Moinmoin wiki 中文附件名的解决办法

参考：

让MoinMoin支持上传中文文件名的附件

http://www.linuxsir.org/bbs/thread368571.html

在1.9.7中修改解决。

MOINMOINWIKI1.9.7+WIN2012 X64

# -*- coding: iso-8859-1 -*-
"""
MoinMoin - AttachFile action
This action lets a page have multiple attachment files.
It creates a folder <data>/pages/<pagename>/attachments
and keeps everything in there.
Form values: action=Attachment
1. with no 'do' key: returns file upload form
2. do=attach: accept file upload and saves the file in
../attachment/pagename/
3. /pagename/fname?action=Attachment&do=get[&mimetype=type]:
return contents of the attachment file with the name fname.
4. /pathname/fname, do=view[&mimetype=type]:create a page
to view the content of the file
To link to an attachment, use [[attachment:file.txt]],
to embed an attachment, use {{attachment:file.png}}.
@copyright: 2001 by Ken Sugino (sugino@mediaone.net),
2001-2004 by Juergen Hermann <jh@web.de>,
2005 MoinMoin:AlexanderSchremmer,
2005 DiegoOngaro at ETSZONE (diego@etszone.com),
2005-2013 MoinMoin:ReimarBauer,
2007-2008 MoinMoin:ThomasWaldmann
@license: GNU GPL, see COPYING for details.
"""
import os, time, zipfile, errno, datetime
from StringIO import StringIO
from werkzeug import http_date
from MoinMoin import log
logging = log.getLogger(__name__)
# keep both imports below as they are, order is important:
from MoinMoin import wikiutil
import mimetypes
from MoinMoin import config, packages
from MoinMoin.Page import Page
from MoinMoin.util import filesys, timefuncs
from MoinMoin.security.textcha import TextCha
from MoinMoin.events import FileAttachedEvent, FileRemovedEvent, send_event
from MoinMoin.support import tarfile
action_name = __name__.split('.')[-1]
#############################################################################
### External interface - these are called from the core code
#############################################################################
class AttachmentAlreadyExists(Exception):
pass
def getBasePath(request):
""" Get base path where page dirs for attachments are stored. """
return request.rootpage.getPagePath('pages')
def getAttachDir(request, pagename, create=0):
""" Get directory where attachments for page `pagename` are stored. """
if request.page and pagename == request.page.page_name:
page = request.page # reusing existing page obj is faster
else:
page = Page(request, pagename)
return page.getPagePath("attachments", check_create=create)
def absoluteName(url, pagename):
""" Get (pagename, filename) of an attachment: link
@param url: PageName/filename.ext or filename.ext (unicode)
@param pagename: name of the currently processed page (unicode)
@rtype: tuple of unicode
@return: PageName, filename.ext
"""
url = wikiutil.AbsPageName(pagename, url)
pieces = url.split(u'/')
if len(pieces) == 1:
return pagename, pieces[0]
else:
return u"/".join(pieces[:-1]), pieces[-1]
def get_action(request, filename, do):
generic_do_mapping = {
# do -> action
'get': action_name,
'view': action_name,
'move': action_name,
'del': action_name,
'unzip': action_name,
'install': action_name,
'upload_form': action_name,
}
basename, ext = os.path.splitext(filename)
do_mapping = request.cfg.extensions_mapping.get(ext, {})
action = do_mapping.get(do, None)
if action is None:
# we have no special support for
this,
# look up whether we have generic support:
action = generic_do_mapping.get(do, None)
return action
def getAttachUrl(pagename, filename, request, addts=0, do='get'):
""" Get URL that points to attachment `filename` of page `pagename`.
For upload url, call with
do='upload_form'.
Returns the URL to do the specified "do" action or None,
if
this action is not supported.
"""
action = get_action(request, filename, do)
if action:
args = dict(action=action, do=do, target=filename)
if
do not in ['get', 'view', # harmless
'modify', # just renders the applet html, which has own ticket
'move', # renders rename form, which has own ticket
]:
# create a ticket for the not so harmless operations
# we need action= here because the current action (e.g. "show" page
# with a macro AttachList) may not be the linked-to action, e.g.
# "AttachFile". Also, AttachList can list attachments of another page,
# thus we need to give pagename= also.
args['ticket'] = wikiutil.createTicket(request,
pagename=pagename, action=action_name)
url = request.href(pagename, **args)
return url
def getIndicator(request, pagename):
""" Get an attachment indicator for a page (linked clip image) or
an empty string if not attachments exist.
