--- loncom/publisher/lonupload.pm 2001/06/23 18:26:40 1.5
+++ loncom/publisher/lonupload.pm 2001/12/04 18:13:06 1.9
@@ -1,6 +1,30 @@
# The LearningOnline Network with CAPA
# Handler to upload files into construction space
#
+# $Id: lonupload.pm,v 1.9 2001/12/04 18:13:06 matthew Exp $
+#
+# Copyright Michigan State University Board of Trustees
+#
+# This file is part of the LearningOnline Network with CAPA (LON-CAPA).
+#
+# LON-CAPA is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# LON-CAPA is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with LON-CAPA; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+# /home/httpd/html/adm/gpl.txt
+#
+# http://www.lon-capa.org/
+#
# (Handler to retrieve an old version of a file
#
# (Publication Handler
@@ -15,7 +39,8 @@
#
# 03/31,04/03 Gerd Kortemeyer)
#
-# 04/05,04/09,05/25,06/23 Gerd Kortemeyer
+# 04/05,04/09,05/25,06/23,06/24,08/22 Gerd Kortemeyer
+# 11/29 Matthew Hall
package Apache::lonupload;
@@ -24,6 +49,7 @@ use Apache::File;
use File::Copy;
use Apache::Constants qw(:common :http :methods);
use Apache::loncacc;
+use Apache::lonnet;
sub upfile_store {
my $r=shift;
@@ -46,12 +72,15 @@ sub upfile_store {
sub phaseone {
my ($r,$fn,$uname,$udom)=@_;
+ $ENV{'form.upfile.filename'}=~s/\\/\//g;
+ $ENV{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/;
if ($ENV{'form.upfile.filename'}) {
$fn=~s/\/[^\/]+$//;
$fn=~s/([^\/])$/$1\//;
$fn.=$ENV{'form.upfile.filename'};
$fn=~s/^\///;
$fn=~s/(\/)+/\//g;
+
if (($fn) && ($fn!~/\/$/)) {
$r->print(
'<form action=/adm/upload method=post>'.
@@ -61,6 +90,24 @@ sub phaseone {
'<input type=text size=50 name=filename value="/priv/'.
$uname.'/'.$fn.'"><br>'.
'<input type=submit value="Store"></form>');
+ # Check for bad extension and warn user
+ if ($fn=~/\.(\w+)$/ &&
+ (&Apache::lonnet::fileembstyle($1) eq 'hdn')) {
+ $r->print(
+ '<font color=red>'.
+ 'The extension on this file, "'.$1.
+ '", is reserved internally by LON-CAPA. <br \>'.
+ 'Please change the extension.'.
+ '</font>');
+ } elsif($fn=~/\.(\w+)$/ &&
+ !defined(&Apache::lonnet::fileembstyle($1))) {
+ $r->print(
+ '<font color=red>'.
+ 'The extension on this file, "'.$1.
+ '", is not recognized by LON-CAPA. <br \>'.
+ 'Please change the extension.'.
+ '</font>');
+ }
} else {
$r->print('<font color=red>Illegal filename.</font>');
}
@@ -88,7 +135,22 @@ sub phasetwo {
} else {
my $source=$r->dir_config('lonDaemons').
'/tmp/'.$datatoken.'.tmp';
- if (copy($source,$target)) {
+ # Check for bad extension and disallow upload
+ if ($fn=~/\.(\w+)$/ &&
+ (&Apache::lonnet::fileembstyle($1) eq 'hdn')) {
+ $r->print(
+ 'File <tt>'.$fn.'</tt> could not be copied.<br />'.
+ '<font color=red>'.
+ 'The extension on this file is reserved internally by LON-CAPA.'.
+ '</font>');
+ } elsif ($fn=~/\.(\w+)$/ &&
+ !defined(&Apache::lonnet::fileembstyle($1))) {
+ $r->print(
+ 'File <tt>'.$fn.'</tt> could not be copied.<br />'.
+ '<font color=red>'.
+ 'The extension on this file is not recognized by LON-CAPA.'.
+ '</font>');
+ } elsif (copy($source,$target)) {
$r->print('File copied.');
$r->print('<p><font size=+2><a href="'.$fn.
'">View file</a></font>');
@@ -166,3 +228,6 @@ sub handler {
$r->print('</body></html>');
return OK;
}
+
+1;
+__END__