Annotation of loncom/publisher/lonupload.pm, revision 1.43

1.12      foxr        1: 
1.1       www         2: # The LearningOnline Network with CAPA
                      3: # Handler to upload files into construction space
                      4: #
1.43    ! raeburn     5: # $Id: lonupload.pm,v 1.42 2008/12/12 02:32:27 raeburn Exp $
1.8       matthew     6: #
                      7: # Copyright Michigan State University Board of Trustees
                      8: #
                      9: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
                     10: #
                     11: # LON-CAPA is free software; you can redistribute it and/or modify
                     12: # it under the terms of the GNU General Public License as published by
                     13: # the Free Software Foundation; either version 2 of the License, or
                     14: # (at your option) any later version.
                     15: #
                     16: # LON-CAPA is distributed in the hope that it will be useful,
                     17: # but WITHOUT ANY WARRANTY; without even the implied warranty of
                     18: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
                     19: # GNU General Public License for more details.
                     20: #
                     21: # You should have received a copy of the GNU General Public License
                     22: # along with LON-CAPA; if not, write to the Free Software
                     23: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
                     24: #
                     25: # /home/httpd/html/adm/gpl.txt
                     26: #
                     27: # http://www.lon-capa.org/
                     28: #
1.10      harris41   29: ###
1.1       www        30: 
1.39      jms        31: =head1 NAME
                     32: 
                     33: Apache::lonupload - upload files into construction space
                     34: 
                     35: =head1 SYNOPSIS
                     36: 
                     37: Invoked by /etc/httpd/conf/srm.conf:
                     38: 
                     39:  <Location /adm/upload>
                     40:  PerlAccessHandler       Apache::lonacc
                     41:  SetHandler perl-script
                     42:  PerlHandler Apache::lonupload
                     43:  ErrorDocument     403 /adm/login
                     44:  ErrorDocument     404 /adm/notfound.html
                     45:  ErrorDocument     406 /adm/unauthorized.html
                     46:  ErrorDocument	  500 /adm/errorhandler
                     47:  </Location>
                     48: 
                     49: =head1 INTRODUCTION
                     50: 
                     51: This module uploads a file sitting on a client computer into 
                     52: library server construction space.
                     53: 
                     54: This is part of the LearningOnline Network with CAPA project
                     55: described at http://www.lon-capa.org.
                     56: 
                     57: =head1 HANDLER SUBROUTINE
                     58: 
                     59: This routine is called by Apache and mod_perl.
                     60: 
                     61: =over 4
                     62: 
                     63: =item *
                     64: 
                     65: Initialize variables
                     66: 
                     67: =item *
                     68: 
                     69: Start page output
                     70: 
                     71: =item *
                     72: 
                     73: output relevant interface phase (phaseone or phasetwo or phasethree)
                     74: 
                     75: =item *
                     76: 
                     77: (phase one is to specify upload file; phase two is to handle conditions
                     78: subsequent to specification--like overwriting an existing file; phase three
                     79: is to handle processing of secondary uploads - of embedded objects in an
                     80: html file).
                     81: 
                     82: =back
                     83: 
                     84: =head1 OTHER SUBROUTINES
                     85: 
1.40      jms        86: =over
1.39      jms        87: 
1.40      jms        88: =item phaseone()
1.39      jms        89: 
1.40      jms        90: Interface for specifying file to upload.
1.39      jms        91: 
1.40      jms        92: =item phasetwo()
1.39      jms        93: 
1.40      jms        94: Interface for handling post-conditions about uploading (such
1.39      jms        95: as overwriting an existing file).
                     96: 
1.40      jms        97: =item phasethree()
1.39      jms        98: 
1.40      jms        99: Interface for handling secondary uploads of embedded objects
1.39      jms       100: in an html file.
                    101: 
1.40      jms       102: =item upfile_store()
1.39      jms       103: 
1.40      jms       104: Store contents of uploaded file into temporary space.  Invoked
1.39      jms       105: by phaseone subroutine.
                    106: 
1.40      jms       107: =item check_extension()
1.39      jms       108: 
1.40      jms       109: Checks if filename extension is permitted and checks type
1.39      jms       110:  of file - if html file, calls parser to check for embedded objects.
