File:
[LON-CAPA] /
loncom /
publisher /
lonupload.pm
Revision
1.37:
download - view:
text,
annotated -
select for diffs
Tue Jun 17 02:20:08 2008 UTC (16 years, 3 months ago) by
raeburn
Branches:
MAIN
CVS tags:
version_2_6_99_0,
HEAD
- When web pages are uploaded to CSTR, user will be prompted to upload any embedded objects (e.g., image files).
- Checking for existing files and valid extension for files uploaded to CSTR moved to &check_extension() subroutine.
- &phasethree() added to handle uploading of embedded objects.
1:
2: # The LearningOnline Network with CAPA
3: # Handler to upload files into construction space
4: #
5: # $Id: lonupload.pm,v 1.37 2008/06/17 02:20:08 raeburn Exp $
6: #
7: # Copyright Michigan State University Board of Trustees
8: #
9: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
10: #
11: # LON-CAPA is free software; you can redistribute it and/or modify
12: # it under the terms of the GNU General Public License as published by
13: # the Free Software Foundation; either version 2 of the License, or
14: # (at your option) any later version.
15: #
16: # LON-CAPA is distributed in the hope that it will be useful,
17: # but WITHOUT ANY WARRANTY; without even the implied warranty of
18: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19: # GNU General Public License for more details.
20: #
21: # You should have received a copy of the GNU General Public License
22: # along with LON-CAPA; if not, write to the Free Software
23: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24: #
25: # /home/httpd/html/adm/gpl.txt
26: #
27: # http://www.lon-capa.org/
28: #
29: ###
30:
31: package Apache::lonupload;
32:
33: use strict;
34: use Apache::File;
35: use File::Copy;
36: use File::Basename;
37: use Apache::Constants qw(:common :http :methods);
38: use Apache::loncacc;
39: use Apache::loncommon();
40: use Apache::lonnet;
41: use HTML::Entities();
42: use Apache::lonlocal;
43: use Apache::lonnet;
44: use LONCAPA();
45:
46: my $DEBUG=0;
47:
48: sub Debug {
49: # Put out the indicated message but only if DEBUG is true.
50: if ($DEBUG) {
51: my ($r,$message) = @_;
52: $r->log_reason($message);
53: }
54: }
55:
56: sub upfile_store {
57: my $r=shift;
58:
59: my $fname=$env{'form.upfile.filename'};
60: $fname=~s/\W//g;
61:
62: chomp($env{'form.upfile'});
63:
64: my $datatoken=$env{'user.name'}.'_'.$env{'user.domain'}.
65: '_upload_'.$fname.'_'.time.'_'.$$;
66: {
67: my $fh=Apache::File->new('>'.$r->dir_config('lonDaemons').
68: '/tmp/'.$datatoken.'.tmp');
69: print $fh $env{'form.upfile'};
70: }
71: return $datatoken;
72: }
73:
74: sub phaseone {
75: my ($r,$fn,$uname,$udom,$mode)=@_;
76: my $action = '/adm/upload';
77: if ($mode eq 'testbank') {
78: $action = '/adm/testbank';
79: } elsif ($mode eq 'imsimport') {
80: $action = '/adm/imsimport';
81: }
82: $env{'form.upfile.filename'}=~s/\\/\//g;
83: $env{'form.upfile.filename'}=~s/^.*\/([^\/]+)$/$1/;
84: if ($env{'form.upfile.filename'}) {
85: $fn=~s/\/[^\/]+$//;
86: $fn=~s/([^\/])$/$1\//;
87: $fn.=$env{'form.upfile.filename'};
88: $fn=~s/^\///;
89: $fn=~s/(\/)+/\//g;
90:
91: # Fn is the full path to the destination filename.
92: #
93:
94: &Debug($r, "Filename for upload: $fn");
95: if (($fn) && ($fn!~/\/$/)) {
96: $r->print('<form action="'.$action.'" method="post" name="fileupload">'.
97: '<input type="hidden" name="phase" value="two" />'.
98: '<input type="hidden" name="datatoken" value="'.
99: &upfile_store.'" />'.
100: '<input type="hidden" name="uploaduname" value="'.$uname.
101: '" />'.&mt('Save uploaded file as ').
102: "<span class='LC_filename'>/priv/$uname/</span>".
103: '<input type="text" size="50" name="filename" value="'.$fn.
104: '" /><br />'.
105: '<br />'.&mt('Choose file type:').'
106: <select name="filetype">
107: <option value="standard" selected>'.&mt('Regular file').'
108: <option value="testbank">'.&mt('Testbank file').'
109: <option value="imsimport">'.&mt('IMS package').'
110: </select>'.&Apache::loncommon::help_open_topic("Uploading_File_Options").'
