Diff for /loncom/publisher/lonupload.pm between versions 1.25 and 1.29

version 1.25, 2004/02/17 15:23:53 version 1.29, 2005/04/07 06:56:27
Line 41  use Apache::Log(); Line 41  use Apache::Log();
 use Apache::lonnet;  use Apache::lonnet;
 use HTML::Entities();  use HTML::Entities();
 use Apache::lonlocal;  use Apache::lonlocal;
   use Apache::lonnet;
   
 my $DEBUG=0;  my $DEBUG=0;
   
Line 62  sub Debug { Line 63  sub Debug {
 sub upfile_store {  sub upfile_store {
     my $r=shift;      my $r=shift;
   
     my $fname=$ENV{'form.upfile.filename'};      my $fname=$env{'form.upfile.filename'};
     $fname=~s/\W//g;      $fname=~s/\W//g;
           
     chomp($ENV{'form.upfile'});      chomp($env{'form.upfile'});
       
     my $datatoken=$ENV{'user.name'}.'_'.$ENV{'user.domain'}.      my $datatoken=$env{'user.name'}.'_'.$env{'user.domain'}.
   '_upload_'.$fname.'_'.time.'_'.$$;    '_upload_'.$fname.'_'.time.'_'.$$;
     {      {
        my $fh=Apache::File->new('>'.$r->dir_config('lonDaemons').         my $fh=Apache::File->new('>'.$r->dir_config('lonDaemons').
                                    '/tmp/'.$datatoken.'.tmp');                                     '/tmp/'.$datatoken.'.tmp');
        print $fh $ENV{'form.upfile'};         print $fh $env{'form.upfile'};
     }      }
     return $datatoken;      return $datatoken;
 }  }
Line 86  sub phaseone { Line 87  sub phaseone {
     } elsif ($mode eq 'imsimport') {      } elsif ($mode eq 'imsimport') {
         $action = '/adm/imsimport';          $action = '/adm/imsimport';
     }      }
     $ENV{'form.upfile.filename'}=~s/\\/\//g;      $env{'form.upfile.filename'}=~s/\\/\//g;
     $ENV{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/;      $env{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/;
     if ($ENV{'form.upfile.filename'}) {      if ($env{'form.upfile.filename'}) {
  $fn=~s/\/[^\/]+$//;   $fn=~s/\/[^\/]+$//;
  $fn=~s/([^\/])$/$1\//;   $fn=~s/([^\/])$/$1\//;
  $fn.=$ENV{'form.upfile.filename'};   $fn.=$env{'form.upfile.filename'};
  $fn=~s/^\///;   $fn=~s/^\///;
  $fn=~s/(\/)+/\//g;   $fn=~s/(\/)+/\//g;
   