                    111:  Invoked by phasetwo subroutine.
                    112: 
                    113: =back
                    114: 
                    115: =cut
                    116: 
1.1       www       117: package Apache::lonupload;
                    118: 
                    119: use strict;
                    120: use Apache::File;
                    121: use File::Copy;
1.13      foxr      122: use File::Basename;
1.1       www       123: use Apache::Constants qw(:common :http :methods);
1.3       www       124: use Apache::loncacc;
1.10      harris41  125: use Apache::loncommon();
1.13      foxr      126: use Apache::lonnet;
1.14      foxr      127: use HTML::Entities();
1.20      www       128: use Apache::lonlocal;
1.29      albertel  129: use Apache::lonnet;
1.34      albertel  130: use LONCAPA();
1.12      foxr      131: 
                    132: my $DEBUG=0;
                    133: 
                    134: sub Debug {
1.30      albertel  135:     # Put out the indicated message but only if DEBUG is true.
1.22      albertel  136:     if ($DEBUG) {
1.30      albertel  137: 	my ($r,$message) = @_;
                    138: 	$r->log_reason($message);
1.22      albertel  139:     }
1.12      foxr      140: }
1.1       www       141: 
1.2       www       142: sub upfile_store {
                    143:     my $r=shift;
                    144: 	
1.29      albertel  145:     my $fname=$env{'form.upfile.filename'};
1.2       www       146:     $fname=~s/\W//g;
                    147:     
1.29      albertel  148:     chomp($env{'form.upfile'});
1.1       www       149:   
1.29      albertel  150:     my $datatoken=$env{'user.name'}.'_'.$env{'user.domain'}.
1.2       www       151: 		  '_upload_'.$fname.'_'.time.'_'.$$;
                    152:     {
                    153:        my $fh=Apache::File->new('>'.$r->dir_config('lonDaemons').
                    154:                                    '/tmp/'.$datatoken.'.tmp');
1.29      albertel  155:        print $fh $env{'form.upfile'};
1.1       www       156:     }
1.2       www       157:     return $datatoken;
                    158: }
                    159: 
                    160: sub phaseone {
1.25      raeburn   161:     my ($r,$fn,$uname,$udom,$mode)=@_;
                    162:     my $action = '/adm/upload';
                    163:     if ($mode eq 'testbank') {
                    164:         $action = '/adm/testbank';
                    165:     } elsif ($mode eq 'imsimport') {
                    166:         $action = '/adm/imsimport';
                    167:     }
1.29      albertel  168:     $env{'form.upfile.filename'}=~s/\\/\//g;
                    169:     $env{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/;
                    170:     if ($env{'form.upfile.filename'}) {
1.22      albertel  171: 	$fn=~s/\/[^\/]+$//;
                    172: 	$fn=~s/([^\/])$/$1\//;
1.29      albertel  173: 	$fn.=$env{'form.upfile.filename'};
1.22      albertel  174: 	$fn=~s/^\///;
                    175: 	$fn=~s/(\/)+/\//g;
1.13      foxr      176: 
                    177: #    Fn is the full path to the destination filename.
                    178: #    
                    179: 
1.22      albertel  180: 	&Debug($r, "Filename for upload: $fn");
                    181: 	if (($fn) && ($fn!~/\/$/)) {
1.28      raeburn   182: 	    $r->print('<form action="'.$action.'" method="post" name="fileupload">'.
1.23      albertel  183: 		      '<input type="hidden" name="phase" value="two" />'.
                    184: 		      '<input type="hidden" name="datatoken" value="'.
                    185: 		      &upfile_store.'" />'.
                    186: 		      '<input type="hidden" name="uploaduname" value="'.$uname.
1.41      bisitz    187: 		      '" />'.&mt('Save uploaded file as [_1]',
1.33      albertel  188:                       "<span class='LC_filename'>/priv/$uname/</span>".
1.25      raeburn   189:                       '<input type="text" size="50" name="filename" value="'.$fn.
1.41      bisitz    190:                       '" />').
                    191:                       '<br />'.
