Diff for /loncom/publisher/lonupload.pm between versions 1.38.2.1 and 1.49

version 1.38.2.1, 2008/12/12 02:42:49 version 1.49, 2010/02/16 10:26:17
Line 28 Line 28
 #  #
 ###  ###
   
   =head1 NAME
   
   Apache::lonupload - upload files into construction space
   
   =head1 SYNOPSIS
   
   Invoked by /etc/httpd/conf/srm.conf:
   
    <Location /adm/upload>
    PerlAccessHandler       Apache::lonacc
    SetHandler perl-script
    PerlHandler Apache::lonupload
    ErrorDocument     403 /adm/login
    ErrorDocument     404 /adm/notfound.html
    ErrorDocument     406 /adm/unauthorized.html
    ErrorDocument  500 /adm/errorhandler
    </Location>
   
   =head1 INTRODUCTION
   
   This module uploads a file sitting on a client computer into 
   library server construction space.
   
   This is part of the LearningOnline Network with CAPA project
   described at http://www.lon-capa.org.
   
   =head1 HANDLER SUBROUTINE
   
   This routine is called by Apache and mod_perl.
   
   =over 4
   
   =item *
   
   Initialize variables
   
   =item *
   
   Start page output
   
   =item *
   
   output relevant interface phase (phaseone or phasetwo or phasethree)
   
   =item *
   
   (phase one is to specify upload file; phase two is to handle conditions
   subsequent to specification--like overwriting an existing file; phase three
   is to handle processing of secondary uploads - of embedded objects in an
   html file).
   
   =back
   
   =head1 OTHER SUBROUTINES
   
   =over
   
   =item phaseone()
   
   Interface for specifying file to upload.
   
   =item phasetwo()
   
   Interface for handling post-conditions about uploading (such
   as overwriting an existing file).
   
   =item phasethree()
   
   Interface for handling secondary uploads of embedded objects
   in an html file.
   
   =item upfile_store()
   
   Store contents of uploaded file into temporary space.  Invoked
   by phaseone subroutine.
   
   =item check_extension()
   
   Checks if filename extension is permitted and checks type
    of file - if html file, calls parser to check for embedded objects.
    Invoked by phasetwo subroutine.
   
   =back
   
   =cut
   
 package Apache::lonupload;  package Apache::lonupload;
   
 use strict;  use strict;
Line 79  sub phaseone { Line 165  sub phaseone {
     } elsif ($mode eq 'imsimport') {      } elsif ($mode eq 'imsimport') {
         $action = '/adm/imsimport';          $action = '/adm/imsimport';
     }      }
   
       # Check for file to be uploaded
     $env{'form.upfile.filename'}=~s/\\/\//g;      $env{'form.upfile.filename'}=~s/\\/\//g;
     $env{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/;      $env{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/;
     if ($env{'form.upfile.filename'}) {      if (!$env{'form.upfile.filename'}) {
  $fn=~s/\/[^\/]+$//;          $r->print('<p class="LC_warning">'.&mt('No upload file specified.').'</p>');
  $fn=~s/([^\/])$/$1\//;          return;
  $fn.=$env{'form.upfile.filename'};      }
  $fn=~s/^\///;  
  $fn=~s/(\/)+/\//g;      $fn=~s/\/[^\/]+$//;
       $fn=~s/([^\/])$/$1\//;
 #    Fn is the full path to the destination filename.      $fn.=$env{'form.upfile.filename'};
 #          $fn=~s/^\///;
       $fn=~s/(\/)+/\//g;
       #    Fn is the full path to the destination filename.
   
       # Check for illegal filename
       &Debug($r, "Filename for upload: $fn");
       if (!(($fn) && ($fn!~/\/$/))) {
           $r->print('<p class="LC_warning">'.&mt('Illegal filename.').'</p>');
           return;
       }
   
       # Display additional options for upload
       # and upload button
       $r->print(
           '<form action="'.$action.'" method="post" name="fileupload">'
          .'<input type="hidden" name="phase" value="two" />'
          .'<input type="hidden" name="datatoken" value="'.&upfile_store.'" />'
          .'<input type="hidden" name="uploaduname" value="'.$uname.'" />'
       );
       $r->print(
           &Apache::lonhtmlcommon::start_pick_box()
          .&Apache::lonhtmlcommon::row_title(&mt('Save uploaded file as'))
          .'<span class="LC_filename">/priv/'.$uname.'/</span>'
          .'<input type="text" size="50" name="filename" value="'.$fn.'" />'
          .&Apache::lonhtmlcommon::row_closure()
          .&Apache::lonhtmlcommon::row_title(&mt('File Type'))
          .'<select name="filetype">'
          .'<option value="standard" selected="selected">'.&mt('Regular file').'</option>'
          .'<option value="testbank">'.&mt('Testbank file').'</option>'
          .'<option value="imsimport">'.&mt('IMS package').'</option>'
          .'</select>'.&Apache::loncommon::help_open_topic("Uploading_File_Options")
          .&Apache::lonhtmlcommon::row_closure(1)
          .&Apache::lonhtmlcommon::end_pick_box()
       );
       $r->print(
           '<p>'
          .'<input type="button" value="'.&mt('Upload').'" onclick="javascript:verifyForm()"/>'
          .'</p>'
          .'</form>'
       );
   
