--- loncom/publisher/loncfile.pm 2011/10/22 21:25:37 1.107 +++ loncom/publisher/loncfile.pm 2011/10/24 22:39:21 1.111 @@ -9,7 +9,7 @@ # and displays a page showing the results of the action. # # -# $Id: loncfile.pm,v 1.107 2011/10/22 21:25:37 www Exp $ +# $Id: loncfile.pm,v 1.111 2011/10/24 22:39:21 www Exp $ # # Copyright Michigan State University Board of Trustees # @@ -161,14 +161,15 @@ sub URLToPath { $Url=~ s/\/+/\//g; $Url=~ s/^https?\:\/\/[^\/]+//; $Url=~ s/^\///; - $Url=~ s/(\~|priv\/)($match_username)\//\/home\/$2\/public_html\//; + $Url='/home/httpd/html/'.$Url; &Debug($r, "Returning $Url \n"); return $Url; } sub url { my $fn=shift; - $fn=~s/^\/home\/($match_username)\/public\_html/\/priv\/$1/; + $fn=~s/^\/home\/httpd\/html//; + $fn=~s/\/\.\//\//g; $fn=&HTML::Entities::encode($fn,'<>"&'); return $fn; } @@ -188,8 +189,7 @@ sub display { sub obsolete_unpub { my ($user,$domain,$construct)=@_; my $published=$construct; - $published=~ - s/^\/home\/$user\/public\_html\//\/home\/httpd\/html\/res\/$domain\/$user\//; + $published=~s/^\/home\/httpd\/html\/priv\//\/home\/httpd\/html\/res\//; if (-e $published) { if (&Apache::lonnet::metadata($published,'obsolete')) { return 1; @@ -271,8 +271,7 @@ sub exists { $creating ||= 'file'; my $published=$construct; - $published=~ - s{^/home/$user/public_html/}{/home/httpd/html/res/$domain/$user/}; + $published=~s{^/home/httpd/html/priv/}{/home/httpd/html/res/}; my ($type,$result); if ( -d $construct ) { return ('error','

'.&mt('Error: destination for operation is an existing directory.').'

'); @@ -346,7 +345,7 @@ sub checksuffix { } sub cleanDest { - my ($request,$dest,$subdir,$fn,$uname)=@_; + my ($request,$dest,$subdir,$fn,$uname,$udom)=@_; #remove bad characters my $foundbad=0; my $error=''; @@ -361,7 +360,7 @@ sub cleanDest { } if ($dest=~m|/|) { my ($newpath)=($dest=~m|(.*)/|); - ($newpath,$error)=&relativeDest($fn,$newpath,$uname); + ($newpath,$error)=&relativeDest($fn,$newpath,$uname,$udom); if (! -d "$newpath") { $request->print('

' .&mt("You have requested to create file in directory [_1] which doesn't exist. The requested directory path has been removed from the requested file name." @@ -390,11 +389,11 @@ sub cleanDest { } sub relativeDest { - my ($fn,$newfilename,$uname)=@_; + my ($fn,$newfilename,$uname,$udom)=@_; my $error = ''; if ($newfilename=~/^\//) { # absolute, simply add path - $newfilename='/home/'.$uname.'/public_html/'; + $newfilename='/home/httpd/html/res/'.$udom.'/'.$uname.'/'; } else { my $dir=$fn; $dir=~s/\/[^\/]+$//; @@ -404,16 +403,10 @@ sub relativeDest { while ($newfilename=~m:/\.\./:) { $newfilename=~ s:/[^/]+/\.\./:/:g; #remove dir/.. } - if ($newfilename =~ m{^/home/($match_username)/(?:public\_html|priv)/}) { - my $otheruname = $1; - unless ($otheruname eq $uname) { - my ($authorname,$authordom)= - &Apache::loncacc::constructaccess($newfilename,$env{'request.role.domain'}); - unless (($authorname eq $otheruname) && ($authordom ne '')) { - my $otherdir = &display($newfilename); - $error = &mt('Access denied to [_1]',$otherdir); - } - } + my ($authorname,$authordom)=&Apache::loncacc::constructaccess($newfilename); + unless (($authorname) && ($authordom)) { + my $otherdir = &display($newfilename); + $error = &mt('Access denied to [_1]',$otherdir); } return ($newfilename,$error); } @@ -951,9 +944,9 @@ sub phaseone { my $doingdir=0; if ($env{'form.action'} eq 'newdir') { $doingdir=1; } my ($newfilename,$error) = - &cleanDest($r,$env{'form.newfilename'},$doingdir,$fn,$uname); + &cleanDest($r,$env{'form.newfilename'},$doingdir,$fn,$uname,$udom); unless ($error) { - ($newfilename,$error)=&relativeDest($fn,$newfilename,$uname); + ($newfilename,$error)=&relativeDest($fn,$newfilename,$uname,$udom); } if ($error) { my $dirlist; @@ -1445,8 +1438,7 @@ sub handler { my $uname; my $udom; - ($uname,$udom)= - &Apache::loncacc::constructaccess($fn,$r->dir_config('lonDefDomain')); + ($uname,$udom)=&Apache::loncacc::constructaccess($fn); &Debug($r, "loncfile::handler constructaccess uname = $uname domain = $udom"); unless (($uname) && ($udom)) {