--- loncom/publisher/loncfile.pm 2002/09/02 20:06:57 1.17 +++ loncom/publisher/loncfile.pm 2003/06/19 21:04:37 1.32 @@ -7,10 +7,9 @@ # presents a page that describes the proposed action to the user # and requests confirmation. The second phase commits the action # and displays a page showing the results of the action. -# - # -# $Id: loncfile.pm,v 1.17 2002/09/02 20:06:57 harris41 Exp $ +# +# $Id: loncfile.pm,v 1.32 2003/06/19 21:04:37 albertel Exp $ # # Copyright Michigan State University Board of Trustees # @@ -88,6 +87,7 @@ use strict; use Apache::File; use File::Basename; use File::Copy; +use HTML::Entities(); use Apache::Constants qw(:common :http :methods); use Apache::loncacc; use Apache::Log (); @@ -127,7 +127,7 @@ sub Debug { my $log = $r->log; my $message = shift; - # Put out the indicated message butonly if DEBUG is false. + # Put out the indicated message butonly if DEBUG is true. if ($DEBUG) { $log->debug($message); @@ -322,20 +322,24 @@ sub exists { my ($user, $domain, $dir, $file) = @_; # Create complete paths in publication and construction space. - - my $published = &PublicationPath($domain, $user, $dir, $file); - my $construct = &ConstructionPath($user, $dir, $file); + my $relativedir=$dir; + $relativedir=s|/home/\Q$user\E/public_html||; + my $published = &PublicationPath($domain, $user, $relativedir, $file); + my $construct = &ConstructionPath($user, $relativedir, $file); # If the resource exists in either space indicate this fact. # Note that the check for existence in resource space is stricter. my $result; + if ( -d $construct ) { + return 'Error: destination for operation is a directory.'; + } if ( -e $published) { - $result.='

Warning: target file exists, and has been published!

'; + $result.='

Warning: target file exists, and has been published!

'; } elsif ( -e $construct) { - $result.='

Warning: target file exists!

'; - } + $result.='

Warning: target file exists!

'; + } return $result; @@ -379,10 +383,21 @@ sub checksuffix { if ($old=~m:(.*)/+([^/]+)\.(\w+)$:) { $oldsuffix=$3; } if ($oldsuffix ne $newsuffix) { $result.= - '

Warning: change of MIME type!

'; + '

Warning: change of MIME type!

'; } return $result; } + +sub cleanDest { + my ($request,$dest)=@_; + #remove bad characters + if ($dest=~/[\#\?&]/) { + $request->print("

Invalid characters in requested name have been removed.

"); + $dest=~s/[\#\?&]//g; + } + return $dest; +} + =pod =item CloseForm1($request, $user, $file) @@ -406,9 +421,9 @@ sub CloseForm1 { &Debug($request, "Cancel url is: ".$cancelurl); - $request->print('

'); + $request->print('

'); $request->print('

'); + '" method="POST">

'); } @@ -440,7 +455,7 @@ Parameters: sub CloseForm2 { my ($request, $user, $directory) = @_; - $request->print('

Done

'); + $request->print('

Done

'); } =pod @@ -490,12 +505,31 @@ sub Rename1 { if(-e $conspace) { if($ENV{'form.newfilename'}) { my $newfilename = $ENV{'form.newfilename'}; + if ($newfilename =~ m|/[^\.]+$|) { + #no extension add on orignal extension + if ($filename =~ m|/[^\.]*\.([^\.]+)$|) { + $newfilename.='.'.$1; + } + } $request->print(&checksuffix($filename, $newfilename)); - $request->print(&exists($user, $domain, $dir, $newfilename)); - $request->print('Cancel'); + return; + } + my $dest=&SimplifyDir($dir,$newfilename); + $request->print('

Rename '.$filename.' to '. - $dir.'/'.$newfilename.'?

'); + '" />

Rename '.$filename. + '
to '. + $dest.'?

