Ticket #79: 79_FCKeditor.Net.patch
File 79_FCKeditor.Net.patch, 49.4 KB (added by , 16 years ago) |
---|
-
_whatsnew.html
1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 2 2 <!-- 3 3 * FCKeditor - The text editor for Internet - http://www.fckeditor.net 4 4 * Copyright (C) 2003-2007 Frederico Caldeira Knabben … … 35 35 <h3> 36 36 Version 2.5</h3> 37 37 <p> 38 <strong><span style="color: #ff0000">Attention :</span></strong> Th is version is39 not compatible with releases before FCKeditor 2.5.</p>38 <strong><span style="color: #ff0000">Attention :</span></strong> The File Browser 39 and Uploader in this version is not compatible with releases before FCKeditor 2.5.1.</p> 40 40 <p> 41 41 New Features and Improvements:</p> 42 42 <ul> … … 57 57 <li>[<a target="_blank" href="http://dev.fckeditor.net/ticket/294">#294</a>] The HtmlEncodeOutput 58 58 setting is enforced by the editor component, to avoid having to set ValidateRequest="false" 59 59 on pages using the editor.</li> 60 <li><span style="color: #ff0000"><strong>Attention :</strong></span> The default connector 61 path has been changed to "/userfiles/", instead of "/UserFiles/". This change should 62 not impact Windows installations.</li> 60 <li>Several changes to the File Browser and Uploader:<ul> 61 <li>Several security checks have been introduced. <strong>Upgrading is hightly recommended</strong>.</li> 62 <li>The code has been reviewed according to our standards, aligning the FCKeditor.Net 63 File Browser to the same quality and feature level present in other server language 64 implementations of it, like the PHP implementation.</li> 65 <li>The connector can now be fully configured by using the "editor/filemanager/connectors/aspx/config.ascx" 66 file, available with FCKeditor 2.5.1.</li> 67 <li>For file uploads, the file extension is precisely controlled in a list defined in 68 the config.ascx file.</li> 69 <li>It is possible to define different folder locations for each file type.</li> 70 <li><strong><span style="color: #ff0000">Attention :</span></strong> For security, the 71 connector must be explicitly activated, by setting "Enabled = true" in the config.ascx 72 file.</li> 73 <li><span style="color: #ff0000"><strong>Attention :</strong></span> The default connector 74 path has been changed to "/userfiles/", instead of "/UserFiles/". This change should 75 not impact Windows installations.</li> 76 </ul> 77 </li> 63 78 </ul> 64 79 <p> 65 80 Fixed Bugs:</p> -
FileBrowser/Config.cs
1 /* 2 * FCKeditor - The text editor for Internet - http://www.fckeditor.net 3 * Copyright (C) 2003-2007 Frederico Caldeira Knabben 4 * 5 * == BEGIN LICENSE == 6 * 7 * Licensed under the terms of any of the following licenses at your 8 * choice: 9 * 10 * - GNU General Public License Version 2 or later (the "GPL") 11 * http://www.gnu.org/licenses/gpl.html 12 * 13 * - GNU Lesser General Public License Version 2.1 or later (the "LGPL") 14 * http://www.gnu.org/licenses/lgpl.html 15 * 16 * - Mozilla Public License Version 1.1 or later (the "MPL") 17 * http://www.mozilla.org/MPL/MPL-1.1.html 18 * 19 * == END LICENSE == 20 * 21 * This is the code behind of the connector.aspx page used by the 22 * File Browser. 23 */ 24 25 using System; 26 using System.Collections.Generic; 27 using System.Text; 28 using System.Web; 29 30 namespace FredCK.FCKeditorV2.FileBrowser 31 { 32 public class Config : System.Web.UI.UserControl 33 { 34 private const string DEFAULT_USER_FILES_PATH = "/userfiles/"; 35 36 private string sUserFilesDirectory; 37 38 public bool Enabled; 39 public string UserFilesPath; 40 public string UserFilesAbsolutePath; 41 public bool ForceSingleExtension; 42 public string[] AllowedTypes; 43 public string[] HtmlExtensions; 44 public TypeConfigList TypeConfig; 45 46 public Config() 47 {} 48 49 private void DefaultSettings() 50 { 51 // Initialize all default settings. 52 53 Enabled = false; 54 UserFilesPath = "/userfiles/"; 55 UserFilesAbsolutePath = ""; 56 ForceSingleExtension = true; 57 AllowedTypes = new string[] { "File", "Image", "Flash", "Media" }; 58 HtmlExtensions = new string[] { "html", "htm", "xml", "xsd", "txt", "js" }; 59 60 TypeConfig = new TypeConfigList( (FileWorkerBase)this.Page ); 61 62 TypeConfig[ "File" ].AllowedExtensions = new string[] { "7z", "aiff", "asf", "avi", "bmp", "csv", "doc", "fla", "flv", "gif", "gz", "gzip", "jpeg", "jpg", "mid", "mov", "mp3", "mp4", "mpc", "mpeg", "mpg", "ods", "odt", "pdf", "png", "ppt", "pxd", "qt", "ram", "rar", "rm", "rmi", "rmvb", "rtf", "sdc", "sitd", "swf", "sxc", "sxw", "tar", "tgz", "tif", "tiff", "txt", "vsd", "wav", "wma", "wmv", "xls", "xml", "zip" }; 63 TypeConfig[ "File" ].DeniedExtensions = new string[] { }; 64 TypeConfig[ "File" ].FilesPath = "%UserFilesPath%file/"; 65 TypeConfig[ "File" ].FilesAbsolutePath = ( UserFilesAbsolutePath == "" ? "" : "%UserFilesAbsolutePath%file/" ); 66 TypeConfig[ "File" ].QuickUploadPath = "%UserFilesPath%"; 67 TypeConfig[ "File" ].QuickUploadAbsolutePath = "%UserFilesAbsolutePath%"; 68 69 TypeConfig[ "Image" ].AllowedExtensions = new string[] { "bmp", "gif", "jpeg", "jpg", "png" }; 70 TypeConfig[ "Image" ].DeniedExtensions = new string[] { }; 71 TypeConfig[ "Image" ].FilesPath = "%UserFilesPath%image/"; 72 TypeConfig[ "Image" ].FilesAbsolutePath = ( UserFilesAbsolutePath == "" ? "" : "%UserFilesAbsolutePath%image/" ); 73 TypeConfig[ "Image" ].QuickUploadPath = "%UserFilesPath%"; 74 TypeConfig[ "Image" ].QuickUploadAbsolutePath = "%UserFilesAbsolutePath%"; 75 76 TypeConfig[ "Flash" ].AllowedExtensions = new string[] { "swf", "flv" }; 77 TypeConfig[ "Flash" ].DeniedExtensions = new string[] { }; 78 TypeConfig[ "Flash" ].FilesPath = "%UserFilesPath%flash/"; 79 TypeConfig[ "Flash" ].FilesAbsolutePath = ( UserFilesAbsolutePath == "" ? "" : "%UserFilesAbsolutePath%flash/" ); 80 TypeConfig[ "Flash" ].QuickUploadPath = "%UserFilesPath%"; 81 TypeConfig[ "Flash" ].QuickUploadAbsolutePath = "%UserFilesAbsolutePath%"; 82 83 TypeConfig[ "Media" ].AllowedExtensions = new string[] { "aiff", "asf", "avi", "bmp", "fla", "flv", "gif", "jpeg", "jpg", "mid", "mov", "mp3", "mp4", "mpc", "mpeg", "mpg", "png", "qt", "ram", "rm", "rmi", "rmvb", "swf", "tif", "tiff", "wav", "wma", "wmv" }; 84 TypeConfig[ "Media" ].DeniedExtensions = new string[] { }; 85 TypeConfig[ "Media" ].FilesPath = "%UserFilesPath%media/"; 86 TypeConfig[ "Media" ].FilesAbsolutePath = ( UserFilesAbsolutePath == "" ? "" : "%UserFilesAbsolutePath%media/" ); 87 TypeConfig[ "Media" ].QuickUploadPath = "%UserFilesPath%"; 88 TypeConfig[ "Media" ].QuickUploadAbsolutePath = "%UserFilesAbsolutePath%"; 89 } 90 91 internal void LoadConfig() 92 { 93 DefaultSettings(); 94 95 // Call the setConfig() function for the configuration file (config.ascx). 96 SetConfig(); 97 98 // Look for possible UserFilesPath override options. 99 100 // Session 101 string userFilesPath = Session[ "FCKeditor:UserFilesPath" ] as string; 102 103 // Application 104 if ( userFilesPath == null || userFilesPath.Length == 0 ) 105 userFilesPath = Application[ "FCKeditor:UserFilesPath" ] as string; 106 107 // Web.config file. 108 if ( userFilesPath == null || userFilesPath.Length == 0 ) 109 userFilesPath = System.Configuration.ConfigurationSettings.AppSettings[ "FCKeditor:UserFilesPath" ]; 110 111 // config.asxc 112 if ( userFilesPath == null || userFilesPath.Length == 0 ) 113 userFilesPath = this.UserFilesPath; 114 115 if ( userFilesPath == null || userFilesPath.Length == 0 ) 116 userFilesPath = DEFAULT_USER_FILES_PATH; 117 118 // Check that the user path ends with slash ("/") 119 if ( !userFilesPath.EndsWith( "/" ) ) 120 userFilesPath += "/"; 121 122 userFilesPath = this.ResolveUrl( userFilesPath ); 123 124 this.UserFilesPath = userFilesPath; 125 } 126 127 /// <summary> 128 /// The absolution path (server side) of the user files directory. It 129 /// is based on the <see cref="FileWorkerBase.UserFilesPath"/>. 130 /// </summary> 131 internal string UserFilesDirectory 132 { 133 get 134 { 135 if ( sUserFilesDirectory == null ) 136 { 137 if ( this.UserFilesAbsolutePath.Length > 0 ) 138 { 139 sUserFilesDirectory = this.UserFilesAbsolutePath; 140 sUserFilesDirectory = sUserFilesDirectory.TrimEnd( '\\', '/' ) + '/'; 141 } 142 else 143 { 144 // Get the local (server) directory path translation. 145 sUserFilesDirectory = Server.MapPath( this.UserFilesPath ); 146 } 147 } 148 return sUserFilesDirectory; 149 } 150 } 151 152 public virtual void SetConfig() 153 { } 154 155 internal bool CheckIsTypeAllowed( string typeName ) 156 { 157 return ( System.Array.IndexOf( this.AllowedTypes, typeName ) >= 0 ); 158 } 159 160 internal bool CheckIsNonHtmlExtension( string extension ) 161 { 162 return ( this.HtmlExtensions.Length == 0 || !Util.ArrayContains( this.HtmlExtensions, extension, System.Collections.CaseInsensitiveComparer.DefaultInvariant ) ); 163 } 164 } 165 } -
FileBrowser/Connector.cs
1 /* 2 * FCKeditor - The text editor for Internet - http://www.fckeditor.net 3 * Copyright (C) 2003-2007 Frederico Caldeira Knabben 4 * 5 * == BEGIN LICENSE == 6 * 7 * Licensed under the terms of any of the following licenses at your 8 * choice: 9 * 10 * - GNU General Public License Version 2 or later (the "GPL") 11 * http://www.gnu.org/licenses/gpl.html 12 * 13 * - GNU Lesser General Public License Version 2.1 or later (the "LGPL") 14 * http://www.gnu.org/licenses/lgpl.html 15 * 16 * - Mozilla Public License Version 1.1 or later (the "MPL") 17 * http://www.mozilla.org/MPL/MPL-1.1.html 18 * 19 * == END LICENSE == 20 * 21 * This is the code behind of the connector.aspx page used by the 22 * File Browser. 23 */ 24 25 using System ; 26 using System.Globalization ; 27 using System.Xml ; 28 using System.Web ; 29 30 namespace FredCK.FCKeditorV2.FileBrowser 31 { 32 public class Connector : FileWorkerBase 33 { 34 protected override void OnLoad(EventArgs e) 35 { 36 Config.LoadConfig(); 37 38 if ( !Config.Enabled ) 39 { 40 XmlResponseHandler.SendError( Response, 1, "This connector is disabled. Please check the \"editor/filemanager/connectors/aspx/config.aspx\" file." ); 41 return; 42 } 43 44 // Get the main request information. 45 string sCommand = Request.QueryString["Command"] ; 46 string sResourceType = Request.QueryString[ "Type" ]; 47 string sCurrentFolder = Request.QueryString[ "CurrentFolder" ]; 48 49 if ( sCommand == null || sResourceType == null || sCurrentFolder == null ) 50 { 51 XmlResponseHandler.SendError( Response, 1, "Invalid request." ); 52 return; 53 } 54 55 // Check if it is an allowed type. 56 if ( !Config.CheckIsTypeAllowed( sResourceType ) ) 57 { 58 XmlResponseHandler.SendError( Response, 1, "Invalid resource type specified." ) ; 59 return ; 60 } 61 62 // Check the current folder syntax (must begin and start with a slash). 63 if ( ! sCurrentFolder.EndsWith( "/" ) ) 64 sCurrentFolder += "/" ; 65 if ( ! sCurrentFolder.StartsWith( "/" ) ) 66 sCurrentFolder = "/" + sCurrentFolder ; 67 68 // Check for invalid folder paths (..). 69 if ( sCurrentFolder.IndexOf( ".." ) >= 0 ) 70 { 71 XmlResponseHandler.SendError( Response, 102, "" ); 72 return; 73 } 74 75 // File Upload doesn't have to return XML, so it must be intercepted before anything. 76 if ( sCommand == "FileUpload" ) 77 { 78 this.FileUpload( sResourceType, sCurrentFolder, false ) ; 79 return ; 80 } 81 82 XmlResponseHandler oResponseHandler = new XmlResponseHandler( this, Response ); 83 XmlNode oConnectorNode = oResponseHandler.CreateBaseXml( sCommand, sResourceType, sCurrentFolder ); 84 85 // Execute the required command. 