--- loncom/interface/loncommon.pm 2010/09/24 03:33:37 1.948.2.10 +++ loncom/interface/loncommon.pm 2010/11/28 00:04:05 1.987 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # a pile of common routines # -# $Id: loncommon.pm,v 1.948.2.10 2010/09/24 03:33:37 raeburn Exp $ +# $Id: loncommon.pm,v 1.987 2010/11/28 00:04:05 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -1090,7 +1090,11 @@ a new window using Javascript. (Default $width and $height are optional numerical parameters that will override the width and height of the popped up window, which may -be useful for certain help topics with big pictures included. +be useful for certain help topics with big pictures included. + +$imgid is the id of the img tag used for the help icon. This may be +used in a javascript call to switch the image src. See +lonhtmlcommon::htmlareaselectactive() for an example. =cut @@ -1130,9 +1134,9 @@ sub help_open_topic { $template.=' ' .''.&mt('Help: [_1]',$topic).''; - if ($text ne "") { + if ($text ne "") { $template.=''; } return $template; @@ -1205,12 +1209,7 @@ ENDOUTPUT sub help_open_menu { my ($topic,$component_help,$faq,$bug,$stayOnPage,$width,$height,$text) = @_; - $stayOnPage = 0 if (not defined $stayOnPage); - # only use pop-up help (stayOnPage == 0) - # if environment.remote is on (using remote control UI) - if ($env{'environment.remote'} eq 'off' ) { - $stayOnPage=1; - } + $stayOnPage = 1; my $output; if ($component_help) { if (!$text) { @@ -1231,8 +1230,8 @@ sub help_open_menu { sub top_nav_help { my ($text) = @_; $text = &mt($text); - my $stay_on_page = - ($env{'environment.remote'} eq 'off' ); + my $stay_on_page = 1; + my $link = ($stay_on_page) ? "javascript:helpMenu('display')" : "javascript:helpMenu('open')"; my $banner_link = &update_help_link(undef,undef,undef,undef,$stay_on_page); @@ -1247,10 +1246,7 @@ END sub help_menu_js { my ($text) = @_; - - my $stayOnPage = - ($env{'environment.remote'} eq 'off' ); - + my $stayOnPage = 1; my $width = 620; my $height = 600; my $helptopic=&general_help(); @@ -1307,10 +1303,7 @@ sub help_open_bug { unless ($env{'user.adv'}) { return ''; } unless ($Apache::lonnet::perlvar{'BugzillaHost'}) { return ''; } $text = "" if (not defined $text); - $stayOnPage = 0 if (not defined $stayOnPage); - if ($env{'environment.remote'} eq 'off' ) { $stayOnPage=1; - } $width = 600 if (not defined $width); $height = 600 if (not defined $height); @@ -1351,10 +1344,7 @@ sub help_open_faq { unless ($env{'user.adv'}) { return ''; } unless ($Apache::lonnet::perlvar{'FAQHost'}) { return ''; } $text = "" if (not defined $text); - $stayOnPage = 0 if (not defined $stayOnPage); - if ($env{'environment.remote'} eq 'off' ) { $stayOnPage=1; - } $width = 350 if (not defined $width); $height = 400 if (not defined $height); @@ -1870,7 +1860,7 @@ sub multiple_select_form { Returns a string containing a \n"; my @keys; if (exists($hashref->{'select_form_order'})) { - @keys=@{$hashref->{'select_form_order'}}; + @keys=@{$hashref->{'select_form_order'}}; } else { - @keys=sort(keys(%{$hashref})); + @keys=sort(keys(%{$hashref})); } foreach my $key (@keys) { $selectform.= @@ -2284,12 +2274,16 @@ function changed_text(choice,currentform } function set_auth_radio_buttons(newvalue,currentform) { + var numauthchoices = currentform.login.length; + if (typeof numauthchoices == "undefined") { + return; + } var i=0; - while (i < currentform.login.length) { + while (i < numauthchoices) { if (currentform.login[i].value == newvalue) { break; } i++; } - if (i == currentform.login.length) { + if (i == numauthchoices) { return; } current.radiovalue = newvalue; @@ -3256,8 +3250,7 @@ sub filemimetype { sub filecategoryselect { my ($name,$value)=@_; return &select_form($value,$name, - '' => &mt('Any category'), - {'' => &mt('Any category'), map { $_,$_ } sort(keys(%category_extensions))}); + {'' => &mt('Any category'), map { $_,$_ } sort(keys(%category_extensions))}); } =pod @@ -3836,7 +3829,9 @@ sub findallcourses { $udom = $env{'user.domain'}; } if (($uname ne $env{'user.name'}) || ($udom ne $env{'user.domain'})) { - my %roleshash = &Apache::lonnet::dump('roles',$udom,$uname); + my $extra = &Apache::lonnet::freeze_escape({'skipcheck' => 1}); + my %roleshash = &Apache::lonnet::dump('roles',$udom,$uname,'.',undef, + $extra); if (!%roles) { %roles = ( cc => 1, @@ -4560,9 +4555,6 @@ Inputs: =item * $bgcolor, used to override the bgcolor on a webpage to a specific value -=item * $no_inline_link, if true and in remote mode, don't show the - 'Switch To Inline Menu' link - =item * $args, optional argument valid values are no_auto_mt_title -> prevents &mt()ing the title arg inherit_jsmath -> when creating popup window in a page, @@ -4580,7 +4572,7 @@ other decorations will be returned. sub bodytag { my ($title,$function,$addentries,$bodyonly,$domain,$forcereg, - $no_nav_bar,$bgcolor,$no_inline_link,$args)=@_; + $no_nav_bar,$bgcolor,$args)=@_; my $public; if ((($env{'user.name'} eq 'public') && ($env{'user.domain'} eq 'public')) @@ -4622,8 +4614,6 @@ sub bodytag { } if (!$realm) { $realm=' '; } -# Set messages - my $messages=&domainlogo($domain); my $extra_body_attr = &make_attr_string($forcereg,\%design); @@ -4641,7 +4631,7 @@ sub bodytag { } else { $name = &aboutmewrapper($name,$env{'user.name'},$env{'user.domain'}); } - + my $titleinfo = '

'.$title.'

