--- loncom/publisher/lonupload.pm 2007/05/02 01:34:23 1.35 +++ loncom/publisher/lonupload.pm 2011/11/14 00:20:31 1.59 @@ -1,8 +1,7 @@ - # The LearningOnline Network with CAPA # Handler to upload files into construction space # -# $Id: lonupload.pm,v 1.35 2007/05/02 01:34:23 albertel Exp $ +# $Id: lonupload.pm,v 1.59 2011/11/14 00:20:31 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -28,6 +27,97 @@ # ### +=head1 NAME + +Apache::lonupload - upload files into construction space + +=head1 SYNOPSIS + +Invoked by /etc/httpd/conf/srm.conf: + + + PerlAccessHandler Apache::lonacc + SetHandler perl-script + PerlHandler Apache::lonupload + ErrorDocument 403 /adm/login + ErrorDocument 404 /adm/notfound.html + ErrorDocument 406 /adm/unauthorized.html + ErrorDocument 500 /adm/errorhandler + + +=head1 INTRODUCTION + +This module uploads a file sitting on a client computer into +library server construction space. + +This is part of the LearningOnline Network with CAPA project +described at http://www.lon-capa.org. + +=head1 HANDLER SUBROUTINE + +This routine is called by Apache and mod_perl. + +=over 4 + +=item * + +Initialize variables + +=item * + +Start page output + +=item * + +output relevant interface phase (phaseone, phasetwo, phasethree or phasefour) + +=item * + +(phase one is to specify upload file; phase two is to handle conditions +subsequent to specification--like overwriting an existing file; phase three +is to handle processing of secondary uploads - of embedded objects in an +html file). + +=back + +=head1 OTHER SUBROUTINES + +=over + +=item phaseone() + +Interface for specifying file to upload. + +=item phasetwo() + +Interface for handling post-conditions about uploading (such +as overwriting an existing file). + +=item phasethree() + +Interface for handling secondary uploads of embedded objects +in an html file. + +=item phasefour() + +Interface for handling optional renaming of links to embedded +objects. + +=item upfile_store() + +Store contents of uploaded file into temporary space. Invoked +by phaseone subroutine. + +=item check_extension() + +Checks if filename extension is permitted and checks type + of file - if html file, calls parser to check for embedded objects. + Invoked by phasetwo subroutine. + +=back + +=cut + package Apache::lonupload; use strict; @@ -71,71 +161,87 @@ sub upfile_store { return $datatoken; } - sub phaseone { - my ($r,$fn,$uname,$udom,$mode)=@_; + my ($r,$fn,$mode)=@_; my $action = '/adm/upload'; if ($mode eq 'testbank') { $action = '/adm/testbank'; } elsif ($mode eq 'imsimport') { $action = '/adm/imsimport'; } + + # Check for file to be uploaded $env{'form.upfile.filename'}=~s/\\/\//g; $env{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/; - if ($env{'form.upfile.filename'}) { - $fn=~s/\/[^\/]+$//; - $fn=~s/([^\/])$/$1\//; - $fn.=$env{'form.upfile.filename'}; - $fn=~s/^\///; - $fn=~s/(\/)+/\//g; - -# Fn is the full path to the destination filename. -# - - &Debug($r, "Filename for upload: $fn"); - if (($fn) && ($fn!~/\/$/)) { - $r->print('
'. - ''. - ''. - ''.&mt('Save uploaded file as '). - "/priv/$uname/". - '
'. - '
'.&mt('Choose file type:').' -'.&Apache::loncommon::help_open_topic("Uploading_File_Options").' -
-
-'); - $r->print('
'); - # Check for bad extension and warn user - if ($fn=~/\.(\w+)$/ && - (&Apache::loncommon::fileembstyle($1) eq 'hdn')) { - $r->print(''.&mt('The extension on this file,'). - ' "'.$1.'"'.&mt(', is reserved internally by LON-CAPA.'). - '
'.&mt('Please change the extension.').''); - } elsif($fn=~/\.(\w+)$/ && - !defined(&Apache::loncommon::fileembstyle($1))) { - $r->print(''.&mt('The extension on this file,'). - ' "'.$1.'"'.&mt(', is not recognized by LON-CAPA.'). - '
'.&mt('Please change the extension.'). - ''); - } - } else { - $r->print(''.&mt('Illegal filename.').''); - } - } else { - $r->print(''.&mt('No upload file specified.').''); + if (!$env{'form.upfile.filename'}) { + $r->print('

'.&mt('No upload file specified.').'

