version 1.54, 2011/10/23 23:46:07
|
version 1.69, 2019/03/04 19:54:35
|
Line 1
|
Line 1
|
|
|
# The LearningOnline Network with CAPA |
# The LearningOnline Network with CAPA |
# Handler to upload files into construction space |
# Handler to upload files into construction space |
# |
# |
Line 126 use Apache::File;
|
Line 125 use Apache::File;
|
use File::Copy; |
use File::Copy; |
use File::Basename; |
use File::Basename; |
use Apache::Constants qw(:common :http :methods); |
use Apache::Constants qw(:common :http :methods); |
use Apache::loncacc; |
|
use Apache::loncommon(); |
use Apache::loncommon(); |
use Apache::lonnet; |
use Apache::lonnet; |
use HTML::Entities(); |
use HTML::Entities(); |
use Apache::lonlocal; |
use Apache::lonlocal; |
use Apache::lonnet; |
use Apache::lonnet; |
use LONCAPA(); |
use LONCAPA qw(:DEFAULT :match); |
|
|
my $DEBUG=0; |
my $DEBUG=0; |
|
|
Line 152 sub upfile_store {
|
Line 150 sub upfile_store {
|
|
|
chomp($env{'form.upfile'}); |
chomp($env{'form.upfile'}); |
|
|
my $datatoken=$env{'user.name'}.'_'.$env{'user.domain'}. |
my $datatoken; |
'_upload_'.$fname.'_'.time.'_'.$$; |
if (($env{'user.name'} =~ /^$match_username$/) && ($env{'user.domain'} =~ /^$match_domain$/)) { |
|
$datatoken=$env{'user.name'}.'_'.$env{'user.domain'}. |
|
'_upload_'.$fname.'_'.time.'_'.$$; |
|
} |
|
return if ($datatoken eq ''); |
{ |
{ |
my $fh=Apache::File->new('>'.$r->dir_config('lonDaemons'). |
my $fh=Apache::File->new('>'.$r->dir_config('lonDaemons'). |
'/tmp/'.$datatoken.'.tmp'); |
'/tmp/'.$datatoken.'.tmp'); |
Line 163 sub upfile_store {
|
Line 165 sub upfile_store {
|
} |
} |
|
|
sub phaseone { |
sub phaseone { |
my ($r,$fn,$uname,$udom,$mode)=@_; |
my ($r,$fn,$mode,$uname,$udom)=@_; |
my $action = '/adm/upload'; |
my $action = '/adm/upload'; |
if ($mode eq 'testbank') { |
if ($mode eq 'testbank') { |
$action = '/adm/testbank'; |
$action = '/adm/testbank'; |
Line 174 sub phaseone {
|
Line 176 sub phaseone {
|
# Check for file to be uploaded |
# Check for file to be uploaded |
$env{'form.upfile.filename'}=~s/\\/\//g; |
$env{'form.upfile.filename'}=~s/\\/\//g; |
$env{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/; |
$env{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/; |
|
$env{'form.upfile.filename'}=~s/(\s+$|^\s+)//g; |
if (!$env{'form.upfile.filename'}) { |
if (!$env{'form.upfile.filename'}) { |
$r->print('<p class="LC_warning">'.&mt('No upload file specified.').'</p>'); |
$r->print('<p class="LC_warning">'.&mt('No upload file specified.').'</p>'. |
|
&earlyout($fn,$uname,$udom)); |
return; |
return; |
} |
} |
|
|
$fn=~s/\/[^\/]+$//; |
# Append the name of the uploaded file |
$fn=~s/([^\/])$/$1\//; |
|
$fn.=$env{'form.upfile.filename'}; |
$fn.=$env{'form.upfile.filename'}; |
$fn=~s/^\///; |
|
$fn=~s/(\/)+/\//g; |
$fn=~s/(\/)+/\//g; |
# Fn is the full path to the destination filename. |
|
|
|
# Check for illegal filename |
# Check for illegal filename |
&Debug($r, "Filename for upload: $fn"); |
&Debug($r, "Filename for upload: $fn"); |
Line 192 sub phaseone {
|
Line 193 sub phaseone {
|
