--- loncom/publisher/lonupload.pm 2003/11/08 11:11:01 1.23
+++ loncom/publisher/lonupload.pm 2008/12/19 03:57:24 1.43
@@ -2,7 +2,7 @@
# The LearningOnline Network with CAPA
# Handler to upload files into construction space
#
-# $Id: lonupload.pm,v 1.23 2003/11/08 11:11:01 albertel Exp $
+# $Id: lonupload.pm,v 1.43 2008/12/19 03:57:24 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -28,6 +28,92 @@
#
###
+=head1 NAME
+
+Apache::lonupload - upload files into construction space
+
+=head1 SYNOPSIS
+
+Invoked by /etc/httpd/conf/srm.conf:
+
+ <Location /adm/upload>
+ PerlAccessHandler Apache::lonacc
+ SetHandler perl-script
+ PerlHandler Apache::lonupload
+ ErrorDocument 403 /adm/login
+ ErrorDocument 404 /adm/notfound.html
+ ErrorDocument 406 /adm/unauthorized.html
+ ErrorDocument 500 /adm/errorhandler
+ </Location>
+
+=head1 INTRODUCTION
+
+This module uploads a file sitting on a client computer into
+library server construction space.
+
+This is part of the LearningOnline Network with CAPA project
+described at http://www.lon-capa.org.
+
+=head1 HANDLER SUBROUTINE
+
+This routine is called by Apache and mod_perl.
+
+=over 4
+
+=item *
+
+Initialize variables
+
+=item *
+
+Start page output
+
+=item *
+
+output relevant interface phase (phaseone or phasetwo or phasethree)
+
+=item *
+
+(phase one is to specify upload file; phase two is to handle conditions
+subsequent to specification--like overwriting an existing file; phase three
+is to handle processing of secondary uploads - of embedded objects in an
+html file).
+
+=back
+
+=head1 OTHER SUBROUTINES
+
+=over
+
+=item phaseone()
+
+Interface for specifying file to upload.
+
+=item phasetwo()
+
+Interface for handling post-conditions about uploading (such
+as overwriting an existing file).
+
+=item phasethree()
+
+Interface for handling secondary uploads of embedded objects
+in an html file.
+
+=item upfile_store()
+
+Store contents of uploaded file into temporary space. Invoked
+by phaseone subroutine.
+
+=item check_extension()
+
+Checks if filename extension is permitted and checks type
+ of file - if html file, calls parser to check for embedded objects.
+ Invoked by phasetwo subroutine.
+
+=back
+
+=cut
+
package Apache::lonupload;
use strict;
@@ -37,55 +123,54 @@ use File::Basename;
use Apache::Constants qw(:common :http :methods);
use Apache::loncacc;
use Apache::loncommon();
-use Apache::Log();
use Apache::lonnet;
use HTML::Entities();
use Apache::lonlocal;
+use Apache::lonnet;
+use LONCAPA();
my $DEBUG=0;
sub Debug {
-
- # Marshall the parameters.
-
- my $r = shift;
- my $log = $r->log;
- my $message = shift;
-
- # Put out the indicated message butonly if DEBUG is false.
-
+ # Put out the indicated message but only if DEBUG is true.
if ($DEBUG) {
- $log->debug($message);
+ my ($r,$message) = @_;
+ $r->log_reason($message);
}
}
sub upfile_store {
my $r=shift;
- my $fname=$ENV{'form.upfile.filename'};
+ my $fname=$env{'form.upfile.filename'};
$fname=~s/\W//g;
- chomp($ENV{'form.upfile'});
+ chomp($env{'form.upfile'});
- my $datatoken=$ENV{'user.name'}.'_'.$ENV{'user.domain'}.
+ my $datatoken=$env{'user.name'}.'_'.$env{'user.domain'}.
'_upload_'.$fname.'_'.time.'_'.$$;
{
my $fh=Apache::File->new('>'.$r->dir_config('lonDaemons').
