--- loncom/interface/lonsyllabus.pm 2017/06/22 02:11:27 1.138.2.3.2.1 +++ loncom/interface/lonsyllabus.pm 2023/01/21 21:34:08 1.138.2.8.2.2 @@ -1,7 +1,7 @@ # The LearningOnline Network # Syllabus # -# $Id: lonsyllabus.pm,v 1.138.2.3.2.1 2017/06/22 02:11:27 raeburn Exp $ +# $Id: lonsyllabus.pm,v 1.138.2.8.2.2 2023/01/21 21:34:08 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -170,6 +170,7 @@ sub handler { } else { my $brcrum; if ($env{'form.folderpath'} =~ /^supplemental/) { + &Apache::loncommon::validate_folderpath(1,'',$cnum,$cdom); my $title = $env{'form.title'}; if ($title eq '') { $title = &mt('Syllabus'); @@ -177,14 +178,22 @@ sub handler { $brcrum = &Apache::lonhtmlcommon::docs_breadcrumbs(undef,$crstype,undef,$title,1); } - $r->print(&Apache::lonwrapper::wrapper($item,$brcrum,$env{'request.use_absolute'}, - undef,$is_pdf,'','','',&mt('Syllabus'))); + $r->print(&Apache::lonwrapper::wrapper($r,$item,$brcrum,$env{'request.use_absolute'}, + undef,$is_pdf,undef,'','',&mt('Syllabus'))); } } return OK; } } elsif ($external=~/\w/) { unless ($allowed && $forceedit) { + if (($env{'user.name'} eq 'public') && ($env{'user.domain'} eq 'public') && + ($ENV{'SERVER_PORT'} == 443) && ($external =~ m{^http://}) && !($env{'form.usehttp'})) { + my $hostname = $r->hostname(); + unless ((&Apache::lonnet::uses_sts()) || (&Apache::lonnet::waf_allssl($hostname))) { + &redirect_to_http($r); + return OK; + } + } if ($target eq 'tex') { $r->print(&Apache::lonprintout::print_latex_header($env{'form.latex_type'}). ' \strut \\\\ \textbf{'.&mt('Syllabus').'} \strut \\\\ '.$external.' '. @@ -197,15 +206,17 @@ sub handler { $is_pdf = 1; } if ($env{'form.folderpath'} =~ /^supplemental/) { + &Apache::loncommon::validate_folderpath(1,'',$cnum,$cdom); my $title = $env{'form.title'}; if ($title eq '') { $title = &mt('Syllabus'); } + $title = &HTML::Entities::encode($title,'\'"<>&'); $brcrum = &Apache::lonhtmlcommon::docs_breadcrumbs(undef,$crstype,undef,$title,1); } - $r->print(&Apache::lonwrapper::wrapper($external,$brcrum,$env{'request.use_absolute'}, - $is_ext,$is_pdf,'','','',&mt('Syllabus'))); + $r->print(&Apache::lonwrapper::wrapper($r,$external,$brcrum,$env{'request.use_absolute'}, + $is_ext,$is_pdf,undef,'','',&mt('Syllabus'))); } return OK; } @@ -306,9 +317,12 @@ sub handler { if ($allowed) { #---------------------------------- Print External URL Syllabus Info if editing if ($target ne 'tex') { + my $hostname = &Apache::lonnet::hostname($homeserver); my $protocol = $Apache::lonnet::protocol{$homeserver}; $protocol = 'http' if ($protocol ne 'https'); - my $link = $protocol.'://'.&Apache::lonnet::hostname($homeserver).$r->uri; + my $alias = &Apache::lonnet::use_proxy_alias($r,$homeserver); + $hostname = $alias if ($alias ne ''); + my $link = $protocol.'://'.$hostname.$r->uri; $r->print('
' .'' .'' @@ -317,7 +331,7 @@ sub handler { .'' .'
