--- loncom/publisher/loncfile.pm	2008/03/12 02:46:38	1.88
+++ loncom/publisher/loncfile.pm	2023/07/14 23:20:15	1.127
@@ -9,7 +9,7 @@
 #  and displays a page showing the results of the action.
 #
 #
-# $Id: loncfile.pm,v 1.88 2008/03/12 02:46:38 raeburn Exp $
+# $Id: loncfile.pm,v 1.127 2023/07/14 23:20:15 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -37,16 +37,16 @@
 
 =head1 NAME
 
-Apache::loncfile - Construction space file management.
+Apache::loncfile - Authoring space file management.
 
 =head1 SYNOPSIS
- 
- Content handler for buttons on the top frame of the construction space 
+
+ Content handler for buttons on the top frame of the construction space
 directory.
 
 =head1 INTRODUCTION
 
-  loncfile is invoked when buttons in the top frame of the construction 
+  loncfile is invoked when buttons in the top frame of the construction
 space directory listing are clicked.   All operations proceed in two phases.
 The first phase describes to the user exactly what will be done.  If the user
 confirms the operation, the second phase commits the operation and indicates
@@ -68,7 +68,6 @@ use File::Basename;
 use File::Copy;
 use HTML::Entities();
 use Apache::Constants qw(:common :http :methods);
-use Apache::loncacc;
 use Apache::lonnet;
 use Apache::loncommon();
 use Apache::lonlocal;
@@ -89,32 +88,44 @@ my $r;				# Needs to be global for some
  Parameters:
 
 =over 4
- 
+
 =item $request - The current request operation.
 
 =item $message - The message to put in the log file.
 
 =back
-  
+
  Returns:
    nothing.
 
 =cut
 
 sub Debug {
-    # Put out the indicated message butonly if DEBUG is true.
+    # Put out the indicated message but only if DEBUG is true.
     if ($DEBUG) {
 	my ($r,$message) = @_;
 	$r->log_reason($message);
     }
 }
 
+sub done {
+    my ($destfn) = @_;
+    return
+       '<p>'
+      .&Apache::lonhtmlcommon::confirm_success(&mt("Done"))
+      .'<br /><a href="'.&url($destfn).'">'.&mt("Continue").'</a>'
+      .'<script type="text/javascript">'
+      .'location.href="'.&url($destfn,'js').'";'
+      .'</script>'
+      .'</p>';
+}
+
 =pod
 
 =item URLToPath($url)
 
   Convert a URL to a file system path.
-  
+
   In order to manipulate the construction space objects, it is necessary
   to access url identified objects a filespace objects.  This function
   translates a construction space URL to a file system path.
@@ -123,14 +134,14 @@ sub Debug {
 =over 4
 
 =item  Url    - string [in] The url to convert.
-  
+
 =back
-  
+
  Returns:
 
 =over 4
 
-=item  The corresponding file system path. 
+=item  The corresponding file system path.
 
 =back
 
@@ -147,24 +158,32 @@ Global References
 sub URLToPath {
     my $Url = shift;
     &Debug($r, "UrlToPath got: $Url");
-    $Url=~ s/\/+/\//g;
-    $Url=~ s/^http\:\/\/[^\/]+//;
-    $Url=~ s/^\///;
-    $Url=~ s/(\~|priv\/)($match_username)\//\/home\/$2\/public_html\//;
+    $Url=~ s{^https?\://[^/]+}{};
+    $Url=~ s{//+}{/}g;
+    $Url=~ s{^/}{};
+    $Url=$Apache::lonnet::perlvar{'lonDocRoot'}."/$Url";
     &Debug($r, "Returning $Url \n");
     return $Url;
 }
 
 sub url {
-    my $fn=shift;
-    $fn=~s/^\/home\/($match_username)\/public\_html/\/priv\/$1/;
-    $fn=&HTML::Entities::encode($fn,'<>"&');
+    my ($fn,$context) = @_;
+    my $londocroot = $Apache::lonnet::perlvar{'lonDocRoot'};
+    $fn=~ s/^\Q$londocroot\E//;
+    $fn=~s{/\./}{/}g;
+    if ($context eq 'js') {
+        &js_escape(\$fn);
+    } else {
+        $fn=&HTML::Entities::encode($fn,'\'<>"&');
+    }
     return $fn;
 }
 
 sub display {
     my $fn=shift;
-    $fn=~s-^/home/($match_username)/public_html-/priv/$1-;
+    my $londocroot = $Apache::lonnet::perlvar{'lonDocRoot'};
+    $fn=~s/^\Q$londocroot\E//;
+    $fn=~s{/\./}{/}g;
     return '<span class="LC_filename">'.$fn.'</span>';
 }
 
@@ -175,9 +194,9 @@ sub display {
 
 sub obsolete_unpub {
     my ($user,$domain,$construct)=@_;
+    my $londocroot = $Apache::lonnet::perlvar{'lonDocRoot'};
     my $published=$construct;
-    $published=~
-	s/^\/home\/$user\/public\_html\//\/home\/httpd\/html\/res\/$domain\/$user\//;
+    $published=~s{^\Q$londocroot/priv/\E}{$londocroot/res/};
     if (-e $published) {
 	if (&Apache::lonnet::metadata($published,'obsolete')) {
 	    return 1;
@@ -191,13 +210,14 @@ sub obsolete_unpub {
 # see if directory is empty
 # ignores any .meta, .save, .bak, and .log files created for a previously
 # published file, which has since been marked obsolete and deleted.
+# ignores a .DS_Store file put there when viewing directory via webDAV on MacOS.
 sub empty_directory {
     my ($dirname,$phase) = @_;
     if (opendir DIR, $dirname) {
         my @files = grep(!/^\.\.?$/, readdir(DIR)); # ignore . and ..
-        if (@files) { 
-            my @orphans = grep(/\.(meta|save|log|bak)$/,@files);
-            if (scalar(@files) - scalar(@orphans) > 0) { 
+        if (@files) {
+            my @orphans = grep(/\.(meta|save|log|bak|DS_Store)$/,@files);
+            if (scalar(@files) - scalar(@orphans) > 0) {
                 return 0;
             } else {
                 if (($phase eq 'Delete2') && (@orphans > 0)) {
@@ -219,7 +239,7 @@ sub empty_directory {
 
 =item exists($user, $domain, $file)
 
-   Determine if a resource file name has been published or exists
+   Determine if a resource filename has been published or exists
    in the construction space.
 
