/// <Summary>
/// This handler handles requests for LinkClick.aspx, but only those specifc
/// to file serving
/// </Summary>
/// <Param name="context">System.Web.HttpContext)</Param>
public virtual void ProcessRequest(HttpContext context)
{
PortalSettings portalSettings = PortalController.GetCurrentPortalSettings();
// get TabId
int tabId = -1;
if (context.Request.QueryString["tabid"] != null)
{
tabId = int.Parse(context.Request.QueryString["tabid"]);
}
// get ModuleId
int moduleId = -1;
if (context.Request.QueryString["mid"] != null)
{
moduleId = int.Parse(context.Request.QueryString["mid"]);
}
// get the URL
string URL = "";
bool blnClientCache = true;
bool blnForceDownload = false;
if (context.Request.QueryString["fileticket"] != null)
{
URL = "FileID=" + UrlUtils.DecryptParameter(context.Request.QueryString["fileticket"]);
}
if (context.Request.QueryString["userticket"] != null)
{
URL = "UserId=" + UrlUtils.DecryptParameter(context.Request.QueryString["userticket"]);
}
if (context.Request.QueryString["link"] != null)
{
URL = context.Request.QueryString["link"];
if (URL.ToLower().StartsWith("fileid="))
{
URL = ""; // restrict direct access by FileID
}
}
if (!String.IsNullOrEmpty(URL))
{
TabType UrlType = Globals.GetURLType(URL);
if (UrlType != TabType.File)
{
URL = Globals.LinkClick(URL, tabId, moduleId, false);
}
if (UrlType == TabType.File && URL.ToLower().StartsWith("fileid=") == false)
{
// to handle legacy scenarios before the introduction of the FileServerHandler
FileController objFiles = new FileController();
URL = "FileID=" + objFiles.ConvertFilePathToFileId(URL, portalSettings.PortalId);
}
// get optional parameters
if (context.Request.QueryString["clientcache"] != null)
{
blnClientCache = bool.Parse(context.Request.QueryString["clientcache"]);
}
if ((context.Request.QueryString["forcedownload"] != null) || (context.Request.QueryString["contenttype"] != null))
{
blnForceDownload = bool.Parse(context.Request.QueryString["forcedownload"]);
}
// update clicks
UrlController objUrls = new UrlController();
objUrls.UpdateUrlTracking(portalSettings.PortalId, URL, moduleId, -1);
// clear the current response
context.Response.Clear();
if (UrlType == TabType.File)
{
// serve the file
if (tabId == Null.NullInteger)
{
if (!(FileSystemUtils.DownloadFile(portalSettings.PortalId, int.Parse(UrlUtils.GetParameterValue(URL)), blnClientCache, blnForceDownload)))
{
context.Response.Write(Services.Localization.Localization.GetString("FilePermission.Error"));
}
}
else
{
if (!(FileSystemUtils.DownloadFile(portalSettings, int.Parse(UrlUtils.GetParameterValue(URL)), blnClientCache, blnForceDownload)))
{
context.Response.Write(Services.Localization.Localization.GetString("FilePermission.Error"));
}
}
}
else
{
// redirect to URL
context.Response.Redirect(URL, true);
}
}
}
/// -----------------------------------------------------------------------------
/// <summary>
/// This handler handles requests for LinkClick.aspx, but only those specifc
/// to file serving
/// </summary>
/// <param name="context">System.Web.HttpContext)</param>
/// <remarks>
/// </remarks>
/// <history>
/// [cpaterra] 4/19/2006 Created
/// </history>
/// -----------------------------------------------------------------------------
public void ProcessRequest(HttpContext context)
{
PortalSettings _portalSettings = PortalController.GetCurrentPortalSettings();
int TabId = -1;
int ModuleId = -1;
try
{
//get TabId
if (context.Request.QueryString["tabid"] != null)
{
Int32.TryParse(context.Request.QueryString["tabid"], out TabId);
}
//get ModuleId
if (context.Request.QueryString["mid"] != null)
{
Int32.TryParse(context.Request.QueryString["mid"], out ModuleId);
}
}
catch (Exception)
{
//The TabId or ModuleId are incorrectly formatted (potential DOS)
Exceptions.Exceptions.ProcessHttpException(context.Request);