111: <br />
112: <br />
113: ');
114: $r->print('<input type="button" value="'.&mt('Save').'" onClick="javascript:verifyForm()"/></form>');
115: # Check for bad extension and warn user
116: if ($fn=~/\.(\w+)$/ &&
117: (&Apache::loncommon::fileembstyle($1) eq 'hdn')) {
118: $r->print('<span class="LC_error">'.&mt('The extension on this file,').
119: ' "'.$1.'"'.&mt(', is reserved internally by LON-CAPA.').
120: ' <br />'.&mt('Please change the extension.').'</span>');
121: } elsif($fn=~/\.(\w+)$/ &&
122: !defined(&Apache::loncommon::fileembstyle($1))) {
123: $r->print('<span class="LC_error">'.&mt('The extension on this file,').
124: ' "'.$1.'"'.&mt(', is not recognized by LON-CAPA.').
125: ' <br />'.&mt('Please change the extension.').
126: '</span>');
127: }
128: } else {
129: $r->print('<span class="LC_error">'.&mt('Illegal filename.').'</span>');
130: }
131: } else {
132: $r->print('<span class="LC_error">'.&mt('No upload file specified.').'</span>');
133: }
134: }
135:
136: sub phasetwo {
137: my ($r,$tfn,$uname,$udom,$mode)=@_;
138: my $output;
139: my $action = '/adm/upload';
140: my $returnflag = '';
141: if ($mode eq 'testbank') {
142: $action = '/adm/testbank';
143: } elsif ($mode eq 'imsimport') {
144: $action = '/adm/imsimport';
145: }
146: my $fn='/priv/'.$uname.'/'.$tfn;
147: $fn=~s/\/+/\//g;
148: &Debug($r, "Filename is ".$tfn);
149: if ($tfn) {
150: &Debug($r, "Filename for tfn = ".$tfn);
151: my $target='/home/'.$uname.'/public_html'.$tfn;
152: &Debug($r, "target -> ".$target);
153: # target is the full filesystem path of the destination file.
154: my $base = &File::Basename::basename($fn);
155: my $path = &File::Basename::dirname($fn);
156: $base = &HTML::Entities::encode($base,'<>&"');
157: my $url = $path."/".$base;
158: &Debug($r, "URL is now ".$url);
159: my $datatoken=$env{'form.datatoken'};
160: if (($fn) && ($datatoken)) {
161: if ($env{'form.cancel'}) {
162: my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp';
163: my $dirpath=$path.'/';
164: $dirpath=~s/\/+/\//g;
165: $output .= &mt('Upload cancelled.').'<br /><font size="+2"><a href="'.$dirpath.'">'.
166: &mt('Back to Directory').'</a></font>';
167: } elsif ((-e $target) && (!$env{'form.override'})) {
168: $output .= '<form action="'.$action.'" method="post">'.
169: &mt('File [_1] exists. Overwrite?','<span class="LC_filename">'.$fn.'</span>').
170: '<input type="hidden" name="phase" value="two" />'.
171: '<input type="hidden" name="filename" value="'.$url.'" />'.
172: '<input type="hidden" name="datatoken" value="'.$datatoken.'" />'.
173: '<input type="submit" name="override" value="'.&mt('Yes').'" />'.
174: '<input type="submit" name="cancel" value="'.&mt('Cancel').'" />'.
175: '</form>';
176: } else {
177: my $source=$r->dir_config('lonDaemons').'/tmp/'.$datatoken.'.tmp';
178: my $dirpath=$path.'/';
179: $dirpath=~s/\/+/\//g;
180: # Check for bad extension and disallow upload
181: my $result;
182: ($result,$returnflag) = &check_extension($fn,$mode,$source,$target,$action,$dirpath,$url);
183: $output .= $result;
184: }
185: } else {
186: $output .= '<span class="LC_error">'.
187: &mt('Please use browser "Back" button and pick a filename').
188: '</span><br />';
189: }
190: } else {
191: $output .= '<span class="LC_error">'.
192: &mt('Please use browser "Back" button and pick a filename').
193: '</span><br />';
194: }
195: return ($output,$returnflag);
196: }
197:
198: sub check_extension {
199: my ($fn,$mode,$source,$target,$action,$dirpath,$url) = @_;
200: my ($result,$returnflag);
201: # Check for bad extension and disallow upload
202: if ($fn=~/\.(\w+)$/ &&
203: (&Apache::loncommon::fileembstyle($1) eq 'hdn')) {
204: $result .= &mt('File [_1] could not be copied.',
205: '<span class="LC_filename">'.$fn.'</span> ').
206: '<br /><span class="LC_error">'.
207: &mt('The extension on this file is reserved internally by LON-CAPA.').
