version 1.107, 2011/10/22 21:25:37
|
version 1.111, 2011/10/24 22:39:21
|
Line 161 sub URLToPath {
|
Line 161 sub URLToPath {
|
$Url=~ s/\/+/\//g; |
$Url=~ s/\/+/\//g; |
$Url=~ s/^https?\:\/\/[^\/]+//; |
$Url=~ s/^https?\:\/\/[^\/]+//; |
$Url=~ s/^\///; |
$Url=~ s/^\///; |
$Url=~ s/(\~|priv\/)($match_username)\//\/home\/$2\/public_html\//; |
$Url='/home/httpd/html/'.$Url; |
&Debug($r, "Returning $Url \n"); |
&Debug($r, "Returning $Url \n"); |
return $Url; |
return $Url; |
} |
} |
|
|
sub url { |
sub url { |
my $fn=shift; |
my $fn=shift; |
$fn=~s/^\/home\/($match_username)\/public\_html/\/priv\/$1/; |
$fn=~s/^\/home\/httpd\/html//; |
|
$fn=~s/\/\.\//\//g; |
$fn=&HTML::Entities::encode($fn,'<>"&'); |
$fn=&HTML::Entities::encode($fn,'<>"&'); |
return $fn; |
return $fn; |
} |
} |
Line 188 sub display {
|
Line 189 sub display {
|
sub obsolete_unpub { |
sub obsolete_unpub { |
my ($user,$domain,$construct)=@_; |
my ($user,$domain,$construct)=@_; |
my $published=$construct; |
my $published=$construct; |
$published=~ |
$published=~s/^\/home\/httpd\/html\/priv\//\/home\/httpd\/html\/res\//; |
s/^\/home\/$user\/public\_html\//\/home\/httpd\/html\/res\/$domain\/$user\//; |
|
if (-e $published) { |
if (-e $published) { |
if (&Apache::lonnet::metadata($published,'obsolete')) { |
if (&Apache::lonnet::metadata($published,'obsolete')) { |
return 1; |
return 1; |
Line 271 sub exists {
|
Line 271 sub exists {
|
$creating ||= 'file'; |
$creating ||= 'file'; |
|
|
my $published=$construct; |
my $published=$construct; |
$published=~ |
$published=~s{^/home/httpd/html/priv/}{/home/httpd/html/res/}; |
s{^/home/$user/public_html/}{/home/httpd/html/res/$domain/$user/}; |
|
my ($type,$result); |
my ($type,$result); |
if ( -d $construct ) { |
if ( -d $construct ) { |
return ('error','<p><span class="LC_error">'.&mt('Error: destination for operation is an existing directory.').'</span></p>'); |
return ('error','<p><span class="LC_error">'.&mt('Error: destination for operation is an existing directory.').'</span></p>'); |
Line 346 sub checksuffix {
|
Line 345 sub checksuffix {
|
} |
} |
|
|
sub cleanDest { |
sub cleanDest { |
my ($request,$dest,$subdir,$fn,$uname)=@_; |
my ($request,$dest,$subdir,$fn,$uname,$udom)=@_; |
#remove bad characters |
#remove bad characters |
my $foundbad=0; |
my $foundbad=0; |
my $error=''; |
my $error=''; |
Line 361 sub cleanDest {
|
Line 360 sub cleanDest {
|
} |
} |
if ($dest=~m|/|) { |
if ($dest=~m|/|) { |
my ($newpath)=($dest=~m|(.*)/|); |
my ($newpath)=($dest=~m|(.*)/|); |
($newpath,$error)=&relativeDest($fn,$newpath,$uname); |
($newpath,$error)=&relativeDest($fn,$newpath,$uname,$udom); |
if (! -d "$newpath") { |
if (! -d "$newpath") { |
$request->print('<p><span class="LC_warning">' |
$request->print('<p><span class="LC_warning">' |
.&mt("You have requested to create file in directory [_1] which doesn't exist. The requested directory path has been removed from the requested file name." |
.&mt("You have requested to create file in directory [_1] which doesn't exist. The requested directory path has been removed from the requested file name." |
Line 390 sub cleanDest {
|
Line 389 sub cleanDest {
|
} |
} |
|
|
sub relativeDest { |
sub relativeDest { |
my ($fn,$newfilename,$uname)=@_; |
my ($fn,$newfilename,$uname,$udom)=@_; |
my $error = ''; |
my $error = ''; |
if ($newfilename=~/^\//) { |
if ($newfilename=~/^\//) { |
# absolute, simply add path |
# absolute, simply add path |
$newfilename='/home/'.$uname.'/public_html/'; |
$newfilename='/home/httpd/html/res/'.$udom.'/'.$uname.'/'; |
} else { |
} else { |
my $dir=$fn; |
my $dir=$fn; |
$dir=~s/\/[^\/]+$//; |
$dir=~s/\/[^\/]+$//; |
Line 404 sub relativeDest {
|
Line 403 sub relativeDest {
|
while ($newfilename=~m:/\.\./:) { |
while ($newfilename=~m:/\.\./:) { |
$newfilename=~ s:/[^/]+/\.\./:/:g; #remove dir/.. |
$newfilename=~ s:/[^/]+/\.\./:/:g; #remove dir/.. |
} |
} |
if ($newfilename =~ m{^/home/($match_username)/(?:public\_html|priv)/}) { |
my ($authorname,$authordom)=&Apache::loncacc::constructaccess($newfilename); |
my $otheruname = $1; |
unless (($authorname) && ($authordom)) { |
unless ($otheruname eq $uname) { |
my $otherdir = &display($newfilename); |
my ($authorname,$authordom)= |
$error = &mt('Access denied to [_1]',$otherdir); |
&Apache::loncacc::constructaccess($newfilename,$env{'request.role.domain'}); |
|
unless (($authorname eq $otheruname) && ($authordom ne '')) { |
|
my $otherdir = &display($newfilename); |
|
$error = &mt('Access denied to [_1]',$otherdir); |
|
} |
|
} |
|
} |
} |
return ($newfilename,$error); |
return ($newfilename,$error); |
} |
} |
Line 951 sub phaseone {
|
Line 944 sub phaseone {
|
my $doingdir=0; |
my $doingdir=0; |
if ($env{'form.action'} eq 'newdir') { $doingdir=1; } |
if ($env{'form.action'} eq 'newdir') { $doingdir=1; } |
my ($newfilename,$error) = |
my ($newfilename,$error) = |
&cleanDest($r,$env{'form.newfilename'},$doingdir,$fn,$uname); |
&cleanDest($r,$env{'form.newfilename'},$doingdir,$fn,$uname,$udom); |
unless ($error) { |
unless ($error) { |
($newfilename,$error)=&relativeDest($fn,$newfilename,$uname); |
($newfilename,$error)=&relativeDest($fn,$newfilename,$uname,$udom); |
} |
} |
if ($error) { |
if ($error) { |
my $dirlist; |
my $dirlist; |
Line 1445 sub handler {
|
Line 1438 sub handler {
|
my $uname; |
my $uname; |
my $udom; |
my $udom; |
|
|
($uname,$udom)= |
($uname,$udom)=&Apache::loncacc::constructaccess($fn); |
&Apache::loncacc::constructaccess($fn,$r->dir_config('lonDefDomain')); |
|
&Debug($r, |
&Debug($r, |
"loncfile::handler constructaccess uname = $uname domain = $udom"); |
"loncfile::handler constructaccess uname = $uname domain = $udom"); |
unless (($uname) && ($udom)) { |
unless (($uname) && ($udom)) { |