A range of security improvements

Assemblies/Protean.Tools.Csharp/Properties/AssemblyInfo.cs

@@ -32,5 +32,5 @@
 // You can specify all the values or you can default the Build and Revision Numbers
 // by using the '*' as shown below:
 // [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("6.0.38.12")]
-[assembly: AssemblyFileVersion("6.0.38.12")]
+[assembly: AssemblyVersion("6.0.38.24")]
+[assembly: AssemblyFileVersion("6.0.38.24")]

Assemblies/Protean.Tools.Csharp/obj/Debug/Protean.Tools.Csharp.csproj.FileListAbsolute.txt

@@ -65,7 +65,7 @@ D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools.Csharp\bin\Debug\Magick.NET
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools.Csharp\bin\Debug\MySql.Data.xml
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools.Csharp\bin\Debug\Newtonsoft.Json.xml
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools.Csharp\bin\Debug\Renci.SshNet.xml
-D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools.Csharp\obj\Debug\Protean.Tools.Csharp.csprojAssemblyReference.cache
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools.Csharp\obj\Debug\Protean.Tools.Csharp.csproj.CopyComplete
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools.Csharp\obj\Debug\Protean.Tools.Csharp.dll
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools.Csharp\obj\Debug\Protean.Tools.Csharp.pdb
+D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools.Csharp\obj\Debug\Protean.Tools.Csharp.csprojAssemblyReference.cache

Assemblies/Protean.Tools/AssemblyInfo.vb

@@ -33,8 +33,8 @@ Imports System.Runtime.InteropServices
 ' by using the '*' as shown below:
 ' <Assembly: AssemblyVersion("1.0.*")> 
 
-<Assembly: AssemblyVersion("6.0.38.7")>
-<Assembly: AssemblyFileVersion("6.0.38.7")>
+<Assembly: AssemblyVersion("6.0.38.29")>
+<Assembly: AssemblyFileVersion("6.0.38.29")>
 
 '<Assembly: System.Security.AllowPartiallyTrustedCallersAttribute()> 
 

Assemblies/Protean.Tools/Image.vb

@@ -547,6 +547,8 @@ Public Class Image
                     imgfileInfo.Refresh()
                     difference = difference - imgfileInfo.Length
                     optimizer = Nothing
+                Case ".webp"
+
             End Select
             Return difference
 