'; # # Extra info if you are the DC @@ -4657,8 +4647,6 @@ sub bodytag { $role = '('.$role.')' if $role; &get_unprocessed_cgi($ENV{'QUERY_STRING'}, ['inhibitmenu']); - if ($env{'environment.remote'} eq 'off') { - # No Remote if ($no_nav_bar || $env{'form.inhibitmenu'} eq 'yes') { return $bodytag; } @@ -4700,7 +4688,7 @@ sub bodytag { $bodytag .= Apache::lonmenu::serverform(); $bodytag .= Apache::lonhtmlcommon::scripttag('', 'end'); if ($env{'request.state'} eq 'construct') { - $bodytag .= &Apache::lonmenu::innerregister($forcereg,'', + $bodytag .= &Apache::lonmenu::innerregister($forcereg, $args->{'bread_crumbs'}); } elsif ($forcereg) { $bodytag .= &Apache::lonmenu::innerregister($forcereg); @@ -4713,40 +4701,6 @@ sub bodytag { } return $bodytag; - } - -# -# Top frame rendering, Remote is up -# - - my $imgsrc = $img; - if ($img =~ /^\/adm/) { - $imgsrc = &lonhttpdurl($img); - } - my $upperleft=''.$function.''; - - # Explicit link to get inline menu - my $menu= ($no_inline_link?'' - :''.&mt('Switch to Inline Menu Mode').''); - - if ($dc_info) { - $dc_info = qq|($dc_info)|; - } - - $bodytag .= qq|
$name $role
-
    -
  1. $menu
    2. -
$realm $dc_info
| unless $env{'form.inhibitmenu'}; - return(< -$upperleft - $messages  - -$titleinfo $dc_info $menu - - -ENDBODY } sub dc_courseid_toggle { @@ -4778,22 +4732,8 @@ sub make_attr_string { delete($attr_ref->{$key}); } } - $attr_ref->{'onload'} = - &Apache::lonmenu::loadevents(). $on_load; - $attr_ref->{'onunload'}= - &Apache::lonmenu::unloadevents().$on_unload; - } - -# Accessibility font enhance - if ($env{'browser.fontenhance'} eq 'on') { - my $style; - foreach my $key (keys(%{$attr_ref})) { - if (lc($key) eq 'style') { - $style.=$attr_ref->{$key}.';'; - delete($attr_ref->{$key}); - } - } - $attr_ref->{'style'}=$style.'; font-size: x-large;'; + $attr_ref->{'onload'} = $on_load; + $attr_ref->{'onunload'}= $on_unload; } my $attr_string; @@ -4891,6 +4831,7 @@ sub standard_css { $env{'browser.type'} eq 'safari' ) ? '0 2px 0 2px' : '0 3px 0 4px'; + return < legend { font-style: normal; } -/* Preliminary fix to hide nav_bar inside bookmarks window */ -#LC_bookmarks #LC_nav_bar { - display:none; -} - ol.LC_primary_menu { float: right; margin: 0; } -span.LC_new_message{ - font-weight:bold; - color: darkred; -} - ol#LC_PathBreadcrumbs { margin: 0; } @@ -6161,6 +6077,11 @@ ol.LC_primary_menu a { text-decoration: none; } +ol.LC_primary_menu a.LC_new_message { + font-weight:bold; + color: darkred; +} + ol.LC_docs_parameters { margin-left: 0; padding: 0; @@ -6302,7 +6223,7 @@ ul.LC_TabContentBigger li a { text-align: center; display: block; text-decoration: none; - outline: none; + outline: none; } ul.LC_TabContentBigger li.active a { @@ -6329,6 +6250,7 @@ ul.LC_TabContentBigger li.active b { cursor:default; } + ul.LC_CourseBreadcrumbs { background: $sidebg; line-height: 32px; @@ -6497,14 +6419,6 @@ a#LC_content_toolbar_firsthomework { background-image:url(/res/adm/pages/open-first-problem.gif); } -a#LC_content_toolbar_launchnav { - background-image:url(/res/adm/pages/start-navigation.gif); -} - -a#LC_content_toolbar_closenav { - background-image:url(/res/adm/pages/close-navigation.gif); -} - a#LC_content_toolbar_everything { background-image:url(/res/adm/pages/show-all.gif); } @@ -6595,6 +6509,10 @@ ul.LC_funclist li { padding: 0px 4px } +.LC_hidden { + display: none; +} + END } @@ -6646,8 +6564,8 @@ sub headtag { if (!$args->{'frameset'}) { $result .= &Apache::lonhtmlcommon::htmlareaheaders(); } - if ($args->{'force_register'}) { - $result .= &Apache::lonmenu::registerurl(1); + if ($args->{'force_register'} && $env{'request.noversionuri'} !~ m{^/res/adm/pages/}) { + $result .= Apache::lonxml::display_title(); } if (!$args->{'no_nav_bar'} && !$args->{'only_body'} @@ -6673,7 +6591,7 @@ ADDMETA $result .= ' LON-CAPA '.$title.'' .'' .$head_extra; - return $result; + return $result.''; } =pod @@ -6726,43 +6644,6 @@ sub xml_begin { =pod -=item * &endheadtag() - -Returns a uniform for LON-CAPA web pages. - -Inputs: none - -=cut - -sub endheadtag { - return ''; -} - -=pod - -=item * &head() - -Returns a uniform complete .. section for LON-CAPA web pages. - -Inputs: - -=over 4 - -$title - optional title for the page - -$head_extra - optional extra HTML to put inside the - -=back - -=cut - -sub head { - my ($title,$head_extra,$args) = @_; - return &headtag($title,$head_extra,$args).&endheadtag(); -} - -=pod - =item * &start_page() Returns a complete .. section for LON-CAPA web pages. @@ -6800,14 +6681,12 @@ $args - additional optional args support skip_phases -> hash ref of head -> skip the generation body -> skip all generation - no_inline_link -> if true and in remote mode, don't show the - 'Switch To Inline Menu' link no_auto_mt_title -> prevent &mt()ing the title arg inherit_jsmath -> when creating popup window in a page, should it have jsmath forced on by the current page bread_crumbs -> Array containing breadcrumbs - bread_crumbs_components -> if exists show it as headline else show only the breadcrumbs + bread_crumbs_component -> if exists show it as headline else show only the breadcrumbs =back @@ -6818,6 +6697,14 @@ $args - additional optional args support sub start_page { my ($title,$head_extra,$args) = @_; #&Apache::lonnet::logthis("start_page ".join(':',caller(0))); +#SD +#I don't see why we copy certain elements of %$args to %head_args +#head args is passed to headtag() and this routine only reads those +#keys that are needed. There doesn't happen any writes or any processing +#of other keys. +#proposal: just pass $args to headtag instead of \%head_args and delete +#marked lines +#<- MARK my %head_args; foreach my $arg ('redirect','force_register','domain','function', 'bgcolor','frameset','no_nav_bar','only_body', @@ -6826,13 +6713,16 @@ sub start_page { $head_args{$arg} = $args->{$arg}; } } +#MARK -> $env{'internal.start_page'}++; my $result; + if (! exists($args->{'skip_phases'}{'head'}) ) { - $result.= - &xml_begin(). - &headtag($title,$head_extra,\%head_args).&endheadtag(); + $result .= + &xml_begin() . &headtag($title,$head_extra,\%head_args); +#replace prev line by +# &xml_begin() . &headtag($title, $head_extra, $args); } if (! exists($args->{'skip_phases'}{'body'}) ) { @@ -6846,8 +6736,7 @@ sub start_page { $args->{'function'}, $args->{'add_entries'}, $args->{'only_body'}, $args->{'domain'}, $args->{'force_register'}, $args->{'no_nav_bar'}, - $args->{'bgcolor'}, $args->{'no_inline_link'}, - $args); + $args->{'bgcolor'}, $args); } } @@ -6863,14 +6752,10 @@ sub start_page { # $result .= &build_functionlist(); #} - # Don't add anything more if only_body wanted - return $result if $args->{'only_body'}; + # Don't add anything more if only_body wanted or in const space + return $result if $args->{'only_body'} + || $env{'request.state'} eq 'construct'; - #Breadcrumbs for Construction Space provided by &bodytag. - if (($env{'environment.remote'} eq 'off') && ($env{'request.state'} eq 'construct')) { - return $result; - } - #Breadcrumbs if (exists($args->{'bread_crumbs'}) or exists($args->{'bread_crumbs_component'})) { &Apache::lonhtmlcommon::clear_breadcrumbs(); @@ -6891,28 +6776,6 @@ sub start_page { return $result; } - -=pod - -=item * &head() - -Returns a complete section for LON-CAPA web pages. - -Inputs: $args - additional optional args supported are: - js_ready -> return a string ready for being used in - a javascript writeln - html_encode -> return a string ready for being used in - a html attribute - frameset -> if true will start with a - rather than - dicsussion -> if true will get discussion from - lonxml::xmlend - (you can pass the target and parser arguments - through optional 'target' and 'parser' args - to this routine) - -=cut - sub end_page { my ($args) = @_; $env{'internal.end_page'}++; @@ -7016,28 +6879,30 @@ sub simple_error_page { sub start_data_table { my ($add_class) = @_; my $css_class = (join(' ','LC_data_table',$add_class)); - &start_data_table_count(); + &start_data_table_count(); return ''."\n"; } sub end_data_table { - &end_data_table_count(); + &end_data_table_count(); return '
'."\n";; } sub start_data_table_row { - my ($add_class) = @_; + my ($add_class, $id) = @_; $row_count[0]++; my $css_class = ($row_count[0] % 2)?'LC_odd_row':'LC_even_row'; $css_class = (join(' ',$css_class,$add_class)) unless ($add_class eq ''); - return ''."\n";; + $id = (' id="'.$id.'"') unless ($id eq ''); + return ''."\n"; } sub continue_data_table_row { - my ($add_class) = @_; + my ($add_class, $id) = @_; my $css_class = ($row_count[0] % 2)?'LC_odd_row':'LC_even_row'; - $css_class = (join(' ',$css_class,$add_class)) unless ($add_class eq '');; - return ''."\n";; + $css_class = (join(' ',$css_class,$add_class)) unless ($add_class eq ''); + $id = (' id="'.$id.'"') unless ($id eq ''); + return ''."\n"; } sub end_data_table_row { @@ -7200,7 +7065,8 @@ role status: active, previous or future. sub check_user_status { my ($udom,$uname,$cdom,$crs,$role,$sec) = @_; - my %userinfo = &Apache::lonnet::dump('roles',$udom,$uname); + my $extra = &Apache::lonnet::freeze_escape({'skipcheck' => 1}); + my %userinfo = &Apache::lonnet::dump('roles',$udom,$uname,'.',undef,$extra); my @uroles = keys %userinfo; my $srchstr; my $active_chk = 'none'; @@ -8434,68 +8300,307 @@ sub get_env_multiple { sub ask_for_embedded_content { my ($actionurl,$state,$allfiles,$codebase,$args)=@_; - my $upload_output = ' -
'; - $upload_output .= $state; - $upload_output .= 'Upload embedded files:
'.&start_data_table(); - + my (%subdependencies,%dependencies,%mapping,%existing,%newfiles,%pathchanges); my $num = 0; - foreach my $embed_file (sort {lc($a) cmp lc($b)} keys(%{$allfiles})) { + my $numremref = 0; + my $numinvalid = 0; + my $numpathchg = 0; + my $numexisting = 0; + my ($output,$upload_output,$toplevel,$url,$udom,$uname,$getpropath); + if (($actionurl eq '/adm/portfolio') || ($actionurl eq '/adm/coursegrp_portfolio')) { + my $current_path='/'; + if ($env{'form.currentpath'}) { + $current_path = $env{'form.currentpath'}; + } + if ($actionurl eq '/adm/coursegrp_portfolio') { + $udom = $env{'course.'.$env{'request.course.id'}.'.domain'}; + $uname = $env{'course.'.$env{'request.course.id'}.'.num'}; + $url = '/userfiles/groups/'.$env{'form.group'}.'/portfolio'; + } else { + $udom = $env{'user.domain'}; + $uname = $env{'user.name'}; + $url = '/userfiles/portfolio'; + } + $toplevel = $url.'/'; + $url .= $current_path; + $getpropath = 1; + } elsif (($actionurl eq '/adm/upload') || ($actionurl eq '/adm/testbank') || + ($actionurl eq '/adm/imsimport')) { + ($uname,my $rest) = ($args->{'current_path'} =~ m{/priv/($match_username)/?(.*)$}); + $url = '/home/'.$uname.'/public_html/'; + $toplevel = $url; + if ($rest ne '') { + $url .= $rest; + } + } elsif ($actionurl eq '/adm/coursedocs') { + if (ref($args) eq 'HASH') { + $url = $args->{'docs_url'}; + $toplevel = $url; + } + } + my $now = time(); + foreach my $embed_file (keys(%{$allfiles})) { + my $absolutepath; + if ($embed_file =~ m{^\w+://}) { + $newfiles{$embed_file} = 1; + $mapping{$embed_file} = $embed_file; + } else { + if ($embed_file =~ m{^/}) { + $absolutepath = $embed_file; + $embed_file =~ s{^(/+)}{}; + } + if ($embed_file =~ m{/}) { + my ($path,$fname) = ($embed_file =~ m{^(.+)/([^/]*)$}); + $path = &check_for_traversal($path,$url,$toplevel); + my $item = $fname; + if ($path ne '') { + $item = $path.'/'.$fname; + $subdependencies{$path}{$fname} = 1; + } else { + $dependencies{$item} = 1; + } + if ($absolutepath) { + $mapping{$item} = $absolutepath; + } else { + $mapping{$item} = $embed_file; + } + } else { + $dependencies{$embed_file} = 1; + if ($absolutepath) { + $mapping{$embed_file} = $absolutepath; + } else { + $mapping{$embed_file} = $embed_file; + } + } + } + } + foreach my $path (keys(%subdependencies)) { + my %currsubfile; + if (($actionurl eq '/adm/portfolio') || ($actionurl eq '/adm/coursegrp_portfolio')) { + my @subdir_list = &Apache::lonnet::dirlist($url.$path,$udom,$uname,$getpropath); + foreach my $line (@subdir_list) { + my ($file_name,$rest) = split(/\&/,$line,2); + $currsubfile{$file_name} = 1; + } + } elsif (($actionurl eq '/adm/upload') || ($actionurl eq '/adm/testbank')) { + if (opendir(my $dir,$url.'/'.$path)) { + my @subdir_list = grep(!/^\./,readdir($dir)); + map {$currsubfile{$_} = 1;} @subdir_list; + } + } + foreach my $file (keys(%{$subdependencies{$path}})) { + if ($currsubfile{$file}) { + my $item = $path.'/'.$file; + unless ($mapping{$item} eq $item) { + $pathchanges{$item} = 1; + } + $existing{$item} = 1; + $numexisting ++; + } else { + $newfiles{$path.'/'.$file} = 1; + } + } + } + my %currfile; + if (($actionurl eq '/adm/portfolio') || ($actionurl eq '/adm/coursegrp_portfolio')) { + my @dir_list = &Apache::lonnet::dirlist($url,$udom,$uname,$getpropath); + foreach my $line (@dir_list) { + my ($file_name,$rest) = split(/\&/,$line,2); + $currfile{$file_name} = 1; + } + } elsif (($actionurl eq '/adm/upload') || ($actionurl eq '/adm/testbank')) { + if (opendir(my $dir,$url)) { + my @dir_list = grep(!/^\./,readdir($dir)); + map {$currfile{$_} = 1;} @dir_list; + } + } + foreach my $file (keys(%dependencies)) { + if ($currfile{$file}) { + unless ($mapping{$file} eq $file) { + $pathchanges{$file} = 1; + } + $existing{$file} = 1; + $numexisting ++; + } else { + $newfiles{$file} = 1; + } + } + foreach my $embed_file (sort {lc($a) cmp lc($b)} keys(%newfiles)) { $upload_output .= &start_data_table_row(). - ''.$embed_file.''; + ''.$embed_file.''; + unless ($mapping{$embed_file} eq $embed_file) { + $upload_output .= '
'.&mt('changed from: [_1]',$mapping{$embed_file}).''; + } + $upload_output .= ''; if ($args->{'ignore_remote_references'} && $embed_file =~ m{^\w+://}) { $upload_output.=''.&mt("URL points to other server.").''; + $numremref++; } elsif ($args->{'error_on_invalid_names'} && $embed_file ne &Apache::lonnet::clean_filename($embed_file,{'keep_path' => 1,})) { - $upload_output.=''.&mt("Invalid characters").''; - + $upload_output.=''.&mt('Invalid characters').''; + $numinvalid++; } else { - $upload_output .=' - - '; - my $attrib = join(':',@{$$allfiles{$embed_file}}); - $upload_output .= - "\n\t\t". - ''; - if (exists($$codebase{$embed_file})) { - $upload_output .= - "\n\t\t". - ''; - } - } - $upload_output .= ''.&Apache::loncommon::end_data_table_row(); - $num++; - } - $upload_output .= &Apache::loncommon::end_data_table().'
- - - '.&mt('(only files for which a location has been provided will be uploaded)').' -
'; - return $upload_output; + $upload_output .= &embedded_file_element('upload_embedded',$num, + $embed_file,\%mapping, + $allfiles,$codebase); + $num++; + } + $upload_output .= ''.&Apache::loncommon::end_data_table_row()."\n"; + } + foreach my $embed_file (sort {lc($a) cmp lc($b)} keys(%existing)) { + $upload_output .= &start_data_table_row(). + ''.$embed_file.''. + ''.&mt('Already exists').''. + &Apache::loncommon::end_data_table_row()."\n"; + } + if ($upload_output) { + $upload_output = &start_data_table(). + $upload_output. + &end_data_table()."\n"; + } + my $applies = 0; + if ($numremref) { + $applies ++; + } + if ($numinvalid) { + $applies ++; + } + if ($numexisting) { + $applies ++; + } + if ($num) { + $output = '
'."\n". + $state. + '