'/tmp/'.$datatoken.'.tmp');
- print $fh $ENV{'form.upfile'};
+ print $fh $env{'form.upfile'};
}
return $datatoken;
}
-
sub phaseone {
- my ($r,$fn,$uname,$udom)=@_;
- $ENV{'form.upfile.filename'}=~s/\\/\//g;
- $ENV{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/;
- if ($ENV{'form.upfile.filename'}) {
+ my ($r,$fn,$uname,$udom,$mode)=@_;
+ my $action = '/adm/upload';
+ if ($mode eq 'testbank') {
+ $action = '/adm/testbank';
+ } elsif ($mode eq 'imsimport') {
+ $action = '/adm/imsimport';
+ }
+ $env{'form.upfile.filename'}=~s/\\/\//g;
+ $env{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/;
+ if ($env{'form.upfile.filename'}) {
$fn=~s/\/[^\/]+$//;
$fn=~s/([^\/])$/$1\//;
- $fn.=$ENV{'form.upfile.filename'};
+ $fn.=$env{'form.upfile.filename'};
$fn=~s/^\///;
$fn=~s/(\/)+/\//g;
@@ -94,39 +179,58 @@ sub phaseone {
&Debug($r, "Filename for upload: $fn");
if (($fn) && ($fn!~/\/$/)) {
- $r->print('<form action="/adm/upload" method="post">'.
+ $r->print('<form action="'.$action.'" method="post" name="fileupload">'.
'<input type="hidden" name="phase" value="two" />'.
'<input type="hidden" name="datatoken" value="'.
&upfile_store.'" />'.
'<input type="hidden" name="uploaduname" value="'.$uname.
- '" />'.&mt('Store uploaded file as ').
- "<tt>/priv/$uname/</tt>".
- '<input type="text" size="50" name="filename" value="'.$fn.
- '" /><br />'.
- '<input type="submit" value="'.&mt('Store').'" /></form>');
+ '" />'.&mt('Save uploaded file as [_1]',
+ "<span class='LC_filename'>/priv/$uname/</span>".
+ '<input type="text" size="50" name="filename" value="'.$fn.
+ '" />').
+ '<br />'.
+ '<br />'.&mt('Choose file type:').'
+<select name="filetype">
+ <option value="standard" selected>'.&mt('Regular file').'
+ <option value="testbank">'.&mt('Testbank file').'
+ <option value="imsimport">'.&mt('IMS package').'
+</select>'.&Apache::loncommon::help_open_topic("Uploading_File_Options").'
+<br />
+<br />
+');
+ $r->print('<input type="button" value="'.&mt('Save').'" onClick="javascript:verifyForm()"/></form>');
# Check for bad extension and warn user
if ($fn=~/\.(\w+)$/ &&
(&Apache::loncommon::fileembstyle($1) eq 'hdn')) {
- $r->print('<font color="red">'.&mt('The extension on this file,').
- ' "'.$1.'"'.&mt(', is reserved internally by LON-CAPA.').
- ' <br />'.&mt('Please change the extension.').'</font>');
+ $r->print('<p class="LC_error">'
+ .&mt('The extension on this file, [_1], is reserved internally by LON-CAPA.','"'.$1.'"')
+ .' <br />'.&mt('Please change the extension.')
+ .'</p>');
} elsif($fn=~/\.(\w+)$/ &&
!defined(&Apache::loncommon::fileembstyle($1))) {
- $r->print('<font color="red">'.&mt('The extension on this file,').
- ' "'.$1.'"'.&mt(', is not recognized by LON-CAPA.').
- ' <br />'.&mt('Please change the extension.').
- '</font>');
+ $r->print('<p class="LC_error">'
+ .&mt('The extension on this file, [_1], is not recognized by LON-CAPA.','"'.$1.'"')
+ .' <br />'.&mt('Please change the extension.')
