--- loncom/publisher/lonupload.pm 2001/04/05 19:35:15 1.1 +++ loncom/publisher/lonupload.pm 2011/11/07 13:38:45 1.53.2.1 @@ -1,164 +1,568 @@ + # The LearningOnline Network with CAPA # Handler to upload files into construction space # -# (Handler to retrieve an old version of a file +# $Id: lonupload.pm,v 1.53.2.1 2011/11/07 13:38:45 raeburn Exp $ +# +# Copyright Michigan State University Board of Trustees +# +# This file is part of the LearningOnline Network with CAPA (LON-CAPA). # -# (Publication Handler -# -# (TeX Content Handler +# LON-CAPA is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. # -# 05/29/00,05/30,10/11 Gerd Kortemeyer) +# LON-CAPA is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. # -# 11/28,11/29,11/30,12/01,12/02,12/04,12/23 Gerd Kortemeyer -# 03/23 Guy Albertelli -# 03/24,03/29 Gerd Kortemeyer) +# You should have received a copy of the GNU General Public License +# along with LON-CAPA; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # -# 03/31,04/03 Gerd Kortemeyer) +# /home/httpd/html/adm/gpl.txt # -# 04/05 Gerd Kortemeyer +# http://www.lon-capa.org/ +# +### + +=head1 NAME + +Apache::lonupload - upload files into construction space + +=head1 SYNOPSIS + +Invoked by /etc/httpd/conf/srm.conf: + + + PerlAccessHandler Apache::lonacc + SetHandler perl-script + PerlHandler Apache::lonupload + ErrorDocument 403 /adm/login + ErrorDocument 404 /adm/notfound.html + ErrorDocument 406 /adm/unauthorized.html + ErrorDocument 500 /adm/errorhandler + + +=head1 INTRODUCTION + +This module uploads a file sitting on a client computer into +library server construction space. + +This is part of the LearningOnline Network with CAPA project +described at http://www.lon-capa.org. + +=head1 HANDLER SUBROUTINE + +This routine is called by Apache and mod_perl. + +=over 4 + +=item * + +Initialize variables + +=item * + +Start page output + +=item * + +output relevant interface phase (phaseone, phasetwo, phasethree or phasefour) + +=item * + +(phase one is to specify upload file; phase two is to handle conditions +subsequent to specification--like overwriting an existing file; phase three +is to handle processing of secondary uploads - of embedded objects in an +html file). + +=back + +=head1 OTHER SUBROUTINES + +=over + +=item phaseone() + +Interface for specifying file to upload. + +=item phasetwo() + +Interface for handling post-conditions about uploading (such +as overwriting an existing file). + +=item phasethree() + +Interface for handling secondary uploads of embedded objects +in an html file. + +=item phasefour() + +Interface for handling optional renaming of links to embedded +objects. + +=item upfile_store() + +Store contents of uploaded file into temporary space. Invoked +by phaseone subroutine. + +=item check_extension() + +Checks if filename extension is permitted and checks type + of file - if html file, calls parser to check for embedded objects. + Invoked by phasetwo subroutine. + +=back + +=cut package Apache::lonupload; use strict; use Apache::File; use File::Copy; +use File::Basename; use Apache::Constants qw(:common :http :methods); +use Apache::loncacc; +use Apache::loncommon(); +use Apache::lonnet; +use HTML::Entities(); +use Apache::lonlocal; +use Apache::lonnet; +use LONCAPA(); + +my $DEBUG=0; + +sub Debug { + # Put out the indicated message but only if DEBUG is true. + if ($DEBUG) { + my ($r,$message) = @_; + $r->log_reason($message); + } +} + +sub upfile_store { + my $r=shift; + + my $fname=$env{'form.upfile.filename'}; + $fname=~s/\W//g; + + chomp($env{'form.upfile'}); + + my $datatoken=$env{'user.name'}.'_'.$env{'user.domain'}. + '_upload_'.$fname.'_'.time.'_'.$$; + { + my $fh=Apache::File->new('>'.$r->dir_config('lonDaemons'). + '/tmp/'.$datatoken.'.tmp'); + print $fh $env{'form.upfile'}; + } + return $datatoken; +} sub phaseone { - my ($r,$fn,$uname,$udom)=@_; - my $docroot=$r->dir_config('lonDocRoot'); + my ($r,$fn,$uname,$udom,$mode)=@_; + my $action = '/adm/upload'; + if ($mode eq 'testbank') { + $action = '/adm/testbank'; + } elsif ($mode eq 'imsimport') { + $action = '/adm/imsimport'; + } - my $urldir='/res/'.$udom.'/'.$uname.$fn; - $urldir=~s/\/[^\/]+$/\//; + # Check for file to be uploaded + $env{'form.upfile.filename'}=~s/\\/\//g; + $env{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/; + if (!$env{'form.upfile.filename'}) { + $r->print('

'.&mt('No upload file specified.').'

