--- loncom/publisher/lonupload.pm 2001/05/25 17:03:58 1.4 +++ loncom/publisher/lonupload.pm 2001/12/17 00:57:59 1.10 @@ -1,21 +1,51 @@ # The LearningOnline Network with CAPA # Handler to upload files into construction space # +# $Id: lonupload.pm,v 1.10 2001/12/17 00:57:59 harris41 Exp $ +# +# Copyright Michigan State University Board of Trustees +# +# This file is part of the LearningOnline Network with CAPA (LON-CAPA). +# +# LON-CAPA is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# LON-CAPA is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with LON-CAPA; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# /home/httpd/html/adm/gpl.txt +# +# http://www.lon-capa.org/ +# # (Handler to retrieve an old version of a file # # (Publication Handler # # (TeX Content Handler # +# YEAR=2000 # 05/29/00,05/30,10/11 Gerd Kortemeyer) # # 11/28,11/29,11/30,12/01,12/02,12/04,12/23 Gerd Kortemeyer +# YEAR=2001 # 03/23 Guy Albertelli # 03/24,03/29 Gerd Kortemeyer) # # 03/31,04/03 Gerd Kortemeyer) # -# 04/05,04/09,05/25 Gerd Kortemeyer +# 04/05,04/09,05/25,06/23,06/24,08/22 Gerd Kortemeyer +# 11/29 Matthew Hall +# 12/16 Scott Harrison +# +### package Apache::lonupload; @@ -24,6 +54,7 @@ use Apache::File; use File::Copy; use Apache::Constants qw(:common :http :methods); use Apache::loncacc; +use Apache::loncommon(); sub upfile_store { my $r=shift; @@ -45,7 +76,10 @@ sub upfile_store { sub phaseone { - my ($r,$fn,$uname,$udom)=@_; + my ($r,$fn,$uname,$udom)=@_; + $ENV{'form.upfile.filename'}=~s/\\/\//g; + $ENV{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/; + if ($ENV{'form.upfile.filename'}) { $fn=~s/\/[^\/]+$//; $fn=~s/([^\/])$/$1\//; $fn.=$ENV{'form.upfile.filename'}; @@ -61,9 +95,30 @@ sub phaseone { '
'. ''); + # Check for bad extension and warn user + if ($fn=~/\.(\w+)$/ && + (&Apache::loncommon::fileembstyle($1) eq 'hdn')) { + $r->print( + ''. + 'The extension on this file, "'.$1. + '", is reserved internally by LON-CAPA.
'. + 'Please change the extension.'. + ''); + } elsif($fn=~/\.(\w+)$/ && + !defined(&Apache::loncommon::fileembstyle($1))) { + $r->print( + ''. + 'The extension on this file, "'.$1. + '", is not recognized by LON-CAPA.
'. + 'Please change the extension.'. + ''); + } } else { $r->print('Illegal filename.'); } + } else { + $r->print('No upload file specified.'); + } } sub phasetwo { @@ -85,7 +140,22 @@ sub phasetwo { } else { my $source=$r->dir_config('lonDaemons'). '/tmp/'.$datatoken.'.tmp'; - if (copy($source,$target)) { + # Check for bad extension and disallow upload + if ($fn=~/\.(\w+)$/ && + (&Apache::loncommon::fileembstyle($1) eq 'hdn')) { + $r->print( + 'File '.$fn.' could not be copied.
'. + ''. + 'The extension on this file is reserved internally by LON-CAPA.'. + ''); + } elsif ($fn=~/\.(\w+)$/ && + !defined(&Apache::loncommon::fileembstyle($1))) { + $r->print( + 'File '.$fn.' could not be copied.
'. + ''. + 'The extension on this file is not recognized by LON-CAPA.'. + ''); + } elsif (copy($source,$target)) { $r->print('File copied.'); $r->print('

View file'); @@ -105,6 +175,7 @@ sub phasetwo { } } +# ---------------------------------------------------------------- Main Handler sub handler { my $r=shift; @@ -112,9 +183,10 @@ sub handler { my $uname; my $udom; - unless (($uname,$udom)= + ($uname,$udom)= &Apache::loncacc::constructaccess( - $ENV{'form.filename'},$r->dir_config('lonDefDomain'))) { + $ENV{'form.filename'},$r->dir_config('lonDefDomain')); + unless (($uname) && ($udom)) { $r->log_reason($uname.' at '.$udom. ' trying to publish file '.$ENV{'form.filename'}. ' - not authorized', @@ -162,3 +234,79 @@ sub handler { $r->print(''); return OK; } + +1; +__END__ + +=head1 NAME + +Apache::lonupload - upload files into construction space + +=head1 SYNOPSIS + +Invoked by /etc/httpd/conf/srm.conf: + + + PerlAccessHandler Apache::lonacc + SetHandler perl-script + PerlHandler Apache::lonupload + ErrorDocument 403 /adm/login + ErrorDocument 404 /adm/notfound.html + ErrorDocument 406 /adm/unauthorized.html + ErrorDocument 500 /adm/errorhandler + + +=head1 INTRODUCTION + +This module uploads a file sitting on a client computer into +library server construction space. + +This is part of the LearningOnline Network with CAPA project +described at http://www.lon-capa.org. + +=head1 HANDLER SUBROUTINE + +This routine is called by Apache and mod_perl. + +=over 4 + +=item * + +Initialize variables + +=item * + +Start page output + +=item * + +output relevant interface phase (phaseone or phasetwo) + +=item * + +(phase one is to specify upload file; phase two is to handle conditions +subsequent to specification--like overwriting an existing file) + +=back + +=head1 OTHER SUBROUTINES + +=over 4 + +=item * + +phaseone() : Interface for specifying file to upload. + +=item * + +phasetwo() : Interface for handling post-conditions about uploading (such +as overwriting an existing file). + +=item * + +upfile_store() : Store contents of uploaded file into temporary space. Invoked +by phaseone subroutine. + +=back + +=cut