1.33      albertel  192: 		      '<br />'.&mt('Choose file type:').'
1.25      raeburn   193: <select name="filetype">
                    194:  <option value="standard" selected>'.&mt('Regular file').'
                    195:  <option value="testbank">'.&mt('Testbank file').'
                    196:  <option value="imsimport">'.&mt('IMS package').'
1.33      albertel  197: </select>'.&Apache::loncommon::help_open_topic("Uploading_File_Options").'
1.25      raeburn   198: <br />
                    199: <br />
                    200: ');
1.35      albertel  201:             $r->print('<input type="button" value="'.&mt('Save').'" onClick="javascript:verifyForm()"/></form>');
1.22      albertel  202: 	    # Check for bad extension and warn user
                    203: 	    if ($fn=~/\.(\w+)$/ && 
                    204: 		(&Apache::loncommon::fileembstyle($1) eq 'hdn')) {
1.41      bisitz    205:                 $r->print('<p class="LC_error">'
                    206:                           .&mt('The extension on this file, [_1], is reserved internally by LON-CAPA.','"'.$1.'"')
                    207:                           .' <br />'.&mt('Please change the extension.')
                    208:                           .'</p>');
1.22      albertel  209: 	    } elsif($fn=~/\.(\w+)$/ && 
                    210: 		    !defined(&Apache::loncommon::fileembstyle($1))) {
1.41      bisitz    211:                 $r->print('<p class="LC_error">'
                    212:                          .&mt('The extension on this file, [_1], is not recognized by LON-CAPA.','"'.$1.'"')
                    213:                          .' <br />'.&mt('Please change the extension.')
                    214:                          .'</p>');
1.22      albertel  215: 	    }
                    216: 	} else {
1.33      albertel  217: 	    $r->print('<span class="LC_error">'.&mt('Illegal filename.').'</span>');
1.22      albertel  218: 	}
                    219:     } else {
1.33      albertel  220: 	$r->print('<span class="LC_error">'.&mt('No upload file specified.').'</span>');
1.22      albertel  221:     }
1.1       www       222: }
                    223: 
                    224: sub phasetwo {
1.25      raeburn   225:     my ($r,$tfn,$uname,$udom,$mode)=@_;
1.37      raeburn   226:     my $output;
1.25      raeburn   227:     my $action = '/adm/upload';
                    228:     my $returnflag = '';
                    229:     if ($mode eq 'testbank') {
                    230:         $action = '/adm/testbank';
                    231:     } elsif ($mode eq 'imsimport') {
                    232:         $action = '/adm/imsimport';
                    233:     }
1.22      albertel  234:     my $fn='/priv/'.$uname.'/'.$tfn;
                    235:     $fn=~s/\/+/\//g;
                    236:     &Debug($r, "Filename is ".$tfn);
                    237:     if ($tfn) {
                    238: 	&Debug($r, "Filename for tfn = ".$tfn);
                    239: 	my $target='/home/'.$uname.'/public_html'.$tfn;
                    240: 	&Debug($r, "target -> ".$target);
1.13      foxr      241: #     target is the full filesystem path of the destination file.
1.22      albertel  242: 	my $base = &File::Basename::basename($fn);
                    243: 	my $path = &File::Basename::dirname($fn);
1.26      albertel  244: 	$base    = &HTML::Entities::encode($base,'<>&"');
1.22      albertel  245: 	my $url  = $path."/".$base; 
                    246: 	&Debug($r, "URL is now ".$url);
1.29      albertel  247: 	my $datatoken=$env{'form.datatoken'};
1.22      albertel  248: 	if (($fn) && ($datatoken)) {
1.36      www       249:             if ($env{'form.cancel'}) {
                    250:                 my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp';
                    251:                 my $dirpath=$path.'/';
                    252:                 $dirpath=~s/\/+/\//g;
1.37      raeburn   253:                 $output .= &mt('Upload cancelled.').'<br /><font size="+2"><a href="'.$dirpath.'">'.
                    254:                           &mt('Back to Directory').'</a></font>';
1.36      www       255: 	    } elsif ((-e $target) && (!$env{'form.override'})) {
1.37      raeburn   256: 		$output .= '<form action="'.$action.'" method="post">'.
