objUrls = new UrlController();
objUrls.UpdateUrlTracking(_portalSettings.PortalId, URL, ModuleId, -1);
TabType UrlType = Globals.GetURLType(URL);
if (UrlType != TabType.File)
{
URL = Common.Globals.LinkClick(URL, TabId, ModuleId, false);
}
if (UrlType == TabType.File && URL.ToLowerInvariant().StartsWith("fileid=") == false)
{
FileController objFiles = new FileController();
URL = "FileID=" + objFiles.ConvertFilePathToFileId(URL, _portalSettings.PortalId);
}
if (context.Request.QueryString["clientcache"] != null)
{
blnClientCache = bool.Parse(context.Request.QueryString["clientcache"]);
}
if ((context.Request.QueryString["forcedownload"] != null) || (context.Request.QueryString["contenttype"] != null))
{
blnForceDownload = bool.Parse(context.Request.QueryString["forcedownload"]);
}
context.Response.Clear();
try
{
switch (UrlType)
{
case TabType.File:
if (TabId == Null.NullInteger)
{
if (!FileSystemUtils.DownloadFile(_portalSettings.PortalId, int.Parse(UrlUtils.GetParameterValue(URL)), blnClientCache, blnForceDownload))
{
throw new HttpException(404, "Not Found");
}
}
else
{
if (!FileSystemUtils.DownloadFile(_portalSettings, int.Parse(UrlUtils.GetParameterValue(URL)), blnClientCache, blnForceDownload))
{
throw new HttpException(404, "Not Found");
}
}
break;
case TabType.Url:
if (objUrls.GetUrl(_portalSettings.PortalId, URL) != null)
{
context.Response.Redirect(URL, true);
}
break;
default:
context.Response.Redirect(URL, true);
break;
}
}
catch (ThreadAbortException ex)
{
ex.ToString();
}
catch (Exception ex)
{
ex.ToString();
throw new HttpException(404, "Not Found");
}
}
else
{
throw new HttpException(404, "Not Found");
}
}