'); &CloseForm1($request, $cancelurl); } else { $request->print('

No new filename specified

'); @@ -540,8 +574,8 @@ sub Delete1 { if( -e $filename) { - $request->print(''); + $request->print(''); $request->print('

Delete '.$filename.'?

'); &CloseForm1($request, $cancelurl); } else { @@ -586,14 +620,19 @@ sub Copy1 { $cancelurl =~ s/\/public_html//; - if(-e $filename) { $request->print(&checksuffix($filename,$newfilename)); - $request->print(&exists($user, $domain, $dir, $newfilename)); - $request->print('Cancel'); + return; + } + my $dest=&SimplifyDir($dir,$newfilename); + $request->print('

Copy '.$filename.' to'. - ''.$dir.'/'.$newfilename.'/?

'); + '" />

Copy '.$filename.'
to '. + ''.$dest.'?

'); &CloseForm1($request, $cancelurl); } else { $request->print('

No such file '.$filename.'

'); @@ -602,6 +641,34 @@ sub Copy1 { =pod +=item SimplifyDir + + Removes all extra / and all .. references + +Parameters: + +=over 4 + +=item $dir - string [in] a directory name + +=item $file - string [in] a file reference relative to $dir + +=back + +Results: the concatenated path. + +=cut + +sub SimplifyDir { + my ($dir,$file) = @_; + my $location = $dir. '/'.$file; + $location=~s://+:/:g; # remove duplicate / + while ($location=~m:/\.\./:) {$location=~s:/[^/]+/\.\./:/:g;}#remove dir/.. + return $location; +} + +=pod + =item NewDir1 Does all phase 1 processing of directory creation: @@ -652,8 +719,8 @@ sub NewDir1 $request->print('

Directory exists.

'); } else { - $request->print('

Make new directory '. + $request->print('

Make new directory '. $path."/".$newdir.'?

'); &CloseForm1($request, $cancelurl); @@ -662,6 +729,88 @@ sub NewDir1 =pod +=item NewFile1 + + Does all phase 1 processing of file creation: + Ensures that the user provides a new filename, adds proper extension + if needed and that the file does not already exist, if it is a html, + problem, page, or sequence, it then creates a form link to hand the + actual creation off to the proper handler. + +Parameters: + +=over 4 + +=item $request - Apache Request Object [in] - Server request object for the + current url. + +=item $username - Name of the user that is requesting the directory creation. + +=item $domain - Name of the domain of the user + +=item $dir - current absolute diretory + +=item $newfilename + - Name of the file to be created; no path information +=back + +Side Effects: + +=over 4 + +=item 2 new forms are displayed. Clicking on the confirmation button +causes the browser to attempt to load the specfied URL, allowing the +proper handler to take care of file creation. There is also a Cancle +button which returns you to the driectory listing you came from + +=back + +=cut + + +sub NewFile1 { + my ($request, $user, $domain, $dir, $newfilename) = @_; + + &Debug($request, "Dir is : ".$dir); + &Debug($request, "Newfile is : ".$newfilename); + + my $cancelurl = "/priv/".$dir; + $cancelurl =~ s/\/home\///; + $cancelurl =~ s/\/public_html//; + + if ($ENV{'form.action'} =~ /new(.+)file/) { + my $extension=$1; + if ($newfilename !~ /\Q.$extension\E$/) { + if ($newfilename =~ m|^[^\.]*\.([^\.]+)$|) { + #already has an extension strip it and add in expected one + $newfilename =~ s|.([^\.]+)$||; + } + $newfilename.=".$extension"; + } + } + + my $fullpath = $dir.'/'.$newfilename; + + &Debug($request, "Full path is : ".$fullpath); + + if(-e $fullpath) { + $request->print('

File exists.

'); + } + else { + $request->print('

Make new file '.$dir.'/'.$newfilename.'?

