/// <summary> /// /// </summary> /// <param name="sender"></param> /// <param name="eventArgs"></param> private void ViewLoad(object sender, EventArgs eventArgs) { try { var urlTerm = (from t in Util.GetTermController().GetTermsByVocabulary(VocabularyId) where t.Name.ToLower() == Tag.ToLower() select t).Single(); if (urlTerm != null) { View.Model.SelectedTerm = (from t in Controller.GetTermsByContentType(ModuleContext.PortalId, ModuleContext.ModuleId, VocabularyId) where t.Name.ToLower() == Tag.ToLower() select t).SingleOrDefault(); View.Model.SelectedCoreTerm = urlTerm; View.Model.TermHistory = Controller.GetTermHistory(ModuleContext.PortalId, urlTerm.TermId); View.ItemDataBound += ItemDataBound; View.Model.CurrentUserID = ModuleContext.PortalSettings.UserId; View.Model.PageTitle = Localization.GetString("HistoryMetaTitle", LocalResourceFile).Replace("[0]", View.Model.SelectedTerm.Name);; View.Model.PageDescription = View.Model.SelectedTerm.Description; View.Refresh(); } else { Response.Redirect(Globals.AccessDeniedURL("AccessDenied"), false); } } catch (Exception exc) { ProcessModuleLoadException(exc); } }
protected override void OnInit(EventArgs e) { base.OnInit(e); if (!TabPermissionController.CanExportPage()) { Response.Redirect(Globals.AccessDeniedURL(), true); } }
protected override void OnInit(EventArgs e) { var currentUser = UserController.Instance.GetCurrentUserInfo(); if (currentUser == null || !currentUser.IsSuperUser) { LocalResourceFile = "/DesktopModules/Admin/HtmlEditorManager/App_LocalResources/ProviderConfiguration.ascx.resx"; Globals.Redirect(Globals.AccessDeniedURL(LocalizeString("CannotManageHTMLEditorProviders")), true); } base.OnInit(e); }
/// <summary> /// /// </summary> private void ViewLoad(object sender, EventArgs eventArgs) { try { var returnUrl = HttpContext.Request.RawUrl; var redirect = false; if (ModuleContext.PortalSettings.UserId < 1) { if (returnUrl.IndexOf("?returnurl=") != -1) { returnUrl = returnUrl.Substring(0, returnUrl.IndexOf("?returnurl=")); } returnUrl = HttpUtility.UrlEncode(returnUrl); returnUrl = Globals.LoginURL(returnUrl, true); redirect = true; } var objTerm = (from t in Util.GetTermController().GetTermsByVocabulary(1) where t.Name.ToLower() == Tag.ToLower() select t).Single(); if (objTerm != null) { View.Model.SelectedTerm = objTerm; View.Model.SelectedTermHistory = Controller.GetTermHistory(ModuleContext.PortalId, objTerm.TermId); var objRemoveNewUser = PrivilegeCollection.Single(s => s.Key == Constants.Privileges.RemoveNewUser.ToString()); if (UserScore.Score >= objRemoveNewUser.Value || ModuleContext.IsEditable) { View.SaveEnabled(true); } else { View.SaveEnabled(false); } View.Save += Save; View.Refresh(); } else { returnUrl = Globals.AccessDeniedURL("AccessDenied"); redirect = true; } if (redirect) { Response.Redirect(returnUrl, false); } } catch (Exception exc) { ProcessModuleLoadException(exc); } }
/// <summary> /// Gets the URL to show the control associated with the given control key. /// </summary> /// <param name="controlKey">The control key, or <see cref="string.Empty"/> or <c>null</c>.</param> /// <returns>Formatted URL.</returns> public string NavigateURL(string controlKey) { if (controlKey == "Access Denied") { return(Globals.AccessDeniedURL()); } else { PortalSettings _portalSettings = this._portalController.GetCurrentPortalSettings(); return(this.NavigateURL(_portalSettings.ActiveTab.TabID, controlKey)); } }