'); + return; + } + + # Append the name of the uploaded file + $fn.=$env{'form.upfile.filename'}; + $fn=~s/(\/)+/\//g; + + # Check for illegal filename + &Debug($r, "Filename for upload: $fn"); + if (!(($fn) && ($fn!~/\/$/))) { + $r->print('

'.&mt('Illegal filename.').'

'); + return; + } +# Split part that I can change from the part that I cannot change + my ($fn1,$fn2)=($fn=~/^(\/priv\/[^\/]+\/[^\/]+\/)(.*)$/); + # Display additional options for upload + # and upload button + $r->print( + '
' + .'' + .'' + ); + $r->print( + &Apache::lonhtmlcommon::start_pick_box() + .&Apache::lonhtmlcommon::row_title(&mt('Save uploaded file as')) + .''.$fn1.'' + .'' + .'' + .&Apache::lonhtmlcommon::row_closure() + .&Apache::lonhtmlcommon::row_title(&mt('File Type')) + .''.&Apache::loncommon::help_open_topic("Uploading_File_Options") + .&Apache::lonhtmlcommon::row_closure(1) + .&Apache::lonhtmlcommon::end_pick_box() + ); + $r->print( + '

' + .'' + .'

' + .'
' + ); + + # Check for bad extension and warn user + if ($fn=~/\.(\w+)$/ && + (&Apache::loncommon::fileembstyle($1) eq 'hdn')) { + $r->print('

' + .&mt('The extension on this file, [_1], is reserved internally by LON-CAPA.', + ''.$1.'') + .'
'.&mt('Please change the extension.') + .'

'); + } elsif($fn=~/\.(\w+)$/ && + !defined(&Apache::loncommon::fileembstyle($1))) { + $r->print('

' + .&mt('The extension on this file, [_1], is not recognized by LON-CAPA.', + ''.$1.'') + .'
'.&mt('Please change the extension.') + .'

'); } } sub phasetwo { - my ($r,$tfn,$uname,$udom,$mode)=@_; + my ($r,$fn,$mode)=@_; + + my $output; my $action = '/adm/upload'; my $returnflag = ''; if ($mode eq 'testbank') { @@ -143,12 +249,9 @@ sub phasetwo { } elsif ($mode eq 'imsimport') { $action = '/adm/imsimport'; } - my $fn='/priv/'.$uname.'/'.$tfn; $fn=~s/\/+/\//g; - &Debug($r, "Filename is ".$tfn); - if ($tfn) { - &Debug($r, "Filename for tfn = ".$tfn); - my $target='/home/'.$uname.'/public_html'.$tfn; + if ($fn) { + my $target= $r->dir_config('lonDocRoot').'/'.$fn; &Debug($r, "target -> ".$target); # target is the full filesystem path of the destination file. my $base = &File::Basename::basename($fn); @@ -158,107 +261,239 @@ sub phasetwo { &Debug($r, "URL is now ".$url); my $datatoken=$env{'form.datatoken'}; if (($fn) && ($datatoken)) { - if ((-e $target) && ($env{'form.override'} ne 'Yes')) { - $r->print('
'. - &mt('File').' '.$fn.' '. - &mt('exists. Overwrite?').' '. - ''. - ''. - ''. - '
'); - } else { + if ($env{'form.cancel'}) { + my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp'; + my $dirpath=$path.'/'; + $dirpath=~s/\/+/\//g; + $output .= '

'.&mt('Upload cancelled.').'

' + .'

'. + &mt('Back to Directory').'

'; + } elsif ((-e $target) && (!$env{'form.override'})) { + $output .= '
' + .'

' + .&mt('File [_1] already exists.', + ''.$fn.'') + .'' + .'' + .'' + .'

' + .'' + .' ' + .'

