Index: lams_central/src/java/org/lamsfoundation/lams/web/LAMSConnectorServlet.java =================================================================== diff -u -rf256bc13ec7422b5803fee9364138983e1004a00 -r7cf3ad9ecf80c957603a1bc682c74fa9dd3609d2 --- lams_central/src/java/org/lamsfoundation/lams/web/LAMSConnectorServlet.java (.../LAMSConnectorServlet.java) (revision f256bc13ec7422b5803fee9364138983e1004a00) +++ lams_central/src/java/org/lamsfoundation/lams/web/LAMSConnectorServlet.java (.../LAMSConnectorServlet.java) (revision 7cf3ad9ecf80c957603a1bc682c74fa9dd3609d2) @@ -246,11 +246,11 @@ } String commandStr = request.getParameter("Command"); - String typeStr = request.getParameter("Type"); + String fileType = request.getParameter("Type"); String currentFolderStr = request.getParameter("CurrentFolder"); String designFolder = request.getParameter("DesignFolder"); - String currentDirPath = realBaseDir + designFolder + typeStr + "/" + currentFolderStr; + String currentDirPath = realBaseDir + designFolder + fileType + "/" + currentFolderStr; String validCurrentDirPath = currentDirPath.replace("/", File.separator); if (LAMSConnectorServlet.debug) { @@ -266,7 +266,7 @@ } else if (!commandStr.equals("FileUpload") || currentFolderStr.equals("/-1/")) { throw new Exception("Illegal command."); } else { - newName = createNewFile(validCurrentDirPath, request, retVal); + newName = createNewFile(validCurrentDirPath, request, retVal, fileType); } } catch (Exception e) { log.error(e); @@ -285,7 +285,7 @@ } else { // send back URL to new Paint file String currentWebPath = lamsContextPath + AuthoringConstants.LAMS_WWW_FOLDER + FileUtil.LAMS_WWW_SECURE_DIR - + designFolder + typeStr + "/" + currentFolderStr; + + designFolder + fileType + "/" + currentFolderStr; out.println(currentWebPath + newName); } @@ -297,7 +297,7 @@ } } - private String createNewFile(String validCurrentDirPath, HttpServletRequest request, StringBuilder retVal) + private String createNewFile(String validCurrentDirPath, HttpServletRequest request, StringBuilder retVal, String fileType) throws FileUploadException, IOException, Exception { if (LAMSConnectorServlet.debug) { log.debug("File save started"); @@ -323,31 +323,40 @@ fileNameLong = fileNameLong.replace('\\', '/'); String[] pathParts = fileNameLong.split("/"); String fileName = pathParts[pathParts.length - 1]; + + if (FileUtil.isExtensionAllowed(fileType, fileName)) { + File pathToSave = new File(validCurrentDirPath, fileName); - String nameWithoutExt = LAMSConnectorServlet.getNameWithoutExtension(fileName); - String ext = getExtension(fileName); + int counter = 1; + while (pathToSave.exists()) { + String ext = getExtension(fileName); + String nameWithoutExt = LAMSConnectorServlet.getNameWithoutExtension(fileName); + fileName = nameWithoutExt + "_" + counter + "." + ext; + pathToSave = new File(validCurrentDirPath, fileName); + counter++; + } - File pathToSave = new File(validCurrentDirPath, fileName); + uplFile.write(pathToSave); - int counter = 1; - while (pathToSave.exists()) { - fileName = nameWithoutExt + "_" + counter + "." + ext; - pathToSave = new File(validCurrentDirPath, fileName); - counter++; - } + if (counter > 1) { + retVal.append("201"); + } else { + retVal.append("0"); + } - uplFile.write(pathToSave); - - if (counter > 1) { - retVal.append("201"); + if (LAMSConnectorServlet.debug) { + log.debug("File save finished"); + } + } else { - retVal.append("0"); + if (LAMSConnectorServlet.debug) { + log.debug("File