Line 100  sub phaseone { Line 101  sub phaseone {
   
  &Debug($r, "Filename for upload: $fn");   &Debug($r, "Filename for upload: $fn");
  if (($fn) && ($fn!~/\/$/)) {   if (($fn) && ($fn!~/\/$/)) {
     $r->print('<form action="'.$action.'" method="post">'.      $r->print('<form action="'.$action.'" method="post" name="fileupload">'.
       '<input type="hidden" name="phase" value="two" />'.        '<input type="hidden" name="phase" value="two" />'.
       '<input type="hidden" name="datatoken" value="'.        '<input type="hidden" name="datatoken" value="'.
       &upfile_store.'" />'.        &upfile_store.'" />'.
Line 165  sub phasetwo { Line 166  sub phasetwo {
 #     target is the full filesystem path of the destination file.  #     target is the full filesystem path of the destination file.
  my $base = &File::Basename::basename($fn);   my $base = &File::Basename::basename($fn);
  my $path = &File::Basename::dirname($fn);   my $path = &File::Basename::dirname($fn);
  $base    = &HTML::Entities::encode($base);   $base    = &HTML::Entities::encode($base,'<>&"');
  my $url  = $path."/".$base;    my $url  = $path."/".$base; 
  &Debug($r, "URL is now ".$url);   &Debug($r, "URL is now ".$url);
  my $datatoken=$ENV{'form.datatoken'};   my $datatoken=$env{'form.datatoken'};
  if (($fn) && ($datatoken)) {   if (($fn) && ($datatoken)) {
     if ((-e $target) && ($ENV{'form.override'} ne 'Yes')) {      if ((-e $target) && ($env{'form.override'} ne 'Yes')) {
  $r->print('<form action="'.$action.'" method="post">'.   $r->print('<form action="'.$action.'" method="post">'.
   &mt('File').' <tt>'.$fn.'</tt> '.    &mt('File').' <tt>'.$fn.'</tt> '.
   &mt('exists. Overwrite?').' '.    &mt('exists. Overwrite?').' '.
Line 180  sub phasetwo { Line 181  sub phasetwo {
   '<input type="submit" name="override" value="'.&mt('Yes').'" /></form>');    '<input type="submit" name="override" value="'.&mt('Yes').'" /></form>');
     } else {      } else {
  my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp';   my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp';
    my $dirpath=$path.'/';
    $dirpath=~s/\/+/\//g;
  # Check for bad extension and disallow upload   # Check for bad extension and disallow upload
  if ($fn=~/\.(\w+)$/ &&    if ($fn=~/\.(\w+)$/ && 
     (&Apache::loncommon::fileembstyle($1) eq 'hdn')) {      (&Apache::loncommon::fileembstyle($1) eq 'hdn')) {
Line 188  sub phasetwo { Line 191  sub phasetwo {
       '<font color="red">'.        '<font color="red">'.
       &mt('The extension on this file is reserved internally by LON-CAPA.').        &mt('The extension on this file is reserved internally by LON-CAPA.').
       '</font>');        '</font>');
     $r->print('<br /><font size=+2><a href="'.$path.'">'.      $r->print('<br /><font size=+2><a href="'.$dirpath.'">'.
       &mt('Back to Directory').'</a></font>');        &mt('Back to Directory').'</a></font>');
  } elsif ($fn=~/\.(\w+)$/ &&    } elsif ($fn=~/\.(\w+)$/ && 
  !defined(&Apache::loncommon::fileembstyle($1))) {   !defined(&Apache::loncommon::fileembstyle($1))) {
Line 197  sub phasetwo { Line 200  sub phasetwo {
       '<font color="red">'.        '<font color="red">'.
       &mt('The extension on this file is not recognized by LON-CAPA.').        &mt('The extension on this file is not recognized by LON-CAPA.').
       '</font>');        '</font>');
     $r->print('<br /><font size="+2"><a href="'.$path.'">'.      $r->print('<br /><font size="+2"><a href="'.$dirpath.'">'.
       &mt('Back to Directory').'</a></font>');        &mt('Back to Directory').'</a></font>');
  } elsif (-d $target) {   } elsif (-d $target) {
     $r->print('File <tt>'.$fn.'</tt> could not be copied.<br />'.      $r->print('File <tt>'.$fn.'</tt> could not be copied.<br />'.
       '<font color="red">'.        '<font color="red">'.
       &mt('The target is an existing directory.').        &mt('The target is an existing directory.').
       '</font><br />');        '</font><br />');
     $r->print('<font size="+2"><a href="'.$path.'">'.      $r->print('<font size="+2"><a href="'.$dirpath.'">'.
       &mt('Back to Directory').'</a></font>');        &mt('Back to Directory').'</a></font>');
  } elsif (copy($source,$target)) {   } elsif (copy($source,$target)) {
     chmod(0660, $target); # Set permissions to rw-rw---.      chmod(0660, $target); # Set permissions to rw-rw---.
Line 215  sub phasetwo { Line 218  sub phasetwo {
                         $r->print(&mt('File copied.'));                          $r->print(&mt('File copied.'));
         $r->print('<br /><font size="+2"><a href="'.$url.'">'.          $r->print('<br /><font size="+2"><a href="'.$url.'">'.
       &mt('View file').'</a></font>');        &mt('View file').'</a></font>');
         $r->print('<br /><font size="+2"><a href="'.$path.'">'.          $r->print('<br /><font size="+2"><a href="'.$dirpath.'">'.
       &mt('Back to Directory').'</a></font><br />');        &mt('Back to Directory').'</a></font><br />');
                     }                      }
  } else {   } else {
Line 248  sub handler { Line 251  sub handler {
 #  #
 # phase two: re-attach user  # phase two: re-attach user
 #  #
     if ($ENV{'form.uploaduname'}) {      if ($env{'form.uploaduname'}) {
  $ENV{'form.filename'}='/priv/'.$ENV{'form.uploaduname'}.'/'.   $env{'form.filename'}='/priv/'.$env{'form.uploaduname'}.'/'.
     $ENV{'form.filename'};      $env{'form.filename'};
     }      }
   