Assemblies/Protean.Tools/Protean.Tools.vbproj

@@ -55,7 +55,7 @@
     </NuGetPackageImportStamp>
     <ShouldCreateLogs>False</ShouldCreateLogs>
     <AdvancedSettingsExpanded>True</AdvancedSettingsExpanded>
-    <AssemblyVersion>6.0.38.7</AssemblyVersion>
+    <AssemblyVersion>6.0.38.29</AssemblyVersion>
     <UpdatePackageVersion>False</UpdatePackageVersion>
     <AssemblyInfoVersionType>SettingsVersion</AssemblyInfoVersionType>
     <InheritWinAppVersionFrom>None</InheritWinAppVersionFrom>
@@ -115,8 +115,11 @@
     <Reference Include="ICSharpCode.SharpZipLib, Version=1.1.0.145, Culture=neutral, PublicKeyToken=1b03e6acf1164f73, processorArchitecture=MSIL">
       <HintPath>..\..\packages\SharpZipLib.1.1.0\lib\net45\ICSharpCode.SharpZipLib.dll</HintPath>
     </Reference>
-    <Reference Include="Magick.NET-Q8-x64, Version=7.14.5.0, Culture=neutral, PublicKeyToken=2004825badfa91ec, processorArchitecture=AMD64">
-      <HintPath>..\..\packages\Magick.NET-Q8-x64.7.14.5\lib\net40\Magick.NET-Q8-x64.dll</HintPath>
+    <Reference Include="Magick.NET-Q8-AnyCPU, Version=7.21.1.0, Culture=neutral, PublicKeyToken=2004825badfa91ec, processorArchitecture=MSIL">
+      <HintPath>..\..\..\EonicClients\IntoTheBlue_DevOps\packages\Magick.NET-Q8-AnyCPU.7.21.1\lib\net40\Magick.NET-Q8-AnyCPU.dll</HintPath>
+    </Reference>
+    <Reference Include="Magick.NET.Core, Version=4.1.0.0, Culture=neutral, PublicKeyToken=2004825badfa91ec, processorArchitecture=MSIL">
+      <HintPath>..\..\..\EonicClients\IntoTheBlue_DevOps\packages\Magick.NET.Core.4.1.0\lib\net40\Magick.NET.Core.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.Owin, Version=4.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
       <HintPath>..\..\packages\Microsoft.Owin.4.0.1\lib\net45\Microsoft.Owin.dll</HintPath>
@@ -437,11 +440,13 @@
     <Error Condition="!Exists('..\..\packages\Magick.NET-Q8-x64.7.14.5\build\net40\Magick.NET-Q8-x64.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\..\packages\Magick.NET-Q8-x64.7.14.5\build\net40\Magick.NET-Q8-x64.targets'))" />
     <Error Condition="!Exists('..\..\packages\NETStandard.Library.2.0.3\build\netstandard2.0\NETStandard.Library.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\..\packages\NETStandard.Library.2.0.3\build\netstandard2.0\NETStandard.Library.targets'))" />
     <Error Condition="!Exists('..\..\packages\TidyHtml5ManagedRepack.1.1.4\build\TidyHtml5ManagedRepack.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\..\packages\TidyHtml5ManagedRepack.1.1.4\build\TidyHtml5ManagedRepack.targets'))" />
+    <Error Condition="!Exists('..\..\..\EonicClients\IntoTheBlue_DevOps\packages\Magick.NET-Q8-x64.7.21.1\build\net40\Magick.NET-Q8-x64.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\..\..\EonicClients\IntoTheBlue_DevOps\packages\Magick.NET-Q8-x64.7.21.1\build\net40\Magick.NET-Q8-x64.targets'))" />
   </Target>
   <Import Project="..\..\..\ProteanCMS Addons\packages\Magick.NET-Q8-x64.7.14.5\build\net40\Magick.NET-Q8-x64.targets" Condition="Exists('..\..\..\ProteanCMS Addons\packages\Magick.NET-Q8-x64.7.14.5\build\net40\Magick.NET-Q8-x64.targets')" />
   <Import Project="..\..\..\ProteanCMS Addons\packages\NETStandard.Library.2.0.3\build\netstandard2.0\NETStandard.Library.targets" Condition="Exists('..\..\..\ProteanCMS Addons\packages\NETStandard.Library.2.0.3\build\netstandard2.0\NETStandard.Library.targets')" />
   <Import Project="..\..\..\ProteanCMS Addons\packages\TidyHtml5ManagedRepack.1.1.4\build\TidyHtml5ManagedRepack.targets" Condition="Exists('..\..\..\ProteanCMS Addons\packages\TidyHtml5ManagedRepack.1.1.4\build\TidyHtml5ManagedRepack.targets')" />
   <Import Project="..\..\packages\Magick.NET-Q8-x64.7.14.5\build\net40\Magick.NET-Q8-x64.targets" Condition="Exists('..\..\packages\Magick.NET-Q8-x64.7.14.5\build\net40\Magick.NET-Q8-x64.targets')" />
   <Import Project="..\..\packages\NETStandard.Library.2.0.3\build\netstandard2.0\NETStandard.Library.targets" Condition="Exists('..\..\packages\NETStandard.Library.2.0.3\build\netstandard2.0\NETStandard.Library.targets')" />
   <Import Project="..\..\packages\TidyHtml5ManagedRepack.1.1.4\build\TidyHtml5ManagedRepack.targets" Condition="Exists('..\..\packages\TidyHtml5ManagedRepack.1.1.4\build\TidyHtml5ManagedRepack.targets')" />
+  <Import Project="..\..\..\EonicClients\IntoTheBlue_DevOps\packages\Magick.NET-Q8-x64.7.21.1\build\net40\Magick.NET-Q8-x64.targets" Condition="Exists('..\..\..\EonicClients\IntoTheBlue_DevOps\packages\Magick.NET-Q8-x64.7.21.1\build\net40\Magick.NET-Q8-x64.targets')" />
 </Project>