"""
_ = request.getText
attach_dir = getAttachDir(request, pagename)
if not os.path.exists(attach_dir):
return ''
files = os.listdir(attach_dir)
if not files:
return ''
fmt = request.formatter
attach_count = _('[%d attachments]') % len(files)
attach_icon = request.theme.make_icon('attach', vars={'attach_count': attach_count})
attach_link = (fmt.url(1, request.href(pagename, action=action_name), rel='nofollow') +
attach_icon +
fmt.url(0))
return attach_link
def getFilename(request, pagename, filename):
""" make complete pathfilename of file "name" attached to some page "pagename"
@param request: request object
@param pagename: name of page where the file is attached to (unicode)
@param filename: filename of attached file (unicode)
@rtype: string (in config.charset encoding)
@return: complete path/filename of attached file
"""
if isinstance(filename, unicode):
#filename = filename.encode(config.charset)
filename = wikiutil.quoteWikinameFS(filename)
return os.path.join(getAttachDir(request, pagename, create=1), filename)
def exists(request, pagename, filename):
""" check if page <pagename> has a file <filename> attached """
fpath = getFilename(request, pagename, filename)
return os.path.exists(fpath)
def size(request, pagename, filename):
""" return file size of file attachment """
fpath = getFilename(request, pagename, filename)
return os.path.getsize(fpath)
def info(pagename, request):
""" Generate snippet with info on the attachment for page `pagename`. """
_ = request.getText
attach_dir = getAttachDir(request, pagename)
files = []
if os.path.isdir(attach_dir):
files = os.listdir(attach_dir)
page = Page(request, pagename)
link = page.url(request, {'action': action_name})
attach_info = _('There are <a href="%(link)s">%(count)s attachment(s)</a> stored for
this page.') % {
'count': len(files),
'link': wikiutil.escape(link)
}
return "\n<p>\n%s\n</p>\n" % attach_info
def _write_stream(content, stream, bufsize=8192):
if hasattr(content, 'read'): # looks file-like
import shutil
shutil.copyfileobj(content, stream, bufsize)
elif isinstance(content, str):
stream.write(content)
else:
logging.error("unsupported content object: %r" % content)
raise
def add_attachment(request, pagename, target, filecontent, overwrite=0):
""" save <filecontent> to an attachment <target> of page <pagename>
filecontent can be either a str (in memory file content),
or an open file object (file content in e.g. a tempfile).
"""
# replace illegal chars
#target = wikiutil.taintfilename(target)
target = wikiutil.quoteWikinameFS(wikiutil.taintfilename(target))
# get directory, and possibly create it
attach_dir = getAttachDir(request, pagename, create=1)
#fpath = os.path.join(attach_dir, target).encode(config.charset)
fpath = os.path.join(attach_dir, target)
exists = os.path.exists(fpath)
if exists:
if overwrite:
remove_attachment(request, pagename, target)
else:
raise AttachmentAlreadyExists
# save file
stream = open(fpath, 'wb')
try:
_write_stream(filecontent, stream)
finally:
stream.close()
_addLogEntry(request, 'ATTNEW', pagename, target)
filesize = os.path.getsize(fpath)
event = FileAttachedEvent(request, pagename, target, filesize)
send_event(event)
return target, filesize
def remove_attachment(request, pagename, target):
""" remove attachment <target> of page <pagename>
"""
# replace illegal chars
target = wikiutil.taintfilename(target)
#target = wikiutil.quoteWikinameFS(wikiutil.taintfilename(target))
# get directory, do not create it
attach_dir = getAttachDir(request, pagename, create=0)
# remove file
#fpath = os.path.join(attach_dir, target).encode(config.charset)
fpath = os.path.join(attach_dir, wikiutil.quoteWikinameFS(target))
try:
filesize = os.path.getsize(fpath)
os.remove(fpath)
except:
# either it is gone already or we have no rights - not much we can do about it
filesize = 0
else:
_addLogEntry(request, 'ATTDEL', pagename, target)
event = FileRemovedEvent(request, pagename, target, filesize)
send_event(event)
return target, filesize
#############################################################################
### Internal helpers
#############################################################################
def _addLogEntry(request, action, pagename, filename):
""" Add an entry to the edit log on uploads and deletes.
`action` should be "ATTNEW" or "ATTDEL"
"""
from MoinMoin.logfile import editlog
t = wikiutil.timestamp2version(time.time())
fname = wikiutil.url_quote(filename)
# Write to global log
log = editlog.EditLog(request)
log.add(request, t, 99999999, action, pagename, request.remote_addr, fname)
# Write to local log
log = editlog.EditLog(request, rootpagename=pagename)
log.add(request, t, 99999999, action, pagename, request.remote_addr, fname)
def _access_file(pagename, request):
""" Check form parameter `target` and return a tuple of
`(pagename, filename, filepath)` for an existing attachment.
Return `(pagename, None, None)` if an error occurs.
"""
_ = request.getText
error = None
if not request.values.get('target'):
error = _("Filename of attachment not specified!")
