--- loncom/publisher/loncfile.pm 2008/03/12 02:46:38 1.88 +++ loncom/publisher/loncfile.pm 2016/05/22 01:09:54 1.124 @@ -9,7 +9,7 @@ # and displays a page showing the results of the action. # # -# $Id: loncfile.pm,v 1.88 2008/03/12 02:46:38 raeburn Exp $ +# $Id: loncfile.pm,v 1.124 2016/05/22 01:09:54 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -37,7 +37,7 @@ =head1 NAME -Apache::loncfile - Construction space file management. +Apache::loncfile - Authoring space file management. =head1 SYNOPSIS @@ -68,7 +68,6 @@ use File::Basename; use File::Copy; use HTML::Entities(); use Apache::Constants qw(:common :http :methods); -use Apache::loncacc; use Apache::lonnet; use Apache::loncommon(); use Apache::lonlocal; @@ -102,13 +101,25 @@ my $r; # Needs to be global for some =cut sub Debug { - # Put out the indicated message butonly if DEBUG is true. + # Put out the indicated message but only if DEBUG is true. if ($DEBUG) { my ($r,$message) = @_; $r->log_reason($message); } } +sub done { + my ($url) = @_; + return + '
'
+ .&Apache::lonhtmlcommon::confirm_success(&mt("Done"))
+ .'
'.&mt("Continue").''
+ .''
+ .'
'.&mt('Error: destination for operation is an existing directory.').'
'); + return ('error',''.&mt('Error: destination for operation is an existing directory.').'
'); } if ( -e $published) { if ( -e $construct ) { $type = 'warning'; - $result.=''.&mt('Warning: target file exists, and has been published!').'
'; + $result.=''.&mt('Warning: target file exists, and has been published!').'
'; } else { my $published_type = (-d $published) ? 'directory' : 'file'; if ($published_type eq $creating) { $type = 'warning'; - $result.=''.&mt("Warning: a published $published_type of this name exists.").'
'; + $result.=''.&mt("Warning: a published $published_type of this name exists.").'
'; } else { $type = 'error'; - $result.=''.&mt("Error: a published $published_type of this name exists.").'
'; + $result.=''.&mt("Error: a published $published_type of this name exists.").'
'; } } } elsif ( -e $construct) { $type = 'warning'; - $result.=''.&mt('Warning: target file exists!').'
'; + $result.=''.&mt('Warning: target file exists!').'
'; } return ($type,$result); @@ -328,15 +344,16 @@ sub checksuffix { if ($old=~m:(.*)/+([^/]+)\.(\w+)$:) { $oldsuffix=$3; } if (lc($oldsuffix) ne lc($newsuffix)) { $result.= - ''.&mt('Warning: change of MIME type!').'
'; + ''.&mt('Warning: change of MIME type!').'>
'; } return $result; } sub cleanDest { - my ($request,$dest,$subdir,$fn,$uname)=@_; + my ($request,$dest,$subdir,$fn,$uname,$udom)=@_; #remove bad characters my $foundbad=0; + my $error=''; if ($subdir && $dest =~/\./) { $foundbad=1; $dest=~s/\.//g; @@ -348,39 +365,56 @@ sub cleanDest { } if ($dest=~m|/|) { my ($newpath)=($dest=~m|(.*)/|); - $newpath=&relativeDest($fn,$newpath,$uname); + ($newpath,$error)=&relativeDest($fn,$newpath,$uname,$udom); if (! -d "$newpath") { - $request->print("".&mt('You have requested to create file in directory [_1] which doesn\'t exist. The requested directory path has been removed from the requested file name.','"'.&display($newpath).'"')."
"); + $request->print('' + .&mt("You have requested to create file in directory [_1] which doesn't exist. The requested directory path has been removed from the requested filename." + ,&display($newpath)) + .'
'); $dest=~s|.*/||; } } if ($dest =~ /\.(\d+)\.(\w+)$/){ - $request->print('' - .&mt('Bad filename [_1].'
+ .&mt('Bad filename [_1]',&display($dest))
+ .'
'
+ .&mt('[_1](name).(number).(extension)[_2] not allowed.','','')
+ .'
'
+ .&mt('Removing the [_1].number.[_2] from requested filename.','','')
+ .'
".&mt('Invalid characters in requested name have been removed.')."
"); + $request->print('' + .&mt('Invalid characters in requested name have been removed.') + .'
