Browse Source

Removed validations as they aren't working for subdomains.

Made upload URLs dependent on the current subdomain.
pull/29/head
Teknikode 7 years ago
parent
commit
886b36cbf1
  1. 7
      Teknik/Areas/Blog/Controllers/BlogController.cs
  2. 16
      Teknik/Areas/Blog/Scripts/Blog.js
  3. 12
      Teknik/Areas/Error/Controllers/ErrorController.cs
  4. 6
      Teknik/Areas/Error/ErrorAreaRegistration.cs
  5. 6
      Teknik/Areas/Home/Controllers/HomeController.cs
  6. 3
      Teknik/Areas/Paste/Controllers/PasteController.cs
  7. 1
      Teknik/Areas/Paste/Views/Paste/Index.cshtml
  8. 7
      Teknik/Areas/Podcast/Controllers/PodcastController.cs
  9. 14
      Teknik/Areas/Podcast/Scripts/Podcast.js
  10. 11
      Teknik/Areas/Profile/Controllers/ProfileController.cs
  11. 6
      Teknik/Areas/Profile/Scripts/Profile.js
  12. 1
      Teknik/Areas/Profile/Views/Profile/Login.cshtml
  13. 1
      Teknik/Areas/Profile/Views/Profile/Register.cshtml
  14. 7
      Teknik/Areas/Upload/Controllers/UploadController.cs
  15. 6
      Teknik/Areas/Upload/Scripts/Upload.js
  16. 10
      Teknik/Areas/Upload/Views/Upload/Index.cshtml
  17. 93
      Teknik/Migrations/Configuration.cs
  18. 5
      Teknik/Scripts/Common.js
  19. 5
      Teknik/Views/Shared/_Layout.cshtml
  20. 7
      Teknik/Web.config

7
Teknik/Areas/Blog/Controllers/BlogController.cs

@ -134,7 +134,6 @@ namespace Teknik.Areas.Blog.Controllers @@ -134,7 +134,6 @@ namespace Teknik.Areas.Blog.Controllers
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult CreatePost(int blogID, string title, string article)
{
if (ModelState.IsValid)
@ -169,7 +168,6 @@ namespace Teknik.Areas.Blog.Controllers @@ -169,7 +168,6 @@ namespace Teknik.Areas.Blog.Controllers
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult EditPost(int postID, string title, string article)
{
if (ModelState.IsValid)
@ -194,7 +192,6 @@ namespace Teknik.Areas.Blog.Controllers @@ -194,7 +192,6 @@ namespace Teknik.Areas.Blog.Controllers
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult PublishPost(int postID, bool publish)
{
if (ModelState.IsValid)
@ -219,7 +216,6 @@ namespace Teknik.Areas.Blog.Controllers @@ -219,7 +216,6 @@ namespace Teknik.Areas.Blog.Controllers
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult DeletePost(int postID)
{
if (ModelState.IsValid)
@ -271,7 +267,6 @@ namespace Teknik.Areas.Blog.Controllers @@ -271,7 +267,6 @@ namespace Teknik.Areas.Blog.Controllers
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult CreateComment(int postID, string article)
{
if (ModelState.IsValid)
@ -295,7 +290,6 @@ namespace Teknik.Areas.Blog.Controllers @@ -295,7 +290,6 @@ namespace Teknik.Areas.Blog.Controllers
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult EditComment(int commentID, string article)
{
if (ModelState.IsValid)
@ -319,7 +313,6 @@ namespace Teknik.Areas.Blog.Controllers @@ -319,7 +313,6 @@ namespace Teknik.Areas.Blog.Controllers
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult DeleteComment(int commentID)
{
if (ModelState.IsValid)