'); + my $dest=&MakeFinalUrl($request,$fullpath); + &Debug($request, "Cancel url is: ".$cancelurl); + &Debug($request, "Dest url is: ".$dest); + $request->print(''); + $request->print('

'); + $request->print('

'); + } +} + +=pod + =item phaseone($r, $fn, $uname, $udom) Peforms phase one processing of the request. In phase one, error messages @@ -698,16 +847,19 @@ sub phaseone { # my $conspace=ConstructionPathFromRelative($uname, $fn); - - $r->print('
'. - ''. - ''. - ''); + $ENV{'form.newfilename'}=&cleanDest($r,$ENV{'form.newfilename'}); + + $r->print(''. + ''. + ''. + ''); if ($ENV{'form.action'} eq 'rename') { - - &Rename1($r, $fn, $uname, $udom, $dir); - + if (!defined($dir)) { + $fn=~m:(.*)/:; + $dir=$1; + } + &Rename1($r, $fn, $uname, $udom, $dir); } elsif ($ENV{'form.action'} eq 'delete') { &Delete1($r, $uname, $fn); @@ -721,8 +873,23 @@ sub phaseone { } } elsif ($ENV{'form.action'} eq 'newdir') { &NewDir1($r, $uname, $dir, $ENV{'form.newfilename'}); + } elsif ($ENV{'form.action'} eq 'newfile' || + $ENV{'form.action'} eq 'newhtmlfile' || + $ENV{'form.action'} eq 'newproblemfile' || + $ENV{'form.action'} eq 'newpagefile' || + $ENV{'form.action'} eq 'newsequencefile' || + $ENV{'form.action'} eq 'Select Action') { + if($ENV{'form.newfilename'}) { + my $newfilename = $ENV{'form.newfilename'}; + if (!defined($dir)) { + $fn=~m:(.*)/:; + $dir=$1; + } + &NewFile1($r, $uname, $udom, $dir, $newfilename); + } else { + $r->print('

No new filename specified.

'); + } } - } =pod @@ -769,9 +936,20 @@ sub Rename2 { $newfile); if(-e $oldfile) { - unless(rename($oldfile, - $directory.'/'.$newfile)) { - $request->print('Error: '.$!.''); + my $dest; + + if ($oldfile =~ m|/$|) { + #renaming a dir + $oldfile =~ s|/$||; + $dest=$directory; + $dest=~s|(/)([^/]*)$|$1|; + $dest.='/'.$newfile; + } else { + $dest=$directory.'/'.$newfile; + } + + unless(rename($oldfile,$dest)) { + $request->print('Error: '.$!.''); return 0; } else {} } else { @@ -815,11 +993,11 @@ sub Delete2 { if(-e $filename) { unless(unlink($filename)) { - $request->print('Error: '.$!.''); + $request->print('Error: '.$!.''); return 0; } } else { - $request->print('

No such file. print('

No such file.

print(' copy Error: '.$!.''); + $request->print(' copy Error: '.$!.''); return 0; } else { unless (chmod(0660, $newfile)) { - $request->print(' chmod error: '.$!.''); + $request->print(' chmod error: '.$!.''); return 0; } return 1; @@ -899,11 +1077,11 @@ sub NewDir2 { my ($request, $user, $newdirectory) = @_; unless(mkdir($newdirectory, 02770)) { - $request->print('Error: '.$!.''); + $request->print('Error: '.$!.''); return 0; } unless(chmod(02770, ($newdirectory))) { - $request->print(' Error: '.$!.''); + $request->print(' Error: '.$!.''); return 0; } return 1; @@ -948,11 +1126,16 @@ sub phasetwo { # Break down the file into it's component pieces. - $fn=~/(.*)\/([^\/]+)\.(\w+)$/; - my $dir=$1; # Directory path - my $main=$2; # Filename. - my $suffix=$3; # Extension. - + my $dir; # Directory path + my $main; # Filename. + my $suffix; # Extension. + + if ($fn=~m:(.*)/([^/]+)\.(\w+)$:) { + $dir=$1; # Directory path + $main=$2; # Filename. + $suffix=$3; # Extension. + } + my $dest; # On success this is where we'll go. &Debug($r, @@ -972,12 +1155,19 @@ sub phasetwo { if ($ENV{'form.action'} eq 'rename') { # Rename. if($ENV{'form.newfilename'}) { + if (!defined($dir)) { + $fn=~m:^(.*)/:; + $dir=$1; + } if(!&Rename2($r, $uname, $dir, $fn, $ENV{'form.newfilename'})) { return; } # Prepend the directory to the new name to form the basis of the # url of the new resource. # + #renaming a dir + #remove last element for current dir + if ($fn =~ m|/$|) { $dir =~ s|/[^/]*$||; } $dest = $dir."/".$ENV{'form.newfilename'}; } } elsif ($ENV{'form.action'} eq 'delete') { @@ -987,7 +1177,7 @@ sub phasetwo { # Once a resource is deleted, we just list the directory that # previously held it. # - $dest = $dir."/"; # Parent dir. + $dest = $dir."/."; # Parent dir. } elsif ($ENV{'form.action'} eq 'copy') { if($ENV{'form.newfilename'}) { if(!&Copy2($r, $uname, $dir, $fn, $ENV{'form.newfilename'})) { @@ -996,7 +1186,7 @@ sub phasetwo { $dest = $ENV{'form.newfilename'}; } else { - $r->print('