'); + return; + } - my $resfn=$docroot.'/res/'.$udom.'/'.$uname.$fn; - my $resdir=$resfn; - $resdir=~s/\/[^\/]+$/\//; - - $fn=~/^\/(.+)\.(\w+)$/; - my $main=$1; - my $suffix=$2; - - $r->print('
'. - ''. - ''. - ''. - ''. - ''); - my $filename; - opendir(DIR,$resdir); - while ($filename=readdir(DIR)) { - if ($filename=~/^$main\.(\d+)\.$suffix$/) { - my $version=$1; - my ($rdev,$rino,$rmode,$rnlink, - $ruid,$rgid,$rrdev,$rsize, - $ratime,$rmtime,$rctime, - $rblksize,$rblocks)=stat($resdir.'/'.$filename); - $r->print(''); - } + $fn=~s/\/[^\/]+$//; + $fn=~s/([^\/])$/$1\//; + $fn.=$env{'form.upfile.filename'}; + $fn=~s/^\///; + $fn=~s/(\/)+/\//g; + # Fn is the full path to the destination filename. + + # Check for illegal filename + &Debug($r, "Filename for upload: $fn"); + if (!(($fn) && ($fn!~/\/$/))) { + $r->print('

'.&mt('Illegal filename.').'

'); + return; + } + + # Display additional options for upload + # and upload button + $r->print( + '' + .'' + .'' + .'' + ); + $r->print( + &Apache::lonhtmlcommon::start_pick_box() + .&Apache::lonhtmlcommon::row_title(&mt('Save uploaded file as')) + .'/priv/'.$uname.'/' + .'' + .&Apache::lonhtmlcommon::row_closure() + .&Apache::lonhtmlcommon::row_title(&mt('File Type')) + .''.&Apache::loncommon::help_open_topic("Uploading_File_Options") + .&Apache::lonhtmlcommon::row_closure(1) + .&Apache::lonhtmlcommon::end_pick_box() + ); + $r->print( + '

' + .'' + .'

' + .'' + ); + + # Check for bad extension and warn user + if ($fn=~/\.(\w+)$/ && + (&Apache::loncommon::fileembstyle($1) eq 'hdn')) { + $r->print('

' + .&mt('The extension on this file, [_1], is reserved internally by LON-CAPA.', + ''.$1.'') + .'
'.&mt('Please change the extension.') + .'

'); + } elsif($fn=~/\.(\w+)$/ && + !defined(&Apache::loncommon::fileembstyle($1))) { + $r->print('

' + .&mt('The extension on this file, [_1], is not recognized by LON-CAPA.', + ''.$1.'') + .'
'.&mt('Please change the extension.') + .'

'); } - closedir(DIR); - my ($rdev,$rino,$rmode,$rnlink, - $ruid,$rgid,$rrdev,$rsize, - $ratime,$rmtime,$rctime, - $rblksize,$rblocks)=stat($resfn); - $r->print(''. - '
SelectVersionBecame this version on ...Metadata
'.$version.''. - localtime($rmtime).''. - ''. - 'Metadata Version '.$version.'
Current'.localtime($rmtime). - ''. - 'Metadata current version

'. - 'Retrieval of an old version will '. - 'overwrite the file currently in construction space

'. - ''); } sub phasetwo { - my ($r,$fn,$uname,$udom)=@_; - if ($ENV{'form.version'}) { - my $version=$ENV{'form.version'}; - if ($version eq 'new') { - $r->print('

