[BACK]Return to loncfile.pm CVS log [TXT] [DIR] Up to [LON-CAPA] / loncom / publisher

Diff for /loncom/publisher/loncfile.pm between versions 1.55 and 1.58

version 1.55, 2004/05/26 22:25:38 version 1.58, 2004/07/02 08:07:17
Line 164  sub URLToPath { Line 164  sub URLToPath {
 sub url {  sub url {
     my $fn=shift;      my $fn=shift;
     $fn=~s/^\/home\/(\w+)\/public\_html/\/priv\/$1/;      $fn=~s/^\/home\/(\w+)\/public\_html/\/priv\/$1/;
       $fn=&HTML::Entities::encode($fn,'<>"&');
     return $fn;      return $fn;
 }  }
   
Line 288  sub checksuffix { Line 289  sub checksuffix {
 }  }
   
 sub cleanDest {  sub cleanDest {
     my ($request,$dest)=@_;      my ($request,$dest,$subdir)=@_;
     #remove bad characters      #remove bad characters
     if  ($dest=~/[\#\?&]/) {      my $foundbad=0;
       if ($subdir && $dest =~/\./) {
    $foundbad=1;
    $dest=~s/\.//g;
       }
       if  ($dest=~/[\#\?&%\"]/) {
    $foundbad=1;
    $dest=~s/[\#\?&%]//g;
       }
       if ($foundbad) {
  $request->print("<p><font color=\"red\">".&mt('Invalid characters in requested name have been removed.')."</font></p>");   $request->print("<p><font color=\"red\">".&mt('Invalid characters in requested name have been removed.')."</font></p>");
  $dest=~s/[\#\?&]//g;  
     }      }
     return $dest;      return $dest;
 }  }
Line 749  performed and reported to the user. Line 758  performed and reported to the user.
 sub phaseone {  sub phaseone {
     my ($r,$fn,$uname,$udom)=@_;      my ($r,$fn,$uname,$udom)=@_;
       
     my $newfilename=&cleanDest($r,$ENV{'form.newfilename'});      my $doingdir=0;
       if ($ENV{'form.action'} eq 'newdir') { $doingdir=1; }
       my $newfilename=&cleanDest($r,$ENV{'form.newfilename'},$doingdir);
     $newfilename=&relativeDest($fn,$newfilename,$uname);      $newfilename=&relativeDest($fn,$newfilename,$uname);
     $r->print('<form action="/adm/cfile" method="post">'.      $r->print('<form action="/adm/cfile" method="post">'.
       '<input type="hidden" name="qualifiedfilename" value="'.$fn.'" />'.        '<input type="hidden" name="qualifiedfilename" value="'.$fn.'" />'.
Line 1116  sub phasetwo { Line 1127  sub phasetwo {
     if(!&Rename2($r, $uname, $dir, $fn, $ENV{'form.newfilename'})) {      if(!&Rename2($r, $uname, $dir, $fn, $ENV{'form.newfilename'})) {
  return;   return;
     }      }
     $dest = &url($ENV{'form.newfilename'});      $dest = $ENV{'form.newfilename'};
  }   }
     } elsif ($ENV{'form.action'} eq 'delete') {       } elsif ($ENV{'form.action'} eq 'delete') { 
  if(!&Delete2($r, $uname, $ENV{'form.newfilename'})) {   if(!&Delete2($r, $uname, $ENV{'form.newfilename'})) {
Removed from v.1.55  
changed lines
  Added in v.1.58

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>