The next generation of the Teknik Services. Written in ASP.NET. https://www.teknik.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

PasteController.cs 6.8KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167
  1. using System;
  2. using System.Collections.Generic;
  3. using System.Data.Entity;
  4. using System.Linq;
  5. using System.Security.Cryptography;
  6. using System.Text;
  7. using System.Web;
  8. using System.Web.Mvc;
  9. using Teknik.Areas.Error.Controllers;
  10. using Teknik.Areas.Paste.ViewModels;
  11. using Teknik.Areas.Users.Utility;
  12. using Teknik.Controllers;
  13. using Teknik.Filters;
  14. using Teknik.Helpers;
  15. using Teknik.Models;
  16. namespace Teknik.Areas.Paste.Controllers
  17. {
  18. public class PasteController : DefaultController
  19. {
  20. private TeknikEntities db = new TeknikEntities();
  21. [TrackPageView]
  22. [AllowAnonymous]
  23. public ActionResult Index()
  24. {
  25. ViewBag.Title = "Paste - " + Config.Title;
  26. ViewBag.Description = "Paste your code or text easily and securely. Set an expiration, set a password, or leave it open for the world to see.";
  27. PasteCreateViewModel model = new PasteCreateViewModel();
  28. return View(model);
  29. }
  30. [TrackDownload]
  31. [AllowAnonymous]
  32. public ActionResult ViewPaste(string type, string url, string password)
  33. {
  34. Models.Paste paste = db.Pastes.Where(p => p.Url == url).FirstOrDefault();
  35. if (paste != null)
  36. {
  37. ViewBag.Title = ((string.IsNullOrEmpty(paste.Title)) ? string.Empty : paste.Title + " - ") + Config.Title + " Paste";
  38. ViewBag.Description = "Paste your code or text easily and securely. Set an expiration, set a password, or leave it open for the world to see.";
  39. // Increment Views
  40. paste.Views += 1;
  41. db.Entry(paste).State = EntityState.Modified;
  42. db.SaveChanges();
  43. // Check Expiration
  44. if (PasteHelper.CheckExpiration(paste))
  45. {
  46. db.Pastes.Remove(paste);
  47. db.SaveChanges();
  48. return Redirect(Url.SubRouteUrl("error", "Error.Http404"));
  49. }
  50. PasteViewModel model = new PasteViewModel();
  51. model.Url = url;
  52. model.Content = paste.Content;
  53. model.Title = paste.Title;
  54. model.Syntax = paste.Syntax;
  55. model.DatePosted = paste.DatePosted;
  56. byte[] data = Encoding.UTF8.GetBytes(paste.Content);
  57. // The paste has a password set
  58. if (!string.IsNullOrEmpty(paste.HashedPassword))
  59. {
  60. string hash = string.Empty;
  61. if (!string.IsNullOrEmpty(password))
  62. {
  63. byte[] passBytes = Helpers.SHA384.Hash(paste.Key, password);
  64. hash = passBytes.ToHex();
  65. // We need to convert old pastes to the new password scheme
  66. if (paste.Transfers.ToList().Exists(t => t.Type == TransferTypes.ASCIIPassword))
  67. {
  68. hash = Encoding.ASCII.GetString(passBytes);
  69. // Remove the transfer types
  70. paste.Transfers.Clear();
  71. db.Entry(paste).State = EntityState.Modified;
  72. db.SaveChanges();
  73. }
  74. }
  75. if (string.IsNullOrEmpty(password) || hash != paste.HashedPassword)
  76. {
  77. PasswordViewModel passModel = new PasswordViewModel();
  78. passModel.Url = url;
  79. passModel.Type = type;
  80. // Redirect them to the password request page
  81. return View("~/Areas/Paste/Views/Paste/PasswordNeeded.cshtml", passModel);
  82. }
  83. data = Convert.FromBase64String(paste.Content);
  84. // Now we decrypt the content
  85. byte[] ivBytes = Encoding.Unicode.GetBytes(paste.IV);
  86. byte[] keyBytes = AES.CreateKey(password, ivBytes, paste.KeySize);
  87. data = AES.Decrypt(data, keyBytes, ivBytes);
  88. model.Content = Encoding.Unicode.GetString(data);
  89. }
  90. switch (type.ToLower())
  91. {
  92. case "full":
  93. return View("~/Areas/Paste/Views/Paste/Full.cshtml", model);
  94. case "simple":
  95. return View("~/Areas/Paste/Views/Paste/Simple.cshtml", model);
  96. case "raw":
  97. return Content(model.Content, "text/plain");
  98. case "download":
  99. //Create File
  100. var cd = new System.Net.Mime.ContentDisposition
  101. {
  102. FileName = url,
  103. Inline = true
  104. };
  105. Response.AppendHeader("Content-Disposition", cd.ToString());
  106. return File(data, "application/octet-stream");
  107. default:
  108. return View("~/Areas/Paste/Views/Paste/Full.cshtml", model);
  109. }
  110. }
  111. return Redirect(Url.SubRouteUrl("error", "Error.Http404"));
  112. }
  113. [HttpPost]
  114. [AllowAnonymous]
  115. public ActionResult Paste([Bind(Include = "Content, Title, Syntax, ExpireLength, ExpireUnit, Password, Hide")]PasteCreateViewModel model)
  116. {
  117. if (ModelState.IsValid)
  118. {
  119. if (Config.PasteConfig.Enabled)
  120. {
  121. try
  122. {
  123. Models.Paste paste = PasteHelper.CreatePaste(model.Content, model.Title, model.Syntax, model.ExpireUnit, model.ExpireLength ?? 1, model.Password, model.Hide);
  124. if (model.ExpireUnit == "view")
  125. {
  126. paste.Views = -1;
  127. }
  128. if (User.Identity.IsAuthenticated)
  129. {
  130. Users.Models.User user = UserHelper.GetUser(db, User.Identity.Name);
  131. if (user != null)
  132. {
  133. paste.UserId = user.UserId;
  134. }
  135. }
  136. db.Pastes.Add(paste);
  137. db.SaveChanges();
  138. return Redirect(Url.SubRouteUrl("p", "Paste.View", new { type = "Full", url = paste.Url, password = model.Password }));
  139. }
  140. catch (Exception ex)
  141. {
  142. return Redirect(Url.SubRouteUrl("error", "Error.500", new { exception = ex }));
  143. }
  144. }
  145. Redirect(Url.SubRouteUrl("error", "Error.Http403"));
  146. }
  147. return View("~/Areas/Paste/Views/Paste/Index.cshtml", model);
  148. }
  149. }
  150. }