+ .'</p>');
}
} else {
- $r->print('<font color="red">'.&mt('Illegal filename.').'</font>');
+ $r->print('<span class="LC_error">'.&mt('Illegal filename.').'</span>');
}
} else {
- $r->print('<font color="red">'.&mt('No upload file specified.').'</font>');
+ $r->print('<span class="LC_error">'.&mt('No upload file specified.').'</span>');
}
}
sub phasetwo {
- my ($r,$tfn,$uname,$udom)=@_;
+ my ($r,$tfn,$uname,$udom,$mode)=@_;
+ my $output;
+ my $action = '/adm/upload';
+ my $returnflag = '';
+ if ($mode eq 'testbank') {
+ $action = '/adm/testbank';
+ } elsif ($mode eq 'imsimport') {
+ $action = '/adm/imsimport';
+ }
my $fn='/priv/'.$uname.'/'.$tfn;
$fn=~s/\/+/\//g;
&Debug($r, "Filename is ".$tfn);
@@ -137,70 +241,136 @@ sub phasetwo {
# target is the full filesystem path of the destination file.
my $base = &File::Basename::basename($fn);
my $path = &File::Basename::dirname($fn);
- $base = &HTML::Entities::encode($base);
+ $base = &HTML::Entities::encode($base,'<>&"');
my $url = $path."/".$base;
&Debug($r, "URL is now ".$url);
- my $datatoken=$ENV{'form.datatoken'};
+ my $datatoken=$env{'form.datatoken'};
if (($fn) && ($datatoken)) {
- if ((-e $target) && ($ENV{'form.override'} ne 'Yes')) {
- $r->print('<form action="/adm/upload" method="post">'.
- &mt('File').' <tt>'.$fn.'</tt> '.
- &mt('exists. Overwrite?').' '.
+ if ($env{'form.cancel'}) {
+ my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp';
+ my $dirpath=$path.'/';
+ $dirpath=~s/\/+/\//g;
+ $output .= &mt('Upload cancelled.').'<br /><font size="+2"><a href="'.$dirpath.'">'.
+ &mt('Back to Directory').'</a></font>';
+ } elsif ((-e $target) && (!$env{'form.override'})) {
+ $output .= '<form action="'.$action.'" method="post">'.
+ &mt('File [_1] exists. Overwrite?','<span class="LC_filename">'.$fn.'</span>').
'<input type="hidden" name="phase" value="two" />'.
- '<input type="hidden" name="filename" value="'."$url".'" />'.
+ '<input type="hidden" name="filename" value="'.$url.'" />'.
'<input type="hidden" name="datatoken" value="'.$datatoken.'" />'.
- '<input type="submit" name="override" value="'.&mt('Yes').'" /></form>');
- } else {
+ '<input type="submit" name="override" value="'.&mt('Yes').'" />'.
+ '<input type="submit" name="cancel" value="'.&mt('Cancel').'" />'.
+ '</form>';
+ } else {
my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp';
+ my $dirpath=$path.'/';
+ $dirpath=~s/\/+/\//g;
# Check for bad extension and disallow upload
- if ($fn=~/\.(\w+)$/ &&
- (&Apache::loncommon::fileembstyle($1) eq 'hdn')) {
- $r->print(&mt('File').' <tt>'.$fn.'</tt> '.
- &mt('could not be copied.').'<br />'.
- '<font color="red">'.
- &mt('The extension on this file is reserved internally by LON-CAPA.').
- '</font>');
- $r->print('<p><font size=+2><a href="'.$path.'">'.
- &mt('Back to Directory').'</a></font>');
- } elsif ($fn=~/\.(\w+)$/ &&
- !defined(&Apache::loncommon::fileembstyle($1))) {
- $r->print(&mt('File').' <tt>'.$fn.'</tt> '.
- &mt('could not be copied.').'<br />'.
- '<font color="red">'.
- &mt('The extension on this file is not recognized by LON-CAPA.').
- '</font>');
- $r->print('<br /><font size="+2"><a href="'.$path.'">'.
- &mt('Back to Directory').'</a></font>');
- } elsif (-d $target) {
- $r->print('File <tt>'.$fn.'</tt> could not be copied.<br />'.
