Hey,
Some customers would like to have this functionnality included as soon as possible. I'm not able to add it by myself (i miss time and knowledge about CKFinder), is there any way to find an extenssion which can add that ?
I've seen several threads about this function on this board but i didn't find an issue. Could you help me please ?
Thanks
Regards,
Kolibot
Some customers would like to have this functionnality included as soon as possible. I'm not able to add it by myself (i miss time and knowledge about CKFinder), is there any way to find an extenssion which can add that ?
I've seen several threads about this function on this board but i didn't find an issue. Could you help me please ?
Thanks
Regards,
Kolibot
Re: Uploading Multiple File ?
Re: Uploading Multiple File ?
Re: Uploading Multiple File ?
Wiktor Walc
CTO, CKSource - http://cksource.com
--
Follow CKEditor on: Twitter | Facebook | Google+
Re: Uploading Multiple File ?
Re: Uploading Multiple File ?
Re: Uploading Multiple File ?
Wiktor Walc
CTO, CKSource - http://cksource.com
--
Follow CKEditor on: Twitter | Facebook | Google+
Re: Uploading Multiple File ?
Re: Uploading Multiple File ?
Re: Uploading Multiple File ?
Re: Uploading Multiple File ?
Attachments:
Wiktor Walc
CTO, CKSource - http://cksource.com
--
Follow CKEditor on: Twitter | Facebook | Google+
Re: Uploading Multiple File ?
Re: Uploading Multiple File ?
Re: Uploading Multiple File ?
Re: Uploading Multiple File ?
Re: Uploading Multiple File ?
Re: Uploading Multiple File ?
Re: Uploading Multiple File ?
I can understand that rushing on accesibility was very important, but an ergonomic UI cannot be by pass.
Re: Uploading Multiple File ?
Re: Uploading Multiple File ?
Re: Uploading Multiple File ?
http://dotnetzip.codeplex.com/
/* * CKFinder * ======== * http://ckfinder.com * Copyright (C) 2007-2010, CKSource - Frederico Knabben. All rights reserved. * * The software, this file and its contents are subject to the CKFinder * License. Please read the license.txt file before using, installing, copying, * modifying or distribute this file or part of its contents. The contents of * this file is part of the Source Code of CKFinder. */ using System; using System.IO; using System.IO.Compression; using System.Net.Mail; using System.Web; using System.Text.RegularExpressions; using Ionic.Zip; namespace CKFinder.Connector.CommandHandlers { internal class FileUploadCommandHandler : CommandHandlerBase { public FileUploadCommandHandler() : base() { } public override void SendResponse( System.Web.HttpResponse response ) { int iErrorNumber = 0; string sFileName = ""; string sFilePath = ""; string sUnsafeFileName = ""; try { this.CheckConnector(); this.CheckRequest(); if ( !this.CurrentFolder.CheckAcl( AccessControlRules.FileUpload ) ) { ConnectorException.Throw( Errors.Unauthorized ); } HttpPostedFile oFile = HttpContext.Current.Request.Files[HttpContext.Current.Request.Files.AllKeys[0]]; if ( oFile != null ) { if (System.IO.Path.GetExtension(oFile.FileName) == ".zip") { // Create a temporary directory to store the raw unzipped files. The files will follow the normal file upload validation later in the code. string sUnzippedDirectory = this.CurrentFolder.ServerPath + "temp"; // Read the files from the HttpPostedFile (oFile) into the ZipFile object ZipFile zip = ZipFile.Read(oFile.InputStream); foreach (ZipEntry file in zip) { // Extract the individual files in the zip file to a temp directory file.Extract(sUnzippedDirectory); } // Cycle through each file in the temp directory foreach (string file in System.IO.Directory.GetFiles(sUnzippedDirectory)) { // Get the file name from the file in the temp directory sUnsafeFileName = new FileInfo(file).Name; sFileName = Regex.Replace(sUnsafeFileName, @"[\:\*\?\|\/]", "_", RegexOptions.None); if (sFileName != sUnsafeFileName) iErrorNumber = Errors.UploadedInvalidNameRenamed; if (Connector.CheckFileName(sFileName) && !Config.Current.CheckIsHiddenFile(sFileName)) { // Replace dots in the name with underscores (only one dot can be there... security issue). if (Config.Current.ForceSingleExtension) sFileName = Regex.Replace(sFileName, @"\.