16
Teknik/Areas/Blog/Scripts/Blog.js

@ -7,7 +7,7 @@ @@ -7,7 +7,7 @@
$.ajax({
type: "POST",
url: addPostURL,
data: AddAntiForgeryToken({ blogID: blogID, title: title, article: post }),
data: { blogID: blogID, title: title, article: post },
success: function (html) {
if (html.result) {
window.location.reload();
@ -55,7 +55,7 @@ @@ -55,7 +55,7 @@
$.ajax({
type: "POST",
url: editPostURL,
data: AddAntiForgeryToken({ postID: postID, title: title, article: post }),
data: { postID: postID, title: title, article: post },
success: function (html) {
if (html.result) {
window.location.reload();
@ -76,7 +76,7 @@ @@ -76,7 +76,7 @@
$.ajax({
type: "POST",
url: addCommentURL,
data: AddAntiForgeryToken({ postID: postID, article: post }),
data: { postID: postID, article: post },
success: function (html) {
if (html.result) {
window.location.reload();
@ -113,7 +113,7 @@ @@ -113,7 +113,7 @@
$.ajax({
type: "POST",
url: editCommentURL,
data: AddAntiForgeryToken({ commentID: postID, article: post }),
data: { commentID: postID, article: post },
success: function (html) {
if (html.result) {
window.location.reload();
@ -185,7 +185,7 @@ function linkPostUnpublish(selector) { @@ -185,7 +185,7 @@ function linkPostUnpublish(selector) {
$.ajax({
type: "POST",
url: publishPostURL,
data: AddAntiForgeryToken({ postID: post_id, publish: false }),
data: { postID: post_id, publish: false },
success: function (html) {
if (html.result) {
window.location.reload();
@ -206,7 +206,7 @@ function linkPostPublish(selector) { @@ -206,7 +206,7 @@ function linkPostPublish(selector) {
$.ajax({
type: "POST",
url: publishPostURL,
data: AddAntiForgeryToken({postID: post_id, publish: true }),
data: {postID: post_id, publish: true },
success: function (html) {
if (html.result) {
window.location.reload();
@ -229,7 +229,7 @@ function linkPostDelete(selector) { @@ -229,7 +229,7 @@ function linkPostDelete(selector) {
$.ajax({
type: "POST",
url: deletePostURL,
data: AddAntiForgeryToken({ postID: post_id }),
data: { postID: post_id },
success: function (html) {
if (html.result) {
window.location.reload();
@ -254,7 +254,7 @@ function linkCommentDelete(selector) { @@ -254,7 +254,7 @@ function linkCommentDelete(selector) {
$.ajax({
type: "POST",
url: deleteCommentURL,
data: AddAntiForgeryToken({ commentID: post_id }),
data: { commentID: post_id },
success: function (html) {
if (html.result) {
window.location.reload();

12
Teknik/Areas/Error/Controllers/ErrorController.cs

@ -29,9 +29,6 @@ namespace Teknik.Areas.Error.Controllers @@ -29,9 +29,6 @@ namespace Teknik.Areas.Error.Controllers
{
ViewBag.Title = "Http Exception - " + Config.Title;
if (Response != null)
Response.StatusCode = (exception as HttpException).GetHttpCode();
ErrorViewModel model = new ErrorViewModel();
model.Description = exception.Message;
model.Exception = exception;
@ -45,9 +42,6 @@ namespace Teknik.Areas.Error.Controllers @@ -45,9 +42,6 @@ namespace Teknik.Areas.Error.Controllers
ViewBag.Title = "403 - " + Config.Title;
ViewBag.Message = "Access Denied";
if (Response != null)
Response.StatusCode = 403;
ErrorViewModel model = new ErrorViewModel();
model.Exception = exception;
@ -59,9 +53,6 @@ namespace Teknik.Areas.Error.Controllers @@ -59,9 +53,6 @@ namespace Teknik.Areas.Error.Controllers
{
ViewBag.Title = "404 - " + Config.Title;
ViewBag.Message = "Uh Oh, can't find it!";
if (Response != null)
Response.StatusCode = 404;
ErrorViewModel model = new ErrorViewModel();
model.Exception = exception;
@ -75,9 +66,6 @@ namespace Teknik.Areas.Error.Controllers @@ -75,9 +66,6 @@ namespace Teknik.Areas.Error.Controllers
ViewBag.Title = "500 - " + Config.Title;
ViewBag.Message = "Something Borked";
if (Response != null)
Response.StatusCode = 500;
ErrorViewModel model = new ErrorViewModel();
model.Exception = exception;

6
Teknik/Areas/Error/ErrorAreaRegistration.cs

@ -17,21 +17,21 @@ namespace Teknik.Areas.Error @@ -17,21 +17,21 @@ namespace Teknik.Areas.Error
{
context.MapSubdomainRoute(
"Error.Http404", // Route name
new List<string>() { "*" }, // Subdomains
new List<string>() { "*", "error" }, // Subdomains
"404", // URL with parameters
new { controller = "Error", action = "Http404" }, // Parameter defaults
new[] { typeof(Controllers.ErrorController).Namespace }
);
context.MapSubdomainRoute(
"Error.Http403", // Route name
new List<string>() { "*" }, // Subdomains
new List<string>() { "*", "error" }, // Subdomains
"403", // URL with parameters
new { controller = "Error", action = "Http403" }, // Parameter defaults
new[] { typeof(Controllers.ErrorController).Namespace }
);
context.MapSubdomainRoute(
"Error.Http500", // Route name
new List<string>() { "*" }, // Subdomains
new List<string>() { "*", "error" }, // Subdomains
"500", // URL with parameters
new { controller = "Error", action = "Http500" }, // Parameter defaults
new[] { typeof(Controllers.ErrorController).Namespace }