Assemblies/Protean.Tools/obj/Debug/Protean.Tools.vbproj.FileListAbsolute.txt

@@ -190,7 +190,6 @@ D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\Protean.Tools.pdb
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\Protean.Tools.xml
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\DocumentFormat.OpenXml.dll
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\ICSharpCode.SharpZipLib.dll
-D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\Magick.NET-Q8-x64.dll
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\Microsoft.Owin.dll
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\Microsoft.Owin.Security.dll
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\Microsoft.SqlServer.ConnectionInfo.dll
@@ -221,7 +220,6 @@ D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\Protean.Tools.Csh
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\DocumentFormat.OpenXml.xml
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\ICSharpCode.SharpZipLib.pdb
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\ICSharpCode.SharpZipLib.xml
-D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\Magick.NET-Q8-x64.xml
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\Microsoft.Owin.xml
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\Microsoft.Owin.Security.xml
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\Newtonsoft.Json.xml
@@ -235,3 +233,7 @@ D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\obj\Debug\Protean.Tools.vbp
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\obj\Debug\Protean.Tools.dll
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\obj\Debug\Protean.Tools.xml
 D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\obj\Debug\Protean.Tools.pdb
+D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\Magick.NET-Q8-AnyCPU.dll
+D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\Magick.NET.Core.dll
+D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\Magick.NET-Q8-AnyCPU.xml
+D:\HostingSpaces\ProteanCMS\Assemblies\Protean.Tools\bin\Debug\Magick.NET.Core.xml

Assemblies/Protean.Tools/packages.config

@@ -1,8 +1,9 @@
 <?xml version="1.0" encoding="utf-8"?>
 <packages>
   <package id="DocumentFormat.OpenXml" version="2.9.0" targetFramework="net472" />
-  <package id="Magick.NET-Q8-AnyCPU" version="7.15.1" targetFramework="net472" />
-  <package id="Magick.NET-Q8-x64" version="7.14.5" targetFramework="net472" />
+  <package id="Magick.NET.Core" version="4.1.0" targetFramework="net472" />
+  <package id="Magick.NET-Q8-AnyCPU" version="7.21.1" targetFramework="net472" />
+  <package id="Magick.NET-Q8-x64" version="7.21.1" targetFramework="net472" />
   <package id="Microsoft.NETCore.Platforms" version="2.2.0" targetFramework="net472" />
   <package id="Microsoft.Owin" version="4.0.1" targetFramework="net472" />
   <package id="Microsoft.Owin.Security" version="4.0.1" targetFramework="net472" />

Assemblies/ProteanCMS/AssemblyInfo.vb

@@ -33,11 +33,11 @@ Imports System.Runtime.InteropServices
 ' You can specify all the values or you can default the Build and Revision Numbers 
 ' by using the '*' as shown below:
 
-<Assembly: AssemblyVersion("6.0.38.30")>
+<Assembly: AssemblyVersion("6.0.38.66")>
 <Assembly: AssemblyDelaySign(False)>
 <Assembly: AssemblyKeyFile("../../../eonic.snk")>
 <Assembly: AssemblyKeyName("")>
 
-<Assembly: AssemblyFileVersion("6.0.38.30")>
+<Assembly: AssemblyFileVersion("6.0.38.66")>
 <Assembly: NeutralResourcesLanguageAttribute("en")> 
 

Assemblies/ProteanCMS/CMS/Admin/Admin.vb

@@ -2063,7 +2063,7 @@ ProcessFlow:
                         oWeb.mbAdminMode = False
                         If Not myWeb.mbSuppressLastPageOverrides Then myWeb.moSession("lastPage") = "/" & gcProjectPath & myWeb.mcPagePath.TrimStart("/") & "?ewCmd=ViewSystemPages&pgid=" & myWeb.mnPageId
 
-                    Case "Subscriptions", "EditUserSubscription", "AddSubscriptionGroup", "EditSubscriptionGroup", "AddSubscription", "CancelSubscription", "EditSubscription", "MoveSubscription", "RenewSubscription", "LocateSubscription", "UpSubscription", "DownSubscription", "ListSubscribers", "ManageUserSubscription", "UpcomingRenewals", "ExpiredSubscriptions", "CancelledSubscriptions", "RenewalAlerts"
+                    Case "Subscriptions", "EditUserSubscription", "AddSubscriptionGroup", "EditSubscriptionGroup", "AddSubscription", "CancelSubscription", "ResendCancellation", "EditSubscription", "MoveSubscription", "RenewSubscription", "LocateSubscription", "UpSubscription", "DownSubscription", "ListSubscribers", "ManageUserSubscription", "UpcomingRenewals", "ExpiredSubscriptions", "CancelledSubscriptions", "RenewalAlerts"
                         SubscriptionProcess(mcEwCmd, sAdminLayout, oPageDetail)
                         bLoadStructure = True
 