' + ); } - return $dest; + return ($dest,$error); } sub relativeDest { - my ($fn,$newfilename,$uname)=@_; + my ($fn,$newfilename,$uname,$udom)=@_; + my $error = ''; if ($newfilename=~/^\//) { # absolute, simply add path - $newfilename='/home/'.$uname.'/public_html/'; + my $londocroot = $Apache::lonnet::perlvar{'lonDocRoot'}; + $newfilename="$londocroot/res/$udom/$uname/"; } else { my $dir=$fn; - $dir=~s/\/[^\/]+$//; + $dir=~s{/[^/]+$}{}; $newfilename=$dir.'/'.$newfilename; } - $newfilename=~s://+:/:g; # remove duplicate / - while ($newfilename=~m:/\.\./:) { - $newfilename=~ s:/[^/]+/\.\./:/:g; #remove dir/.. + $newfilename=~s{//+}{/}g; # remove duplicate / + while ($newfilename=~m{/\.\./}) { + $newfilename=~ s{/[^/]+/\.\./}{/}g; #remove dir/.. + } + my ($authorname,$authordom)=&Apache::lonnet::constructaccess($newfilename); + unless (($authorname) && ($authordom)) { + my $otherdir = &display($newfilename); + $error = &mt('Access denied to [_1]',$otherdir); } - return $newfilename; + return ($newfilename,$error); } =pod @@ -403,9 +437,9 @@ Parameters: sub CloseForm1 { my ($request, $fn) = @_; - $request->print(''); - $request->print(''); + $request->print(''); + $request->print(' '); } @@ -435,7 +469,7 @@ Parameters: sub CloseForm2 { my ($request, $user, $fn) = @_; - $request->print(''.
+ &mt('Cannot change MIME type of a directory.').
''.
- '
'.&mt('Cancel').'');
+ '
'.&mt('Cancel').'
'
+ .&mt('Cannot rename or move non-obsolete published file.')
+ .'
'
+ .''.&mt('Cancel').'
'.$action.' '.&display($fn). - '
' + .&mt($action.' [_1] to [_2]?', + &display($fn), + &display($newfilename)) + .'
' + ); &CloseForm1($request, $fn); } else { - $request->print(''.&mt('No new filename specified.').'
'); + $request->print(''.&mt('No new filename specified.').'
'); return; } } else { - $request->print(''.&mt('No such file').': '.&display($fn).'
'); + $request->print('' + .&mt('No such file: [_1]', + &display($fn)) + .'
' + ); return; } @@ -570,25 +615,41 @@ sub Delete1 { if( -e $fn) { $request->print(''); + $fn.'" />'); if (-d $fn) { unless (&empty_directory($fn,'Delete1')) { - $request->print(''
+ .''
+ .&mt('Only empty directories may be deleted.')
+ .'
'
+ .&mt('You must delete the contents of the directory first.')
+ .'
'
+ .&mt('Cannot delete non-obsolete published file.')
+ .'
'
+ .''.&mt('Cancel').'
'.&mt('Delete').' '.&display($fn).'?
'); + $request->print('' + .&mt('Delete [_1]?', + &display($fn)) + .'
' + ); &CloseForm1($request, $fn); } else { - $request->print(''.&mt('No such file').': '.&display($fn).'
'); + $request->print('' + .&mt('No such file: [_1]', + &display($fn)) + .'
' + ); } } @@ -639,16 +700,36 @@ sub Copy1 { my ($type,$return)=&exists($user, $domain, $newfilename); $request->print($return); if ($type eq 'error') { - $request->print(''.&mt('Copy').' '.&display($fn).'
to '.
- &display($newfilename).'?
' + .&mt('Copy [_1] to [_2]?', + &display($fn), + &display($newfilename)) + .'
' + ); &CloseForm1($request, $fn); } else { - $request->print(''.&mt('No such file').': '.&display($fn).'
'); + $request->print('' + .&mt('No such file: [_1]', + &display($fn)) + .'
' + ); } } @@ -699,14 +780,17 @@ sub NewDir1 { if ($type eq 'error') { $request->print(''); } else { - if ($mode eq 'testbank') { - $request->print(''); - } elsif ($mode eq 'imsimport') { - $request->print(''); - } - $request->print(''.&mt('Make new directory').' '. - &display($newfilename).'?
'); + if (($mode eq 'testbank') || ($mode eq 'imsimport')) { + $request->print(''."\n". + ''); + } + $request->print('' + .'' + .&mt('Make new directory [_1]?', + &display($newfilename)) + .'
' + ); &CloseForm1($request, $fn); } } @@ -715,11 +799,19 @@ sub NewDir1 { sub Decompress1 { my ($request, $user, $domain, $fn) = @_; if( -e $fn) { - $request->print(''); - $request->print(''.&mt('Decompress').' '.&display($fn).'?
'); + $request->print(''); + $request->print('' + .&mt('Decompress [_1]?', + &display($fn)) + .'
' + ); &CloseForm1($request, $fn); } else { - $request->print(''.&mt('No such file').': '.&display($fn).'
'); + $request->print('' + .&mt('No such file: [_1]', + &display($fn)) + .'
' + ); } } @@ -744,7 +836,7 @@ Parameters: =item $domain - Name of the domain of the user -=item $fn - Source file name +=item $fn - Source filename =item $newfilename - Name of the file to be created; no path information @@ -757,7 +849,7 @@ Side Effects: =item 2 new forms are displayed. Clicking on the confirmation button causes the browser to attempt to load the specfied URL, allowing the proper handler to take care of file creation. There is also a Cancel -button which returns you to the driectory listing you came from +button which returns you to the directory listing you came from =back @@ -765,23 +857,10 @@ button which returns you to the driector sub NewFile1 { my ($request, $user, $domain, $fn, $newfilename) = @_; + return if (&filename_check($newfilename) ne 'ok'); if ($env{'form.action'} =~ /new(.+)file/) { my $extension=$1; - - ##Informs User (name).(number).(extension) not allowed - if($newfilename =~ /\.(\d+)\.(\w+)$/){ - $r->print(''.$newfilename. - ' - '.&mt('Bad Filename').''.&mt('Make new file').' '.&display($newfilename).'?