'."\n"); my $lonhost = $r->dir_config('lonHostID'); - $r->print(&chooser($external,$uploaded,$minimal,$cdom,$cnum,$lonhost, + $r->print(&chooser($r,$external,$uploaded,$minimal,$cdom,$cnum,$lonhost, \%syllabusfields,\%syllabus)); } } else { @@ -744,6 +758,7 @@ ENDSCRIPT if ($env{'form.only_body'}) { $args->{'only_body'} = 1; } + $args->{'hostname'} = $r->hostname(); my $start_page = &Apache::loncommon::start_page("Syllabus", $rss_link.$js,$args); if ($start_page) { @@ -755,6 +770,7 @@ sub get_breadcrumbs{ my ($cdom,$cnum,$crstype,$args) = @_; return unless (ref($args) eq 'HASH'); if ($env{'form.folderpath'} =~ /^supplemental/) { + &Apache::loncommon::validate_folderpath(1,'',$cnum,$cdom); my $title = $env{'form.title'}; if ($title eq '') { $title = &mt('Syllabus'); @@ -779,7 +795,7 @@ sub get_breadcrumbs{ } sub chooser { - my ($external,$uploaded,$minimal,$cdom,$cnum,$lonhost,$fields,$values) = @_; + my ($r,$external,$uploaded,$minimal,$cdom,$cnum,$lonhost,$fields,$values) = @_; my %lt = &Apache::lonlocal::texthash( 'type' => 'Syllabus Type', 'url' => 'External URL', @@ -844,7 +860,7 @@ sub chooser { '
'."\n". '
'.$lt{'minimal'}.''; if ($minimal) { - my ($absurl,$filename,$depbutton) = &syllabus_file_info($minimal,$cnum,$cdom,$lonhost,'minimal'); + my ($absurl,$filename,$depbutton) = &syllabus_file_info($r,$minimal,$cnum,$cdom,$lonhost,'minimal'); $output .= ''.$lt{'pr'}.''. ''. $depbutton; @@ -857,7 +873,7 @@ sub chooser { '
'."\n". '
'.$lt{'file'}.''; if ($uploaded) { - my ($absurl,$filename,$depbutton) = &syllabus_file_info($uploaded,$cnum,$cdom,$lonhost,'file'); + my ($absurl,$filename,$depbutton) = &syllabus_file_info($r,$uploaded,$cnum,$cdom,$lonhost,'file'); $output .= ''.$lt{'curr'}.' '. ''. ''.$filename.''.$depbutton. @@ -892,10 +908,13 @@ sub chooser { } sub syllabus_file_info { - my ($item,$cnum,$cdom,$lonhost,$context) = @_; + my ($r,$item,$cnum,$cdom,$lonhost,$context) = @_; + my $hostname = &Apache::lonnet::hostname($lonhost); my $protocol = $Apache::lonnet::protocol{$lonhost}; $protocol = 'http' if ($protocol ne 'https'); - my $absurl = $protocol.'://'.&Apache::lonnet::hostname($lonhost).$item; + my $alias = &Apache::lonnet::use_proxy_alias($r,$lonhost); + $hostname = $alias if ($alias ne ''); + my $absurl = $protocol.'://'.$hostname.$item; my ($filename) = ($item =~ m{([^/]+)$}); my $file=&Apache::lonnet::filelocation("",$item); my ($depbutton,$filetype,$editable); @@ -1138,6 +1157,10 @@ sub save_changes { (ref($courseenv) eq 'HASH')) { return ($earlyout,$uploaded,$external,$minimal,$output); } + my ($was_ext,$is_ext,$putres); + if ($external) { + $was_ext = $external; + } if (($env{'form.deleteuploaded_file'}) || ($env{'form.deleteuploaded_minimal'})) { my %storehash; if (($env{'form.choice'} eq 'file') && @@ -1150,7 +1173,7 @@ sub save_changes { &Apache::lonnet::delenv('course.'.$env{'request.course.id'}.'.externalsyllabus'); $storehash{'uploadedsyllabus'} = ''; $storehash{'externalsyllabus'} = ''; - my $putres = &Apache::lonnet::put('environment',\%storehash,$cdom,$cnum); + $putres = &Apache::lonnet::put('environment',\%storehash,$cdom,$cnum); undef($uploaded); undef($external); } elsif (($env{'form.choice'} eq 'minimal') && @@ -1170,7 +1193,7 @@ sub save_changes { &Apache::lonnet::delenv('course.'