@@ -3196,6 +3196,16 @@ AfterProcessFlow:
                             'close window / js
                         End If
                     Case "FolderSettings"
+
+                    Case "FileUpload"
+
+                        Dim oFS As New fsHelper(myWeb.moCtx)
+
+                        oFS.UploadRequest(myWeb.moCtx)
+
+                        oFS = Nothing
+
+
                     Case Else
                         bShowTree = True
                 End Select
@@ -4250,7 +4260,10 @@ SP:
                     Else
                         sAdminLayout = "AdminXForm"
                     End If
-
+                Case "ResendCancellation"
+                    oSub.ResendCancelation(myWeb.moRequest("id"))
+                    cCmd = "ManageUserSubscription"
+                    GoTo SP
                 Case "Subscriptions"
                     oSub.ListSubscriptions(oPageDetail)
                 Case "ListSubscribers"

Assemblies/ProteanCMS/CMS/Cart/Subscriptions.vb

@@ -1480,14 +1480,14 @@ RedoCheck:
                     ExpireSubscriptionGroups(nId)
 
                     'Email the site owner to inform of cancelation !!!
-                    If oSubConfig("CancelationXSL") <> "" Then
+                    If oSubConfig("CancellationXSL") <> "" Then
                         Dim oMessager As New Protean.Messaging
                         Dim SubXml As XmlElement = GetSubscriptionDetail(Nothing, nId)
                         Dim CustomerEmail As String = SubXml.FirstChild.SelectSingleNode("User/Email").InnerText
                         ' Inform the client
-                        Dim cRetMessage As String = oMessager.emailer(SubXml.FirstChild, oSubConfig("CancelationXSL"), oSubConfig("SubscriptionEmailName"), oSubConfig("SubscriptionEmail"), CustomerEmail, "Cancel Subscription")
+                        Dim cRetMessage As String = oMessager.emailer(SubXml.FirstChild, oSubConfig("CancellationXSL"), oSubConfig("SubscriptionEmailName"), oSubConfig("SubscriptionEmail"), CustomerEmail, "Cancel Subscription")
                         ' Inform the site owner
-                        Dim cRetMessage2 As String = oMessager.emailer(SubXml.FirstChild, oSubConfig("CancelationXSL"), oSubConfig("SubscriptionEmailName"), oSubConfig("SubscriptionEmail"), oSubConfig("SubscriptionEmail"), "Cancel Subscription")
+                        Dim cRetMessage2 As String = oMessager.emailer(SubXml.FirstChild, oSubConfig("CancellationXSL"), oSubConfig("SubscriptionEmailName"), oSubConfig("SubscriptionEmail"), oSubConfig("SubscriptionEmail"), "Cancel Subscription")
                     End If
 
 
@@ -1496,6 +1496,26 @@ RedoCheck:
                 End Try
             End Sub
 
+
+            Public Sub ResendCancelation(ByVal nId As Integer, Optional cReason As String = "")
+                Try
+
+                    'Email the site owner to inform of cancelation !!!
+                    If oSubConfig("CancellationXSL") <> "" Then
+                        Dim oMessager As New Protean.Messaging
+                        Dim SubXml As XmlElement = GetSubscriptionDetail(Nothing, nId)
+                        Dim CustomerEmail As String = SubXml.FirstChild.SelectSingleNode("User/Email").InnerText
+                        ' Inform the client
+                        Dim cRetMessage As String = oMessager.emailer(SubXml.FirstChild, oSubConfig("CancellationXSL"), oSubConfig("SubscriptionEmailName"), oSubConfig("SubscriptionEmail"), CustomerEmail, "Cancel Subscription")
+                        ' Inform the site owner
+                        Dim cRetMessage2 As String = oMessager.emailer(SubXml.FirstChild, oSubConfig("CancellationXSL"), oSubConfig("SubscriptionEmailName"), oSubConfig("SubscriptionEmail"), oSubConfig("SubscriptionEmail"), "Cancel Subscription")
+                    End If
+
+                Catch ex As Exception
+                    returnException(mcModuleName, "ResendCancelation", ex, "", "", gbDebug)
+                End Try
+            End Sub
+
             Public Function ExpireSubscription(ByVal nId As Integer, Optional cReason As String = "") As String
                 Try