else:
filename = wikiutil.taintfilename(request.values['target'])
fpath = getFilename(request, pagename, filename)
if os.path.isfile(fpath):
return (pagename, filename, fpath)
error = _("Attachment '%(filename)s' does not exist!") % {'filename': filename}
error_msg(pagename, request, error)
return (pagename, None, None)
def _build_filelist(request, pagename, showheader, readonly, mime_type='*', filterfn=None):
_ = request.getText
fmt = request.html_formatter
# access directory
attach_dir = getAttachDir(request, pagename)
files = _get_files(request, pagename)
if mime_type != '*':
files = [fname for fname in files if mime_type == mimetypes.guess_type(fname)[0]]
if filterfn is not None:
files = [fname for fname in files if filterfn(fname)]
html = []
if files:
if showheader:
html.append(fmt.rawHTML(_(
"To refer to attachments on a page, use '''{{{attachment:filename}}}''', \n"
"as shown below in the list of files. \n"
"Do '''NOT''' use the URL of the {{{[get]}}} link, \n"
"since this is subject to change and can break easily.",
wiki=True
)))
label_del = _("del")
label_move = _("move")
label_get = _("get")
label_edit = _("edit")
label_view = _("view")
label_unzip = _("unzip")
label_install = _("install")
may_read = request.user.may.read(pagename)
may_write = request.user.may.write(pagename)
may_delete = request.user.may.delete(pagename)
html.append(fmt.bullet_list(1))
for file in files:
mt = wikiutil.MimeType(filename=file)
#fullpath = os.path.join(attach_dir, file).encode(config.charset)
fullpath = os.path.join(attach_dir, wikiutil.quoteWikinameFS(file))
st = os.stat(fullpath)
base, ext = os.path.splitext(file)
parmdict = {'file': wikiutil.escape(file),
'fsize': "%.1f" % (float(st.st_size) / 1024),
'fmtime': request.user.getFormattedDateTime(st.st_mtime),
}
links = []
if may_delete and not readonly:
links.append(fmt.url(1, getAttachUrl(pagename, file, request, do='del')) +
fmt.text(label_del) +
fmt.url(0))
if may_delete and not readonly:
links.append(fmt.url(1, getAttachUrl(pagename, file, request, do='move')) +
fmt.text(label_move) +
fmt.url(0))
links.append(fmt.url(1, getAttachUrl(pagename, file, request)) +
fmt.text(label_get) +
fmt.url(0))
links.append(fmt.url(1, getAttachUrl(pagename, file, request, do='view')) +
fmt.text(label_view) +
fmt.url(0))
if may_write and not readonly:
edit_url = getAttachUrl(pagename, file, request, do='modify')
if edit_url:
links.append(fmt.url(1, edit_url) +
fmt.text(label_edit) +
fmt.url(0))
try:
is_zipfile = zipfile.is_zipfile(fullpath)
if is_zipfile and not readonly:
is_package = packages.ZipPackage(request, fullpath).isPackage()
if is_package and request.user.isSuperUser():
links.append(fmt.url(1, getAttachUrl(pagename, file, request, do='install')) +
fmt.text(label_install) +
fmt.url(0))
elif (not is_package and mt.minor == 'zip' and
may_read and may_write and may_delete):
links.append(fmt.url(1, getAttachUrl(pagename, file, request, do='unzip')) +
fmt.text(label_unzip) +
fmt.url(0))
except (RuntimeError, zipfile.BadZipfile, zipfile.LargeZipFile):
# We don't want to crash with a traceback here (an exception
# here could be caused by an uploaded defective zip file - and
# if we crash here, the user does not get a UI to remove the
# defective zip file again).
# RuntimeError is raised by zipfile stdlib module in
case of
# problems (like inconsistent slash and backslash usage in the
# archive).
# BadZipfile/LargeZipFile are raised when there are some
# specific problems with the archive file.
logging.exception("An exception within zip file attachment handling occurred:")
html.append(fmt.listitem(1))
html.append("[%s]" % " | ".join(links))
html.append(" (%(fmtime)s, %(fsize)s KB) [[attachment:%(file)s]]" % parmdict)
html.append(fmt.listitem(0))
html.append(fmt.bullet_list(0))
else:
if showheader:
html.append(fmt.paragraph(1))
html.append(fmt.text(_("No attachments stored for %(pagename)s") % {
'pagename': pagename}))
html.append(fmt.paragraph(0))
return ''.join(html)
def _get_files(request, pagename):
attach_dir = getAttachDir(request, pagename)
if os.path.isdir(attach_dir):
#files = [fn.decode(config.charset) for fn in os.listdir(attach_dir)]
files = [wikiutil.unquoteWikiname(fn) for fn in os.listdir(attach_dir)]
files.sort()
else:
files = []
return files
def _get_filelist(request, pagename):
return _build_filelist(request, pagename, 1, 0)
def error_msg(pagename, request, msg):
msg = wikiutil.escape(msg)
request.theme.add_msg(msg, "error")
Page(request, pagename).send_page()
#############################################################################
### Create parts of the Web interface
#############################################################################
def send_link_rel(request, pagename):
files = _get_files(request, pagename)
for fname in files:
url = getAttachUrl(pagename, fname, request, do='view')
request.write(u'<link rel="Appendix" title="%s" href="%s">\n' % (
wikiutil.escape(fname, 1),
wikiutil.escape(url, 1)))
def send_uploadform(pagename, request):
""" Send the HTML code for the list of already stored attachments and
the file upload form.
"""
_ = request.getText
if not request.user.may.read(pagename):
request.write('<p>%s</p>' % _('You are not allowed to view this page.'))
return
writeable = request.user.may.write(pagename)
# First send out the upload new attachment form on top of everything else.
# This avoids usability issues if you have to scroll down a lot to upload
# a new file when the page already has lots of attachments:
if writeable:
request.write('<h2>' + _("New Attachment") + '</h2>')
request.write("""
<form action="%(url)s" method="POST" enctype="multipart/form-data">
<dl>
<dt>%(upload_label_file)s</dt>
<dd><input type=""></dd>
<dt>%(upload_label_target)s</dt>
<dd><input type="" value="%(target)s"></dd>
<dt>%(upload_label_overwrite)s</dt>
<dd><input type="" %(overwrite_checked)s></dd>
</dl>
%(textcha)s
<p>
<input type="hidden" name="action" value="%(action_name)s">
<input type="hidden" name="do" value="upload">
<input type="hidden" name="ticket" value="%(ticket)s">
<input type="submit" value="%(upload_button)s">
</p>
</form>
""" % {
'url': request.href(pagename),
'action_name': action_name,
'upload_label_file': _('File to upload'),
'upload_label_target': _('Rename to'),
'target': wikiutil.escape(request.values.get('target', ''), 1),
'upload_label_overwrite': _('Overwrite existing attachment of same name'),
'overwrite_checked': ('', 'checked')[request.form.get('overwrite', '0') == '1'],
'upload_button': _('Upload'),
'textcha': TextCha(request).render(),
'ticket': wikiutil.createTicket(request),
})
request.write('<h2>' + _("Attached Files") + '</h2>')
request.write(_get_filelist(request, pagename))
if not writeable:
request.write('<p>%s</p>' % _('You are not allowed to attach a file to this page.'))
