protected void Application_BeginRequest(object sender, EventArgs e)
{
//验证恶意字符
string msg = "{\"type\":0,\"message\":\"您提交的数据有恶意字符,请检查确认!\"}";
if (Request.Cookies != null)
{
if (WebSafe.IsCookieData())
{
Response.Write(msg);
Response.End();
}
}
if (Request.UrlReferrer != null)
{
if (WebSafe.IsReferer())
{
Response.Write(msg);
Response.End();
}
}
if (Request.RequestType.ToUpper() == "POST")
{
if (WebSafe.IsPostData())
{
Response.Write(msg);
Response.End();
}
}
if (Request.RequestType.ToUpper() == "GET")
{
if (WebSafe.IsGetData())
{
Response.Write(msg);
Response.End();
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
string op = this.reqString("op");
string pid = this.reqString("pid");
string pidRoot = this.reqString("pidRoot");
string md5 = this.reqString("md5");
string id = this.reqString("id");
string uid = this.reqString("uid");
string lenLoc = this.reqString("lenLoc");
string sizeLoc = this.reqString("sizeLoc");
string token = this.reqString("token");
string callback = this.reqString("callback"); //jsonp参数
//客户端使用的是encodeURIComponent编码,
string pathLoc = this.reqStringDecode("pathLoc"); //utf-8解码
if (op == "mkpath")
{
this.mkpath();
}
if (string.IsNullOrEmpty(pid))
{
pid = string.Empty;
}
if (string.IsNullOrEmpty(pidRoot))
{
pidRoot = pid;
}
//参数为空
if (string.IsNullOrEmpty(md5) ||
string.IsNullOrEmpty(uid) ||
string.IsNullOrEmpty(sizeLoc)
)
{
Response.Write(callback + "({\"value\":null})");
return;
}
FileInf fileSvr = new FileInf();
fileSvr.fdChild = false;
fileSvr.uid = int.Parse(uid);//将当前文件UID设置为当前用户UID
fileSvr.id = id;
fileSvr.pid = pid;
fileSvr.fdChild = !string.IsNullOrEmpty(pid);
fileSvr.pidRoot = pidRoot;
fileSvr.nameLoc = Path.GetFileName(pathLoc);
fileSvr.pathLoc = pathLoc;
fileSvr.lenLoc = Convert.ToInt64(lenLoc);
fileSvr.sizeLoc = sizeLoc;
fileSvr.deleted = false;
fileSvr.md5 = md5;
fileSvr.nameSvr = fileSvr.nameLoc;
WebSafe ws = new WebSafe();
var ret = ws.validToken(token, fileSvr);
//token验证失败
if (!ret)
{
string m = callback + "({\"value\":\"0\",\"ret\":false,\"msg\":\"token error\"})";//返回jsonp格式数据。
this.toContentJson(m);
return;
}
//所有单个文件均以uuid/file方式存储
PathBuilderUuid pb = new PathBuilderUuid();
fileSvr.pathSvr = pb.genFile(fileSvr.uid, ref fileSvr);
fileSvr.pathSvr = fileSvr.pathSvr.Replace("\\", "/");
//数据库存在相同文件
DBConfig cfg = new DBConfig();
DBFile db = cfg.db();
FileInf fileExist = new FileInf();
if (db.exist_file(md5, ref fileExist))
{
fileSvr.nameSvr = fileExist.nameSvr;
fileSvr.pathSvr = fileExist.pathSvr;
fileSvr.perSvr = fileExist.perSvr;
fileSvr.lenSvr = fileExist.lenSvr;
fileSvr.complete = fileExist.complete;
db.Add(ref fileSvr);
//触发事件
up6_biz_event.file_create_same(fileSvr);
}//数据库不存在相同文件
else
{
db.Add(ref fileSvr);
//触发事件
up6_biz_event.file_create(fileSvr);
//2.0创建器。仅创建一个空白文件
FileBlockWriter fr = new FileBlockWriter();
fr.make(fileSvr.pathSvr, fileSvr.lenLoc);
}
//将路径转换成相对路径
fileSvr.pathSvr = pb.absToRel(fileSvr.pathSvr);
//加密
ConfigReader cr = new ConfigReader();
var sec = cr.module("path");
var encrypt = (bool)sec.SelectToken("$.security.encrypt");
if (encrypt)
{
