The next generation of the Teknik Services. Written in ASP.NET. Fork for blog tags.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

PasteController.cs 8.1KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192
  1. using System;
  2. using System.Collections.Generic;
  3. using System.Data.Entity;
  4. using System.Linq;
  5. using System.Security.Cryptography;
  6. using System.Text;
  7. using System.Web;
  8. using System.Web.Mvc;
  9. using Teknik.Pygments;
  10. using Teknik.Areas.Error.Controllers;
  11. using Teknik.Areas.Paste.ViewModels;
  12. using Teknik.Areas.Users.Utility;
  13. using Teknik.Controllers;
  14. using Teknik.Filters;
  15. using Teknik.Utilities;
  16. using Teknik.Models;
  17. using Teknik.Attributes;
  18. namespace Teknik.Areas.Paste.Controllers
  19. {
  20. [TeknikAuthorize]
  21. public class PasteController : DefaultController
  22. {
  23. [TrackPageView]
  24. [AllowAnonymous]
  25. public ActionResult Index()
  26. {
  27. ViewBag.Title = "Paste - " + Config.Title;
  28. ViewBag.Description = "Paste your code or text easily and securely. Set an expiration, set a password, or leave it open for the world to see.";
  29. PasteCreateViewModel model = new PasteCreateViewModel();
  30. return View(model);
  31. }
  32. [TrackDownload]
  33. [AllowAnonymous]
  34. public ActionResult ViewPaste(string type, string url, string password)
  35. {
  36. TeknikEntities db = new TeknikEntities();
  37. Models.Paste paste = db.Pastes.Where(p => p.Url == url).FirstOrDefault();
  38. if (paste != null)
  39. {
  40. ViewBag.Title = ((string.IsNullOrEmpty(paste.Title)) ? string.Empty : paste.Title + " - ") + Config.Title + " Paste";
  41. ViewBag.Description = "Paste your code or text easily and securely. Set an expiration, set a password, or leave it open for the world to see.";
  42. // Increment Views
  43. paste.Views += 1;
  44. db.Entry(paste).State = EntityState.Modified;
  45. db.SaveChanges();
  46. // Check Expiration
  47. if (PasteHelper.CheckExpiration(paste))
  48. {
  49. db.Pastes.Remove(paste);
  50. db.SaveChanges();
  51. return Redirect(Url.SubRouteUrl("error", "Error.Http404"));
  52. }
  53. PasteViewModel model = new PasteViewModel();
  54. model.Url = url;
  55. model.Content = paste.Content;
  56. model.Title = paste.Title;
  57. model.Syntax = paste.Syntax;
  58. model.DatePosted = paste.DatePosted;
  59. byte[] data = Encoding.UTF8.GetBytes(paste.Content);
  60. if (User.Identity.IsAuthenticated && type.ToLower() == "full")
  61. {
  62. Users.Models.User user = UserHelper.GetUser(db, User.Identity.Name);
  63. if (user != null)
  64. {
  65. model.Vaults = user.Vaults.ToList();
  66. }
  67. }
  68. // The paste has a password set
  69. if (!string.IsNullOrEmpty(paste.HashedPassword))
  70. {
  71. string hash = string.Empty;
  72. if (!string.IsNullOrEmpty(password))
  73. {
  74. byte[] passBytes = Utilities.SHA384.Hash(paste.Key, password);
  75. hash = passBytes.ToHex();
  76. // We need to convert old pastes to the new password scheme
  77. if (paste.Transfers.ToList().Exists(t => t.Type == TransferTypes.ASCIIPassword))
  78. {
  79. hash = Encoding.ASCII.GetString(passBytes);
  80. // Remove the transfer types
  81. paste.Transfers.Clear();
  82. db.Entry(paste).State = EntityState.Modified;
  83. db.SaveChanges();