' + .'
'; + } else { my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp'; my $dirpath=$path.'/'; $dirpath=~s/\/+/\//g; # Check for bad extension and disallow upload - if ($fn=~/\.(\w+)$/ && - (&Apache::loncommon::fileembstyle($1) eq 'hdn')) { - $r->print(&mt('File').' '.$fn.' '. - &mt('could not be copied.').'
'. - ''. - &mt('The extension on this file is reserved internally by LON-CAPA.'). - ''); - $r->print('
'. - &mt('Back to Directory').''); - } elsif ($fn=~/\.(\w+)$/ && - !defined(&Apache::loncommon::fileembstyle($1))) { - $r->print(&mt('File').' '.$fn.' '. - &mt('could not be copied.').'
'. - ''. - &mt('The extension on this file is not recognized by LON-CAPA.'). - ''); - $r->print('
'. - &mt('Back to Directory').''); - } elsif (-d $target) { - $r->print('File '.$fn.' could not be copied.
'. - ''. - &mt('The target is an existing directory.'). - '
'); - $r->print(''. - &mt('Back to Directory').''); - } elsif (copy($source,$target)) { - chmod(0660, $target); # Set permissions to rw-rw---. - if ($mode eq 'testbank' || $mode eq 'imsimport') { - $r->print(&mt("Your file - $fn - was uploaded successfully")."

"); - $returnflag = 'ok'; - } else { - $r->print(&mt('File copied.')); - $r->print('
'. - &mt('View file').''); - $r->print('
'. - &mt('Back to Directory').'
'); - } - } else { - $r->print('Failed to copy: '.$!); - $r->print('
'. - &mt('Back to Directory').''); - } + my $result; + ($result,$returnflag) = &check_extension($fn,$mode,$source,$target,$action,$dirpath,$url); + $output .= $result; } } else { - $r->print(''. + $output .= ''. &mt('Please use browser "Back" button and pick a filename'). - '
'); + '
'; } } else { - $r->print(''. - &mt('Please use browser "Back" button and pick a filename'). - '
>'); + $output .= ''. + &mt('Please use browser "Back" button and pick a filename'). + '
'; } - return $returnflag; + return ($output,$returnflag); +} + +sub check_extension { + my ($fn,$mode,$source,$target,$action,$dirpath,$url) = @_; + my ($result,$returnflag); + # Check for bad extension and disallow upload + if ($fn=~/\.(\w+)$/ && + (&Apache::loncommon::fileembstyle($1) eq 'hdn')) { + $result .= '

'. + &mt('File [_1] could not be copied.', + ''.$fn.' '). + '
'. + &mt('The extension on this file is reserved internally by LON-CAPA.'). + '

'; + } elsif ($fn=~/\.(\w+)$/ && + !defined(&Apache::loncommon::fileembstyle($1))) { + $result .= '

'. + &mt('File [_1] could not be copied.', + ''.$fn.' '). + '
'. + &mt('The extension on this file is not recognized by LON-CAPA.'). + '

'; + } elsif (-d $target) { + $result .= '

'. + &mt('File [_1] could not be copied.', + ''.$fn.''). + '
'. + &mt('The target is an existing directory.'). + '

'; + } elsif (copy($source,$target)) { + chmod(0660, $target); # Set permissions to rw-rw---. + if ($mode eq 'testbank' || $mode eq 'imsimport') { + $returnflag = 'ok'; + $result .= '

' + .&mt('Your file - [_1] - was uploaded successfully.', + ''.$fn.'') + .'

'; + } else { + $result .= '

' + .&mt('File copied.') + .'

'; + } + # Check for embedded objects. + my (%allfiles,%codebase); + my ($text,$header,$css,$js); + if (($mode ne 'imsimport') && ($target =~ /\.(htm|html|shtml)$/i)) { + my (%allfiles,%codebase); + &Apache::lonnet::extract_embedded_items($target,\%allfiles,\%codebase); + if (keys(%allfiles) > 0) { + my ($currentpath) = ($url =~ m{^(.+)/[^/]+$}); + my $state = &embedded_form_elems('upload_embedded',$url,$mode); + my ($embedded,$num,$pathchg) = + &Apache::loncommon::ask_for_embedded_content($action,$state,\%allfiles, + \%codebase, + {'error_on_invalid_names' => 1, + 'ignore_remote_references' => 1, + 'current_path' => $currentpath}); + if ($embedded) { + $result .= '

'.&mt('Reference Warning').'

'; + if ($num) { + $result .= '

'.&mt('Completed upload of the file.').' '.&mt('This file contained references to other files.').'

'. + '

'.&mt('Please select the locations from which the referenced files are to be uploaded.').'

