public JsonResult CheckSecurity(string path)
{
var result = PathInfo.CheckSecurity(path).Result&& CheckFolderExistence(path);
Session[$"upload_{path}"] = result;
return(Json(new { result }, JsonRequestBehavior.AllowGet));
}
public JsonResult CheckSecurity(string path)
{
var result = PathInfo.CheckSecurity(path).Result&& CheckFolderExistence(path);
HttpContext.Session.SetValue($"upload_{path}", result);
return(Json(new { result }));
}
public JsonResult Crop(bool overwriteFile, string targetFileUrl, string sourceFileUrl, double resize, int?top, int?left, int?width, int?height)
{
var sourcePath = PathInfo.ConvertToPath(sourceFileUrl);
var targetPath = overwriteFile ? sourcePath : PathInfo.ConvertToPath(targetFileUrl);
if (!PathInfo.CheckSecurity(targetPath).Result)
{
return(Json(new { ok = false, message = LibraryStrings.AccessDenied }));
}
int sourceWidth = 0, sourceHeight = 0, sourceTop = 0, sourceLeft = 0;
if (!GetImageSize(sourcePath, ref sourceWidth, ref sourceHeight))
{
return(Json(new { ok = false, message = LibraryStrings.ExtensionIsNotAllowed }));
}
var targetWidth = width ?? (int)(sourceWidth * resize);
var targetHeight = height ?? (int)(sourceHeight * resize);
const int targetTop = 0;
const int targetLeft = 0;
sourceWidth = width.HasValue ? (int)(width.Value / resize) : sourceWidth;
sourceHeight = height.HasValue ? (int)(height.Value / resize) : sourceHeight;
sourceTop = top.HasValue ? (int)(top.Value / resize) : sourceTop;
sourceLeft = left.HasValue ? (int)(left.Value / resize) : sourceLeft;
if (System.IO.File.Exists(sourcePath))
{
using (var output = new Bitmap(targetWidth, targetHeight))
{
var resizer = Graphics.FromImage(output);
resizer.InterpolationMode = resize < 1 ? InterpolationMode.HighQualityBicubic : InterpolationMode.HighQualityBilinear;
using (var input = new Bitmap(sourcePath))
{
resizer.DrawImage(input, new Rectangle(targetLeft, targetTop, targetWidth, targetHeight), sourceLeft, sourceTop, sourceWidth, sourceHeight, GraphicsUnit.Pixel);
}
// ReSharper disable once AssignNullToNotNullAttribute
Directory.CreateDirectory(Path.GetDirectoryName(targetPath));
if (System.IO.File.Exists(targetPath))
{
System.IO.File.SetAttributes(targetPath, FileAttributes.Normal);
System.IO.File.Delete(targetPath);
}
using (var fs = System.IO.File.OpenWrite(targetPath))
{
var ext = Path.GetExtension(targetPath);
output.Save(fs, GetImageCodecInfo(ext), GetEncoderParameters(ext));
}
}
}
return(Json(new { ok = true, message = string.Empty }));
}
public JsonResult Crop([FromBody] CropViewModel model)
{
var sourcePath = PathInfo.ConvertToPath(model.SourceFileUrl);
var targetPath = model.OverwriteFile ? sourcePath : PathInfo.ConvertToPath(model.TargetFileUrl);
if (!PathInfo.CheckSecurity(targetPath).Result)
{
return(Json(new { ok = false, message = LibraryStrings.AccessDenied }));
}
int sourceWidth = 0, sourceHeight = 0, sourceTop = 0, sourceLeft = 0;
if (!GetImageSize(sourcePath, ref sourceWidth, ref sourceHeight))
{
return(Json(new { ok = false, message = LibraryStrings.ExtensionIsNotAllowed }));
}
var targetWidth = model.Width ?? (int)(sourceWidth * model.Resize);
var targetHeight = model.Height ?? (int)(sourceHeight * model.Resize);
sourceWidth = model.Width.HasValue ? (int)(model.Width.Value / model.Resize) : sourceWidth;
sourceHeight = model.Height.HasValue ? (int)(model.Height.Value / model.Resize) : sourceHeight;
sourceTop = model.Top.HasValue ? (int)(model.Top.Value / model.Resize) : sourceTop;
sourceLeft = model.Left.HasValue ? (int)(model.Left.Value / model.Resize) : sourceLeft;
if (System.IO.File.Exists(sourcePath))
{
using (var img = Image.Load(sourcePath))
{
img.Mutate(n => n
.Crop(new Rectangle(sourceLeft, sourceTop, sourceWidth, sourceHeight))
.Resize(targetWidth, targetHeight)
);
// ReSharper disable once AssignNullToNotNullAttribute
Directory.CreateDirectory(Path.GetDirectoryName(targetPath));
if (System.IO.File.Exists(targetPath))
{
System.IO.File.SetAttributes(targetPath, FileAttributes.Normal);
System.IO.File.Delete(targetPath);
}
img.Save(targetPath);
}
}
return(Json(new { ok = true, message = string.Empty }));
}
public JsonResult CheckForCrop(string targetFileUrl)
{
var path = PathInfo.ConvertToPath(targetFileUrl);
var ext = Path.GetExtension(path);
if (System.IO.File.Exists(path))
{
return(Json(new { ok = false, message = string.Format(LibraryStrings.FileExistsTryAnother, path) }));
}
if (string.IsNullOrEmpty(ext) || GetImageCodecInfo(ext) == null)
{
return(Json(new { ok = false, message = string.Format(LibraryStrings.ExtensionIsNotAllowed, ext) }));
