--- loncom/publisher/lonupload.pm 2001/05/25 16:36:36 1.3
+++ loncom/publisher/lonupload.pm 2001/12/04 18:13:06 1.9
@@ -1,6 +1,30 @@
# The LearningOnline Network with CAPA
# Handler to upload files into construction space
#
+# $Id: lonupload.pm,v 1.9 2001/12/04 18:13:06 matthew Exp $
+#
+# Copyright Michigan State University Board of Trustees
+#
+# This file is part of the LearningOnline Network with CAPA (LON-CAPA).
+#
+# LON-CAPA is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# LON-CAPA is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with LON-CAPA; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+# /home/httpd/html/adm/gpl.txt
+#
+# http://www.lon-capa.org/
+#
# (Handler to retrieve an old version of a file
#
# (Publication Handler
@@ -15,7 +39,8 @@
#
# 03/31,04/03 Gerd Kortemeyer)
#
-# 04/05,04/09,05/25 Gerd Kortemeyer
+# 04/05,04/09,05/25,06/23,06/24,08/22 Gerd Kortemeyer
+# 11/29 Matthew Hall
package Apache::lonupload;
@@ -24,6 +49,7 @@ use Apache::File;
use File::Copy;
use Apache::Constants qw(:common :http :methods);
use Apache::loncacc;
+use Apache::lonnet;
sub upfile_store {
my $r=shift;
@@ -45,7 +71,10 @@ sub upfile_store {
sub phaseone {
- my ($r,$fn,$uname,$udom)=@_;
+ my ($r,$fn,$uname,$udom)=@_;
+ $ENV{'form.upfile.filename'}=~s/\\/\//g;
+ $ENV{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/;
+ if ($ENV{'form.upfile.filename'}) {
$fn=~s/\/[^\/]+$//;
$fn=~s/([^\/])$/$1\//;
$fn.=$ENV{'form.upfile.filename'};
@@ -61,13 +90,35 @@ sub phaseone {
' '.
'');
+ # Check for bad extension and warn user
+ if ($fn=~/\.(\w+)$/ &&
+ (&Apache::lonnet::fileembstyle($1) eq 'hdn')) {
+ $r->print(
+ ''.
+ 'The extension on this file, "'.$1.
+ '", is reserved internally by LON-CAPA. '.
+ 'Please change the extension.'.
+ '');
+ } elsif($fn=~/\.(\w+)$/ &&
+ !defined(&Apache::lonnet::fileembstyle($1))) {
+ $r->print(
+ ''.
+ 'The extension on this file, "'.$1.
+ '", is not recognized by LON-CAPA. '.
+ 'Please change the extension.'.
+ '');
+ }
} else {
$r->print('Illegal filename.');
}
+ } else {
+ $r->print('No upload file specified.');
+ }
}
sub phasetwo {
- my ($r,$fn,$uname,$udom)=@_;
+ my ($r,$fn,$uname,$udom)=@_;
+ if ($fn=~/^\/priv\/$uname\//) {
my $tfn=$fn;
$tfn=~s/^\/(\~|priv)\/(\w+)//;
my $target='/home/'.$uname.'/public_html'.$tfn;
@@ -84,7 +135,22 @@ sub phasetwo {
} else {
my $source=$r->dir_config('lonDaemons').
'/tmp/'.$datatoken.'.tmp';
- if (copy($source,$target)) {
+ # Check for bad extension and disallow upload
+ if ($fn=~/\.(\w+)$/ &&
+ (&Apache::lonnet::fileembstyle($1) eq 'hdn')) {
+ $r->print(
+ 'File '.$fn.' could not be copied. '.
+ ''.
+ 'The extension on this file is reserved internally by LON-CAPA.'.
+ '');
+ } elsif ($fn=~/\.(\w+)$/ &&
+ !defined(&Apache::lonnet::fileembstyle($1))) {
+ $r->print(
+ 'File '.$fn.' could not be copied. '.
+ ''.
+ 'The extension on this file is not recognized by LON-CAPA.'.
+ '');
+ } elsif (copy($source,$target)) {
$r->print('File copied.');
$r->print('
View file');
@@ -97,6 +163,11 @@ sub phasetwo {
'Please pick a filename