}
//get Language
string Language = _portalSettings.DefaultLanguage;
if (context.Request.QueryString["language"] != null)
{
Language = context.Request.QueryString["language"];
}
else
{
if (context.Request.Cookies["language"] != null)
{
Language = context.Request.Cookies["language"].Value;
}
}
if (LocaleController.Instance.IsEnabled(ref Language, _portalSettings.PortalId))
{
Localization.Localization.SetThreadCultures(new CultureInfo(Language), _portalSettings);
Localization.Localization.SetLanguage(Language);
}
//get the URL
string URL = "";
bool blnClientCache = true;
bool blnForceDownload = false;
if (context.Request.QueryString["fileticket"] != null)
{
URL = "FileID=" + FileLinkClickController.Instance.GetFileIdFromLinkClick(context.Request.QueryString);
}
if (context.Request.QueryString["userticket"] != null)
{
URL = "UserId=" + UrlUtils.DecryptParameter(context.Request.QueryString["userticket"]);
}
if (context.Request.QueryString["link"] != null)
{
URL = context.Request.QueryString["link"];
if (URL.ToLowerInvariant().StartsWith("fileid="))
{
URL = ""; //restrict direct access by FileID
}
}
if (!String.IsNullOrEmpty(URL))
{
URL = URL.Replace(@"\", @"/");
//update clicks, this must be done first, because the url tracker works with unmodified urls, like tabid, fileid etc
var objUrls = new UrlController();
objUrls.UpdateUrlTracking(_portalSettings.PortalId, URL, ModuleId, -1);
TabType UrlType = Globals.GetURLType(URL);
if (UrlType == TabType.Tab)
{
//verify whether the tab is exist, otherwise throw out 404.
if (new TabController().GetTab(int.Parse(URL), _portalSettings.PortalId, false) == null)
{
Exceptions.Exceptions.ProcessHttpException();
}
}
if (UrlType != TabType.File)
{
URL = Globals.LinkClick(URL, TabId, ModuleId, false);
}
if (UrlType == TabType.File && URL.ToLowerInvariant().StartsWith("fileid=") == false)
{
//to handle legacy scenarios before the introduction of the FileServerHandler
var fileName = Path.GetFileName(URL);
var folderPath = URL.Substring(0, URL.LastIndexOf(fileName));
var folder = FolderManager.Instance.GetFolder(_portalSettings.PortalId, folderPath);
var file = FileManager.Instance.GetFile(folder, fileName);
URL = "FileID=" + file.FileId;
}
//get optional parameters
if (context.Request.QueryString["clientcache"] != null)
{
blnClientCache = bool.Parse(context.Request.QueryString["clientcache"]);
}
if ((context.Request.QueryString["forcedownload"] != null) || (context.Request.QueryString["contenttype"] != null))
{
blnForceDownload = bool.Parse(context.Request.QueryString["forcedownload"]);
}
var contentDisposition = blnForceDownload ? ContentDisposition.Attachment : ContentDisposition.Inline;
//clear the current response
context.Response.Clear();
var fileManager = FileManager.Instance;
try
{
switch (UrlType)
{
case TabType.File:
var download = false;
var file = fileManager.GetFile(int.Parse(UrlUtils.GetParameterValue(URL)));
if (file != null)
{
if (!file.IsEnabled)
{
if (context.Request.IsAuthenticated)
{
context.Response.Redirect(Globals.AccessDeniedURL(Localization.Localization.GetString("FileAccess.Error")), true);
}
else
{
context.Response.Redirect(Globals.AccessDeniedURL(), true);
}
}
try
{
var folderMapping = FolderMappingController.Instance.GetFolderMapping(file.PortalId, file.FolderMappingID);
var directUrl = fileManager.GetUrl(file);
if (directUrl.Contains("LinkClick") || (blnForceDownload && folderMapping.FolderProviderType == "StandardFolderProvider"))
{
fileManager.WriteFileToResponse(file, contentDisposition);
download = true;
}
else
{
context.Response.Redirect(directUrl, /*endResponse*/ true);
}
}
catch (PermissionsNotMetException)
{
if (context.Request.IsAuthenticated)
{
context.Response.Redirect(Globals.AccessDeniedURL(Localization.Localization.GetString("FileAccess.Error")), true);
}
else
{
