--- loncom/publisher/loncfile.pm	2009/04/04 21:45:57	1.95
+++ loncom/publisher/loncfile.pm	2009/04/13 21:29:26	1.96
@@ -9,7 +9,7 @@
 #  and displays a page showing the results of the action.
 #
 #
-# $Id: loncfile.pm,v 1.95 2009/04/04 21:45:57 bisitz Exp $
+# $Id: loncfile.pm,v 1.96 2009/04/13 21:29:26 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -783,23 +783,10 @@ button which returns you to the driector
 
 sub NewFile1 {
     my ($request, $user, $domain, $fn, $newfilename) = @_;
+    return if (&filename_check($newfilename) ne 'ok');
 
     if ($env{'form.action'} =~ /new(.+)file/) {
 	my $extension=$1;
-
-        ##Informs User (name).(number).(extension) not allowed 
-	if($newfilename =~ /\.(\d+)\.(\w+)$/){
-	    $r->print('<span class="LC_error">'.$newfilename.
-		      ' - '.&mt('Bad Filename').'<br />('.&mt('name').').('.&mt('number').').('.&mt('extension').') '.
-		      ' '.&mt('Not Allowed').'</span>');
-	    return;
-	}
-	if($newfilename =~ /(\:\:\:|\&\&\&|\_\_\_)/){
-	    $r->print('<span class="LC_error">'.$newfilename.
-		      ' - '.&mt('Bad Filename').'<br />('.&mt('Must not include').' '.$1.') '.
-		      ' '.&mt('Not Allowed').'</span>');
-	    return;
-	}
 	if ($newfilename !~ /\Q.$extension\E$/) {
 	    if ($newfilename =~ m|/[^/.]*\.(?:[^/.]+)$|) {
 		#already has an extension strip it and add in expected one
@@ -813,14 +800,57 @@ sub NewFile1 {
     if ($type eq 'error') {
 	$request->print('</form>');
     } else {
-	
+        my $extension;
+
+        if ($newfilename =~ m{[^/.]+\.([^/.]+)$}) {
+            $extension = $1;
+        }
+
+        my @okexts = qw(xml html xhtml htm xhtm problem page sequence rights sty library js css txt);
+        if (($extension eq '') || (!grep(/^\Q$extension\E/,@okexts))) {
+            my $validexts = '.'.join(', .',@okexts);
+            $request->print('<p class="LC_warning">'.
+                &mt('Invalid filename: ').&display($newfilename).'</p><p>'.
+                &mt('The name of the new file needs to end with an appropriate file extension to indicate the type of file to create.').'<br />'.
+                &mt('The following are valid extensions: [_1].',$validexts).
+                '</p></form><p>'.
+		'<form name="fileaction" action="/adm/cfile" method="post">'.
+                '<input type="hidden" name="qualifiedfilename" value="'.$fn.'" />'.
+		'<input type="hidden" name="action" value="newfile" />'.
+	        '<span class ="LC_nobreak">'.&mt('Enter a file name: ').'<input type="text" name="newfilename" value="Type Name Here" onfocus="if (this.value == '."'Type Name Here') this.value=''".'" />&nbsp;<input type="submit" value="Go" />'.
+                '</span></form></p>'.
+                '<p><form action="'.&url($fn).
+                '" method="POST"><p><input type="submit" value="'.&mt('Cancel').'" /></form></p>');
+            return;
+        }
+
 	$request->print('<p>'.&mt('Make new file').' '.&display($newfilename).'?</p>');
 	$request->print('</form>');
+
 	$request->print('<form action="'.&url($newfilename).
 			'" method="POST"><p><input type="submit" value="'.&mt('Continue').'" /></p></form>');
 	$request->print('<form action="'.&url($fn).
 			'" method="POST"><p><input type="submit" value="'.&mt('Cancel').'" /></p></form>');
     }
+    return;
+}
+
+sub filename_check {
+    my ($newfilename) = @_;
+    ##Informs User (name).(number).(extension) not allowed
+    if($newfilename =~ /\.(\d+)\.(\w+)$/){
+        $r->print('<span class="LC_error">'.$newfilename.
+                  ' - '.&mt('Bad Filename').'<br />('.&mt('name').').('.&mt('number').').('.&mt('extension').') '.
+                  ' '.&mt('Not Allowed').'</span>');
+        return;
+    }
+    if($newfilename =~ /(\:\:\:|\&\&\&|\_\_\_)/){
+        $r->print('<span class="LC_error">'.$newfilename.
+                  ' - '.&mt('Bad Filename').'<br />('.&mt('Must not include').' '.$1.') '.
+                  ' '.&mt('Not Allowed').'</span>');
+        return;
+    }
+    return 'ok'; 
 }
 
 =pod