protected override void OnInit(EventArgs e) { base.OnInit(e); if (Request.QueryString["moduleid"] != null) { Int32.TryParse(Request.QueryString["moduleid"], out ModuleId); } if (!ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Edit, "EXPORT", Module)) { Response.Redirect(Globals.AccessDeniedURL(), true); } }
protected override void OnInit(EventArgs e) { base.OnInit(e); if (this.Request.QueryString["moduleid"] != null) { int.TryParse(this.Request.QueryString["moduleid"], out this.ModuleId); } // Verify that the current user has access to edit this module if (!ModulePermissionController.HasModuleAccess(SecurityAccessLevel.Edit, "IMPORT", this.Module)) { this.Response.Redirect(Globals.AccessDeniedURL(), true); } }
protected override void OnLoad(EventArgs e) { base.OnLoad(e); ServicesFramework.Instance.RequestAjaxAntiForgerySupport(); if (Request.IsAuthenticated) { ClientResourceManager.RegisterScript(Page, "~/DesktopModules/CoreMessaging/Scripts/LocalizationController.js"); ClientResourceManager.RegisterScript(Page, "~/DesktopModules/CoreMessaging/Scripts/SubscriptionsViewModel.js"); ClientResourceManager.RegisterScript(Page, "~/DesktopModules/CoreMessaging/Scripts/Subscription.js"); ClientResourceManager.RegisterStyleSheet(Page, "~/DesktopModules/CoreMessaging/subscriptions.css"); } else { Response.Redirect(Globals.AccessDeniedURL(), false); } }
protected override void OnInit(EventArgs e) { base.OnInit(e); if (!UserInfo.IsSuperUser && !UserInfo.IsInRole(PortalSettings.AdministratorRoleName)) { Response.Redirect(Globals.AccessDeniedURL(), true); } UpdateButton.Text = (FolderMappingID == Null.NullInteger) ? Localization.GetString("Add") : Localization.GetString("Update", LocalResourceFile); CancelHyperLink.NavigateUrl = EditUrl("FolderMappings"); var controlTitle = Localization.GetString("ControlTitle", LocalResourceFile); var controlTitlePrefix = (FolderMappingID == Null.NullInteger) ? Localization.GetString("New") : Localization.GetString("Edit"); SyncWarningPlaceHolder.Visible = (FolderMappingID != Null.NullInteger); ModuleConfiguration.ModuleControl.ControlTitle = string.Format(controlTitle, controlTitlePrefix); }
/// <summary> /// /// </summary> private void ViewLoad(object sender, EventArgs eventArgs) { try { if (PostId != Null.NullInteger) { View.Model.SelectedPost = Controller.GetPost(PostId, ModuleContext.PortalId); View.Model.PostHistory = Controller.GetPostHistory(PostId); View.ItemDataBound += ItemDataBound; View.Refresh(); } else { Response.Redirect(Globals.AccessDeniedURL("AccessDenied"), false); } } catch (Exception exc) { ProcessModuleLoadException(exc); } }
/// <summary> /// Denies access to this control. /// </summary> protected void DenyAccess() { this.Response.Redirect(this.Request.IsAuthenticated ? Globals.AccessDeniedURL() : Dnn.Utility.GetLoginUrl(this.PortalSettings, this.Request), true); }
