New cataloging plugin upload.pl and new system preference 'uploadPath'.
upload.pl provide a way to upload files on the server and store a link
(url) to it in MARC
uploadPath is the absolute path on the server where the files will be
stored. It's possible to have a hierarchy of directories under this path
and the plugin will allow to choose in which directory to store the
file.
Stored value in MARC subfield looks like this:
<OPACBaseURL>/cgi-bin/koha/opac-retrieve-file.pl?id=<SHA-1 of the file>
So both 'uploadPath' and 'OPACBaseURL' sysprefs have to be set for this
plugin to work correctly
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Slightly amended/simplified the patch during QA: The changes to
GetMarcUrls are not really needed, and would have needed some
attention. Another link text can be supplied by the plugin too.
This also reduces the need for changes in basket.pl,
MARCdetail.pl, detail.pl, opac-basket.pl and opac-detail.pl.
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
Edit: more meaninfull commit subject
--- /dev/null
+package C4::UploadedFiles;
+
+# Copyright 2011-2012 BibLibre
+#
+# This file is part of Koha.
+#
+# Koha is free software; you can redistribute it and/or modify it under the
+# terms of the GNU General Public License as published by the Free Software
+# Foundation; either version 2 of the License, or (at your option) any later
+# version.
+#
+# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with Koha; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+=head1 NAME
+
+C4::UploadedFiles - Functions to deal with files uploaded with cataloging plugin upload.pl
+
+=head1 SYNOPSIS
+
+ use C4::UploadedFiles;
+
+ my $filename = $cgi->param('uploaded_file');
+ my $file = $cgi->upload('uploaded_file');
+ my $dir = $input->param('dir');
+
+ # upload file
+ my $id = C4::UploadedFiles::UploadFile($filename, $dir, $file->handle);
+
+ # retrieve file infos
+ my $uploaded_file = C4::UploadedFiles::GetUploadedFile($id);
+
+ # delete file
+ C4::UploadedFiles::DelUploadedFile($id);
+
+=head1 DESCRIPTION
+
+This module provides basic functions for adding, retrieving and deleting files related to
+cataloging plugin upload.pl.
+
+It uses uploaded_files table.
+
+It is not related to C4::UploadedFile
+
+=head1 FUNCTIONS
+
+=cut
+
+use Modern::Perl;
+use Digest::SHA;
+use Fcntl;
+use Encode;
+
+use C4::Context;
+
+sub _get_file_path {
+ my ($id, $dirname, $filename) = @_;
+
+ my $uploadPath = C4::Context->preference('uploadPath');
+ my $filepath = "$uploadPath/$dirname/${id}_$filename";
+ $filepath =~ s|/+|/|g;
+
+ return $filepath;
+}
+
+=head2 GetUploadedFile
+
+ my $file = C4::UploadedFiles::GetUploadedFile($id);
+
+Returns a hashref containing infos on uploaded files.
+Hash keys are:
+
+=over 2
+
+=item * id: id of the file (same as given in argument)
+
+=item * filename: name of the file
+
+=item * dir: directory where file is stored (relative to syspref 'uploadPath')
+
+=back
+
+It returns undef if file is not found
+
+=cut
+
+sub GetUploadedFile {
+ my ($id) = @_;
+
+ return unless $id;
+
+ my $dbh = C4::Context->dbh;
+ my $query = qq{
+ SELECT id, filename, dir
+ FROM uploaded_files
+ WHERE id = ?
+ };
+ my $sth = $dbh->prepare($query);
+ $sth->execute($id);
+ my $file = $sth->fetchrow_hashref;
+ if ($file) {
+ $file->{filepath} = _get_file_path($file->{id}, $file->{dir},
+ $file->{filename});
+ }
+
+ return $file;
+}
+
+=head2 UploadFile
+
+ my $id = C4::UploadedFiles::UploadFile($filename, $dir, $io_handle);
+
+Upload a new file and returns its id (its SHA-1 sum, actually).