extension is prohibited for upload " + fileName); + } + + //will generate client-side alert message 'Invalid file type' + retVal.append("204"); } - if (LAMSConnectorServlet.debug) { - log.debug("File save finished"); - } - return fileName; } Index: lams_central/src/java/org/lamsfoundation/lams/web/LAMSUploadServlet.java =================================================================== diff -u -r0dbc1d60bc9b43c26c431c9a2e15981ca0863d46 -r7cf3ad9ecf80c957603a1bc682c74fa9dd3609d2 --- lams_central/src/java/org/lamsfoundation/lams/web/LAMSUploadServlet.java (.../LAMSUploadServlet.java) (revision 0dbc1d60bc9b43c26c431c9a2e15981ca0863d46) +++ lams_central/src/java/org/lamsfoundation/lams/web/LAMSUploadServlet.java (.../LAMSUploadServlet.java) (revision 7cf3ad9ecf80c957603a1bc682c74fa9dd3609d2) @@ -23,6 +23,7 @@ import org.apache.commons.fileupload.DiskFileUpload; import org.apache.commons.fileupload.FileItem; import org.apache.log4j.Logger; +import org.lamsfoundation.lams.util.FileUtil; import org.lamsfoundation.lams.util.UploadFileUtil; /** @@ -40,54 +41,16 @@ * @author Mitchell Seaton * * @web:servlet name="SimpleUploader" load-on-startup = "1" - * @web.servlet-init-param name = "AllowedExtensionsFile" value = "" - * @web.servlet-init-param name = "DeniedExtensionsFile" value = - * "php|php3|php5|phtml|asp|aspx|ascx|jsp|cfm|cfc|pl|bat|exe|dll|reg|cg" - * @web.servlet-init-param name = "AllowedExtensionsImage" value = "jpg|gif|jpeg|png|bmp" - * @web.servlet-init-param name = "DeniedExtensionsImage" value = "" - * @web.servlet-init-param name = "AllowedExtensionsFlash" value = "swf|fla" - * @web.servlet-init-param name = "DeniedExtensionsFlash" value = "" * @web:servlet-mapping url-pattern="/ckeditor/filemanager/upload/simpleuploader" * */ public class LAMSUploadServlet extends HttpServlet { + + private static final long serialVersionUID = 7839808388592495717L; private static final Logger log = Logger.getLogger(LAMSUploadServlet.class); - private static Hashtable> allowedExtensions; - private static Hashtable> deniedExtensions; - /** - * Initialize the servlet.
- * Retrieve from the servlet configuration the "baseDir" which is the root of the file repository:
- * If not specified the value of "/UserFiles/" will be used.
- * Also it retrieve all allowed and denied extensions to be handled. - * - */ - @Override - public void init() throws ServletException { - if (LAMSUploadServlet.log.isDebugEnabled()) { - LAMSUploadServlet.log.debug("Initialization started"); - } - - LAMSUploadServlet.allowedExtensions = new Hashtable>(3); - LAMSUploadServlet.deniedExtensions = new Hashtable>(3); - - LAMSUploadServlet.allowedExtensions.put("File", stringToArrayList(getInitParameter("AllowedExtensionsFile"))); - LAMSUploadServlet.deniedExtensions.put("File", stringToArrayList(getInitParameter("DeniedExtensionsFile"))); - - LAMSUploadServlet.allowedExtensions.put("Image", stringToArrayList(getInitParameter("AllowedExtensionsImage"))); - LAMSUploadServlet.deniedExtensions.put("Image", stringToArrayList(getInitParameter("DeniedExtensionsImage"))); - - LAMSUploadServlet.allowedExtensions.put("Flash", stringToArrayList(getInitParameter("AllowedExtensionsFlash"))); - LAMSUploadServlet.deniedExtensions.put("Flash", stringToArrayList(getInitParameter("DeniedExtensionsFlash"))); - - if (LAMSUploadServlet.log.isDebugEnabled()) { - LAMSUploadServlet.log.debug("Initialization completed"); - } - } - - /** * Manage the Upload requests.