  Parameters:
@@ -249,7 +269,7 @@ Returns:
 =item  string - Either where the resource exists as an html string that can
            be embedded in a dialog or an empty string if the resource
            does not exist.
-  
+
 =back
 
 =cut
@@ -258,33 +278,33 @@ sub exists {
     my ($user, $domain, $construct, $creating) = @_;
     $creating ||= 'file';
 
+    my $londocroot = $Apache::lonnet::perlvar{'lonDocRoot'};
     my $published=$construct;
-    $published=~
-	s{^/home/$user/public_html/}{/home/httpd/html/res/$domain/$user/};
+    $published=~s{^\Q$londocroot/priv/\E}{$londocroot/res/};
     my ($type,$result);
     if ( -d $construct ) {
-	return ('error','<p><span class="LC_error">'.&mt('Error: destination for operation is an existing directory.').'</span></p>');
+	return ('error','<p class="LC_error">'.&mt('Error: destination for operation is an existing directory.').'</p>');
 	
     }
 
     if ( -e $published) {
 	if ( -e $construct ) {
 	    $type = 'warning';
-	    $result.='<p><span class="LC_warning">'.&mt('Warning: target file exists, and has been published!').'</span></p>';
+	    $result.='<p class="LC_warning">'.&mt('Warning: target file exists, and has been published!').'</p>';
 	} else {
 	    my $published_type = (-d $published) ? 'directory' : 'file';
 
 	    if ($published_type eq $creating) {
 		$type = 'warning';
-		$result.='<p><span class="LC_warning">'.&mt("Warning: a published $published_type of this name exists.").'</span></p>';
+		$result.='<p class="LC_warning">'.&mt("Warning: a published $published_type of this name exists.").'</p>';
 	    } else {
 		$type = 'error';
-		$result.='<p><span class="LC_error">'.&mt("Error: a published $published_type of this name exists.").'</span></p>';
+		$result.='<p class="LC_error">'.&mt("Error: a published $published_type of this name exists.").'</p>';
 	    }
 	}
     } elsif ( -e $construct) {
 	$type = 'warning';
-	$result.='<p><span class="LC_warning">'.&mt('Warning: target file exists!').'</span></p>';
+	$result.='<p class="LC_warning">'.&mt('Warning: target file exists!').'</p>';
     }
 
     return ($type,$result);
@@ -293,7 +313,7 @@ sub exists {
 =pod
 
 =item checksuffix($old, $new)
-        
+
   Determine if a resource filename suffix (the stuff after the .) would change
 as a result of this operation.
 
@@ -328,15 +348,17 @@ sub checksuffix {
     if ($old=~m:(.*)/+([^/]+)\.(\w+)$:) { $oldsuffix=$3; }
     if (lc($oldsuffix) ne lc($newsuffix)) {
 	$result.=
-            '<p><span class="LC_warning">'.&mt('Warning: change of MIME type!').'</span></p>';
+            '<p class="LC_warning">'.&mt('Warning: change of MIME type!').'></p>';
     }
     return $result;
 }
 
 sub cleanDest {
-    my ($request,$dest,$subdir,$fn,$uname)=@_;
+    my ($dest,$subdir,$fn,$uname,$udom)=@_;
     #remove bad characters
     my $foundbad=0;
+    my $warnings;
+    my $error='';
     if ($subdir && $dest =~/\./) {
 	$foundbad=1;
 	$dest=~s/\.//g;
@@ -348,39 +370,55 @@ sub cleanDest {
     }
     if ($dest=~m|/|) {
 	my ($newpath)=($dest=~m|(.*)/|);
-	$newpath=&relativeDest($fn,$newpath,$uname);
+	($newpath,$error)=&relativeDest($fn,$newpath,$uname,$udom);
 	if (! -d "$newpath") {
-	    $request->print("<p><span class=\"LC_error\">".&mt('You have requested to create file in directory [_1] which doesn\'t exist. The requested directory path has been removed from the requested file name.','"'.&display($newpath).'"')."</span></p>");
+	    $warnings = '<p class="LC_warning">'
+                       .&mt("You have requested to create file in directory [_1] which doesn't exist. The requested directory path has been removed from the requested filename."
+                           ,&display($newpath))
+                       .'</p>';
 	    $dest=~s|.*/||;
 	}
     }
-    if ($dest =~ /\.(\d+)\.(\w+)$/){
-	$request->print('<span class="LC_error">'
-			.&mt('Bad filename [_1].<br /> <tt>(name).(number).(extension)</tt> not allowed. <br /> Removing the <tt>.number.</tt> from requested filename.',&display($dest))
-			.'</span>');
+    if ($dest =~ /\.(\d+)\.(\w+)$/) {
+	$warnings .= '<p class="LC_warning">'
+                    .&mt('Bad filename [_1]',&display($dest))
+                    .'<br />'
+                    .&mt('[_1](name).(number).(extension)[_2] not allowed.','<tt>','</tt>')
+                    .'<br />'
+                    .&mt('Removing the [_1].number.[_2] from requested filename.','<tt>','</tt>')
+                    .'</p>';
 	$dest =~ s/\.(\d+)(\.\w+)$/$2/;
     }
     if ($foundbad) {
-	$request->print("<p><span class=\"LC_error\">".&mt('Invalid characters in requested name have been removed.')."</span></p>");
+        $warnings .= '<p class="LC_warning">'
+                    .&mt('Invalid characters in requested name have been removed.')
+                    .'</p>';
     }
-    return $dest;
+    return ($dest,$error,$warnings);
 }
 
 sub relativeDest {
-    my ($fn,$newfilename,$uname)=@_;
+    my ($fn,$newfilename,$uname,$udom)=@_;
+    my $error = '';
     if ($newfilename=~/^\//) {
 # absolute, simply add path
-	$newfilename='/home/'.$uname.'/public_html/';
+        my $londocroot = $Apache::lonnet::perlvar{'lonDocRoot'};
+	$newfilename="$londocroot/res/$udom/$uname/";
     } else {
 	my $dir=$fn;
-	$dir=~s/\/[^\/]+$//;
+	$dir=~s{/[^/]+$}{};
 	$newfilename=$dir.'/'.$newfilename;
     }
-    $newfilename=~s://+:/:g; # remove duplicate /
-    while ($newfilename=~m:/\.\./:) {
-	$newfilename=~ s:/[^/]+/\.\./:/:g; #remove dir/..
+    $newfilename=~s{//+}{/}g; # remove duplicate /
+    while ($newfilename=~m{/\.\./}) {
+	$newfilename=~ s{/[^/]+/\.\./}{/}g; #remove dir/..
+    }
+    my ($authorname,$authordom)=&Apache::lonnet::constructaccess($newfilename);
+    unless (($authorname) && ($authordom)) {
+       my $otherdir = &display($newfilename);
+       $error = &mt('Access denied to [_1]',$otherdir);
     }
-    return $newfilename;
+    return ($newfilename,$error);
 }
 
 =pod
@@ -403,9 +441,9 @@ Parameters:
 
 sub CloseForm1 {
     my ($request,  $fn) = @_;
-    $request->print('<p><input type="submit" value="'.&mt('Continue').'" /></p></form>');
-    $request->print('<form action="'.&url($fn).
-		    '" method="POST"><p><input type="submit" value="'.&mt('Cancel').'" /></p></form>');
+    $request->print('<input type="submit" value="'.&mt('Continue').'" /></form>');
+    $request->print(' <form action="'.&url($fn).'" method="post">'.
+                    '<input type="submit" value="'.&mt('Cancel').'" /></form>');
 }
 
 
@@ -425,7 +463,7 @@ Parameters:
 =item   $user       - string [in] - Name of the user that is initiating the
                  request.
 
