|
version 1.56, 2004/05/26 22:31:30
|
version 1.60, 2004/08/20 16:29:15
|
|
Line 289 sub checksuffix {
|
Line 289 sub checksuffix {
|
| } |
} |
| |
|
| sub cleanDest { |
sub cleanDest { |
| my ($request,$dest)=@_; |
my ($request,$dest,$subdir)=@_; |
| #remove bad characters |
#remove bad characters |
| if ($dest=~/[\#\?&%]/) { |
my $foundbad=0; |
| |
if ($subdir && $dest =~/\./) { |
| |
$foundbad=1; |
| |
$dest=~s/\.//g; |
| |
} |
| |
if ($dest=~/[\#\?&%\"]/) { |
| |
$foundbad=1; |
| |
$dest=~s/[\#\?&%\"]//g; |
| |
} |
| |
if ($foundbad) { |
| $request->print("<p><font color=\"red\">".&mt('Invalid characters in requested name have been removed.')."</font></p>"); |
$request->print("<p><font color=\"red\">".&mt('Invalid characters in requested name have been removed.')."</font></p>"); |
| $dest=~s/[\#\?&%]//g; |
|
| } |
} |
| return $dest; |
return $dest; |
| } |
} |
|
Line 750 performed and reported to the user.
|
Line 758 performed and reported to the user.
|
| sub phaseone { |
sub phaseone { |
| my ($r,$fn,$uname,$udom)=@_; |
my ($r,$fn,$uname,$udom)=@_; |
| |
|
| my $newfilename=&cleanDest($r,$ENV{'form.newfilename'}); |
my $doingdir=0; |
| |
if ($ENV{'form.action'} eq 'newdir') { $doingdir=1; } |
| |
my $newfilename=&cleanDest($r,$ENV{'form.newfilename'},$doingdir); |
| $newfilename=&relativeDest($fn,$newfilename,$uname); |
$newfilename=&relativeDest($fn,$newfilename,$uname); |
| $r->print('<form action="/adm/cfile" method="post">'. |
$r->print('<form action="/adm/cfile" method="post">'. |
| '<input type="hidden" name="qualifiedfilename" value="'.$fn.'" />'. |
'<input type="hidden" name="qualifiedfilename" value="'.$fn.'" />'. |
|
Line 1156 sub handler {
|
Line 1166 sub handler {
|
| |
|
| $r=shift; |
$r=shift; |
| |
|
| |
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['decompress','action','filename','newfilename']); |
| |
|
| &Debug($r, "loncfile.pm - handler entered"); |
&Debug($r, "loncfile.pm - handler entered"); |
| &Debug($r, " filename: ".$ENV{'form.filename'}); |
&Debug($r, " filename: ".$ENV{'form.filename'}); |
|
Line 1174 sub handler {
|
Line 1185 sub handler {
|
| } elsif($ENV{'QUERY_STRING'} && $ENV{'form.phase'} ne 'two') { |
} elsif($ENV{'QUERY_STRING'} && $ENV{'form.phase'} ne 'two') { |
| #Just hijack the script only the first time around to inject the |
#Just hijack the script only the first time around to inject the |
| #correct information for further processing |
#correct information for further processing |
| &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['decompress']); |
|
| $fn=&Apache::lonnet::unescape($ENV{'form.decompress'}); |
$fn=&Apache::lonnet::unescape($ENV{'form.decompress'}); |
| $fn=&URLToPath($fn); |
$fn=&URLToPath($fn); |
| $ENV{'form.action'}="decompress"; |
$ENV{'form.action'}="decompress"; |
![[BACK]](/icons/back.gif){kind=icon}
Return to loncfile.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / publisher