Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/tools/upload-file.pl
Marcel de Rooy 1f5be3ffab Bug 14321: [QA Follow-up] Changes for Upload.pm and upload-file.pl 
Based on QA comments, this patch does the following:
[1] Destroy an empty DESTROY.
[2] Promote some comment lines to POD.
[3] Use File::Spec->catfile in sub _full_fname.
[4] Remove variable interpolation from a sql query.
[5] Add a comment in upload-file.pl.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Run the unit test again, and uploaded a file.

Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-09-25 12:02:52 -03:00

96 lines
2.8 KiB
Perl
Executable file
Raw Blame History

#!/usr/bin/perl
# Copyright (C) 2007 LibLime
#
# This file is part of Koha.
#
# Koha is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# Koha is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Koha; if not, see <http://www.gnu.org/licenses>.
use Modern::Perl;
use CGI qw ( -utf8 );
use CGI::Cookie;
use Encode;
use JSON;
use URI::Escape;
use C4::Context;
use C4::Auth qw/check_cookie_auth haspermission/;
use Koha::Upload;
# upload-file.pl must authenticate the user
# before processing the POST request,
# and quickly bounce if the user is
# not authorized. Consequently, unlike
# most of the other CGI scripts, upload-file.pl
# requires that the session cookie already
# has been created.
my $flags_required = [
{circulate => 'circulate_remaining_permissions'},
{tools => 'stage_marc_import'},
{tools => 'upload_local_cover_images'}
];
my %cookies = CGI::Cookie->fetch;
my $sid = $cookies{'CGISESSID'}->value;
my $auth_failure = 1;
my ( $auth_status, $sessionID ) = check_cookie_auth( $sid );
my $uid = C4::Auth::get_session($sid)->param('id');
foreach my $flag_required ( @{$flags_required} ) {
if ( my $flags = haspermission( $uid, $flag_required ) ) {
$auth_failure = 0 if $auth_status eq 'ok';
}
}
if ($auth_failure) {
send_reply( 'denied' );
exit 0;
}
my $upload = Koha::Upload->new( upload_pars($ENV{QUERY_STRING}) );
if( !$upload || !$upload->cgi || !$upload->count ) {
# not one upload succeeded
send_reply( 'failed', undef, $upload? $upload->err: undef );
} else {
# in case of multiple uploads, at least one got through
send_reply( 'done', $upload->result, $upload->err );
}
exit 0;
sub send_reply { # response will be sent back as JSON
my ( $upload_status, $data, $error ) = @_;
my $reply = CGI->new("");
print $reply->header( -type => 'text/html', -charset => 'UTF-8' );
print JSON::encode_json({
status => $upload_status,
fileid => $data,
errors => $error,
});
}
sub upload_pars { # this sub parses QUERY_STRING in order to build the
# parameter hash for Koha::Upload
my ( $qstr ) = @_;
$qstr = Encode::decode_utf8( uri_unescape( $qstr ) );
# category could include a utf8 character
my $rv = {};
foreach my $p ( qw[public category temp] ) {
if( $qstr =~ /(^|&)$p=(\w+)(&|$)/ ) {
$rv->{$p} = $2;
}
}
return $rv;
}
View git blame Copy permalink