86 switch( sCommand ) 87 { 88 case "GetFolders" : 89 this.GetFolders( oConnectorNode, sResourceType, sCurrentFolder ) ; 90 break ; 91 case "GetFoldersAndFiles" : 92 this.GetFolders( oConnectorNode, sResourceType, sCurrentFolder ) ; 93 this.GetFiles( oConnectorNode, sResourceType, sCurrentFolder ) ; 94 break ; 95 case "CreateFolder" : 96 this.CreateFolder( oConnectorNode, sResourceType, sCurrentFolder ) ; 97 break ; 98 } 99 100 oResponseHandler.SendResponse(); 101 } 102 103 #region Command Handlers 104 105 private void GetFolders( XmlNode connectorNode, string resourceType, string currentFolder ) 106 { 107 // Map the virtual path to the local server path. 108 string sServerDir = this.ServerMapFolder( resourceType, currentFolder, false ) ; 109 110 // Create the "Folders" node. 111 XmlNode oFoldersNode = XmlUtil.AppendElement( connectorNode, "Folders" ) ; 112 113 System.IO.DirectoryInfo oDir = new System.IO.DirectoryInfo( sServerDir ) ; 114 System.IO.DirectoryInfo[] aSubDirs = oDir.GetDirectories() ; 115 116 for ( int i = 0 ; i < aSubDirs.Length ; i++ ) 117 { 118 // Create the "Folders" node. 119 XmlNode oFolderNode = XmlUtil.AppendElement( oFoldersNode, "Folder" ) ; 120 XmlUtil.SetAttribute( oFolderNode, "name", aSubDirs[i].Name ) ; 121 } 122 } 123 124 private void GetFiles( XmlNode connectorNode, string resourceType, string currentFolder ) 125 { 126 // Map the virtual path to the local server path. 127 string sServerDir = this.ServerMapFolder( resourceType, currentFolder, false ) ; 128 129 // Create the "Files" node. 130 XmlNode oFilesNode = XmlUtil.AppendElement( connectorNode, "Files" ) ; 131 132 System.IO.DirectoryInfo oDir = new System.IO.DirectoryInfo( sServerDir ) ; 133 System.IO.FileInfo[] aFiles = oDir.GetFiles() ; 134 135 for ( int i = 0 ; i < aFiles.Length ; i++ ) 136 { 137 Decimal iFileSize = Math.Round( (Decimal)aFiles[i].Length / 1024 ) ; 138 if ( iFileSize < 1 && aFiles[i].Length != 0 ) iFileSize = 1 ; 139 140 // Create the "File" node. 141 XmlNode oFileNode = XmlUtil.AppendElement( oFilesNode, "File" ) ; 142 XmlUtil.SetAttribute( oFileNode, "name", aFiles[i].Name ) ; 143 XmlUtil.SetAttribute( oFileNode, "size", iFileSize.ToString( CultureInfo.InvariantCulture ) ) ; 144 } 145 } 146 147 private void CreateFolder( XmlNode connectorNode, string resourceType, string currentFolder ) 148 { 149 string sErrorNumber = "0" ; 150 151 string sNewFolderName = Request.QueryString["NewFolderName"] ; 152 sNewFolderName = this.SanitizeFolderName( sNewFolderName ); 153 154 if ( sNewFolderName == null || sNewFolderName.Length == 0 ) 155 sErrorNumber = "102" ; 156 else 157 { 158 // Map the virtual path to the local server path of the current folder. 159 string sServerDir = this.ServerMapFolder( resourceType, currentFolder, false ) ; 160 161 try 162 { 163 Util.CreateDirectory( System.IO.Path.Combine( sServerDir, sNewFolderName )) ; 164 } 165 catch ( ArgumentException ) 166 { 167 sErrorNumber = "102" ; 168 } 169 catch ( System.IO.PathTooLongException ) 170 { 171 sErrorNumber = "102" ; 172 } 173 catch ( System.IO.IOException ) 174 { 175 sErrorNumber = "101" ; 176 } 177 catch ( System.Security.SecurityException ) 178 { 179 sErrorNumber = "103" ; 180 } 181 catch ( Exception ) 182 { 183 sErrorNumber = "110" ; 184 } 185 } 186 187 // Create the "Error" node. 188 XmlNode oErrorNode = XmlUtil.AppendElement( connectorNode, "Error" ) ; 189 XmlUtil.SetAttribute( oErrorNode, "number", sErrorNumber ) ; 190 } 191 192 193 #endregion 194 195 #region Directory Mapping 196 197 internal string GetUrlFromPath( string resourceType, string folderPath ) 198 { 199 if ( resourceType == null || resourceType.Length == 0 ) 200 return this.Config.UserFilesPath.TrimEnd( '/' ) + folderPath; 201 else 202 return this.Config.TypeConfig[ resourceType ].GetFilesPath().TrimEnd( '/' ) + folderPath; 203 } 204 205 #endregion 206 } 207 } -
FileBrowser/FileWorkerBase.cs
1 /* 2 * FCKeditor - The text editor for Internet - http://www.fckeditor.net 3 * Copyright (C) 2003-2007 Frederico Caldeira Knabben 4 * 5 * == BEGIN LICENSE == 6 * 7 * Licensed under the terms of any of the following licenses at your 8 * choice: 9 * 10 * - GNU General Public License Version 2 or later (the "GPL") 11 * http://www.gnu.org/licenses/gpl.html 12 * 13 * - GNU Lesser General Public License Version 2.1 or later (the "LGPL") 14 * http://www.gnu.org/licenses/lgpl.html 15 * 16 * - Mozilla Public License Version 1.1 or later (the "MPL") 17 * http://www.mozilla.org/MPL/MPL-1.1.html 18 * 19 * == END LICENSE == 20 * 21 * Base class used by the FileBrowserConnector and Uploader. 22 */ 23 24 using System; 25 using System.Web; 26 using System.Text.RegularExpressions; 27 28 namespace FredCK.FCKeditorV2.FileBrowser 29 { 30 public abstract class FileWorkerBase : System.Web.UI.Page 31 { 32 public Config Config; 33 34 protected void FileUpload( string resourceType, string currentFolder, bool isQuickUpload ) 35 { 36 HttpPostedFile oFile = Request.Files[ "NewFile" ]; 37 38 string sFileName = ""; 39 40 if ( oFile == null ) 41 { 42 this.SendFileUploadResponse( 202, isQuickUpload ); 43 return; 44 } 45 46 // Map the virtual path to the local server path. 47 string sServerDir = this.ServerMapFolder( resourceType, currentFolder, isQuickUpload ); 48 49 // Get the uploaded file name. 50 sFileName = System.IO.Path.GetFileName( oFile.FileName ); 51 sFileName = this.SanitizeFileName( sFileName ); 52 53 string sExtension = System.IO.Path.GetExtension( oFile.FileName ); 54 sExtension = sExtension.TrimStart( '.' ); 55 56 if ( !this.Config.TypeConfig[ resourceType ].CheckIsAllowedExtension( sExtension ) ) 57 { 58 this.SendFileUploadResponse( 202, isQuickUpload ); 59 return; 60 } 61 62 if ( this.Config.CheckIsNonHtmlExtension( sExtension ) && !this.CheckNonHtmlFile( oFile ) ) 63 { 64 this.SendFileUploadResponse( 202, isQuickUpload ); 65 return; 66 } 67 68 int iErrorNumber = 0; 69 int iCounter = 0; 70 71 while ( true ) 72 { 73 string sFilePath = System.IO.Path.Combine( sServerDir, sFileName ); 74 75 if ( System.IO.File.Exists( sFilePath ) ) 76 { 77 iCounter++; 78 sFileName = 79 System.IO.Path.GetFileNameWithoutExtension( oFile.FileName ) + 80 "(" + iCounter + ")." + 81 sExtension; 82 83 iErrorNumber = 201; 84 } 85 else 86 { 87 oFile.SaveAs( sFilePath ); 88 break; 89 } 90 } 91 92 TypeConfig typeConfig = this.Config.TypeConfig[resourceType] ; 93 94 string sFileUrl = isQuickUpload ? typeConfig.GetQuickUploadPath() : typeConfig.GetFilesPath() ; 95 sFileUrl += sFileName; 96 97 this.SendFileUploadResponse( iErrorNumber, isQuickUpload, sFileUrl, sFileName ); 98 } 99 100 private void SendFileUploadResponse( int errorNumber, bool isQuickUpload ) 101 { 102 this.SendFileUploadResponse( errorNumber, isQuickUpload, "", "", "" ); 103 } 104 105 private void SendFileUploadResponse( int errorNumber, bool isQuickUpload, string fileUrl, string fileName ) 106 { 107 this.SendFileUploadResponse( errorNumber, isQuickUpload, fileUrl, fileName, "" ); 108 } 109 110 protected void SendFileUploadResponse( int errorNumber, bool isQuickUpload, string fileUrl, string fileName, string customMsg ) 111 { 112 Response.Clear(); 113 114 Response.Write( "<script type=\"text/javascript\">" ); 115 116 if ( isQuickUpload ) 117 Response.Write( "window.parent.OnUploadCompleted(" + errorNumber + ",'" + fileUrl.Replace( "'", "\\'" ) + "','" + fileName.Replace( "'", "\\'" ) + "','" + customMsg.Replace( "'", "\\'" ) + "') ;" ); 118 else 119 Response.Write( "window.parent.frames['frmUpload'].OnUploadCompleted(" + errorNumber + ",'" + fileName.Replace( "'", "\\'" ) + "') ;" ); 120 121 Response.Write( "</script>" ); 122 123 Response.End(); 124 } 125 126 protected string ServerMapFolder( string resourceType, string folderPath, bool isQuickUpload ) 127 { 128 TypeConfig typeConfig = this.Config.TypeConfig[ resourceType ]; 129 130 // Get the resource type directory. 131 string sResourceTypePath = isQuickUpload ? typeConfig.GetQuickUploadDirectory() : typeConfig.GetFilesDirectory(); 132 133 // Ensure that the directory exists. 134 Util.CreateDirectory( sResourceTypePath ); 135 136 // Return the resource type directory combined with the required path. 137 return System.IO.Path.Combine( sResourceTypePath, folderPath.TrimStart( '/' ) ); 138 } 139 140 141 // Do a cleanup of the folder name to avoid possible problems 142 protected string SanitizeFolderName( string folderName ) 143 { 144 // Remove . \ / | : ? * " < > 145 return Regex.Replace( folderName, @"[.\\/|:?*""<>]", "_", RegexOptions.None ); 146 } 147 148 // Do a cleanup of the file name to avoid possible problems 149 private string SanitizeFileName( string fileName ) 150 { 151 // Replace dots in the name with underscores (only one dot can be there... security issue). 152 if ( Config.ForceSingleExtension ) 153 fileName = Regex.Replace( fileName, @"\.(?![^.]*$)", "_", RegexOptions.None ); 154 155 // Remove \ / | : ? * " < > 156 return Regex.Replace( fileName, @"[\\/|:?*""<>]", "_", RegexOptions.None ); 157 } 158 159 private bool CheckNonHtmlFile( HttpPostedFile file ) 160 { 161 byte[] buffer = new byte[ 1024 ]; 162 file.InputStream.Read( buffer, 0, 1024 ); 163 164 string firstKB = System.Text.ASCIIEncoding.ASCII.GetString( buffer ); 165 166 if ( Regex.IsMatch( firstKB, @"<!DOCTYPE\W*X?HTML", RegexOptions.IgnoreCase | RegexOptions.Singleline ) ) 167 return false; 168 169 if ( Regex.IsMatch( firstKB, @"<(?:body|head|html|img|pre|script|table|title)", RegexOptions.IgnoreCase | RegexOptions.Singleline ) ) 170 return false; 171 172 //type = javascript 173 if ( Regex.IsMatch( firstKB, @"type\s*=\s*[\'""]?\s*(?:\w*/)?(?:ecma|java)", RegexOptions.IgnoreCase | RegexOptions.Singleline ) ) 174 return false; 175 176 //href = javascript 177 //src = javascript 178 //data = javascript 179 if ( Regex.IsMatch( firstKB, @"(?:href|src|data)\s*=\s*[\'""]?\s*(?:ecma|java)script:", RegexOptions.IgnoreCase | RegexOptions.Singleline ) ) 180 return false; 181 182 //url(javascript 183 if ( Regex.IsMatch( firstKB, @"url\s*\(\s*[\'""]?\s*(?:ecma|java)script:", RegexOptions.IgnoreCase | RegexOptions.Singleline ) ) 184 return false; 185 186 return true; 187 } 188 } 189 } -
FileBrowser/TypeConfig.cs
1 /* 2 * FCKeditor - The text editor for Internet - http://www.fckeditor.net 3 * Copyright (C) 2003-2007 Frederico Caldeira Knabben 4 * 5 * == BEGIN LICENSE == 6 * 7 * Licensed under the terms of any of the following licenses at your 8 * choice: 9 * 10 * - GNU General Public License Version 2 or later (the "GPL") 11 * http://www.gnu.org/licenses/gpl.html 12 * 13 * - GNU Lesser General Public License Version 2.1 or later (the "LGPL") 14 * http://www.gnu.org/licenses/lgpl.html 15 * 16 * - Mozilla Public License Version 1.1 or later (the "MPL") 17 * http://www.mozilla.org/MPL/MPL-1.1.html 18 * 19 * == END LICENSE == 20 */ 21 22 using System; 23 24 namespace FredCK.FCKeditorV2.FileBrowser 25 { 26 public class TypeConfig 27 { 28 private FileWorkerBase _FileWorker; 29 30 public string[] AllowedExtensions; 31 public string[] DeniedExtensions; 32 public string FilesPath; 33 public string FilesAbsolutePath; 34 public string QuickUploadPath; 35 public string QuickUploadAbsolutePath; 36 37 private string _UserFilesPath; 38 private string _UserFilesDirectory; 39 40 private string _QuickUploadPath; 41 private string _QuickUploadDirectory; 42 43 public TypeConfig( FileWorkerBase fileWorker ) 44 { 45 _FileWorker = fileWorker; 46 47 AllowedExtensions = new string[ 0 ]; 48 DeniedExtensions = new string[ 0 ]; 49 FilesPath = ""; 50 FilesAbsolutePath = ""; 51 QuickUploadPath = ""; 52 QuickUploadAbsolutePath = ""; 53 } 54 55 private FileWorkerBase