CryptoTool ct = new CryptoTool();
fileSvr.pathSvr = ct.encode(fileSvr.pathSvr);
}
string jv = JsonConvert.SerializeObject(fileSvr);
jv = HttpUtility.UrlEncode(jv);
jv = jv.Replace("+", "%20");
string json = callback + "({\"value\":\"" + jv + "\",\"ret\":true})";//返回jsonp格式数据。
this.toContentJson(json);
}
/// <summary>
/// 只负责拼接文件块。将接收的文件块数据写入到文件中。
/// 更新记录:
/// 2012-04-12 更新文件大小变量类型,增加对2G以上文件的支持。
/// 2012-04-18 取消更新文件上传进度信息逻辑。
/// 2012-10-30 增加更新文件进度功能。
/// 2015-03-19 文件路径由客户端提供,此页面不再查询文件在服务端的路径。减少一次数据库访问操作。
/// 2016-03-31 增加文件夹信息字段
/// 2017-07-11 优化参数检查逻辑
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void Page_Load(object sender, EventArgs e)
{
string uid = this.headString("uid");
string f_id = this.headString("id");
string lenSvr = this.headString("lenSvr"); //已传大小
string lenLoc = this.headString("lenLoc"); //本地文件大小
string blockOffset = this.headString("blockOffset");
string blockSize = this.headString("blockSize"); //当前块大小
string blockIndex = this.headString("blockIndex"); //当前块索引,基于1
string blockMd5 = this.headString("blockMd5"); //块MD5
string complete = this.headString("complete"); //true/false
string pathSvr = Request.Form["pathSvr"]; //
string pathLoc = string.Empty;
string token = this.headString("token"); //
pathSvr = Server.UrlDecode(pathSvr);
if (!this.safe_check(lenLoc, uid, f_id, blockOffset, pathSvr))
{
return;
}
//有文件块数据
if (Request.Files.Count > 0)
{
bool verify = false;
string msg = string.Empty;
string md5Svr = string.Empty;
HttpPostedFile file = Request.Files.Get(0);//文件块
var stm = file.InputStream;
var stmLen = int.Parse(blockSize);
pathLoc = file.FileName;
//加密
ConfigReader cr = new ConfigReader();
var sec = cr.module("path");
var encrypt = (bool)sec.SelectToken("$.security.encrypt");
if (encrypt)
{
CryptoTool ct = new CryptoTool();
pathSvr = ct.decode(pathSvr);
stm = ct.decode(file.InputStream, int.Parse(blockSize));
}
//token验证
WebSafe ws = new WebSafe();
FileInf fileSvr = new FileInf();
fileSvr.id = f_id;
fileSvr.pathLoc = file.FileName;
fileSvr.pathSvr = pathSvr;
FileInfo fi = new FileInfo(pathLoc);
fileSvr.nameLoc = fi.Name;
verify = ws.validToken(token, fileSvr, "block");
//token验证失败
if (!verify)
{
msg = string.Format("token error loc:{0}", token);
}
//计算文件块MD5
if (!string.IsNullOrEmpty(blockMd5))
{
md5Svr = Md5Tool.calc(stm);
}
//文件块大小验证
if (verify)
{
verify = int.Parse(blockSize) == stm.Length;
}
if (!verify)
{
msg = "block size error sizeSvr:" + stm.Length + " sizeLoc:" + blockSize;
}
//块MD5验证
if (verify && !string.IsNullOrEmpty(blockMd5))
{
verify = md5Svr == blockMd5;
if (!verify)
{
msg = "block md5 error";
}
}
if (verify)
{
PathBuilder pb = new PathBuilder();
pathSvr = pb.relToAbs(pathSvr);
//2.0保存文件块数据
FileBlockWriter res = new FileBlockWriter();
res.make(pathSvr, Convert.ToInt64(lenLoc));
res.write(pathSvr, Convert.ToInt64(blockOffset), stm);
up6_biz_event.file_post_block(f_id, Convert.ToInt32(blockIndex));
//生成信息
JObject o = new JObject();
o["msg"] = "ok";
o["md5"] = md5Svr; //文件块MD5
o["offset"] = blockOffset; //偏移
msg = JsonConvert.SerializeObject(o);
}
this.toContentJson(msg);
}
}
