protected void Page_Load(object sender, EventArgs e) { string idFromPrevious = Cryptography.DecryptUrl(HttpUtility.UrlDecode(Request.QueryString["23rewwr343wd9jfsk23dmjd2q33c3g"])); galleryID = Int32.Parse(idFromPrevious); //SecretText Generate //if (ViewState["StoredText"] == null) //{ // secretEncryptionKey = Cryptography.GetRandomString(); //} //else //{ // secretEncryptionKey = (string)ViewState["StoredText"]; //} //Encrypt of secret text in image of Main if (ViewState["StoredIdMain"] == null) { randomPicIDMain = Cryptography.GetRandomString(); } else { randomPicIDMain = (string)ViewState["StoredIdMain"]; } //Encrypt of secret text in image of Sec if (ViewState["StoredIdSec"] == null) { randomPicIDSec = Cryptography.GetRandomString(); } else { randomPicIDSec = (string)ViewState["StoredIdSec"]; } using (SqlConnection connection = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["F2DatabaseConnectionString"].ConnectionString)) { SqlDataReader reader; SqlCommand cmd = new SqlCommand(); cmd.CommandText = "SELECT [DesignName],[Cost],[CategoryID] FROM [dbo].[Gallery] WHERE [GalleryID]= @GalleryID AND [UserID] = @UserID;"; cmd.Parameters.AddWithValue("GalleryID", galleryID); cmd.Parameters.AddWithValue("UserID", userid); cmd.Connection = connection; connection.Open(); cmd.ExecuteNonQuery(); reader = cmd.ExecuteReader(); while (reader.Read()) { title = reader.GetString(0); amount = reader.GetInt32(1); categoryID = reader.GetInt32(2); } connection.Close(); SqlCommand cmd2 = new SqlCommand(); cmd2.CommandText = "SELECT [CategoryName] FROM [dbo].[Category] WHERE [CategoryID]= @CategoryID;"; cmd2.Parameters.AddWithValue("CategoryID", categoryID); cmd2.Connection = connection; connection.Open(); cmd2.ExecuteNonQuery(); reader = cmd2.ExecuteReader(); while (reader.Read()) { categoryName = reader.GetString(0); } connection.Close(); } this.DesignTitleLabel.Text = title; this.CategoryLabel.Text = categoryName; this.CostLabel.Text = "$" + amount.ToString(); this.SellerLabel.Text = userid; }
protected void Page_Load(object sender, EventArgs e) { using (SqlConnection connection = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["F2DatabaseConnectionString"].ConnectionString)) { SqlDataReader reader; SqlCommand cmd = new SqlCommand(); cmd.CommandText = "SELECT [DesignName],[FileUploadID],[FileUploadSecondaryID],[Cost],[Description] FROM [dbo].[Gallery] WHERE [GalleryID]= @GalleryID AND [UserID] = @UserID;"; cmd.Parameters.Add("@GalleryID", SqlDbType.Int).Value = gid; cmd.Parameters.Add("@UserID", SqlDbType.Int).Value = userid; cmd.Connection = connection; connection.Open(); cmd.ExecuteNonQuery(); reader = cmd.ExecuteReader(); while (reader.Read()) { title = reader.GetString(0); fileuploadID = reader.GetInt32(1); fileuploadsecondaryID = reader.GetInt32(2); amount = reader.GetInt32(3); desc = reader.GetString(4); } connection.Close(); SqlCommand cmd2 = new SqlCommand(); cmd2.CommandText = "SELECT [FileType],[FilePath],[FileSize],[MediaName],[FileUploadSecretID] FROM [dbo].[FileUpload] WHERE [FileUploadID]= @FileUploadID AND [UserID] = @UserID;"; cmd2.Parameters.Add("@FileUploadID", SqlDbType.Int).Value = fileuploadID; cmd2.Parameters.Add("@UserID", SqlDbType.Int).Value = userid; cmd2.Connection = connection; connection.Open(); cmd2.ExecuteNonQuery(); reader = cmd2.ExecuteReader(); while (reader.Read()) { filetypeMain = reader.GetString(0); filepathMain = reader.GetString(1); filesizeMain = reader.GetString(2); filenameMain = reader.GetString(3); fileuploadsecretID = reader.GetInt32(4); } connection.Close(); SqlCommand cmd3 = new SqlCommand(); cmd3.CommandText = "SELECT [FileType],[FilePath],[FileUploadSecondarySecretID] FROM [dbo].