-=item   $directory  - string [in] - Directory in which the operation is 
+=item   $directory  - string [in] - Directory in which the operation is
                  being done relative to the top level construction space
                  directory.
 
@@ -435,20 +473,20 @@ Parameters:
 
 sub CloseForm2 {
     my ($request, $user, $fn) = @_;
-    $request->print('<h3><a href="'.&url($fn).'/">'.&mt('Done').'</a></h3>');
+    $request->print(&done($fn));
 }
 
 =pod
 
 =item Rename1($request, $filename, $user, $domain, $dir)
- 
+
    Perform phase 1 processing of the file rename operation.
 
 Parameters:
 
 =over 4
 
-=item  $request   - Apache Request Object [in] The request object for the 
+=item  $request   - Apache Request Object [in] The request object for the
 current request.
 
 =item  $filename  - The filename relative to construction space.
@@ -471,7 +509,7 @@ new filename relative to the current dir
 
 =back
 
-=cut  
+=cut
 
 sub Rename1 {
     my ($request, $user, $domain, $fn, $newfilename, $style) = @_;
@@ -496,10 +534,10 @@ sub Rename1 {
 	    if (-d $fn) {
 		$newfilename=~/\.(\w+)$/;
 		if (&Apache::loncommon::fileembstyle($1) eq 'ssi') {
-		    $request->print('<br /><span classr="LC_warning">'.
-				    &mt('Cannot change MIME type of a directory').
+		    $request->print('<p><span class="LC_error">'.
+				    &mt('Cannot change MIME type of a directory.').
 				    '</span>'.
-				    '<br /><a href="'.&url($fn).'">'.&mt('Cancel').'</a>');
+				    '<br /><a href="'.&url($fn).'">'.&mt('Cancel').'</a></p>');
 		    return;
 		}
 		$newfilename=~s/\/[^\/]+\/([^\/]+)$/\/$1/;
@@ -515,30 +553,41 @@ sub Rename1 {
 		return;
 	    }
 	    unless (&obsolete_unpub($user,$domain,$fn)) {
-		$request->print('<h3>'.&mt('Cannot rename or move non-obsolete published file').'</h3>'.
-				'<br /><a href="'.&url($fn).'">'.&mt('Cancel').'</a>');
+                $request->print('<p><span class="LC_error">'
+                               .&mt('Cannot rename or move non-obsolete published file.')
+                               .'</span><br />'
+                               .'<a href="'.&url($fn).'">'.&mt('Cancel').'</a></p>'
+                );
 		return;
 	    }
 	    my $action;
 	    if ($style eq 'rename') {
-		$action=&mt('Rename');
+		$action='Rename';
 	    } else {
-		$action=&mt('Move');
+		$action='Move';
 	    }
-	    $request->print('<input type="hidden" name="newfilename" value="'.
-			    $newfilename.
-			    '" /><p>'.$action.' '.&display($fn).
-			    '</p><br />to '.&display($newfilename).'?</p>');
+            $request->print('<input type="hidden" name="newfilename" value="'
+                           .$newfilename.'" />'
+                           .'<p>'
+                           .&mt($action.' [_1] to [_2]?',
+                                &display($fn),
+                                &display($newfilename))
+                           .'</p>'
+        );
 	    &CloseForm1($request, $fn);
 	} else {
-	    $request->print('<p>'.&mt('No new filename specified.').'</p></form>');
+	    $request->print('<p class="LC_error">'.&mt('No new filename specified.').'</p></form>');
 	    return;
 	}
     } else {
-	$request->print('<p> '.&mt('No such file').': '.&display($fn).'</p></form>');
+        $request->print('<p class="LC_error">'
+                       .&mt('No such file: [_1]',
+                            &display($fn))
+                       .'</p></form>'
+        );
 	return;
     }
-    
+
 }
 
 =pod
@@ -552,7 +601,7 @@ Parameters:
 
 =over 4
 
-=item   $request   - Apache Request Object [in] request object for the current 
+=item   $request   - Apache Request Object [in] request object for the current
                 request.
 
 =item   $user      - string [in]  Name of the user initiating the request.
@@ -570,25 +619,41 @@ sub Delete1 {
 
     if( -e $fn) {
 	$request->print('<input type="hidden" name="newfilename" value="'.
-			$fn.'"/>');
+			$fn.'" />');
         if (-d $fn) {
             unless (&empty_directory($fn,'Delete1')) {
-                $request->print('<h3>'.&mt('Only empty directories may be deleted.').'</h3>'.
-                            'You must delete the contents of the directory first.<br />'.
-                            '<br /><a href="'.&url($fn).'">'.&mt('Cancel').'</a>');
+                $request->print('<p>'
+                               .'<span class="LC_error">'
+                               .&mt('Only empty directories may be deleted.')
+                               .'</span><br />'
+                               .&mt('You must delete the contents of the directory first.')
+                               .'</p>'
+                               .'<p><a href="'.&url($fn).'">'.&mt('Cancel').'</a></p>'
+                );
                 return;
             }
-        } else { 
+        } else {
 	    unless (&obsolete_unpub($user,$domain,$fn)) {
-	        $request->print('<h3>'.&mt('Cannot delete non-obsolete published file').'</h3>'.
-			    '<br /><a href="'.&url($fn).'">'.&mt('Cancel').'</a>');
+                $request->print('<p><span class="LC_error">'
+                               .&mt('Cannot delete non-obsolete published file.')
+                               .'</span><br />'
+                               .'<a href="'.&url($fn).'">'.&mt('Cancel').'</a></p>'
+                );
 	        return;
 	    }
         }
-	$request->print('<p>'.&mt('Delete').' '.&display($fn).'?</p>');
+        $request->print('<p>'
+                       .&mt('Delete [_1]?',
+                            &display($fn))
+                       .'</p>'
+        );
 	&CloseForm1($request, $fn);
     } else {
-	$request->print('<p>'.&mt('No such file').': '.&display($fn).'</p></form>');
+        $request->print('<p class="LC_error">'
+                       .&mt('No such file: [_1]',
+                            &display($fn))
+                       .'</p></form>'
+        );
     }
 }
 
@@ -604,7 +669,7 @@ Parameters:
 
 =over 4
 
-=item   $request   - Apache Request Object [in] request object for the current 
+=item   $request   - Apache Request Object [in] request object for the current
                 request.
 