  84. }
  85. }
  86. if (string.IsNullOrEmpty(password) || hash != paste.HashedPassword)
  87. {
  88. PasswordViewModel passModel = new PasswordViewModel();
  89. passModel.Url = url;
  90. passModel.Type = type;
  91. // Redirect them to the password request page
  92. return View("~/Areas/Paste/Views/Paste/PasswordNeeded.cshtml", passModel);
  93. }
  94. data = Convert.FromBase64String(paste.Content);
  95. // Now we decrypt the content
  96. byte[] ivBytes = Encoding.Unicode.GetBytes(paste.IV);
  97. byte[] keyBytes = AES.CreateKey(password, ivBytes, paste.KeySize);
  98. data = AES.Decrypt(data, keyBytes, ivBytes);
  99. model.Content = Encoding.Unicode.GetString(data);
  100. }
  101. if (type.ToLower() == "full" || type.ToLower() == "simple")
  102. {
  103. // Transform content into HTML
  104. if (!Highlighter.Lexers.ToList().Exists(l => l.Aliases.Contains(model.Syntax)))
  105. {
  106. model.Syntax = "text";
  107. }
  108. Highlighter highlighter = new Highlighter();
  109. // Add a space in front of the content due to bug with pygment (No idea why yet)
  110. model.Content = highlighter.HighlightToHtml(" " + model.Content, model.Syntax, Config.PasteConfig.SyntaxVisualStyle, generateInlineStyles: true, fragment: true);
  111. }
  112. switch (type.ToLower())
  113. {
  114. case "full":
  115. return View("~/Areas/Paste/Views/Paste/Full.cshtml", model);
  116. case "simple":
  117. return View("~/Areas/Paste/Views/Paste/Simple.cshtml", model);
  118. case "raw":
  119. return Content(model.Content, "text/plain");
  120. case "download":
  121. //Create File
  122. var cd = new System.Net.Mime.ContentDisposition
  123. {
  124. FileName = url,
  125. Inline = true
  126. };
  127. Response.AppendHeader("Content-Disposition", cd.ToString());
  128. return File(data, "application/octet-stream");
  129. default:
  130. return View("~/Areas/Paste/Views/Paste/Full.cshtml", model);
  131. }
  132. }
  133. return Redirect(Url.SubRouteUrl("error", "Error.Http404"));
  134. }
  135. [HttpPost]
  136. [AllowAnonymous]
  137. public ActionResult Paste([Bind(Include = "Content, Title, Syntax, ExpireLength, ExpireUnit, Password, Hide")]PasteCreateViewModel model)
  138. {
  139. if (ModelState.IsValid)
  140. {
  141. if (Config.PasteConfig.Enabled)
  142. {
  143. try
  144. {
  145. using (TeknikEntities db = new TeknikEntities())
  146. {
  147. Models.Paste paste = PasteHelper.CreatePaste(db, model.Content, model.Title, model.Syntax, model.ExpireUnit, model.ExpireLength ?? 1, model.Password, model.Hide);
  148. if (model.ExpireUnit == "view")
  149. {
  150. paste.Views = -1;
  151. }
  152. if (User.Identity.IsAuthenticated)
  153. {
  154. Users.Models.User user = UserHelper.GetUser(db, User.Identity.Name);
  155. if (user != null)
  156. {
  157. paste.UserId = user.UserId;
  158. }
  159. }
  160. db.Pastes.Add(paste);
  161. db.SaveChanges();
  162. return Redirect(Url.SubRouteUrl("p", "Paste.View", new { type = "Full", url = paste.Url }));
  163. }
  164. }
  165. catch (Exception ex)
  166. {
  167. return Redirect(Url.SubRouteUrl("error", "Error.500", new { exception = ex }));
  168. }
  169. }
  170. Redirect(Url.SubRouteUrl("error", "Error.Http403"));
  171. }
  172. return View("~/Areas/Paste/Views/Paste/Index.cshtml", model);
  173. }
  174. }
  175. }