$r->print('<p class="LC_warning">'.&mt('Illegal filename.').'</p>'); |
$r->print('<p class="LC_warning">'.&mt('Illegal filename.').'</p>'); |
return; |
return; |
} |
} |
|
# Check if quota exceeded |
|
my $filesize = length($env{'form.upfile'}); |
|
if (!$filesize) { |
|
$r->print('<p class="LC_warning">'. |
|
&mt('Unable to upload [_1]. (size = [_2] bytes)', |
|
'<span class="LC_filename">'.$env{'form.upfile.filename'}.'</span>', |
|
$filesize).'<br />'. |
|
&mt('Either the file you attempted to upload was empty, or your web browser was unable to read its contents.').'<br />'. |
|
'</p>'. |
|
&earlyout($fn,$uname,$udom)); |
|
return; |
|
} |
|
$filesize = int($filesize/1000); #expressed in kb |
|
my $output = &Apache::loncommon::excess_filesize_warning($uname,$udom,'author', |
|
$env{'form.upfile.filename'},$filesize,'upload'); |
|
if ($output) { |
|
$r->print($output.&earlyout($fn,$uname,$udom)); |
|
return; |
|
} |
|
|
|
# Split part that I can change from the part that I cannot change |
|
my ($fn1,$fn2)=($fn=~/^(\/priv\/[^\/]+\/[^\/]+\/)(.*)$/); |
|
# Check for pattern: .number.extension which is reserved for LON-CAPA versioning. |
|
# Check for disallowed characters: #?&%:<>`|, and remove |
|
if ($fn2 ne '') { |
|
($fn2,my $warning) = &check_filename($fn2); |
|
if ($warning ne '') { |
|
$r->print($warning); |
|
} |
|
} |
# Display additional options for upload |
# Display additional options for upload |
# and upload button |
# and upload button |
$r->print( |
$r->print( |
'<form action="'.$action.'" method="post" name="fileupload">' |
'<form action="'.$action.'" method="post" name="fileupload">' |
.'<input type="hidden" name="phase" value="two" />' |
.'<input type="hidden" name="phase" value="two" />' |
.'<input type="hidden" name="datatoken" value="'.&upfile_store.'" />' |
.'<input type="hidden" name="datatoken" value="'.&upfile_store.'" />' |
.'<input type="hidden" name="uploaduname" value="'.$uname.'" />' |
|
); |
); |
$r->print( |
$r->print( |
&Apache::lonhtmlcommon::start_pick_box() |
&Apache::lonhtmlcommon::start_pick_box() |
.&Apache::lonhtmlcommon::row_title(&mt('Save uploaded file as')) |
.&Apache::lonhtmlcommon::row_title(&mt('Save uploaded file as')) |
.'<span class="LC_filename">/priv/'.$uname.'/</span>' |
.'<span class="LC_filename">'.$fn1.'</span>' |
.'<input type="text" size="50" name="filename" value="'.$fn.'" />' |
.'<input type="hidden" name="filename1" value="'.$fn1.'" />' |
|
.'<input type="text" size="50" name="filename2" value="'.$fn2.'" />' |
.&Apache::lonhtmlcommon::row_closure() |
.&Apache::lonhtmlcommon::row_closure() |
.&Apache::lonhtmlcommon::row_title(&mt('File Type')) |
.&Apache::lonhtmlcommon::row_title(&mt('File Type')) |
.'<select name="filetype">' |
.'<select name="filetype">' |
Line 242 sub phaseone {
|
Line 272 sub phaseone {
|
} |
} |
|
|
sub phasetwo { |
sub phasetwo { |
my ($r,$tfn,$uname,$udom,$mode)=@_; |
my ($r,$fn,$mode)=@_; |
|
|
my $output; |
my $output; |
my $action = '/adm/upload'; |
my $action = '/adm/upload'; |
my $returnflag = ''; |
my $returnflag = ''; |
Line 251 sub phasetwo {
|
Line 282 sub phasetwo {
|
} elsif ($mode eq 'imsimport') { |
