--- loncom/publisher/lonupload.pm 2001/04/10 01:57:28 1.2
+++ loncom/publisher/lonupload.pm 2003/02/03 18:03:53 1.15
@@ -1,29 +1,81 @@
+
# The LearningOnline Network with CAPA
# Handler to upload files into construction space
#
+# $Id: lonupload.pm,v 1.15 2003/02/03 18:03:53 harris41 Exp $
+#
+# Copyright Michigan State University Board of Trustees
+#
+# This file is part of the LearningOnline Network with CAPA (LON-CAPA).
+#
+# LON-CAPA is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# LON-CAPA is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with LON-CAPA; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+# /home/httpd/html/adm/gpl.txt
+#
+# http://www.lon-capa.org/
+#
# (Handler to retrieve an old version of a file
#
# (Publication Handler
#
# (TeX Content Handler
#
+# YEAR=2000
# 05/29/00,05/30,10/11 Gerd Kortemeyer)
#
# 11/28,11/29,11/30,12/01,12/02,12/04,12/23 Gerd Kortemeyer
+# YEAR=2001
# 03/23 Guy Albertelli
# 03/24,03/29 Gerd Kortemeyer)
#
# 03/31,04/03 Gerd Kortemeyer)
#
-# 04/05,04/09 Gerd Kortemeyer
+# 04/05,04/09,05/25,06/23,06/24,08/22 Gerd Kortemeyer
+# 11/29 Matthew Hall
+#
+###
package Apache::lonupload;
use strict;
use Apache::File;
use File::Copy;
+use File::Basename;
use Apache::Constants qw(:common :http :methods);
+use Apache::loncacc;
+use Apache::loncommon();
+use Apache::Log();
+use Apache::lonnet;
+use HTML::Entities();
+my $DEBUG=0;
+
+sub Debug {
+
+ # Marshall the parameters.
+
+ my $r = shift;
+ my $log = $r->log;
+ my $message = shift;
+
+ # Put out the indicated message butonly if DEBUG is false.
+
+ if ($DEBUG) {
+ $log->debug($message);
+ }
+}
sub upfile_store {
my $r=shift;
@@ -45,22 +97,71 @@ sub upfile_store {
sub phaseone {
- my ($r,$fn,$uname,$udom)=@_;
+ my ($r,$fn,$uname,$udom)=@_;
+ $ENV{'form.upfile.filename'}=~s/\\/\//g;
+ $ENV{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/;
+ if ($ENV{'form.upfile.filename'}) {
$fn=~s/\/[^\/]+$//;
$fn=~s/([^\/])$/$1\//;
$fn.=$ENV{'form.upfile.filename'};
- $r->print(
+ $fn=~s/^\///;
+ $fn=~s/(\/)+/\//g;
+
+# Fn is the full path to the destination filename.
+#
+
+ &Debug($r, "Filename for upload: $fn");
+ if (($fn) && ($fn!~/\/$/)) {
+ $r->print(
'<form action=/adm/upload method=post>'.
'<input type=hidden name=phase value=two>'.
'<input type=hidden name=datatoken value="'.&upfile_store.'">'.
'Store uploaded file as '.
- '<input type=text size=50 name=filename value="'.$fn.'"><br>'.
+ '<input type=text size=50 name=filename value="/priv/'.
+ $uname.'/'.$fn.'"><br>'.
'<input type=submit value="Store"></form>');
+ # Check for bad extension and warn user
+ if ($fn=~/\.(\w+)$/ &&
+ (&Apache::loncommon::fileembstyle($1) eq 'hdn')) {
+ $r->print(
+ '<font color=red>'.
+ 'The extension on this file, "'.$1.
+ '", is reserved internally by LON-CAPA. <br \>'.
+ 'Please change the extension.'.
+ '</font>');
+ } elsif($fn=~/\.(\w+)$/ &&
+ !defined(&Apache::loncommon::fileembstyle($1))) {
+ $r->print(
+ '<font color=red>'.
+ 'The extension on this file, "'.$1.
+ '", is not recognized by LON-CAPA. <br \>'.
+ 'Please change the extension.'.
+ '</font>');
+ }
+ } else {
+ $r->print('<font color=red>Illegal filename.</font>');
+ }
+ } else {
+ $r->print('<font color=red>No upload file specified.</font>');
+ }
}
sub phasetwo {
- my ($r,$fn,$uname,$udom)=@_;
- my $target='/home/'.$uname.'/public_html'.$fn;
+ my ($r,$fn,$uname,$udom)=@_;
+ &Debug($r, "Filename is ".$fn);
+ if ($fn=~/^\/priv\/$uname\//) {
+ &Debug($r, "Filename after priv substitution: ".$fn);
+ my $tfn=$fn;
+ $tfn=~s/^\/(\~|priv)\/(\w+)//;
+ &Debug($r, "Filename for tfn = ".$tfn);
+ my $target='/home/'.$uname.'/public_html'.$tfn;
+ &Debug($r, "target -> ".$target);
+# target is the full filesystem path of the destination file.
+ my $base = &File::Basename::basename($fn);
+ my $path = &File::Basename::dirname($fn);
+ $base = &HTML::Entities::encode($base);
+ my $url = $path."/".$base;
+ &Debug($r, "URL is now ".$url);
my $datatoken=$ENV{'form.datatoken'};
if (($fn) && ($datatoken)) {
if ((-e $target) && ($ENV{'form.override'} ne 'Yes')) {
@@ -68,15 +169,31 @@ sub phasetwo {
'<form action=/adm/upload method=post>'.
