Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>I found a solution that uses jQuery and C# code behind pages. Here is the jQuery part:</p> <pre><code>$.getJSON('_vti_bin/listdata.svc/&lt;NAME OF LIST (FORMATTED FOR LISTDATA.SVC)&gt;', function(data){ $.each(data.d.results, function(index, value){ $.get('&lt;NAME OF LIST&gt;/'+value.Title+"?noredirect=true", function(info){ $.post('&lt;PATH TO filecreator.aspx&gt;, {file: $(info).find('[nodeName="my:memo"]').text()}, function(data){ $('#response').html(data); }); }); }); }); </code></pre> <p>The html is a simple enough <code>&lt;div id="response"&gt;&lt;/div&gt;</code> just meant to receive data.</p> <p>Here is the filecreator.aspx file:</p> <pre><code>&lt;%@ Page Language="C#" %&gt; &lt;%@ Import Namespace="System.Web" %&gt; &lt;%@ Import Namespace="System.IO" %&gt; &lt;%@ Import Namespace="System.Text" %&gt; &lt;script runat="server"&gt; public void Page_Load(object sender, EventArgs e){ int fileSize, nameLength; string name = ""; byte[] decodedData; HttpContext c = HttpContext.Current; string data64 = c.Request["file"]; if(data64==""){ return; } byte[] data = Convert.FromBase64String(data64); using(MemoryStream ms = new MemoryStream(data)){ BinaryReader reader = new BinaryReader(ms); byte[] header = new byte[16]; header = reader.ReadBytes(header.Length); fileSize = (int)reader.ReadUInt32(); nameLength = (int)reader.ReadUInt32() * 2; byte[] fileName = reader.ReadBytes(nameLength); Encoding enc = Encoding.Unicode; name = enc.GetString(fileName, 0, nameLength -2); decodedData = reader.ReadBytes(fileSize); } string filePath = Server.MapPath("/temp/"+name); if(File.Exists(filePath)){ File.Delete(filePath); } FileStream fs = new FileStream(filePath, FileMode.CreateNew); BinaryWriter writer = new BinaryWriter(fs); writer.Write(decodedData); writer.Close(); fs.Close(); Response.Write("&lt;a href=\"http://sharept03sb1/services/?download.aspx?file="+name+"\"&gt;"+name+"&lt;/a&gt;&lt;br /&gt;"); } &lt;/script&gt; </code></pre> <p>And finally, this is download.aspx file that starts the download, it's vulnerable right now to lfi, and I'll mark where this should be fixed:</p> <pre><code>&lt;%@ Page Language="C#" %&gt; &lt;%@ Import Namespace="System.Web" %&gt; &lt;%@ Import Namespace="System.IO" %&gt; &lt;%@ Import Namespace="System.Text" %&gt; &lt;script runat="server"&gt; public void Page_Load(object sender, EventArgs e){ string name = Request.QueryString["file"]; // HERE: Make sure to prevent lfi via directory traversal :) FileStream fs = File.Open(Server.MapPath("/temp/"+name), FileMode.Open); byte[] file = new byte[fs.Length]; fs.Read(file, 0, Convert.ToInt32(fs.Length)); fs.Close(); Response.AddHeader("Content-disposition", "attachment; filename=" + name); Response.ContentType = "application/octet-stream"; Response.BinaryWrite(file); Response.End(); } &lt;/script&gt; </code></pre> <p>A couple tips:</p> <ul> <li>If you get something talking about code blocks not working, make sure to do some research on PageParserPaths in sharepoint's web.config file. You'll need to change that.</li> <li>This only provides donwload links for every attachment in a document library containing infopath forms. You could of course use parameterized queries to filter certain data.</li> </ul>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload