X-Git-Url: http://koha-dev.rot13.org:8081/gitweb/?a=blobdiff_plain;f=tools%2Fupload-file.pl;h=7ec0fc7045b4d8f0f8c995b9ea1c13ea19dfa4e5;hb=9d6d641d1f8b77271800f43bc027b651f9aea52b;hp=b705f5c8fc223673bcf5a1b014f5f69fa0ceed8a;hpb=0486d0c6b781fbda73df19eb825ef330bdc4544a;p=srvgit

diff --git a/tools/upload-file.pl b/tools/upload-file.pl
index b705f5c8fc..7ec0fc7045 100755
--- a/tools/upload-file.pl
+++ b/tools/upload-file.pl
@@ -4,31 +4,30 @@
 #
 # This file is part of Koha.
 #
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
 #
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
 #
-# You should have received a copy of the GNU General Public License along
-# with Koha; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
 
-use strict;
-#use warnings; FIXME - Bug 2505
+use Modern::Perl;
+
+use CGI qw ( -utf8 );
+use CGI::Cookie;
+use Encode;
+use JSON;
+use URI::Escape qw( uri_unescape );
 
-# standard or CPAN modules used
-use IO::File;
-use CGI;
-use CGI::Session;
 use C4::Context;
-use C4::Auth qw/check_cookie_auth/;
-use CGI::Cookie; # need to check cookies before
-                 # having CGI parse the POST request
-use C4::UploadedFile;
+use C4::Auth qw( check_cookie_auth get_session );
+use Koha::Uploader;
 
 # upload-file.pl must authenticate the user
 # before processing the POST request,
@@ -36,46 +35,50 @@ use C4::UploadedFile;
 # not authorized.  Consequently, unlike
 # most of the other CGI scripts, upload-file.pl
 # requires that the session cookie already
-# have been created.
+# has been created.
 
-my %cookies = fetch CGI::Cookie;
-my ($auth_status, $sessionID) = check_cookie_auth($cookies{'CGISESSID'}->value, { tools => '*' });
-if ($auth_status ne "ok") {
-    $auth_status = 'denied' if $auth_status eq 'failed';
-    send_reply($auth_status, "");
-    exit 0;
-}
+my %cookies = CGI::Cookie->fetch;
+my $sid = $cookies{'CGISESSID'}->value;
+my ( $auth_status, $sessionID ) = check_cookie_auth( $sid );
+my $uid = C4::Auth::get_session($sid)->param('id');
+my $allowed = Koha::Uploader->allows_add_by( $uid );
 
-our $uploaded_file = C4::UploadedFile->new($sessionID);
-unless (defined $uploaded_file) {
-    # FIXME - failed to create file for some reason
-    send_reply('failed', '');
+if( $auth_status ne 'ok' || !$allowed ) {
+    send_reply( 'denied' );
     exit 0;
 }
-$uploaded_file->max_size($ENV{'CONTENT_LENGTH'}); # may not be the file size, exactly
 
-my $query;
-$query = new CGI \&upload_hook;
-$uploaded_file->done();
-send_reply('done', $uploaded_file->id());
-
-# FIXME - if possible, trap signal caused by user cancelling upload
-# FIXME - something is wrong during cleanup: \t(in cleanup) Can't call method "commit" on unblessed reference at /usr/local/share/perl/5.8.8/CGI/Session/Driver/DBI.pm line 130 during global destruction.
+my $upload = Koha::Uploader->new( upload_pars($ENV{QUERY_STRING}) );
+if( !$upload || !$upload->cgi || !$upload->count ) {
+    # not one upload succeeded
+    send_reply( 'failed', undef, $upload? $upload->err: undef );
+} else {
+    # in case of multiple uploads, at least one got through
+    send_reply( 'done', $upload->result, $upload->err );
+}
 exit 0;
 
-sub upload_hook {
-    my ($file_name, $buffer, $bytes_read, $session) = @_;
-    $uploaded_file->stash(\$buffer, $bytes_read);
-    if ( ! $uploaded_file->name && $file_name ) { # save name on first chunk
-        $uploaded_file->name($file_name);
-    }
+sub send_reply {    # response will be sent back as JSON
+    my ( $upload_status, $data, $error ) = @_;
+    my $reply = CGI->new("");
+    print $reply->header( -type => 'text/html', -charset => 'UTF-8' );
+    print JSON::encode_json({
+        status => $upload_status,
+        fileid => $data,
+        errors => $error,
+   });
 }
 
-sub send_reply {
-    my ($upload_status, $fileid) = @_;
-
-    my $reply = CGI->new("");
-    print $reply->header(-type => 'text/html');
-    # response will be sent back as JSON
-    print '{"status":"' . $upload_status . '","fileid":"' . $fileid . '"}';
+sub upload_pars { # this sub parses QUERY_STRING in order to build the
+                  # parameter hash for Koha::Uploader
+    my ( $qstr ) = @_;
+    $qstr = Encode::decode_utf8( uri_unescape( $qstr ) );
+    # category could include a utf8 character
+    my $rv = {};
+    foreach my $p ( qw[public category temp] ) {
+        if( $qstr =~ /(^|&)$p=(\w+)(&|$)/ ) {
+            $rv->{$p} = $2;
+        }
+    }
+    return $rv;
 }