/// <summary> /// /// </summary> protected void ViewLoad(object sender, EventArgs eventArgs) { try { var returnUrl = HttpContext.Request.RawUrl; var redirect = false; if (ModuleContext.PortalSettings.UserId < 1) { if (returnUrl.IndexOf("?returnurl=") != -1) { returnUrl = returnUrl.Substring(0, returnUrl.IndexOf("?returnurl=")); } returnUrl = HttpUtility.UrlEncode(returnUrl); returnUrl = Globals.LoginURL(returnUrl, true); redirect = true; } if (PostId != Null.NullInteger) { var objPost = Controller.GetPost(PostId, ModuleContext.PortalId); if (objPost != null) { View.Model.SelectedPost = objPost; View.ShowAuditControl(true); if (objPost.ParentId > 0) { View.ShowQuestionSpecific(false); var objQuestion = Controller.GetPost(objPost.ParentId, ModuleContext.PortalId); View.Model.QuestionUrl = Links.ViewQuestion(objQuestion.PostId, objQuestion.Title, ModuleContext.PortalSettings.ActiveTab, ModuleContext.PortalSettings); } else { View.ShowQuestionSpecific(true); View.Model.QuestionUrl = Links.ViewQuestion(objPost.PostId, objPost.Title, ModuleContext.PortalSettings.ActiveTab, ModuleContext.PortalSettings); } // change from just iseditable? View.ShowDeleteButton(ModuleContext.IsEditable); if (objPost.ParentId > 0) { View.ShowTagEdits(false); } else { // if the user is the original question author (new user status controls the 'edit' button display) var objEdit = PrivilegeCollection.Single(s => s.Key == Constants.Privileges.EditQuestionsAndAnswers.ToString()); if (View.Model.SelectedPost.CreatedUserId == ModuleContext.PortalSettings.UserId) { View.ShowTagEdits(true); View.PermitPostEdit(true, (objPost.ParentId < 1)); } else { var objRetag = PrivilegeCollection.Single(s => s.Key == Constants.Privileges.RetagQuestion.ToString()); if (UserScore.Score >= objRetag.Value || ModuleContext.IsEditable) { View.ShowTagEdits(true); View.PermitPostEdit(((UserScore.Score >= objEdit.Value) || ModuleContext.IsEditable), (objPost.ParentId < 1)); } else { View.ShowTagEdits(false); View.PermitPostEdit(((UserScore.Score >= objEdit.Value) || ModuleContext.IsEditable), (objPost.ParentId < 1)); } } View.Model.SelectedTags = Controller.GetTermsByContentItem(objPost.ContentItemId, VocabularyId); } } else { returnUrl = Globals.AccessDeniedURL("AccessDenied"); redirect = true; } } else { returnUrl = Globals.AccessDeniedURL("AccessDenied"); redirect = true; } if (redirect) { Response.Redirect(returnUrl, false); return; } var objRemoveNewUser = PrivilegeCollection.Single(s => s.Key == Constants.Privileges.RemoveNewUser.ToString()); if (UserScore.Score >= objRemoveNewUser.Value || ModuleContext.IsEditable) { View.SaveEnabled(true); } else { var objLastPost = Controller.GetUsersLastPost(ModuleContext.PortalSettings.UserId, ModuleContext.PortalId); View.SaveEnabled(objLastPost.CreatedDate <= DateTime.Now.AddMinutes(-1)); } View.Delete += Delete; View.Save += Save; View.Refresh(); } catch (Exception exc) { ProcessModuleLoadException(exc); } }
/// <summary> /// /// </summary> /// <remarks>There is a potential problem here. If a user attempts to view a term that is not used in the module (need to investigate).</remarks> protected void ViewLoad(object sender, EventArgs eventArgs) { try { var objTermApprove = ThresholdCollection.Single(s => s.Key == Constants.OpThresholds.TermSynonymApproveCount.ToString()); var objTermReject = ThresholdCollection.Single(s => s.Key == Constants.OpThresholds.TermSynonymRejectCount.ToString()); var objMaxSynonym = ThresholdCollection.Single(s => s.Key == Constants.OpThresholds.TermSynonymMaxCount.ToString()); var synonymCount = 0; var urlTerm = (from t in Controller.GetTermsByContentType(ModuleContext.PortalId, ModuleContext.ModuleId, VocabularyId) where t.Name.ToLower() == Tag.ToLower() select t).SingleOrDefault(); if (urlTerm != null) { var portalSynonyms = Controller.GetTermSynonyms(ModuleContext.PortalId); var