#############################################################################
### Web interface
for file upload, viewing and deletion
#############################################################################
def execute(pagename, request):
""" Main dispatcher for the 'AttachFile' action. """
_ = request.getText
do = request.values.get('do', 'upload_form')
handler = globals().get('_do_%s' % do)
if handler:
msg = handler(pagename, request)
else:
msg = _('Unsupported AttachFile sub-action: %s') % do
if msg:
error_msg(pagename, request, msg)
def _do_upload_form(pagename, request):
upload_form(pagename, request)
def upload_form(pagename, request, msg=''):
if msg:
msg = wikiutil.escape(msg)
_ = request.getText
# Use user interface language for
this generated page
request.setContentLanguage(request.lang)
request.theme.add_msg(msg, "dialog")
request.theme.send_title(_('Attachments for "%(pagename)s"') % {'pagename': pagename}, pagename=pagename)
request.write('<div id="content">\n') # start content div
send_uploadform(pagename, request)
request.write('</div>\n') # end content div
request.theme.send_footer(pagename)
request.theme.send_closing_html()
def _do_upload(pagename, request):
_ = request.getText
if not wikiutil.checkTicket(request, request.form.get('ticket', '')):
return _('Please use the interactive user interface to use action %(actionname)s!') % {'actionname': 'AttachFile.upload' }
# Currently we only check TextCha for upload (this is what spammers ususally do),
# but it could be extended to more/all attachment write access
if not TextCha(request).check_answer_from_form():
return _('TextCha: Wrong answer! Go back and try again...')
form = request.form
file_upload = request.files.get('file')
if not file_upload:
# This might happen when trying to upload file names
# with non-ascii characters on Safari.
return _("No file content. Delete non ASCII characters from the file name and try again.")
try:
overwrite = int(form.get('overwrite', '0'))
except:
overwrite = 0
if not request.user.may.write(pagename):
return _('You are not allowed to attach a file to this page.')
if overwrite and not request.user.may.delete(pagename):
return _('You are not allowed to overwrite a file attachment of this page.')
target = form.get('target', u'').strip()
if not target:
target = file_upload.filename or u''
target = wikiutil.clean_input(target)
if not target:
return _("Filename of attachment not specified!")
# add the attachment
try:
target, bytes = add_attachment(request, pagename, target, file_upload.stream, overwrite=overwrite)
msg = _("Attachment '%(target)s' (remote name '%(filename)s')"
" with %(bytes)d bytes saved.") % {
#'target': target, 'filename': file_upload.filename, 'bytes': bytes}
'target': wikiutil.unquoteWikiname(target), 'filename': file_upload.filename, 'bytes': bytes}
except AttachmentAlreadyExists:
msg = _("Attachment '%(target)s' (remote name '%(filename)s') already exists.") % {
# 'target': target, 'filename': file_upload.filename}
'target': wikiutil.unquoteWikiname(target), 'filename': file_upload.filename}
# return attachment list
upload_form(pagename, request, msg)
class ContainerItem:
""" A storage container (multiple objects in 1 tarfile) """
def __init__(self, request, pagename, containername):
"""
@param pagename: a wiki page name
@param containername: the filename of the tar file.
Make sure this is a simple filename, NOT containing any path components.
Use wikiutil.taintfilename() to avoid somebody giving a container
name that starts with e.g. ../../filename or you'll create a
directory traversal and code execution vulnerability.
"""
self.request = request
self.pagename = pagename
self.containername = containername
self.container_filename = getFilename(request, pagename, containername)
def member_url(self, member):
""" return URL for accessing container member
(we use same URL for get (GET) and put (POST))
"""
url = Page(self.request, self.pagename).url(self.request, {
'action': 'AttachFile',
'do': 'box', # shorter to type than 'container'
'target': self.containername,
#'member': member,
})
return url + '&member=%s' % member
# member needs to be last in qs because twikidraw looks for "file extension" at the end
def get(self, member):
""" return a file-like object with the member file data
"""
tf = tarfile.TarFile(self.container_filename)
return tf.extractfile(member)
def put(self, member, content, content_length=None):
""" save data into a container's member """
tf = tarfile.TarFile(self.container_filename, mode='a')
if isinstance(member, unicode):
member = member.encode('utf-8')
ti = tarfile.TarInfo(member)
if isinstance(content, str):
if content_length is None:
content_length = len(content)
content = StringIO(content) # we need a file obj
elif not hasattr(content, 'read'):
logging.error("unsupported content object: %r" % content)
raise
assert content_length >= 0 # we don't want -1 interpreted as 4G-1
ti.size = content_length
tf.addfile(ti, content)
tf.close()
def truncate(self):
f = open(self.container_filename, 'w')
f.close()
def exists(self):
return os.path.exists(self.container_filename)
def _do_del(pagename, request):
_ = request.getText
if not wikiutil.checkTicket(request, request.args.get('ticket', '')):
return _('Please use the interactive user interface to use action %(actionname)s!') % {'actionname': 'AttachFile.del' }
pagename, filename, fpath = _access_file(pagename, request)
if not request.user.may.delete(pagename):
return _('You are not allowed to delete attachments on this page.')
if not filename:
return # error msg already sent in _access_file
remove_attachment(request, pagename, filename)
upload_form(pagename, request, msg=_("Attachment '%(filename)s' deleted.") % {'filename': filename})
def move_file(request, pagename, new_pagename, attachment, new_attachment):
"""
move a file attachment from pagename:attachment to new_pagename:new_attachment
@param pagename: original pagename
@param new_pagename: new pagename (may be same as original pagename)
@param attachment: original attachment filename
note: attachment filename must not contain a path,
use wikiutil.taintfilename() before calling move_file
@param new_attachment: new attachment filename (may be same as original filename)
note: attachment filename must not contain a path,
use wikiutil.taintfilename() before calling move_file
"""
_ = request.getText
newpage = Page(request, new_pagename)
if newpage.exists(includeDeleted=1) and request.user.may.write(new_pagename) and request.user.may.delete(pagename):
new_attachment_path = os.path.join(getAttachDir(request, new_pagename,
#create=1), new_attachment).encode(config.charset)
create=1), wikiutil.quoteWikinameFS(new_attachment))
attachment_path = os.path.join(getAttachDir(request, pagename),
# attachment).encode(config.charset)
wikiutil.quoteWikinameFS(attachment))
if os.path.exists(new_attachment_path):
upload_form(pagename, request,
msg=_("Attachment '%(new_pagename)s/%(new_filename)s' already exists.") % {
'new_pagename': new_pagename,
'new_filename': new_attachment})
return
if new_attachment_path != attachment_path:
filesize = os.path.getsize(attachment_path)
filesys.rename(attachment_path, new_attachment_path)
_addLogEntry(request, 'ATTDEL', pagename, attachment)
event = FileRemovedEvent(request, pagename, attachment, filesize)
send_event(event)
_addLogEntry(request, 'ATTNEW', new_pagename, new_attachment)
event = FileAttachedEvent(request, new_pagename, new_attachment, filesize)
send_event(event)
upload_form(pagename, request,
msg=_("Attachment '%(pagename)s/%(filename)s' moved to '%(new_pagename)s/%(new_filename)s'.") % {
'pagename': pagename,
'filename': attachment,
'new_pagename': new_pagename,
'new_filename': new_attachment})
else:
upload_form(pagename, request, msg=_("Nothing changed"))
else:
upload_form(pagename, request, msg=_("Page '%(new_pagename)s' does not exist or you don't have enough rights.") % {
'new_pagename': new_pagename})
def _do_attachment_move(pagename, request):
_ = request.getText
if 'cancel' in request.form:
return _('Move aborted!')
if not wikiutil.checkTicket(request, request.form.get('ticket', '')):
return _('Please use the interactive user interface to use action %(actionname)s!') % {'actionname': 'AttachFile.move' }
if not request.user.may.delete(pagename):
return _('You are not allowed to move attachments from this page.')
if 'newpagename' in request.form:
new_pagename = request.form.get('newpagename')
else:
upload_form(pagename, request, msg=_("Move aborted because new page name is empty."))
if 'newattachmentname' in request.form:
new_attachment = request.form.get('newattachmentname')
if new_attachment != wikiutil.taintfilename(new_attachment):
upload_form(pagename, request, msg=_("Please use a valid filename for attachment '%(filename)s'.") % {
'filename': new_attachment})
return
else:
upload_form(pagename, request, msg=_("Move aborted because new attachment name is empty."))
attachment = request.form.get('oldattachmentname')
if attachment != wikiutil.taintfilename(attachment):
upload_form(pagename, request, msg=_("Please use a valid filename for attachment '%(filename)s'.") % {
'filename': attachment})
return
move_file(request, pagename, new_pagename, attachment, new_attachment)
def _do_move(pagename, request):
_ = request.getText
pagename, filename, fpath = _access_file(pagename, request)
if not request.user.may.delete(pagename):
return _('You are not allowed to move attachments from this page.')
if not filename:
return # error msg already sent in _access_file
# move file
d = {'action': action_name,
'url': request.href(pagename),
'do': 'attachment_move',
'ticket': wikiutil.createTicket(request),
'pagename': wikiutil.escape(pagename, 1),
'attachment_name': wikiutil.escape(filename, 1),
'move': _('Move'),
'cancel': _('Cancel'),
'newname_label': _("New page name"),
'attachment_label': _("New attachment name"),
}
formhtml = '''
<form action="%(url)s" method="POST">
<input type="hidden" name="action" value="%(action)s">
<input type="hidden" name="do" value="%(do)s">
<input type="hidden" name="ticket" value="%(ticket)s">
<table>
<tr>
<td class="label"><label>%(newname_label)s</label></td>
<td class="content">
<input type="">
</td>
</tr>
<tr>
<td class="label"><label>%(attachment_label)s</label></td>
<td class="content">
<input type="">
</td>
</tr>
<tr>
<td></td>
<td class="buttons">
<input type="hidden" name="oldattachmentname" value="%(attachment_name)s">
<input type="submit" name="move" value="%(move)s">
<input type="submit" name="cancel" value="%(cancel)s">
</td>
</tr>
</table>
</form>''' % d
thispage = Page(request, pagename)
request.theme.add_msg(formhtml, "dialog")
return thispage.send_page()
def _do_box(pagename, request):
_ = request.getText
pagename, filename, fpath = _access_file(pagename, request)
if not request.user.may.read(pagename):
return _('You are not allowed to get attachments from this page.')