- '<font color="red">'.
- &mt('The target is an existing directory.').
- '</font><br />');
- $r->print('<font size="+2"><a href="'.$path.'">'.
- &mt('Back to Directory').'</a></font>');
- } elsif (copy($source,$target)) {
- chmod(0660, $target); # Set permissions to rw-rw---.
- $r->print(&mt('File copied.'));
- $r->print('<br /><font size="+2"><a href="'.$url.'">'.
- &mt('View file').'</a></font>');
- $r->print('<font size="+2"><a href="'.$path.'">'.
- &mt('Back to Directory').'</a></font><br />');
- } else {
- $r->print('Failed to copy: '.$!);
- $r->print('<br /><font size="+2"><a href="'.$path.'">'.
- &mt('Back to Directory').'</a></font>');
- }
+ my $result;
+ ($result,$returnflag) = &check_extension($fn,$mode,$source,$target,$action,$dirpath,$url);
+ $output .= $result;
}
} else {
- $r->print('<font size="+1" color="red">'.
+ $output .= '<span class="LC_error">'.
&mt('Please use browser "Back" button and pick a filename').
- '</font><br />>');
+ '</span><br />';
}
} else {
- $r->print('<font size=+1 color=red>'.
- &mt('Please use browser "Back" button and pick a filename').
- '</font><p>');
+ $output .= '<span class="LC_error">'.
+ &mt('Please use browser "Back" button and pick a filename').
+ '</span><br />';
}
+ return ($output,$returnflag);
+}
+
+sub check_extension {
+ my ($fn,$mode,$source,$target,$action,$dirpath,$url) = @_;
+ my ($result,$returnflag);
+ # Check for bad extension and disallow upload
+ if ($fn=~/\.(\w+)$/ &&
+ (&Apache::loncommon::fileembstyle($1) eq 'hdn')) {
+ $result .= &mt('File [_1] could not be copied.',
+ '<span class="LC_filename">'.$fn.'</span> ').
+ '<p class="LC_error">'.
+ &mt('The extension on this file is reserved internally by LON-CAPA.').
+ '</p>';
+ } elsif ($fn=~/\.(\w+)$/ &&
+ !defined(&Apache::loncommon::fileembstyle($1))) {
+ $result .= &mt('File [_1] could not be copied.',
+ '<span class="LC_filename">'.$fn.'</span> ').
+ '<p class="LC_error">'.
+ &mt('The extension on this file is not recognized by LON-CAPA.').
+ '</p>';
+ } elsif (-d $target) {
+ $result .= &mt('File [_1] could not be copied.',
+ '<span class="LC_filename">'.$fn.'</span>').
+ '<p class="LC_error">'.
+ &mt('The target is an existing directory.').
+ '</p>';
+ } elsif (copy($source,$target)) {
+ chmod(0660, $target); # Set permissions to rw-rw---.
+ if ($mode eq 'testbank' || $mode eq 'imsimport') {
+ $returnflag = 'ok';
+ $result .= &mt('Your file - [_1] - was uploaded successfully',$fn).'<br /><br />';
+ } else {
+ $result .= &mt('File copied.').'<br />';
+ }
+ # Check for embedded objects.
+ my (%allfiles,%codebase);
+ my ($text,$header,$css,$js);
+ if (($mode ne 'imsimport') && ($target =~ /\.(htm|html|shtml)$/i)) {
+ my (%allfiles,%codebase);
+ &Apache::lonnet::extract_embedded_items($target,\%allfiles,\%codebase);
+ if (keys(%allfiles) > 0) {
+ my $state = <<STATE;
+ <input type="hidden" name="action" value="upload_embedded" />
+ <input type="hidden" name="currentpath" value="$env{'form.currentpath'}" />
+ <input type="hidden" name="mode" value="$mode" />
+ <input type="hidden" name="phase" value="three" />
+ <input type="hidden" name="filename" value="$url" />
+STATE
+ $result .= "<h3>".&mt("Reference Warning")."</h3>".
