backup/ROC
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Set the uploaded file path to site/temp by default. Can be set via configuration with "temp-dir" variable.

Browse Source 
(This is important, otherwise it uses the current working directory, but for fcgi, this is not always obvious where it is.)
Allow advanced upload, and also basic html upload, in case the dropzone.js has trouble.
Split get and post handling for files module upload request.
This commit is contained in:
Jocelyn FIAT
2016-09-26 10:37:41 +02:00
parent b1478cfb8a
commit 0c3b85bb37
4 changed files with 95 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

67
modules/files/cms_files_module.e
View File

@@ -230,45 +230,78 @@ feature -- Handler
local local
body: STRING_8 body: STRING_8
r: CMS_RESPONSE r: CMS_RESPONSE
i: INTEGER
do do
if req.is_get_head_request_method or req.is_post_request_method then if req.is_get_head_request_method then
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
create body.make_empty create body.make_empty
body.append ("<h1> Upload files </h1>%N") body.append ("<h1> Upload files </h1>%N")
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
-- set style -- set style
r.add_style (r.url ("/module/" + name + "/files/css/files.css", void), void) r.add_style (r.url ("/module/" + name + "/files/css/files.css", Void), Void)
-- add JS for dropzone
r.add_javascript_url (r.url ("/module/" + name + "/files/js/dropzone.js", void))
r.add_style (r.url ("/module/" + name + "/files/js/dropzone.css", void), void)
if api.has_permission (upload_files_permission) then if api.has_permission (upload_files_permission) then
-- create body body.append ("<p>Please choose file(s) to upload.</p>")
body.append ("<p>Please choose some file(s) to upload.</p>")
-- create form to choose files and upload them -- create form to choose files and upload them
body.append ("<div class=%"upload-files%">") body.append ("<div class=%"upload-files%">")
if attached {WSF_STRING} req.item ("basic_upload") as p and then p.is_case_insensitive_equal ("yes") then
-- No dropzone
body.append ("<form action=%"" + r.url (uploads_location, Void) + "%" method=%"post%" enctype=%"multipart/form-data%">")
body.append ("<input type=%"hidden%" name=%"basic_upload%" value=%"yes%"/>%N")
from
i := 1
until
i > 5
loop
body.append ("<input type=%"file%" name=%"filenames[]%" id=%"filenames[]%" size=%"60%"/><br/>%N")
i := i + 1
end
body.append ("<br/><input type=%"submit%" value=%"Upload File(s)%"/>")
body.append ("</form>%N")
body.append ("<a href=%""+ r.url (uploads_location, Void) +"?basic_upload=no%">Use advanced file uploading.</a>%N")
else
-- add JS for dropzone
r.add_javascript_url (r.url ("/module/" + name + "/files/js/dropzone.js", Void))
r.add_style (r.url ("/module/" + name + "/files/js/dropzone.css", Void), Void)
-- create form to choose files and upload them
body.append ("<form action=%"" + r.url (uploads_location, Void) + "%" class=%"dropzone%">") body.append ("<form action=%"" + r.url (uploads_location, Void) + "%" class=%"dropzone%">")
body.append ("</form>%N") body.append ("</form>%N")
body.append ("<div class=%"center%"><a class=%"button%" href=%""+ r.url (uploads_location, Void) +"%">Upload Files</a></div>")
body.append ("</div>") body.append ("<a href=%""+ r.url (uploads_location, Void) +"?basic_upload=yes%">Use basic file uploading.</a>%N")
if req.is_post_request_method then
process_uploaded_files (req, api, body)
end end
else body.append ("</div>")
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
end end
if req.is_get_head_request_method then
-- Build the response. -- Build the response.
if r.has_permission (browse_files_permission) then if r.has_permission (browse_files_permission) then
body.append ("<br/><div class=%"center%"><a class=%"button%" href=%""+ r.url (uploads_location, Void) +"%">Refresh uploaded</a></div>")
append_uploaded_file_album_to (req, api, body) append_uploaded_file_album_to (req, api, body)
else else
r.add_warning_message ("You are not allowed to browse files!") r.add_warning_message ("You are not allowed to browse files!")
end end
end
r.set_main_content (body) r.set_main_content (body)
elseif req.is_post_request_method then
if api.has_permission (upload_files_permission) then
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
create body.make_empty
body.append ("<h1> Upload files </h1>%N")
process_uploaded_files (req, api, body)
if attached {WSF_STRING} req.item ("basic_upload") as p and then p.is_case_insensitive_equal ("yes") then
r.set_redirection (r.url (uploads_location, Void) + "?basic_upload=yes")
else
r.set_redirection (r.url (uploads_location, Void))
end
r.set_main_content (body)
else
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
r.set_main_content ("You are not allowed to upload file!")
end
else else
create {BAD_REQUEST_ERROR_CMS_RESPONSE} r.make (req, res, api) create {BAD_REQUEST_ERROR_CMS_RESPONSE} r.make (req, res, api)
end end

