--- loncom/publisher/lonupload.pm 2001/05/25 17:03:58 1.4 +++ loncom/publisher/lonupload.pm 2003/11/08 11:04:52 1.22 @@ -1,29 +1,63 @@ + # The LearningOnline Network with CAPA # Handler to upload files into construction space # -# (Handler to retrieve an old version of a file +# $Id: lonupload.pm,v 1.22 2003/11/08 11:04:52 albertel Exp $ +# +# Copyright Michigan State University Board of Trustees +# +# This file is part of the LearningOnline Network with CAPA (LON-CAPA). +# +# LON-CAPA is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. # -# (Publication Handler -# -# (TeX Content Handler +# LON-CAPA is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. # -# 05/29/00,05/30,10/11 Gerd Kortemeyer) +# You should have received a copy of the GNU General Public License +# along with LON-CAPA; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # -# 11/28,11/29,11/30,12/01,12/02,12/04,12/23 Gerd Kortemeyer -# 03/23 Guy Albertelli -# 03/24,03/29 Gerd Kortemeyer) +# /home/httpd/html/adm/gpl.txt # -# 03/31,04/03 Gerd Kortemeyer) +# http://www.lon-capa.org/ # -# 04/05,04/09,05/25 Gerd Kortemeyer +### package Apache::lonupload; use strict; use Apache::File; use File::Copy; +use File::Basename; use Apache::Constants qw(:common :http :methods); use Apache::loncacc; +use Apache::loncommon(); +use Apache::Log(); +use Apache::lonnet; +use HTML::Entities(); +use Apache::lonlocal; + +my $DEBUG=0; + +sub Debug { + + # Marshall the parameters. + + my $r = shift; + my $log = $r->log; + my $message = shift; + + # Put out the indicated message butonly if DEBUG is false. + + if ($DEBUG) { + $log->debug($message); + } +} sub upfile_store { my $r=shift; @@ -31,7 +65,7 @@ sub upfile_store { my $fname=$ENV{'form.upfile.filename'}; $fname=~s/\W//g; - chop($ENV{'form.upfile'}); + chomp($ENV{'form.upfile'}); my $datatoken=$ENV{'user.name'}.'_'.$ENV{'user.domain'}. '_upload_'.$fname.'_'.time.'_'.$$; @@ -46,119 +80,264 @@ sub upfile_store { sub phaseone { my ($r,$fn,$uname,$udom)=@_; - $fn=~s/\/[^\/]+$//; - $fn=~s/([^\/])$/$1\//; - $fn.=$ENV{'form.upfile.filename'}; - $fn=~s/^\///; - $fn=~s/(\/)+/\//g; - - if (($fn) && ($fn!~/\/$/)) { - $r->print( - '
'. - ''. - ''. - 'Store uploaded file as '. - '
'. - '
'); - } else { - $r->print('Illegal filename.'); - } + $ENV{'form.upfile.filename'}=~s/\\/\//g; + $ENV{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/; + if ($ENV{'form.upfile.filename'}) { + $fn=~s/\/[^\/]+$//; + $fn=~s/([^\/])$/$1\//; + $fn.=$ENV{'form.upfile.filename'}; + $fn=~s/^\///; + $fn=~s/(\/)+/\//g; + +# Fn is the full path to the destination filename. +# + + &Debug($r, "Filename for upload: $fn"); + if (($fn) && ($fn!~/\/$/)) { + $r->print('
'. + ''. + ''. + ''. + &mt('Store uploaded file as ')."/priv/$uname/". + '
'. + '
'); + # Check for bad extension and warn user + if ($fn=~/\.(\w+)$/ && + (&Apache::loncommon::fileembstyle($1) eq 'hdn')) { + $r->print(''.&mt('The extension on this file,'). + ' "'.$1.'"'.&mt(', is reserved internally by LON-CAPA.'). + '
'.&mt('Please change the extension.').''); + } elsif($fn=~/\.(\w+)$/ && + !defined(&Apache::loncommon::fileembstyle($1))) { + $r->print(''.&mt('The extension on this file,'). + ' "'.$1.'"'.&mt(', is not recognized by LON-CAPA.'). + '
'.&mt('Please change the extension.'). + ''); + } + } else { + $r->print(''.&mt('Illegal filename.').''); + } + } else { + $r->print(''.&mt('No upload file specified.').''); + } } sub phasetwo { - my ($r,$fn,$uname,$udom)=@_; - if ($fn=~/^\/priv\/$uname\//) { - my $tfn=$fn; - $tfn=~s/^\/(\~|priv)\/(\w+)//; - my $target='/home/'.$uname.'/public_html'.$tfn; - my $datatoken=$ENV{'form.datatoken'}; - if (($fn) && ($datatoken)) { - if ((-e $target) && ($ENV{'form.override'} ne 'Yes')) { - $r->print( - '
'. - 'File '.$fn.' exists. Overwrite? '. - ''. - ''. - ''. - '
'); - } else { - my $source=$r->dir_config('lonDaemons'). - '/tmp/'.$datatoken.'.tmp'; - if (copy($source,$target)) { - $r->print('File copied.'); - $r->print('