'File <tt>'.$fn.'</tt> exists. Overwrite? '.
'<input type=hidden name=phase value=two>'.
- '<input type=hidden name=filename value="'.$fn.'">'.
+ '<input type=hidden name=filename value="'."$url".'">'.
'<input type=hidden name=datatoken value="'.$datatoken.'">'.
'<input type=submit name=override value="Yes"></form>');
} else {
my $source=$r->dir_config('lonDaemons').
'/tmp/'.$datatoken.'.tmp';
- if (copy($source,$target)) {
+ # Check for bad extension and disallow upload
+ if ($fn=~/\.(\w+)$/ &&
+ (&Apache::loncommon::fileembstyle($1) eq 'hdn')) {
+ $r->print(
+ 'File <tt>'.$fn.'</tt> could not be copied.<br />'.
+ '<font color=red>'.
+ 'The extension on this file is reserved internally by LON-CAPA.'.
+ '</font>');
+ } elsif ($fn=~/\.(\w+)$/ &&
+ !defined(&Apache::loncommon::fileembstyle($1))) {
+ $r->print(
+ 'File <tt>'.$fn.'</tt> could not be copied.<br />'.
+ '<font color=red>'.
+ 'The extension on this file is not recognized by LON-CAPA.'.
+ '</font>');
+ } elsif (copy($source,$target)) {
+ chmod(0660, $target); # Set permissions to rw-rw---.
$r->print('File copied.');
- $r->print('<p><font size=+2><a href="/priv/'.$uname.$fn.
+ $r->print('<p><font size=+2><a href="'.$url.
'">View file</a></font>');
} else {
$r->print('Failed to copy: '.$!);
@@ -87,17 +204,37 @@ sub phasetwo {
'<font size=+1 color=red>Please pick a filename</font><p>');
&phaseone($r,$fn,$uname,$udom);
}
+ } else {
+ $r->print(
+ '<font size=+1 color=red>Please pick a filename</font><p>');
+ &phaseone($r,$fn,$uname,$udom);
+ }
}
+# ---------------------------------------------------------------- Main Handler
sub handler {
my $r=shift;
+ my $uname;
+ my $udom;
+
+ ($uname,$udom)=
+ &Apache::loncacc::constructaccess(
+ $ENV{'form.filename'},$r->dir_config('lonDefDomain'));
+ unless (($uname) && ($udom)) {
+ $r->log_reason($uname.' at '.$udom.
+ ' trying to publish file '.$ENV{'form.filename'}.
+ ' - not authorized',
+ $r->filename);
+ return HTTP_NOT_ACCEPTABLE;
+ }
+
my $fn;
if ($ENV{'form.filename'}) {
$fn=$ENV{'form.filename'};
- $fn=~s/^http\:\/\/[^\/]+\/\~(\w+)//;
+ $fn=~s/^http\:\/\/[^\/]+\/(\~|priv\/)(\w+)//;
} else {
$r->log_reason($ENV{'user.name'}.' at '.$ENV{'user.domain'}.
' unspecified filename for upload', $r->filename);
@@ -106,8 +243,6 @@ sub handler {
# ----------------------------------------------------------- Start page output
- my $uname=$ENV{'user.name'};
- my $udom=$ENV{'user.domain'};
$r->content_type('text/html');
$r->send_http_header;
@@ -119,6 +254,12 @@ sub handler {
$r->print('<h1>Upload file to Construction Space</h1>');
+
+ if (($uname ne $ENV{'user.name'}) || ($udom ne $ENV{'user.domain'})) {
+ $r->print('<h3><font color=red>Co-Author: '.$uname.' at '.$udom.
+ '</font></h3>');
+ }
+
if ($ENV{'form.phase'} eq 'two') {
&phasetwo($r,$fn,$uname,$udom);
@@ -129,3 +270,79 @@ sub handler {
$r->print('</body></html>');
return OK;
}
+
+1;
+__END__
+
+=head1 NAME
+
+Apache::lonupload - upload files into construction space
+
+=head1 SYNOPSIS
+
+Invoked by /etc/httpd/conf/srm.conf:
+
+ <Location /adm/upload>
+ PerlAccessHandler Apache::lonacc
+ SetHandler perl-script
+ PerlHandler Apache::lonupload
+ ErrorDocument 403 /adm/login
+ ErrorDocument 404 /adm/notfound.html
+ ErrorDocument 406 /adm/unauthorized.html
+ ErrorDocument 500 /adm/errorhandler
+ </Location>
+
+=head1 INTRODUCTION
+
+This module uploads a file sitting on a client computer into
+library server construction space.
+
+This is part of the LearningOnline Network with CAPA project
+described at http://www.lon-capa.org.
+
+=head1 HANDLER SUBROUTINE
+
+This routine is called by Apache and mod_perl.
+
+=over 4
+
+=item *
+
+Initialize variables
+
+=item *
+
+Start page output
+
+=item *
+
+output relevant interface phase (phaseone or phasetwo)
+
+=item *
+
+(phase one is to specify upload file; phase two is to handle conditions
+subsequent to specification--like overwriting an existing file)
+
+=back
+
+=head1 OTHER SUBROUTINES
+
+=over 4
+
+=item *
+
+phaseone() : Interface for specifying file to upload.
+
+=item *
+
+phasetwo() : Interface for handling post-conditions about uploading (such
+as overwriting an existing file).
+
+=item *
+
+upfile_store() : Store contents of uploaded file into temporary space. Invoked
+by phaseone subroutine.
+
+=back
+
+=cut