} elsif ($mode eq 'imsimport') { |
$action = '/adm/imsimport'; |
$action = '/adm/imsimport'; |
} |
} |
my $fn='/priv/'.$uname.'/'.$tfn; |
|
$fn=~s/\/+/\//g; |
$fn=~s/\/+/\//g; |
&Debug($r, "Filename is ".$tfn); |
if ($fn) { |
if ($tfn) { |
my $target= $r->dir_config('lonDocRoot').'/'.$fn; |
&Debug($r, "Filename for tfn = ".$tfn); |
|
my $target='/home/httpd/html/priv/'.$udom.'/'.$uname.'/'.$tfn; |
|
&Debug($r, "target -> ".$target); |
&Debug($r, "target -> ".$target); |
# target is the full filesystem path of the destination file. |
# target is the full filesystem path of the destination file. |
my $base = &File::Basename::basename($fn); |
my $base = &File::Basename::basename($fn); |
my $path = &File::Basename::dirname($fn); |
my $path = &File::Basename::dirname($fn); |
$base = &HTML::Entities::encode($base,'<>&"'); |
$base = &HTML::Entities::encode($base,'<>&"'); |
my $url = $path."/".$base; |
my $url = $path."/".$base; |
&Debug($r, "URL is now ".$url); |
&Debug($r, "URL is now ".$url); |
my $datatoken=$env{'form.datatoken'}; |
my $datatoken; |
|
if ($env{'form.datatoken'} =~ /^$match_username\_$match_domain\_upload_\w*_\d+_\d+$/) { |
|
$datatoken = $env{'form.datatoken'}; |
|
} |
if (($fn) && ($datatoken)) { |
if (($fn) && ($datatoken)) { |
if ($env{'form.cancel'}) { |
if ($env{'form.cancel'}) { |
my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp'; |
my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp'; |
Line 378 sub check_extension {
|
Line 409 sub check_extension {
|
if ($pathchg) { |
if ($pathchg) { |
if ($mode eq 'testbank') { |
if ($mode eq 'testbank') { |
$returnflag = 'embedded'; |
$returnflag = 'embedded'; |
$result .= '<p>'.&mt('Or [_1]continue[_2] the testbank import without modifying the references(s).','<a href="javascript:document.testbankForm.submit();">','</a>').'</p>'; |
$result .= '<p>'.&mt('Or [_1]continue[_2] the testbank import without modifying the reference(s).','<a href="javascript:document.testbankForm.submit();">','</a>').'</p>'; |
} |
} |
} |
} |
} |
} |
Line 399 sub check_extension {
|
Line 430 sub check_extension {
|
return ($result,$returnflag); |
return ($result,$returnflag); |
} |
} |
|
|
|
sub check_filename { |
|
my ($fname) = @_; |
|
my $warning; |
|
if ($fname =~/[#\?&%":<>`|]/) { |
|
$fname =~s/[#\?&%":<>`|]//g; |
|
$warning .= '<p class="LC_warning">' |
|
.&mt('Removed one or more disallowed characters from filename') |
|
.'</p>'; |
|
} |
|
if ($fname=~ /\.(\d+)\.(\w+)$/) { |
|
my $num = $1; |
|
$warning .= '<p class="LC_warning">' |
|
.&mt('Bad filename [_1]','<span class="LC_filename">'.$fname.'</span>') |
|
.'<br />' |
|
.&mt('[_1](name).(number).(extension)[_2] not allowed.','<tt>','</tt>') |
|
.'<br />' |
|
.&mt('Replacing the [_1].number.[_2] with [_1]_letter.[_2] in requested filename.','<tt>','</tt>') |
|
.'</p>'; |
|
if ($num eq '0') { |
|
$fname =~ s/\.(\d+)(\.\w+)$/_A$2/; |
|
} else { |
|
my $letts = ''; |
|
my %digletter = reverse &Apache::lonnet::letter_to_digits(); |
|
if ($num >= 100) { |
|
$num = substr($num,-2); |
|
} |
|
foreach my $digit (split('',$num)) { |
|