  &Debug($r, "Filename for upload: $fn");     # Check for bad extension and warn user
  if (($fn) && ($fn!~/\/$/)) {      if ($fn=~/\.(\w+)$/ && 
     $r->print('<form action="'.$action.'" method="post" name="fileupload">'.          (&Apache::loncommon::fileembstyle($1) eq 'hdn')) {
       '<input type="hidden" name="phase" value="two" />'.                  $r->print('<p class="LC_error">'
       '<input type="hidden" name="datatoken" value="'.                            .&mt('The extension on this file, [_1], is reserved internally by LON-CAPA.',
       &upfile_store.'" />'.                                 '<span class="LC_filename">'.$1.'</span>')
       '<input type="hidden" name="uploaduname" value="'.$uname.                            .' <br />'.&mt('Please change the extension.')
       '" />'.&mt('Save uploaded file as [_1]',  
                       '<span class="LC_filename">/priv/'.$uname.'/</span>'.  
                       '<input type="text" size="50" name="filename" value="'.$fn.  
                       '" />').  
                       '<br />'.  
       '<br />'.&mt('Choose file type:').'  
 <select name="filetype">  
  <option value="standard" selected>'.&mt('Regular file').'  
  <option value="testbank">'.&mt('Testbank file').'  
  <option value="imsimport">'.&mt('IMS package').'  
 </select>'.&Apache::loncommon::help_open_topic("Uploading_File_Options").'  
 <br />  
 <br />  
 ');  
             $r->print('<input type="button" value="'.&mt('Save').'" onClick="javascript:verifyForm()"/></form>');  
     # Check for bad extension and warn user  
     if ($fn=~/\.(\w+)$/ &&   
  (&Apache::loncommon::fileembstyle($1) eq 'hdn')) {  
  $r->print('<p class="LC_error">'  
                           .&mt('The extension on this file, [_1], is reserved internally by LON-CAPA.','"'.$1.'"' ).  
   .' <br />'.&mt('Please change the extension.')  
                           .'</p>');                            .'</p>');
     } elsif($fn=~/\.(\w+)$/ &&       } elsif($fn=~/\.(\w+)$/ && 
     !defined(&Apache::loncommon::fileembstyle($1))) {                      !defined(&Apache::loncommon::fileembstyle($1))) {
  $r->print('<p class="LC_error">'                  $r->print('<p class="LC_error">'
                           .&mt('The extension on this file, [_1], is not recognized by LON-CAPA.','"'.$1.'"')                           .&mt('The extension on this file, [_1], is not recognized by LON-CAPA.',
   .' <br />'.&mt('Please change the extension.')                                '<span class="LC_filename">'.$1.'</span>')
   .'</p>');                           .' <br />'.&mt('Please change the extension.')
     }                           .'</p>');
  } else {  
     $r->print('<span class="LC_error">'.&mt('Illegal filename.').'</span>');  
  }  
     } else {  
  $r->print('<span class="LC_error">'.&mt('No upload file specified.').'</span>');  
     }      }
 }  }
   
