|
version 1.57, 2004/06/10 18:20:16
|
version 1.64, 2004/12/28 21:28:49
|
|
Line 289 sub checksuffix {
|
Line 289 sub checksuffix {
|
| } |
} |
| |
|
| sub cleanDest { |
sub cleanDest { |
| my ($request,$dest)=@_; |
my ($request,$dest,$subdir,$fn,$uname)=@_; |
| #remove bad characters |
#remove bad characters |
| |
my $foundbad=0; |
| |
if ($subdir && $dest =~/\./) { |
| |
$foundbad=1; |
| |
$dest=~s/\.//g; |
| |
} |
| if ($dest=~/[\#\?&%\"]/) { |
if ($dest=~/[\#\?&%\"]/) { |
| |
$foundbad=1; |
| |
$dest=~s/[\#\?&%\"]//g; |
| |
} |
| |
if ($dest=~m|/|) { |
| |
my ($newpath)=($dest=~m|(.*)/|); |
| |
$newpath=&relativeDest($fn,$newpath,$uname); |
| |
if (! -d "$newpath") { |
| |
$request->print("<p><font color=\"red\">".&mt('You have requested to create file in directory [_1] which doesn\'t exist. The requested directory path has been removed from the requested file name.','"<tt>'.$newpath.'</tt>"')."</font></p>"); |
| |
$dest=~s|.*/||; |
| |
} |
| |
} |
| |
if ($foundbad) { |
| $request->print("<p><font color=\"red\">".&mt('Invalid characters in requested name have been removed.')."</font></p>"); |
$request->print("<p><font color=\"red\">".&mt('Invalid characters in requested name have been removed.')."</font></p>"); |
| $dest=~s/[\#\?&%]//g; |
|
| } |
} |
| return $dest; |
return $dest; |
| } |
} |
|
Line 750 performed and reported to the user.
|
Line 766 performed and reported to the user.
|
| sub phaseone { |
sub phaseone { |
| my ($r,$fn,$uname,$udom)=@_; |
my ($r,$fn,$uname,$udom)=@_; |
| |
|
| my $newfilename=&cleanDest($r,$ENV{'form.newfilename'}); |
my $doingdir=0; |
| |
if ($ENV{'form.action'} eq 'newdir') { $doingdir=1; } |
| |
my $newfilename=&cleanDest($r,$ENV{'form.newfilename'},$doingdir,$fn,$uname); |
| $newfilename=&relativeDest($fn,$newfilename,$uname); |
$newfilename=&relativeDest($fn,$newfilename,$uname); |
| $r->print('<form action="/adm/cfile" method="post">'. |
$r->print('<form action="/adm/cfile" method="post">'. |
| '<input type="hidden" name="qualifiedfilename" value="'.$fn.'" />'. |
'<input type="hidden" name="qualifiedfilename" value="'.$fn.'" />'. |
|
Line 978 sub Copy2 {
|
Line 996 sub Copy2 {
|
| unless (copy($oldfile, $newfile)) { |
unless (copy($oldfile, $newfile)) { |
| $request->print('<font color="red"> '.&mt('copy Error').': '.$!.'</font>'); |
$request->print('<font color="red"> '.&mt('copy Error').': '.$!.'</font>'); |
| return 0; |
return 0; |
| |
} elsif (!chmod(0660, $newfile)) { |
| |
$request->print('<font color="red"> '.&mt('chmod error').': '.$!.'</font>'); |
| |
return 0; |
| |
} elsif (-e $oldfile.'.meta' && |
| |
!copy($oldfile.'.meta', $newfile.'.meta') && |
| |
!chmod(0660, $newfile.'.meta')) { |
| |
$request->print('<font color="red"> '.&mt('copy metadata error'). |
| |
': '.$!.'</font>'); |
| |
return 0; |
| } else { |
} else { |
| unless (chmod(0660, $newfile)) { |
|
| $request->print('<font color="red"> '.&mt('chmod error').': '.$!.'</font>'); |
|
| return 0; |
|
| } |
|
| return 1; |
return 1; |
| } |
} |
| } else { |
} else { |
|
Line 1108 sub phasetwo {
|
Line 1131 sub phasetwo {
|
| return ; |
return ; |
| } |
} |
| $dest = $dir."/."; |
$dest = $dir."/."; |
| } elsif ($ENV{'form.action'} eq 'rename') { # Rename. |
} elsif ($ENV{'form.action'} eq 'rename' || |
| |
$ENV{'form.action'} eq 'move') { |
| if($ENV{'form.newfilename'}) { |
if($ENV{'form.newfilename'}) { |
| if (!defined($dir)) { |
if (!defined($dir)) { |
| $fn=~m:^(.*)/:; |
$fn=~m:^(.*)/:; |
|
Line 1156 sub handler {
|
Line 1180 sub handler {
|
| |
|
| $r=shift; |
$r=shift; |
| |
|
| |
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['decompress','action','filename','newfilename']); |
| |
|
| &Debug($r, "loncfile.pm - handler entered"); |
&Debug($r, "loncfile.pm - handler entered"); |
| &Debug($r, " filename: ".$ENV{'form.filename'}); |
&Debug($r, " filename: ".$ENV{'form.filename'}); |
|
Line 1174 sub handler {
|
Line 1199 sub handler {
|
| } elsif($ENV{'QUERY_STRING'} && $ENV{'form.phase'} ne 'two') { |
} elsif($ENV{'QUERY_STRING'} && $ENV{'form.phase'} ne 'two') { |
| #Just hijack the script only the first time around to inject the |
#Just hijack the script only the first time around to inject the |
| #correct information for further processing |
#correct information for further processing |
| &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['decompress']); |
|
| $fn=&Apache::lonnet::unescape($ENV{'form.decompress'}); |
$fn=&Apache::lonnet::unescape($ENV{'form.decompress'}); |
| $fn=&URLToPath($fn); |
$fn=&URLToPath($fn); |
| $ENV{'form.action'}="decompress"; |
$ENV{'form.action'}="decompress"; |
![[BACK]](/icons/back.gif){kind=icon}
Return to loncfile.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / publisher