Index: lams_tool_forum/conf/language/ApplicationResources.properties =================================================================== RCS file: /usr/local/cvsroot/lams_tool_forum/conf/language/Attic/ApplicationResources.properties,v diff -u -r1.32 -r1.33 --- lams_tool_forum/conf/language/ApplicationResources.properties 14 Dec 2006 04:31:09 -0000 1.32 +++ lams_tool_forum/conf/language/ApplicationResources.properties 14 Dec 2006 05:34:29 -0000 1.33 @@ -171,4 +171,5 @@ #======= End labels: Exported 160 labels for en AU ===== message.no.reflection.available = No notebook available -errors.maxfilesize =The uploaded file has exceeded the maximum file size limit of {0} bytes \ No newline at end of file +errors.maxfilesize =The uploaded file has exceeded the maximum file size limit of {0} bytes +error.attachment.executable=The uploaded file is executable, please zip it before uploading. \ No newline at end of file Index: lams_tool_forum/src/java/org/lamsfoundation/lams/tool/forum/web/forms/MessageForm.java =================================================================== RCS file: /usr/local/cvsroot/lams_tool_forum/src/java/org/lamsfoundation/lams/tool/forum/web/forms/MessageForm.java,v diff -u -r1.13 -r1.14 --- lams_tool_forum/src/java/org/lamsfoundation/lams/tool/forum/web/forms/MessageForm.java 14 Dec 2006 04:31:09 -0000 1.13 +++ lams_tool_forum/src/java/org/lamsfoundation/lams/tool/forum/web/forms/MessageForm.java 14 Dec 2006 05:34:31 -0000 1.14 @@ -34,6 +34,7 @@ import org.apache.struts.validator.ValidatorForm; import org.lamsfoundation.lams.tool.forum.persistence.Attachment; import org.lamsfoundation.lams.tool.forum.persistence.Message; +import org.lamsfoundation.lams.util.FileUtil; import org.lamsfoundation.lams.util.FileValidatorUtil; /** @@ -78,14 +79,19 @@ } if (StringUtils.isBlank(message.getBody())) { ActionMessage error = new ActionMessage("error.body.required"); - errors.add("message.body", error); + errors.add("message.body", error); } // validate item size boolean largeFile = true; - if(request.getRequestURI().indexOf("/learning/") != -1) + if(request.getRequestURI().indexOf("/learning/") != -1){ + if(this.getAttachmentFile() != null && FileUtil.isExecutableFile(this.getAttachmentFile().getFileName())){ + ActionMessage error = new ActionMessage("error.attachment.executable"); + errors.add("message.attachment", error); + } largeFile = false; + } FileValidatorUtil.validateFileSize(this.getAttachmentFile(), largeFile,"message.attachment", errors ); Index: lams_tool_larsrc/conf/language/ApplicationResources.properties =================================================================== RCS file: /usr/local/cvsroot/lams_tool_larsrc/conf/language/Attic/ApplicationResources.properties,v diff -u -r1.42 -r1.43 --- lams_tool_larsrc/conf/language/ApplicationResources.properties 14 Dec 2006 03:42:17 -0000 1.42 +++ lams_tool_larsrc/conf/language/ApplicationResources.properties 14 Dec 2006 05:34:45 -0000 1.43 @@ -162,4 +162,5 @@ #======= End labels: Exported 153 labels for en AU ===== -errors.maxfilesize =The uploaded file has exceeded the maximum file size limit of {0} bytes \ No newline at end of file +errors.maxfilesize =The uploaded file has exceeded the maximum file size limit of {0} bytes +error.attachment.executable=The uploaded file is executable, please zip it before uploading. \ No newline at end of file Index: lams_tool_larsrc/src/java/org/lamsfoundation/lams/tool/rsrc/web/action/LearningAction.java =================================================================== RCS file: /usr/local/cvsroot/lams_tool_larsrc/src/java/org/lamsfoundation/lams/tool/rsrc/web/action/LearningAction.java,v diff -u -r1.27 -r1.28 --- lams_tool_larsrc/src/java/org/lamsfoundation/lams/tool/rsrc/web/action/LearningAction.java 14 Dec 2006 03:42:17 -0000 1.27 +++ lams_tool_larsrc/src/java/org/lamsfoundation/lams/tool/rsrc/web/action/LearningAction.java 