(?![^.]*$)", "_", RegexOptions.None); if (!Config.Current.CheckSizeAfterScaling && this.CurrentFolder.ResourceTypeInfo.MaxSize > 0 && file.Length > this.CurrentFolder.ResourceTypeInfo.MaxSize) ConnectorException.Throw(Errors.UploadedTooBig); string sExtension = System.IO.Path.GetExtension(file); sExtension = sExtension.TrimStart('.'); if (!this.CurrentFolder.ResourceTypeInfo.CheckExtension(sExtension)) ConnectorException.Throw(Errors.InvalidExtension); /* * Although the files in my tests were all "jpg" files they did not pass the following NonHtml checks, so I had to comment out the following * error trapping code. */ //if (Config.Current.CheckIsNonHtmlExtension(sExtension) && !this.CheckNonHtmlFile(oFile)) // ConnectorException.Throw(Errors.UploadedWrongHtmlFile); // Map the virtual path to the local server path. string sServerDir = this.CurrentFolder.ServerPath; string sFileNameNoExt = System.IO.Path.GetFileNameWithoutExtension(sFileName); // Full path to file in the temp directory string sTempFile = System.IO.Path.Combine(sUnzippedDirectory, sFileName); int iCounter = 0; while (true) { sFilePath = System.IO.Path.Combine(sServerDir, sFileName); if (System.IO.File.Exists(sFilePath)) { iCounter++; sFileName = sFileNameNoExt + "(" + iCounter + ")" + System.IO.Path.GetExtension(file); iErrorNumber = Errors.UploadedFileRenamed; } else { /* * Since we are uploading the files in the HttpPostedFile (oFile) and not the HttpPostedFile itself * the following line needs to be removed... */ //oFile.SaveAs(sFilePath); /* * ...and replace with... */ System.IO.File.Move(sTempFile, sFilePath); // Use the default file verification code if (Config.Current.SecureImageUploads && ImageTools.IsImageExtension(sExtension) && !ImageTools.ValidateImage(sFilePath)) { System.IO.File.Delete(sFilePath); ConnectorException.Throw(Errors.UploadedCorrupt); } Settings.Images imagesSettings = Config.Current.Images; if (imagesSettings.MaxHeight > 0 && imagesSettings.MaxWidth > 0) { ImageTools.ResizeImage(sFilePath, sFilePath, imagesSettings.MaxWidth, imagesSettings.MaxHeight, true, imagesSettings.Quality); if (Config.Current.CheckSizeAfterScaling && this.CurrentFolder.ResourceTypeInfo.MaxSize > 0) { long fileSize = new System.IO.FileInfo(sFilePath).Length; if (fileSize > this.CurrentFolder.ResourceTypeInfo.MaxSize) { System.IO.File.Delete(sFilePath); ConnectorException.Throw(Errors.UploadedTooBig); } } } break; } } } else ConnectorException.Throw(Errors.InvalidName); } // Remove the temp directory as it is no longer needed and contains no files. System.IO.Directory.Delete(sUnzippedDirectory); } /* * Below is the code for uploading non-zip files. This code remains unchanged. */ else { sUnsafeFileName = System.IO.Path.GetFileName(oFile.FileName); sFileName = Regex.Replace(sUnsafeFileName, @"[\:\*\?\|\/]", "_", RegexOptions.None); if (sFileName != sUnsafeFileName) iErrorNumber = Errors.UploadedInvalidNameRenamed; if (Connector.CheckFileName(sFileName) && !Config.Current.CheckIsHiddenFile(sFileName)) { // Replace dots in the name with underscores (only one dot can be there... security issue). if (Config.Current.ForceSingleExtension) sFileName = Regex.Replace(sFileName, @"\.(?![^.]*$)", "_", RegexOptions.None); if (!Config.Current.CheckSizeAfterScaling && this.CurrentFolder.ResourceTypeInfo.MaxSize > 0 && oFile.ContentLength > this.CurrentFolder.ResourceTypeInfo.MaxSize) ConnectorException.Throw(Errors.UploadedTooBig); string sExtension = System.IO.Path.GetExtension(oFile.FileName); sExtension = sExtension.TrimStart('.'); if (!this.CurrentFolder.ResourceTypeInfo.CheckExtension(sExtension)) ConnectorException.Throw(Errors.InvalidExtension); if (Config.Current.CheckIsNonHtmlExtension(sExtension) && !this.CheckNonHtmlFile(oFile)) ConnectorException.Throw(Errors.UploadedWrongHtmlFile); // Map the virtual path to the local server path. string sServerDir = this.CurrentFolder.ServerPath; string sFileNameNoExt = System.IO.Path.GetFileNameWithoutExtension(sFileName); int iCounter = 0; while (true) { sFilePath = System.IO.Path.Combine(sServerDir, sFileName); if (System.IO.File.Exists(sFilePath)) { iCounter++; sFileName = sFileNameNoExt + "(" + iCounter + ")" + System.IO.Path.GetExtension(oFile.FileName); iErrorNumber = Errors.UploadedFileRenamed; } else { oFile.SaveAs(sFilePath); if (Config.Current.SecureImageUploads && ImageTools.IsImageExtension(sExtension) && !ImageTools.ValidateImage(sFilePath)) { System.IO.File.Delete(sFilePath); ConnectorException.Throw(Errors.UploadedCorrupt); } Settings.Images imagesSettings = Config.Current.Images; if (imagesSettings.MaxHeight > 0 && imagesSettings.MaxWidth > 0) { ImageTools.ResizeImage(sFilePath, sFilePath, imagesSettings.MaxWidth, imagesSettings.MaxHeight, true, imagesSettings.Quality); if (Config.Current.CheckSizeAfterScaling && this.CurrentFolder.ResourceTypeInfo.MaxSize > 0) { long fileSize = new System.IO.FileInfo(sFilePath).Length; if (fileSize > this.CurrentFolder.ResourceTypeInfo.MaxSize) { System.IO.File.Delete(sFilePath); ConnectorException.Throw(Errors.UploadedTooBig); } } } break; } } } else ConnectorException.Throw(Errors.InvalidName); } } else ConnectorException.Throw( Errors.UploadedCorrupt ); } catch ( ConnectorException connectorException ) { iErrorNumber = connectorException.Number; } catch ( System.Security.SecurityException ) { #if DEBUG throw; #else iErrorNumber = Errors.AccessDenied; #endif } catch ( System.UnauthorizedAccessException ) { #if DEBUG throw; #else iErrorNumber = Errors.AccessDenied; #endif } catch { #if DEBUG throw; #else iErrorNumber = Errors.Unknown; #endif } #if DEBUG if ( iErrorNumber == Errors.None || iErrorNumber == Errors.UploadedFileRenamed || iErrorNumber == Errors.UploadedInvalidNameRenamed ) response.Clear(); #else response.Clear(); #endif response.Write( "<script type=\"text/javascript\">" ); response.Write( this.GetJavaScriptCode( iErrorNumber, sFileName, this.CurrentFolder.Url + sFileName ) ); response.Write( "</script>" ); Connector.CKFinderEvent.ActivateEvent( CKFinderEvent.Hooks.AfterFileUpload, this.CurrentFolder, sFilePath ); response.End(); } protected virtual string GetJavaScriptCode( int errorNumber, string fileName, string fileUrl ) { System.Web.HttpRequest _Request = System.Web.HttpContext.Current.Request; string _funcNum = _Request.QueryString["CKFinderFuncNum"]; string _errorMsg = ""; if ( errorNumber > 0 ) { _errorMsg = Lang.getErrorMessage( errorNumber ).Replace( "%1", fileName ); if ( errorNumber != Errors.UploadedFileRenamed && errorNumber != Errors.UploadedInvalidNameRenamed ) fileName = ""; } if ( _funcNum != null ) { _funcNum = Regex.Replace( _funcNum, @"[^0-9]", "", RegexOptions.None ); if ( errorNumber > 0 ) { _errorMsg = Lang.getErrorMessage( errorNumber ).Replace( "%1", fileName ); if ( errorNumber != Errors.UploadedFileRenamed ) fileUrl = ""; } return "window.parent.CKFinder.tools.callFunction(" + _funcNum + ",'" + fileUrl.Replace( "'", "\\'" ) + "','" + _errorMsg.Replace( "'", "\\'" ) + "') ;"; } else { return "window.parent.OnUploadCompleted('" + fileName.Replace( "'", "\\'" ) + "','" + _errorMsg.Replace( "'", "\\'" ) + "') ;"; } } private bool CheckNonHtmlFile( HttpPostedFile file ) { byte[] buffer = new byte[ 1024 ]; file.InputStream.Read( buffer, 0, 1024 ); string firstKB = System.Text.ASCIIEncoding.ASCII.GetString( buffer ); if ( Regex.IsMatch( firstKB, @"<!DOCTYPE\W*X?HTML", RegexOptions.IgnoreCase | RegexOptions.Singleline ) ) return false; if ( Regex.IsMatch( firstKB, @"<(?:body|head|html|img|pre|script|table|title)", RegexOptions.IgnoreCase | RegexOptions.Singleline ) ) return false; //type = javascript if ( Regex.IsMatch( firstKB, @"type\s*=\s*[\'""]?\s*(?:\w*/)?(?:ecma|java)", RegexOptions.IgnoreCase | RegexOptions.Singleline ) ) return false; //href = javascript //src = javascript //data = javascript if ( Regex.IsMatch( firstKB, @"(?:href|src|data)\s*=\s*[\'""]?\s*(?:ecma|java)script:", RegexOptions.IgnoreCase | RegexOptions.Singleline ) ) return false; //url(javascript if ( Regex.IsMatch( firstKB, @"url\s*\(\s*[\'""]?\s*(?:ecma|java)script:", RegexOptions.IgnoreCase | RegexOptions.Singleline ) ) return false; return true; } } }