projects / koha.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Bug 27594: (follow-up) Check for secure context
[koha.git] / koha-tmpl / intranet-tmpl / prog / en / modules / tools / upload.tt
1 [% USE raw %]
2 [% USE Asset %]
3 [% USE Koha %]
4 [% USE TablesSettings %]
5 [% SET footerjs = 1 %]
6 [% INCLUDE 'doc-head-open.inc' %]
7 [% IF plugin %]
8     <title>Upload plugin</title>
9 [% ELSE %]
10     <title>Koha &rsaquo; Tools &rsaquo; Upload</title>
11 [% END %]
12 [% INCLUDE 'doc-head-close.inc' %]
13
14 [% BLOCK plugin_pars %]
15     [% IF plugin %]
16         <input type="hidden" name="plugin" value="1" />
17         <input type="hidden" name="index" value="[% index | html %]" />
18     [% END %]
19 [% END %]
20
21 [% BLOCK breadcrumbs %]
22     <div id="breadcrumbs">
23         <a href="/cgi-bin/koha/mainpage.pl">Home</a>
24         &rsaquo;
25         <a href="/cgi-bin/koha/tools/tools-home.pl">Tools</a>
26         &rsaquo;
27         <a href="/cgi-bin/koha/tools/upload.pl">Upload</a>
28         &rsaquo;
29         <span id="lastbreadcrumb">
30         [% IF mode=='new' || mode =='deleted'%]
31             Add new upload or search
32         [% ELSE %]
33             Results
34         [% END %]
35         </span>
36     </div>
37 [% END %]
38
39 [% BLOCK form_new %]
40     <form method="post" action="/cgi-bin/koha/tools/upload.pl" id="uploadfile" enctype="multipart/form-data">
41         [% PROCESS plugin_pars %]
42         <fieldset class="rows" id="uploadform">
43         <legend>Upload new files</legend>
44         <ol>
45         <li>
46         <div id="fileuploadform">
47             <label for="fileToUpload">Select files: </label>
48             <input type="file" id="fileToUpload" name="fileToUpload" multiple/>
49         </div>
50         </li>
51         [% IF uploadcategories %]
52             <li>
53                 <label for="uploadcategory">Category: </label>
54                 <select id="uploadcategory" name="uploadcategory">
55                 [% IF !plugin %]
56                     <option value=""></option>
57                 [% END %]
58                 [% FOREACH cat IN uploadcategories %]
59                     <option value="[% cat.code | html %]">[% cat.name | html %]</option>
60                 [% END %]
61                 </select>
62             </li>
63         [% END %]
64         [% IF !plugin %]
65             <li>
66             [% IF uploadcategories %]
67                 <div class="hint">Note: For temporary uploads do not select a category.</div>
68             [% ELSE %]
69                 <div class="hint">Note: No upload categories are defined. Add values to the UPLOAD authorized value category otherwise all uploads will be marked as temporary.</div>
70             [% END %]
71             </li>
72         [% END %]
73         <li>
74             [% IF plugin %]
75                 <input type="hidden" id="public" name="public" value="1"/>
76             [% ELSE %]
77                 <label id="public_cb">Allow public downloads:</label>
78                 <input type="checkbox" id="public" name="public" />
79             [% END %]
80         </li>
81         </ol>
82         <fieldset class="action">
83             <button id="fileuploadbutton">Upload</button>
84             <button id="fileuploadcancel">Cancel</button>
85         </fieldset>
86         </fieldset>
87         <div id="fileuploadpanel">
88             <div id="fileuploadstatus" class="progress_panel">Upload progress:
89             <progress id="fileuploadprogress" max="100" value="0">
90             </progress>
91             <span class="fileuploadpercent">0</span>%
92             </div>
93             <div id="fileuploadfailed"></div>
94         </div>
95     </form>
96 [% END %]
97
98 [% BLOCK form_browse %]
99     [% IF uploadcategories %]
100     <form method="post" id="browsefile" action="/cgi-bin/koha/tools/upload.pl" enctype="multipart/form-data">
101         [% PROCESS plugin_pars %]
102         <input type="hidden" name="op" value="browse"/>
103         <fieldset class="rows">
104         <legend>Search uploads by category</legend>
105         <ol>
106             <li>
107                 <label for="browsecategory">Category: </label>
108                 <select id="browsecategory" name="browsecategory">
109                 [% FOREACH cat IN uploadcategories %]
110                     <option value="[% cat.code | html %]">[% cat.name | html %]</option>
111                 [% END %]
112                 </select>
113             </li>
114         </ol>
115         <fieldset class="action">
116             <button id="browsebutton" class="submit">Search</button>
117         </fieldset>
118         </fieldset>
119     </form>
120     [% END %]
121 [% END %]
122