'); - $request->print(''); - $request->print(''); - $request->print(''); + my $extension; + + if ($newfilename =~ m{[^/.]+\.([^/.]+)$}) { + $extension = $1; + } + + my @okexts = qw(xml html xhtml htm xhtm problem page sequence rights sty task library js css txt); + if (($extension eq '') || (!grep(/^\Q$extension\E/,@okexts))) { + my $validexts = '.'.join(', .',@okexts); + $request->print(''. + &mt('Invalid filename: ').&display($newfilename).'
'.
+ &mt('The name of the new file needs to end with an appropriate file extension to indicate the type of file to create.').'
'.
+ &mt('The following are valid extensions: [_1].',$validexts).
+ '
'. + '
'. + ''); + } elsif ($type ne 'warning') { + my $query = ""; + $query .= "?mode=" . $env{'form.mode'} unless (!exists($env{'form.mode'}) || !length($env{'form.mode'})); + $request->print(' + '); + } else { + $request->print(''.&mt('Make new file').' '.&display($newfilename).'?
'); + $request->print(''); + $request->print(''); + $request->print(''); + } + } + return; +} + +sub filename_check { + my ($newfilename) = @_; + ##Informs User (name).(number).(extension) not allowed + if($newfilename =~ /\.(\d+)\.(\w+)$/){ + $r->print(''.$newfilename. + ' - '.&mt('Bad Filename').''.&mt('Return to Directory'). + '
'); + return; + } $r->print(''); + $r->print('' + .&mt('No new filename specified.') + .'
' + ); } } elsif ($env{'form.action'} eq 'newdir') { my $mode = ''; @@ -879,7 +1024,10 @@ sub phaseone { if (($newfilename!~/\/$/) && ($newfilename!~/$empty$/)) { &NewFile1($r, $uname, $udom, $fn, $newfilename); } else { - $r->print(''.&mt('No new filename specified.').'
'); + $r->print('' + .&mt('No new filename specified.') + .'
' + ); } } } @@ -966,7 +1114,12 @@ sub Rename2 { unlink $tmp2; } } else { - $request->print("".&mt('No such file').": ".&display($oldfile).'
'); + $request->print( + '' + .&mt('No such file: [_1]', + &display($oldfile)) + .'
' + ); return 0; } return 1; @@ -1014,7 +1167,7 @@ sub Delete2 { return 0; } } else { - $request->print(''.&mt('No such file').'.
'); + $request->print(''.&mt('No such file').'
'); return 0; } } @@ -1025,7 +1178,7 @@ sub Delete2 { return 0; } } else { - $request->print(''.&mt('No such file').'.
'); + $request->print(''.&mt('No such file').'
'); return 0; } } @@ -1084,7 +1237,7 @@ sub Copy2 { return 1; } } else { - $request->print(''.&mt('No such file').'
'); + $request->print(''.&mt('No such file').'
'); return 0; } return 1; @@ -1238,7 +1391,7 @@ sub phasetwo { } $dest = $env{'form.newfilename'}; } else { - $r->print(''.&mt('No New filename specified').'
'); + $r->print(''.&mt('No New filename specified').'
'); return; } @@ -1250,13 +1403,21 @@ sub phasetwo { $dest = $newdir."/"; } if ( ($env{'form.action'} eq 'newdir') && ($env{'form.phase'} eq 'two') && ( ($env{'form.callingmode'} eq 'testbank') || ($env{'form.callingmode'} eq 'imsimport') ) ) { - $r->print(''
+ .&Apache::lonhtmlcommon::confirm_success(&mt('Done'))
+ .'
'.&mt('Continue').''
+ .'
'.&Apache::lonhtmlcommon::confirm_success(&mt('Done')).'
' + .&Apache::lonhtmlcommon::actionbox( + [''.&mt('Return to Directory').'', + ''.$disp_newname.''])); } else { - $r->print(''.&mt('Location').': '.&display($fn).'
'); if (($uname ne $env{'user.name'}) || ($udom ne $env{'user.domain'})) { - $r->print('' + .&mt('Co-Author [_1]',$uname.':'.$udom) + .'
' + ); } &Debug($r, "loncfile::handler Form action is $env{'form.action'} "); - if ($env{'form.action'} eq 'delete') { - $r->print(''.&mt('Unknown Action').' '.$env{'form.action'}.'
'. - &Apache::loncommon::end_page()); - return OK; + $r->print('' + .&mt('Unknown Action: [_1]',$env{'form.action'}) + .'
' + .&Apache::loncommon::end_page() + ); + return OK; } + if ($env{'form.phase'} eq 'two') { &Debug($r, "loncfile::handler entering phase2"); &phasetwo($r,$fn,$uname,$udom);