+ "<p>".&mt("Completed upload of the file. This file contained references to other files.")."</p>".
+ "<p>".&mt("Please select the locations from which the referenced files are to be uploaded.")."</p>".
+ &Apache::loncommon::ask_for_embedded_content($action,$state,\%allfiles,\%codebase,
+ {'error_on_invalid_names' => 1,
+ 'ignore_remote_references' => 1,});
+ if ($mode eq 'testbank') {
+ $returnflag = 'embedded';
+ $result .= '<p>'.&mt('Or [_1]continue[_2] the testbank import without these files','<a href="javascript:document.testbankForm.submit();">','</a>').'</p>';
+ }
+ }
+ }
+ if (($mode ne 'imsimport') && ($mode ne 'testbank')) {
+ $result .= '<br /><font size="+2"><a href="'.$url.'">'.
+ &mt('View file').'</a></font>';
+ }
+ } else {
+ $result .= &mt('Failed to copy: [_1].',$!);
+ }
+ if ($mode ne 'imsimport' && $mode ne 'testbank') {
+ $result .= '<br /><font size="+2"><a href="'.$dirpath.'">'.
+ &mt('Back to Directory').'</a></font><br />';
+ }
+ return ($result,$returnflag);
+}
+
+sub phasethree {
+ my ($r,$fn,$uname,$udom,$mode) = @_;
+ my $result;
+ my $dir_root = '/home/'.$uname.'/public_html';
+ my $url_root = '/priv/'.$uname;
+ my $base = &File::Basename::basename($fn);
+ my $path = &File::Basename::dirname($fn);
+ $result = &Apache::loncommon::upload_embedded($mode,$path,$uname,$udom,
+ $dir_root,$url_root);
+ if ($mode ne 'imsimport' && $mode ne 'testbank') {
+ $result = '<br /><font size="+2"><a href="'.$url_root.$fn.'">'.
+ &mt('View main file').'</a></font>'.
+ '<br /><font size="+2"><a href="'.$url_root.$path.'">'.
+ &mt('Back to Directory').'</a></font><br />';
+ }
+ return $result;
}
# ---------------------------------------------------------------- Main Handler
@@ -210,35 +380,53 @@ sub handler {
my $uname;
my $udom;
+ my $javascript = '';
#
# phase two: re-attach user
#
- if ($ENV{'form.uploaduname'}) {
- $ENV{'form.filename'}='/priv/'.$ENV{'form.uploaduname'}.'/'.
- $ENV{'form.filename'};
+ if ($env{'form.uploaduname'}) {
+ $env{'form.filename'}='/priv/'.$env{'form.uploaduname'}.'/'.
+ $env{'form.filename'};
}
-#
+ unless ($env{'form.phase'} eq 'two') {
+ $javascript = qq|
+function verifyForm() {
+ var mode = document.fileupload.filetype.options[document.fileupload.filetype.selectedIndex].value
+ if (mode == "testbank") {
+ document.fileupload.action = "/adm/testbank";
+ }
+ if (mode == "imsimport") {
+ document.fileupload.action = "/adm/imsimport";
+ }
+ if (mode == "standard") {
+ document.fileupload.action = "/adm/upload";
+ }
+ document.fileupload.submit();
+}
+ |;
+ }
($uname,$udom)=
- &Apache::loncacc::constructaccess($ENV{'form.filename'},
+ &Apache::loncacc::constructaccess($env{'form.filename'},
$r->dir_config('lonDefDomain'));
+
unless (($uname) && ($udom)) {
$r->log_reason($uname.' at '.$udom.
- ' trying to publish file '.$ENV{'form.filename'}.
+ ' trying to publish file '.$env{'form.filename'}.