1.36      www       257: 			  &mt('File [_1] exists. Overwrite?','<span class="LC_filename">'.$fn.'</span>').
1.23      albertel  258: 			  '<input type="hidden" name="phase" value="two" />'.
1.37      raeburn   259: 			  '<input type="hidden" name="filename" value="'.$url.'" />'.
1.23      albertel  260: 			  '<input type="hidden" name="datatoken" value="'.$datatoken.'" />'.
1.36      www       261: 			  '<input type="submit" name="override" value="'.&mt('Yes').'" />'.
                    262:                           '<input type="submit" name="cancel" value="'.&mt('Cancel').'" />'.
1.37      raeburn   263:                           '</form>';
1.36      www       264:             } else {
1.22      albertel  265: 		my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp';
1.27      www       266: 		my $dirpath=$path.'/';
                    267: 		$dirpath=~s/\/+/\//g;
1.22      albertel  268: 		# Check for bad extension and disallow upload
1.37      raeburn   269:                 my $result;
                    270:                 ($result,$returnflag) = &check_extension($fn,$mode,$source,$target,$action,$dirpath,$url);
                    271:                 $output .= $result;
1.22      albertel  272: 	    }
                    273: 	} else {
1.37      raeburn   274: 	    $output .= '<span class="LC_error">'.
1.22      albertel  275: 		      &mt('Please use browser "Back" button and pick a filename').
1.37      raeburn   276: 		      '</span><br />';
1.22      albertel  277: 	}
1.1       www       278:     } else {
1.37      raeburn   279: 	$output .= '<span class="LC_error">'.
                    280: 		   &mt('Please use browser "Back" button and pick a filename').
                    281: 		   '</span><br />';
                    282:     }
                    283:     return ($output,$returnflag);
                    284: }
                    285: 
                    286: sub check_extension {
                    287:     my ($fn,$mode,$source,$target,$action,$dirpath,$url) = @_;
                    288:     my ($result,$returnflag);
                    289:     # Check for bad extension and disallow upload
                    290:     if ($fn=~/\.(\w+)$/ &&
                    291:         (&Apache::loncommon::fileembstyle($1) eq 'hdn')) {
                    292:         $result .= &mt('File [_1] could not be copied.',
1.42      raeburn   293:                       '<span class="LC_filename">'.$fn.'</span> ').
                    294:                   '<p class="LC_error">'.
1.37      raeburn   295:                   &mt('The extension on this file is reserved internally by LON-CAPA.').
1.41      bisitz    296:                   '</p>';
1.37      raeburn   297:     } elsif ($fn=~/\.(\w+)$/ &&
                    298:              !defined(&Apache::loncommon::fileembstyle($1))) {
                    299:         $result .= &mt('File [_1] could not be copied.',
                    300:                       '<span class="LC_filename">'.$fn.'</span> ').
1.41      bisitz    301:                   '<p class="LC_error">'.
1.37      raeburn   302:                   &mt('The extension on this file is not recognized by LON-CAPA.').
1.41      bisitz    303:                   '</p>';
1.37      raeburn   304:     } elsif (-d $target) {
                    305:         $result .= &mt('File [_1] could not be copied.',
                    306:                       '<span class="LC_filename">'.$fn.'</span>').
1.41      bisitz    307:                   '<p class="LC_error">'.
1.37      raeburn   308:                   &mt('The target is an existing directory.').
1.41      bisitz    309:                   '</p>';
1.37      raeburn   310:     } elsif (copy($source,$target)) {
                    311:         chmod(0660, $target); # Set permissions to rw-rw---.
                    312:         if ($mode eq 'testbank' || $mode eq 'imsimport') {
                    313:             $returnflag = 'ok';
                    314:             $result .= &mt('Your file - [_1] - was uploaded successfully',$fn).'<br /><br />';
                    315:         } else {
                    316:             $result .= &mt('File copied.').'<br />';
                    317:         }
                    318:         # Check for embedded objects.