'.&mt('Upload embedded files'). + ':

'.$upload_output.'
'."\n". + ''."\n"; + if ($actionurl eq '') { + $output .= ''; + } + } elsif ($applies) { + $output = ''.&mt('Referenced files').':
'; + if ($applies > 1) { + $output .= + &mt('No files need to be uploaded, as one of the following applies to each reference:').'
    '; + if ($numremref) { + $output .= '
  • '.&mt('reference is to a URL which points to another server').'
    • '."\n"; + } + if ($numinvalid) { + $output .= '
  • '.&mt('reference is to file with a name containing invalid characters').'
    • '."\n"; + } + if ($numexisting) { + $output .= '
  • '.&mt('reference is to an existing file at the specified location').'
    • '."\n"; + } + $output .= '

'; + } elsif ($numremref) { + $output .= '

'.&mt('None to upload, as all references are to URLs pointing to another server.').'

'; + } elsif ($numinvalid) { + $output .= '

'.&mt('None to upload, as all references are to files with names containing invalid characters.').'

'; + } elsif ($numexisting) { + $output .= '

'.&mt('None to upload, as all references are to existing files.').'

'; + } + $output .= $upload_output.'
'; + } + my ($pathchange_output,$chgcount); + $chgcount = $num; + if (keys(%pathchanges) > 0) { + foreach my $embed_file (sort {lc($a) cmp lc($b)} keys(%pathchanges)) { + if ($num) { + $output .= &embedded_file_element('pathchange',$chgcount, + $embed_file,\%mapping, + $allfiles,$codebase); + } else { + $pathchange_output .= + &start_data_table_row(). + ''. + ''.$mapping{$embed_file}.''. + ''.$embed_file. + &embedded_file_element('pathchange',$numpathchg,$embed_file, + \%mapping,$allfiles,$codebase). + ''.&end_data_table_row(); + } + $numpathchg ++; + $chgcount ++; + } + } + if ($num) { + if ($numpathchg) { + $output .= ''."\n"; + } + if (($actionurl eq '/adm/upload') || ($actionurl eq '/adm/testbank') || + ($actionurl eq '/adm/imsimport')) { + $output .= ''."\n"; + } elsif ($actionurl eq '/adm/portfolio' || $actionurl eq '/adm/coursegrp_portfolio') { + $output .= ''; + } + $output .= ''."\n". + &mt('(only files for which a location has been provided will be uploaded)').'
'."\n"; + } elsif ($numpathchg) { + my %pathchange = (); + $output .= &modify_html_form('pathchange',$actionurl,$state,\%pathchange,$pathchange_output); + if (($actionurl eq '/adm/portfolio') || ($actionurl eq '/adm/coursegrp_portfolio')) { + $output .= '

'.&mt('or').'