Retrieving current (most recent) version

'); + my ($r,$tfn,$uname,$udom,$mode)=@_; + my $output; + my $action = '/adm/upload'; + my $returnflag = ''; + if ($mode eq 'testbank') { + $action = '/adm/testbank'; + } elsif ($mode eq 'imsimport') { + $action = '/adm/imsimport'; + } + my $fn='/priv/'.$uname.'/'.$tfn; + $fn=~s/\/+/\//g; + &Debug($r, "Filename is ".$tfn); + if ($tfn) { + &Debug($r, "Filename for tfn = ".$tfn); + my $target='/home/'.$uname.'/public_html'.$tfn; + &Debug($r, "target -> ".$target); +# target is the full filesystem path of the destination file. + my $base = &File::Basename::basename($fn); + my $path = &File::Basename::dirname($fn); + $base = &HTML::Entities::encode($base,'<>&"'); + my $url = $path."/".$base; + &Debug($r, "URL is now ".$url); + my $datatoken=$env{'form.datatoken'}; + if (($fn) && ($datatoken)) { + if ($env{'form.cancel'}) { + my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp'; + my $dirpath=$path.'/'; + $dirpath=~s/\/+/\//g; + $output .= '

'.&mt('Upload cancelled.').'

' + .'

'. + &mt('Back to Directory').'

'; + } elsif ((-e $target) && (!$env{'form.override'})) { + $output .= '
' + .'

' + .&mt('File [_1] already exists.', + ''.$fn.'') + .'' + .'' + .'' + .'

' + .'' + .' ' + .'

' + .'
'; + } else { + my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp'; + my $dirpath=$path.'/'; + $dirpath=~s/\/+/\//g; + # Check for bad extension and disallow upload + my $result; + ($result,$returnflag) = &check_extension($fn,$mode,$source,$target,$action,$dirpath,$url); + $output .= $result; + } + } else { + $output .= ''. + &mt('Please use browser "Back" button and pick a filename'). + '
'; + } + } else { + $output .= ''. + &mt('Please use browser "Back" button and pick a filename'). + '
'; + } + return ($output,$returnflag); +} + +sub check_extension { + my ($fn,$mode,$source,$target,$action,$dirpath,$url) = @_; + my ($result,$returnflag); + # Check for bad extension and disallow upload + if ($fn=~/\.(\w+)$/ && + (&Apache::loncommon::fileembstyle($1) eq 'hdn')) { + $result .= '

'. + &mt('File [_1] could not be copied.', + ''.$fn.' '). + '
'. + &mt('The extension on this file is reserved internally by LON-CAPA.'). + '

'; + } elsif ($fn=~/\.(\w+)$/ && + !defined(&Apache::loncommon::fileembstyle($1))) { + $result .= '

'. + &mt('File [_1] could not be copied.', + ''.$fn.' '). + '
'. + &mt('The extension on this file is not recognized by LON-CAPA.'). + '

'; + } elsif (-d $target) { + $result .= '

'. + &mt('File [_1] could not be copied.', + ''.$fn.''). + '
'. + &mt('The target is an existing directory.'). + '

'; + } elsif (copy($source,$target)) { + chmod(0660, $target); # Set permissions to rw-rw---. + if ($mode eq 'testbank' || $mode eq 'imsimport') { + $returnflag = 'ok'; + $result .= '

' + .&mt('Your file - [_1] - was uploaded successfully.', + ''.$fn.'') + .'

'; } else { - $r->print('

Retrieving old version '.$version.'

'); - } - my $logfile; - my $ctarget='/home/'.$uname.'/public_html'.$fn; - my $vfn=$fn; - if ($version ne 'new') { - $vfn=~s/\.(\w+)$/\.$version\.$1/; + $result .= '

' + .&mt('File copied.') + .'

'; } - my $csource=$r->dir_config('lonDocRoot').'/res/'.$udom.'/'.$uname.$vfn; - unless ($logfile=Apache::File->new('>>'.$ctarget.'.log')) { - $r->print( - 'No write permission to user directory, FAIL'); + # Check for embedded objects. + my (%allfiles,%codebase); + my ($text,$header,$css,$js); + if (($mode ne 'imsimport') && ($target =~ /\.(htm|html|shtml)$/i)) { + my (%allfiles,%codebase); + &Apache::lonnet::extract_embedded_items($target,\%allfiles,\%codebase); + if (keys(%allfiles) > 0) { + my ($currentpath) = ($url =~ m{^(.+)/[^/]+$}); + my $state = &embedded_form_elems('upload_embedded',$url,$mode); + my ($embedded,$num,$pathchg) = + &Apache::loncommon::ask_for_embedded_content($action,$state,\%allfiles, + \%codebase, + {'error_on_invalid_names' => 1, + 'ignore_remote_references' => 1, + 'current_path' => $currentpath}); + if ($embedded) { + $result .= '

'.&mt('Reference Warning').'