'. + $embedded; + if ($mode eq 'testbank') { + $returnflag = 'embedded'; + $result .= '

'.&mt('Or [_1]continue[_2] the testbank import without these files.','','').'

'; + } + } else { + $result .= '

'.&mt('Completed upload of the file.').'

'.$embedded; + if ($pathchg) { + if ($mode eq 'testbank') { + $returnflag = 'embedded'; + $result .= '

'.&mt('Or [_1]continue[_2] the testbank import without modifying the references(s).','','').'

'; + } + } + } + } + } + } + if (($mode ne 'imsimport') && ($mode ne 'testbank')) { + $result .= '
'. + &mt('View file').''; + } + } else { + $result .= &mt('Failed to copy: [_1].',$!); + } + if ($mode ne 'imsimport' && $mode ne 'testbank') { + $result .= '
'. + &mt('Back to Directory').'
'; + } + return ($result,$returnflag); +} + +sub phasethree { + my ($r,$fn,$uname,$udom,$mode) = @_; + + my $action = '/adm/upload'; + if ($mode eq 'testbank') { + $action = '/adm/testbank'; + } elsif ($mode eq 'imsimport') { + $action = '/adm/imsimport'; + } + my $url_root = "/priv/$udom/$uname"; + my $dir_root = $r->dir_config('lonDocRoot').$url_root; + my $path = &File::Basename::dirname($fn); + $path =~ s{^\Q$url_root\E}{}; + my $filename = &HTML::Entities::encode($env{'form.filename'},'<>&"'); + my $state = &embedded_form_elems('modify_orightml',$filename,$mode). + ''; + my ($result,$returnflag) = + &Apache::loncommon::upload_embedded($mode,$path,$uname,$udom, + $dir_root,$url_root,undef, + undef,undef,$state,$action); + if ($mode ne 'imsimport' && $mode ne 'testbank') { + $result .= '

'. + &mt('View main file').'

'. + '

'. + &mt('Back to Directory').'


'; + } + return ($result,$returnflag); +} + +sub embedded_form_elems { + my ($action,$filename,$mode) = @_; + return < + + +STATE +} + +sub phasefour { + my ($r,$fn,$uname,$udom,$mode) = @_; + + my $action = '/adm/upload'; + if ($mode eq 'testbank') { + $action = '/adm/testbank'; + } elsif ($mode eq 'imsimport') { + $action = '/adm/imsimport'; + } + my $result; + my $url_root = "/priv/$udom/$uname"; + my $dir_root = $r->dir_config('lonDocRoot').$url_root; + my $path = &File::Basename::dirname($fn); + $path =~ s{^\Q$url_root\E}{}; + $result .= &Apache::loncommon::modify_html_refs($mode,$path, + $uname,$udom,$dir_root); + if ($mode ne 'imsimport' && $mode ne 'testbank') { + $result .= '

'. + &mt('View main file').'

'. + '

'. + &mt('Back to Directory').'