6
Teknik/Areas/Home/Controllers/HomeController.cs

@ -23,17 +23,17 @@ namespace Teknik.Areas.Home.Controllers @@ -23,17 +23,17 @@ namespace Teknik.Areas.Home.Controllers
HomeViewModel model = new HomeViewModel();
// Grab the latest site blog posts
List<BlogPost> lastSite = new List<BlogPost>();
var foundSite = db.BlogPosts.Include("Blog").Include("Blog.User").OrderBy(post => post.DatePosted).Where(p => p.Published && p.System).Take(10);
var foundSite = db.BlogPosts.Include("Blog").Include("Blog.User").OrderByDescending(post => post.DatePosted).Where(p => p.Published && p.System).Take(5);
if (foundSite != null)
lastSite = foundSite.ToList();
// Grab the latest user blog posts
List<BlogPost> lastPosts = new List<BlogPost>();
var foundPosts = db.BlogPosts.Include("Blog").Include("Blog.User").OrderBy(post => post.DatePosted).Where(p => p.Published && !p.System).Take(10);
var foundPosts = db.BlogPosts.Include("Blog").Include("Blog.User").OrderByDescending(post => post.DatePosted).Where(p => p.Published && !p.System).Take(5);
if (foundPosts != null)
lastPosts = foundPosts.ToList();
// Grab the latest podcasts
List<Podcast.Models.Podcast> lastPods = new List<Podcast.Models.Podcast>();
var foundPods = db.Podcasts.OrderBy(post => post.DatePosted).Where(p => p.Published).Take(10);
var foundPods = db.Podcasts.OrderByDescending(post => post.DatePosted).Where(p => p.Published).Take(5);
if (foundPods != null)
lastPods = foundPods.ToList();

3
Teknik/Areas/Paste/Controllers/PasteController.cs

@ -102,7 +102,6 @@ namespace Teknik.Areas.Paste.Controllers @@ -102,7 +102,6 @@ namespace Teknik.Areas.Paste.Controllers
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Paste([Bind(Include = "Content, Title, Syntax, ExpireLength, ExpireUnit, Password, Hide")]PasteCreateViewModel model)
{
if (ModelState.IsValid)
@ -130,7 +129,7 @@ namespace Teknik.Areas.Paste.Controllers @@ -130,7 +129,7 @@ namespace Teknik.Areas.Paste.Controllers
db.Pastes.Add(paste);
db.SaveChanges();
return Redirect(Url.SubRouteUrl("paste", "Paste.View", new { type = "Full", url = paste.Url, password = model.Password }));
return Redirect(Url.SubRouteUrl("p", "Paste.View", new { type = "Full", url = paste.Url, password = model.Password }));
}
catch (Exception ex)
{

1
Teknik/Areas/Paste/Views/Paste/Index.cshtml

@ -14,7 +14,6 @@ @@ -14,7 +14,6 @@
<div class="row">
<div class="col-sm-12">
<form class="form-horizontal" name="editor" method="post" action="@Url.SubRouteUrl("paste", "Paste.Action", new { action = "Paste" })">
@Html.AntiForgeryToken()
<div class="form-group">
<div class="col-sm-10 col-sm-offset-1">
<textarea class="form-control" name="Content" id="content" rows="20"></textarea>