$letts .= $digletter{$digit}; |
|
} |
|
$fname =~ s/\.(\d+)(\.\w+)$/_$letts$2/; |
|
} |
|
} |
|
if ($fname =~/___/) { |
|
$fname =~s/_+/_/g; |
|
$warning .= '<p class="LC_warning">' |
|
.&mt('Changed ___ to a single _ in filename') |
|
.'</p>'; |
|
} |
|
return ($fname,$warning); |
|
} |
|
|
sub phasethree { |
sub phasethree { |
my ($r,$fn,$uname,$udom,$mode) = @_; |
my ($r,$fn,$uname,$udom,$mode) = @_; |
|
|
my $action = '/adm/upload'; |
my $action = '/adm/upload'; |
if ($mode eq 'testbank') { |
if ($mode eq 'testbank') { |
$action = '/adm/testbank'; |
$action = '/adm/testbank'; |
} elsif ($mode eq 'imsimport') { |
} elsif ($mode eq 'imsimport') { |
$action = '/adm/imsimport'; |
$action = '/adm/imsimport'; |
} |
} |
my $dir_root = '/home/httpd/html/priv/'.$udom.'/'.$uname; |
my $url_root = "/priv/$udom/$uname"; |
my $url_root = '/priv/'.$udom.'/'.$uname; |
my $dir_root = $r->dir_config('lonDocRoot').$url_root; |
my $path = &File::Basename::dirname($fn); |
my $path = &File::Basename::dirname($fn); |
|
$path =~ s{^\Q$url_root\E}{}; |
|
my $dirpath = $url_root.$path.'/'; |
|
$dirpath=~s{/+}{/}g; |
my $filename = &HTML::Entities::encode($env{'form.filename'},'<>&"'); |
my $filename = &HTML::Entities::encode($env{'form.filename'},'<>&"'); |
my $state = &embedded_form_elems('modify_orightml',$filename,$mode). |
my $state = &embedded_form_elems('modify_orightml',$filename,$mode). |
'<input type="hidden" name="phase" value="four" />'; |
'<input type="hidden" name="phase" value="four" />'; |
Line 418 sub phasethree {
|
Line 494 sub phasethree {
|
$dir_root,$url_root,undef, |
$dir_root,$url_root,undef, |
undef,undef,$state,$action); |
undef,undef,$state,$action); |
if ($mode ne 'imsimport' && $mode ne 'testbank') { |
if ($mode ne 'imsimport' && $mode ne 'testbank') { |
$result .= '<br /><h3><a href="'.$url_root.$fn.'">'. |
$result .= '<br /><h3><a href="'.$fn.'">'. |
&mt('View main file').'</a></h3>'. |
&mt('View main file').'</a></h3>'. |
'<h3><a href="'.$url_root.$path.'">'. |
'<h3><a href="'.$dirpath.'">'. |
&mt('Back to Directory').'</a></h3><br />'; |
&mt('Back to Directory').'</a></h3><br />'; |
} |
} |
return ($result,$returnflag); |
return ($result,$returnflag); |
Line 437 STATE
|
Line 513 STATE
|
|
|
sub phasefour { |
sub phasefour { |
my ($r,$fn,$uname,$udom,$mode) = @_; |
my ($r,$fn,$uname,$udom,$mode) = @_; |
|
|
my $action = '/adm/upload'; |
my $action = '/adm/upload'; |
if ($mode eq 'testbank') { |
if ($mode eq 'testbank') { |
$action = '/adm/testbank'; |
$action = '/adm/testbank'; |
Line 444 sub phasefour {
|
Line 521 sub phasefour {
|
$action = '/adm/imsimport'; |
$action = '/adm/imsimport'; |
} |
} |
my $result; |
my $result; |
my $dir_root = '/home/httpd/html/priv/'.$udom.'/'.$uname; |
my $url_root = "/priv/$udom/$uname"; |
my $url_root = '/priv/'.$udom.'/'.$uname; |
my $dir_root = $r->dir_config('lonDocRoot').$url_root; |
my $path = &File::Basename::dirname($fn); |
my $path = &File::Basename::dirname($fn); |
$result .= &Apache::loncommon::modify_html_refs($mode,$path, |
$path =~ s{^\Q$url_root\E}{}; |
$uname,$udom,$dir_root); |
my $dirpath = $url_root.$path.'/'; |