activeSynonyms = (from t in portalSynonyms where t.MasterTermId == urlTerm.TermId && t.Score >= objTermApprove.Value select t) .ToList(); View.Model.SuggestedTermSynonyms = (from t in portalSynonyms where ((t.MasterTermId == urlTerm.TermId) && ((t.Score < objTermApprove.Value) && (t.Score > -objTermReject.Value))) select t).ToList(); View.Model.SelectedTerm = urlTerm; var colTerms = new List <TermInfo>(); foreach (var objSynonym in activeSynonyms) { var synonym = objSynonym; var termTerm = (from t in Controller.GetTermsByContentType(ModuleContext.PortalId, ModuleContext.ModuleId, VocabularyId) where t.TermId == synonym.RelatedTermId select t).SingleOrDefault(); if (termTerm == null) { // the term is not currently used within this module, go to core taxonomy store var objTerm = (from t in Util.GetTermController().GetTermsByVocabulary(1) where t.TermId == synonym.RelatedTermId select t).SingleOrDefault(); var objTermInfo = new TermInfo { DayTermUsage = 0, TotalTermUsage = 0, MonthTermUsage = 0, WeekTermUsage = 0, TermId = objTerm.TermId, Name = objTerm.Name, Description = objTerm.Description }; colTerms.Add(objTermInfo); } else { // in taxonomy colTerms.Add(termTerm); } } View.Model.ActiveTermSynonyms = colTerms; // we need to make sure we don't go above the max synonym count; synonymCount = View.Model.ActiveTermSynonyms.Count + View.Model.SuggestedTermSynonyms.Count; } else { // check to make sure this is a term in taxonomy (maybe it just wasn't associated with the content type) var objTerm = (from t in Util.GetTermController().GetTermsByVocabulary(1) where t.Name.ToLower() == Tag.ToLower() select t).SingleOrDefault(); if (objTerm != null) { var objTermInfo = new TermInfo(); View.Model.ActiveTermSynonyms = new List <TermInfo>(); View.Model.SuggestedTermSynonyms = new List <TermSynonymInfo>(); objTermInfo.DayTermUsage = 0; objTermInfo.TotalTermUsage = 0; objTermInfo.MonthTermUsage = 0; objTermInfo.WeekTermUsage = 0; objTermInfo.TermId = objTerm.TermId; objTermInfo.Name = objTerm.Name; objTermInfo.Description = objTerm.Description; View.Model.SelectedTerm = objTermInfo; } else { Response.Redirect(Globals.AccessDeniedURL("AccessDenied"), false); } } View.Model.SelectedView = ControlView; View.ItemDataBound += ItemDataBound; View.AddSynonym += AddSynonym; View.DeleteSynonym += DeleteSynonym; View.ShowActiveSynonyms(View.Model.ActiveTermSynonyms.Count > 0); if (synonymCount < objMaxSynonym.Value) { // check priv. var objSuggestPriv = PrivilegeCollection.Single(s => s.Key == Constants.Privileges.CreateTagSynonym.ToString()); if (objSuggestPriv != null) { // var objMinSynonymCreateAnswer = //colOpThresholds.Single(s => s.Key == Constants.OpThresholds.UserTermSynonymCreateMinAnswerCount.ToString()); if ((UserScore.Score >= objSuggestPriv.Value || ModuleContext.IsEditable)) { View.ShowAddSynonym(true); View.ShowSuggestedSynonyms(true); } else { View.ShowAddSynonym(false); View.ShowSuggestedSynonyms(View.Model.SuggestedTermSynonyms.Count > 0); } } } else { View.ShowAddSynonym(false); View.ShowSuggestedSynonyms(View.Model.SuggestedTermSynonyms.Count > 0); } switch (View.Model.SelectedView.ToLower()) { case "termsynonyms": View.Model.PageTitle = Localization.GetString("SynonymMetaTitle", LocalResourceFile).Replace("[0]", View.Model.SelectedTerm.Name); View.Model.PageDescription = Localization.GetString("SynonymMetaDescription", LocalResourceFile).Replace("[0]", View.Model.SelectedTerm.Name); break; default: View.Model.PageTitle = Localization.GetString("DetailMetaTitle", LocalResourceFile).Replace("[0]", View.Model.SelectedTerm.Name);; View.Model.PageDescription = View.Model.SelectedTerm.Description; break; } // this should only factor in privileges/moderation + any op thresholds View.Refresh(); } catch (Exception exc) { ProcessModuleLoadException(exc); } }