 =item   $user      - string [in]  Name of the user initiating the request.
@@ -630,7 +695,7 @@ sub Copy1 {
 	if ($newfilename =~ m|/[^\.]+$|) {
 	    #no extension add on original extension
 	    if ($fn =~ m|/[^\.]*\.([^\.]+)$|) {	$newfilename.='.'.$1; }
-	} 
+	}
 	$newfilename=~s://+:/:g; # remove duplicate /
 	while ($newfilename=~m:/\.\./:) {
 	    $newfilename=~ s:/[^/]+/\.\./:/:g; #remove dir/..
@@ -639,23 +704,43 @@ sub Copy1 {
 	my ($type,$return)=&exists($user, $domain, $newfilename);
 	$request->print($return);
 	if ($type eq 'error') {
-	    $request->print('<br /><a href="'.&url($fn).'">'.&mt('Cancel').'</a>');
+	    $request->print('<br /><a href="'.&url($fn).'">'.&mt('Cancel').'</a></form>');
 	    return;
 	}
-	$request->print('<input type="hidden" name="newfilename" value="'.
-			$newfilename.
-			'" /><p>'.&mt('Copy').' '.&display($fn).'<br />to '.
-			&display($newfilename).'?</p>');
+# Check if there is enough space.
+        my @fileinfo = stat($fn);
+        my ($dir,$fname) = ($fn =~ m{^(.+/)([^/]+)$});
+        my $filesize = $fileinfo[7];
+        $filesize = int($filesize/1000); #expressed in kb
+        my $output = &Apache::loncommon::excess_filesize_warning($user,$domain,'author',
+                                                                 $fname,$filesize,'copy');
+        if ($output) {
+            $request->print($output.'<br /><a href="'.&url($dir).'">'.&mt('Cancel').'</a></form>');
+            return;
+        }
+    $request->print(
+        '<input type="hidden" name="newfilename"'
+       .' value="'.$newfilename.'" />'
+       .'<p>'
+       .&mt('Copy [_1] to [_2]?',
+            &display($fn),
+            &display($newfilename))
+       .'</p>'
+        );
 	&CloseForm1($request, $fn);
     } else {
-	$request->print('<p>'.&mt('No such file').': '.&display($fn).'</p></form>');
+        $request->print('<p class="LC_error">'
+                       .&mt('No such file: [_1]',
+                            &display($fn))
+                       .'</p></form>'
+        );
     }
 }
 
 =pod
 
 =item NewDir1
- 
+
   Does all phase 1 processing of directory creation:
   Ensures that the user provides a new directory name,
   and that the directory does not already exist.
@@ -673,7 +758,7 @@ Parameters:
 
 =item   $fn     - source file.
 
-=item   $newdir   - Name of the directory to be created; path relative to the 
+=item   $newdir   - Name of the directory to be created; path relative to the
                top level of construction space.
 =back
 
@@ -699,14 +784,17 @@ sub NewDir1 {
     if ($type eq 'error') {
 	$request->print('</form>');
     } else {
-	if ($mode eq 'testbank') {
-	    $request->print('<input type="hidden" name="callingmode" value="testbank">');
-	} elsif ($mode eq 'imsimport') {
-	    $request->print('<input type="hidden" name="callingmode" value="imsimport">');
-	}
-	$request->print('<input type="hidden" name="newfilename" value="'.
-			$newfilename.'" /><p>'.&mt('Make new directory').' '.
-			&display($newfilename).'?</p>');
+	if (($mode eq 'testbank') || ($mode eq 'imsimport')) {
+	    $request->print('<input type="hidden" name="callingmode" value="'.$mode.'" />'."\n".
+                            '<input type="hidden" name="inhibitmenu" value="yes" />');
+	}
+        $request->print('<input type="hidden" name="newfilename" value="'
+                       .$newfilename.'" />'
+                       .'<p>'
+                       .&mt('Make new directory [_1]?',
+                            &display($newfilename))
+                       .'</p>'
+        );
 	&CloseForm1($request, $fn);
     }
 }
@@ -715,18 +803,26 @@ sub NewDir1 {
 sub Decompress1 {
     my ($request, $user, $domain, $fn) = @_;
     if( -e $fn) {
-   	$request->print('<input type="hidden" name="newfilename" value="'.$fn.'"/>');
-   	$request->print('<p>'.&mt('Decompress').' '.&display($fn).'?</p>');
+   	$request->print('<input type="hidden" name="newfilename" value="'.$fn.'" />');
+   	$request->print('<p>'
+                   .&mt('Decompress [_1]?',
+                        &display($fn))
+                   .'</p>'
+    );
    	&CloseForm1($request, $fn);
     } else {
-	$request->print('<p>'.&mt('No such file').': '.&display($fn).'</p></form>');
+        $request->print('<p class="LC_error">'
+                       .&mt('No such file: [_1]',
+                            &display($fn))
+                       .'</p></form>'
+        );
     }
 }
 
 =pod
 
 =item NewFile1
- 
+
   Does all phase 1 processing of file creation:
   Ensures that the user provides a new filename, adds proper extension
   if needed and that the file does not already exist, if it is a html,
@@ -744,10 +840,13 @@ Parameters:
 
 =item   $domain   - Name of the domain of the user
 
-=item   $fn      - Source file name
+=item   $fn      - Source filename
 
 =item   $newfilename
                   - Name of the file to be created; no path information
+
+=item   $warnings - Information about changes to filename made by cleanDest().
+
 =back
 
 Side Effects:
@@ -757,31 +856,18 @@ Side Effects:
 =item 2 new forms are displayed.  Clicking on the confirmation button
 causes the browser to attempt to load the specfied URL, allowing the
 proper handler to take care of file creation. There is also a Cancel
-button which returns you to the driectory listing you came from
+button which returns you to the directory listing you came from
 
 =back
 
 =cut
 
 sub NewFile1 {
-    my ($request, $user, $domain, $fn, $newfilename) = @_;
+    my ($request, $user, $domain, $fn, $newfilename, $warnings) = @_;
+    return if (&filename_check($newfilename,$warnings) ne 'ok');
 