View file'); - } else { - $r->print('Failed to copy: '.$!); - } - } + my ($r,$tfn,$uname,$udom)=@_; + my $fn='/priv/'.$uname.'/'.$tfn; + $fn=~s/\/+/\//g; + &Debug($r, "Filename is ".$tfn); + if ($tfn) { + &Debug($r, "Filename for tfn = ".$tfn); + my $target='/home/'.$uname.'/public_html'.$tfn; + &Debug($r, "target -> ".$target); +# target is the full filesystem path of the destination file. + my $base = &File::Basename::basename($fn); + my $path = &File::Basename::dirname($fn); + $base = &HTML::Entities::encode($base); + my $url = $path."/".$base; + &Debug($r, "URL is now ".$url); + my $datatoken=$ENV{'form.datatoken'}; + if (($fn) && ($datatoken)) { + if ((-e $target) && ($ENV{'form.override'} ne 'Yes')) { + $r->print('

'. + &mt('File').' '.$fn.' '. + &mt('exists. Overwrite?').' '. + ''. + ''. + ''. + '
'); + } else { + my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp'; + # Check for bad extension and disallow upload + if ($fn=~/\.(\w+)$/ && + (&Apache::loncommon::fileembstyle($1) eq 'hdn')) { + $r->print(&mt('File').' '.$fn.' '. + &mt('could not be copied.').'
'. + ''. + &mt('The extension on this file is reserved internally by LON-CAPA.'). + ''); + $r->print('

'. + &mt('Back to Directory').''); + } elsif ($fn=~/\.(\w+)$/ && + !defined(&Apache::loncommon::fileembstyle($1))) { + $r->print(&mt('File').' '.$fn.' '. + &mt('could not be copied.').'
'. + ''. + &mt('The extension on this file is not recognized by LON-CAPA.'). + ''); + $r->print('

'. + &mt('Back to Directory').''); + } elsif (-d $target) { + $r->print('File '.$fn.' could not be copied.
'. + ''. + &mt('The target is an existing directory.'). + ''); + $r->print('

'. + &mt('Back to Directory').''); + } elsif (copy($source,$target)) { + chmod(0660, $target); # Set permissions to rw-rw---. + $r->print(&mt('File copied.')); + $r->print('

'. + &mt('View file').''); + $r->print('

'. + &mt('Back to Directory').''); + } else { + $r->print('Failed to copy: '.$!); + $r->print('

'. + &mt('Back to Directory').''); + } + } + } else { + $r->print(''. + &mt('Please use browser "Back" button and pick a filename'). + '

'); + } } else { - $r->print( - 'Please pick a filename

'); - &phaseone($r,$fn,$uname,$udom); - } - } else { - $r->print( - 'Please pick a filename

'); - &phaseone($r,$fn,$uname,$udom); - } + $r->print(''. + &mt('Please use browser "Back" button and pick a filename'). + '