123 [% BLOCK form_search %]
124     <form method="post" id="searchfile" action="/cgi-bin/koha/tools/upload.pl" enctype="multipart/form-data">
125         [% PROCESS plugin_pars %]
126         <input type="hidden" name="op" value="search"/>
127         <fieldset class="rows">
128         <legend>Search uploads by name or hashvalue</legend>
129         <ol>
130         <li>
131             <label for="term">Search term: </label>
132             <input type="text" id="term" name="term" value=""/>
133         </li>
134         </ol>
135         <fieldset class="action">
136             <button id="searchbutton" class="submit">Search</button>
137         </fieldset>
138         </fieldset>
139     </form>
140 [% END %]
141
142 [% BLOCK submitter %]
143     <form id="submitter" style="display:none;" method="post">
144         [% PROCESS plugin_pars %]
145         <input type="hidden" name="op" id="op" value=""/>
146         <input type="hidden" name="id" id="id" value="" />
147         <input type="hidden" name="msg" id="msg" value="" />
148     </form>
149 [% END %]
150
151 [% BLOCK closer %]
152     [% IF plugin %]
153         <div id="closewindow"><a class="btn btn-default btn-default close" href="#">Close</a></div>
154     [% END %]
155 [% END %]
156
157 [% BLOCK back %]
158     [% IF !plugin %]
159         <form id="back">
160             <fieldset class="action">
161                 <button class="submit">Back</button>
162             </fieldset>
163         </form>
164     [% END %]
165 [% END %]
166
167 [% BLOCK newsearch %]
168     <form id="newsearch">
169         <fieldset class="action">
170             <button id="new_search">New search</button>
171         </fieldset>
172     </form>
173     [% IF plugin %]
174         <div id="closewindow"><a class="btn btn-default btn-default close" href="#">Close</a></div>
175     [% END %]
176 [% END %]
177
178 [% BLOCK table_results %]
179     <table id="uploadresults">
180     <thead>
181     <tr>
182         <th>Filename</th>
183         <th>Size</th>
184         <th>Hashvalue</th>
185         <th>Category</th>
186         [% IF !plugin %]<th>Public</th>[% END %]
187         [% IF !plugin %]<th>Temporary</th>[% END %]
188         <th class="NoSort noExport">Actions</th>
189     </tr>
190     </thead>
191     <tbody>
192     [% FOREACH record IN uploads %]
193     <tr>
194         <td>[% record.filename | html %]</td>
195         <td>[% record.filesize | html %]</td>
196         <td>[% record.hashvalue | html %]</td>
197         <td>[% record.uploadcategorycode | html %]</td>
198         [% IF !plugin %]
199             <td>
200                 [% IF record.public %]
201                     <a href="[% Koha.Preference('OPACBaseURL') | url %]/cgi-bin/koha/opac-retrieve-file.pl?id=[% record.hashvalue | uri %]" class="get-file" data-toggle="tooltip" title="Copy link to this file"><i class="fa fa-link" aria-hidden="true"></i> Yes</a>
202                 [% ELSE %]
203                     No
204                 [% END %]
205             </td>
206             <td>[% IF record.permanent %]No[% ELSE %]Yes[% END %]</td>
207         [% END %]
208         <td class="actions">
209             [% IF plugin %]
210                 <button class="btn btn-default btn-xs choose_entry" data-record-hashvalue="[% record.hashvalue | html %]"><i class="fa fa-plus"></i> Choose</button>
211             [% END %]
212             <button class="btn btn-default btn-xs download_entry" data-record-id="[% record.id | html %]"><i class="fa fa-download"></i> Download</button>
213             [% IF record.owner == owner || CAN_user_tools_upload_manage %]
214                 <button class="btn btn-default btn-xs delete_entry" data-record-id="[% record.id | html %]"><i class="fa fa-trash"></i> Delete</button>
215             [% END %]
216         </td>
217    </tr>
218    [% END %]
219    </tbody>
220    </table>
221 [% END %]
222
223 <style>
224     #fileuploadstatus,#fileuploadfailed { display : none; }
225     #fileuploadstatus { margin:.4em; }
226     #fileuploadprogress { width:150px;height:10px;border:1px solid #666;background:url('[% interface | html %]/[% theme | html %]/img/progress.png') -300px 0px no-repeat; }
227 </style>
228
229
230 </head>
231
232 [% IF ( plugin ) %]
233     <body id="tools_upload" class="tools">
234         <div class="main container-fluid">
235             <div class="row">
236                 <div class="col-sm-12">
237                     <main>
238 [% ELSE %]
239     <body id="tools_upload" class="tools">
240     [% INCLUDE 'header.inc' %]
241     [% INCLUDE 'cat-search.inc' %]
242     [% PROCESS breadcrumbs %]
243
244     <div class="main container-fluid">
245         <div class="row">
246             <div class="col-sm-10 col-sm-push-2">
