[LON-CAPA-cvs] cvs: loncom /homework grades.pm /interface loncommon.pm lonuserutils.pm slotrequest.pm
raeburn
raeburn at source.lon-capa.org
Fri Aug 11 14:58:18 EDT 2017
raeburn Fri Aug 11 18:58:18 2017 EDT
Modified files:
/loncom/interface loncommon.pm slotrequest.pm lonuserutils.pm
/loncom/homework grades.pm
Log:
- Sanity checking
Index: loncom/interface/loncommon.pm
diff -u loncom/interface/loncommon.pm:1.1289 loncom/interface/loncommon.pm:1.1290
--- loncom/interface/loncommon.pm:1.1289 Fri Aug 11 00:32:07 2017
+++ loncom/interface/loncommon.pm Fri Aug 11 18:58:16 2017
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# a pile of common routines
#
-# $Id: loncommon.pm,v 1.1289 2017/08/11 00:32:07 raeburn Exp $
+# $Id: loncommon.pm,v 1.1290 2017/08/11 18:58:16 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -13670,20 +13670,21 @@
=pod
-=item * &load_tmp_file($r)
+=item * &load_tmp_file($r,$datatoken)
Load uploaded file from tmp, $r should be the HTTP Request object,
-needs $env{'form.datatoken'},
+$datatoken is the name to assign to the temporary file.
sets $env{'form.upfile'} to the contents of the file
=cut
sub load_tmp_file {
- my $r=shift;
+ my ($r,$datatoken) = @_;
+ return if ($datatoken eq '');
my @studentdata=();
{
my $studentfile = $r->dir_config('lonDaemons').
- '/tmp/'.$env{'form.datatoken'}.'.tmp';
+ '/tmp/'.$datatoken.'.tmp';
if ( open(my $fh,"<$studentfile") ) {
@studentdata=<$fh>;
close($fh);
@@ -13692,6 +13693,14 @@
$env{'form.upfile'}=join('', at studentdata);
}
+sub valid_datatoken {
+ my ($datatoken) = @_;
+ if ($datatoken =~ /^$match_username\_$match_domain\_enroll_$match_courseid\_\d+_\d+$/) {
+ return $datatoken;
+ }
+ return;
+}
+
=pod
=item * &upfile_record_sep()
Index: loncom/interface/slotrequest.pm
diff -u loncom/interface/slotrequest.pm:1.134 loncom/interface/slotrequest.pm:1.135
--- loncom/interface/slotrequest.pm:1.134 Thu Oct 27 21:02:02 2016
+++ loncom/interface/slotrequest.pm Fri Aug 11 18:58:16 2017
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Handler for requesting to have slots added to a students record
#
-# $Id: slotrequest.pm,v 1.134 2016/10/27 21:02:02 raeburn Exp $
+# $Id: slotrequest.pm,v 1.135 2017/08/11 18:58:16 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -2945,8 +2945,10 @@
if (!$env{'form.datatoken'}) {
$datatoken=&Apache::loncommon::upfile_store($r);
} else {
- $datatoken=$env{'form.datatoken'};
- &Apache::loncommon::load_tmp_file($r);
+ $datatoken=&Apache::loncommon::valid_datatoken($env{'form.datatoken'});
+ if ($datatoken ne '') {
+ &Apache::loncommon::load_tmp_file($r,$datatoken);
+ }
}
my @records=&Apache::loncommon::upfile_record_sep();
if ($env{'form.noFirstLine'}) { shift(@records); }
@@ -2997,7 +2999,10 @@
sub csv_upload_assign {
my ($r,$mgr)= @_;
- &Apache::loncommon::load_tmp_file($r);
+ my $datatoken = &Apache::loncommon::valid_datatoken($env{'form.datatoken'});
+ if ($datatoken ne '') {
+ &Apache::loncommon::load_tmp_file($r,$datatoken);
+ }
my @slotdata = &Apache::loncommon::upfile_record_sep();
if ($env{'form.noFirstLine'}) { shift(@slotdata); }
my %fields=&Apache::grades::get_fields();
Index: loncom/interface/lonuserutils.pm
diff -u loncom/interface/lonuserutils.pm:1.188 loncom/interface/lonuserutils.pm:1.189
--- loncom/interface/lonuserutils.pm:1.188 Fri Aug 11 00:24:53 2017
+++ loncom/interface/lonuserutils.pm Fri Aug 11 18:58:16 2017
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Utility functions for managing LON-CAPA user accounts
#
-# $Id: lonuserutils.pm,v 1.188 2017/08/11 00:24:53 raeburn Exp $
+# $Id: lonuserutils.pm,v 1.189 2017/08/11 18:58:16 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -1127,8 +1127,10 @@
if (!$env{'form.datatoken'}) {
$datatoken=&Apache::loncommon::upfile_store($r);
} else {
- $datatoken=$env{'form.datatoken'};
- &Apache::loncommon::load_tmp_file($r);
+ $datatoken=&Apache::loncommon::valid_datatoken($env{'form.datatoken'});
+ if ($datatoken ne '') {
+ &Apache::loncommon::load_tmp_file($r,$datatoken);
+ }
}
my @records=&Apache::loncommon::upfile_record_sep();
if($env{'form.noFirstLine'}){
@@ -4114,7 +4116,10 @@
# ================================================= Drop/Add from uploaded file
sub upfile_drop_add {
my ($r,$context,$permission,$showcredits) = @_;
- &Apache::loncommon::load_tmp_file($r);
+ my $datatoken = &Apache::loncommon::valid_datatoken($env{'form.datatoken'});
+ if ($datatoken ne '') {
+ &Apache::loncommon::load_tmp_file($r,$datatoken);
+ }
my @userdata=&Apache::loncommon::upfile_record_sep();
if($env{'form.noFirstLine'}){shift(@userdata);}
my @keyfields = split(/\,/,$env{'form.keyfields'});
Index: loncom/homework/grades.pm
diff -u loncom/homework/grades.pm:1.741 loncom/homework/grades.pm:1.742
--- loncom/homework/grades.pm:1.741 Sun Jul 2 16:50:30 2017
+++ loncom/homework/grades.pm Fri Aug 11 18:58:17 2017
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# The LON-CAPA Grading handler
#
-# $Id: grades.pm,v 1.741 2017/07/02 16:50:30 raeburn Exp $
+# $Id: grades.pm,v 1.742 2017/08/11 18:58:17 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -4405,8 +4405,10 @@
if (!$env{'form.datatoken'}) {
$datatoken=&Apache::loncommon::upfile_store($request);
} else {
- $datatoken=$env{'form.datatoken'};
- &Apache::loncommon::load_tmp_file($request);
+ $datatoken=&Apache::loncommon::valid_datatoken($env{'form.datatoken'});
+ if ($datatoken ne '') {
+ &Apache::loncommon::load_tmp_file($request,$datatoken);
+ }
}
my @records=&Apache::loncommon::upfile_record_sep();
&csvuploadmap_header($request,$symb,$datatoken,$#records+1);
@@ -4495,7 +4497,10 @@
my ($request,$symb)= @_;
if (!$symb) {return '';}
my $error_msg = '';
- &Apache::loncommon::load_tmp_file($request);
+ my $datatoken = &Apache::loncommon::valid_datatoken($env{'form.datatoken'});
+ if ($datatoken ne '') {
+ &Apache::loncommon::load_tmp_file($request,$datatoken);
+ }
my @gradedata = &Apache::loncommon::upfile_record_sep();
my %fields=&get_fields();
my $courseid=$env{'request.course.id'};
More information about the LON-CAPA-cvs
mailing list