Separate file for attachment edit functions. Functions to move attached files.

[shellwiki] / handlers / 20_attachment.sh
diff --git a/handlers/20_attachment.sh b/handlers/20_attachment.sh

index a1168978d769f5d57ce90829a5e1abed756c10fc..1e0719037ee0d4642601abb1141ad456dbe64d2b 100755 (executable)
--- a/handlers/20_attachment.sh
+++ b/handlers/20_attachment.sh
@@ -2,7 +2,7 @@
  
  . "$_EXEC/cgilite/file.sh"
  
-REV_ATTACHMENTS="${REV_ATTACHMENTS:-false}"
+# REV_ATTACHMENTS="${REV_ATTACHMENTS:-false}"
  
  attachment_convert(){
    local attpath="$1"
@@ -78,89 +78,17 @@ case ${PATH_INFO} in
      ;;
    */\[attachment\])
      # show attachment page
-    # receive uploads
-    tsid="$(POST session_key)"; tsid="${tsid%% *}"
-    action="$(POST action)"
-    attachment_delete="$(POST delete)"
      page="${PATH_INFO%\[attachment\]}"
  
      if [ ! -d "$_DATA/pages${page}" -a ! -d "$_DATA/pages${page}" ]; then
        # base page does not exist
        return 1
-    elif [ "${CONTENT_TYPE%%;*}" = "multipart/form-data" ] && acl_write "${page}"; then
-      . "$_EXEC/multipart.sh"
-      multipart_cache
-
-      # Use positional parameters for filename collection
-      # The positional array is the only array available
-      # in plain posix shells, see the documentation for
-      # your shells "set" builtin for a hint to this
-      # obscure use mode
-      set --
-
-      # Validate session id from form to prevent CSRF
-      # Only validate if username is present, because no username means
-      # anonymous uploads are allowed via acl and cgilite/session.sh does not
-      # validate anonymous sessions from a multipart/formdata
-      if [ "$USER_NAME" -a "$(multipart session_id)" != "$SESSION_ID" ]; then
-        rm -- "$multipart_cachefile"
-        printf 'Refresh: %i\r\n' 4
-        theme_error 403
-        return 0
-      fi
-
-      mkdir -p "$_DATA/pages${page}#attachments/"
-      n=1; while filename=$(multipart_filename "file" "$n"); do
-        filename="$(printf %s "$filename" |tr /\\0 __)"
-        set -- "$@" "pages${page}#attachments/$filename"
-        multipart "file" "$n" >"$_DATA/pages${page}#attachments/$filename"
-        n=$((n + 1))
-      done
-      rm -- "$multipart_cachefile"
-      if [ "$REV_ATTACHMENTS" = true ]; then
-        git -C "$_DATA" add -- "$@"
-        git -C "$_DATA" commit -qm "Attachments to # $page # uploaded by @ $USER_NAME @" -- "$@"
-      fi
-      REDIRECT "${_BASE}${PATH_INFO}"
      elif [ "${CONTENT_TYPE%%;*}" = "multipart/form-data" ]; then
-      printf 'Refresh: %i\r\n' 4
-      theme_error 403
-      head -c $((CONTENT_LENGTH)) >/dev/null
-      return 0
-    elif [ "$action" = delete -a "$SESSION_ID" = "$tsid" ] && acl_write "${page}"; then
-      set --
-      n="$(POST_COUNT select)"; while [ $n -gt 0 ]; do
-        delete="$(POST select $n |PATH)"
-        set -- "$@" "pages${page}#attachments/${delete##*/}"
-        n=$((n - 1))
-      done
-      if [ "$REV_ATTACHMENTS" = true ]; then
-        git -C "$_DATA" rm -- "$@"
-        git -C "$_DATA" commit -qm \
-            "Attachment to # $page # deleted by @ $USER_NAME @" -- "$@"
-      else
-        rm -- "$@"
-      fi
-      REDIRECT "${_BASE}${PATH_INFO}"
-    elif [ "$action" = delete ]; then
-      printf 'Refresh: %i\r\n' 4
-      theme_error 403
-      return 0
-    # elif [ "$attachment_delete" -a "$SESSION_ID" = "$tsid" ]; then
-    #   if [ "$REV_ATTACHMENTS" = true ]; then
-    #     git -C "$_DATA" rm -- \
-    #         "$_DATA/pages${page}#attachments/$attachment_delete"
-    #     git -C "$_DATA" commit -qm \
-    #         "Attachment to # $page # deleted by @ $USER_NAME @" -- \
-    #         "$_DATA/pages${page}#attachments/$attachment_delete"
-    #   else
-    #     rm -- "$_DATA/pages${page}#attachments/$attachment_delete"
-    #   fi
-    #   REDIRECT "${_BASE}${PATH_INFO}"
-    # elif [ "$attachment_delete" ]; then
-    #   printf 'Refresh: %i\r\n' 4
-    #   theme_error 403
-    #   return 0
+      # pass uploads to next handler
+      return 1
+    elif [ "$(POST action)" ]; then
+      # pass edits to next handler
+      return 1
      elif ! acl_read "${page}"; then
        theme_error 403
        return 0