14 Dec 2006 05:34:44 -0000 1.28 @@ -63,6 +63,7 @@ import org.lamsfoundation.lams.tool.rsrc.web.form.ReflectionForm; import org.lamsfoundation.lams.tool.rsrc.web.form.ResourceItemForm; import org.lamsfoundation.lams.usermanagement.dto.UserDTO; +import org.lamsfoundation.lams.util.FileUtil; import org.lamsfoundation.lams.util.FileValidatorUtil; import org.lamsfoundation.lams.util.WebUtil; import org.lamsfoundation.lams.web.session.SessionManager; @@ -585,6 +586,12 @@ if(itemForm.getItemType() == ResourceConstants.RESOURCE_TYPE_WEBSITE ||itemForm.getItemType() == ResourceConstants.RESOURCE_TYPE_LEARNING_OBJECT ||itemForm.getItemType() == ResourceConstants.RESOURCE_TYPE_FILE){ + + if(itemForm.getFile()!= null && FileUtil.isExecutableFile(itemForm.getFile().getFileName())){ + ActionMessage msg = new ActionMessage("error.attachment.executable"); + errors.add(ActionMessages.GLOBAL_MESSAGE, msg); + } + // validate item size FileValidatorUtil.validateFileSize(itemForm.getFile(), false, errors ); Index: lams_tool_sbmt/conf/language/ApplicationResources.properties =================================================================== RCS file: /usr/local/cvsroot/lams_tool_sbmt/conf/language/Attic/ApplicationResources.properties,v diff -u -r1.25 -r1.26 --- lams_tool_sbmt/conf/language/ApplicationResources.properties 17 Nov 2006 19:23:50 -0000 1.25 +++ lams_tool_sbmt/conf/language/ApplicationResources.properties 14 Dec 2006 05:34:58 -0000 1.26 @@ -125,3 +125,4 @@ #======= End labels: Exported 116 labels for en AU ===== +error.attachment.executable=The uploaded file is executable, please zip it before uploading. \ No newline at end of file Index: lams_tool_sbmt/src/java/org/lamsfoundation/lams/tool/sbmt/web/LearnerAction.java =================================================================== RCS file: /usr/local/cvsroot/lams_tool_sbmt/src/java/org/lamsfoundation/lams/tool/sbmt/web/LearnerAction.java,v diff -u -r1.39 -r1.40 --- lams_tool_sbmt/src/java/org/lamsfoundation/lams/tool/sbmt/web/LearnerAction.java 13 Dec 2006 06:28:49 -0000 1.39 +++ lams_tool_sbmt/src/java/org/lamsfoundation/lams/tool/sbmt/web/LearnerAction.java 14 Dec 2006 05:34:58 -0000 1.40 @@ -60,6 +60,7 @@ import org.lamsfoundation.lams.tool.sbmt.service.SubmitFilesServiceProxy; import org.lamsfoundation.lams.tool.sbmt.util.SbmtConstants; import org.lamsfoundation.lams.usermanagement.dto.UserDTO; +import org.lamsfoundation.lams.util.FileUtil; import org.lamsfoundation.lams.util.FileValidatorUtil; import org.lamsfoundation.lams.util.WebUtil; import org.lamsfoundation.lams.web.session.SessionManager; @@ -290,28 +291,28 @@ //validate uploaded form private boolean validateUploadForm(LearnerForm learnerForm, HttpServletRequest request) { - ActionErrors errors = new ActionErrors(); - boolean error = false; + ActionMessages errors = new ActionMessages(); if(learnerForm.getFile() == null || StringUtils.isBlank(learnerForm.getFile().getFileName())){ errors.add(ActionMessages.GLOBAL_MESSAGE,new ActionMessage("errors.required", this.getResources(request).getMessage("learner.form.filepath.displayname"))); - - error = true; } if(StringUtils.isBlank(learnerForm.getDescription())){ errors.add(ActionMessages.GLOBAL_MESSAGE,new ActionMessage("errors.required", this.getResources(request).getMessage("label.learner.fileDescription"))); - - error = true; } - boolean oversize = !FileValidatorUtil.validateFileSize(learnerForm.getFile(),false,errors); - error = error?error:oversize; + FileValidatorUtil.validateFileSize(learnerForm.getFile(),false,errors); - if(error){ + if(learnerForm.getFile()!= null && FileUtil.isExecutableFile(learnerForm.getFile().getFileName())){ + ActionMessage msg = new ActionMessage("error.attachment.executable"); + errors.add(ActionMessages.GLOBAL_MESSAGE, msg); + } + + if(!errors.isEmpty()){ this.addErrors(request,errors); + return true; } - return error; + return false; } /**