--- loncom/publisher/lonupload.pm 2001/04/10 01:57:28 1.2 +++ loncom/publisher/lonupload.pm 2001/11/29 21:51:40 1.8 @@ -1,6 +1,30 @@ # The LearningOnline Network with CAPA # Handler to upload files into construction space # +# $Id: lonupload.pm,v 1.8 2001/11/29 21:51:40 matthew Exp $ +# +# Copyright Michigan State University Board of Trustees +# +# This file is part of the LearningOnline Network with CAPA (LON-CAPA). +# +# LON-CAPA is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# LON-CAPA is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with LON-CAPA; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# /home/httpd/html/adm/gpl.txt +# +# http://www.lon-capa.org/ +# # (Handler to retrieve an old version of a file # # (Publication Handler @@ -15,7 +39,8 @@ # # 03/31,04/03 Gerd Kortemeyer) # -# 04/05,04/09 Gerd Kortemeyer +# 04/05,04/09,05/25,06/23,06/24,08/22 Gerd Kortemeyer +# 11/29 Matthew Hall package Apache::lonupload; @@ -23,7 +48,8 @@ use strict; use Apache::File; use File::Copy; use Apache::Constants qw(:common :http :methods); - +use Apache::loncacc; +use Apache::lonnet; sub upfile_store { my $r=shift; @@ -45,22 +71,49 @@ sub upfile_store { sub phaseone { - my ($r,$fn,$uname,$udom)=@_; + my ($r,$fn,$uname,$udom)=@_; + $ENV{'form.upfile.filename'}=~s/\\/\//g; + $ENV{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/; + if ($ENV{'form.upfile.filename'}) { $fn=~s/\/[^\/]+$//; $fn=~s/([^\/])$/$1\//; $fn.=$ENV{'form.upfile.filename'}; - $r->print( + $fn=~s/^\///; + $fn=~s/(\/)+/\//g; + + if (($fn) && ($fn!~/\/$/)) { + $r->print( '
'); + # Check for bad extension + if ($fn=~/\.(\w+)$/ && + (&Apache::lonnet::fileembstyle($1) eq 'hdn')) { + $r->print( + ''. + 'The extension on this file, "'.$1. + '", is reserved internally by LON-CAPA.View file'); } else { $r->print('Failed to copy: '.$!); @@ -87,17 +148,36 @@ sub phasetwo { 'Please pick a filename
'); &phaseone($r,$fn,$uname,$udom); } + } else { + $r->print( + 'Please pick a filename
'); + &phaseone($r,$fn,$uname,$udom); + } } sub handler { my $r=shift; + my $uname; + my $udom; + + ($uname,$udom)= + &Apache::loncacc::constructaccess( + $ENV{'form.filename'},$r->dir_config('lonDefDomain')); + unless (($uname) && ($udom)) { + $r->log_reason($uname.' at '.$udom. + ' trying to publish file '.$ENV{'form.filename'}. + ' - not authorized', + $r->filename); + return HTTP_NOT_ACCEPTABLE; + } + my $fn; if ($ENV{'form.filename'}) { $fn=$ENV{'form.filename'}; - $fn=~s/^http\:\/\/[^\/]+\/\~(\w+)//; + $fn=~s/^http\:\/\/[^\/]+\/(\~|priv\/)(\w+)//; } else { $r->log_reason($ENV{'user.name'}.' at '.$ENV{'user.domain'}. ' unspecified filename for upload', $r->filename); @@ -106,8 +186,6 @@ sub handler { # ----------------------------------------------------------- Start page output - my $uname=$ENV{'user.name'}; - my $udom=$ENV{'user.domain'}; $r->content_type('text/html'); $r->send_http_header; @@ -119,6 +197,12 @@ sub handler { $r->print('