* * The servlet accepts commands sent in the following format:
@@ -114,7 +77,7 @@ returnMessage = "Security error. You probably don't have enough permissions to upload. Please check your server."; } else { // get realBaseDir and lamsContextPath at request time from config values in memory - String typeStr = request.getParameter("Type"); + String fileType = request.getParameter("Type"); DiskFileUpload upload = new DiskFileUpload(); try { @@ -140,14 +103,13 @@ fileNameLong = fileNameLong.replace('\\', '/'); String[] pathParts = fileNameLong.split("/"); String fileName = pathParts[pathParts.length - 1]; - String ext = UploadFileUtil.getFileExtension(fileName); - if (extIsAllowed(typeStr, ext)) { - File uploadDir = UploadFileUtil.getUploadDir(currentFolderStr, typeStr); + if (FileUtil.isExtensionAllowed(fileType, fileName)) { + File uploadDir = UploadFileUtil.getUploadDir(currentFolderStr, fileType); fileName = UploadFileUtil.getUploadFileName(uploadDir, fileName); File destinationFile = new File(uploadDir, fileName); - String currentWebPath = UploadFileUtil.getUploadWebPath(currentFolderStr, typeStr); + String currentWebPath = UploadFileUtil.getUploadWebPath(currentFolderStr, fileType); fileUrl = currentWebPath + '/' + fileName; uplFile.write(destinationFile); @@ -190,47 +152,4 @@ LAMSUploadServlet.log.debug("Upload finished"); } } - - /** - * Helper function to convert the configuration string to an ArrayList. - */ - - private ArrayList stringToArrayList(String str) { - if (LAMSUploadServlet.log.isDebugEnabled()) { - LAMSUploadServlet.log.debug(str); - } - String[] strArr = str.split("\\|"); - - ArrayList tmp = new ArrayList(); - if (str.length() > 0) { - for (int i = 0; i < strArr.length; ++i) { - if (LAMSUploadServlet.log.isDebugEnabled()) { - LAMSUploadServlet.log.debug(i + " - " + strArr[i]); - } - tmp.add(strArr[i].toLowerCase()); - } - } - return tmp; - } - - /** - * Helper function to verify if a file extension is allowed or not allowed. - */ - - private boolean extIsAllowed(String fileType, String ext) { - String extLower = ext.toLowerCase(); - - ArrayList allowList = LAMSUploadServlet.allowedExtensions.get(fileType); - ArrayList denyList = LAMSUploadServlet.deniedExtensions.get(fileType); - - if (allowList.size() == 0) { - return !denyList.contains(extLower); - } - - if (denyList.size() == 0) { - return allowList.contains(extLower); - } - - return false; - } } \ No newline at end of file Index: lams_central/web/ckeditor/filemanager/browser/default/frmupload.html =================================================================== diff -u -r131c7a1a6612188b52b130af7a0ef2dcbef7bdfa -r7cf3ad9ecf80c957603a1bc682c74fa9dd3609d2 --- lams_central/web/ckeditor/filemanager/browser/default/frmupload.html (.../frmupload.html) (revision 131c7a1a6612188b52b130af7a0ef2dcbef7bdfa) +++ lams_central/web/ckeditor/filemanager/browser/default/frmupload.html (.../frmupload.html) (revision 7cf3ad9ecf80c957603a1bc682c74fa9dd3609d2) @@ -84,6 +84,9 @@ case 202 : alert( 'Invalid file' ) ; break ; + case 204 : + alert( 'Invalid file type' ) ; + break ; default : alert( 'Error on file upload. Error number: ' + errorNumber ) ; break ; Index: lams_common/src/java/org/lamsfoundation/lams/dbupdates/patch02040018.sql =================================================================== diff -u --- lams_common/src/java/org/lamsfoundation/lams/dbupdates/patch02040018.sql (revision 0) +++ lams_common/src/java/org/lamsfoundation/lams/dbupdates/patch02040018.sql (revision 7cf3ad9ecf80c957603a1bc682c74fa9dd3609d2) @@ -0,0 +1,12 @@ +-- Turn off autocommit, so nothing is committed if there is an error + +SET AUTOCOMMIT = 0; +SET FOREIGN_KEY_CHECKS=0; + +-- LDEV-3083 update executable script extensions +UPDATE lams_configuration set config_value = '.bat,.bin,.com,.cmd,.exe,.msi,.msp,.ocx,.pif,.scr,.sct,.sh,.shs,.vbs,.php,.jsp,.asp,.aspx,.pl,.do,.py,.tcl,.cgi,.shtml,.stm,.cfm,.adp' where config_key = 'ExecutableExtensions'; + +-- If there were no errors, commit and restore autocommit to on +SET FOREIGN_KEY_CHECKS=0; +COMMIT; +SET AUTOCOMMIT = 1; Index: lams_common/src/java/org/lamsfoundation/lams/util/FileUtil.java =================================================================== diff -u -r7817bc4fce30416c9737875ae2d137be0c6aa8ba -r7cf3ad9ecf80c957603a1bc682c74fa9dd3609d2 --- lams_common/src/java/org/lamsfoundation/lams/util/FileUtil.java (.../FileUtil.java) (revision 7817bc4fce30416c9737875ae2d137be0c6aa8ba) +++ lams_common/src/java/org/lamsfoundation/lams/util/FileUtil.java (.../FileUtil.java) (revision 7cf3ad9ecf80c957603a1bc682c74fa9dd3609d2) @@ -48,7 +48,6 @@ import org.hibernate.id.UUIDHexGenerator; import org.jdom.JDOMException; import org.lamsfoundation.lams.learningdesign.service.ToolContentVersionFilter; -import org.lamsfoundation.lams.tool.ToolSession; import org.lamsfoundation.lams.util.zipfile.ZipFileUtilException; import com.thoughtworks.xstream.XStream; @@ -70,6 +69,10 @@ public static final String LAMS_RUNTIME_CONTENT_DIR = "runtime"; private static final long numMilliSecondsInADay = 24 * 60 * 60 * 1000; private static final int FILE_COPY_BUFFER_SIZE = 1024; + + public static final String ALLOWED_EXTENSIONS_FLASH = ".swf,.fla"; + public static final String ALLOWED_EXTENSIONS_IMAGE = ".jpg,.gif,.jpeg,.png,.bmp"; + public static final String ALLOWED_EXTENSIONS_MEDIA = ".jpg,.gif,.jpeg,.png,.bmp"; protected static final String prefix = "lamstmp_"; // protected rather than private to suit junit test @@ -556,6 +559,45 @@ } /** + * Verify if a file with such extension is allowed to be uploaded. + * + * @param fileType file type can be of the following values:File, Image, Flash, Media + * @param fileName + */ + public static boolean isExtensionAllowed(String fileType, String fileName) { + String ext = UploadFileUtil.getFileExtension(fileName); + ext = "." + ext; + String allowedExtensions; + + if ("File".equals(fileType)) { + // executables are not allowed + return !isExecutableFile(fileName); + + } else if ("Image".equals(fileType)) { + allowedExtensions = ALLOWED_EXTENSIONS_IMAGE; + + } else if ("Flash".equals(fileType)) { + allowedExtensions = ALLOWED_EXTENSIONS_FLASH; + + } else if ("Media".equals(fileType)) { + allowedExtensions = ALLOWED_EXTENSIONS_MEDIA; + + } else { + // unknown fileType + return false; + } + + String[] allowedExtensionsList = StringUtils.split(allowedExtensions, ','); + for (String allowedExtension : allowedExtensionsList) { + if (StringUtils.equalsIgnoreCase(ext, allowedExtension)) { + return true; + } + } + + return false; + } + + /** * Clean up any old directories in the java tmp directory, where the directory name starts with lamszip_ or lamstmp_ * and is days old or older. This has the potential to be a heavy call - it has to do complete directory * listing and then recursively delete the files and directories as needed.