247                 <main>
248 [% END %]
249
250 <h1>Upload</h1>
251 <div class="dialog alert" id="myalerts" style="display:none;"></div>
252
253 [% PROCESS submitter %]
254 [% IF mode == 'new' || mode == 'deleted' %]
255     [% PROCESS form_new %]
256     [% PROCESS form_browse %]
257     [% PROCESS form_search %]
258     [% PROCESS closer %]
259 [% ELSIF mode == 'report' %]
260     [% IF uploads %]
261         <h3>Your request gave the following results:</h3>
262         [% PROCESS table_results %]
263         [% PROCESS closer %]
264         [% PROCESS back %]
265     [% ELSE %]
266         <h4>Sorry, your request had no results.</h4>
267         [% PROCESS newsearch %]
268     [% END %]
269 [% END %]
270
271 [% IF !plugin %]
272             </main>
273         </div> <!-- /.col-sm-10.col-sm-push-2 -->
274
275         <div class="col-sm-2 col-sm-pull-10">
276             <aside>
277                 [% INCLUDE 'tools-menu.inc' %]
278             </aside>
279         </div> <!-- /.col-sm-2.col-sm-pull-10 -->
280      </div> <!-- /.row -->
281 [% ELSE %]
282             </main>
283         </div> <!-- .col-sm-12 -->
284      </div> <!-- /.row -->
285 [% END %]
286
287
288 [% MACRO jsinclude BLOCK %]
289     [% Asset.js("js/tools-menu.js") | $raw %]
290     [% INCLUDE 'datatables.inc' %]
291     [% Asset.js("js/file-upload.js") | $raw %]
292     [% INCLUDE 'columns_settings.inc' %]
293     <script>
294         function StartUpload() {
295             if( $('#fileToUpload').prop('files').length == 0 ) return;
296             $('#fileToUpload').prop('disabled',true);
297             $('#fileuploadbutton').hide();
298             $("#fileuploadcancel").show();
299             $("#fileuploadfailed").html('');
300             $("#myalerts").hide('');
301             $("#myalerts").html('');
302             $("#fileuploadstatus").show();
303             $("#uploadedfileid").val('');
304             $("#searchfile").hide();
305             $("#lastbreadcrumb").text( _("Add a new upload") );
306
307             var cat, xtra='';
308             if( $("#uploadcategory").val() )
309                 cat = encodeURIComponent( $("#uploadcategory").val() );
310             if( cat ) xtra= 'category=' + cat + '&';
311             [% IF plugin %]
312                 xtra = xtra + 'public=1&temp=0';
313             [% ELSE %]
314                 if( !cat ) xtra = 'temp=1&';
315                 if( $('#public').prop('checked') ) xtra = xtra + 'public=1';
316             [% END %]
317             xhr= AjaxUpload( $('#fileToUpload'), $('#fileuploadprogress'), xtra, cbUpload );
318         }
319         function CancelUpload() {
320             if( xhr ) xhr.abort();
321             $("#fileuploadstatus").hide();
322             $('#fileToUpload').prop('disabled', false);
323             $('#fileuploadbutton').show();
324             $("#fileuploadcancel").hide();
325             $("#fileuploadfailed").show();
326             $("#fileuploadfailed").text( _("Upload status: Cancelled ") );
327         }
328         function cbUpload( status, fileid, err ) {
329             $('#fileToUpload').prop('disabled', false);
330             if( status=='done' ) {
331                 var e = err? JSON.stringify(err): '';
332                 SubmitMe( 'search', fileid, e );
333             } else {
334                 $('#fileuploadbutton').show();
335                 $("#fileuploadcancel").hide();
336                 $("#fileuploadstatus").hide();
337                 $("#fileuploadfailed").show();
338                 $("#fileuploadfailed").html( _("Upload status: ") +
339                     ( status=='failed'? _("Failed"):
340                     ( status=='denied'? _("Denied"): status ))
341                 );
342                 ShowAlerts( err );
343             }
344         }
345         function ShowAlerts(err) {
346             var str = '';
347             for( var file in err ) {
348                 str= str + '<p>' + file + ': ' +
349                     errMESSAGES( err[file].code ) + '</p>';
350             }
351             if( str ) {
352                 $('#myalerts').html(str);
353                 $('#myalerts').show();
354             }
355         }
356         function errMESSAGES(code) {
357             var rv;
358             switch(code) {
359                 case 'UPLERR_ALREADY_EXISTS':
360                     rv = _("This file already exists (in this category).");
361                     break;
362                 case 'UPLERR_CANNOT_WRITE':
363                     rv = _("File could not be created. Check permissions.");
364                     break;
365                 case 'UPLERR_NO_ROOT_DIR':
366                     rv = _("Your koha-conf.xml does not contain a valid upload_path.");