7
Teknik/Areas/Podcast/Controllers/PodcastController.cs

@ -156,7 +156,6 @@ namespace Teknik.Areas.Podcast.Controllers @@ -156,7 +156,6 @@ namespace Teknik.Areas.Podcast.Controllers
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult CreatePodcast(int episode, string title, string description)
{
if (ModelState.IsValid)
@ -223,7 +222,6 @@ namespace Teknik.Areas.Podcast.Controllers @@ -223,7 +222,6 @@ namespace Teknik.Areas.Podcast.Controllers
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult EditPodcast(int podcastId, int episode, string title, string description)
{
if (ModelState.IsValid)
@ -253,7 +251,6 @@ namespace Teknik.Areas.Podcast.Controllers @@ -253,7 +251,6 @@ namespace Teknik.Areas.Podcast.Controllers
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult PublishPodcast(int podcastId, bool publish)
{
if (ModelState.IsValid)
@ -278,7 +275,6 @@ namespace Teknik.Areas.Podcast.Controllers @@ -278,7 +275,6 @@ namespace Teknik.Areas.Podcast.Controllers
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult DeletePodcast(int podcastId)
{
if (ModelState.IsValid)
@ -330,7 +326,6 @@ namespace Teknik.Areas.Podcast.Controllers @@ -330,7 +326,6 @@ namespace Teknik.Areas.Podcast.Controllers
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult CreateComment(int podcastId, string article)
{
if (ModelState.IsValid)
@ -354,7 +349,6 @@ namespace Teknik.Areas.Podcast.Controllers @@ -354,7 +349,6 @@ namespace Teknik.Areas.Podcast.Controllers
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult EditComment(int commentID, string article)
{
if (ModelState.IsValid)
@ -378,7 +372,6 @@ namespace Teknik.Areas.Podcast.Controllers @@ -378,7 +372,6 @@ namespace Teknik.Areas.Podcast.Controllers
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult DeleteComment(int commentID)
{
if (ModelState.IsValid)

14
Teknik/Areas/Podcast/Scripts/Podcast.js

@ -81,7 +81,7 @@ @@ -81,7 +81,7 @@
$.ajax({
type: "POST",
url: editPodcastURL,
data: AddAntiForgeryToken({ podcastId: podcastId, episode: episode, title: title, description: description }),
data: { podcastId: podcastId, episode: episode, title: title, description: description },
success: function (html) {
if (html.result) {
window.location.reload();
@ -102,7 +102,7 @@ @@ -102,7 +102,7 @@
$.ajax({
type: "POST",
url: addCommentURL,
data: AddAntiForgeryToken({ podcastId: postID, article: post }),
data: { podcastId: postID, article: post },
success: function (html) {
if (html.result) {
window.location.reload();
@ -139,7 +139,7 @@ @@ -139,7 +139,7 @@
$.ajax({
type: "POST",
url: editCommentURL,
data: AddAntiForgeryToken({ commentID: postID, article: post }),
data: { commentID: postID, article: post },
success: function (html) {
if (html.result) {
window.location.reload();
@ -211,7 +211,7 @@ function linkPodcastUnpublish(selector) { @@ -211,7 +211,7 @@ function linkPodcastUnpublish(selector) {
$.ajax({
type: "POST",
url: publishPodcastURL,
data: AddAntiForgeryToken({ podcastId: podcastId, publish: false }),
data: { podcastId: podcastId, publish: false },
success: function (html) {
if (html.result) {
window.location.reload();
@ -232,7 +232,7 @@ function linkPodcastPublish(selector) { @@ -232,7 +232,7 @@ function linkPodcastPublish(selector) {
$.ajax({
type: "POST",
url: publishPodcastURL,
data: AddAntiForgeryToken({ podcastId: podcastId, publish: true }),
data: { podcastId: podcastId, publish: true },
success: function (html) {
if (html.result) {
window.location.reload();
@ -255,7 +255,7 @@ function linkPodcastDelete(selector) { @@ -255,7 +255,7 @@ function linkPodcastDelete(selector) {
$.ajax({
type: "POST",
url: deletePodcastURL,
data: AddAntiForgeryToken({ podcastId: podcastId }),
data: { podcastId: podcastId },
success: function (html) {
if (html.result) {
window.location.reload();
@ -280,7 +280,7 @@ function linkCommentDelete(selector) { @@ -280,7 +280,7 @@ function linkCommentDelete(selector) {
$.ajax({
type: "POST",
url: deleteCommentURL,
data: AddAntiForgeryToken({ commentID: post_id }),
data: { commentID: post_id },
success: function (html) {
if (html.result) {
window.location.reload();