'; + } + return $result; } # ---------------------------------------------------------------- Main Handler sub handler { my $r=shift; - - my $uname; - my $udom; my $javascript = ''; -# -# phase two: re-attach user -# - if ($env{'form.uploaduname'}) { - $env{'form.filename'}='/priv/'.$env{'form.uploaduname'}.'/'. - $env{'form.filename'}; + my $fn=$env{'form.filename'}; + + if ($env{'form.filename1'}) { + $fn=$env{'form.filename1'}.$env{'form.filename2'}; + } + $fn=~s/\/+/\//g; + + unless ($fn) { + $r->log_reason($env{'user.name'}.' at '.$env{'user.domain'}. + ' unspecified filename for upload', $r->filename); + return HTTP_NOT_FOUND; } - unless ($env{'form.phase'} eq 'two') { - my %body_layout = ('rightmargin' => "0", - 'leftmargin' => "0", - 'marginwidth' => "0", - 'topmargin' => "0", - 'marginheight' => "0"); - my $start_page = - &Apache::loncommon::start_page('Importing a Testbank file into LON-CAPA', - undef, - {'only_body' => 1, - 'add_entries' => \%body_layout, - 'js_ready' => 1,}); - my $end_page = - &Apache::loncommon::end_page({'js_ready' => 1,}); + my ($uname,$udom)=&Apache::loncacc::constructaccess($fn); - $javascript = qq| + unless (($uname) && ($udom)) { + $r->log_reason($uname.' at '.$udom. + ' trying to publish file '.$env{'form.filename'}. + ' - not authorized', + $r->filename); + return HTTP_NOT_ACCEPTABLE; + } + +# ----------------------------------------------------------- Start page output + + &Apache::loncommon::content_type($r,'text/html'); + $r->send_http_header; + + unless ($env{'form.phase'} eq 'two') { + $javascript = <<"ENDJS"; + +ENDJS } - - my $fn; - if ($env{'form.filename'}) { - $fn=$env{'form.filename'}; - $fn=~s/^http\:\/\/[^\/]+\///; - $fn=~s/^\///; - $fn=~s{(~|priv/)($LONCAPA::username_re)}{}; - $fn=~s/\/+/\//g; - } else { - $r->log_reason($env{'user.name'}.' at '.$env{'user.domain'}. - ' unspecified filename for upload', $r->filename); - return HTTP_NOT_FOUND; - } - -# ----------------------------------------------------------- Start page output - - - &Apache::loncommon::content_type($r,'text/html'); - $r->send_http_header; - - $javascript = "\n"; + my $londocroot = $r->dir_config('lonDocRoot'); + my $trailfile = $fn; + $trailfile =~ s{^/(priv/)}{$londocroot/$1}; + + # Breadcrumbs + my $brcrum = [{'href' => &Apache::loncommon::authorspace($fn), + 'text' => 'Construction Space'}, + {'href' => '/adm/upload', + 'text' => 'Upload file to Construction Space'}]; $r->print(&Apache::loncommon::start_page('Upload file to Construction Space', - $javascript)); + $javascript, + {'bread_crumbs' => $brcrum,}) + .&Apache::loncommon::head_subbox( + &Apache::loncommon::CSTR_pageheader($trailfile)) + ); if (($uname ne $env{'user.name'}) || ($udom ne $env{'user.domain'})) { - $r->print('

'.&mt('Co-Author').': '.$uname. - &mt(' at ').$udom.'

'); - } - - if ($env{'form.phase'} eq 'two') { - &phasetwo($r,$fn,$uname,$udom); + $r->print('

' + .&mt('Co-Author [_1]',$uname.':'.$udom) + .'

' + ); + } + if ($env{'form.phase'} eq 'four') { + my $output = &phasefour($r,$fn,$uname,$udom,'author'); + $r->print($output); + } elsif ($env{'form.phase'} eq 'three') { + my ($output,$rtnflag) = &phasethree($r,$fn,$uname,$udom,'author'); + $r->print($output); + } elsif ($env{'form.phase'} eq 'two') { + my ($output,$returnflag) = &phasetwo($r,$fn); + $r->print($output); } else { - &phaseone($r,$fn,$uname,$udom); + &phaseone($r,$fn); } $r->print(&Apache::loncommon::end_page()); @@ -328,75 +554,4 @@ function verifyForm() { 1; __END__ -=head1 NAME - -Apache::lonupload - upload files into construction space - -=head1 SYNOPSIS - -Invoked by /etc/httpd/conf/srm.conf: - - - PerlAccessHandler Apache::lonacc - SetHandler perl-script - PerlHandler Apache::lonupload - ErrorDocument 403 /adm/login - ErrorDocument 404 /adm/notfound.html - ErrorDocument 406 /adm/unauthorized.html - ErrorDocument 500 /adm/errorhandler - - -=head1 INTRODUCTION - -This module uploads a file sitting on a client computer into -library server construction space. - -This is part of the LearningOnline Network with CAPA project -described at http://www.lon-capa.org. - -=head1 HANDLER SUBROUTINE - -This routine is called by Apache and mod_perl. - -=over 4 - -=item * - -Initialize variables - -=item * - -Start page output - -=item * -output relevant interface phase (phaseone or phasetwo) - -=item * - -(phase one is to specify upload file; phase two is to handle conditions -subsequent to specification--like overwriting an existing file) - -=back - -=head1 OTHER SUBROUTINES - -=over 4 - -=item * - -phaseone() : Interface for specifying file to upload. - -=item * - -phasetwo() : Interface for handling post-conditions about uploading (such -as overwriting an existing file). - -=item * - -upfile_store() : Store contents of uploaded file into temporary space. Invoked -by phaseone subroutine. - -=back - -=cut 500 Internal Server Error

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at root@localhost to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.