'); + } } +# ---------------------------------------------------------------- Main Handler sub handler { - my $r=shift; + my $r=shift; - my $uname; - my $udom; + my $uname; + my $udom; +# +# phase two: re-attach user +# + if ($ENV{'form.uploaduname'}) { + $ENV{'form.filename'}='/priv/'.$ENV{'form.uploaduname'}.'/'. + $ENV{'form.filename'}; + } +# - unless (($uname,$udom)= - &Apache::loncacc::constructaccess( - $ENV{'form.filename'},$r->dir_config('lonDefDomain'))) { - $r->log_reason($uname.' at '.$udom. - ' trying to publish file '.$ENV{'form.filename'}. - ' - not authorized', - $r->filename); - return HTTP_NOT_ACCEPTABLE; - } - - my $fn; - - if ($ENV{'form.filename'}) { - $fn=$ENV{'form.filename'}; - $fn=~s/^http\:\/\/[^\/]+\/(\~|priv\/)(\w+)//; - } else { - $r->log_reason($ENV{'user.name'}.' at '.$ENV{'user.domain'}. - ' unspecified filename for upload', $r->filename); - return HTTP_NOT_FOUND; - } + ($uname,$udom)= + &Apache::loncacc::constructaccess($ENV{'form.filename'}, + $r->dir_config('lonDefDomain')); + unless (($uname) && ($udom)) { + $r->log_reason($uname.' at '.$udom. + ' trying to publish file '.$ENV{'form.filename'}. + ' - not authorized', + $r->filename); + return HTTP_NOT_ACCEPTABLE; + } + + my $fn; + if ($ENV{'form.filename'}) { + $fn=$ENV{'form.filename'}; + $fn=~s/^http\:\/\/[^\/]+\///; + $fn=~s/^\///; + $fn=~s/(\~|priv\/)(\w+)//; + $fn=~s/\/+/\//g; + } else { + $r->log_reason($ENV{'user.name'}.' at '.$ENV{'user.domain'}. + ' unspecified filename for upload', $r->filename); + return HTTP_NOT_FOUND; + } # ----------------------------------------------------------- Start page output - $r->content_type('text/html'); - $r->send_http_header; + &Apache::loncommon::content_type($r,'text/html'); + $r->send_http_header; - $r->print('LON-CAPA Construction Space'); + $r->print('LON-CAPA Construction Space'); - $r->print( - ''); - - - $r->print('

Upload file to Construction Space

'); + $r->print(&Apache::loncommon::bodytag('Upload file to Construction Space')); - if (($uname ne $ENV{'user.name'}) || ($udom ne $ENV{'user.domain'})) { - $r->print('

Co-Author: '.$uname.' at '.$udom. - '

'); - } - + if (($uname ne $ENV{'user.name'}) || ($udom ne $ENV{'user.domain'})) { + $r->print('

'.&mt('Co-Author').': '.$uname. + &mt(' at ').$udom.'

'); + } - if ($ENV{'form.phase'} eq 'two') { - &phasetwo($r,$fn,$uname,$udom); - } else { - &phaseone($r,$fn,$uname,$udom); - } + if ($ENV{'form.phase'} eq 'two') { + &phasetwo($r,$fn,$uname,$udom); + } else { + &phaseone($r,$fn,$uname,$udom); + } - $r->print(''); - return OK; + $r->print(''); + return OK; } + +1; +__END__ + +=head1 NAME + +Apache::lonupload - upload files into construction space + +=head1 SYNOPSIS + +Invoked by /etc/httpd/conf/srm.conf: + + + PerlAccessHandler Apache::lonacc + SetHandler perl-script + PerlHandler Apache::lonupload + ErrorDocument 403 /adm/login + ErrorDocument 404 /adm/notfound.html + ErrorDocument 406 /adm/unauthorized.html + ErrorDocument 500 /adm/errorhandler + + +=head1 INTRODUCTION + +This module uploads a file sitting on a client computer into +library server construction space. + +This is part of the LearningOnline Network with CAPA project +described at http://www.lon-capa.org. + +=head1 HANDLER SUBROUTINE + +This routine is called by Apache and mod_perl. + +=over 4 + +=item * + +Initialize variables + +=item * + +Start page output + +=item * + +output relevant interface phase (phaseone or phasetwo) + +=item * + +(phase one is to specify upload file; phase two is to handle conditions +subsequent to specification--like overwriting an existing file) + +=back + +=head1 OTHER SUBROUTINES + +=over 4 + +=item * + +phaseone() : Interface for specifying file to upload. + +=item * + +phasetwo() : Interface for handling post-conditions about uploading (such +as overwriting an existing file). + +=item * + +upfile_store() : Store contents of uploaded file into temporary space. Invoked +by phaseone subroutine. + +=back + +=cut