.$env{'request.course.id'}.'.minimalsyllabus'); $storehash{'externalsyllabus'} = ''; $storehash{'minimalsyllabus'} = ''; - my $putres = &Apache::lonnet::put('environment',\%storehash,$cdom,$cnum); + $putres = &Apache::lonnet::put('environment',\%storehash,$cdom,$cnum); undef($external); undef($minimal); } @@ -1260,7 +1283,7 @@ sub save_changes { $syllabus->{'uploaded.domain'}=$env{'user.domain'}; $syllabus->{'uploaded.name'}=$env{'user.name'}; $syllabus->{'uploaded.lastmodified'} = $now; - my $putres = &Apache::lonnet::put('syllabus',$syllabus,$cdom,$cnum); + $putres = &Apache::lonnet::put('syllabus',$syllabus,$cdom,$cnum); if ($putres eq 'ok') { ($uploaded,$minimal,$external) = &update_syllabus_env($cdom,$cnum,$courseenv,$env{'form.choice'},$uploaded, @@ -1285,7 +1308,7 @@ sub save_changes { } else { $external=$env{'form.externalsyllabus'}; $external =~ s/(`)//g; - my $putres = + $putres = &Apache::lonnet::put('environment',{externalsyllabus=>$external}, $cdom,$cnum); if ($putres eq 'ok') { @@ -1302,6 +1325,7 @@ sub save_changes { '
'; } } + $is_ext = $external; } else { $output = '
'. &mt('External URL not saved -- invalid URL.'). @@ -1347,7 +1371,7 @@ sub save_changes { } else { $storehash{'externalsyllabus'} = '', } - my $putres = + $putres = &Apache::lonnet::put('environment',\%storehash,$cdom,$cnum); if ($putres eq 'ok') { &Apache::lonnet::make_public_indefinitely($url); @@ -1412,6 +1436,22 @@ sub save_changes { $output = $result.&return_to_editor($cdom,$cnum); $earlyout = 1; } + if ($putres eq 'ok') { + if ((($is_ext) && ($is_ext ne $was_ext)) || ($was_ext)) { + my $chome = &Apache::lonnet::homeserver($cnum,$cdom); + unless ($chome eq 'no_host') { + my %crsinfo = &Apache::lonnet::courseiddump($cdom,'.',1,'.','.',$cnum,undef,undef,'.'); + if (ref($crsinfo{$cdom.'_'.$cnum}) eq 'HASH') { + if ($external =~ m{^http://}) { + $crsinfo{$cdom.'_'.$cnum}{'extsyllplain'} = 1; + } elsif ($crsinfo{$cdom.'_'.$cnum}{'extsyllplain'}) { + delete($crsinfo{$cdom.'_'.$cnum}{'extsyllplain'}); + } + &Apache::lonnet::courseidput($cdom,\%crsinfo,$chome,'notime'); + } + } + } + } return ($earlyout,$uploaded,$external,$minimal,$output); } @@ -1547,9 +1587,10 @@ sub home_http_host { my ($cdom,$cnum) = @_; my $home=&Apache::lonnet::homeserver($cnum,$cdom); if ($home ne 'no_host') { + my $hostname = &Apache::lonnet::hostname($home); my $protocol = $Apache::lonnet::protocol{$home}; $protocol = 'http' if ($protocol ne 'https'); - return $protocol.'://'.&Apache::lonnet::hostname($home); + return $protocol.'://'.$hostname; } return; } @@ -1689,5 +1730,17 @@ sub editbutton_js { ENDJS } +sub redirect_to_http { + my ($r) = @_; + &Apache::loncommon::content_type($r,'text/html'); + &Apache::loncommon::no_cache($r); + $r->send_http_header; + my $url = 'http://'.$r->hostname().$r->uri().'?usehttp=1'; + $r->print(&Apache::loncommon::start_page(undef,undef, + {'redirect' => [0,$url],}). + &Apache::loncommon::end_page()); + return; +} + 1; __END__