FileWorker 56 { 57 get { return _FileWorker; } 58 } 59 60 internal string GetFilesPath() 61 { 62 if ( _UserFilesPath == null ) 63 _UserFilesPath = FilesPath.Replace( "%UserFilesPath%", this.FileWorker.Config.UserFilesPath ); 64 65 return _UserFilesPath; 66 } 67 68 internal string GetFilesDirectory() 69 { 70 if ( _UserFilesDirectory == null ) 71 { 72 if ( this.FilesAbsolutePath.Length == 0 ) 73 _UserFilesDirectory = System.Web.HttpContext.Current.Server.MapPath( this.GetFilesPath() ); 74 else 75 _UserFilesDirectory = FilesAbsolutePath.Replace( "%UserFilesAbsolutePath%", this.FileWorker.Config.UserFilesDirectory ); 76 } 77 78 return _UserFilesDirectory; 79 } 80 81 internal string GetQuickUploadPath() 82 { 83 if ( _QuickUploadPath == null ) 84 _QuickUploadPath = QuickUploadPath.Replace( "%UserFilesPath%", this.FileWorker.Config.UserFilesPath ); 85 86 return _QuickUploadPath; 87 } 88 89 internal string GetQuickUploadDirectory() 90 { 91 if ( _QuickUploadDirectory == null ) 92 { 93 if ( this.QuickUploadAbsolutePath.Length == 0 ) 94 _QuickUploadDirectory = System.Web.HttpContext.Current.Server.MapPath( this.GetQuickUploadPath() ); 95 else 96 _QuickUploadDirectory = QuickUploadAbsolutePath.Replace( "%UserFilesAbsolutePath%", this.FileWorker.Config.UserFilesDirectory ); 97 } 98 99 return _QuickUploadDirectory; 100 } 101 102 internal bool CheckIsAllowedExtension( string extension ) 103 { 104 // Do not accept empty settings. 105 if ( AllowedExtensions.Length == 0 && DeniedExtensions.Length == 0 ) 106 return false; 107 108 if ( DeniedExtensions.Length > 0 && !Util.ArrayContains( DeniedExtensions, extension, System.Collections.CaseInsensitiveComparer.DefaultInvariant ) ) 109 return false; 110 111 if ( AllowedExtensions.Length > 0 && !Util.ArrayContains( AllowedExtensions, extension, System.Collections.CaseInsensitiveComparer.DefaultInvariant ) ) 112 return false; 113 114 return true; 115 } 116 } 117 } -
FileBrowser/TypeConfigList.cs
1 /* 2 * FCKeditor - The text editor for Internet - http://www.fckeditor.net 3 * Copyright (C) 2003-2007 Frederico Caldeira Knabben 4 * 5 * == BEGIN LICENSE == 6 * 7 * Licensed under the terms of any of the following licenses at your 8 * choice: 9 * 10 * - GNU General Public License Version 2 or later (the "GPL") 11 * http://www.gnu.org/licenses/gpl.html 12 * 13 * - GNU Lesser General Public License Version 2.1 or later (the "LGPL") 14 * http://www.gnu.org/licenses/lgpl.html 15 * 16 * - Mozilla Public License Version 1.1 or later (the "MPL") 17 * http://www.mozilla.org/MPL/MPL-1.1.html 18 * 19 * == END LICENSE == 20 */ 21 22 using System; 23 24 namespace FredCK.FCKeditorV2.FileBrowser 25 { 26 public class TypeConfigList 27 { 28 private FileWorkerBase _FileWorker; 29 private System.Collections.Hashtable _Types; 30 31 public TypeConfigList( FileWorkerBase fileWorker ) 32 { 33 _FileWorker = fileWorker; 34 35 _Types = new System.Collections.Hashtable( 4 ); 36 } 37 38 public TypeConfig this[ string typeName ] 39 { 40 get 41 { 42 if ( !_Types.Contains( typeName ) ) 43 _Types[ typeName ] = new TypeConfig( _FileWorker ); 44 45 return (TypeConfig)_Types[ typeName ]; 46 } 47 } 48 } 49 } -
FileBrowser/Uploader.cs
1 /* 2 * FCKeditor - The text editor for Internet - http://www.fckeditor.net 3 * Copyright (C) 2003-2007 Frederico Caldeira Knabben 4 * 5 * == BEGIN LICENSE == 6 * 7 * Licensed under the terms of any of the following licenses at your 8 * choice: 9 * 10 * - GNU General Public License Version 2 or later (the "GPL") 11 * http://www.gnu.org/licenses/gpl.html 12 * 13 * - GNU Lesser General Public License Version 2.1 or later (the "LGPL") 14 * http://www.gnu.org/licenses/lgpl.html 15 * 16 * - Mozilla Public License Version 1.1 or later (the "MPL") 17 * http://www.mozilla.org/MPL/MPL-1.1.html 18 * 19 * == END LICENSE == 20 * 21 * This is the code behind of the uploader.aspx page used for Quick Uploads. 22 */ 23 24 using System ; 25 using System.Globalization ; 26 using System.Xml ; 27 using System.Web ; 28 29 namespace FredCK.FCKeditorV2.FileBrowser 30 { 31 public class Uploader : FileWorkerBase 32 { 33 protected override void OnLoad(EventArgs e) 34 { 35 this.Config.LoadConfig(); 36 37 if ( !Config.Enabled ) 38 { 39 this.SendFileUploadResponse( 1, true, "", "", "This connector is disabled. Please check the \"editor/filemanager/connectors/aspx/config.aspx\" file." ); 40 return; 41 } 42 43 string sResourceType = Request.QueryString[ "Type" ]; 44 45 if ( sResourceType == null ) 46 { 47 this.SendFileUploadResponse( 1, true, "", "", "Invalid request." ); 48 return; 49 } 50 51 // Check if it is an allowed type. 52 if ( !Config.CheckIsTypeAllowed( sResourceType ) ) 53 { 54 this.SendFileUploadResponse( 1, true, "", "", "Invalid resource type specified." ); 55 return; 56 } 57 58 this.FileUpload( sResourceType, "/", true ); 59 } 60 } 61 } -
FileBrowser/XmlResponseHandler.cs
1 /* 2 * FCKeditor - The text editor for Internet - http://www.fckeditor.net 3 * Copyright (C) 2003-2007 Frederico Caldeira Knabben 4 * 5 * == BEGIN LICENSE == 6 * 7 * Licensed under the terms of any of the following licenses at your 8 * choice: 9 * 10 * - GNU General Public License Version 2 or later (the "GPL") 11 * http://www.gnu.org/licenses/gpl.html 12 * 13 * - GNU Lesser General Public License Version 2.1 or later (the "LGPL") 14 * http://www.gnu.org/licenses/lgpl.html 15 * 16 * - Mozilla Public License Version 1.1 or later (the "MPL") 17 * http://www.mozilla.org/MPL/MPL-1.1.html 18 * 19 * == END LICENSE == 20 */ 21 22 using System; 23 using System.Web; 24 using System.Xml; 25 26 namespace FredCK.FCKeditorV2.FileBrowser 27 { 28 class XmlResponseHandler 29 { 30 private Connector _Connector; 31 private HttpResponse _Response; 32 private XmlDocument _Xml; 33 34 internal XmlResponseHandler( Connector connector, HttpResponse response ) 35 { 36 _Connector = connector; 37 _Response = response; 38 } 39 40 private HttpResponse Response 41 { 42 get { return _Response; } 43 } 44 45 private Connector Connector 46 { 47 get { return _Connector; } 48 } 49 50 private XmlDocument Xml 51 { 52 get 53 { 54 if ( _Xml == null ) 55 _Xml = new XmlDocument(); 56 57 return _Xml; 58 } 59 } 60 61 public XmlNode CreateBaseXml( string command, string resourceType, string currentFolder ) 62 { 63 // Create the XML document header. 