protected void Page_Load(object sender, EventArgs e) { // Get the data from the querystring, to be used to get the sent lightbox int lightboxSentId = WebUtils.GetIntRequestParam("lsid", 0); int senderId = WebUtils.GetIntRequestParam("suid", 0); string ticks = WebUtils.GetRequestParam("dst", string.Empty); // Ensure that we have all required querystring data if (lightboxSentId == 0 || senderId == 0 || ticks == string.Empty) { Response.Redirect("~/Login.aspx?error=ContactSheetMissingData", false); return; } // Get the lightbox m_lightboxSent = LightboxSent.Get(lightboxSentId); // Check posted data - ensure that the sender id and ticks match (ie. to ensure user is not messing with the querystring) if (!m_lightboxSent.SenderId.Equals(senderId) || ticks.Length < 6 || !m_lightboxSent.DateSent.Ticks.ToString().Substring(0, 6).Equals(ticks.Substring(0, 6))) { Response.Redirect("~/Login.aspx?error=ContactSheetInvalidData", false); return; } // Ensure the lightbox has not expired if (m_lightboxSent.ExpiryDate.HasValue && m_lightboxSent.ExpiryDate < DateTime.Now) { Response.Redirect("~/Login.aspx?error=ContactSheetExpired", false); return; } // Get the lightbox Lightbox lightbox = m_lightboxSent.Lightbox; // Update the UI with the lightbox information LightboxTitleLabel.Text = lightbox.Name; LightboxSenderName.Text = m_lightboxSent.Sender.FullName; LightboxSenderEmail.EmailAddress = m_lightboxSent.Sender.Email; LightboxDateSentLabel.Text = m_lightboxSent.DateSent.ToString("HH:mm, dd MMMM yyyy"); LightboxDateExpiresLabel.Text = m_lightboxSent.ExpiryDate.HasValue ? m_lightboxSent.ExpiryDate.Value.ToString("HH:mm, dd MMMM yyyy") : "Never"; LightboxNotesLabel.Text = lightbox.Notes; // Get the lightbox assets EntityList <LightboxAsset> lightboxAssetList = lightbox.GetLightboxAssetList(); // Ensure we have at least one row while (lightboxAssetList.Count < LightboxDataList.RepeatColumns) { lightboxAssetList.Add(LightboxAsset.Empty); } // Bind the datalist to the lightbox assets LightboxDataList.DataSource = lightboxAssetList; LightboxDataList.DataBind(); }
public override void ProcessRequest() { if (!SessionInfo.Current.User.IsNull) { //if valid user then process request //using normal AssetFileHandler base.ProcessRequest(); } else { // Get querystring values int assetId = GetIdFromFilename(); int assetImageSizeId = WebUtils.GetIntRequestParam("assetImageSizeId", 0); DownloadFormat downloadFormat = GeneralUtils.ParseEnum(WebUtils.GetRequestParam("AssetImageFormat"), DownloadFormat.Original); bool original = (WebUtils.GetIntRequestParam("original", 0) == 1); int lightboxSentId = WebUtils.GetIntRequestParam("lsid", 0); int senderId = WebUtils.GetIntRequestParam("suid", 0); string ticks = WebUtils.GetRequestParam("dst", string.Empty); // Ensure asset id is specified if (assetId == 0 || lightboxSentId == 0) { InvalidRequest(); return; } // Get the lightbox LightboxSent lightboxSent = LightboxSent.Get(lightboxSentId); //check that it's a valid lightboxsent object if (lightboxSent.IsNull) { InvalidRequest(); return; } // Check posted data - ensure that the sender id and ticks match (ie. to ensure user is not messing with the querystring) if (!lightboxSent.SenderId.Equals(senderId) || ticks.Length < 6 || !lightboxSent.DateSent.Ticks.ToString().Substring(0, 6).Equals(ticks.Substring(0, 6))) { InvalidRequest(); return; } // Make sure sender is a super user if (lightboxSent.Sender.UserRole != UserRole.SuperAdministrator) { InvalidRequest(); return; } //verify that lightbox has download links enabled if (!lightboxSent.DownloadLinks.GetValueOrDefault(false)) { InvalidRequest(); return; } //check that asset exists in the lightbox being sent LightboxAssetFinder finder = new LightboxAssetFinder { LightboxId = lightboxSent.LightboxId, AssetId = assetId }; LightboxAsset lightboxAsset = LightboxAsset.FindOne(finder); if (lightboxAsset.IsNull) { InvalidRequest(); return; } // Get the asset file info AssetFileInfo info = new AssetFileInfo(lightboxAsset.Asset); // Ensure file exists if (!info.FileExists) { InvalidRequest(); return; } // Asset file path string path = info.FilePath; // Always update the audit history for external downloads AuditLogManager.LogAssetAction(assetId, lightboxSent.Sender, AuditAssetAction.DownloadedAssetFile); AuditLogManager.LogUserAction(lightboxSent.Sender, AuditUserAction.DownloadAssetFromContactSheet, string.Format("Downloaded asset {0} via contact sheet, sent by: {1} download by: {2}", assetId, lightboxSent.Sender.FullName, lightboxSent.RecipientEmail)); DownloadAsset(lightboxAsset.Asset, path, original, downloadFormat, assetImageSizeId); } }