public JsonResult CheckSecurity(string path) { var result = PathInfo.CheckSecurity(path).Result&& CheckFolderExistence(path); Session[$"upload_{path}"] = result; return(Json(new { result }, JsonRequestBehavior.AllowGet)); }
public JsonResult CheckSecurity(string path) { var result = PathInfo.CheckSecurity(path).Result&& CheckFolderExistence(path); HttpContext.Session.SetValue($"upload_{path}", result); return(Json(new { result })); }
public JsonResult Crop(bool overwriteFile, string targetFileUrl, string sourceFileUrl, double resize, int?top, int?left, int?width, int?height) { var sourcePath = PathInfo.ConvertToPath(sourceFileUrl); var targetPath = overwriteFile ? sourcePath : PathInfo.ConvertToPath(targetFileUrl); if (!PathInfo.CheckSecurity(targetPath).Result) { return(Json(new { ok = false, message = LibraryStrings.AccessDenied })); } int sourceWidth = 0, sourceHeight = 0, sourceTop = 0, sourceLeft = 0; if (!GetImageSize(sourcePath, ref sourceWidth, ref sourceHeight)) { return(Json(new { ok = false, message = LibraryStrings.ExtensionIsNotAllowed })); } var targetWidth = width ?? (int)(sourceWidth * resize); var targetHeight = height ?? (int)(sourceHeight * resize); const int targetTop = 0; const int targetLeft = 0; sourceWidth = width.HasValue ? (int)(width.Value / resize) : sourceWidth; sourceHeight = height.HasValue ? (int)(height.Value / resize) : sourceHeight; sourceTop = top.HasValue ? (int)(top.Value / resize) : sourceTop; sourceLeft = left.HasValue ? (int)(left.Value / resize) : sourceLeft; if (System.IO.File.Exists(sourcePath)) { using (var output = new Bitmap(targetWidth, targetHeight)) { var resizer = Graphics.FromImage(output); resizer.InterpolationMode = resize < 1 ? InterpolationMode.HighQualityBicubic : InterpolationMode.HighQualityBilinear; using (var input = new Bitmap(sourcePath)) { resizer.DrawImage(input, new Rectangle(targetLeft, targetTop, targetWidth, targetHeight), sourceLeft, sourceTop, sourceWidth, sourceHeight, GraphicsUnit.Pixel); } // ReSharper disable once AssignNullToNotNullAttribute Directory.CreateDirectory(Path.GetDirectoryName(targetPath)); if (System.IO.File.Exists(targetPath)) { System.IO.File.SetAttributes(targetPath, FileAttributes.Normal); System.IO.File.Delete(targetPath); } using (var fs = System.IO.File.OpenWrite(targetPath)) { var ext = Path.GetExtension(targetPath); output.Save(fs, GetImageCodecInfo(ext), GetEncoderParameters(ext)); } } } return(Json(new { ok = true, message = string.Empty })); }
public JsonResult Crop([FromBody] CropViewModel model) { var sourcePath = PathInfo.ConvertToPath(model.SourceFileUrl); var targetPath = model.OverwriteFile ? sourcePath : PathInfo.ConvertToPath(model.TargetFileUrl); if (!PathInfo.CheckSecurity(targetPath).Result) { return(Json(new { ok = false, message = LibraryStrings.AccessDenied })); } int sourceWidth = 0, sourceHeight = 0, sourceTop = 0, sourceLeft = 0; if (!GetImageSize(sourcePath, ref sourceWidth, ref sourceHeight)) { return(Json(new { ok = false, message = LibraryStrings.ExtensionIsNotAllowed })); } var targetWidth = model.Width ?? (int)(sourceWidth * model.Resize); var targetHeight = model.Height ?? (int)(sourceHeight * model.Resize); sourceWidth = model.Width.HasValue ? (int)(model.Width.Value / model.Resize) : sourceWidth; sourceHeight = model.Height.HasValue ? (int)(model.Height.Value / model.Resize) : sourceHeight; sourceTop = model.Top.HasValue ? (int)(model.Top.Value / model.Resize) : sourceTop; sourceLeft = model.Left.HasValue ? (int)(model.Left.Value / model.Resize) : sourceLeft; if (System.IO.File.Exists(sourcePath)) { using (var img = Image.Load(sourcePath)) { img.Mutate(n => n .Crop(new Rectangle(sourceLeft, sourceTop, sourceWidth, sourceHeight)) .Resize(targetWidth, targetHeight) ); // ReSharper disable once AssignNullToNotNullAttribute Directory.CreateDirectory(Path.GetDirectoryName(targetPath)); if (System.IO.File.Exists(targetPath)) { System.IO.File.SetAttributes(targetPath, FileAttributes.Normal); System.IO.File.Delete(targetPath); } img.Save(targetPath); } } return(Json(new { ok = true, message = string.Empty })); }
public JsonResult CheckForCrop(string targetFileUrl) { var path = PathInfo.ConvertToPath(targetFileUrl); var ext = Path.GetExtension(path); if (System.IO.File.Exists(path)) { return(Json(new { ok = false, message = string.Format(LibraryStrings.FileExistsTryAnother, path) })); } if (string.IsNullOrEmpty(ext) || GetImageCodecInfo(ext) == null) { return(Json(new { ok = false, message = string.Format(LibraryStrings.ExtensionIsNotAllowed, ext) })); } if (!PathInfo.CheckSecurity(path).Result) { return(Json(new { ok = false, message = string.Format(LibraryStrings.AccessDenied, path, QPContext.CurrentUserName) })); } return(Json(new { ok = true, message = string.Empty })); }