11
Teknik/Areas/Profile/Controllers/ProfileController.cs

@ -114,7 +114,6 @@ namespace Teknik.Areas.Profile.Controllers @@ -114,7 +114,6 @@ namespace Teknik.Areas.Profile.Controllers
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginViewModel model)
{
if (ModelState.IsValid)
@ -138,7 +137,12 @@ namespace Teknik.Areas.Profile.Controllers @@ -138,7 +137,12 @@ namespace Teknik.Areas.Profile.Controllers
db.Entry(user).State = EntityState.Modified;
db.SaveChanges();
}
FormsAuthentication.SetAuthCookie(model.Username, model.RememberMe);
HttpCookie authcookie = FormsAuthentication.GetAuthCookie(model.Username, model.RememberMe);
authcookie.Domain = string.Format(".{0}", Config.Host);
authcookie.HttpOnly = true;
authcookie.Secure = true;
Response.AppendCookie(authcookie);
if (string.IsNullOrEmpty(model.ReturnUrl))
{
return Json(new { result = "true" });
@ -172,7 +176,6 @@ namespace Teknik.Areas.Profile.Controllers @@ -172,7 +176,6 @@ namespace Teknik.Areas.Profile.Controllers
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Register(RegisterViewModel model)
{
if (ModelState.IsValid)
@ -261,7 +264,6 @@ namespace Teknik.Areas.Profile.Controllers @@ -261,7 +264,6 @@ namespace Teknik.Areas.Profile.Controllers
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Edit(string curPass, string newPass, string newPassConfirm, string website, string quote, string about, string blogTitle, string blogDesc, bool saveKey, bool serverSideEncrypt)
{
if (ModelState.IsValid)
@ -332,7 +334,6 @@ namespace Teknik.Areas.Profile.Controllers @@ -332,7 +334,6 @@ namespace Teknik.Areas.Profile.Controllers
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Delete()
{
if (ModelState.IsValid)

6
Teknik/Areas/Profile/Scripts/Profile.js

@ -8,7 +8,7 @@ @@ -8,7 +8,7 @@
$.ajax({
type: "POST",
url: deleteUserURL,
data: AddAntiForgeryToken({}),
data: {},
success: function (html) {
if (html.result) {
window.location.replace(homeUrl);
@ -40,7 +40,7 @@ @@ -40,7 +40,7 @@
$.ajax({
type: "POST",
url: editUserURL,
data: AddAntiForgeryToken({
data: {
curPass: current_password,
newPass: password,
newPassConfirm: password_confirm,
@ -51,7 +51,7 @@ @@ -51,7 +51,7 @@
blogDesc: blog_desc,
saveKey: upload_saveKey,
serverSideEncrypt: upload_serverSideEncrypt
}),
},
success: function (html) {
if (html.result) {
$.unblockUI();

1
Teknik/Areas/Profile/Views/Profile/Login.cshtml

@ -3,7 +3,6 @@ @@ -3,7 +3,6 @@
@if (Model.Config.UserConfig.LoginEnabled)
{
<form role="form" id="loginForm" action="@Url.SubRouteUrl("profile", "Profile.Login")" method="post" accept-charset="UTF-8">
@Html.AntiForgeryToken()
<input name="ReturnUrl" id="ReturnUrl" type="hidden" value="@Model.ReturnUrl" />
<div class="form-group">
<input type="text" class="form-control" id="Username" value="" placeholder="Username" name="Username" data-val-required="The Username field is required." data-val="true" />

1
Teknik/Areas/Profile/Views/Profile/Register.cshtml

@ -3,7 +3,6 @@ @@ -3,7 +3,6 @@
@if (Model.Config.UserConfig.RegistrationEnabled)
{
<form role="form" id="registrationForm" action="@Url.SubRouteUrl("profile", "Profile.Register")" method="post" accept-charset="UTF-8">
@Html.AntiForgeryToken()
<input name="ReturnUrl" id="ReturnUrl" type="hidden" value="@Model.ReturnUrl" />
<div class="form-group">
<input type="text" class="form-control" id="Username" value="" placeholder="Username" name="Username" data-val-required="The Username field is required." data-val="true"/>