64 Xml.AppendChild( Xml.CreateXmlDeclaration( "1.0", "utf-8", null ) ); 65 66 // Create the main "Connector" node. 67 XmlNode oConnectorNode = XmlUtil.AppendElement( Xml, "Connector" ); 68 XmlUtil.SetAttribute( oConnectorNode, "command", command ); 69 XmlUtil.SetAttribute( oConnectorNode, "resourceType", resourceType ); 70 71 // Add the current folder node. 72 XmlNode oCurrentNode = XmlUtil.AppendElement( oConnectorNode, "CurrentFolder" ); 73 XmlUtil.SetAttribute( oCurrentNode, "path", currentFolder ); 74 XmlUtil.SetAttribute( oCurrentNode, "url", Connector.GetUrlFromPath( resourceType, currentFolder ) ); 75 76 return oConnectorNode; 77 } 78 79 private void SetupResponse() 80 { 81 XmlResponseHandler.SetupResponse( this.Response ); 82 } 83 84 private static void SetupResponse( HttpResponse response ) 85 { 86 // Cleans the response buffer. 87 response.ClearHeaders(); 88 response.Clear(); 89 90 // Prevent the browser from caching the result. 91 response.CacheControl = "no-cache"; 92 93 // Set the response format. 94 response.ContentEncoding = System.Text.UTF8Encoding.UTF8; 95 response.ContentType = "text/xml"; 96 } 97 98 public void SendResponse() 99 { 100 SetupResponse(); 101 Response.Write( Xml.OuterXml ); 102 Response.End(); 103 } 104 105 internal static void SendError( HttpResponse response, int errorNumber, string errorText ) 106 { 107 SetupResponse( response ); 108 109 response.Write( "<?xml version=\"1.0\" encoding=\"utf-8\" ?>" ) ; 110 response.Write( "<Connector>" ); 111 response.Write( "<Error number=\"" + errorNumber + "\" text=\"" + HttpUtility.HtmlEncode( errorText ) + "\" />" ); 112 response.Write( "</Connector>" ); 113 114 response.End() ; 115 } 116 } 117 } -
FileBrowserConnector.cs
1 /*2 * FCKeditor - The text editor for Internet - http://www.fckeditor.net3 * Copyright (C) 2003-2007 Frederico Caldeira Knabben4 *5 * == BEGIN LICENSE ==6 *7 * Licensed under the terms of any of the following licenses at your8 * choice:9 *10 * - GNU General Public License Version 2 or later (the "GPL")11 * http://www.gnu.org/licenses/gpl.html12 *13 * - GNU Lesser General Public License Version 2.1 or later (the "LGPL")14 * http://www.gnu.org/licenses/lgpl.html15 *16 * - Mozilla Public License Version 1.1 or later (the "MPL")17 * http://www.mozilla.org/MPL/MPL-1.1.html18 *19 * == END LICENSE ==20 *21 * This is the code behind of the connector.aspx page used by the22 * File Browser.23 */24 25 using System ;26 using System.Globalization ;27 using System.Xml ;28 using System.Web ;29 30 namespace FredCK.FCKeditorV231 {32 public class FileBrowserConnector : FileWorkerBase33 {34 protected override void OnLoad(EventArgs e)35 {36 // Get the main request informaiton.37 string sCommand = Request.QueryString["Command"] ;38 if ( sCommand == null ) return ;39 40 string sResourceType = Request.QueryString["Type"] ;41 if ( sResourceType == null ) return ;42 43 string sCurrentFolder = Request.QueryString["CurrentFolder"] ;44 if ( sCurrentFolder == null ) return ;45 46 // Check the current folder syntax (must begin and start with a slash).47 if ( ! sCurrentFolder.EndsWith( "/" ) )48 sCurrentFolder += "/" ;49 if ( ! sCurrentFolder.StartsWith( "/" ) )50 sCurrentFolder = "/" + sCurrentFolder ;51 52 // File Upload doesn't have to return XML, so it must be intercepted before anything.53 if ( sCommand == "FileUpload" )54 {55 this.FileUpload( sResourceType, sCurrentFolder ) ;56 return ;57 }58 59 // Cleans the response buffer.60 Response.ClearHeaders() ;61 Response.Clear() ;62 63 // Prevent the browser from caching the result.64 Response.CacheControl = "no-cache" ;65 66 // Set the response format.67 Response.ContentEncoding = System.Text.UTF8Encoding.UTF8 ;68 Response.ContentType = "text/xml" ;69 70 XmlDocument oXML = new XmlDocument() ;71 XmlNode oConnectorNode = CreateBaseXml( oXML, sCommand, sResourceType, sCurrentFolder ) ;72 73 // Execute the required command.74 switch( sCommand )75 {76 case "GetFolders" :77 this.GetFolders( oConnectorNode, sResourceType, sCurrentFolder ) ;78 break ;79 case "GetFoldersAndFiles" :80 this.GetFolders( oConnectorNode, sResourceType, sCurrentFolder ) ;81 this.GetFiles( oConnectorNode, sResourceType, sCurrentFolder ) ;82 break ;83 case "CreateFolder" :84 this.CreateFolder( oConnectorNode, sResourceType, sCurrentFolder ) ;85 break ;86 }87 88 // Output the resulting XML.89 Response.Write( oXML.OuterXml ) ;90 91 Response.End() ;92 }93 94 #region Base XML Creation95 96 private XmlNode CreateBaseXml( XmlDocument xml, string command, string resourceType, string currentFolder )97 {98 // Create the XML document header.99 xml.AppendChild( xml.CreateXmlDeclaration( "1.0", "utf-8", null ) ) ;100 101 // Create the main "Connector" node.102 XmlNode oConnectorNode = XmlUtil.AppendElement( xml, "Connector" ) ;103 XmlUtil.SetAttribute( oConnectorNode, "command", command ) ;104 XmlUtil.SetAttribute( oConnectorNode, "resourceType", resourceType ) ;105 106 // Add the current folder node.107 XmlNode oCurrentNode = XmlUtil.AppendElement( oConnectorNode, "CurrentFolder" ) ;108 XmlUtil.SetAttribute( oCurrentNode, "path", currentFolder ) ;109 XmlUtil.SetAttribute( oCurrentNode, "url", GetUrlFromPath( resourceType, currentFolder) ) ;110 111 return oConnectorNode ;112 }113 114 #endregion115 