+
+Parameters:
+
+=over 2
+
+=item * $filename: name of the file
+
+=item * $dir: directory where to store the file (path relative to syspref 'uploadPath'
+
+=item * $io_handle: valid IO::Handle object, can be retrieved with
+$cgi->upload('uploaded_file')->handle;
+
+=back
+
+=cut
+
+sub UploadFile {
+ my ($filename, $dir, $handle) = @_;
+
+ $filename = decode_utf8($filename);
+ if($filename =~ m#(^|/)\.\.(/|$)# or $dir =~ m#(^|/)\.\.(/|$)#) {
+ warn "Filename or dirname contains '..'. Aborting upload";
+ return;
+ }
+
+ my $buffer;
+ my $data = '';
+ while($handle->read($buffer, 1024)) {
+ $data .= $buffer;
+ }
+ $handle->close;
+
+ my $sha = new Digest::SHA;
+ $sha->add($data);
+ my $id = $sha->hexdigest;
+
+ # Test if this id already exist
+ my $file = GetUploadedFile($id);
+ if ($file) {
+ return $file->{id};
+ }
+
+ my $file_path = _get_file_path($id, $dir, $filename);
+
+ my $out_fh;
+ # Create the file only if it doesn't exist
+ unless( sysopen($out_fh, $file_path, O_WRONLY|O_CREAT|O_EXCL) ) {
+ warn "Failed to open file '$file_path': $!";
+ return;
+ }
+
+ print $out_fh $data;
+ close $out_fh;
+
+ my $dbh = C4::Context->dbh;
+ my $query = qq{
+ INSERT INTO uploaded_files (id, filename, dir)
+ VALUES (?,?, ?);
+ };
+ my $sth = $dbh->prepare($query);
+ if($sth->execute($id, $filename, $dir)) {
+ return $id;
+ }
+
+ return undef;
+}
+
+=head2 DelUploadedFile
+
+ C4::UploadedFiles::DelUploadedFile($id);
+
+Remove a previously uploaded file, given its id.
+
+Returns a false value if an error occurs.
+
+=cut
+
+sub DelUploadedFile {
+ my ($id) = @_;
+
+ my $file = GetUploadedFile($id);
+ if($file) {
+ my $file_path = $file->{filepath};
+ my $file_deleted = 0;
+ unless( -f $file_path ) {
+ warn "Id $file->{id} is in database but not in filesystem, removing id from database";
+ $file_deleted = 1;
+ } else {
+ if(unlink $file_path) {
+ $file_deleted = 1;
+ }
+ }
+
+ unless($file_deleted) {
+ warn "File $file_path cannot be deleted: $!";
+ }
+
+ my $dbh = C4::Context->dbh;
+ my $query = qq{
+ DELETE FROM uploaded_files
+ WHERE id = ?
+ };
+ my $sth = $dbh->prepare($query);
+ return $sth->execute($id);
+ }
+}
+
+1;
--- /dev/null
+#!/usr/bin/perl
+
+# Copyright 2011-2012 BibLibre
+#
+# This file is part of Koha.
+#
+# Koha is free software; you can redistribute it and/or modify it under the
+# terms of the GNU General Public License as published by the Free Software
+# Foundation; either version 2 of the License, or (at your option) any later
+# version.