'; + if ($num) { + $result .= '

'.&mt('Completed upload of the file.').' '.&mt('This file contained references to other files.').'

'. + '

'.&mt('Please select the locations from which the referenced files are to be uploaded.').'

'. + $embedded; + if ($mode eq 'testbank') { + $returnflag = 'embedded'; + $result .= '

'.&mt('Or [_1]continue[_2] the testbank import without these files.','','').'

'; + } + } else { + $result .= '

'.&mt('Completed upload of the file.').'

'.$embedded; + if ($pathchg) { + if ($mode eq 'testbank') { + $returnflag = 'embedded'; + $result .= '

'.&mt('Or [_1]continue[_2] the testbank import without modifying the references(s).','','').'

'; + } + } + } + } + } } - print $logfile -"\n\n================= Retrieve ".localtime()." ================\n". -"Version: $version\nSource: $csource\nTarget: $ctarget\n"; - $r->print('

Copying file: '); - if (copy($csource,$ctarget)) { - $r->print('ok

'); - print $logfile "Copied sucessfully.\n\n"; - } else { - my $error=$!; - $r->print('fail, '.$error.'

'); - print $logfile "Copy failed: $error\n\n"; + if (($mode ne 'imsimport') && ($mode ne 'testbank')) { + $result .= '
'. + &mt('View file').''; } - $r->print('Back to '.$fn.''); } else { - $r->print( - 'Please pick a version to retrieve

'); - &phaseone($r,$fn,$uname,$udom); + $result .= &mt('Failed to copy: [_1].',$!); + } + if ($mode ne 'imsimport' && $mode ne 'testbank') { + $result .= '
'. + &mt('Back to Directory').'
'; + } + return ($result,$returnflag); +} + +sub phasethree { + my ($r,$fn,$uname,$udom,$mode) = @_; + my $action = '/adm/upload'; + if ($mode eq 'testbank') { + $action = '/adm/testbank'; + } elsif ($mode eq 'imsimport') { + $action = '/adm/imsimport'; + } + my $dir_root = '/home/'.$uname.'/public_html'; + my $url_root = '/priv/'.$uname; + my $path = &File::Basename::dirname($fn); + my $filename = &HTML::Entities::encode($env{'form.filename'},'<>&"'); + my $state = &embedded_form_elems('modify_orightml',$filename,$mode). + ''; + my ($result,$returnflag) = + &Apache::loncommon::upload_embedded($mode,$path,$uname,$udom, + $dir_root,$url_root,undef, + undef,undef,$state,$action); + if ($mode ne 'imsimport' && $mode ne 'testbank') { + $result .= '

'. + &mt('View main file').'

'. + '

'. + &mt('Back to Directory').'


'; + } + return ($result,$returnflag); +} + +sub embedded_form_elems { + my ($action,$filename,$mode) = @_; + return < + + +STATE +} + +sub phasefour { + my ($r,$fn,$uname,$udom,$mode) = @_; + my $action = '/adm/upload'; + if ($mode eq 'testbank') { + $action = '/adm/testbank'; + } elsif ($mode eq 'imsimport') { + $action = '/adm/imsimport'; + } + my $result; + my $dir_root = '/home/'.$uname.'/public_html'; + my $url_root = '/priv/'.$uname; + my $path = &File::Basename::dirname($fn); + $result .= &Apache::loncommon::modify_html_refs($mode,$path, + $uname,$udom,$dir_root); + if ($mode ne 'imsimport' && $mode ne 'testbank') { + $result .= '

'. + &mt('View main file').'

'. + '

'. + &mt('Back to Directory').'