'; + } + } + return ($output,$num,$numpathchg); +} + +sub embedded_file_element { + my ($context,$num,$embed_file,$mapping,$allfiles,$codebase) = @_; + return unless ((ref($mapping) eq 'HASH') && (ref($allfiles) eq 'HASH') && + (ref($codebase) eq 'HASH')); + my $output; + if ($context eq 'upload_embedded') { + $output = ''."\n"; + } + $output .= ''; + unless (($context eq 'upload_embedded') && + ($mapping->{$embed_file} eq $embed_file)) { + $output .=' + '; + } + my $attrib; + if (ref($allfiles->{$mapping->{$embed_file}}) eq 'ARRAY') { + $attrib = &escape(join(':',@{$allfiles->{$mapping->{$embed_file}}})); + } + $output .= + "\n\t\t". + ''; + if (exists($codebase->{$mapping->{$embed_file}})) { + $output .= + "\n\t\t". + ''; + } + return $output; } sub upload_embedded { my ($context,$dirpath,$uname,$udom,$dir_root,$url_root,$group,$disk_quota, - $current_disk_usage) = @_; - my $output; + $current_disk_usage,$hiddenstate,$actionurl) = @_; + my (%pathchange,$output,$modifyform,$footer,$returnflag); for (my $i=0; $i<$env{'form.number_embedded_items'}; $i++) { next if (!exists($env{'form.embedded_item_'.$i.'.filename'})); my $orig_uploaded_filename = $env{'form.embedded_item_'.$i.'.filename'}; - - $env{'form.embedded_orig_'.$i} = - &unescape($env{'form.embedded_orig_'.$i}); + foreach my $type ('orig','ref','attrib','codebase') { + if ($env{'form.embedded_'.$type.'_'.$i} ne '') { + $env{'form.embedded_'.$type.'_'.$i} = + &unescape($env{'form.embedded_'.$type.'_'.$i}); + } + } my ($path,$fname) = ($env{'form.embedded_orig_'.$i} =~ m{(.*/)([^/]*)}); # no path, whole string is fname if (!$fname) { $fname = $env{'form.embedded_orig_'.$i} }; - - $path = $env{'form.currentpath'}.$path; $fname = &Apache::lonnet::clean_filename($fname); # See if there is anything left next if ($fname eq ''); @@ -8507,12 +8612,12 @@ sub upload_embedded { if ($group ne '') { $port_path = "groups/$group/$port_path"; } - ($state,$msg) = &check_for_upload($path,$fname,$group,'embedded_item_'.$i, + ($state,$msg) = &check_for_upload($env{'form.currentpath'}.$path, + $fname,$group,'embedded_item_'.$i, $dir_root,$port_path,$disk_quota, $current_disk_usage,$uname,$udom); if ($state eq 'will_exceed_quota' - || $state eq 'file_locked' - || $state eq 'file_exists' ) { + || $state eq 'file_locked') { $output .= $msg; next; } @@ -8526,31 +8631,53 @@ sub upload_embedded { # Check if extension is valid if (($fname =~ /\.(\w+)$/) && (&Apache::loncommon::fileembstyle($1) eq 'hdn')) { - $output .= &mt('Invalid file extension ([_1]) - reserved for LONCAPA use - rename the file with a different extension and re-upload. ',$1); + $output .= &mt('Invalid file extension ([_1]) - reserved for LONCAPA use - rename the file with a different extension and re-upload. ',$1).'
'; next; } elsif (($fname =~ /\.(\w+)$/) && (!defined(&Apache::loncommon::fileembstyle($1)))) { - $output .= &mt('Unrecognized file extension ([_1]) - rename the file with a proper extension and re-upload.',$1); + $output .= &mt('Unrecognized file extension ([_1]) - rename the file with a proper extension and re-upload.',$1).'
'; next; } elsif ($fname=~/\.(\d+)\.(\w+)$/) { - $output .= &mt('File name not allowed - rename the file to remove the number immediately before the file extension([_1]) and re-upload.',$2); + $output .= &mt('File name not allowed - rename the file to remove the number immediately before the file extension([_1]) and re-upload.',$2).'
'; next; } $env{'form.embedded_item_'.$i.'.filename'}=$fname; if ($context eq 'portfolio') { - my $result= - &Apache::lonnet::userfileupload('embedded_item_'.$i,'', - $dirpath.$path); + my $result; + if ($state eq 'existingfile') { + $result= + &Apache::lonnet::userfileupload('embedded_item_'.$i,'existingfile', + $dirpath.$env{'form.currentpath'}.$path); + } else { + $result= + &Apache::lonnet::userfileupload('embedded_item_'.$i,'', + $dirpath. + $env{'form.currentpath'}.$path); + if ($result !~ m|^/uploaded/|) { + $output .= '' + .&mt('An error occurred ([_1]) while trying to upload [_2] for embedded element [_3].' + ,$result,$orig_uploaded_filename,$env{'form.embedded_orig_'.$i}) + .'
'; + next; + } else { + $output .= &mt('Uploaded [_1]',''. + $path.$fname.'').'
'; + } + } + } elsif ($context eq 'coursedoc') { + my $result = + &Apache::lonnet::userfileupload('embedded_item_'.$i,'coursedoc', + $dirpath.'/'.$path); if ($result !~ m|^/uploaded/|) { $output .= '' - .&mt('An error occurred ([_1]) while trying to upload [_2] for embedded element [_3].' + .&mt('An error occurred ([_1]) while trying to upload [_2] for embedded element [_3].' ,$result,$orig_uploaded_filename,$env{'form.embedded_orig_'.$i}) - .'
'; - next; + .'
'; + next; } else { - $output .= '

'.&mt('Uploaded [_1]',''. - $path.$fname.'').'

'; + $output .= &mt('Uploaded [_1]',''. + $path.$fname.'').'
'; } } else { # Save the file @@ -8580,19 +8707,190 @@ sub upload_embedded { &mt('An error occurred while writing the file [_1] for embedded element [_2].',$orig_uploaded_filename,$env{'form.embedded_orig_'.$i}). '
'; } else { - if ($context eq 'testbank') { - $output .= &mt('Embedded file uploaded successfully:'). - ' '. - $orig_uploaded_filename.'
'; - } else { - $output .= ''. - &mt('View embedded file: [_1]',''. - $orig_uploaded_filename.'').'
'; + $output .= &mt('Uploaded [_1]',''. + $url.'').'
'; + unless ($context eq 'testbank') { + $footer .= &mt('View embedded file: [_1]', + ''.$fname.'').'
'; } } close($fh); } } + if ($env{'form.embedded_ref_'.$i}) { + $pathchange{$i} = 1; + } + } + if ($output) { + $output = '

'.$output.'

'; + } + $output .= &modify_html_form('upload_embedded',$actionurl,$hiddenstate,\%pathchange); + $returnflag = 'ok'; + if (keys(%pathchange) > 0) { + if ($context eq 'portfolio') { + $output .= '

'.&mt('or').'

'; + } elsif ($context eq 'testbank') { + $output .= '

'.&mt('Or [_1]continue[_2] the testbank import without modifying the references(s).','','').'