+#
+# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with Koha; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+use Modern::Perl;
+use CGI qw/-utf8/;
+use File::Basename;
+
+use C4::Auth;
+use C4::Context;
+use C4::Output;
+use C4::UploadedFiles;
+
+my $upload_path = C4::Context->preference('uploadPath');
+
+sub plugin_parameters {
+ my ( $dbh, $record, $tagslib, $i, $tabloop ) = @_;
+ return "";
+}
+
+sub plugin_javascript {
+ my ( $dbh, $record, $tagslib, $field_number, $tabloop ) = @_;
+ my $function_name = $field_number;
+ my $res = "
+ <script type=\"text/javascript\">
+ function Focus$function_name(subfield_managed) {
+ return 1;
+ }
+
+ function Blur$function_name(subfield_managed) {
+ return 1;
+ }
+
+ function Clic$function_name(index) {
+ var id = document.getElementById(index).value;
+ if(id.match(/id=([0-9a-f]+)/)){
+ id = RegExp.\$1;
+ }
+ window.open(\"../cataloguing/plugin_launcher.pl?plugin_name=upload.pl&index=\"+index+\"&id=\"+id, 'upload', 'width=600,height=400,toolbar=false,scrollbars=no');
+
+ }
+ </script>
+";
+
+ return ( $function_name, $res );
+}
+
+sub plugin {
+ my ($input) = @_;
+ my $index = $input->param('index');
+ my $id = $input->param('id');
+ my $delete = $input->param('delete');
+ my $uploaded_file = $input->param('uploaded_file');
+
+ my $template_name = ($id || $delete)
+ ? "upload_delete_file.tt"
+ : "upload.tt";
+
+ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
+ { template_name => "cataloguing/value_builder/$template_name",
+ query => $input,
+ type => "intranet",
+ authnotrequired => 0,
+ flagsrequired => { editcatalogue => '*' },
+ debug => 1,
+ }
+ );
+
+ # Dealing with the uploaded file
+ if ($uploaded_file) {
+ my $fh = $input->upload('uploaded_file');
+ my $dir = $input->param('dir');
+
+ $id = C4::UploadedFiles::UploadFile($uploaded_file, $dir, $fh->handle);
+ if($id) {
+ my $OPACBaseURL = C4::Context->preference('OPACBaseURL');
+ $OPACBaseURL =~ s#/$##;
+ my $return = "$OPACBaseURL/cgi-bin/koha/opac-retrieve-file.pl?id=$id";
+ $template->param(
+ success => 1,
+ return => $return,
+ uploaded_file => $uploaded_file,
+ );
+ } else {
+ $template->param(error => 1);
+ }
+ } elsif ($delete || $id) {
+ # If there's already a file uploaded for this field,
+ # We handle its deletion
+ if ($delete) {
+ if(C4::UploadedFiles::DelUploadedFile($id)) {;
+ $template->param(success => 1);
+ } else {
+ $template->param(error => 1);
+ }
+ }
+ } else {
+ my $filefield = CGI::filefield(
+ -name => 'uploaded_file',
+ -size => 50,
+ );
+
+ my $dirs_tree = [ {
+ name => '/',
+ value => '/',
+ dirs => finddirs($upload_path)
+ } ];
+
+ $template->param(
+ dirs_tree => $dirs_tree,
+ filefield => $filefield
+ );
+ }
+
+ $template->param(
+ index => $index,
+ id => $id
+ );
+
+ output_html_with_http_headers $input, $cookie, $template->output;
+}
+
+# Build a hierarchy of directories
+sub finddirs {
+ my $base = shift || $upload_path;
+ my $found = 0;
+ my @dirs;
+ my @files = <$base/*>;
+ foreach (@files) {
+ if (-d $_ and -w $_) {
+ my $lastdirname = basename($_);
+ my $dirname = $_;
+ $dirname =~ s/^$upload_path//g;
+ push @dirs, {
+ value => $dirname,
+ name => $lastdirname,
+ dirs => finddirs($_)
+ };
+ $found = 1;
+ };
+ }
+ return \@dirs;
+}
+
+1;
+
+
+__END__
+
+=head1 upload.pl
+
+This plugin allow to upload files on the server and reference it in a marc
+field.