'; } + return $result; } +# ---------------------------------------------------------------- Main Handler sub handler { - my $r=shift; + my $r=shift; - my $fn; + my $uname; + my $udom; + my $javascript = ''; +# +# phase two: re-attach user +# + if ($env{'form.uploaduname'}) { + $env{'form.filename'}='/priv/'.$env{'form.uploaduname'}.'/'. + $env{'form.filename'}; + } - if ($ENV{'form.filename'}) { - $fn=$ENV{'form.filename'}; - $fn=~s/^http\:\/\/[^\/]+\/\~(\w+)//; - } else { - $r->log_reason($ENV{'user.name'}.' at '.$ENV{'user.domain'}. - ' unspecified filename for retrieval', $r->filename); - return HTTP_NOT_FOUND; - } - - unless ($fn) { - $r->log_reason($ENV{'user.name'}.' at '.$ENV{'user.domain'}. - ' trying to retrieve non-existing file', $r->filename); - return HTTP_NOT_FOUND; - } + unless ($env{'form.phase'} eq 'two') { + $javascript = qq| +function verifyForm() { + var mode = document.fileupload.filetype.options[document.fileupload.filetype.selectedIndex].value + if (mode == "testbank") { + document.fileupload.action = "/adm/testbank"; + } + if (mode == "imsimport") { + document.fileupload.action = "/adm/imsimport"; + } + if (mode == "standard") { + document.fileupload.action = "/adm/upload"; + } + document.fileupload.submit(); +} + |; + } + ($uname,$udom)= + &Apache::loncacc::constructaccess($env{'form.filename'}, + $r->dir_config('lonDefDomain')); + + unless (($uname) && ($udom)) { + $r->log_reason($uname.' at '.$udom. + ' trying to publish file '.$env{'form.filename'}. + ' - not authorized', + $r->filename); + return HTTP_NOT_ACCEPTABLE; + } + + my ($fn,$trailfile); + if ($env{'form.filename'}) { + $fn=$env{'form.filename'}; + $fn=~s/^https?\:\/\/[^\/]+\///; + $fn=~s/^\///; + $fn=~s{(~|priv/)($LONCAPA::username_re)}{}; + $fn=~s/\/+/\//g; + $trailfile = "/home/$uname/public_html/".$trailfile; + $trailfile=~s{//+}{/}g; + } else { + $r->log_reason($env{'user.name'}.' at '.$env{'user.domain'}. + ' unspecified filename for upload', $r->filename); + return HTTP_NOT_FOUND; + } # ----------------------------------------------------------- Start page output - my $uname=$ENV{'user.name'}; - my $udom=$ENV{'user.domain'}; - $r->content_type('text/html'); - $r->send_http_header; + &Apache::loncommon::content_type($r,'text/html'); + $r->send_http_header; - $r->print('LON-CAPA Construction Space'); - - $r->print( - ''); + $javascript = "\n"; + # Breadcrumbs + my $brcrum = [{'href' => &Apache::loncommon::authorspace(), + 'text' => 'Construction Space'}, + {'href' => '/adm/upload', + 'text' => 'Upload file to Construction Space'}]; + $r->print(&Apache::loncommon::start_page('Upload file to Construction Space', + $javascript, + {'bread_crumbs' => $brcrum,}) + .&Apache::loncommon::head_subbox( + &Apache::loncommon::CSTR_pageheader($trailfile)) + ); - $r->print('

Retrieve previous versions of '.$fn.'

'); - - if ($ENV{'form.phase'} eq 'two') { - &phasetwo($r,$fn,$uname,$udom); - } else { - &phaseone($r,$fn,$uname,$udom); - } + if (($uname ne $env{'user.name'}) || ($udom ne $env{'user.domain'})) { + $r->print('

' + .&mt('Co-Author [_1]',$uname.':'.$udom) + .'

' + ); + } + if ($env{'form.phase'} eq 'four') { + my $output = &phasefour($r,$fn,$uname,$udom,'author'); + $r->print($output); + } elsif ($env{'form.phase'} eq 'three') { + my ($output,$rtnflag) = &phasethree($r,$fn,$uname,$udom,'author'); + $r->print($output); + } elsif ($env{'form.phase'} eq 'two') { + my ($output,$returnflag) = &phasetwo($r,$fn,$uname,$udom); + $r->print($output); + } else { + &phaseone($r,$fn,$uname,$udom); + } - $r->print(''); - return OK; + $r->print(&Apache::loncommon::end_page()); + return OK; } + +1; +__END__ + +