7
Teknik/Areas/Upload/Controllers/UploadController.cs

@ -41,7 +41,6 @@ namespace Teknik.Areas.Upload.Controllers @@ -41,7 +41,6 @@ namespace Teknik.Areas.Upload.Controllers
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Upload(string fileType, string fileExt, string iv, int keySize, int blockSize, bool encrypt, bool saveKey, HttpPostedFileWrapper data, string key = null)
{
if (Config.UploadConfig.UploadEnabled)
@ -83,7 +82,7 @@ namespace Teknik.Areas.Upload.Controllers @@ -83,7 +82,7 @@ namespace Teknik.Areas.Upload.Controllers
db.SaveChanges();
}
}
return Json(new { result = new { name = upload.Url, url = Url.SubRouteUrl("upload", "Upload.Download", new { file = upload.Url }), key = key } }, "text/plain");
return Json(new { result = new { name = upload.Url, url = Url.SubRouteUrl("u", "Upload.Download", new { file = upload.Url }), key = key } }, "text/plain");
}
return Json(new { error = "Unable to upload file" });
}
@ -156,7 +155,6 @@ namespace Teknik.Areas.Upload.Controllers @@ -156,7 +155,6 @@ namespace Teknik.Areas.Upload.Controllers
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public FileResult DownloadData(string file)
{
if (Config.UploadConfig.DownloadEnabled)
@ -230,7 +228,6 @@ namespace Teknik.Areas.Upload.Controllers @@ -230,7 +228,6 @@ namespace Teknik.Areas.Upload.Controllers
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult GenerateDeleteKey(string file)
{
Models.Upload upload = db.Uploads.Where(up => up.Url == file).FirstOrDefault();
@ -247,7 +244,6 @@ namespace Teknik.Areas.Upload.Controllers @@ -247,7 +244,6 @@ namespace Teknik.Areas.Upload.Controllers
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult SaveFileKey(string file, string key)
{
Models.Upload upload = db.Uploads.Where(up => up.Url == file).FirstOrDefault();
@ -263,7 +259,6 @@ namespace Teknik.Areas.Upload.Controllers @@ -263,7 +259,6 @@ namespace Teknik.Areas.Upload.Controllers
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult RemoveFileKey(string file, string key)
{
Models.Upload upload = db.Uploads.Where(up => up.Url == file).FirstOrDefault();

6
Teknik/Areas/Upload/Scripts/Upload.js

@ -11,7 +11,7 @@ function linkSaveKey(selector, uploadID, key, fileID) { @@ -11,7 +11,7 @@ function linkSaveKey(selector, uploadID, key, fileID) {
$.ajax({
type: "POST",
url: saveKeyToServerURL,
data: AddAntiForgeryToken({ file: uploadID, key: key }),
data: { file: uploadID, key: key },
success: function (html) {
if (html.result) {
$('#key-link-' + fileID).html('<button type="button" class="btn btn-default btn-sm" id="remove-key-link-' + fileID + '">Remove Key From Server</button>');
@ -33,7 +33,7 @@ function linkRemoveKey(selector, uploadID, key, fileID) { @@ -33,7 +33,7 @@ function linkRemoveKey(selector, uploadID, key, fileID) {
$.ajax({
type: "POST",
url: removeKeyFromServerURL,
data: AddAntiForgeryToken({ file: uploadID, key: key }),
data: { file: uploadID, key: key },
success: function (html) {
if (html.result) {
$('#key-link-' + fileID).html('<button type="button" class="btn btn-default btn-sm" id="save-key-link-' + fileID + '">Save Key To Server</button>');
@ -55,7 +55,7 @@ function linkUploadDelete(selector, uploadID) { @@ -55,7 +55,7 @@ function linkUploadDelete(selector, uploadID) {
$.ajax({
type: "POST",
url: generateDeleteKeyURL,
data: AddAntiForgeryToken({ file: uploadID }),
data: { file: uploadID },
success: function (html) {
if (html.result) {
bootbox.dialog({

10
Teknik/Areas/Upload/Views/Upload/Index.cshtml

@ -1,12 +1,14 @@ @@ -1,12 +1,14 @@
@model Teknik.Areas.Upload.ViewModels.UploadViewModel
@using Teknik.Helpers
<script>
var encScriptSrc = '@Scripts.Url("~/bundles/cryptoWorker")';
var aesScriptSrc = '@Scripts.Url("~/bundles/crypto")';
var generateDeleteKeyURL = '@Url.SubRouteUrl("upload", "Upload.Action", new { action= "GenerateDeleteKey" })';
var saveKeyToServerURL = '@Url.SubRouteUrl("upload", "Upload.Action", new { action= "SaveFileKey" })';
var removeKeyFromServerURL = '@Url.SubRouteUrl("upload", "Upload.Action", new { action= "RemoveFileKey" })';
var uploadFileURL = '@Url.SubRouteUrl("upload", "Upload.Action", new { action = "Upload" })';
var generateDeleteKeyURL = '@Url.SubRouteUrl(Request.Url.Authority.GetSubdomain(), "Upload.Action", new { action= "GenerateDeleteKey" })';
var saveKeyToServerURL = '@Url.SubRouteUrl(Request.Url.Authority.GetSubdomain(), "Upload.Action", new { action= "SaveFileKey" })';
var removeKeyFromServerURL = '@Url.SubRouteUrl(Request.Url.Authority.GetSubdomain(), "Upload.Action", new { action= "RemoveFileKey" })';
var uploadFileURL = '@Url.SubRouteUrl(Request.Url.Authority.GetSubdomain(), "Upload.Action", new { action = "Upload" })';
var maxUploadSize = @Model.Config.UploadConfig.MaxUploadSize;
var chunkSize = @Model.Config.UploadConfig.ChunkSize;
var keySize = @Model.Config.UploadConfig.KeySize;