     unless ($ENV{'form.phase'} eq 'two') {      unless ($env{'form.phase'} eq 'two') {
         $javascript = qq|          $javascript = qq|
 function verifyForm() {  function verifyForm() {
     var mode = document.forms[0].filetype.options[document.forms[0].filetype.selectedIndex].value      var mode = document.fileupload.filetype.options[document.fileupload.filetype.selectedIndex].value
     if (mode == "testbank") {      if (mode == "testbank") {
         document.forms[0].action = "/adm/testbank";          document.fileupload.action = "/adm/testbank";
     }      }
     if (mode == "imsimport") {      if (mode == "imsimport") {
         document.forms[0].action = "/adm/imsimport";          document.fileupload.action = "/adm/imsimport";
     }      }
     if (mode == "standard") {      if (mode == "standard") {
         document.forms[0].action = "/adm/upload";          document.fileupload.action = "/adm/upload";
     }      }
     document.forms[0].submit();      document.fileupload.submit();
 }  }
   
 function testbankWin() {  function testbankWin() {
Line 292  function testbankWin() { Line 295  function testbankWin() {
 |;  |;
     }      }
     ($uname,$udom)=      ($uname,$udom)=
  &Apache::loncacc::constructaccess($ENV{'form.filename'},   &Apache::loncacc::constructaccess($env{'form.filename'},
   $r->dir_config('lonDefDomain'));    $r->dir_config('lonDefDomain'));
     unless (($uname) && ($udom)) {      unless (($uname) && ($udom)) {
  $r->log_reason($uname.' at '.$udom.   $r->log_reason($uname.' at '.$udom.
        ' trying to publish file '.$ENV{'form.filename'}.         ' trying to publish file '.$env{'form.filename'}.
        ' - not authorized',          ' - not authorized', 
        $r->filename);          $r->filename); 
  return HTTP_NOT_ACCEPTABLE;   return HTTP_NOT_ACCEPTABLE;
     }      }
           
     my $fn;      my $fn;
     if ($ENV{'form.filename'}) {      if ($env{'form.filename'}) {
  $fn=$ENV{'form.filename'};   $fn=$env{'form.filename'};
  $fn=~s/^http\:\/\/[^\/]+\///;   $fn=~s/^http\:\/\/[^\/]+\///;
  $fn=~s/^\///;   $fn=~s/^\///;
  $fn=~s/(\~|priv\/)(\w+)//;   $fn=~s/(\~|priv\/)(\w+)//;
  $fn=~s/\/+/\//g;   $fn=~s/\/+/\//g;
     } else {      } else {
  $r->log_reason($ENV{'user.name'}.' at '.$ENV{'user.domain'}.   $r->log_reason($env{'user.name'}.' at '.$env{'user.domain'}.
        ' unspecified filename for upload', $r->filename);          ' unspecified filename for upload', $r->filename); 
  return HTTP_NOT_FOUND;   return HTTP_NOT_FOUND;
     }      }
Line 325  function testbankWin() { Line 328  function testbankWin() {
   
     $r->print(&Apache::loncommon::bodytag('Upload file to Construction Space'));      $r->print(&Apache::loncommon::bodytag('Upload file to Construction Space'));
       
     if (($uname ne $ENV{'user.name'}) || ($udom ne $ENV{'user.domain'})) {      if (($uname ne $env{'user.name'}) || ($udom ne $env{'user.domain'})) {
  $r->print('<h3><font color=red>'.&mt('Co-Author').': '.$uname.   $r->print('<h3><font color=red>'.&mt('Co-Author').': '.$uname.
   &mt(' at ').$udom.'</font></h3>');    &mt(' at ').$udom.'</font></h3>');
     }      }
   
     if ($ENV{'form.phase'} eq 'two') {      if ($env{'form.phase'} eq 'two') {
  &phasetwo($r,$fn,$uname,$udom);   &phasetwo($r,$fn,$uname,$udom);
     } else {      } else {
  &phaseone($r,$fn,$uname,$udom);   &phaseone($r,$fn,$uname,$udom);

Removed from v.1.25  
changed lines
  Added in v.1.29


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>