protected void Page_Load(object sender, System.EventArgs e) { try { SetResStrings(); if (!IsPostBack) { if (!IsValidUser()) { var url = Globals.AccessDeniedURL(); url = string.Format("{0}{1}popUp=true", url, url.Contains("?") ? "&" : "?"); Response.Redirect(url, true); } FixAllowedExtensions(); int portalID = DotNetNuke.Entities.Portals.PortalController.GetCurrentPortalSettings().PortalId; ArrayList folders = DotNetNuke.Common.Utilities.FileSystemUtils.GetFoldersByUser(portalID, true, true, "Add"); //filter out only folders below the editor's template path string strStartFolder = ""; try { if (!String.IsNullOrEmpty(Request.QueryString["path"])) { strStartFolder = Request.QueryString["path"]; } } catch { } ArrayList tmpFolders = new ArrayList(); foreach (DotNetNuke.Services.FileSystem.FolderInfo folder in folders) { if (folder.FolderPath.StartsWith(strStartFolder)) { tmpFolders.Add(folder); } } if (tmpFolders.Count == 0) { msgError.InnerHtml = GetString("msgNoFolders.Text"); divInputArea.Visible = false; cmdClose.Visible = true; } else { FolderList.Items.Clear(); FolderList.DataTextField = "FolderPath"; FolderList.DataValueField = "FolderPath"; FolderList.DataSource = tmpFolders; FolderList.DataBind(); RadComboBoxItem rootFolder = FolderList.FindItemByText(string.Empty); if (rootFolder != null) { rootFolder.Text = GetString("lblRootFolder.Text"); } } } } catch (Exception ex) { DotNetNuke.Services.Exceptions.Exceptions.LogException(ex); throw ex; } }
public string AccessDeniedURL() { return(Globals.AccessDeniedURL()); }
/// <summary> /// /// </summary> private void ViewLoad(object sender, EventArgs eventArgs) { try { if (!IsPostBack) { Controller.IncreaseViewCount(QuestionID, ModuleContext.PortalId); IsPostBack = true; } if (QuestionID < 1) { Response.Redirect(Globals.AccessDeniedURL("AccessDenied"), false); return; } var question = Controller.GetQuestion(QuestionID, ModuleContext.PortalId); if (question == null) { Response.Redirect(Globals.AccessDeniedURL(Localization.GetString("InvalidPost", LocalResourceFile)), false); return; } // NOTE: I may want to revisit this, to add link to specific postid. if (question.ParentId != 0) { question = Controller.GetQuestion(question.ParentId, ModuleContext.PortalId); } var questionVotes = Controller.GetPostVotes(QuestionID); View.Model.Privileges = PrivilegeCollection.ToList(); View.Model.Question = question; View.Model.QuestionVotes = questionVotes; View.ItemDataBound += ItemDataBound; var allUserSubs = Controller.GetUserSubscriptions(ModuleContext.PortalId, ModuleContext.PortalSettings.UserId); var colSubs = (from t in allUserSubs where t.PostId == QuestionID select t).SingleOrDefault(); View.SubscribeButtonMode(colSubs != null); View.Model.NewPost = new PostInfo(); var returnUrl = HttpContext.Request.RawUrl; if (ModuleContext.PortalSettings.UserId < 1) { if (returnUrl.IndexOf("?returnurl=") != -1) { returnUrl = returnUrl.Substring(0, returnUrl.IndexOf("?returnurl=")); } returnUrl = HttpUtility.UrlEncode(returnUrl); returnUrl = Globals.LoginURL(returnUrl, true); } var objRemoveNewUser = PrivilegeCollection.Single(s => s.Key == Constants.Privileges.RemoveNewUser.ToString()); if (question.CreatedUserId == ModuleContext.PortalSettings.UserId) { // we would only leave false if removing ability for question authors to answer their own questions (would need to update SaveEnabled method in questions.ascx.cs) if ((UserScore.Score >= objRemoveNewUser.Value) || ModuleContext.IsEditable) { View.SaveEnabled(true); } else { View.SaveEnabled(false); } } else { if ((UserScore.Score >= objRemoveNewUser.Value) || ModuleContext.IsEditable) { View.SaveEnabled(true); } else { var objLastPost = Controller.GetUsersLastPost(ModuleContext.PortalSettings.UserId, ModuleContext.PortalId); if (objLastPost != null) { View.SaveEnabled(objLastPost.CreatedDate <= DateTime.Now.AddMinutes(-1)); } else { View.SaveEnabled(true); } } } View.Model.ColAnswers = BindAnswers(0); if (View.Model.ColAnswers.Count() >= PageSize) { View.ShowAnswerArea(false); } else { var colUserAnswers = (from t in View.Model.ColAnswers where t.CreatedUserId == ModuleContext.PortalSettings.UserId select t); View.ShowAnswerArea(colUserAnswers.Count() <= 0); } View.Model.LoginUrl = returnUrl; View.Model.SortBy = Sort; var objScore = Controller.GetUserScore(question.CreatedUserId, ModuleContext.PortalId) ?? new UserScoreInfo { Score = 0 }; View.Model.QuestionAuthorScore = objScore.Score; View.Model.QuestionEditedUserScore = question.CreatedUserId == question.LastModifiedUserId ? View.Model.QuestionAuthorScore : Controller.GetUserScore(question.LastModifiedUserId, ModuleContext.PortalId).Score; if (ModuleContext.Settings.ContainsKey(Constants.SettingsFacebookAppId)) { if (Convert.ToString(ModuleContext.Settings[Constants.SettingsFacebookAppId]).Length > 0) { View.Model.FacebookAppId = Convert.ToString(ModuleContext.Settings[Constants.SettingsFacebookAppId]); } } View.Model.EnablePlusOne = ModuleContext.Settings.ContainsKey(Constants.SettingsEnablePlusOne) && Convert.ToBoolean(ModuleContext.Settings[Constants.SettingsEnablePlusOne]); View.Model.EnableTwitter = ModuleContext.Settings.ContainsKey(Constants.SettingsEnableTwitter) && Convert.ToBoolean(ModuleContext.Settings[Constants.SettingsEnableTwitter]); View.Model.EnableLinkedIn = ModuleContext.Settings.ContainsKey(Constants.SettingsEnableLinkedIn) && Convert.ToBoolean(ModuleContext.Settings[Constants.SettingsEnableLinkedIn]); View.Save += Save; View.Subscribe += Subscribe; View.FlagPost += FlagPost; View.DeletePost += DeletePost; View.AcceptAnswer += AcceptAnswer; View.PagerChanged += PagerChanged; View.QuestionDataBound += QuestionDataBound; View.Refresh(); } catch (Exception exc) { ProcessModuleLoadException(exc); } }
protected void Page_Load(object sender, System.EventArgs e) { try { if (!IsEditable) { Response.Redirect(Globals.AccessDeniedURL(LocalizeSharedResource("No_Edit_Permission")), true); } DotNetNuke.Framework.AJAX.RegisterScriptManager(); DotNetNuke.Framework.AJAX.RegisterPostBackControl(cmdFind); DotNetNuke.Framework.AJAX.RegisterPostBackControl(cmdAdd); DotNetNuke.Framework.AJAX.RegisterPostBackControl(cmdReturn); string validationGroup = "WESNet_ContentDejour_Update" + ModuleId.ToString(); valStartDate.ValidationGroup = validationGroup; valEndDate.ValidationGroup = validationGroup; cmdUpdate.ValidationGroup = validationGroup; DotNetNuke.UI.Utilities.ClientAPI.AddButtonConfirm(cmdDelete, LocalizeString("CONFIRM_DELETE")); if (!IsPostBack) { Localization.LocalizeDataGrid(ref dgSelectContent, LocalResourceFile); LocalizeCheckBoxList(cblUnauthenticatedOrDefaultValue); if (_ProfilePropertyEditControl == null) { dgSelectContent.Columns[5].Visible = false; } else { dgSelectContent.Columns[5].HeaderText = _LocalizedProfilePropertyName; } PopulateListControls(); if (Request.QueryString["KeyID"] != null) { KeyID = int.Parse(Request.QueryString["KeyID"]); } if (KeyID > 0) { Mode = "Edit"; BindData(true); } else { //Clear form field values ClearFields(); if (KeyID == Null.NullInteger) { Mode = "Add"; } else if (KeyID == 0) { Mode = "Select"; SortColumns.SetInitialSort(DefaultSortExpression); BindGrid(false); } else { Response.Redirect(Globals.AccessDeniedURL(string.Format(LocalizeSharedResource("No_Access_Invalid_KeyID"), KeyID)), true); } } } if (cblMonths.Items[12].Text == string.Empty) { cblMonths.Items[12].Attributes.Add("style", "display:none"); } } catch (Exception exc) { Exceptions.ProcessModuleLoadException(this, exc); } }
protected void RedirectToAccessDenied() { Response.Redirect(Globals.AccessDeniedURL(), true); }
public string AccessDeniedURL(string Message) { return(Globals.AccessDeniedURL(Message)); }
/// ----------------------------------------------------------------------------- /// <summary> /// This handler handles requests for LinkClick.aspx, but only those specifc /// to file serving /// </summary> /// <param name="context">System.Web.HttpContext)</param> /// <remarks> /// </remarks> /// <history> /// [cpaterra] 4/19/2006 Created /// </history> /// ----------------------------------------------------------------------------- public void ProcessRequest(HttpContext context) { PortalSettings _portalSettings = PortalController.GetCurrentPortalSettings(); int TabId = -1; int ModuleId = -1; try { //get TabId if (context.Request.QueryString["tabid"] != null) { Int32.TryParse(context.Request.QueryString["tabid"], out TabId); } //get ModuleId if (context.Request.QueryString["mid"] != null) { Int32.TryParse(context.Request.QueryString["mid"], out ModuleId); } } catch (Exception) { //The TabId or ModuleId are incorrectly formatted (potential DOS) Exceptions.Exceptions.ProcessHttpException(context.Request); } //get Language string Language = _portalSettings.DefaultLanguage; if (context.Request.QueryString["language"] != null) { Language = context.Request.QueryString["language"]; } else { if (context.Request.Cookies["language"] != null) { Language = context.Request.Cookies["language"].Value; } } if (LocaleController.Instance.IsEnabled(ref Language, _portalSettings.PortalId)) { Localization.Localization.SetThreadCultures(new CultureInfo(Language), _portalSettings); Localization.Localization.SetLanguage(Language); } //get the URL string URL = ""; bool blnClientCache = true; bool blnForceDownload = false; if (context.Request.QueryString["fileticket"] != null) { URL = "FileID=" + FileLinkClickController.Instance.GetFileIdFromLinkClick(context.Request.QueryString); } if (context.Request.QueryString["userticket"] != null) { URL = "UserId=" + UrlUtils.DecryptParameter(context.Request.QueryString["userticket"]); } if (context.Request.QueryString["link"] != null) { URL = context.Request.QueryString["link"]; if (URL.ToLowerInvariant().StartsWith("fileid=")) { URL = ""; //restrict direct access by FileID } } if (!String.IsNullOrEmpty(URL)) { URL = URL.Replace(@"\", @"/"); //update clicks, this must be done first, because the url tracker works with unmodified urls, like tabid, fileid etc var objUrls = new UrlController(); objUrls.UpdateUrlTracking(_portalSettings.PortalId, URL, ModuleId, -1); TabType UrlType = Globals.GetURLType(URL); if (UrlType == TabType.Tab) { //verify whether the tab is exist, otherwise throw out 404. if (new TabController().GetTab(int.Parse(URL), _portalSettings.PortalId, false) == null) { Exceptions.Exceptions.ProcessHttpException(); } } if (UrlType != TabType.File) { URL = Globals.LinkClick(URL, TabId, ModuleId, false); } if (UrlType == TabType.File && URL.ToLowerInvariant().StartsWith("fileid=") == false) { //to handle legacy scenarios before the introduction of the FileServerHandler var fileName = Path.GetFileName(URL); var folderPath = URL.Substring(0, URL.LastIndexOf(fileName)); var folder = FolderManager.Instance.GetFolder(_portalSettings.PortalId, folderPath); var file = FileManager.Instance.GetFile(folder, fileName); URL = "FileID=" + file.FileId; } //get optional parameters if (context.Request.QueryString["clientcache"] != null) { blnClientCache = bool.Parse(context.Request.QueryString["clientcache"]); } if ((context.Request.QueryString["forcedownload"] != null) || (context.Request.QueryString["contenttype"] != null)) { blnForceDownload = bool.Parse(context.Request.QueryString["forcedownload"]); } var contentDisposition = blnForceDownload ? ContentDisposition.Attachment : ContentDisposition.Inline; //clear the current response context.Response.Clear(); var fileManager = FileManager.Instance; try { switch (UrlType) { case TabType.File: var download = false; var file = fileManager.GetFile(int.Parse(UrlUtils.GetParameterValue(URL))); if (file != null) { if (!file.IsEnabled) { if (context.Request.IsAuthenticated) { context.Response.Redirect(Globals.AccessDeniedURL(Localization.Localization.GetString("FileAccess.Error")), true); } else { context.Response.Redirect(Globals.AccessDeniedURL(), true); } } try { var folderMapping = FolderMappingController.Instance.GetFolderMapping(file.PortalId, file.FolderMappingID); var directUrl = fileManager.GetUrl(file); if (directUrl.Contains("LinkClick") || (blnForceDownload && folderMapping.FolderProviderType == "StandardFolderProvider")) { fileManager.WriteFileToResponse(file, contentDisposition); download = true; } else { context.Response.Redirect(directUrl, /*endResponse*/ true); } } catch (PermissionsNotMetException) { if (context.Request.IsAuthenticated) { context.Response.Redirect(Globals.AccessDeniedURL(Localization.Localization.GetString("FileAccess.Error")), true); } else { context.Response.Redirect(Globals.AccessDeniedURL(), true); } } catch (Exception ex) { Logger.Error(ex); } } if (!download) { Exceptions.Exceptions.ProcessHttpException(URL); } break; case TabType.Url: //prevent phishing by verifying that URL exists in URLs table for Portal if (objUrls.GetUrl(_portalSettings.PortalId, URL) != null) { context.Response.Redirect(URL, true); } break; default: //redirect to URL context.Response.Redirect(URL, true); break; } } catch (ThreadAbortException exc) { Logger.Error(exc); } catch (Exception) { Exceptions.Exceptions.ProcessHttpException(URL); } } else { Exceptions.Exceptions.ProcessHttpException(URL); } }