93
Teknik/Migrations/Configuration.cs

@ -22,10 +22,11 @@ namespace Teknik.Migrations @@ -22,10 +22,11 @@ namespace Teknik.Migrations
protected override void Seed(Models.TeknikEntities context)
{
Config config = Config.Load();
// Pre-populate with the default stuff
// Create system blog
/*
Config config = Config.Load();
Areas.Profile.Models.User systemUser = new Areas.Profile.Models.User();
systemUser.Username = Constants.SERVERUSER;
systemUser.JoinDate = DateTime.Now;
@ -74,15 +75,14 @@ namespace Teknik.Migrations @@ -74,15 +75,14 @@ namespace Teknik.Migrations
context.Groups.AddOrUpdate(memberGroup);
context.SaveChanges();
if (config.DatabaseConfig.Migrate && !config.DevEnvironment)
{
config.DatabaseConfig.Migrate = false;
Config.Save(config);
// Convert legacy MySQL DB to new MS SQL DB
MysqlDatabase db = new MysqlDatabase(config.DatabaseConfig);
db.MysqlErrorEvent += Db_MysqlErrorEvent;
config.DatabaseConfig.Migrate = false;
Config.Save(config);
// Transfer transactions
var transRet = db.Query("SELECT * FROM `transactions`");
@ -120,7 +120,6 @@ namespace Teknik.Migrations @@ -120,7 +120,6 @@ namespace Teknik.Migrations
}
}
context.SaveChanges();
// Transfer Users and Blogs/Posts
Dictionary<int, int> userMapping = new Dictionary<int, int>();
Dictionary<int, int> postMapping = new Dictionary<int, int>();
@ -146,13 +145,18 @@ namespace Teknik.Migrations @@ -146,13 +145,18 @@ namespace Teknik.Migrations
{
newUser.Groups.Add(adminGroup);
}
context.Users.AddOrUpdate(newUser);
context.SaveChanges();
int oldUserId = Int32.Parse(user["id"].ToString());
int userId = newUser.UserId;
userMapping.Add(oldUserId, userId);
string oldUsername = user["username"].ToString();
Areas.Profile.Models.User newUser = context.Users.Where(u => u.Username == oldUsername).FirstOrDefault();
if (newUser != null)
{
int oldUserId = Int32.Parse(user["id"].ToString());
int userId = newUser.UserId;
userMapping.Add(oldUserId, userId);
}
// Create Blog for user
Areas.Blog.Models.Blog newBlog = new Areas.Blog.Models.Blog();
newBlog.UserId = userId;
@ -195,7 +199,7 @@ namespace Teknik.Migrations @@ -195,7 +199,7 @@ namespace Teknik.Migrations
}
}
}
// Transfer Blog Comments
var commentRet = db.Query("SELECT * FROM `comments` WHERE `service` = {0}", new object[] { "blog" });
foreach (var comment in commentRet)
@ -214,13 +218,14 @@ namespace Teknik.Migrations @@ -214,13 +218,14 @@ namespace Teknik.Migrations
context.SaveChanges();
}
}
// Transfer Pastes
var pasteRet = db.Query("SELECT * FROM `paste`");
foreach (var paste in pasteRet)
{
string pass = paste["password"].ToString();
// If it's a password protected paste, we just skip it
if (paste["password"] == null)
if (string.IsNullOrEmpty(pass) || pass == "EMPTY")
{
string content = paste["code"].ToString();
string title = paste["title"].ToString();
@ -237,53 +242,57 @@ namespace Teknik.Migrations @@ -237,53 +242,57 @@ namespace Teknik.Migrations
context.SaveChanges();
}
}
// Transfer Uploads
var uploadRet = db.Query("SELECT * FROM `uploads`");
foreach (var upload in uploadRet)
{
string url = upload["url"].ToString();
string fileType = upload["type"].ToString();
int contentLength = Int32.Parse(upload["filesize"].ToString());
string deleteKey = upload["delete_key"].ToString();
int userId = Int32.Parse(upload["user_id"].ToString());
DateTime uploadDate = DateTime.Parse(upload["upload_date"].ToString());