public ActionResult UploadFile(string folderPath, bool resolveFileName) { if (string.IsNullOrEmpty(folderPath)) { throw new ArgumentException("Folder Path is empty"); } if (!PathInfo.CheckSecurity(folderPath).Result || !CheckFolderExistence(folderPath)) { return(Json(new { proceed = false, msg = string.Format(LibraryStrings.UploadIsNotAllowed, folderPath) })); } var allFileNames = new List <string>(HttpContext.Request.Files.Count); foreach (var fileKey in HttpContext.Request.Files.AllKeys) { var file = HttpContext.Request.Files[fileKey]; var path = Path.Combine(folderPath, file.FileName); if (System.IO.File.Exists(path)) { if (resolveFileName) { path = Path.Combine(folderPath, GetResolvingFileName(folderPath, file.FileName)); } else { System.IO.File.SetAttributes(path, FileAttributes.Normal); System.IO.File.Delete(path); } } file.SaveAs(path); allFileNames.Add(Path.GetFileName(path)); } return(Json(new { fileNames = allFileNames.ToArray(), proceed = true }, "text/plain")); }
public ActionResult UploadChunk(int?chunk, int?chunks, string name, string destinationUrl) { if (name.IndexOfAny(Path.GetInvalidFileNameChars()) >= 0) { var errorMsg = $"File to upload: \"{name}\" has invalid characters"; Logger.Log.Warn(errorMsg); return(Json(new { message = errorMsg, isError = true })); } destinationUrl = HttpUtility.UrlDecode(destinationUrl); if (string.IsNullOrEmpty(destinationUrl)) { throw new ArgumentException("Folder Path is empty"); } if (!Directory.Exists(destinationUrl)) { Directory.CreateDirectory(destinationUrl); } chunk = chunk ?? 0; chunks = chunks ?? 1; PathSecurityResult securityResult; var fileUpload = Request.Files[0]; var tempPath = Path.Combine(QPConfiguration.TempDirectory, name); var destPath = Path.Combine(destinationUrl, name); if (chunk == 0 && chunks == 1) { securityResult = PathInfo.CheckSecurity(destinationUrl); if (!securityResult.Result) { var errorMsg = string.Format(PlUploadStrings.ServerError, name, destinationUrl, $"Access to the folder (ID = {securityResult.FolderId}) denied"); Logger.Log.Warn(errorMsg); return(Json(new { message = errorMsg, isError = true })); } try { using (var fs = new FileStream(destPath, FileMode.Create)) { var buffer = new byte[fileUpload.InputStream.Length]; fileUpload.InputStream.Read(buffer, 0, buffer.Length); fs.Write(buffer, 0, buffer.Length); } } catch (Exception ex) { var errorMsg = string.Format(PlUploadStrings.ServerError, name, destinationUrl, ex.Message); Logger.Log.Error(errorMsg, ex); return(Json(new { message = errorMsg, isError = true })); } } else { try { using (var fs = new FileStream(tempPath, chunk == 0 ? FileMode.Create : FileMode.Append)) { var buffer = new byte[fileUpload.InputStream.Length]; fileUpload.InputStream.Read(buffer, 0, buffer.Length); fs.Write(buffer, 0, buffer.Length); } } catch (Exception ex) { var errorMsg = string.Format(PlUploadStrings.ServerError, name, tempPath, ex.Message); Logger.Log.Error(errorMsg, ex); return(Json(new { message = errorMsg, isError = true })); } try { var isTheLastChunk = chunk.Value == chunks.Value - 1; if (isTheLastChunk) { securityResult = PathInfo.CheckSecurity(destinationUrl); var actionCode = securityResult.IsSite ? ActionCode.UploadSiteFile : ActionCode.UploadContentFile; if (!securityResult.Result) { var errorMsg = string.Format(PlUploadStrings.ServerError, name, destinationUrl, $"Access to the folder (ID = {securityResult.FolderId}) denied"); Logger.Log.Warn(errorMsg); return(Json(new { message = errorMsg, isError = true })); } if (FileIO.Exists(destPath)) { FileIO.SetAttributes(destPath, FileAttributes.Normal); FileIO.Delete(destPath); } FileIO.Move(tempPath, destPath); BackendActionContext.SetCurrent(actionCode, new[] { name }, securityResult.FolderId); var logs = BackendActionLog.CreateLogs(BackendActionContext.Current, _logger); _logger.Save(logs); BackendActionContext.ResetCurrent(); } } catch (Exception ex) { var errorMsg = string.Format(PlUploadStrings.ServerError, name, destinationUrl, ex.Message); Logger.Log.Error(errorMsg, ex); return(Json(new { message = errorMsg, isError = true })); } return(Json(new { message = $"chunk#{chunk.Value}, of file{name} uploaded", isError = false })); } return(Json(new { message = $"file{name} uploaded", isError = false })); }