version 1.313, 2002/12/09 22:09:58
|
version 1.316, 2003/01/10 20:55:44
|
Line 857 sub tokenwrapper {
|
Line 857 sub tokenwrapper {
|
sub userfileupload { |
sub userfileupload { |
my ($formname,$coursedoc)=@_; |
my ($formname,$coursedoc)=@_; |
my $fname=$ENV{'form.'.$formname.'.filename'}; |
my $fname=$ENV{'form.'.$formname.'.filename'}; |
|
# Replace Windows backslashes by forward slashes |
$fname=~s/\\/\//g; |
$fname=~s/\\/\//g; |
|
# Get rid of everything but the actual filename |
$fname=~s/^.*\/([^\/]+)$/$1/; |
$fname=~s/^.*\/([^\/]+)$/$1/; |
|
# Replace spaces by underscores |
|
$fname=~s/\s+/\_/g; |
|
# Replace all other weird characters by nothing |
|
$fname=~s/[^\w\.\-\+]//g; |
|
# See if there is anything left |
unless ($fname) { return 'error: no uploaded file'; } |
unless ($fname) { return 'error: no uploaded file'; } |
chop($ENV{'form.'.$formname}); |
chop($ENV{'form.'.$formname}); |
# Create the directory if not present |
# Create the directory if not present |
Line 1864 sub allowed {
|
Line 1871 sub allowed {
|
$thisallowed.=$1; |
$thisallowed.=$1; |
} |
} |
|
|
|
# URI is an uploaded document for this course |
|
|
|
if (($priv eq 'bre') && |
|
($uri=~/^uploaded\/$ENV{'course.'.$ENV{'request.course.id'}.'.domain'}\/$ENV{'course.'.$ENV{'request.course.id'}.'.num'}/)) { |
|
return 'F'; |
|
} |
# Full access at system, domain or course-wide level? Exit. |
# Full access at system, domain or course-wide level? Exit. |
|
|
if ($thisallowed=~/F/) { |
if ($thisallowed=~/F/) { |