'; + $returnflag = 'modify_orightml'; + } + } + return ($output.$footer,$returnflag); +} + +sub modify_html_form { + my ($context,$actionurl,$hiddenstate,$pathchange,$pathchgtable) = @_; + my $end = 0; + my $modifyform; + if ($context eq 'upload_embedded') { + return unless (ref($pathchange) eq 'HASH'); + if ($env{'form.number_embedded_items'}) { + $end += $env{'form.number_embedded_items'}; + } + if ($env{'form.number_pathchange_items'}) { + $end += $env{'form.number_pathchange_items'}; + } + if ($end) { + for (my $i=0; $i<$end; $i++) { + if ($i < $env{'form.number_embedded_items'}) { + next unless($pathchange->{$i}); + } + $modifyform .= + &start_data_table_row(). + ''. + ''.$env{'form.embedded_ref_'.$i}. + ''. + ''. + ''. + ''.$env{'form.embedded_orig_'.$i}. + ''. + &end_data_table_row(); + } + } + } else { + $modifyform = $pathchgtable; + if (($actionurl eq '/adm/upload') || ($actionurl eq '/adm/testbank')) { + $hiddenstate .= ''; + } elsif (($actionurl eq '/adm/portfolio') || ($actionurl eq '/adm/coursegrp_portfolio')) { + $hiddenstate .= ''; + } + } + if ($modifyform) { + return '

'.&mt('Changes in content of HTML file required').'

'."\n". + '

'.&mt('Changes need to be made to the reference(s) used for one or more of the dependencies, if your HTML file is to work correctly:').'

    '."\n". + '
  1. '.&mt('For consistency between the reference(s) and the location of the corresponding stored file within LON-CAPA.').'
    2. '."\n". + '
  2. '.&mt('To change absolute paths to relative paths, or replace directory traversal via "../" within the original reference.').'
    3. '."\n". + '

'."\n".'

'. + &mt('LON-CAPA can make the required changes to your HTML file.').'

'."\n". + '
'. + &start_data_table()."\n". + &start_data_table_header_row(). + ''.&mt('Change?').''. + ''.&mt('Current reference').''. + ''.&mt('Required reference').''. + &end_data_table_header_row()."\n". + $modifyform. + &end_data_table().'
'."\n".$hiddenstate. + ''. + '
'."\n"; + } + return; +} + +sub modify_html_refs { + my ($context,$dirpath,$uname,$udom,$dir_root) = @_; + my $container; + if ($context eq 'portfolio') { + $container = $env{'form.container'}; + } elsif ($context eq 'coursedoc') { + $container = $env{'form.primaryurl'}; + } else { + $container = $env{'form.filename'}; + $container =~ s{^/priv/(\Q$uname\E)/(.*)}{/home/$1/public_html/$2}; + } + my (%allfiles,%codebase,$output,$content); + my @changes = &get_env_multiple('form.namechange'); + return unless (@changes > 0); + if (($context eq 'portfolio') || ($context eq 'coursedoc')) { + return unless ($container =~ m{^/uploaded/\Q$udom\E/\Q$uname\E/}); + $content = &Apache::lonnet::getfile($container); + return if ($content eq '-1'); + } else { + return unless ($container =~ /^\Q$dir_root\E/); + if (open(my $fh,"<$container")) { + $content = join('', <$fh>); + close($fh); + } else { + return; + } + } + my ($count,$codebasecount) = (0,0); + my $mm = new File::MMagic; + my $mime_type = $mm->checktype_contents($content); + if ($mime_type eq 'text/html') { + my $parse_result = + &Apache::lonnet::extract_embedded_items($container,\%allfiles, + \%codebase,\$content); + if ($parse_result eq 'ok') { + foreach my $i (@changes) { + my $orig = &unescape($env{'form.embedded_orig_'.$i}); + my $ref = &unescape($env{'form.embedded_ref_'.$i}); + if ($allfiles{$ref}) { + my $newname = $orig; + my ($attrib_regexp,$codebase); + my $attrib_regexp = &unescape($env{'form.embedded_attrib_'.$i}); + if ($attrib_regexp =~ /:/) { + $attrib_regexp =~ s/\:/|/g; + } + if ($content =~ m{($attrib_regexp\s*=\s*['"]?)\Q$ref\E(['"]?)}) { + my $numchg = ($content =~ s{($attrib_regexp\s*=\s*['"]?)\Q$ref\E(['"]?)}{$1$newname$2}gi); + $count += $numchg; + } + if ($env{'form.embedded_codebase_'.$i} ne '') { + my $codebase = &unescape($env{'form.embedded_codebase_'.$i}); + my $numchg = ($content =~ s/(codebase\s*=\s*["']?)\Q$codebase\E(["']?)/$1.$2/i); #' stupid emacs + $codebasecount ++; + } + } + } + if ($count || $codebasecount) { + my $saveresult; + if ($context eq 'portfolio' || $context eq 'coursedoc') { + my $url = &Apache::lonnet::store_edited_file($container,$content,$udom,$uname,\$saveresult); + if ($url eq $container) { + my ($fname) = ($container =~ m{/([^/]+)$}); + $output = '

'.&mt('Updated [quant,_1,reference] in [_2].', + $count,''. + $fname.'').'

'; + } else { + $output = '

'. + &mt('Error: update failed for: [_1].', + ''. + $container.'').'

'; + } + } else { + if (open(my $fh,">$container")) { + print $fh $content; + close($fh); + $output = '

'.&mt('Updated [quant,_1,reference] in [_2].', + $count,''. + $container.'').'

'; + } else { + $output = '

'. + &mt('Error: could not update [_1].', + ''. + $container.'').'