if not filename:
return # error msg already sent in _access_file
timestamp = datetime.datetime.fromtimestamp(os.path.getmtime(fpath))
if_modified = request.if_modified_since
if if_modified and if_modified >= timestamp:
request.status_code = 304
else:
ci = ContainerItem(request, pagename, filename)
filename = wikiutil.taintfilename(request.values['member'])
mt = wikiutil.MimeType(filename=filename)
content_type = mt.content_type()
mime_type = mt.mime_type()
# TODO: fix the encoding here, plain 8 bit is not allowed according to the RFCs
# There is no solution that is compatible to IE except stripping non-ascii chars
#filename_enc = filename.encode(config.charset)
if 'MSIE' in request.http_user_agent:
filename_enc = filename.encode('gbk')
else:
filename_enc = filename.encode(config.charset)
# for dangerous files (like .html), when we are in danger of cross-site-scripting attacks,
# we just let the user store them to disk ('attachment').
# For safe files, we directly show them inline (this also works better for IE).
dangerous = mime_type in request.cfg.mimetypes_xss_protect
content_dispo = dangerous and 'attachment' or 'inline'
now = time.time()
request.headers['Date'] = http_date(now)
request.headers['Content-Type'] = content_type
request.headers['Last-Modified'] = http_date(timestamp)
request.headers['Expires'] = http_date(now - 365 * 24 * 3600)
#request.headers['Content-Length'] = os.path.getsize(fpath)
content_dispo_string = '%s; filename="%s"' % (content_dispo, filename_enc)
request.headers['Content-Disposition'] = content_dispo_string
# send data
request.send_file(ci.get(filename))
def _do_get(pagename, request):
_ = request.getText
pagename, filename, fpath = _access_file(pagename, request)
if not request.user.may.read(pagename):
return _('You are not allowed to get attachments from this page.')
if not filename:
return # error msg already sent in _access_file
timestamp = datetime.datetime.fromtimestamp(os.path.getmtime(fpath))
if_modified = request.if_modified_since
if if_modified and if_modified >= timestamp:
request.status_code = 304
else:
mt = wikiutil.MimeType(filename=filename)
content_type = mt.content_type()
mime_type = mt.mime_type()
# TODO: fix the encoding here, plain 8 bit is not allowed according to the RFCs
# There is no solution that is compatible to IE except stripping non-ascii chars
#filename_enc = filename.encode(config.charset)
if 'MSIE' in request.http_user_agent:
filename_enc = filename.encode('gbk')
else:
filename_enc = filename.encode(config.charset)
# for dangerous files (like .html), when we are in danger of cross-site-scripting attacks,
# we just let the user store them to disk ('attachment').
# For safe files, we directly show them inline (this also works better for IE).
dangerous = mime_type in request.cfg.mimetypes_xss_protect
content_dispo = dangerous and 'attachment' or 'inline'
now = time.time()
request.headers['Date'] = http_date(now)
request.headers['Content-Type'] = content_type
request.headers['Last-Modified'] = http_date(timestamp)
request.headers['Expires'] = http_date(now - 365 * 24 * 3600)
request.headers['Content-Length'] = os.path.getsize(fpath)
content_dispo_string = '%s; filename="%s"' % (content_dispo, filename_enc)
request.headers['Content-Disposition'] = content_dispo_string
# send data
request.send_file(open(fpath, 'rb'))
def _do_install(pagename, request):
_ = request.getText
if not wikiutil.checkTicket(request, request.args.get('ticket', '')):
return _('Please use the interactive user interface to use action %(actionname)s!') % {'actionname': 'AttachFile.install' }
pagename, target, targetpath = _access_file(pagename, request)
if not request.user.isSuperUser():
return _('You are not allowed to install files.')
if not target:
return
package = packages.ZipPackage(request, targetpath)
if
package.isPackage():
if
package.installPackage():
msg = _("Attachment '%(filename)s' installed.") % {'filename': target}
else:
msg = _("Installation of '%(filename)s' failed.") % {'filename': target}
if
package.msg:
msg += "
" + package.msg
else:
msg = _('The file %s is not a MoinMoin package file.') % target
upload_form(pagename, request, msg=msg)
def _do_unzip(pagename, request, overwrite=False):
_ = request.getText
if not wikiutil.checkTicket(request, request.args.get('ticket', '')):
return _('Please use the interactive user interface to use action %(actionname)s!') % {'actionname': 'AttachFile.unzip' }
pagename, filename, fpath = _access_file(pagename, request)
if not (request.user.may.delete(pagename) and request.user.may.read(pagename) and request.user.may.write(pagename)):
return _('You are not allowed to unzip attachments of this page.')