[FileUploadSecondary] WHERE [FileUploadSecondaryID]= @FileUploadSecondaryID AND [UserID] = @UserID;"; cmd3.Parameters.Add("@FileUploadSecondaryID", SqlDbType.Int).Value = fileuploadsecondaryID; cmd3.Parameters.Add("@UserID", SqlDbType.Int).Value = userid; cmd3.Connection = connection; connection.Open(); cmd3.ExecuteNonQuery(); reader = cmd3.ExecuteReader(); while (reader.Read()) { filetypeSec = reader.GetString(0); filepathSec = reader.GetString(1); fileuploadsecondarysecretID = reader.GetInt32(2); } connection.Close(); SqlCommand cmd4 = new SqlCommand(); cmd4.CommandText = "SELECT [EmbeddedSecretText],[EmbeddedSecretTextKey] FROM [dbo].[FileUploadSecret] WHERE [FileUploadSecretID]= @FileUploadSecretID;"; cmd4.Parameters.Add("@FileUploadSecretID", SqlDbType.Int).Value = fileuploadsecretID; cmd4.Connection = connection; connection.Open(); cmd4.ExecuteNonQuery(); reader = cmd4.ExecuteReader(); while (reader.Read()) { embeddedsecrettextMain = reader.GetString(0); embeddedsecrettextkeyMain = reader.GetString(1); } connection.Close(); SqlCommand cmd5 = new SqlCommand(); cmd5.CommandText = "SELECT [EmbeddedSecretText],[EmbeddedSecretTextKey] FROM [dbo].[FileUploadSecondarySecret] WHERE [FileUploadSecondarySecretID]= @FileUploadSecondarySecretID;"; cmd5.Parameters.Add("@FileUploadSecondarySecretID", SqlDbType.Int).Value = fileuploadsecondarysecretID; cmd5.Connection = connection; connection.Open(); cmd5.ExecuteNonQuery(); reader = cmd5.ExecuteReader(); while (reader.Read()) { embeddedsecrettextSec = reader.GetString(0); embeddedsecrettextkeySec = reader.GetString(1); } connection.Close(); } DesignTitleLabel.Text = title; NameLabel.Text = "Blah Blah need to change"; //Image if (File.Exists(filepathMain) && File.Exists(filepathSec)) { imageMain = File.ReadAllBytes(filepathMain); imageSec = File.ReadAllBytes(filepathSec); System.Drawing.Image picMain = byteArrayToImage(imageMain); System.Drawing.Image picSec = byteArrayToImage(imageSec); Bitmap bmpMain = new Bitmap(picMain); Bitmap bmpSec = new Bitmap(picSec); //Extraction of secret text string ExtractedTextMain = Cryptography.extractText(bmpMain); string ExtractedTextSec = Cryptography.extractText(bmpSec); //Decrytion of secret text string plainExtractedTextMain = DecryptImageAesIntoString(ExtractedTextMain, embeddedsecrettextkeyMain); string plainExtractedTextSec = DecryptImageAesIntoString(ExtractedTextSec, embeddedsecrettextkeySec); string originalPlainTextMain = DecryptImageAesIntoString(embeddedsecrettextMain, embeddedsecrettextkeyMain); string originalPlainTextSec = DecryptImageAesIntoString(embeddedsecrettextSec, embeddedsecrettextkeySec); if (originalPlainTextMain == plainExtractedTextMain && originalPlainTextSec == plainExtractedTextSec) { //Displaying of sec Image using (MemoryStream ms = new MemoryStream()) { bmpSec.Save(ms, ImageFormat.Png); byte[] byteImageSec = ms.ToArray(); string base64StringImageSec = Convert.ToBase64String(byteImageSec); SecImage.ImageUrl = "data:image/png;base64," + base64StringImageSec; //SecImage.Style["background:url"] = "data:image/png;base64," + base64StringImageSec; } } } }
protected void btnPreviewMain_Click(object sender, EventArgs e) { //Storage of database essentials ViewState["filesizeMain"] = FileUploadMain.PostedFile.ContentLength.ToString(); ViewState["medianameMain"] = FileUploadMain.PostedFile.FileName; //filesizeMain = FileUploadMain.PostedFile.ContentLength.ToString(); //medianameMain = FileUploadMain.PostedFile.FileName; extensionMain = Path.GetExtension(FileUploadMain.FileName); extensionSec = Path.GetExtension(FileUploadMain.FileName); ViewState["extensionMain"] = extensionMain; ViewState["extensionSec"] = extensionSec; if (FileUploadMain.HasFile) { try { if (FileUploadMain.PostedFile.ContentType == "image/png" || FileUploadMain.PostedFile.ContentType == "text/plain") { if (FileUploadMain.PostedFile.ContentLength < 1000000) { photoFolderMain = Path.Combine(fromRootToPhotosMain, randomPicIDMain); ViewState["StoredIdMain"] = randomPicIDMain; photoFolderSec = Path.Combine(fromRootToPhotosSec, randomPicIDSec); ViewState["StoredIdSec"] = randomPicIDSec; //Main Create Dir if (!Directory.Exists(photoFolderMain)) { Directory.CreateDirectory(photoFolderMain); } //Sec Create Dir if (!Directory.Exists(photoFolderSec)) { Directory.CreateDirectory(photoFolderSec); } ViewState["PhotoFolderMain"] = photoFolderMain; ViewState["PhotoFolderSec"] = photoFolderSec; uniqueFileNameMain = Path.ChangeExtension(FileUploadMain.FileName, DateTime.Now.Ticks.ToString()); ViewState["uniqueFileNameMain"] = uniqueFileNameMain; //Editing of main image //Stream strm = FileUploadMain.PostedFile.InputStream; //string targetPath; //using (var img = System.Drawing.Image.FromStream(strm)) //{ // int newWidth = 240; // int newHeight = 240; // var thumbImg = new Bitmap(newWidth, newHeight); // var thumbGraph = Graphics.FromImage(thumbImg); // thumbGraph.CompositingQuality = CompositingQuality.HighQuality; // thumbGraph.InterpolationMode = InterpolationMode.HighQualityBicubic; // thumbGraph.SmoothingMode = SmoothingMode.HighQuality; // var imgRectangle = new Rectangle(0, 0, newWidth, newHeight); // thumbGraph.DrawImage(img, imgRectangle); // targetPath = photoFolderMain + randomPicIDMain + "\\" + uniqueFileNameMain; // using (Bitmap bmp = new Bitmap(thumbImg)) // { // bmp.Save(targetPath ,bmp.RawFormat); // } //} //Embedding secretText into ImageMain Stream strm = FileUploadMain.PostedFile.InputStream; Bitmap WatermarkedImageMain = (Bitmap)Image.FromStream(strm); secretTextMain = Cryptography.GetRandomString(); secretTextKeyMain = Cryptography.GetRandomString(); encrytedSecretTextMain = EncryptStringAesIntoImage(secretTextMain, secretTextKeyMain); WatermarkedImageMain = Cryptography.embedText(encrytedSecretTextMain, WatermarkedImageMain); WatermarkedImageMain.Save(Path.Combine(photoFolderMain, uniqueFileNameMain + extensionMain)); ViewState["secretTextKeyMain"] = secretTextKeyMain; ViewState["encrytedSecretTextMain"] = encrytedSecretTextMain; var clam = new ClamClient("localhost", 3310); var scanResult = clam.ScanFileOnServer(Path.Combine(photoFolderMain, uniqueFileNameMain + extensionMain)); switch (scanResult.Result) { case ClamScanResults.Clean: StatusLabelMain.CssClass = "label label-success"; StatusLabelMain.Text = "Upload status: File uploaded!"; DisplayMainUploadedPhotos(imageToByteArray(WatermarkedImageMain)); DisplaySecondaryUploadedPhotos(); break; case ClamScanResults.VirusDetected: StatusLabelMain.Text = "Upload status: Virus Found!!!!!"; File.Delete(Path.Combine(photoFolderMain, uniqueFileNameMain + extensionMain)); StatusLabelMain.CssClass = "label label-danger"; break; case ClamScanResults.Error: StatusLabelMain.Text = scanResult.RawResult; File.Delete(Path.Combine(photoFolderMain, uniqueFileNameMain + extensionMain)); StatusLabelMain.CssClass = "label label-danger"; break; } } else { StatusLabelMain.Text = "Upload status: The file has to be less than 1 MB!"; StatusLabelMain.CssClass = "label label-danger"; } } else { StatusLabelMain.Text = "Upload status: Only PNG Or BMP files are accepted!"; StatusLabelMain.CssClass = "label label-danger"; } } catch (Exception ex) { StatusLabelMain.Text = "Upload status: The file could not be uploaded. The following error occured: " + ex.Message; } } else { StatusLabelMain.Text = "Upload status: You have not chosen a picture to preview!!"; StatusLabelMain.CssClass = "label label-danger"; } }