116 #region Command Handlers117 118 private void GetFolders( XmlNode connectorNode, string resourceType, string currentFolder )119 {120 // Map the virtual path to the local server path.121 string sServerDir = this.ServerMapFolder( resourceType, currentFolder ) ;122 123 // Create the "Folders" node.124 XmlNode oFoldersNode = XmlUtil.AppendElement( connectorNode, "Folders" ) ;125 126 System.IO.DirectoryInfo oDir = new System.IO.DirectoryInfo( sServerDir ) ;127 System.IO.DirectoryInfo[] aSubDirs = oDir.GetDirectories() ;128 129 for ( int i = 0 ; i < aSubDirs.Length ; i++ )130 {131 // Create the "Folders" node.132 XmlNode oFolderNode = XmlUtil.AppendElement( oFoldersNode, "Folder" ) ;133 XmlUtil.SetAttribute( oFolderNode, "name", aSubDirs[i].Name ) ;134 }135 }136 137 private void GetFiles( XmlNode connectorNode, string resourceType, string currentFolder )138 {139 // Map the virtual path to the local server path.140 string sServerDir = this.ServerMapFolder( resourceType, currentFolder ) ;141 142 // Create the "Files" node.143 XmlNode oFilesNode = XmlUtil.AppendElement( connectorNode, "Files" ) ;144 145 System.IO.DirectoryInfo oDir = new System.IO.DirectoryInfo( sServerDir ) ;146 System.IO.FileInfo[] aFiles = oDir.GetFiles() ;147 148 for ( int i = 0 ; i < aFiles.Length ; i++ )149 {150 Decimal iFileSize = Math.Round( (Decimal)aFiles[i].Length / 1024 ) ;151 if ( iFileSize < 1 && aFiles[i].Length != 0 ) iFileSize = 1 ;152 153 // Create the "File" node.154 XmlNode oFileNode = XmlUtil.AppendElement( oFilesNode, "File" ) ;155 XmlUtil.SetAttribute( oFileNode, "name", aFiles[i].Name ) ;156 XmlUtil.SetAttribute( oFileNode, "size", iFileSize.ToString( CultureInfo.InvariantCulture ) ) ;157 }158 }159 160 private void CreateFolder( XmlNode connectorNode, string resourceType, string currentFolder )161 {162 string sErrorNumber = "0" ;163 164 string sNewFolderName = Request.QueryString["NewFolderName"] ;165 166 if ( sNewFolderName == null || sNewFolderName.Length == 0 )167 sErrorNumber = "102" ;168 else169 {170 // Map the virtual path to the local server path of the current folder.171 string sServerDir = this.ServerMapFolder( resourceType, currentFolder ) ;172 173 try174 {175 Util.CreateDirectory( System.IO.Path.Combine( sServerDir, sNewFolderName )) ;176 }177 catch ( ArgumentException )178 {179 sErrorNumber = "102" ;180 }181 catch ( System.IO.PathTooLongException )182 {183 sErrorNumber = "102" ;184 }185 catch ( System.IO.IOException )186 {187 sErrorNumber = "101" ;188 }189 catch ( System.Security.SecurityException )190 {191 sErrorNumber = "103" ;192 }193 catch ( Exception )194 {195 sErrorNumber = "110" ;196 }197 }198 199 // Create the "Error" node.200 XmlNode oErrorNode = XmlUtil.AppendElement( connectorNode, "Error" ) ;201 XmlUtil.SetAttribute( oErrorNode, "number", sErrorNumber ) ;202 }203 204 private void FileUpload( string resourceType, string currentFolder )205 {206 HttpPostedFile oFile = Request.Files["NewFile"] ;207 208 string sErrorNumber = "0" ;209 string sFileName = "" ;210 211 if ( oFile != null )212 {213 // Map the virtual path to the local server path.214 string sServerDir = this.ServerMapFolder( resourceType, currentFolder ) ;215 216 // Get the uploaded file name.217 sFileName = System.IO.Path.GetFileName( oFile.FileName ) ;218 219 int iCounter = 0 ;220 221 while ( true )222 {223 string sFilePath = System.IO.Path.Combine( sServerDir, sFileName ) ;224 225 if ( System.IO.File.Exists( sFilePath ) )226 {227 iCounter++ ;228 sFileName =229 System.IO.Path.GetFileNameWithoutExtension( oFile.FileName ) +230 "(" + iCounter + ")" +231 System.IO.Path.GetExtension( oFile.FileName ) ;232 233 sErrorNumber = "201" ;234 }235 else236 {237 oFile.SaveAs( sFilePath ) ;238 break ;239 }240 }241 }242 else243 sErrorNumber = "202" ;244 245 Response.Clear() ;246 247 Response.Write( "<script type=\"text/javascript\">" ) ;248 Response.Write( "window.parent.frames['frmUpload'].OnUploadCompleted(" + sErrorNumber + ",'" + sFileName.Replace( "'", "\\'" ) + "') ;" ) ;249 Response.Write( "</script>" ) ;250 251 Response.End() ;252 }253 254 #endregion255 256 #region Directory Mapping257 258 private string ServerMapFolder( string resourceType, string folderPath )259 {260 // Get the resource type directory.261 string sResourceTypePath = System.IO.Path.Combine( this.UserFilesDirectory, resourceType ) ;262 263 // Ensure that the directory exists.264 Util.CreateDirectory( sResourceTypePath ) ;265 266 // Return the resource type directory combined with the required path.267 return System.IO.Path.Combine( sResourceTypePath, folderPath.TrimStart('/') ) ;268 }269 270 private string GetUrlFromPath( string resourceType, string folderPath )271 {272 if ( resourceType == null || resourceType.Length == 0 )273 return this.UserFilesPath.TrimEnd('/') + folderPath ;274 else275 return this.UserFilesPath + resourceType + folderPath ;276 }277 278 #endregion279 }280 } -
FileWorkerBase.cs