|
$dirpath=~s{/+}{/}g; |
|
my $outcome = |
|
&Apache::loncommon::modify_html_refs($mode,$path,$uname,$udom,$dir_root); |
|
$result .= $outcome; |
if ($mode ne 'imsimport' && $mode ne 'testbank') { |
if ($mode ne 'imsimport' && $mode ne 'testbank') { |
$result .= '<br /><h3><a href="'.$url_root.$fn.'">'. |
$result .= '<br /><h3><a href="'.$fn.'">'. |
&mt('View main file').'</a></h3>'. |
&mt('View main file').'</a></h3>'. |
'<h3><a href="'.$url_root.$path.'">'. |
'<h3><a href="'.$dirpath.'">'. |
&mt('Back to Directory').'</a></h3><br />'; |
&mt('Back to Directory').'</a></h3><br />'; |
} |
} |
return $result; |
return $result; |
} |
} |
|
|
|
sub earlyout { |
|
my ($fn,$uname,$udom) = @_; |
|
if ($fn =~ m{^(/priv/$udom/$uname(?:.*)/)[^/]*}) { |
|
return &Apache::lonhtmlcommon::actionbox( |
|
['<a href="'.$1.'">'.&mt('Return to Directory').'</a>']); |
|
} |
|
return; |
|
} |
|
|
# ---------------------------------------------------------------- Main Handler |
# ---------------------------------------------------------------- Main Handler |
sub handler { |
sub handler { |
|
|
my $r=shift; |
my $r=shift; |
|
|
my $uname; |
|
my $udom; |
|
my $javascript = ''; |
my $javascript = ''; |
# |
my $fn; |
# phase two: re-attach user |
my $warning; |
# |
|
if ($env{'form.uploaduname'}) { |
if ($env{'form.filename1'}) { |
$env{'form.filename'}='/priv/'.$env{'form.uploaduname'}.'/'. |
my $fn1 = $env{'form.filename1'}; |
$env{'form.filename'}; |
my $fn2 = $env{'form.filename2'}; |
|
$fn2 =~ s/(\s+$|^\s+)//g; |
|
$fn2 =~ s/\/+/\//g; |
|
($fn2,$warning) = &check_filename($fn2); |
|
$fn = $fn1.$fn2; |
|
} else { |
|
$fn = $env{'form.filename'}; |
|
} |
|
$fn=~s/\/+/\//g; |
|
|
|
unless ($fn) { |
|
$r->log_reason($env{'user.name'}.' at '.$env{'user.domain'}. |
|
' unspecified filename for upload', $r->filename); |
|
return HTTP_NOT_FOUND; |
|
} |
|
|
|
my ($uname,$udom)=&Apache::lonnet::constructaccess($fn); |
|
|
|
unless (($uname) && ($udom)) { |
|
$r->log_reason($env{'user.name'}.' at '.$env{'user.domain'}. |
|
' trying to upload file '.$fn. |
|
' - not authorized', |
|
$r->filename); |
|
return HTTP_NOT_ACCEPTABLE; |
} |
} |
|
|
|
# ----------------------------------------------------------- Start page output |
|
|
|
&Apache::loncommon::content_type($r,'text/html'); |
|
$r->send_http_header; |
|
|
unless ($env{'form.phase'} eq 'two') { |
unless ($env{'form.phase'} eq 'two') { |
$javascript = qq| |
$javascript = <<"ENDJS"; |
|
<script type="text/javascript"> |
|
// <![CDATA[ |
function verifyForm() { |
function verifyForm() { |
var mode = document.fileupload.filetype.options[document.fileupload.filetype.selectedIndex].value |
var mode = document.fileupload.filetype.options[document.fileupload.filetype.selectedIndex].value |
if (mode == "testbank") { |
if (mode == "testbank") { |
Line 489 function verifyForm() {
|
Line 606 function verifyForm() {
|
} |
} |
document.fileupload.submit(); |
document.fileupload.submit(); |
} |
} |
|; |
// ]]> |
|
</script> |
|
ENDJS |
} |
} |
($uname,$udom)= |
|
&Apache::loncacc::constructaccess($env{'form.filename'}, |