}
if (!PathInfo.CheckSecurity(path).Result)
{
return(Json(new { ok = false, message = string.Format(LibraryStrings.AccessDenied, path, QPContext.CurrentUserName) }));
}
return(Json(new { ok = true, message = string.Empty }));
}
public ActionResult UploadFile(string folderPath, bool resolveFileName)
{
if (string.IsNullOrEmpty(folderPath))
{
throw new ArgumentException("Folder Path is empty");
}
if (!PathInfo.CheckSecurity(folderPath).Result || !CheckFolderExistence(folderPath))
{
return(Json(new { proceed = false, msg = string.Format(LibraryStrings.UploadIsNotAllowed, folderPath) }));
}
var allFileNames = new List <string>(HttpContext.Request.Files.Count);
foreach (var fileKey in HttpContext.Request.Files.AllKeys)
{
var file = HttpContext.Request.Files[fileKey];
var path = Path.Combine(folderPath, file.FileName);
if (System.IO.File.Exists(path))
{
if (resolveFileName)
{
path = Path.Combine(folderPath, GetResolvingFileName(folderPath, file.FileName));
}
else
{
System.IO.File.SetAttributes(path, FileAttributes.Normal);
System.IO.File.Delete(path);
}
}
file.SaveAs(path);
allFileNames.Add(Path.GetFileName(path));
}
return(Json(new { fileNames = allFileNames.ToArray(), proceed = true }, "text/plain"));
}
public ActionResult UploadChunk(int?chunk, int?chunks, string name, string destinationUrl)
{
if (name.IndexOfAny(Path.GetInvalidFileNameChars()) >= 0)
{
var errorMsg = $"File to upload: \"{name}\" has invalid characters";
Logger.Log.Warn(errorMsg);
return(Json(new { message = errorMsg, isError = true }));
}
destinationUrl = HttpUtility.UrlDecode(destinationUrl);
if (string.IsNullOrEmpty(destinationUrl))
{
throw new ArgumentException("Folder Path is empty");
}
if (!Directory.Exists(destinationUrl))
{
Directory.CreateDirectory(destinationUrl);
}
chunk = chunk ?? 0;
chunks = chunks ?? 1;
PathSecurityResult securityResult;
var fileUpload = Request.Files[0];
var tempPath = Path.Combine(QPConfiguration.TempDirectory, name);
var destPath = Path.Combine(destinationUrl, name);
if (chunk == 0 && chunks == 1)
{
securityResult = PathInfo.CheckSecurity(destinationUrl);
if (!securityResult.Result)
{
var errorMsg = string.Format(PlUploadStrings.ServerError, name, destinationUrl, $"Access to the folder (ID = {securityResult.FolderId}) denied");
Logger.Log.Warn(errorMsg);
return(Json(new { message = errorMsg, isError = true }));
}
try
{
using (var fs = new FileStream(destPath, FileMode.Create))
{
var buffer = new byte[fileUpload.InputStream.Length];
fileUpload.InputStream.Read(buffer, 0, buffer.Length);
fs.Write(buffer, 0, buffer.Length);
}
}
catch (Exception ex)
{
var errorMsg = string.Format(PlUploadStrings.ServerError, name, destinationUrl, ex.Message);
Logger.Log.Error(errorMsg, ex);
return(Json(new { message = errorMsg, isError = true }));
}
}
else
{
try
{
using (var fs = new FileStream(tempPath, chunk == 0 ? FileMode.Create : FileMode.Append))
{
var buffer = new byte[fileUpload.InputStream.Length];
fileUpload.InputStream.Read(buffer, 0, buffer.Length);
fs.Write(buffer, 0, buffer.Length);
}
}
catch (Exception ex)
{
var errorMsg = string.Format(PlUploadStrings.ServerError, name, tempPath, ex.Message);
Logger.Log.Error(errorMsg, ex);
return(Json(new { message = errorMsg, isError = true }));
}
try
{
var isTheLastChunk = chunk.Value == chunks.Value - 1;
if (isTheLastChunk)
{
securityResult = PathInfo.CheckSecurity(destinationUrl);
var actionCode = securityResult.IsSite ? ActionCode.UploadSiteFile : ActionCode.UploadContentFile;
if (!securityResult.Result)
{
var errorMsg = string.Format(PlUploadStrings.ServerError, name, destinationUrl, $"Access to the folder (ID = {securityResult.FolderId}) denied");
Logger.Log.Warn(errorMsg);
return(Json(new { message = errorMsg, isError = true }));
}
if (FileIO.Exists(destPath))
{
FileIO.SetAttributes(destPath, FileAttributes.Normal);
FileIO.Delete(destPath);
}
FileIO.Move(tempPath, destPath);
BackendActionContext.SetCurrent(actionCode, new[] { name }, securityResult.FolderId);
var logs = BackendActionLog.CreateLogs(BackendActionContext.Current, _logger);
_logger.Save(logs);
BackendActionContext.ResetCurrent();
}
}
catch (Exception ex)
{
var errorMsg = string.Format(PlUploadStrings.ServerError, name, destinationUrl, ex.Message);
Logger.Log.Error(errorMsg, ex);
return(Json(new { message = errorMsg, isError = true }));
}
return(Json(new { message = $"chunk#{chunk.Value}, of file{name} uploaded", isError = false }));
}
return(Json(new { message = $"file{name} uploaded", isError = false }));
}