Line 164  sub phasetwo { Line 265  sub phasetwo {
                 my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp';                  my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp';
                 my $dirpath=$path.'/';                  my $dirpath=$path.'/';
                 $dirpath=~s/\/+/\//g;                  $dirpath=~s/\/+/\//g;
                 $output .= &mt('Upload cancelled.').'<br /><font size="+2"><a href="'.$dirpath.'">'.                  $output .= '<p class="LC_warning">'.&mt('Upload cancelled.').'</p>'
                           &mt('Back to Directory').'</a></font>';                            .'<p><a href="'.$dirpath.'">'.
     } elsif ((-e $target) && (!$env{'form.override'})) {                            &mt('Back to Directory').'</a></p>';
  $output .= '<form action="'.$action.'" method="post">'.              } elsif ((-e $target) && (!$env{'form.override'})) {
   &mt('File [_1] exists. Overwrite?','<span class="LC_filename">'.$fn.'</span>').                  $output .= '<form action="'.$action.'" method="post">'
   '<input type="hidden" name="phase" value="two" />'.                            .'<p class="LC_warning">'
   '<input type="hidden" name="filename" value="'.$url.'" />'.                            .&mt('File [_1] already exists.',
   '<input type="hidden" name="datatoken" value="'.$datatoken.'" />'.                                 '<span class="LC_filename">'.$fn.'</span>')
   '<input type="submit" name="override" value="'.&mt('Yes').'" />'.                           .'<input type="hidden" name="phase" value="two" />'
                           '<input type="submit" name="cancel" value="'.&mt('Cancel').'" />'.                           .'<input type="hidden" name="filename" value="'.$url.'" />'
                           '</form>';                           .'<input type="hidden" name="datatoken" value="'.$datatoken.'" />'
                            .'<p>'
                            .'<input type="submit" name="cancel" value="'.&mt('Cancel').'" />'
                            .' <input type="submit" name="override" value="'.&mt('Overwrite').'" />'
                            .'</p>'
                            .'</form>';
             } else {              } else {
  my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp';   my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp';
  my $dirpath=$path.'/';   my $dirpath=$path.'/';
Line 203  sub check_extension { Line 309  sub check_extension {
     # Check for bad extension and disallow upload      # Check for bad extension and disallow upload
     if ($fn=~/\.(\w+)$/ &&      if ($fn=~/\.(\w+)$/ &&
         (&Apache::loncommon::fileembstyle($1) eq 'hdn')) {          (&Apache::loncommon::fileembstyle($1) eq 'hdn')) {
         $result .= &mt('File [_1] could not be copied.',          $result .= '<p class="LC_warning">'.
                       '<span class="LC_filename">'.$fn.'</span> ').                     &mt('File [_1] could not be copied.',
                   '<p class="LC_error">'.                         '<span class="LC_filename">'.$fn.'</span> ').
                   &mt('The extension on this file is reserved internally by LON-CAPA.').                     '<br />'.
                   '</p>';                     &mt('The extension on this file is reserved internally by LON-CAPA.').
                      '</p>';
     } elsif ($fn=~/\.(\w+)$/ &&      } elsif ($fn=~/\.(\w+)$/ &&
              !defined(&Apache::loncommon::fileembstyle($1))) {               !defined(&Apache::loncommon::fileembstyle($1))) {
         $result .= &mt('File [_1] could not be copied.',          $result .= '<p class="LC_warning">'.
                       '<span class="LC_filename">'.$fn.'</span> ').                     &mt('File [_1] could not be copied.',
                   '<p class="LC_error">'.                         '<span class="LC_filename">'.$fn.'</span> ').
                   &mt('The extension on this file is not recognized by LON-CAPA.').                     '<br />'.
                   '</p>';                     &mt('The extension on this file is not recognized by LON-CAPA.').
                      '</p>';
     } elsif (-d $target) {      } elsif (-d $target) {
         $result .= &mt('File [_1] could not be copied.',          $result .= '<p class="LC_warning">'.
                       '<span class="LC_filename">'.$fn.'</span>').                     &mt('File [_1] could not be copied.',
                   '<p class="LC_error">'.                         '<span class="LC_filename">'.$fn.'</span>').
                   &mt('The target is an existing directory.').                     '<br />'.
                   '</p>';                     &mt('The target is an existing directory.').
                      '</p>';
     } elsif (copy($source,$target)) {      } elsif (copy($source,$target)) {
         chmod(0660, $target); # Set permissions to rw-rw---.          chmod(0660, $target); # Set permissions to rw-rw---.
         if ($mode eq 'testbank' || $mode eq 'imsimport') {          if ($mode eq 'testbank' || $mode eq 'imsimport') {
             $returnflag = 'ok';              $returnflag = 'ok';
             $result .= &mt('Your file - [_1] - was uploaded successfully',$fn).'<br /><br />';              $result .= '<p class="LC_success">'
                         .&mt('Your file - [_1] - was uploaded successfully.',
                              '<span class="LC_filename">'.$fn.'<span>')
                         .'</p>';
         } else {          } else {
             $result .= &mt('File copied.').'<br />';              $result .= '<p class="LC_success">'
                         .&mt('File copied.')  
                         .'</p>';
         }          }
         # Check for embedded objects.          # Check for embedded objects.
         my (%allfiles,%codebase);          my (%allfiles,%codebase);
Line 256  STATE Line 370  STATE
             }              }
         }          }
         if (($mode ne 'imsimport') && ($mode ne 'testbank')) {          if (($mode ne 'imsimport') && ($mode ne 'testbank')) {
             $result .= '<br /><font size="+2"><a href="'.$url.'">'.              $result .= '<br /><a href="'.$url.'">'.
                         &mt('View file').'</a></font>';                          &mt('View file').'</a>';
         }          }
     } else {      } else {
         $result .= &mt('Failed to copy: [_1].',$!);          $result .= &mt('Failed to copy: [_1].',$!);
     }      }
     if ($mode ne 'imsimport' && $mode ne 'testbank') {      if ($mode ne 'imsimport' && $mode ne 'testbank') {
         $result .= '<br /><font size="+2"><a href="'.$dirpath.'">'.          $result .= '<br /><a href="'.$dirpath.'">'.
                    &mt('Back to Directory').'</a></font><br />';                     &mt('Back to Directory').'</a><br />';
     }      }
     return ($result,$returnflag);      return ($result,$returnflag);
 }  }
Line 335  function verifyForm() { Line 449  function verifyForm() {
     my $fn;      my $fn;
     if ($env{'form.filename'}) {      if ($env{'form.filename'}) {
  $fn=$env{'form.filename'};   $fn=$env{'form.filename'};
  $fn=~s/^http\:\/\/[^\/]+\///;   $fn=~s/^https?\:\/\/[^\/]+\///;
  $fn=~s/^\///;   $fn=~s/^\///;
  $fn=~s{(~|priv/)($LONCAPA::username_re)}{};   $fn=~s{(~|priv/)($LONCAPA::username_re)}{};
  $fn=~s/\/+/\//g;   $fn=~s/\/+/\//g;
Line 354  function verifyForm() { Line 468  function verifyForm() {
    $javascript = "<script type=\"text/javascript\">\n//<!--\n".     $javascript = "<script type=\"text/javascript\">\n//<!--\n".
  $javascript."\n// --></script>\n";   $javascript."\n// --></script>\n";
   