|
$r->dir_config('lonDefDomain')); |
|
|
|
unless (($uname) && ($udom)) { |
my $londocroot = $r->dir_config('lonDocRoot'); |
$r->log_reason($uname.' at '.$udom. |
my $trailfile = $fn; |
' trying to publish file '.$env{'form.filename'}. |
$trailfile =~ s{^/(priv/)}{$londocroot/$1}; |
' - not authorized', |
|
$r->filename); |
|
return HTTP_NOT_ACCEPTABLE; |
|
} |
|
|
|
my $fn; |
|
if ($env{'form.filename'}) { |
|
$fn=$env{'form.filename'}; |
|
$fn=~s/^https?\:\/\/[^\/]+\///; |
|
$fn=~s/^\///; |
|
$fn=~s{(~|priv/)($LONCAPA::username_re)}{}; |
|
$fn=~s/\/+/\//g; |
|
} else { |
|
$r->log_reason($env{'user.name'}.' at '.$env{'user.domain'}. |
|
' unspecified filename for upload', $r->filename); |
|
return HTTP_NOT_FOUND; |
|
} |
|
|
|
# ----------------------------------------------------------- Start page output |
|
|
|
|
|
&Apache::loncommon::content_type($r,'text/html'); |
|
$r->send_http_header; |
|
|
|
$javascript = "<script type=\"text/javascript\">\n//<!--\n". |
|
$javascript."\n// --></script>\n"; |
|
|
|
# Breadcrumbs |
# Breadcrumbs |
my $brcrum = [{'href' => &Apache::loncommon::authorspace(), |
my $brcrum = [{'href' => &Apache::loncommon::authorspace($fn), |
'text' => 'Construction Space'}, |
'text' => 'Authoring Space'}, |
{'href' => '/adm/upload', |
{'href' => '/adm/upload', |
'text' => 'Upload file to Construction Space'}]; |
'text' => 'Upload file to Authoring Space'}]; |
$r->print(&Apache::loncommon::start_page('Upload file to Construction Space', |
$r->print(&Apache::loncommon::start_page('Upload file to Authoring Space', |
$javascript, |
$javascript, |
{'bread_crumbs' => $brcrum,}) |
{'bread_crumbs' => $brcrum,}) |
.&Apache::loncommon::head_subbox( |
.&Apache::loncommon::head_subbox( |
&Apache::loncommon::CSTR_pageheader()) |
&Apache::loncommon::CSTR_pageheader($trailfile)) |
); |
); |
|
|
if (($uname ne $env{'user.name'}) || ($udom ne $env{'user.domain'})) { |
if (($uname ne $env{'user.name'}) || ($udom ne $env{'user.domain'})) { |
Line 543 function verifyForm() {
|
Line 633 function verifyForm() {
|
.'</p>' |
.'</p>' |
); |
); |
} |
} |
|
if ($warning) { |
|
$r->print($warning); |
|
} |
if ($env{'form.phase'} eq 'four') { |
if ($env{'form.phase'} eq 'four') { |
my $output = &phasefour($r,$fn,$uname,$udom,'author'); |
my $output = &phasefour($r,$fn,$uname,$udom,'author'); |
$r->print($output); |
$r->print($output); |
Line 550 function verifyForm() {
|
Line 643 function verifyForm() {
|
my ($output,$rtnflag) = &phasethree($r,$fn,$uname,$udom,'author'); |
my ($output,$rtnflag) = &phasethree($r,$fn,$uname,$udom,'author'); |
$r->print($output); |
$r->print($output); |
} elsif ($env{'form.phase'} eq 'two') { |
} elsif ($env{'form.phase'} eq 'two') { |
my ($output,$returnflag) = &phasetwo($r,$fn,$uname,$udom); |
my ($output,$returnflag) = &phasetwo($r,$fn); |
$r->print($output); |
$r->print($output); |
} else { |
} else { |
&phaseone($r,$fn,$uname,$udom); |
&phaseone($r,$fn,undef,$uname,$udom); |
} |
} |
|
|
$r->print(&Apache::loncommon::end_page()); |
$r->print(&Apache::loncommon::end_page()); |
return OK; |
return OK; |
} |
} |
|
|
1; |
1; |