if not filename:
return # error msg already sent in _access_file
try:
if not zipfile.is_zipfile(fpath):
return _('The file %(filename)s is not a .zip file.') % {'filename': filename}
# determine how which attachment names we have and how much space each is occupying
curr_fsizes = dict([(f, size(request, pagename, f)) for f in _get_files(request, pagename)])
# Checks for the existance of one common prefix path shared among
# all files in the zip file. If this is the case, remove the common prefix.
# We also prepare a dict of the new filenames->filesizes.
zip_path_sep = '/' # we assume '/' is as zip standard suggests
fname_index = None
mapping = []
new_fsizes = {}
zf = zipfile.ZipFile(fpath)
for zi in zf.infolist():
name = zi.filename
if not name.endswith(zip_path_sep): # a file (not a directory)
if fname_index is None:
fname_index = name.rfind(zip_path_sep) + 1
path = name[:fname_index]
if (name.rfind(zip_path_sep) + 1 != fname_index # different prefix len
or
name[:fname_index] != path): # same len, but still different
mapping = [] # zip is not acceptable
break
if zi.file_size >= request.cfg.unzip_single_file_size: # file too big
mapping = [] # zip is not acceptable
break
finalname = name[fname_index:] # remove common path prefix
finalname = finalname.decode(config.charset, 'replace') # replaces trash with \uFFFD char
mapping.append((name, finalname))
new_fsizes[finalname] = zi.file_size
# now we either have an empty mapping (if the zip is not acceptable),
# an identity mapping (no subdirs in zip, just all flat), or
# a mapping (origname, finalname) where origname is the zip member filename
# (including some prefix path) and finalname is a simple filename.
# calculate resulting total file size / count after unzipping:
if overwrite:
curr_fsizes.update(new_fsizes)
total = curr_fsizes
else:
new_fsizes.update(curr_fsizes)
total = new_fsizes
total_count = len(total)
total_size = sum(total.values())
if not mapping:
msg = _("Attachment '%(filename)s' not unzipped because some files in the zip "
"are either not in the same directory or exceeded the single file size limit (%(maxsize_file)d kB)."
) % {'filename': filename,
'maxsize_file': request.cfg.unzip_single_file_size / 1000, }
elif total_size > request.cfg.unzip_attachments_space:
msg = _("Attachment '%(filename)s' not unzipped because it would have exceeded "
"the per page attachment storage size limit (%(size)d kB).") % {
'filename': filename,
'size': request.cfg.unzip_attachments_space / 1000, }
elif total_count > request.cfg.unzip_attachments_count:
msg = _("Attachment '%(filename)s' not unzipped because it would have exceeded "
"the per page attachment count limit (%(count)d).") % {
'filename': filename,
'count': request.cfg.unzip_attachments_count, }
else:
not_overwritten = []
for origname, finalname in mapping:
try:
# Note: reads complete zip member file into memory. ZipFile does not offer block-wise reading:
add_attachment(request, pagename, finalname, zf.read(origname), overwrite)
except AttachmentAlreadyExists:
not_overwritten.append(finalname)
if not_overwritten:
msg = _("Attachment '%(filename)s' partially unzipped (did not overwrite: %(filelist)s).") % {
'filename': filename,
'filelist': ', '.join(not_overwritten), }
else:
msg = _("Attachment '%(filename)s' unzipped.") % {'filename': filename}
except (RuntimeError, zipfile.BadZipfile, zipfile.LargeZipFile), err:
# We don't want to crash with a traceback here (an exception
# here could be caused by an uploaded defective zip file - and
# if we crash here, the user does not get a UI to remove the
# defective zip file again).
# RuntimeError is raised by zipfile stdlib module in
case of
# problems (like inconsistent slash and backslash usage in the
# archive).
# BadZipfile/LargeZipFile are raised when there are some
# specific problems with the archive file.
logging.exception("An exception within zip file attachment handling occurred:")
msg = _("A severe error occurred:") + ' ' + str(err)
upload_form(pagename, request, msg=msg)
def send_viewfile(pagename, request):
_ = request.getText
fmt = request.html_formatter
pagename, filename, fpath = _access_file(pagename, request)
if not filename:
return
request.write('<h2>' + _("Attachment '%(filename)s'") % {'filename': filename} + '</h2>')
# show a download link above the content
label = _('Download')
link = (fmt.url(1, getAttachUrl(pagename, filename, request, do='get'), css_class="download") +
fmt.text(label) +
fmt.url(0))
request.write('%s<br><br>' % link)
if filename.endswith('.tdraw') or filename.endswith('.adraw'):
request.write(fmt.attachment_drawing(filename, ''))
return
mt = wikiutil.MimeType(filename=filename)
# destinguishs if browser need a plugin in place
if mt.major == 'image' and mt.minor in config.browser_supported_images:
url = getAttachUrl(pagename, filename, request)
request.write('<img src="%s" alt="%s">' % (
wikiutil.escape(url, 1),
wikiutil.escape(filename, 1)))
return
elif mt.major == 'text':
ext = os.path.splitext(filename)[1]
Parser = wikiutil.getParserForExtension(request.cfg, ext)
if Parser is not None:
try:
content = file(fpath, 'r').read()
content = wikiutil.decodeUnknownInput(content)
colorizer = Parser(content, request, filename=filename)
colorizer.format(request.formatter)
return
except IOError:
pass
request.write(request.formatter.preformatted(1))
# If we have text but no colorizing parser we try to decode file contents.
content = open(fpath, 'r').read()
content = wikiutil.decodeUnknownInput(content)
content = wikiutil.escape(content)
request.write(request.formatter.text(content))
request.write(request.formatter.preformatted(0))
return
try:
package = packages.ZipPackage(request, fpath)
if
package.isPackage():
request.write("<pre><b>%s</b>\n%s</pre>" % (_("Package script:"), wikiutil.escape(package.getScript())))
return
if zipfile.is_zipfile(fpath) and mt.minor == 'zip':
zf = zipfile.ZipFile(fpath, mode='r')
request.write("<pre>%-46s %19s %12s\n" % (_("File Name"), _("Modified")+"
"*5, _("Size")))
for zinfo in zf.filelist:
date = "%d-%02d-%02d %02d:%02d:%02d" % zinfo.date_time
request.write(wikiutil.escape("%-46s %s %12d\n" % (zinfo.filename, date, zinfo.file_size)))
request.write("</pre>")
return
except (RuntimeError, zipfile.BadZipfile, zipfile.LargeZipFile):