                    319:         my (%allfiles,%codebase);
                    320:         my ($text,$header,$css,$js);
                    321:         if (($mode ne 'imsimport') && ($target =~ /\.(htm|html|shtml)$/i)) {
                    322:             my (%allfiles,%codebase);
                    323:             &Apache::lonnet::extract_embedded_items($target,\%allfiles,\%codebase);
                    324:             if (keys(%allfiles) > 0) {
                    325:                 my $state = <<STATE;
                    326:     <input type="hidden" name="action"      value="upload_embedded" />
                    327:     <input type="hidden" name="currentpath" value="$env{'form.currentpath'}" />
                    328:     <input type="hidden" name="mode"        value="$mode" />
                    329:     <input type="hidden" name="phase"       value="three" />
                    330:     <input type="hidden" name="filename" value="$url" />
                    331: STATE
                    332:                 $result .= "<h3>".&mt("Reference Warning")."</h3>".
                    333:                            "<p>".&mt("Completed upload of the file. This file contained references to other files.")."</p>".
                    334:                           "<p>".&mt("Please select the locations from which the referenced files are to be uploaded.")."</p>".
                    335:                           &Apache::loncommon::ask_for_embedded_content($action,$state,\%allfiles,\%codebase,
                    336:                                       {'error_on_invalid_names'   => 1,
                    337:                                        'ignore_remote_references' => 1,});
                    338:                 if ($mode eq 'testbank') {
                    339:                     $returnflag = 'embedded';
                    340:                     $result .=  '<p>'.&mt('Or [_1]continue[_2] the testbank import without these files','<a href="javascript:document.testbankForm.submit();">','</a>').'</p>';
                    341:                 }
                    342:             }
                    343:         }
                    344:         if (($mode ne 'imsimport') && ($mode ne 'testbank')) {
                    345:             $result .= '<br /><font size="+2"><a href="'.$url.'">'.
                    346:                         &mt('View file').'</a></font>';
                    347:         }
                    348:     } else {
                    349:         $result .= &mt('Failed to copy: [_1].',$!);
                    350:     }
                    351:     if ($mode ne 'imsimport' && $mode ne 'testbank') {
                    352:         $result .= '<br /><font size="+2"><a href="'.$dirpath.'">'.
                    353:                    &mt('Back to Directory').'</a></font><br />';
                    354:     }
                    355:     return ($result,$returnflag);
                    356: }
                    357: 
                    358: sub phasethree {
                    359:     my ($r,$fn,$uname,$udom,$mode) = @_;
                    360:     my $result;
                    361:     my $dir_root = '/home/'.$uname.'/public_html';
                    362:     my $url_root = '/priv/'.$uname;
                    363:     my $base = &File::Basename::basename($fn);
                    364:     my $path = &File::Basename::dirname($fn);
                    365:     $result = &Apache::loncommon::upload_embedded($mode,$path,$uname,$udom,
                    366:                                                   $dir_root,$url_root);
                    367:     if ($mode ne 'imsimport' && $mode ne 'testbank') {
                    368:         $result = '<br /><font size="+2"><a href="'.$url_root.$fn.'">'.
                    369:                   &mt('View main file').'</a></font>'.
                    370:                   '<br /><font size="+2"><a href="'.$url_root.$path.'">'.
                    371:                   &mt('Back to Directory').'</a></font><br />';
1.1       www       372:     }
1.37      raeburn   373:     return $result;
1.1       www       374: }
                    375: 
1.10      harris41  376: # ---------------------------------------------------------------- Main Handler
1.1       www       377: sub handler {
                    378: 
1.22      albertel  379:     my $r=shift;
1.1       www       380: 
1.22      albertel  381:     my $uname;
                    382:     my $udom;
1.25      raeburn   383:     my $javascript = '';
1.18      www       384: #
                    385: # phase two: re-attach user
                    386: #
1.29      albertel  387:     if ($env{'form.uploaduname'}) {
                    388: 	$env{'form.filename'}='/priv/'.$env{'form.uploaduname'}.'/'.