string fullUrl = string.Format("https://u.teknik.io/{0}", url);
string fileExt = Path.GetExtension(fullUrl);
// Download the old file and re-upload it
using (WebClient client = new WebClient())
Areas.Upload.Models.Upload upFound = context.Uploads.Where(u => u.Url == url).FirstOrDefault();
if (upFound == null)
{
try
{
byte[] fileData = client.DownloadData(fullUrl);
// Generate key and iv if empty
string key = Utility.RandomString(config.UploadConfig.KeySize / 8);
string iv = Utility.RandomString(config.UploadConfig.BlockSize / 8);
string fileType = upload["type"].ToString();
int contentLength = Int32.Parse(upload["filesize"].ToString());
string deleteKey = upload["delete_key"].ToString();
int userId = Int32.Parse(upload["user_id"].ToString());
DateTime uploadDate = DateTime.Parse(upload["upload_date"].ToString());
string fullUrl = string.Format("https://u.teknik.io/{0}", url);
string fileExt = Path.GetExtension(fullUrl);
fileData = AES.Encrypt(fileData, key, iv);
if (fileData == null || fileData.Length <= 0)
// Download the old file and re-upload it
using (WebClient client = new WebClient())
{
try
{
continue;
byte[] fileData = client.DownloadData(fullUrl);
// Generate key and iv if empty
string key = Utility.RandomString(config.UploadConfig.KeySize / 8);
string iv = Utility.RandomString(config.UploadConfig.BlockSize / 8);
fileData = AES.Encrypt(fileData, key, iv);
if (fileData == null || fileData.Length <= 0)
{
continue;
}
Areas.Upload.Models.Upload up = Uploader.SaveFile(fileData, fileType, contentLength, fileExt, iv, key, config.UploadConfig.KeySize, config.UploadConfig.BlockSize);
if (userMapping.ContainsKey(userId))
up.UserId = userMapping[userId];
if (!string.IsNullOrEmpty(deleteKey))
up.DeleteKey = deleteKey;
up.Url = url;
context.Uploads.Add(up);
context.SaveChanges();
}
Areas.Upload.Models.Upload up = Uploader.SaveFile(fileData, fileType, contentLength, fileExt, iv, key, config.UploadConfig.KeySize, config.UploadConfig.BlockSize);
if (userMapping.ContainsKey(userId))
up.UserId = userMapping[userId];
if (!string.IsNullOrEmpty(deleteKey))
up.DeleteKey = deleteKey;
up.Url = url;
context.Uploads.Add(up);
context.SaveChanges();
catch { }
}
catch { }
}
}
}
*/
}
private void Db_MysqlErrorEvent(object sender, string e)
{
throw new NotImplementedException();
//throw new NotImplementedException();
}
}
}

5
Teknik/Scripts/Common.js

@ -1,9 +1,4 @@ @@ -1,9 +1,4 @@
$(document).ready(function () {
AddAntiForgeryToken = function (data) {
data.__RequestVerificationToken = $('#__AjaxAntiForgeryForm input[name=__RequestVerificationToken]').val();
return data;
};
$("#top_msg").css('display', 'none', 'important');
$("#login_dropdown").click(function () {

5
Teknik/Views/Shared/_Layout.cshtml

@ -41,11 +41,6 @@ @@ -41,11 +41,6 @@
</div>
</div>
</noscript>
<!-- Global AntiForgery Token -->
@using (Html.BeginForm(null, null, FormMethod.Post, new { id = "__AjaxAntiForgeryForm" }))
{
@Html.AntiForgeryToken()
}
@RenderBody()
</div>

7
Teknik/Web.config

@ -42,6 +42,13 @@ @@ -42,6 +42,13 @@
<requestLimits maxAllowedContentLength="1073741824" />
</requestFiltering>
</security>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Methods" value="GET, PUT, POST, DELETE, OPTIONS" />
<add name="Access-Control-Allow-Headers" value="Accept, Content-Type" />
</customHeaders>
</httpProtocol>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">

Loading…
Cancel
Save