+
+Two system preference are used:
+
+=over 4
+
+=item * uploadPath: the real absolute path where files will be stored
+
+=item * OPACBaseURL: for building URLs to be stored in MARC
+
+=back
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
--
+-- Table structure for table uploaded_files
+--
+
+DROP TABLE IF EXISTS uploaded_files
+CREATE TABLE uploaded_files (
+ id CHAR(40) NOT NULL PRIMARY KEY,
+ filename TEXT NOT NULL,
+ dir TEXT NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
+
+--
-- Table structure for table linktracker
-- This stores clicks to external links
--
('UniqueItemFields','barcode','','Space-separated list of fields that should be unique (used in acquisition module for item creation). Fields must be valid SQL column names of items table','Free'),
('UpdateNotForLoanStatusOnCheckin', '', 'NULL', 'This is a list of value pairs. When an item is checked in, if the not for loan value on the left matches the items not for loan value it will be updated to the right-hand value. E.g. ''-1: 0'' will cause an item that was set to ''Ordered'' to now be available for loan. Each pair of values should be on a separate line.', 'Free'),
('UpdateTotalIssuesOnCirc','0',NULL,'Whether to update the totalissues field in the biblio on each circ.','YesNo'),
+('uploadPath','',NULL,'Sets the upload path for the upload.pl plugin. For security reasons, the upload path MUST NOT be a public, webserver accessible directory.','Free')
('uppercasesurnames','0',NULL,'If ON, surnames are converted to upper case in patron entry form','YesNo'),
('URLLinkText','',NULL,'Text to display as the link anchor in the OPAC','free'),
('UsageStats', 0, NULL, 'Share anonymous usage data on the Hea Koha community website.', 'YesNo'),
SetVersion($DBversion);
}
+$DBversion = "XXX";
+if ( CheckVersion($DBversion) ) {
+ $dbh->do("
+ INSERT IGNORE INTO systempreferences (variable,value,explanation,options,type)
+ VALUES('uploadPath','','Sets the upload path for the upload.pl plugin','','');
+ ");
+
+ $dbh->do("
+ CREATE TABLE uploaded_files (
+ id CHAR(40) NOT NULL PRIMARY KEY,
+ filename TEXT NOT NULL,
+ dir TEXT NOT NULL
+ ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
+ ");
+
+ print "Upgrade to $DBversion done (Bug 6874: New cataloging plugin upload.pl)\n";
+ print "This plugin comes with a new syspref (uploadPath) and a new table (uploaded_files)\n";
+ print "To use it, set 'uploadPath' and 'OPACBaseURL' system preferences and link this plugin to a subfield (856\$u for instance)\n";
+ SetVersion($DBversion);
+}
+
# DEVELOPER PROCESS, search for anything to execute in the db_update directory
# SEE bug 13068
# if there is anything in the atomicupdate, read and execute it.
- 'MARC21: "952$a 952$b 952$c"'
- Note that the FA framework is excluded from the permission.
- If the pref is empty, no fields are restricted.
+ -
+ - Absolute path where to store files uploaded in MARC record (plugin upload.pl)
+ - pref: uploadPath
+ class: multi
Display:
-
- 'Separate multiple displayed authors, series or subjects with '
--- /dev/null
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+ <title>Upload plugin</title>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <script type="text/javascript" src="[% themelang %]/lib/jquery/jquery.js"></script>
+ <link rel="stylesheet" type="text/css" href="[% themelang %]/css/staff-global.css" />
+
+</head>
+<body>
+[% IF ( success ) %]
+
+ <script type="text/javascript">
+ function report() {
+ var doc = opener.document;
+ var field = doc.getElementById("[% index %]");
+ field.value = "[% return %]";
+ }
+ $(document).ready(function() {
+ report();
+ });
+ </script>
+
+
+ The file [% uploaded_file | html %] has been successfully uploaded.