'; + } + } + } + } else { + &logthis('Failed to parse '.$container. + ' to modify references: '.$parse_result); + } } return $output; } @@ -8616,14 +8914,24 @@ sub check_for_existing { sub check_for_upload { my ($path,$fname,$group,$element,$portfolio_root,$port_path, $disk_quota,$current_disk_usage,$uname,$udom) = @_; - my $filesize = (length($env{'form.'.$element})) / 1000; #express in k (1024?) + my $filesize = length($env{'form.'.$element}); + if (!$filesize) { + my $msg = ''. + &mt('Unable to upload [_1]. (size = [_2] bytes)', + ''.$fname.'', + $filesize).'
'. + &mt('Either the file you uploaded was empty, or your web browser was unable to read its contents.').'
'; + ''; + return ('zero_bytes',$msg); + } + $filesize = $filesize/1000; #express in k (1024?) my $getpropath = 1; my @dir_list = &Apache::lonnet::dirlist($portfolio_root.$path,$udom,$uname, $getpropath); my $found_file = 0; my $locked_file = 0; foreach my $line (@dir_list) { - my ($file_name)=split(/\&/,$line,2); + my ($file_name,$rest)=split(/\&/,$line,2); if ($file_name eq $fname){ $file_name = $path.$file_name; if ($group ne '') { @@ -8632,6 +8940,20 @@ sub check_for_upload { $found_file = 1; if (&Apache::lonnet::is_locked($file_name,$udom,$uname) eq 'true') { $locked_file = 1; + } else { + my @info = split(/\&/,$rest); + my $currsize = $info[6]/1000; + if ($currsize < $filesize) { + my $extra = $filesize - $currsize; + if (($current_disk_usage + $extra) > $disk_quota) { + my $msg = ''. + &mt('Unable to upload [_1]. (size = [_2] kilobytes). Disk quota will be exceeded if existing (smaller) file with same name (size = [_3] kilobytes) is replaced.', + ''.$fname.'',$filesize,$currsize).''. + '
'.&mt('Disk quota is [_1] kilobytes. Your current disk usage is [_2] kilobytes.', + $disk_quota,$current_disk_usage); + return ('will_exceed_quota',$msg); + } + } } } } @@ -8649,15 +8971,55 @@ sub check_for_upload { return ('file_locked',$msg); } else { my $msg = ''; - $msg .= &mt('Unable to upload [_1]. A file by that name was found in [_2].',''.$fname.'',$port_path.$env{'form.currentpath'}); + $msg .= &mt(' A file by that name: [_1] was found in [_2].',''.$fname.'',$port_path.$env{'form.currentpath'}); $msg .= ''; - $msg .= '
'; - $msg .= &mt('To upload, rename or delete existing [_1] in [_2].',''.$fname.'', $port_path.$env{'form.currentpath'}); - return ('file_exists',$msg); + return ('existingfile',$msg); } } } +sub check_for_traversal { + my ($path,$url,$toplevel) = @_; + my @parts=split(/\//,$path); + my $cleanpath; + my $fullpath = $url; + for (my $i=0;$i<@parts;$i++) { + next if ($parts[$i] eq '.'); + if ($parts[$i] eq '..') { + $fullpath =~ s{([^/]+/)$}{}; + } else { + $fullpath .= $parts[$i].'/'; + } + } + if ($fullpath =~ /^\Q$url\E(.*)$/) { + $cleanpath = $1; + } elsif ($fullpath =~ /^\Q$toplevel\E(.*)$/) { + my $curr_toprel = $1; + my @parts = split(/\//,$curr_toprel); + my ($url_toprel) = ($url =~ /^\Q$toplevel\E(.*)$/); + my @urlparts = split(/\//,$url_toprel); + my $doubledots; + my $startdiff = -1; + for (my $i=0; $i<@urlparts; $i++) { + if ($startdiff == -1) { + unless ($urlparts[$i] eq $parts[$i]) { + $startdiff = $i; + $doubledots .= '../'; + } + } else { + $doubledots .= '../'; + } + } + if ($startdiff > -1) { + $cleanpath = $doubledots; + for (my $i=$startdiff; $i<@parts; $i++) { + $cleanpath .= $parts[$i].'/'; + } + } + } + $cleanpath =~ s{(/)$}{}; + return $cleanpath; +} =pod @@ -10580,6 +10942,8 @@ sub construct_course { ############################################################ ############################################################ +#SD +# only Community and Course, or anything else? sub course_type { my ($cid) = @_; if (!defined($cid)) { @@ -10745,15 +11109,12 @@ sub init_user_environment { my %userenv = &Apache::lonnet::dump('environment',$domain,$username); my ($tmp) = keys(%userenv); if ($tmp !~ /^(con_lost|error|no_such_host)/i) { - # default remote control to off - if ($userenv{'remote'} ne 'on') { $userenv{'remote'} = 'off'; } } else { undef(%userenv); } if (($userenv{'interface'}) && (!$form->{'interface'})) { $form->{'interface'}=$userenv{'interface'}; } - $env{'environment.remote'}=$userenv{'remote'}; if ($userenv{'texengine'} eq 'ttm') { $clientmathml=1; } # --------------- Do not trust query string to be put directly into environment @@ -10785,15 +11146,13 @@ sub init_user_environment { $initial_env{"browser.localres"} = $form->{'localres'}; } - if ($public) { - $initial_env{"environment.remote"} = "off"; - } if ($form->{'interface'}) { $form->{'interface'}=~s/\W//gs; $initial_env{"browser.interface"} = $form->{'interface'}; $env{'browser.interface'}=$form->{'interface'}; } - my %is_adv = ( is_adv => &Apache::lonnet::is_advanced_user($domain,$username) ); + + my %is_adv = ( is_adv => $env{'user.adv'} ); my %domdef = &Apache::lonnet::get_domain_defaults($domain); foreach my $tool ('aboutme','blog','portfolio') {