1 /*2 * FCKeditor - The text editor for Internet - http://www.fckeditor.net3 * Copyright (C) 2003-2007 Frederico Caldeira Knabben4 *5 * == BEGIN LICENSE ==6 *7 * Licensed under the terms of any of the following licenses at your8 * choice:9 *10 * - GNU General Public License Version 2 or later (the "GPL")11 * http://www.gnu.org/licenses/gpl.html12 *13 * - GNU Lesser General Public License Version 2.1 or later (the "LGPL")14 * http://www.gnu.org/licenses/lgpl.html15 *16 * - Mozilla Public License Version 1.1 or later (the "MPL")17 * http://www.mozilla.org/MPL/MPL-1.1.html18 *19 * == END LICENSE ==20 *21 * Base class used by the FileBrowserConnector and Uploader.22 */23 24 using System;25 26 namespace FredCK.FCKeditorV227 {28 public abstract class FileWorkerBase : System.Web.UI.Page29 {30 private const string DEFAULT_USER_FILES_PATH = "/userfiles/" ;31 32 private string sUserFilesPath ;33 private string sUserFilesDirectory ;34 35 protected string UserFilesPath36 {37 get38 {39 if ( sUserFilesPath == null )40 {41 // Try to get from the "Application".42 sUserFilesPath = (string)Application["FCKeditor:UserFilesPath"] ;43 44 // Try to get from the "Session".45 if ( sUserFilesPath == null || sUserFilesPath.Length == 0 )46 {47 sUserFilesPath = (string)Session["FCKeditor:UserFilesPath"] ;48 49 // Try to get from the Web.config file.50 if ( sUserFilesPath == null || sUserFilesPath.Length == 0 )51 {52 sUserFilesPath = System.Configuration.ConfigurationSettings.AppSettings["FCKeditor:UserFilesPath"] ;53 54 // Otherwise use the default value.55 if ( sUserFilesPath == null || sUserFilesPath.Length == 0 )56 sUserFilesPath = DEFAULT_USER_FILES_PATH ;57 }58 }59 60 // Check that the user path ends with slash ("/")61 if ( ! sUserFilesPath.EndsWith("/") )62 sUserFilesPath += "/" ;63 64 sUserFilesPath = this.ResolveUrl( sUserFilesPath ) ;65 }66 return sUserFilesPath ;67 }68 }69 70 /// <summary>71 /// The absolution path (server side) of the user files directory. It72 /// is based on the <see cref="FileWorkerBase.UserFilesPath"/>.73 /// </summary>74 protected string UserFilesDirectory75 {76 get77 {78 if ( sUserFilesDirectory == null )79 {80 // Get the local (server) directory path translation.81 sUserFilesDirectory = Server.MapPath( this.UserFilesPath ) ;82 }83 return sUserFilesDirectory ;84 }85 }86 }87 } -
FredCK.FCKeditorV2.vs2005.csproj
110 110 <Compile Include="FCKeditorDesigner.cs"> 111 111 <SubType>Code</SubType> 112 112 </Compile> 113 <Compile Include="FileBrowser Connector.cs">113 <Compile Include="FileBrowser\Config.cs"> 114 114 <SubType>ASPXCodeBehind</SubType> 115 115 </Compile> 116 <Compile Include="File WorkerBase.cs">116 <Compile Include="FileBrowser\Connector.cs"> 117 117 <SubType>ASPXCodeBehind</SubType> 118 118 </Compile> 119 <Compile Include="Uploader.cs"> 119 <Compile Include="FileBrowser\TypeConfig.cs" /> 120 <Compile Include="FileBrowser\TypeConfigList.cs" /> 121 <Compile Include="FileBrowser\FileWorkerBase.cs"> 120 122 <SubType>ASPXCodeBehind</SubType> 121 123 </Compile> 124 <Compile Include="FileBrowser\Uploader.cs"> 125 <SubType>ASPXCodeBehind</SubType> 126 </Compile> 122 127 <Compile Include="Util.cs"> 123 128 <SubType>Code</SubType> 124 129 </Compile> 130 <Compile Include="FileBrowser\XmlResponseHandler.cs" /> 125 131 <Compile Include="XmlUtil.cs"> 126 132 <SubType>Code</SubType> 127 133 </Compile> -
Uploader.cs
1 /*2 * FCKeditor - The text editor for Internet - http://www.fckeditor.net3 * Copyright (C) 2003-2007 Frederico Caldeira Knabben4 *5 * == BEGIN LICENSE ==6 *7 * Licensed under the terms of any of the following licenses at your8 * choice:9 *10 * - GNU General Public License Version 2 or later (the "GPL")11 * http://www.gnu.org/licenses/gpl.html12 *13 * - GNU Lesser General Public License Version 2.1 or later (the "LGPL")14 * http://www.gnu.org/licenses/lgpl.html15 *16 * - Mozilla Public License Version 1.1 or later (the "MPL")17 * http://www.mozilla.org/MPL/MPL-1.1.html18 *19 * == END LICENSE ==20 *21 * This is the code behind of the uploader.aspx page used for Quick Uploads.22 */23 24 using System ;25 using System.Globalization ;26 using System.Xml ;27 using System.Web ;28 29 namespace FredCK.FCKeditorV230 {31 public class Uploader : FileWorkerBase32 {33 protected override void OnLoad(EventArgs e)34 {35 // Get the posted file.36 HttpPostedFile oFile = Request.Files["NewFile"] ;37 38 // Check if the file has been correctly uploaded39 if ( oFile == null || oFile.ContentLength == 0 )40 {41 SendResults( 202 ) ;42 return ;43 }44 45 int iErrorNumber = 0 ;46 string sFileUrl = "" ;47 48 // Get the uploaded file name.49 string sFileName = System.IO.Path.GetFileName( oFile.FileName ) ;50 51 int iCounter = 0 ;52 53 while ( true )54 {55 string sFilePath = System.IO.Path.Combine( this.UserFilesDirectory, sFileName ) ;56 57 if ( System.IO.File.Exists( sFilePath ) )58 {59 iCounter++ ;60 sFileName =61 System.IO.Path.GetFileNameWithoutExtension( oFile.FileName ) +62 "(" + iCounter + ")" +63 System.IO.Path.GetExtension( oFile.FileName ) ;64 65 iErrorNumber = 201 ;66 }67 else68 {69 oFile.SaveAs( sFilePath ) ;70 71 sFileUrl = this.UserFilesPath + sFileName ;72 break ;73 }74 }75 76 SendResults( iErrorNumber, sFileUrl, sFileName ) ;77 }78 79 #region SendResults Method80 81 private void SendResults( int errorNumber )82 {83 SendResults( errorNumber, "", "", "" ) ;84 }85 86 private void SendResults( int errorNumber, string fileUrl, string fileName )87 {88 SendResults( errorNumber, fileUrl, fileName, "" ) ;89 }90 91 private void SendResults( int errorNumber, string fileUrl, string fileName, string customMsg )92 {93 Response.Clear() ;94 95 Response.Write( "<script type=\"text/javascript\">" ) ;96 Response.Write( "window.parent.OnUploadCompleted(" + errorNumber + ",'" + fileUrl.Replace( "'", "\\'" ) + "','" + fileName.Replace( "'", "\\'" ) + "','" + customMsg.Replace( "'", "\\'" ) + "') ;" ) ;97 Response.Write( "</script>" ) ;98 99 Response.End() ;100 }101 102 #endregion103 }104 } -
Util.cs
28 28 29 29 namespace FredCK.FCKeditorV2 30 30 { 31 publicsealed class Util31 internal sealed class Util 32 32 { 33 33 // The "_mkdir" function is used by the "CreateDirectory" method. 34 34 [DllImport("msvcrt.dll", SetLastError=true)] … … 106 106 throw new ApplicationException( "Error calling [msvcrt.dll]:_wmkdir(" + sPath + "), error code: " + iReturn ); 107 107 } 108 108 } 109 110 public static bool ArrayContains( Array array, object value, System.Collections.IComparer comparer ) 111 { 112 foreach ( object item in array ) 113 { 114 if ( comparer.Compare( item, value ) == 0 ) 115 return true; 116 } 117 return false; 118 } 109 119 } 110 120 }