15
src/configuration/cms_setup.e
View File

@@ -2,8 +2,8 @@ note
description: "[ description: "[
Class that enable to set basic configuration, application environment, core modules and themes. Class that enable to set basic configuration, application environment, core modules and themes.
]" ]"
date: "$Date: 2015-02-13 13:08:13 +0100 (ven., 13 févr. 2015) $" date: "$Date$"
revision: "$Revision: 96616 $" revision: "$Revision$"
deferred class deferred class
CMS_SETUP CMS_SETUP
@@ -70,6 +70,13 @@ feature {NONE} -- Initialization
files_location := site_location.extended ("files") files_location := site_location.extended ("files")
end end
-- Location for temp files
if attached text_item ("temp-dir") as l_temp_dir then
create temp_location.make_from_string (l_temp_dir)
else
temp_location := site_location.extended ("temp")
end
-- Location for modules folders. -- Location for modules folders.
if attached text_item ("modules-dir") as l_modules_dir then if attached text_item ("modules-dir") as l_modules_dir then
create modules_location.make_from_string (l_modules_dir) create modules_location.make_from_string (l_modules_dir)
@@ -314,6 +321,10 @@ feature -- Access: Theme
site_location: PATH site_location: PATH
-- Path to CMS site root dir. -- Path to CMS site root dir.
temp_location: PATH
-- Path to folder used as temporary dir.
-- (Mainly for uploaded file).
files_location: PATH files_location: PATH
-- Path to public "files" dir. -- Path to public "files" dir.

10
src/service/cms_api.e
View File

@@ -1,7 +1,7 @@
note note
description: "API for a CMS" description: "API for a CMS"
date: "$Date: 2015-02-13 13:08:13 +0100 (ven., 13 févr. 2015) $" date: "$Date$"
revision: "$Revision: 96616 $" revision: "$Revision$"
class class
CMS_API CMS_API
@@ -628,6 +628,12 @@ feature -- Environment/ theme
Result := setup.site_location Result := setup.site_location
end end
temp_location: PATH
-- CMS temp folder location.
do
Result := setup.temp_location
end
files_location: PATH files_location: PATH
-- CMS public files location. -- CMS public files location.
do do

18
src/service/cms_execution.e
View File

@@ -14,6 +14,7 @@ inherit
undefine undefine
requires_proxy requires_proxy
redefine redefine
execute,
create_router, router, create_router, router,
execute_default, execute_default,
filter_execute, filter_execute,
@@ -26,6 +27,8 @@ inherit
WSF_ROUTED_URI_TEMPLATE_HELPER WSF_ROUTED_URI_TEMPLATE_HELPER
WSF_REQUEST_EXPORTER
REFACTORING_HELPER REFACTORING_HELPER
SHARED_LOGGER SHARED_LOGGER
@@ -193,7 +196,20 @@ feature -- Settings: router
a_router.handle ("/", fhdl, router.methods_GET) a_router.handle ("/", fhdl, router.methods_GET)
end end
feature -- Execute Filter feature -- Request execution
initialize_execution
-- Initialize CMS execution.
do
request.set_uploaded_file_path (api.temp_location)
end
execute
-- <Precursor>.
do
initialize_execution
Precursor
end
filter_execute (req: WSF_REQUEST; res: WSF_RESPONSE) filter_execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute the filter. -- Execute the filter.