protected void rptItems_ItemCommand(object sender, RepeaterCommandEventArgs e) { // Raised when a ButtonField is clicked switch (e.CommandName) { case "Rename": if (canDelete) { pnlRename.Visible = true; lblItem.Text = (string)e.CommandArgument; txtNewName.Text = (string)e.CommandArgument; rptItems.Visible = false; } break; case "Delete": if (canDelete) { FilesAndAttachments.DeletePageAttachment(provider, CurrentPage.FullName, (string)e.CommandArgument); rptItems.DataBind(); } break; } }
protected void btnRename_Click(object sender, EventArgs e) { lblRenameResult.Text = ""; bool done = false; txtNewName.Text = txtNewName.Text.Trim(); if (lblItem.Text.EndsWith("/")) { if (canDeleteDirs) { done = FilesAndAttachments.RenameDirectory(provider, CurrentDirectory + lblItem.Text, txtNewName.Text); } } else { if (canDeleteFiles) { // Ensure that the extension is not changed (security) string previousExtension = Path.GetExtension(lblItem.Text); string newExtension = Path.GetExtension(txtNewName.Text); if (string.IsNullOrEmpty(newExtension)) { newExtension = previousExtension; txtNewName.Text += previousExtension; } if (newExtension.ToLowerInvariant() != previousExtension.ToLowerInvariant()) { txtNewName.Text += previousExtension; } txtNewName.Text = txtNewName.Text.Trim(); done = FilesAndAttachments.RenameFile(provider, CurrentDirectory + lblItem.Text, txtNewName.Text); } } if (done) { pnlRename.Visible = false; rptItems.Visible = true; rptItems.DataBind(); SetupControlsForPermissions(); } else { lblRenameResult.Text = Properties.Messages.CannotRenameItem; lblRenameResult.CssClass = "resulterror"; } }
protected void rptItems_ItemCommand(object sender, RepeaterCommandEventArgs e) { string item = (string)e.CommandArgument; switch (e.CommandName) { case "Dir": EnterDirectory(GetItemName(item)); break; case "Rename": // Hide all directory-specific controls // Permissions are verified in btnRename_Click pnlRename.Visible = true; pnlNewDirectory.Visible = false; pnlUpload.Visible = false; pnlPermissions.Visible = false; lstProviders.Visible = false; lblItem.Text = GetItemName(item) + (item.EndsWith("/") ? "/" : ""); txtNewName.Text = GetItemName(item); rptItems.Visible = false; break; case "Delete": if (item.EndsWith("/")) { if (canDeleteDirs) { FilesAndAttachments.DeleteDirectory(provider, item); } } else { if (canDeleteFiles) { FilesAndAttachments.DeleteFile(provider, item); } } rptItems.DataBind(); break; } }
protected void btnRename_Click(object sender, EventArgs e) { if (canDelete) { lblRenameResult.Text = ""; txtNewName.Text = txtNewName.Text.Trim(); // Ensure that the extension is not changed (security) string previousExtension = Path.GetExtension(lblItem.Text); string newExtension = Path.GetExtension(txtNewName.Text); if (string.IsNullOrEmpty(newExtension)) { newExtension = previousExtension; txtNewName.Text += previousExtension; } if (newExtension.ToLowerInvariant() != previousExtension.ToLowerInvariant()) { txtNewName.Text += previousExtension; } txtNewName.Text = txtNewName.Text.Trim(); bool done = FilesAndAttachments.RenamePageAttachment(provider, CurrentPage.FullName, lblItem.Text, txtNewName.Text); if (done) { pnlRename.Visible = false; rptItems.Visible = true; rptItems.DataBind(); } else { lblRenameResult.Text = Properties.Messages.CannotRenameItem; lblRenameResult.CssClass = "resulterror"; } } }