context.Response.Redirect(Globals.AccessDeniedURL(), true);
}
}
catch (Exception ex)
{
Logger.Error(ex);
}
}
if (!download)
{
Exceptions.Exceptions.ProcessHttpException(URL);
}
break;
case TabType.Url:
//prevent phishing by verifying that URL exists in URLs table for Portal
if (objUrls.GetUrl(_portalSettings.PortalId, URL) != null)
{
context.Response.Redirect(URL, true);
}
break;
default:
//redirect to URL
context.Response.Redirect(URL, true);
break;
}
}
catch (ThreadAbortException exc)
{
Logger.Error(exc);
}
catch (Exception)
{
Exceptions.Exceptions.ProcessHttpException(URL);
}
}
else
{
Exceptions.Exceptions.ProcessHttpException(URL);
}
}
public void ProcessRequest(System.Web.HttpContext context)
{
PortalSettings _portalSettings = PortalController.GetCurrentPortalSettings();
int TabId = -1;
int ModuleId = -1;
try
{
if (context.Request.QueryString["tabid"] != null)
{
Int32.TryParse(context.Request.QueryString["tabid"], out TabId);
}
if (context.Request.QueryString["mid"] != null)
{
Int32.TryParse(context.Request.QueryString["mid"], out ModuleId);
}
}
catch (Exception ex)
{
ex.ToString();
throw new HttpException(404, "Not Found");
}
string Language = _portalSettings.DefaultLanguage;
if (context.Request.QueryString["language"] != null)
{
Language = context.Request.QueryString["language"];
}
else
{
if (context.Request.Cookies["language"] != null)
{
Language = context.Request.Cookies["language"].Value;
}
}
if (Localization.Localization.LocaleIsEnabled(Language))
{
System.Threading.Thread.CurrentThread.CurrentCulture = new CultureInfo(Language);
Localization.Localization.SetLanguage(Language);
}
string URL = "";
bool blnClientCache = true;
bool blnForceDownload = false;
if (context.Request.QueryString["fileticket"] != null)
{
URL = "FileID=" + UrlUtils.DecryptParameter(context.Request.QueryString["fileticket"]);
}
if (context.Request.QueryString["userticket"] != null)
{
URL = "UserId=" + UrlUtils.DecryptParameter(context.Request.QueryString["userticket"]);
}
if (context.Request.QueryString["link"] != null)
{
URL = context.Request.QueryString["link"];
if (URL.ToLowerInvariant().StartsWith("fileid="))
{
URL = "";
}
}
if (!String.IsNullOrEmpty(URL))
{
UrlController objUrls = new UrlController();
objUrls.UpdateUrlTracking(_portalSettings.PortalId, URL, ModuleId, -1);
TabType UrlType = Globals.GetURLType(URL);
if (UrlType != TabType.File)
{
URL = Common.Globals.LinkClick(URL, TabId, ModuleId, false);
}
if (UrlType == TabType.File && URL.ToLowerInvariant().StartsWith("fileid=") == false)
{
FileController objFiles = new FileController();
URL = "FileID=" + objFiles.ConvertFilePathToFileId(URL, _portalSettings.PortalId);
}
if (context.Request.QueryString["clientcache"] != null)
{
blnClientCache = bool.Parse(context.Request.QueryString["clientcache"]);
}
if ((context.Request.QueryString["forcedownload"] != null) || (context.Request.QueryString["contenttype"] != null))
{
blnForceDownload = bool.Parse(context.Request.QueryString["forcedownload"]);
}
context.Response.Clear();
try
{
switch (UrlType)
{
case TabType.File:
if (TabId == Null.NullInteger)
{
if (!FileSystemUtils.DownloadFile(_portalSettings.PortalId, int.Parse(UrlUtils.GetParameterValue(URL)), blnClientCache, blnForceDownload))
{
throw new HttpException(404, "Not Found");
}
}
else
{
if (!FileSystemUtils.DownloadFile(_portalSettings, int.Parse(UrlUtils.GetParameterValue(URL)), blnClientCache, blnForceDownload))
{
throw new HttpException(404, "Not Found");
}
}
break;
case TabType.Url:
if (objUrls.GetUrl(_portalSettings.PortalId, URL) != null)
{
context.Response.Redirect(URL, true);
}
break;
default:
context.Response.Redirect(URL, true);
break;
}
}
catch (ThreadAbortException ex)
{
ex.ToString();
}
catch (Exception ex)
{
ex.ToString();
throw new HttpException(404, "Not Found");
}
}
else
{
throw new HttpException(404, "Not Found");
}
}