' - not authorized',
$r->filename);
return HTTP_NOT_ACCEPTABLE;
}
my $fn;
- if ($ENV{'form.filename'}) {
- $fn=$ENV{'form.filename'};
- $fn=~s/^http\:\/\/[^\/]+\///;
+ if ($env{'form.filename'}) {
+ $fn=$env{'form.filename'};
+ $fn=~s/^https?\:\/\/[^\/]+\///;
$fn=~s/^\///;
- $fn=~s/(\~|priv\/)(\w+)//;
+ $fn=~s{(~|priv/)($LONCAPA::username_re)}{};
$fn=~s/\/+/\//g;
} else {
- $r->log_reason($ENV{'user.name'}.' at '.$ENV{'user.domain'}.
+ $r->log_reason($env{'user.name'}.' at '.$env{'user.domain'}.
' unspecified filename for upload', $r->filename);
return HTTP_NOT_FOUND;
}
@@ -249,97 +437,32 @@ sub handler {
&Apache::loncommon::content_type($r,'text/html');
$r->send_http_header;
- $r->print('<html><head><title>LON-CAPA Construction Space</title></head>');
+ $javascript = "<script type=\"text/javascript\">\n//<!--\n".
+ $javascript."\n// --></script>\n";
- $r->print(&Apache::loncommon::bodytag('Upload file to Construction Space'));
+ $r->print(&Apache::loncommon::start_page('Upload file to Construction Space',
+ $javascript));
- if (($uname ne $ENV{'user.name'}) || ($udom ne $ENV{'user.domain'})) {
- $r->print('<h3><font color=red>'.&mt('Co-Author').': '.$uname.
- &mt(' at ').$udom.'</font></h3>');
+ if (($uname ne $env{'user.name'}) || ($udom ne $env{'user.domain'})) {
+ $r->print('<h3><span class="LC_error">'.&mt('Co-Author').': '.$uname.
+ &mt(' at ').$udom.'</span></h3>');
}
- if ($ENV{'form.phase'} eq 'two') {
- &phasetwo($r,$fn,$uname,$udom);
+ if ($env{'form.phase'} eq 'three') {
+ my $output = &phasethree($r,$fn,$uname,$udom,'author');
+ $r->print($output);
+ } elsif ($env{'form.phase'} eq 'two') {
+ my ($output,$returnflag) = &phasetwo($r,$fn,$uname,$udom);
+ $r->print($output);
} else {
&phaseone($r,$fn,$uname,$udom);
}
- $r->print('</body></html>');
+ $r->print(&Apache::loncommon::end_page());
return OK;
}
1;
__END__
-=head1 NAME
-
-Apache::lonupload - upload files into construction space
-
-=head1 SYNOPSIS
-
-Invoked by /etc/httpd/conf/srm.conf:
-
- <Location /adm/upload>
- PerlAccessHandler Apache::lonacc
- SetHandler perl-script
- PerlHandler Apache::lonupload
- ErrorDocument 403 /adm/login
- ErrorDocument 404 /adm/notfound.html
- ErrorDocument 406 /adm/unauthorized.html
- ErrorDocument 500 /adm/errorhandler
- </Location>
-
-=head1 INTRODUCTION
-
-This module uploads a file sitting on a client computer into
-library server construction space.
-
-This is part of the LearningOnline Network with CAPA project
-described at http://www.lon-capa.org.
-
-=head1 HANDLER SUBROUTINE
-
-This routine is called by Apache and mod_perl.
-
-=over 4
-
-=item *
-
-Initialize variables
-
-=item *
-
-Start page output
-
-=item *
-
-output relevant interface phase (phaseone or phasetwo)
-=item *
-
-(phase one is to specify upload file; phase two is to handle conditions
-subsequent to specification--like overwriting an existing file)
-
-=back
-
-=head1 OTHER SUBROUTINES
-
-=over 4
-
-=item *
-
-phaseone() : Interface for specifying file to upload.
-
-=item *
-
-phasetwo() : Interface for handling post-conditions about uploading (such
-as overwriting an existing file).
-
-=item *
-
-upfile_store() : Store contents of uploaded file into temporary space. Invoked
-by phaseone subroutine.
-
-=back
-
-=cut