protected void btnNewDirectory_Click(object sender, EventArgs e) { if (canCreateDirs) { txtNewDirectoryName.Text = txtNewDirectoryName.Text.Trim(); lblNewDirectoryResult.Text = ""; txtNewDirectoryName.Text = txtNewDirectoryName.Text.Trim('/'); AuthWriter authWriter = new AuthWriter(Collectors.CollectorsBox.GetSettingsProvider(currentWiki)); authWriter.ClearEntriesForDirectory(provider, CurrentDirectory + txtNewDirectoryName.Text + "/"); bool done = FilesAndAttachments.CreateDirectory(provider, CurrentDirectory, txtNewDirectoryName.Text); if (!done) { lblNewDirectoryResult.CssClass = "resulterror"; lblNewDirectoryResult.Text = Properties.Messages.CannotCreateNewDirectory; } else { txtNewDirectoryName.Text = ""; } rptItems.DataBind(); } }
protected void Page_Load(object sender, EventArgs e) { string filename = Request["File"]; if (filename == null) { Response.StatusCode = 404; Response.Write(Properties.Messages.FileNotFound); return; } string currentWiki = Tools.DetectCurrentWiki(); // Remove ".." sequences that might be a security issue filename = filename.Replace("..", ""); bool isPageAttachment = !string.IsNullOrEmpty(Request["Page"]); PageContent pageContent = isPageAttachment ? Pages.FindPage(currentWiki, Request["Page"]) : null; if (isPageAttachment && pageContent == null) { Response.StatusCode = 404; Response.Write(Properties.Messages.FileNotFound); return; } IFilesStorageProviderV40 provider; if (!string.IsNullOrEmpty(Request["Provider"])) { provider = Collectors.CollectorsBox.FilesProviderCollector.GetProvider(Request["Provider"], currentWiki); } else { if (isPageAttachment) { provider = FilesAndAttachments.FindPageAttachmentProvider(currentWiki, pageContent.FullName, filename); } else { provider = FilesAndAttachments.FindFileProvider(currentWiki, filename); } } if (provider == null) { Response.StatusCode = 404; Response.Write("File not found."); return; } // Use canonical path format (leading with /) if (!isPageAttachment) { if (!filename.StartsWith("/")) { filename = "/" + filename; } filename = filename.Replace("\\", "/"); } // Verify permissions bool canDownload = false; AuthChecker authChecker = new AuthChecker(Collectors.CollectorsBox.GetSettingsProvider(currentWiki)); if (isPageAttachment) { canDownload = authChecker.CheckActionForPage(pageContent.FullName, Actions.ForPages.DownloadAttachments, SessionFacade.GetCurrentUsername(), SessionFacade.GetCurrentGroupNames(currentWiki)); } else { string dir = Tools.GetDirectoryName(filename); canDownload = authChecker.CheckActionForDirectory(provider, dir, Actions.ForDirectories.DownloadFiles, SessionFacade.GetCurrentUsername(), SessionFacade.GetCurrentGroupNames(currentWiki)); } if (!canDownload) { Response.StatusCode = 401; return; } long size = -1; FileDetails details = null; if (isPageAttachment) { details = provider.GetPageAttachmentDetails(pageContent.FullName, filename); } else { details = provider.GetFileDetails(filename); } if (details != null) { size = details.Size; } else { Log.LogEntry("Attempted to download an inexistent file/attachment (" + (pageContent != null ? pageContent.FullName + "/" : "") + filename + ")", EntryType.Warning, Log.SystemUsername, currentWiki); Response.StatusCode = 404; Response.Write("File not found."); return; } string mime = ""; try { string ext = Path.GetExtension(filename); if (ext.StartsWith(".")) { ext = ext.Substring(1).ToLowerInvariant(); // Remove trailing dot } mime = GetMimeType(ext); } catch { // ext is null -> no mime type -> abort Response.Write(filename + "<br />"); Response.StatusCode = 404; Response.Write("File not found."); //mime = "application/octet-stream"; return; } // Prepare response Response.Clear(); Response.AddHeader("content-type", mime); if (Request["AsStreamAttachment"] != null) { Response.AddHeader("content-disposition", "attachment;filename=\"" + Path.GetFileName(filename) + "\""); } else { Response.AddHeader("content-disposition", "inline;filename=\"" + Path.GetFileName(filename) + "\""); } Response.AddHeader("content-length", size.ToString()); bool retrieved = false; if (isPageAttachment) { try { retrieved = provider.RetrievePageAttachment(pageContent.FullName, filename, Response.OutputStream); } catch (ArgumentException ex) { Log.LogEntry("Attempted to download an inexistent attachment (" + pageContent.FullName + "/" + filename + ")\n" + ex.ToString(), EntryType.Warning, Log.SystemUsername, currentWiki); } } else { try { retrieved = provider.RetrieveFile(filename, Response.OutputStream); } catch (ArgumentException ex) { Log.LogEntry("Attempted to download an inexistent file/attachment (" + filename + ")\n" + ex.ToString(), EntryType.Warning, Log.SystemUsername, currentWiki); } } if (!retrieved) { Response.StatusCode = 404; Response.Write("File not found."); return; } // Set the cache duration accordingly to the file date/time //Response.AddFileDependency(filename); //Response.Cache.SetETagFromFileDependencies(); //Response.Cache.SetLastModifiedFromFileDependencies(); Response.Cache.SetETag(filename.GetHashCode().ToString() + "-" + size.ToString()); Response.Cache.SetCacheability(HttpCacheability.Public); Response.Cache.SetSlidingExpiration(true); Response.Cache.SetValidUntilExpires(true); Response.Cache.VaryByParams["File"] = true; Response.Cache.VaryByParams["Provider"] = true; Response.Cache.VaryByParams["Page"] = true; Response.Cache.VaryByParams["IsPageAttachment"] = true; }
protected void Page_Load(object sender, EventArgs e) { string filename = Request["File"]; if (string.IsNullOrEmpty(filename)) { Response.Write("No file specified."); return; } // Remove ".." sequences that might be a security issue filename = filename.Replace("..", ""); string page = Request["Page"]; PageInfo pageInfo = Pages.FindPage(page); bool isPageAttachment = !string.IsNullOrEmpty(page); if (isPageAttachment && pageInfo == null) { Response.StatusCode = 404; Response.Write("File not found."); return; } IFilesStorageProviderV30 provider = null; if (!string.IsNullOrEmpty(Request["Provider"])) { provider = Collectors.FilesProviderCollector.GetProvider(Request["Provider"]); } else { if (isPageAttachment) { provider = FilesAndAttachments.FindPageAttachmentProvider(pageInfo, filename); } else { provider = FilesAndAttachments.FindFileProvider(filename); } } if (provider == null) { Response.StatusCode = 404; Response.Write("File not found."); return; } string size = Request["Size"]; if (string.IsNullOrEmpty(size)) { size = "small"; } size = size.ToLowerInvariant(); // Verify permissions bool canDownload = false; if (pageInfo != null) { canDownload = AuthChecker.CheckActionForPage(pageInfo, Actions.ForPages.DownloadAttachments, SessionFacade.GetCurrentUsername(), SessionFacade.GetCurrentGroupNames()); } else { string dir = Tools.GetDirectoryName(filename); canDownload = AuthChecker.CheckActionForDirectory(provider, dir, Actions.ForDirectories.DownloadFiles, SessionFacade.GetCurrentUsername(), SessionFacade.GetCurrentGroupNames()); } if (!canDownload) { Response.StatusCode = 401; } // Contains the image bytes MemoryStream ms = new MemoryStream(1048576); long fileSize = 0; // Load from provider if (string.IsNullOrEmpty(page)) { bool retrieved = false; try { retrieved = provider.RetrieveFile(filename, ms, false); } catch (ArgumentException ex) { Log.LogEntry("Attempted to create thumb of inexistent file (" + filename + ")\n" + ex, EntryType.Warning, Log.SystemUsername); } if (!retrieved) { Response.StatusCode = 404; Response.Write("File not found."); return; } fileSize = provider.GetFileDetails(filename).Size; } else { if (pageInfo == null) { Response.StatusCode = 404; Response.Write("Page not found."); return; } bool retrieved = false; try { retrieved = provider.RetrievePageAttachment(pageInfo, filename, ms, false); } catch (ArgumentException ex) { Log.LogEntry("Attempted to create thumb of inexistent attachment (" + page + "/" + filename + ")\n" + ex, EntryType.Warning, Log.SystemUsername); } if (!retrieved) { Response.StatusCode = 404; Response.Write("File not found."); return; } fileSize = provider.GetPageAttachmentDetails(pageInfo, filename).Size; } ms.Seek(0, SeekOrigin.Begin); int rotation = 0; int.TryParse(Request["Rot"], out rotation); // Load the source image System.Drawing.Image source = System.Drawing.Image.FromStream(ms); // Destination bitmap Bitmap result = null; System.Drawing.Imaging.PixelFormat pixelFormat = System.Drawing.Imaging.PixelFormat.Format32bppArgb; if (size == "big") { // Big thumb (outer size 200x200) result = new Bitmap(200, 200, pixelFormat); } else if (size == "imgeditprev") { // Image Editor Preview thumb (outer size from Request["dim"], if null 200x200) if (!string.IsNullOrEmpty(Request["Width"]) && !string.IsNullOrEmpty(Request["Height"])) { try { result = new Bitmap( rotation != 90 && rotation != 270 ? int.Parse(Request["Width"]) : int.Parse(Request["Height"]), rotation != 90 && rotation != 270 ? int.Parse(Request["Height"]) : int.Parse(Request["Width"]), pixelFormat); } catch (FormatException) { result = new Bitmap(200, 200, pixelFormat); } } else { result = new Bitmap(200, 200, pixelFormat); } } else { // Small thumb (outer size 48x48) result = new Bitmap(48, 48, pixelFormat); } // Get Graphics object for destination bitmap Graphics g = Graphics.FromImage(result); if (source.PixelFormat == System.Drawing.Imaging.PixelFormat.Format32bppArgb) { g.Clear(Color.Transparent); } else { g.Clear(Color.White); } g.TextRenderingHint = System.Drawing.Text.TextRenderingHint.AntiAlias; g.SmoothingMode = SmoothingMode.HighQuality; g.InterpolationMode = System.Drawing.Drawing2D.InterpolationMode.HighQualityBilinear; g.TranslateTransform(result.Width / 2, result.Height / 2); g.RotateTransform(rotation); g.TranslateTransform(-result.Width / 2, -result.Height / 2); // Draw bitmap g.DrawImage(source, GetImageRectangle(result.Width, result.Height, rotation != 90 && rotation != 270 ? source.Width : source.Height, rotation != 90 && rotation != 270 ? source.Height : source.Width, rotation == 90 || rotation == 270)); if (!string.IsNullOrEmpty(Request["Info"]) && size == "big") { // Draw image information RectangleF r = new RectangleF(0, 0, result.Width, 20); StringFormat f = new StringFormat(); f.Alignment = StringAlignment.Center; //f.LineAlignment = StringAlignment.Center; GraphicsPath path = new GraphicsPath(); path.AddString(string.Format("{0}x{1} - {2}", source.Width, source.Height, Tools.BytesToString(fileSize)), new FontFamily("Verdana"), 0, 12, new Point(result.Width / 2, 2), f); Pen pen = new Pen(Brushes.Black, 2F); g.DrawPath(pen, path); g.FillPath(Brushes.White, path); } // Write result in output stream in JPEG or PNG format if (source.PixelFormat == System.Drawing.Imaging.PixelFormat.Format32bppArgb) { Response.ContentType = "image/png"; } else { Response.ContentType = "image/jpeg"; } // This invariably throws an exception (A generic error occurred in GDI+) - an intermediate buffer is needed // The possible cause is that PNG format requires to read from the output stream, and Response.OutputStream does not support reading //result.Save(Response.OutputStream, System.Drawing.Imaging.ImageFormat.Png); MemoryStream tempStream = new MemoryStream(65536); // 32 KB if (source.PixelFormat == System.Drawing.Imaging.PixelFormat.Format32bppArgb) { result.Save(tempStream, System.Drawing.Imaging.ImageFormat.Png); } else { result.Save(tempStream, System.Drawing.Imaging.ImageFormat.Jpeg); } Response.OutputStream.Write(tempStream.ToArray(), 0, (int)tempStream.Length); tempStream.Dispose(); ms.Dispose(); source.Dispose(); g.Dispose(); result.Dispose(); }
protected void btnUpload_Click(object sender, EventArgs e) { if (canUpload && (chkOverwrite.Checked && canDeleteFiles || !chkOverwrite.Checked)) { lblUploadResult.Text = ""; if (fileUpload.HasFile) { if (fileUpload.FileBytes.Length > GlobalSettings.MaxFileSize * 1024) { lblUploadResult.Text = Properties.Messages.FileTooBig; lblUploadResult.CssClass = "resulterror"; } else { // Check file extension string[] aft = Settings.GetAllowedFileTypes(currentWiki); bool allowed = false; if (aft.Length > 0 && aft[0] == "*") { allowed = true; } else { string ext = Path.GetExtension(fileUpload.FileName); if (ext == null) { ext = ""; } if (ext.StartsWith(".")) { ext = ext.Substring(1).ToLowerInvariant(); } foreach (string ft in aft) { if (ft == ext) { allowed = true; break; } } } if (!allowed) { lblUploadResult.Text = Properties.Messages.InvalidFileType; lblUploadResult.CssClass = "resulterror"; } else { bool done = FilesAndAttachments.StoreFile(provider, CurrentDirectory + fileUpload.FileName, fileUpload.FileContent, chkOverwrite.Checked); if (!done) { lblUploadResult.Text = Properties.Messages.CannotStoreFile; lblUploadResult.CssClass = "resulterror"; } rptItems.DataBind(); } } } else { lblUploadResult.Text = Properties.Messages.FileVoid; lblUploadResult.CssClass = "resulterror"; } } }
protected void btnUpload_Click(object sender, EventArgs e) { if (canUpload) { lblUploadResult.Text = ""; if (fileUpload.HasFile) { if (fileUpload.FileBytes.Length > Settings.MaxFileSize * 1024) { lblUploadResult.Text = Properties.Messages.FileTooBig; lblUploadResult.CssClass = "resulterror"; } else { // Check file extension string[] aft = Settings.AllowedFileTypes; bool allowed = false; if (aft.Length > 0 && aft[0] == "*") { allowed = true; } else { string ext = Path.GetExtension(fileUpload.FileName); if (ext == null) { ext = ""; } if (ext.StartsWith(".")) { ext = ext.Substring(1).ToLowerInvariant(); } foreach (string ft in aft) { if (ft == ext) { allowed = true; break; } } } if (!allowed) { lblUploadResult.Text = Properties.Messages.InvalidFileType; lblUploadResult.CssClass = "resulterror"; } else { // Store attachment bool done = FilesAndAttachments.StorePageAttachment(provider, CurrentPage.FullName, fileUpload.FileName, fileUpload.FileContent, chkOverwrite.Checked); if (!done) { lblUploadResult.Text = Properties.Messages.CannotStoreFile; lblUploadResult.CssClass = "resulterror"; } else { Host.Instance.OnAttachmentActivity(provider.GetType().FullName, fileUpload.FileName, CurrentPage.FullName, null, FileActivity.AttachmentUploaded); } rptItems.DataBind(); } } } else { lblUploadResult.Text = Properties.Messages.FileVoid; lblUploadResult.CssClass = "resulterror"; } } }