version 1.36, 2017/09/18 16:58:08
|
version 1.37, 2017/09/29 19:18:10
|
Line 37 use Apache::lonhtmlcommon();
|
Line 37 use Apache::lonhtmlcommon();
|
use Apache::lonsequence(); |
use Apache::lonsequence(); |
use Apache::Constants qw(:common :http); |
use Apache::Constants qw(:common :http); |
use Apache::lonmeta; |
use Apache::lonmeta; |
|
use Apache::lonenc(); |
use Apache::File; |
use Apache::File; |
use Apache::lonlocal; |
use Apache::lonlocal; |
use HTML::Entities; |
use HTML::Entities; |
Line 196 sub copy_file {
|
Line 197 sub copy_file {
|
} |
} |
|
|
sub print_item { |
sub print_item { |
my ($r,$filename,$listname) = @_; |
my ($r,$filename,$listname,$context) = @_; |
my $file_output = |
my $file_output; |
&includemeta(&Apache::lonnet::getfile($Apache::lonnet::perlvar{'lonDocRoot'}.$filename), |
if ($context eq 'view') { |
$filename); |
$file_output = |
|
&Apache::lonnet::getfile($Apache::lonnet::perlvar{'lonDocRoot'}.$filename); |
|
} else { |
|
$file_output = |
|
&includemeta(&Apache::lonnet::getfile($Apache::lonnet::perlvar{'lonDocRoot'}.$filename), |
|
$filename); |
|
} |
$r->print(&Apache::loncommon::start_page('View Source Code',undef, |
$r->print(&Apache::loncommon::start_page('View Source Code',undef, |
{'only_body' => 1})); |
{'only_body' => 1})); |
if ($file_output ne '') { |
if ($file_output ne '') { |
my $access_to_cstr; |
my $access_to_cstr; |
my $lonhost = $r->dir_config('lonHostID'); |
my $lonhost = $r->dir_config('lonHostID'); |
if (&Apache::lonnet::is_library($lonhost)) { |
if ($context eq 'view') { |
|
$r->print('<form name="view" action="" target="_parent" method="post"><span class="LC_info">'. |
|
&mt('Source code is displayed below.'). |
|
'</span>'.(' ' x4).'<input type="button" name="close" onclick="window.close();"'. |
|
' value="'.&mt('Close Window').'" /></form><hr />'); |
|
} elsif (&Apache::lonnet::is_library($lonhost)) { |
my @possdoms = &Apache::lonnet::current_machine_domains(); |
my @possdoms = &Apache::lonnet::current_machine_domains(); |
foreach my $dom (@possdoms) { |
foreach my $dom (@possdoms) { |
if ($env{"user.role.au./$dom/"}) { |
if ($env{"user.role.au./$dom/"}) { |
Line 332 sub get_path_to_newfile {
|
Line 344 sub get_path_to_newfile {
|
sub handler { |
sub handler { |
my $r=shift; |
my $r=shift; |
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'}, |
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'}, |
['filename','listname']); |
['filename','listname','viewonly']); |
my $filename = $env{'form.filename'}; |
my $filename = $env{'form.filename'}; |
|
my $shownfilename = $filename; |
|
$shownfilename =~ s/(`)/'/g; |
|
$shownfilename =~ s/\$/\(\$\)/g; |
my $listname = $env{'form.listname'}; |
my $listname = $env{'form.listname'}; |
|
my $viewonly = $env{'form.viewonly'}; |
|
|
my $source = &Apache::lonnet::metadata($filename,'sourceavail'); |
if ($viewonly) { |
if ($source ne 'open') { |
my $canview; |
$env{'user.error.msg'}="$filename:cre:1:1:Source code not available"; |
$filename =~ s/\.\.//g; |
|
$filename =~ s/\~//g; |
|
$filename =~ s/\/+/\//g; |
|
if (($env{'request.course.id'}) && (&Apache::lonnet::is_on_map($filename))) { |
|
if ((&Apache::lonnet::metadata(&Apache::lonenc::check_decrypt($filename)) eq 'open') && |
|
(&Apache::lonnet::allowed('cre','/'))) { |
|
$canview = 1; |
|
} elsif (&Apache::lonnet::allowed('vxc',$env{'request.course.id'})) { |
|
my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'}; |
|
&Apache::lonenc::check_decrypt(\$filename); |
|
if (($env{'request.role.domain'} eq $cdom) && ($filename =~ /$LONCAPA::assess_re/)) { |
|
my ($auname) = ($filename =~ m{^\Q/res/$cdom/\E($match_username)/}); |
|
if (($env{'request.course.adhocsrcaccess'} ne '') && |
|
(grep(/^\Q$auname\E$/,split(/,/,$env{'request.course.adhocsrcaccess'})))) { |
|
$canview = 1; |
|
} |
|
} |
|
} |
|
} |
|
unless ($canview) { |
|
$env{'user.error.msg'}="$shownfilename:cre:1:1:Source code not available"; |
|
return HTTP_NOT_ACCEPTABLE; |
|
} |
|
} elsif (&Apache::lonnet::metadata($filename,'sourceavail') ne 'open') { |
|
$env{'user.error.msg'}="$shownfilename:cre:1:1:Source code not available"; |
return HTTP_NOT_ACCEPTABLE; |
return HTTP_NOT_ACCEPTABLE; |
} |
} |
unless (&Apache::lonnet::allowed('bre',$filename)) { |
unless (&Apache::lonnet::allowed('bre',$filename)) { |
$env{'user.error.msg'}="$filename:bre:1:1:Access to resource denied"; |
$env{'user.error.msg'}="$shownfilename:bre:1:1:Access to resource denied"; |
return HTTP_NOT_ACCEPTABLE; |
return HTTP_NOT_ACCEPTABLE; |
} |
} |
unless (&Apache::lonnet::allowed('cre','/')) { |
unless ($viewonly) { |
$env{'user.error.msg'}="$filename:cre:1:1:Access to source code denied"; |
unless (&Apache::lonnet::allowed('cre','/')) { |
return HTTP_NOT_ACCEPTABLE; |
$env{'user.error.msg'}="$shownfilename:cre:1:1:Access to source code denied"; |
|
return HTTP_NOT_ACCEPTABLE; |
|
} |
} |
} |
my $newpath = $env{'form.newpath'}; |
my $newpath = $env{'form.newpath'}; |
|
|
&Apache::loncommon::content_type($r,'text/html'); |
&Apache::loncommon::content_type($r,'text/html'); |
$r->send_http_header; |
$r->send_http_header; |
|
|
if ($env{'form.action'} eq 'stage2') { |
if ($viewonly) { |
|
&print_item($r,$filename,$listname,'view'); |
|
} elsif ($env{'form.action'} eq 'stage2') { |
&stage_2($r,$filename,$listname); |
&stage_2($r,$filename,$listname); |
} elsif($env{'form.action'} eq 'copy_stage') { |
} elsif($env{'form.action'} eq 'copy_stage') { |
©_stage($r,$filename,$listname,$newpath); |
©_stage($r,$filename,$listname,$newpath); |