loncom/publisher/lonupload.pm - diff

Return to lonupload.pm CVS log

Up to [LON-CAPA] / loncom / publisher

Diff for /loncom/publisher/lonupload.pm between versions 1.68 and 1.69

version 1.68, 2017/11/12 23:01:00	version 1.69, 2019/03/04 19:54:35
Line 176 sub phaseone {	Line 176 sub phaseone {
# Check for file to be uploaded	# Check for file to be uploaded
$env{'form.upfile.filename'}=~s/\\/\//g;	$env{'form.upfile.filename'}=~s/\\/\//g;
$env{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/;	$env{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/;
	$env{'form.upfile.filename'}=~s/(\s+$\|^\s+)//g;
if (!$env{'form.upfile.filename'}) {	if (!$env{'form.upfile.filename'}) {
$r->print('<p class="LC_warning">'.&mt('No upload file specified.').'</p>'.	$r->print('<p class="LC_warning">'.&mt('No upload file specified.').'</p>'.
&earlyout($fn,$uname,$udom));	&earlyout($fn,$uname,$udom));
Line 214 sub phaseone {	Line 215 sub phaseone {

# Split part that I can change from the part that I cannot change	# Split part that I can change from the part that I cannot change
my ($fn1,$fn2)=($fn=~/^(\/priv\/[^\/]+\/[^\/]+\/)(.*)$/);	my ($fn1,$fn2)=($fn=~/^(\/priv\/[^\/]+\/[^\/]+\/)(.*)$/);
	# Check for pattern: .number.extension which is reserved for LON-CAPA versioning.
	# Check for disallowed characters: #?&%:<>`\|, and remove
	if ($fn2 ne '') {
	($fn2,my $warning) = &check_filename($fn2);
	if ($warning ne '') {
	$r->print($warning);
	}
	}
# Display additional options for upload	# Display additional options for upload
# and upload button	# and upload button
$r->print(	$r->print(
Line 281 sub phasetwo {	Line 290 sub phasetwo {
my $base = &File::Basename::basename($fn);	my $base = &File::Basename::basename($fn);
my $path = &File::Basename::dirname($fn);	my $path = &File::Basename::dirname($fn);
$base = &HTML::Entities::encode($base,'<>&"');	$base = &HTML::Entities::encode($base,'<>&"');
my $url = $path."/".$base;	my $url = $path."/".$base;
&Debug($r, "URL is now ".$url);	&Debug($r, "URL is now ".$url);
my $datatoken;	my $datatoken;
if ($env{'form.datatoken'} =~ /^$match_username\_$match_domain\_upload_\w*_\d+_\d+$/) {	if ($env{'form.datatoken'} =~ /^$match_username\_$match_domain\_upload_\w*_\d+_\d+$/) {
Line 421 sub check_extension {	Line 430 sub check_extension {
return ($result,$returnflag);	return ($result,$returnflag);
}	}

	sub check_filename {
	my ($fname) = @_;
	my $warning;
	if ($fname =~/[#\?&%":<>`\|]/) {
	$fname =~s/[#\?&%":<>`\|]//g;
	$warning .= '<p class="LC_warning">'
	.&mt('Removed one or more disallowed characters from filename')
	.'</p>';
	}
	if ($fname=~ /\.(\d+)\.(\w+)$/) {
	my $num = $1;
	$warning .= '<p class="LC_warning">'
	.&mt('Bad filename [_1]','<span class="LC_filename">'.$fname.'</span>')
	.'<br />'
	.&mt('[_1](name).(number).(extension)[_2] not allowed.','<tt>','</tt>')
	.'<br />'
	.&mt('Replacing the [_1].number.[_2] with [_1]_letter.[_2] in requested filename.','<tt>','</tt>')
	.'</p>';
	if ($num eq '0') {
	$fname =~ s/\.(\d+)(\.\w+)$/_A$2/;
	} else {
	my $letts = '';
	my %digletter = reverse &Apache::lonnet::letter_to_digits();
	if ($num >= 100) {
	$num = substr($num,-2);
	}
	foreach my $digit (split('',$num)) {
	$letts .= $digletter{$digit};
	}
	$fname =~ s/\.(\d+)(\.\w+)$/_$letts$2/;
	}
	}
	if ($fname =~/___/) {
	$fname =~s/_+/_/g;
	$warning .= '<p class="LC_warning">'
	.&mt('Changed ___ to a single _ in filename')
	.'</p>';
	}
	return ($fname,$warning);
	}

sub phasethree {	sub phasethree {
my ($r,$fn,$uname,$udom,$mode) = @_;	my ($r,$fn,$uname,$udom,$mode) = @_;

Line 503 sub handler {	Line 553 sub handler {

my $r=shift;	my $r=shift;
my $javascript = '';	my $javascript = '';
my $fn=$env{'form.filename'};	my $fn;
	my $warning;

if ($env{'form.filename1'}) {	if ($env{'form.filename1'}) {
$fn=$env{'form.filename1'}.$env{'form.filename2'};	my $fn1 = $env{'form.filename1'};
	my $fn2 = $env{'form.filename2'};
	$fn2 =~ s/(\s+$\|^\s+)//g;
	$fn2 =~ s/\/+/\//g;
	($fn2,$warning) = &check_filename($fn2);
	$fn = $fn1.$fn2;
	} else {
	$fn = $env{'form.filename'};
}	}
$fn=~s/\/+/\//g;	$fn=~s/\/+/\//g;

Line 519 sub handler {	Line 577 sub handler {
my ($uname,$udom)=&Apache::lonnet::constructaccess($fn);	my ($uname,$udom)=&Apache::lonnet::constructaccess($fn);

unless (($uname) && ($udom)) {	unless (($uname) && ($udom)) {
$r->log_reason($uname.' at '.$udom.	$r->log_reason($env{'user.name'}.' at '.$env{'user.domain'}.
' trying to publish file '.$env{'form.filename'}.	' trying to upload file '.$fn.
' - not authorized',	' - not authorized',
$r->filename);	$r->filename);
return HTTP_NOT_ACCEPTABLE;	return HTTP_NOT_ACCEPTABLE;
Line 575 ENDJS	Line 633 ENDJS
.'</p>'	.'</p>'
);	);
}	}
	if ($warning) {
	$r->print($warning);
	}
if ($env{'form.phase'} eq 'four') {	if ($env{'form.phase'} eq 'four') {
my $output = &phasefour($r,$fn,$uname,$udom,'author');	my $output = &phasefour($r,$fn,$uname,$udom,'author');
$r->print($output);	$r->print($output);
Line 589 ENDJS	Line 650 ENDJS
}	}

$r->print(&Apache::loncommon::end_page());	$r->print(&Apache::loncommon::end_page());
return OK;	return OK;
}	}

1;	1;

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.68
changed lines
	Added in v.1.69