     if ($env{'form.action'} =~ /new(.+)file/) {
 	my $extension=$1;
-
-        ##Informs User (name).(number).(extension) not allowed 
-	if($newfilename =~ /\.(\d+)\.(\w+)$/){
-	    $r->print('<span class="LC_error">'.$newfilename.
-		      ' - '.&mt('Bad Filename').'<br />('.&mt('name').').('.&mt('number').').('.&mt('extension').') '.
-		      ' '.&mt('Not Allowed').'</span>');
-	    return;
-	}
-	if($newfilename =~ /(\:\:\:|\&\&\&|\_\_\_)/){
-	    $r->print('<span class="LC_error">'.$newfilename.
-		      ' - '.&mt('Bad Filename').'<br />('.&mt('Must not include').' '.$1.') '.
-		      ' '.&mt('Not Allowed').'</span>');
-	    return;
-	}
 	if ($newfilename !~ /\Q.$extension\E$/) {
 	    if ($newfilename =~ m|/[^/.]*\.(?:[^/.]+)$|) {
 		#already has an extension strip it and add in expected one
@@ -791,18 +877,68 @@ sub NewFile1 {
 	}
     }
     my ($type, $result)=&exists($user,$domain,$newfilename);
-    $request->print($result);
     if ($type eq 'error') {
+        $request->print($warnings.$result);
 	$request->print('</form>');
     } else {
-	
-	$request->print('<p>'.&mt('Make new file').' '.&display($newfilename).'?</p>');
-	$request->print('</form>');
-	$request->print('<form action="'.&url($newfilename).
-			'" method="POST"><p><input type="submit" value="'.&mt('Continue').'" /></p></form>');
-	$request->print('<form action="'.&url($fn).
-			'" method="POST"><p><input type="submit" value="'.&mt('Cancel').'" /></p></form>');
+        my $extension;
+
+        if ($newfilename =~ m{[^/.]+\.([^/.]+)$}) {
+            $extension = $1;
+        }
+
+        my @okexts = qw(xml html xhtml htm xhtm problem page sequence rights sty task library js css txt);
+        if (($extension eq '') || (!grep(/^\Q$extension\E/,@okexts))) {
+            my $validexts = '.'.join(', .',@okexts);
+            $request->print($warnings.$result);
+            $request->print('<p class="LC_warning">'.
+                &mt('Invalid filename: ').&display($newfilename).'</p><p>'.
+                &mt('The name of the new file needs to end with an appropriate file extension to indicate the type of file to create.').'<br />'.
+                &mt('The following are valid extensions: [_1].',$validexts).
+                '</p></form><p>'.
+		'<form name="fileaction" action="/adm/cfile" method="post">'.
+                '<input type="hidden" name="qualifiedfilename" value="'.$fn.'" />'.
+		'<input type="hidden" name="action" value="newfile" />'.
+	        '<span class ="LC_nobreak">'.&mt('Enter a filename: ').'<input type="text" name="newfilename" value="Type Name Here" onfocus="if (this.value == '."'Type Name Here') this.value=''".'" />&nbsp;<input type="submit" value="Go" />'.
+                '</span></form></p>'.
+                '<p><form action="'.&url($fn).
+                '" method="post"><p><input type="submit" value="'.&mt('Cancel').'" /></form></p>');
+        } elsif (($type ne 'warning') && ($warnings eq '') && ($result eq '')) {
+            my $query = "";
+            $query .= "?mode=" . $env{'form.mode'} unless (!exists($env{'form.mode'}) || !length($env{'form.mode'}));
+            $request->print('
+                <script type="text/javascript">
+                    window.location = "'.&url($newfilename,'js'). $query .'";
+                </script>');
+        } else {
+            $request->print($warnings.$result);
+            $request->print('<p>'.&mt('Make new file').' '.&display($newfilename).'?</p>');
+            $request->print('</form>');
+            $request->print('<form action="'.&url($newfilename).
+                        '" method="post"><p><input type="submit" value="'.&mt('Continue').'" /></p></form>');
+            $request->print('<form action="'.&url($fn).
+                        '" method="post"><p><input type="submit" value="'.&mt('Cancel').'" /></p></form>');
+        }
     }
+    return;
+}
+
+sub filename_check {
+    my ($newfilename) = @_;
+    ##Informs User (name).(number).(extension) not allowed
+    if($newfilename =~ /\.(\d+)\.(\w+)$/){
+        $r->print('<span class="LC_error">'.$newfilename.
+                  ' - '.&mt('Bad Filename').'<br />('.&mt('name').').('.&mt('number').').('.&mt('extension').') '.
+                  ' '.&mt('Not Allowed').'</span>');
+        return;
+    }
+    if($newfilename =~ /(\:\:\:|\&\&\&|\_\_\_)/){
+        $r->print('<span class="LC_error">'.$newfilename.
+                  ' - '.&mt('Bad Filename').'<br />('.&mt('Must not include').' '.$1.') '.
+                  ' '.&mt('Not Allowed').'</span>');
+        return;
+    }
+    return 'ok';
 }
 
 =pod
@@ -813,7 +949,7 @@ sub NewFile1 {
 are returned if the request cannot be performed (e.g. attempts to manipulate
 files that are nonexistent).  If the operation can be performed, what is
 about to be done will be presented to the user for confirmation.  If the
-user confirms the request, then phase two is executed, the action 
+user confirms the request, then phase two is executed, the action
 performed and reported to the user.
 
  Parameters:
@@ -822,12 +958,12 @@ performed and reported to the user.
 
 =item $r  - request object [in] - The Apache request being executed.
 
-=item $fn = string [in] - The filename being manipulated by the 
+=item $fn = string [in] - The filename being manipulated by the
                              request.
 
 =item $uname - string [in] Name of user logged in and doing this action.
 
-=item $udom  - string [in] Domain name under which the user logged in. 
+=item $udom  - string [in] Domain name under which the user logged in.
 
 =back
 
@@ -835,52 +971,84 @@ performed and reported to the user.
 