208: '</span>';
209: } elsif ($fn=~/\.(\w+)$/ &&
210: !defined(&Apache::loncommon::fileembstyle($1))) {
211: $result .= &mt('File [_1] could not be copied.',
212: '<span class="LC_filename">'.$fn.'</span> ').
213: '<br /><span class="LC_error">'.
214: &mt('The extension on this file is not recognized by LON-CAPA.').
215: '</span>';
216: } elsif (-d $target) {
217: $result .= &mt('File [_1] could not be copied.',
218: '<span class="LC_filename">'.$fn.'</span>').
219: '<br /><span class="LC_error">'.
220: &mt('The target is an existing directory.').
221: '</span>';
222: } elsif (copy($source,$target)) {
223: chmod(0660, $target); # Set permissions to rw-rw---.
224: if ($mode eq 'testbank' || $mode eq 'imsimport') {
225: $returnflag = 'ok';
226: $result .= &mt('Your file - [_1] - was uploaded successfully',$fn).'<br /><br />';
227: } else {
228: $result .= &mt('File copied.').'<br />';
229: }
230: # Check for embedded objects.
231: my (%allfiles,%codebase);
232: my ($text,$header,$css,$js);
233: if (($mode ne 'imsimport') && ($target =~ /\.(htm|html|shtml)$/i)) {
234: my (%allfiles,%codebase);
235: &Apache::lonnet::extract_embedded_items($target,\%allfiles,\%codebase);
236: if (keys(%allfiles) > 0) {
237: my $state = <<STATE;
238: <input type="hidden" name="action" value="upload_embedded" />
239: <input type="hidden" name="currentpath" value="$env{'form.currentpath'}" />
240: <input type="hidden" name="mode" value="$mode" />
241: <input type="hidden" name="phase" value="three" />
242: <input type="hidden" name="filename" value="$url" />
243: STATE
244: $result .= "<h3>".&mt("Reference Warning")."</h3>".
245: "<p>".&mt("Completed upload of the file. This file contained references to other files.")."</p>".
246: "<p>".&mt("Please select the locations from which the referenced files are to be uploaded.")."</p>".
247: &Apache::loncommon::ask_for_embedded_content($action,$state,\%allfiles,\%codebase,
248: {'error_on_invalid_names' => 1,
249: 'ignore_remote_references' => 1,});
250: if ($mode eq 'testbank') {
251: $returnflag = 'embedded';
252: $result .= '<p>'.&mt('Or [_1]continue[_2] the testbank import without these files','<a href="javascript:document.testbankForm.submit();">','</a>').'</p>';
253: }
254: }
255: }
256: if (($mode ne 'imsimport') && ($mode ne 'testbank')) {
257: $result .= '<br /><font size="+2"><a href="'.$url.'">'.
258: &mt('View file').'</a></font>';
259: }
260: } else {
261: $result .= &mt('Failed to copy: [_1].',$!);
262: }
263: if ($mode ne 'imsimport' && $mode ne 'testbank') {
264: $result .= '<br /><font size="+2"><a href="'.$dirpath.'">'.
265: &mt('Back to Directory').'</a></font><br />';
266: }
267: return ($result,$returnflag);
268: }
269:
270: sub phasethree {
271: my ($r,$fn,$uname,$udom,$mode) = @_;
272: my $result;
273: my $dir_root = '/home/'.$uname.'/public_html';
274: my $url_root = '/priv/'.$uname;
275: my $base = &File::Basename::basename($fn);
276: my $path = &File::Basename::dirname($fn);
277: $result = &Apache::loncommon::upload_embedded($mode,$path,$uname,$udom,
278: $dir_root,$url_root);
279: if ($mode ne 'imsimport' && $mode ne 'testbank') {
280: $result = '<br /><font size="+2"><a href="'.$url_root.$fn.'">'.
281: &mt('View main file').'</a></font>'.
282: '<br /><font size="+2"><a href="'.$url_root.$path.'">'.
283: &mt('Back to Directory').'</a></font><br />';
284: }
285: return $result;
286: }
287:
288: # ---------------------------------------------------------------- Main Handler
289: sub handler {
290:
291: my $r=shift;
292:
293: my $uname;
294: my $udom;
295: my $javascript = '';
296: #
297: # phase two: re-attach user
298: #
299: if ($env{'form.uploaduname'}) {
300: $env{'form.filename'}='/priv/'.$env{'form.uploaduname'}.'/'.