       # Breadcrumbs
       my $brcrum = [{'href' => &Apache::loncommon::authorspace(),
                      'text' => 'Construction Space'},
                     {'href' => '/adm/upload',
                      'text' => 'Upload file to Construction Space'}];
     $r->print(&Apache::loncommon::start_page('Upload file to Construction Space',      $r->print(&Apache::loncommon::start_page('Upload file to Construction Space',
      $javascript));                                               $javascript,
                                                {'bread_crumbs' => $brcrum,})
                .&Apache::loncommon::head_subbox(
                   &Apache::loncommon::CSTR_pageheader())
       );
       
     if (($uname ne $env{'user.name'}) || ($udom ne $env{'user.domain'})) {      if (($uname ne $env{'user.name'}) || ($udom ne $env{'user.domain'})) {
  $r->print('<h3><span class="LC_error">'.&mt('Co-Author').': '.$uname.          $r->print('<p class="LC_warning">'
   &mt(' at ').$udom.'</span></h3>');                   .&mt('Co-Author [_1]',$uname.':'.$udom)
                    .'</p>'
           );
     }      }
   
     if ($env{'form.phase'} eq 'three') {      if ($env{'form.phase'} eq 'three') {
Line 379  function verifyForm() { Line 504  function verifyForm() {
 1;  1;
 __END__  __END__
   
 =head1 NAME  
   
 Apache::lonupload - upload files into construction space  
   
 =head1 SYNOPSIS  
   
 Invoked by /etc/httpd/conf/srm.conf:  
   
  <Location /adm/upload>  
  PerlAccessHandler       Apache::lonacc  
  SetHandler perl-script  
  PerlHandler Apache::lonupload  
  ErrorDocument     403 /adm/login  
  ErrorDocument     404 /adm/notfound.html  
  ErrorDocument     406 /adm/unauthorized.html  
  ErrorDocument  500 /adm/errorhandler  
  </Location>  
   
 =head1 INTRODUCTION  
   
 This module uploads a file sitting on a client computer into   
 library server construction space.  
   
 This is part of the LearningOnline Network with CAPA project  
 described at http://www.lon-capa.org.  
   
 =head1 HANDLER SUBROUTINE  
   
 This routine is called by Apache and mod_perl.  
   
 =over 4  
   
 =item *  
   
 Initialize variables  
   
 =item *  
   
 Start page output  
   
 =item *  
   
 output relevant interface phase (phaseone or phasetwo or phasethree)  
   
 =item *  
   
 (phase one is to specify upload file; phase two is to handle conditions  
 subsequent to specification--like overwriting an existing file; phase three  
 is to handle processing of secondary uploads - of embedded objects in an  
 html file).  
   
 =back  
   
 =head1 OTHER SUBROUTINES  
   
 =over 4  
   
 =item *  
   
 phaseone() : Interface for specifying file to upload.  
   
 =item *  
   
 phasetwo() : Interface for handling post-conditions about uploading (such  
 as overwriting an existing file).  
   
 =item *  
   
 phasethree() : Interface for handling secondary uploads of embedded objects  
 in an html file.  
   
 =item *  
   
 upfile_store() : Store contents of uploaded file into temporary space.  Invoked  
 by phaseone subroutine.  
   
 =item *  
   
 check_extension() : Checks if filename extension is permitted and checks type  
  of file - if html file, calls parser to check for embedded objects.  
  Invoked by phasetwo subroutine.  
   
 =back  
   
 =cut  

Removed from v.1.38.2.1  
changed lines
  Added in v.1.49


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>