367                     break;
368                 case 'UPLERR_NO_TEMP_DIR':
369                     rv = _("No temporary directory found.");
370                     break;
371                 case 'UPLERR_FILE_NOT_READ':
372                     rv = _("File could not be read.");
373                     break;
374                 case 'UPL_FILE_DELETED': // An alert, no error
375                     rv = _("File has been deleted.");
376                     break;
377                 case 'UPLERR_FILE_NOT_DELETED':
378                     rv = _("File or upload record could not be deleted.");
379                     break;
380                 default:
381                     rv = code;
382             }
383             return rv;
384         }
385         function CheckSearch() {
386             if( $("#term").val()=="" ) {
387                 alert( _("Please enter a search term.") );
388                 return false;
389             }
390             return true;
391         }
392         function SubmitMe(op, id, msg ) {
393             $("#submitter #op").val( op );
394             $("#submitter #id").val( id );
395             $("#submitter #msg").val( msg );
396             $("#submitter").submit();
397         }
398         function DeleteEntry(id) {
399             if( !confirm( _("Do you really want to delete this upload?") ))
400                 return false;
401             ClearField();
402             SubmitMe( 'delete', id );
403         }
404         function ClearField() {
405             [% IF plugin %]
406                 $(window.opener.document).find('#[% index | html %]').val( '' );
407             [% END %]
408         }
409         function Choose(hashval) {
410             var res = '[% Koha.Preference('OPACBaseURL') | html %]';
411             res = res.replace( /\/$/, '');
412             res = res + '/cgi-bin/koha/opac-retrieve-file.pl?id=' + hashval;
413             [% IF index %]
414                 $(window.opener.document).find('#[% index | html %]').val( res );
415             [% END %]
416             window.close();
417         }
418         $(document).ready(function() {
419             KohaTable("uploadresults",{});
420             [% IF msg %]
421                 ShowAlerts( [% msg | html %] );
422             [% END %]
423             $("#fileuploadcancel").hide();
424             $("#public_cb").click(function() {
425                 $("#public").click();
426             });
427             $("#fileuploadbutton").on("click",function(e){
428                 e.preventDefault();
429                 StartUpload();
430             });
431             $("#fileuploadcancel").on("click",function(e){
432                 e.preventDefault();
433                 CancelUpload();
434             });
435             $("#searchbutton").on("click",function(){
436                 return CheckSearch();
437             });
438             $("#uploadresults tbody").on("click",".choose_entry",function(e){
439                 e.preventDefault();
440                 var record_hashvalue = $(this).data("record-hashvalue");
441                 Choose( record_hashvalue );
442             });
443             $("#uploadresults tbody").on("click",".download_entry",function(e){
444                 e.preventDefault();
445                 var record_id = $(this).data("record-id");
446                 SubmitMe( 'download', record_id );
447             });
448             $("#uploadresults tbody").on("click",".delete_entry",function(e){
449                 e.preventDefault();
450                 var record_id = $(this).data("record-id");
451                 DeleteEntry( record_id );
452             });
453             $("#new_search").on("click",function(e){
454                 e.preventDefault();
455                 SubmitMe('new');
456             });
457
458             if ( window.isSecureContext ) {
459                 $(".get-file").on("click", function(e){
460                     e.preventDefault();
461                     if( navigator.clipboard && navigator.clipboard.writeText){
462                         navigator.clipboard.writeText( $(this).attr("href") );
463                         $(this).attr("data-original-title", _( "Link copied to the clipboard" ) )
464                             .tooltip("show");
465                     }
466                 });
467                 $(".get-file").tooltip({
468                     delay: { "show": 100, "hide": 500 }
469                 }).on("hidden.bs.tooltip", function(){
470                     $(this).attr("data-original-title", _( "Copy link to this file" ) );
471                 });
472             }
473         });
474     </script>
475 [% END %]
476
477 [% INCLUDE 'intranet-bottom.inc' %]
Main Koha release repository