301: $env{'form.filename'};
302: }
303:
304: unless ($env{'form.phase'} eq 'two') {
305: $javascript = qq|
306: function verifyForm() {
307: var mode = document.fileupload.filetype.options[document.fileupload.filetype.selectedIndex].value
308: if (mode == "testbank") {
309: document.fileupload.action = "/adm/testbank";
310: }
311: if (mode == "imsimport") {
312: document.fileupload.action = "/adm/imsimport";
313: }
314: if (mode == "standard") {
315: document.fileupload.action = "/adm/upload";
316: }
317: document.fileupload.submit();
318: }
319: |;
320: }
321: ($uname,$udom)=
322: &Apache::loncacc::constructaccess($env{'form.filename'},
323: $r->dir_config('lonDefDomain'));
324:
325: unless (($uname) && ($udom)) {
326: $r->log_reason($uname.' at '.$udom.
327: ' trying to publish file '.$env{'form.filename'}.
328: ' - not authorized',
329: $r->filename);
330: return HTTP_NOT_ACCEPTABLE;
331: }
332:
333: my $fn;
334: if ($env{'form.filename'}) {
335: $fn=$env{'form.filename'};
336: $fn=~s/^http\:\/\/[^\/]+\///;
337: $fn=~s/^\///;
338: $fn=~s{(~|priv/)($LONCAPA::username_re)}{};
339: $fn=~s/\/+/\//g;
340: } else {
341: $r->log_reason($env{'user.name'}.' at '.$env{'user.domain'}.
342: ' unspecified filename for upload', $r->filename);
343: return HTTP_NOT_FOUND;
344: }
345:
346: # ----------------------------------------------------------- Start page output
347:
348:
349: &Apache::loncommon::content_type($r,'text/html');
350: $r->send_http_header;
351:
352: $javascript = "<script type=\"text/javascript\">\n//<!--\n".
353: $javascript."\n// --></script>\n";
354:
355: $r->print(&Apache::loncommon::start_page('Upload file to Construction Space',
356: $javascript));
357:
358: if (($uname ne $env{'user.name'}) || ($udom ne $env{'user.domain'})) {
359: $r->print('<h3><span class="LC_error">'.&mt('Co-Author').': '.$uname.
360: &mt(' at ').$udom.'</span></h3>');
361: }
362:
363: if ($env{'form.phase'} eq 'three') {
364: my $output = &phasethree($r,$fn,$uname,$udom,'author');
365: $r->print($output);
366: } elsif ($env{'form.phase'} eq 'two') {
367: my ($output,$returnflag) = &phasetwo($r,$fn,$uname,$udom);
368: $r->print($output);
369: } else {
370: &phaseone($r,$fn,$uname,$udom);
371: }
372:
373: $r->print(&Apache::loncommon::end_page());
374: return OK;
375: }
376:
377: 1;
378: __END__
379:
380: =head1 NAME
381:
382: Apache::lonupload - upload files into construction space
383:
384: =head1 SYNOPSIS
385:
386: Invoked by /etc/httpd/conf/srm.conf:
387:
388: <Location /adm/upload>
389: PerlAccessHandler Apache::lonacc
390: SetHandler perl-script
391: PerlHandler Apache::lonupload
392: ErrorDocument 403 /adm/login
393: ErrorDocument 404 /adm/notfound.html
394: ErrorDocument 406 /adm/unauthorized.html
395: ErrorDocument 500 /adm/errorhandler
396: </Location>
397:
398: =head1 INTRODUCTION
399:
400: This module uploads a file sitting on a client computer into
401: library server construction space.
402:
403: This is part of the LearningOnline Network with CAPA project
404: described at http://www.lon-capa.org.
405:
406: =head1 HANDLER SUBROUTINE
407:
408: This routine is called by Apache and mod_perl.
409:
410: =over 4
411:
412: =item *
413:
414: Initialize variables
415:
416: =item *
417:
418: Start page output
419:
420: =item *
421:
422: output relevant interface phase (phaseone or phasetwo or phasethree)
423:
424: =item *
425:
426: (phase one is to specify upload file; phase two is to handle conditions
427: subsequent to specification--like overwriting an existing file; phase three
428: is to handle processing of secondary uploads - of embedded objects in an
429: html file).
430:
431: =back
432:
433: =head1 OTHER SUBROUTINES
434:
435: =over 4
436:
437: =item *
438:
439: phaseone() : Interface for specifying file to upload.
440:
441: =item *
442:
443: phasetwo() : Interface for handling post-conditions about uploading (such
444: as overwriting an existing file).
445:
446: =item *
447:
448: phasethree() : Interface for handling secondary uploads of embedded objects
449: in an html file.
450:
451: =item *
452:
453: upfile_store() : Store contents of uploaded file into temporary space. Invoked
454: by phaseone subroutine.
455:
456: = item *
457:
458: check_extension() : Checks if filename extension is permitted and checks type
459: of file - if html file, calls parser to check for embedded objects.
460: Invoked by phasetwo subroutine.
461:
462: =back
463:
464: =cut
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>