 sub phaseone {
     my ($r,$fn,$uname,$udom)=@_;
-  
+
     my $doingdir=0;
     if ($env{'form.action'} eq 'newdir') { $doingdir=1; }
-    my $newfilename=&cleanDest($r,$env{'form.newfilename'},$doingdir,$fn,$uname);
-    $newfilename=&relativeDest($fn,$newfilename,$uname);
+    my ($newfilename,$error,$warnings) =
+        &cleanDest($env{'form.newfilename'},$doingdir,$fn,$uname,$udom);
+    unless ($error) {
+        ($newfilename,$error)=&relativeDest($fn,$newfilename,$uname,$udom);
+    }
+    if ($error) {
+        my $dirlist;
+        if ($fn=~m{^(.*/)[^/]+$}) {
+            $dirlist=$1;
+        } else {
+            $dirlist=$fn;
+        }
+        if ($warnings) {
+            $r->print($warnings);
+        }
+        $r->print('<div class="LC_error">'.$error.'</div>'.
+                  '<p><a href="'.&url($dirlist).'">'.&mt('Return to Directory').
+                  '</a></p>');
+        return;
+    }
     $r->print('<form action="/adm/cfile" method="post">'.
 	      '<input type="hidden" name="qualifiedfilename" value="'.$fn.'" />'.
 	      '<input type="hidden" name="phase" value="two" />'.
 	      '<input type="hidden" name="action" value="'.$env{'form.action'}.'" />');
-  
-    if ($env{'form.action'} eq 'rename') {
-	&Rename1($r, $uname, $udom, $fn, $newfilename, 'rename');
-    } elsif ($env{'form.action'} eq 'move') {
-	&Rename1($r, $uname, $udom, $fn, $newfilename, 'move');
-    } elsif ($env{'form.action'} eq 'delete') { 
-	&Delete1($r, $uname, $udom, $fn);
-    } elsif ($env{'form.action'} eq 'decompress') {
-	&Decompress1($r, $uname, $udom, $fn);
-    } elsif ($env{'form.action'} eq 'copy') { 
-	if($newfilename) {
-	    &Copy1($r, $uname, $udom, $fn, $newfilename);
-	} else {
-	    $r->print('<p>'.&mt('No new filename specified.').'</p></form>');
-	}
-    } elsif ($env{'form.action'} eq 'newdir') {
-	my $mode = '';
-	if (exists($env{'form.callingmode'}) ) {
-	    $mode = $env{'form.callingmode'};
-	}   
-	&NewDir1($r, $uname, $udom, $fn, $newfilename, $mode);
-    }  elsif ($env{'form.action'} eq 'newfile' ||
-	      $env{'form.action'} eq 'newhtmlfile' ||
-	      $env{'form.action'} eq 'newproblemfile' ||
-	      $env{'form.action'} eq 'newpagefile' ||
-	      $env{'form.action'} eq 'newsequencefile' ||
-	      $env{'form.action'} eq 'newrightsfile' ||
-	      $env{'form.action'} eq 'newstyfile' ||
-	      $env{'form.action'} eq 'newtaskfile' ||
-              $env{'form.action'} eq 'newlibraryfile' ||
-	      $env{'form.action'} eq 'Select Action') {
+
+    if ($env{'form.action'} eq 'newfile' ||
+        $env{'form.action'} eq 'newhtmlfile' ||
+        $env{'form.action'} eq 'newproblemfile' ||
+        $env{'form.action'} eq 'newpagefile' ||
+        $env{'form.action'} eq 'newsequencefile' ||
+        $env{'form.action'} eq 'newrightsfile' ||
+        $env{'form.action'} eq 'newstyfile' ||
+        $env{'form.action'} eq 'newtaskfile' ||
+        $env{'form.action'} eq 'newlibraryfile' ||
+        $env{'form.action'} eq 'Select Action') {
         my $empty=&mt('Type Name Here');
-	if (($newfilename!~/\/$/) && ($newfilename!~/$empty$/)) {
-	    &NewFile1($r, $uname, $udom, $fn, $newfilename);
-	} else {
-	    $r->print('<p>'.&mt('No new filename specified.').'</p></form>');
-	}
+        if (($newfilename!~/\/$/) && ($newfilename!~/$empty$/)) {
+            &NewFile1($r, $uname, $udom, $fn, $newfilename, $warnings);
+        } else {
+            if ($warnings) {
+                $r->print($warnings);
+            }
+            $r->print('<p class="LC_error">'
+                     .&mt('No new filename specified.')
+                     .'</p></form>'
+            );
+        }
+    } else {
+        if ($warnings) {
+            $r->print($warnings);
+        }
+        if ($env{'form.action'} eq 'rename') {
+	    &Rename1($r, $uname, $udom, $fn, $newfilename, 'rename');
+        } elsif ($env{'form.action'} eq 'move') {
+	    &Rename1($r, $uname, $udom, $fn, $newfilename, 'move');
+        } elsif ($env{'form.action'} eq 'delete') {
+	    &Delete1($r, $uname, $udom, $fn);
+        } elsif ($env{'form.action'} eq 'decompress') {
+	    &Decompress1($r, $uname, $udom, $fn);
+        } elsif ($env{'form.action'} eq 'copy') {
+	    if ($newfilename) {
+	        &Copy1($r, $uname, $udom, $fn, $newfilename);
+	    } else {
+                $r->print('<p class="LC_error">'
+                         .&mt('No new filename specified.')
+                         .'</p></form>'
+                );
+            }
+        } elsif ($env{'form.action'} eq 'newdir') {
+	    my $mode = '';
+	    if (exists($env{'form.callingmode'}) ) {
+	        $mode = $env{'form.callingmode'};
+	    }
+	    &NewDir1($r, $uname, $udom, $fn, $newfilename, $mode);
+        }
     }
 }
 
@@ -935,7 +1103,7 @@ sub Rename2 {
 	    return 0;
 	}
 	## If old name.(extension) exits, move under new name.
-	## If it doesn't exist and a new.(extension) exists  
+	## If it doesn't exist and a new.(extension) exists
 	## delete it (only concern when renaming over files)
 	my $tmp1=$oRN.'.meta';
 	my $tmp2=$nRN.'.meta';
@@ -966,7 +1134,12 @@ sub Rename2 {
 	    unlink $tmp2;
 	}
     } else {
-	$request->print("<p> ".&mt('No such file').": ".&display($oldfile).'</p></form>');
+        $request->print(
+            '<p class="LC_error">'
+           .&mt('No such file: [_1]',
+                &display($oldfile))
+           .'</p></form>'
+        );
 	return 0;
     }
     return 1;
@@ -976,7 +1149,7 @@ sub Rename2 {
 
 =item Delete2($request, $user, $filename)
 
-  Performs phase two of a delete.  The user has confirmed that they want 
+  Performs phase two of a delete.  The user has confirmed that they want
 to delete the selected file.   The file is deleted and the results of the
 delete attempt are indicated.
 
@@ -1003,18 +1176,18 @@ Returns:
 
 sub Delete2 {
     my ($request, $user, $filename) = @_;
-    if (-d $filename) { 
-	unless (&empty_directory($filename,'Delete2')) { 
-	    $request->print('<span class="LC_error">'.&mt('Error: Directory Non Empty').'</span>'); 
+    if (-d $filename) {
+	unless (&empty_directory($filename,'Delete2')) {
+	    $request->print('<span class="LC_error">'.&mt('Error: Directory Non Empty').'</span>');
 	    return 0;
-	} else {   
+	} else {
 	    if(-e $filename) {
 		unless(rmdir($filename)) {
 		    $request->print('<span class="LC_error">'.&mt('Error').': '.$!.'</span>');
 		    return 0;
 		}
 	    } else {
-		$request->print('<p> '.&mt('No such file').'. </p></form>');
+        	$request->print('<p class="LC_error">'.&mt('No such file').'</p></form>');
 		return 0;
 	    }
 	}
@@ -1025,7 +1198,7 @@ sub Delete2 {
 		return 0;
 	    }
 	} else {
-	    $request->print('<p> '.&mt('No such file').'. </p></form>');
+            $request->print('<p class="LC_error">'.&mt('No such file').'</p></form>');
 	    return 0;
 	}
     }
@@ -1036,7 +1209,7 @@ sub Delete2 {
 
 =item Copy2($request, $username, $dir, $oldfile, $newfile)
 
-   Performs phase 2 of a copy.  The file is copied and the status 
+   Performs phase 2 of a copy.  The file is copied and the status
    of that copy is reported back to the user.
 
 =over 4
@@ -1074,7 +1247,7 @@ sub Copy2 {
 	} elsif (!chmod(0660, $newfile)) {
 	    $request->print('<span class="LC_error">'.&mt('chmod error').': '.$!.'</span>');
 	    return 0;
-	} elsif (-e $oldfile.'.meta' && 
+	} elsif (-e $oldfile.'.meta' &&
 		 !copy($oldfile.'.meta', $newfile.'.meta') &&
 		 !chmod(0660, $newfile.'.meta')) {
 	    $request->print('<span class="LC_error">'.&mt('copy metadata error').
@@ -1084,7 +1257,7 @@ sub Copy2 {
 	    return 1;
 	}
     } else {
-	$request->print('<p> '.&mt('No such file').' </p>');
+        $request->print('<p class="LC_error">'.&mt('No such file').'</p>');
 	return 0;
     }
     return 1;
@@ -1114,7 +1287,7 @@ Returns 0 - failure 1 - success.
 
 sub NewDir2 {
     my ($request, $user, $newdirectory) = @_;
-  
+
     unless(mkdir($newdirectory, 02770)) {
 	$request->print('<span class="LC_error">'.&mt('Error').': '.$!.'</span>');
 	return 0;
@@ -1147,7 +1320,7 @@ sub decompress2 {
    is performed and the result is shown.
 