                    389: 	    $env{'form.filename'};
1.22      albertel  390:     }
                    391: 
1.29      albertel  392:     unless ($env{'form.phase'} eq 'two') {
1.25      raeburn   393:         $javascript = qq|
                    394: function verifyForm() {
1.28      raeburn   395:     var mode = document.fileupload.filetype.options[document.fileupload.filetype.selectedIndex].value
1.25      raeburn   396:     if (mode == "testbank") {
1.28      raeburn   397:         document.fileupload.action = "/adm/testbank";
1.25      raeburn   398:     }
                    399:     if (mode == "imsimport") {
1.28      raeburn   400:         document.fileupload.action = "/adm/imsimport";
1.25      raeburn   401:     }
                    402:     if (mode == "standard") {
1.28      raeburn   403:         document.fileupload.action = "/adm/upload";
1.25      raeburn   404:     }
1.28      raeburn   405:     document.fileupload.submit();
1.25      raeburn   406: }
1.33      albertel  407: 	|;
1.25      raeburn   408:     }
1.22      albertel  409:     ($uname,$udom)=
1.29      albertel  410: 	&Apache::loncacc::constructaccess($env{'form.filename'},
1.22      albertel  411: 					  $r->dir_config('lonDefDomain'));
1.37      raeburn   412: 
1.22      albertel  413:     unless (($uname) && ($udom)) {
                    414: 	$r->log_reason($uname.' at '.$udom.
1.29      albertel  415: 		       ' trying to publish file '.$env{'form.filename'}.
1.22      albertel  416: 		       ' - not authorized', 
                    417: 		       $r->filename); 
                    418: 	return HTTP_NOT_ACCEPTABLE;
                    419:     }
                    420:     
                    421:     my $fn;
1.29      albertel  422:     if ($env{'form.filename'}) {
                    423: 	$fn=$env{'form.filename'};
1.43    ! raeburn   424: 	$fn=~s/^https?\:\/\/[^\/]+\///;
1.22      albertel  425: 	$fn=~s/^\///;
1.34      albertel  426: 	$fn=~s{(~|priv/)($LONCAPA::username_re)}{};
1.22      albertel  427: 	$fn=~s/\/+/\//g;
                    428:     } else {
1.29      albertel  429: 	$r->log_reason($env{'user.name'}.' at '.$env{'user.domain'}.
1.22      albertel  430: 		       ' unspecified filename for upload', $r->filename); 
                    431: 	return HTTP_NOT_FOUND;
                    432:     }
1.1       www       433: 
                    434: # ----------------------------------------------------------- Start page output
                    435: 
                    436: 
1.22      albertel  437:     &Apache::loncommon::content_type($r,'text/html');
                    438:     $r->send_http_header;
1.1       www       439: 
1.31      albertel  440:    $javascript = "<script type=\"text/javascript\">\n//<!--\n".
                    441: 	$javascript."\n// --></script>\n";
1.1       www       442: 
1.31      albertel  443:     $r->print(&Apache::loncommon::start_page('Upload file to Construction Space',
                    444: 					     $javascript));
1.3       www       445:   
1.29      albertel  446:     if (($uname ne $env{'user.name'}) || ($udom ne $env{'user.domain'})) {
1.37      raeburn   447: 	$r->print('<h3><span class="LC_error">'.&mt('Co-Author').': '.$uname.
                    448: 		  &mt(' at ').$udom.'</span></h3>');
1.22      albertel  449:     }
                    450: 
1.37      raeburn   451:     if ($env{'form.phase'} eq 'three') {
                    452:         my $output = &phasethree($r,$fn,$uname,$udom,'author');
                    453:         $r->print($output);
                    454:     } elsif ($env{'form.phase'} eq 'two') {
                    455: 	my ($output,$returnflag) = &phasetwo($r,$fn,$uname,$udom);
                    456:         $r->print($output);
1.22      albertel  457:     } else {
                    458: 	&phaseone($r,$fn,$uname,$udom);
                    459:     }
1.1       www       460: 
1.31      albertel  461:     $r->print(&Apache::loncommon::end_page());
1.22      albertel  462:     return OK;  
1.1       www       463: }
1.7       www       464: 
                    465: 1;
                    466: __END__
1.10      harris41  467: 
                    468: 

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>