No New filename specified'); + $r->print('

No New filename specified

'); return; } @@ -1015,18 +1205,24 @@ sub phasetwo { # Substitute for priv for the first home in $dir to get our # construction space path. # + $dest=&MakeFinalUrl($r,$dest); + + $r->print('

Done

'); +} + +sub MakeFinalUrl { + my($r,$dest)=@_; &Debug($r, "Final url is: $dest"); - $dest =~ s/\/home\//\/priv\//; - $dest =~ s/\/public_html//; - - my $base = &Apache::lonnet::escape(&File::Basename::basename($dest)); - my $dpath= &File::Basename::dirname($dest); - $dest = $dpath.'/'.$base; + $dest =~ s|/home/|/priv/|; + $dest =~ s|/public_html||; + my $base = &File::Basename::basename($dest); + my $dpath= &File::Basename::dirname($dest); + if ($base eq '.') { $base=''; } + $dest = &HTML::Entities::encode($dpath.'/'.$base); &Debug($r, "Final url after rewrite: $dest"); - - $r->print('

Done

'); + return $dest; } sub handler { @@ -1041,7 +1237,7 @@ sub handler { my $fn; if ($ENV{'form.filename'}) { - $fn=$ENV{'form.filename'}; + $fn=&Apache::lonnet::unescape($ENV{'form.filename'}); &Debug($r, "loncfile::handler - raw url: $fn"); # $fn=~s/^http\:\/\/[^\/]+\/\~(\w+)/\/home\/$1\/public_html/; # $fn=~s/^http\:\/\/[^\/]+//; @@ -1087,13 +1283,13 @@ sub handler { $r->print('LON-CAPA Construction Space'); $r->print( - ''); + ''); $r->print('

Construction Space '.$fn.'

'); if (($uname ne $ENV{'user.name'}) || ($udom ne $ENV{'user.domain'})) { - $r->print('

Co-Author: '.$uname.' at '.$udom. + $r->print('

Co-Author: '.$uname.' at '.$udom. '

'); } @@ -1108,8 +1304,15 @@ sub handler { $r->print('

New Directory

'); } elsif ($ENV{'form.action'} eq 'copy') { $r->print('

Copy

'); + } elsif ($ENV{'form.action'} eq 'newfile' || + $ENV{'form.action'} eq 'newhtmlfile' || + $ENV{'form.action'} eq 'newproblemfile' || + $ENV{'form.action'} eq 'newpagefile' || + $ENV{'form.action'} eq 'newsequencefile' || + $ENV{'form.action'} eq 'Select Action' ) { + $r->print('

New Resource

'); } else { - $r->print('

Unknown Action'); + $r->print('

Unknown Action '.$ENV{'form.action'}.'

'); return OK; } if ($ENV{'form.phase'} eq 'two') {