   The strategy is to break out the processing into specific action processors
-  named action2 where action is the requested action and the 2 denotes 
+  named action2 where action is the requested action and the 2 denotes
   phase 2 processing.
 
 Parameters:
@@ -1171,11 +1344,11 @@ Parameters:
 
 sub phasetwo {
     my ($r,$fn,$uname,$udom)=@_;
-    
+
     &Debug($r, "loncfile - Entering phase 2 for $fn");
-    
+
     # Break down the file into its component pieces.
-    
+
     my $dir;		# Directory path
     my $main;		# Filename.
     my $suffix;		# Extension.
@@ -1195,13 +1368,13 @@ sub phasetwo {
     &Debug($r,"    newfilename = ".$env{'form.newfilename'});
 
     my $conspace=$fn;
-    
+
     &Debug($r,"loncfile::phase2 Full construction space name: $conspace");
-    
+
     &Debug($r,"loncfie::phase2 action is $env{'form.action'}");
-    
+
     # Select the appropriate processing sub.
-    if ($env{'form.action'} eq 'decompress') { 
+    if ($env{'form.action'} eq 'decompress') {
 	$main .= '.'.$suffix;
 	if(!&decompress2($r, $uname, $dir, $main)) {
 	    return ;
@@ -1212,7 +1385,7 @@ sub phasetwo {
 	if($env{'form.newfilename'}) {
 	    if (!defined($dir)) {
 		$fn=~m:^(.*)/:;
-		$dir=$1; 
+		$dir=$1;
 	    }
 	    if(!&Rename2($r, $uname, $dir, $fn, $env{'form.newfilename'})) {
 		return;
@@ -1223,7 +1396,7 @@ sub phasetwo {
 	    $disp_newname = $1;
 	    $disp_newname =~ s/\///;
 	}
-    } elsif ($env{'form.action'} eq 'delete') { 
+    } elsif ($env{'form.action'} eq 'delete') {
 	if(!&Delete2($r, $uname, $env{'form.newfilename'})) {
 	    return ;
 	}
@@ -1231,14 +1404,14 @@ sub phasetwo {
 	# previously held it.
 	#
 	$dest = $dir."/.";		# Parent dir.
-    } elsif ($env{'form.action'} eq 'copy') { 
+    } elsif ($env{'form.action'} eq 'copy') {
 	if($env{'form.newfilename'}) {
 	    if(!&Copy2($r, $uname, $dir, $fn, $env{'form.newfilename'})) {
 		return ;
 	    }
 	    $dest = $env{'form.newfilename'};
      	} else {
-	    $r->print('<p>'.&mt('No New filename specified').'</p></form>');
+            $r->print('<p class="LC_error">'.&mt('No New filename specified').'</p></form>');
 	    return;
 	}
 	
@@ -1250,13 +1423,21 @@ sub phasetwo {
 	$dest = $newdir."/";
     }
     if ( ($env{'form.action'} eq 'newdir') && ($env{'form.phase'} eq 'two') && ( ($env{'form.callingmode'} eq 'testbank') || ($env{'form.callingmode'} eq 'imsimport') ) ) {
-	$r->print('<h3><a href="javascript:self.close()">'.&mt('Done').'</a></h3>');
+        $r->print(
+            '<p>'
+           .&Apache::lonhtmlcommon::confirm_success(&mt('Done'))
+           .'<br /><a href="javascript:self.close()">'.&mt('Continue').'</a>'
+           .'</p>'
+        );
     } else {
         if ($env{'form.action'} eq 'rename') {
-            $r->print('<h3><a href="'.&url($dest).'">'.&mt('Return to Directory').'</a></h3>');
-            $r->print('<h3><a href="'.&url($dest_newname).'">'.$disp_newname.'</a></h3>');
+            $r->print(
+                 '<p>'.&Apache::lonhtmlcommon::confirm_success(&mt('Done')).'</p>'
+                .&Apache::lonhtmlcommon::actionbox(
+                     ['<a href="'.&url($dest).'">'.&mt('Return to Directory').'</a>',
+                      '<a href="'.&url($dest_newname).'">'.$disp_newname.'</a>']));
         } else {
-	    $r->print('<h3><a href="'.&url($dest).'">'.&mt('Done').'</a></h3>');
+	    $r->print(&done($dest));
 	}
     }
 }
@@ -1265,7 +1446,7 @@ sub handler {
 
     $r=shift;
 
-    &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['decompress','action','filename','newfilename']);
+    &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['decompress','action','filename','newfilename','mode']);
 
     &Debug($r, "loncfile.pm - handler entered");
     &Debug($r, " filename: ".$env{'form.filename'});
@@ -1281,7 +1462,7 @@ sub handler {
 	&Debug($r, "test: $env{'form.filename'}");
 	$fn=&unescape($env{'form.filename'});
 	$fn=&URLToPath($fn);
-    }  elsif($ENV{'QUERY_STRING'} && $env{'form.phase'} ne 'two') {  
+    }  elsif($ENV{'QUERY_STRING'} && $env{'form.phase'} ne 'two') {
 	#Just hijack the script only the first time around to inject the
 	#correct information for further processing
 	$fn=&unescape($env{'form.decompress'});
@@ -1292,30 +1473,27 @@ sub handler {
     } else {
 	&Debug($r, "loncfile::handler - no form.filename");
 	$r->log_reason($env{'user.name'}.' at '.$env{'user.domain'}.
-		       ' unspecified filename for cfile', $r->filename); 
+		       ' unspecified filename for cfile', $r->filename);
 	return HTTP_NOT_FOUND;
     }
 
-    unless ($fn) { 
+    unless ($fn) {
 	&Debug($r, "loncfile::handler - doctored url is empty");
 	$r->log_reason($env{'user.name'}.' at '.$env{'user.domain'}.
-		       ' trying to cfile non-existing file', $r->filename); 
+		       ' trying to cfile non-existing file', $r->filename);
 	return HTTP_NOT_FOUND;
-    } 
+    }
 
 # ----------------------------------------------------------- Start page output
-    my $uname;
-    my $udom;
 
-    ($uname,$udom)=
-	&Apache::loncacc::constructaccess($fn,$r->dir_config('lonDefDomain'));
-    &Debug($r, 
+    my ($uname,$udom) = &Apache::lonnet::constructaccess($fn);
+    &Debug($r,
 	   "loncfile::handler constructaccess uname = $uname domain = $udom");
-    unless (($uname) && ($udom)) {
+    if (($uname eq '') || ($udom eq '')) {
 	$r->log_reason($uname.' at '.$udom.
 		       ' trying to manipulate file '.$env{'form.filename'}.
-		       ' ('.$fn.') - not authorized', 
-		       $r->filename); 
+		       ' ('.$fn.') - not authorized',
+		       $r->filename);
 	return HTTP_NOT_ACCEPTABLE;
     }
 