+ <p><input type="button" value="close" onclick="window.close();" /></p>
+
+[% ELSE %]
+
+ [% IF ( error ) %]
+ <p>Error: Failed to upload file. See logs for details.</p>
+ <input type="button" value="close" onclick="window.close();" />
+ [% ELSE %]
+ [%# This block display recursively a directory tree in variable 'dirs' %]
+ [% BLOCK list_dirs %]
+ [% IF dirs.size %]
+ <ul>
+ [% FOREACH dir IN dirs %]
+ <li style="list-style-type:none">
+ <input type="radio" name="dir" id="[% dir.value %]" value="[% dir.value %]">
+ <label for="[% dir.value %]">
+ [% IF (dir.name == '/') %]
+ <em>(root)</em>
+ [% ELSE %]
+ [% dir.name %]
+ [% END %]
+ </label>
+ </input>
+ [% INCLUDE list_dirs dirs=dir.dirs %]
+ </li>
+ [% END %]
+ </ul>
+ [% END %]
+ [% END %]
+
+ <h2>Please select the file to upload : </h2>
+ <form method="post" enctype="multipart/form-data" action="/cgi-bin/koha/cataloguing/plugin_launcher.pl">
+ [% filefield %]
+ <h3>Choose where to upload file</h3>
+ [% INCLUDE list_dirs dirs = dirs_tree %]
+ <input type="hidden" name="plugin_name" value="upload.pl" />
+ <input type="hidden" name="index" value="[% index %]" />
+ <input type="submit">
+ </form>
+ [% END %]
+
+[% END %]
+
+</body>
+</html>
--- /dev/null
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+ <title>Upload plugin</title>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <script type="text/javascript" src="[% themelang %]/lib/jquery/jquery.js"></script>
+ <link rel="stylesheet" type="text/css" href="[% themelang %]/css/staff-global.css" />
+ <script type="text/javascript">
+ //<![CDATA[
+ function goToUploadPage() {
+ var url = "/cgi-bin/koha/cataloguing/plugin_launcher.pl?"
+ + "plugin_name=upload.pl&index=[% index %]";
+ window.location.href = url;
+ }
+ //]]>
+ </script>
+
+</head>
+<body>
+[% IF ( success ) %]
+
+ <script type="text/javascript">
+ function report() {
+ var doc = opener.document;
+ var field = doc.getElementById("[% index %]");
+ field.value = "";
+ }
+ $(document).ready(function() {
+ report();
+ });
+ </script>
+
+ <p>The file has been successfully deleted.</p>
+
+ <input type="button" value="Upload a new file" onclick="goToUploadPage();" />
+ <input type="button" value="Close" onclick="window.close();" />
+
+[% ELSE %]
+
+ [% IF ( error ) %]
+ Error: Unable to delete the file.
+ <p><input type="button" value="close" onclick="window.close();" /></p>
+ [% ELSE %]
+ <h2>File deletion</h2>
+ <p>A file has already been uploaded for this field. Do you want to delete it?</p>
+ <form method="post" action="/cgi-bin/koha/cataloguing/plugin_launcher.pl">
+ <input type="hidden" name="plugin_name" value="upload.pl" />
+ <input type="hidden" name="delete" value="delete" />
+ <input type="hidden" name="id" value="[% id %]" />
+ <input type="hidden" name="index" value="[% index %]" />
+ <input type="button" value="Cancel" onclick="javascript:window.close();" />
+ <input type="submit" value="Delete" />
+ </form>
+ [% END %]
+
+[% END %]
+
+</body>
+</html>
--- /dev/null
+#!/usr/bin/perl
+
+# Copyright 2011-2012 BibLibre
+#
+# This file is part of Koha.
+#
+# Koha is free software; you can redistribute it and/or modify it under the
+# terms of the GNU General Public License as published by the Free Software
+# Foundation; either version 2 of the License, or (at your option) any later
+# version.
+#
+# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with Koha; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+use Modern::Perl;
+use CGI;
+
+use C4::Context;
+use C4::UploadedFiles;
+
+my $input = new CGI;
+
+my $id = $input->param('id');
+my $file = C4::UploadedFiles::GetUploadedFile($id);
+exit 1 if not $file;
+
+my $file_path = $file->{filepath};
+
+if( -f $file_path ) {
+ open FH, '<', $file_path or die "Can't open file: $!";
+ print $input->header(
+ -type => "application/octet-stream",
+ -attachment => $file->{filename}
+ );
+ while(<FH>) {
+ print $_;
+ }
+} else {
+ exit 1;
+}
+
+exit 0;
projects / koha.git / commitdiff