Index: lams_tool_forum/conf/language/ApplicationResources.properties =================================================================== diff -u -rbd376d76233dad7d0a0775762385918fcbb96f4c -r8ba1cfa3477c5f3ad8a3064db149742d82e8d949 --- lams_tool_forum/conf/language/ApplicationResources.properties (.../ApplicationResources.properties) (revision bd376d76233dad7d0a0775762385918fcbb96f4c) +++ lams_tool_forum/conf/language/ApplicationResources.properties (.../ApplicationResources.properties) (revision 8ba1cfa3477c5f3ad8a3064db149742d82e8d949) @@ -171,4 +171,5 @@ #======= End labels: Exported 160 labels for en AU ===== message.no.reflection.available = No notebook available -errors.maxfilesize =The uploaded file has exceeded the maximum file size limit of {0} bytes \ No newline at end of file +errors.maxfilesize =The uploaded file has exceeded the maximum file size limit of {0} bytes +error.attachment.executable=The uploaded file is executable, please zip it before uploading. \ No newline at end of file Index: lams_tool_forum/src/java/org/lamsfoundation/lams/tool/forum/web/forms/MessageForm.java =================================================================== diff -u -rbd376d76233dad7d0a0775762385918fcbb96f4c -r8ba1cfa3477c5f3ad8a3064db149742d82e8d949 --- lams_tool_forum/src/java/org/lamsfoundation/lams/tool/forum/web/forms/MessageForm.java (.../MessageForm.java) (revision bd376d76233dad7d0a0775762385918fcbb96f4c) +++ lams_tool_forum/src/java/org/lamsfoundation/lams/tool/forum/web/forms/MessageForm.java (.../MessageForm.java) (revision 8ba1cfa3477c5f3ad8a3064db149742d82e8d949) @@ -34,6 +34,7 @@ import org.apache.struts.validator.ValidatorForm; import org.lamsfoundation.lams.tool.forum.persistence.Attachment; import org.lamsfoundation.lams.tool.forum.persistence.Message; +import org.lamsfoundation.lams.util.FileUtil; import org.lamsfoundation.lams.util.FileValidatorUtil; /** @@ -78,14 +79,19 @@ } if (StringUtils.isBlank(message.getBody())) { ActionMessage error = new ActionMessage("error.body.required"); - errors.add("message.body", error); + errors.add("message.body", error); } // validate item size boolean largeFile = true; - if(request.getRequestURI().indexOf("/learning/") != -1) + if(request.getRequestURI().indexOf("/learning/") != -1){ + if(this.getAttachmentFile() != null && FileUtil.isExecutableFile(this.getAttachmentFile().getFileName())){ + ActionMessage error = new ActionMessage("error.attachment.executable"); + errors.add("message.attachment", error); + } largeFile = false; + } FileValidatorUtil.validateFileSize(this.getAttachmentFile(), largeFile,"message.attachment", errors ); Index: lams_tool_larsrc/conf/language/ApplicationResources.properties =================================================================== diff -u -r88329eba8a9d648ae3907adfc06dcce370ea6880 -r8ba1cfa3477c5f3ad8a3064db149742d82e8d949 --- lams_tool_larsrc/conf/language/ApplicationResources.properties (.../ApplicationResources.properties) (revision 88329eba8a9d648ae3907adfc06dcce370ea6880) +++ lams_tool_larsrc/conf/language/ApplicationResources.properties (.../ApplicationResources.properties) (revision 8ba1cfa3477c5f3ad8a3064db149742d82e8d949) @@ -162,4 +162,5 @@ #======= End labels: Exported 153 labels for en AU ===== -errors.maxfilesize =The uploaded file has exceeded the maximum file size limit of {0} bytes \ No newline at end of file +errors.maxfilesize =The uploaded file has exceeded the maximum file size limit of {0} bytes +error.attachment.executable=The uploaded file is executable, please zip it before uploading. \ No newline at end of file Index: lams_tool_larsrc/src/java/org/lamsfoundation/lams/tool/rsrc/web/action/LearningAction.java =================================================================== diff -u -r88329eba8a9d648ae3907adfc06dcce370ea6880 -r8ba1cfa3477c5f3ad8a3064db149742d82e8d949 --- lams_tool_larsrc/src/java/org/lamsfoundation/lams/tool/rsrc/web/action/LearningAction.java (.../LearningAction.java) (revision 88329eba8a9d648ae3907adfc06dcce370ea6880) +++ lams_tool_larsrc/src/java/org/lamsfoundation/lams/tool/rsrc/web/action/LearningAction.java (.../LearningAction.java) (revision 8ba1cfa3477c5f3ad8a3064db149742d82e8d949) @@ -63,6 +63,7 @@ import org.lamsfoundation.lams.tool.rsrc.web.form.ReflectionForm; import org.lamsfoundation.lams.tool.rsrc.web.form.ResourceItemForm; import org.lamsfoundation.lams.usermanagement.dto.UserDTO; +import org.lamsfoundation.lams.util.FileUtil; import org.lamsfoundation.lams.util.FileValidatorUtil; import org.lamsfoundation.lams.util.WebUtil; import org.lamsfoundation.lams.web.session.SessionManager; @@ -585,6 +586,12 @@ if(itemForm.getItemType() == ResourceConstants.RESOURCE_TYPE_WEBSITE ||itemForm.getItemType() == ResourceConstants.RESOURCE_TYPE_LEARNING_OBJECT ||itemForm.getItemType() == ResourceConstants.RESOURCE_TYPE_FILE){ + + if(itemForm.getFile()!= null && FileUtil.isExecutableFile(itemForm.getFile().getFileName())){ + ActionMessage msg = new ActionMessage("error.attachment.executable"); + errors.add(ActionMessages.GLOBAL_MESSAGE, msg); + } + // validate item size FileValidatorUtil.validateFileSize(itemForm.getFile(), false, errors ); Index: lams_tool_sbmt/conf/language/ApplicationResources.properties =================================================================== diff -u -rae618555ede54afd12b004ac75d3edbe50857b9b -r8ba1cfa3477c5f3ad8a3064db149742d82e8d949 --- lams_tool_sbmt/conf/language/ApplicationResources.properties (.../ApplicationResources.properties) (revision ae618555ede54afd12b004ac75d3edbe50857b9b) +++ lams_tool_sbmt/conf/language/ApplicationResources.properties (.../ApplicationResources.properties) (revision 8ba1cfa3477c5f3ad8a3064db149742d82e8d949) @@ -125,3 +125,4 @@ #======= End labels: Exported 116 labels for en AU ===== +error.attachment.executable=The uploaded file is executable, please zip it before uploading. \ No newline at end of file Index: lams_tool_sbmt/src/java/org/lamsfoundation/lams/tool/sbmt/web/LearnerAction.java =================================================================== diff -u -r6ab1be78f747daf9e82788ceee85ccce03d0ab9d -r8ba1cfa3477c5f3ad8a3064db149742d82e8d949 --- lams_tool_sbmt/src/java/org/lamsfoundation/lams/tool/sbmt/web/LearnerAction.java (.../LearnerAction.java) (revision 6ab1be78f747daf9e82788ceee85ccce03d0ab9d) +++ lams_tool_sbmt/src/java/org/lamsfoundation/lams/tool/sbmt/web/LearnerAction.java (.../LearnerAction.java) (revision 8ba1cfa3477c5f3ad8a3064db149742d82e8d949) @@ -60,6 +60,7 @@ import org.lamsfoundation.lams.tool.sbmt.service.SubmitFilesServiceProxy; import org.lamsfoundation.lams.tool.sbmt.util.SbmtConstants; import org.lamsfoundation.lams.usermanagement.dto.UserDTO; +import org.lamsfoundation.lams.util.FileUtil; import org.lamsfoundation.lams.util.FileValidatorUtil; import org.lamsfoundation.lams.util.WebUtil; import org.lamsfoundation.lams.web.session.SessionManager; @@ -290,28 +291,28 @@ //validate uploaded form private boolean validateUploadForm(LearnerForm learnerForm, HttpServletRequest request) { - ActionErrors errors = new ActionErrors(); - boolean error = false; + ActionMessages errors = new ActionMessages(); if(learnerForm.getFile() == null || StringUtils.isBlank(learnerForm.getFile().getFileName())){ errors.add(ActionMessages.GLOBAL_MESSAGE,new ActionMessage("errors.required", this.getResources(request).getMessage("learner.form.filepath.displayname"))); - - error = true; } if(StringUtils.isBlank(learnerForm.getDescription())){ errors.add(ActionMessages.GLOBAL_MESSAGE,new ActionMessage("errors.required", this.getResources(request).getMessage("label.learner.fileDescription"))); - - error = true; } - boolean oversize = !FileValidatorUtil.validateFileSize(learnerForm.getFile(),false,errors); - error = error?error:oversize; + FileValidatorUtil.validateFileSize(learnerForm.getFile(),false,errors); - if(error){ + if(learnerForm.getFile()!= null && FileUtil.isExecutableFile(learnerForm.getFile().getFileName())){ + ActionMessage msg = new ActionMessage("error.attachment.executable"); + errors.add(ActionMessages.GLOBAL_MESSAGE, msg); + } + + if(!errors.isEmpty()){ this.addErrors(request,errors); + return true; } - return error; + return false; } /**