@@ -1330,57 +1508,113 @@ sub handler {
 	$js = qq|
 <script type="text/javascript">
 function writeDone() {
-    var winName = window.opener
     window.focus();
-    winName.document.dataForm.newdir.value = "$newdirname"
-    setTimeout("self.close()",10000)
+    opener.document.info.newdir.value = "$newdirname";
+    setTimeout("self.close()",10000);
 }
   </script>
 |;
 	$loaditem{'onload'} = "writeDone()";
     }
-    
-    $r->print(&Apache::loncommon::start_page('Construction Space File Operation',
+
+    my $londocroot = $r->dir_config('lonDocRoot');
+    my $trailfile = $fn;
+    $trailfile =~ s{^/(priv/)}{$londocroot/$1};
+
+    # Breadcrumbs
+    my $crsauthor;
+    my $text = 'Authoring Space';
+    my $title = 'Authoring Space File Operation',
+    my $href = &Apache::loncommon::authorspace(&url($fn));
+    if ($env{'request.course.id'}) {
+        my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
+        my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
+        if ($href eq "/priv/$cdom/$cnum/") {
+            $text = 'Course Authoring Space';
+            $title = 'Course Authoring Space File Operation',
+            $crsauthor = 1;
+        }
+    }
+    &Apache::lonhtmlcommon::clear_breadcrumbs();
+    &Apache::lonhtmlcommon::add_breadcrumb({
+        'text'  => $text,
+        'href'  => $href,
+    });
+    &Apache::lonhtmlcommon::add_breadcrumb({
+        'text'  => 'File Operation',
+        'title' => $title,
+        'href'  => '',
+    });
+
+    $r->print(&Apache::loncommon::start_page($title,
 					     $js,
-					     {'add_entries' => \%loaditem,}));
-  
-    $r->print('<h3>'.&mt('Location').': '.&display($fn).'</h3>');
-  
+					     {'add_entries' => \%loaditem,})
+             .&Apache::lonhtmlcommon::breadcrumbs()
+             .&Apache::loncommon::head_subbox(
+                  &Apache::loncommon::CSTR_pageheader($trailfile))
+    );
+
+    $r->print('<p>'.&mt('Location').': '.&display($fn).'</p>');
+
     if (($uname ne $env{'user.name'}) || ($udom ne $env{'user.domain'})) {
-	$r->print('<h3><span class="LC_error">'.&mt('Co-Author').': '.$uname.' at '.$udom.
-		  '</span></h3>');
+        unless ($crsauthor) {
+            $r->print('<p class="LC_info">'
+                     .&mt('Co-Author [_1]',$uname.':'.$udom)
+                     .'</p>'
+            );
+        }
     }
 
 
     &Debug($r, "loncfile::handler Form action is $env{'form.action'} ");
-    if ($env{'form.action'} eq 'delete') {
-      	$r->print('<h3>'.&mt('Delete').'</h3>');
-    } elsif ($env{'form.action'} eq 'rename') {
-	$r->print('<h3>'.&mt('Rename').'</h3>');
-    } elsif ($env{'form.action'} eq 'move') {
-	$r->print('<h3>'.&mt('Move').'</h3>');
-    } elsif ($env{'form.action'} eq 'newdir') {
-	$r->print('<h3>'.&mt('New Directory').'</h3>');
-    } elsif ($env{'form.action'} eq 'decompress') {
-	$r->print('<h3>'.&mt('Decompress').'</h3>');
-    } elsif ($env{'form.action'} eq 'copy') {
-	$r->print('<h3>'.&mt('Copy').'</h3>');
-    } elsif ($env{'form.action'} eq 'newfile' ||
-	     $env{'form.action'} eq 'newhtmlfile' ||
-	     $env{'form.action'} eq 'newproblemfile' ||
-	     $env{'form.action'} eq 'newpagefile' ||
-	     $env{'form.action'} eq 'newsequencefile' ||
-	     $env{'form.action'} eq 'newrightsfile' ||
-	     $env{'form.action'} eq 'newstyfile' ||
-	     $env{'form.action'} eq 'newtaskfile' ||
-             $env{'form.action'} eq 'newlibraryfile' ||
-	     $env{'form.action'} eq 'Select Action' ) {
-	$r->print('<h3>'.&mt('New Resource').'</h3>');
+    my %action = &Apache::lonlocal::texthash(
+        'delete'          => 'Delete',
+        'rename'          => 'Rename',
+        'move'            => 'Move',
+        'newdir'          => 'New Directory',
+        'decompress'      => 'Decompress',
+        'copy'            => 'Copy',
+        'newfile'         => 'New Resource',
+	'newhtmlfile'     => 'New Resource',
+	'newproblemfile'  => 'New Resource',
+	'newpagefile'     => 'New Resource',
+	'newsequencefile' => 'New Resource',
+	'newrightsfile'   => 'New Resource',
+	'newstyfile'      => 'New Resource',
+	'newtaskfile'     => 'New Resource',
+        'newlibraryfile'  => 'New Resource',
+	'Select Action'   => 'New Resource',
+    );
+    if ($action{$env{'form.action'}}) {
+        if ($crsauthor) {
+            my @disallowed = qw(page sequence rights library);
+            my $newtype;
+            if ($env{'form.action'} =~ /^new(\w+)file$/) {
+                $newtype = $1;
+            } elsif ($env{'form.action'} eq 'newfile') {
+                ($newtype) = ($env{'form.newfilename'} =~ m{\.([^/.]+)$});
+                $newtype = lc($newtype);
+            }
+            if (($newtype ne '') &&
+                (grep(/^\Q$newtype\E$/,@disallowed))) {
+                $r->print('<p class="LC_error">'
+                         .&mt('Creation of a new file of type: [_1] is not permitted in Course Authoring Space',$newtype)
+                         .'</p>'
+                         .&Apache::loncommon::end_page()
+                );
+                return OK;
+            }
+        }
+        $r->print('<h2>'.$action{$env{'form.action'}}.'</h2>');
     } else {
-	$r->print('<p>'.&mt('Unknown Action').' '.$env{'form.action'}.' </p>'.
-		  &Apache::loncommon::end_page());
-	return OK;  
+        $r->print('<p class="LC_error">'
+                 .&mt('Unknown Action: [_1]',$env{'form.action'})
+                 .'</p>'
+                 .&Apache::loncommon::end_page()
+        );
+        return OK;
     }
+
     if ($env{'form.phase'} eq 'two') {
 	&Debug($r, "loncfile::handler  entering phase2");
 	&phasetwo($r,$fn,$uname,$udom);
@@ -1390,7 +1624,7 @@ function writeDone() {
     }
 
     $r->print(&Apache::loncommon::end_page());
-    return OK;  
+    return OK;
 }
 
 1;