# We don't want to crash with a traceback here (an exception
# here could be caused by an uploaded defective zip file - and
# if we crash here, the user does not get a UI to remove the
# defective zip file again).
# RuntimeError is raised by zipfile stdlib module in
case of
# problems (like inconsistent slash and backslash usage in the
# archive).
# BadZipfile/LargeZipFile are raised when there are some
# specific problems with the archive file.
logging.exception("An exception within zip file attachment handling occurred:")
return
from MoinMoin import macro
from MoinMoin.parser.text import Parser
macro.request = request
macro.formatter = request.html_formatter
p = Parser("##\n", request)
m = macro.Macro(p)
# use EmbedObject to view valid mime types
if mt is None:
request.write('<p>' + _("Unknown file type, cannot display this attachment inline.") + '</p>')
link = (fmt.url(1, getAttachUrl(pagename, filename, request)) +
fmt.text(filename) +
fmt.url(0))
request.write('For using an external program follow this link %s' % link)
return
request.write(m.execute('EmbedObject', u'target="%s", pagename="%s"' % (filename, pagename)))
return
def _do_view(pagename, request):
_ = request.getText
orig_pagename = pagename
pagename, filename, fpath = _access_file(pagename, request)
if not request.user.may.read(pagename):
return _('You are not allowed to view attachments of this page.')
if not filename:
return
request.formatter.page = Page(request, pagename)
# send header & title
# Use user interface language for
this generated page
request.setContentLanguage(request.lang)
title = _('attachment:%(filename)s of %(pagename)s') % {
'filename': filename, 'pagename': pagename}
request.theme.send_title(title, pagename=pagename)
# send body
request.write(request.formatter.startContent())
send_viewfile(orig_pagename, request)
send_uploadform(pagename, request)
request.write(request.formatter.endContent())
request.theme.send_footer(pagename)
request.theme.send_closing_html()
#############################################################################
### File attachment administration
#############################################################################
def do_admin_browser(request):
""" Browser for SystemAdmin macro. """
from MoinMoin.util.dataset import TupleDataset, Column
_ = request.getText
data = TupleDataset()
data.columns = [
Column('page', label=('Page')),
Column('file', label=('Filename')),
Column('size', label=_('Size'), align='right'),
]
# iterate over pages that might have attachments
pages = request.rootpage.getPageList()
for pagename in pages:
# check for attachments directory
page_dir = getAttachDir(request, pagename)
if os.path.isdir(page_dir):
# iterate over files of the page
files = os.listdir(page_dir)
for filename in files:
filepath = os.path.join(page_dir, filename)
data.addRow((
(Page(request, pagename).link_to(request,
querystr="action=AttachFile"), wikiutil.escape(pagename, 1)),
#wikiutil.escape(filename.decode(config.charset)),
wikiutil.escape(wikiutil.unquoteWikiname(filename)),
os.path.getsize(filepath),
))
if data:
from MoinMoin.widget.browser import DataBrowserWidget
browser = DataBrowserWidget(request)
browser.setData(data, sort_columns=[0, 1])
return browser.render(method="GET")
return ''

Moinmoin wiki 中文附件名的解决办法的更多相关文章

PHPMailer发送邮件中文附件名是乱码
可能使用了PHPMailer发送邮件的朋友带中文附件名时会出现乱码,下面我来介绍一个解决办法. 比如我们要发送的附件是"测试.txt",如果在添加附件的时候强制使用指定文件名的方式 ...
linux中文显示乱码的解决办法
linux中文显示乱码的解决办法 linux中文显示乱码是一件让人很头疼的事情. linux中文显示乱码的解决办法:[root@kk]#vi /etc/sysconfig/i18n将文件中的内容修改为 ...
.NET在IE9中页面间URL传递中文变成乱码的解决办法
在.Net的项目中,鼠标点击查询按钮,转到查询页面,但URL中包含中文时,传到服务器端后,中文变成了乱码(只有IE9出现该问题). 尝试使用Server.UrlEncode()进行编码, ...
codeblocks中文乱码原因及解决办法
原因:(本地化做得不够好)默认情况下codeblocks编辑器保存源文件是保存为windows本地编码,就是WINDOWS-936字符集,即GBK:但CB的编辑器在默认编辑的时候是按照UTF-8来解析 ...
eclipse中js中文乱码问题的解决办法
在Eclipse中编辑JS文件简直是一种折磨,但是却总是很无奈得要去适应. 这里说一下Eclipse中,编辑JS文件时候,出现中文乱码问题的解决办法. 这个问题很容易想到是文件编码的问题,因此通常是修 ...
request.getParameter()获取URL中文参数乱码的解决办法
这个问题耽误好长时间,URL传中文参数出现乱码,就算首次使用request接收就添加 request.setCharacterEncoding("UTf-8"); 依然报错不误. ...
Firefox下载附件乱码的解决办法
通过在http的header里设置fileName下载附件时,中文文件名通过chrome浏览器下载时正常,通过firefox下载时为乱码: 原来的Java代码: response.addHeader( ...
Linux系统中关于Sqlite3中文乱码问题及解决办法
新做的一个项目在本地(Win8)测试时没有问题,但传到服务器(Linux)时从Sqlite3数据库查询到的数据中文却是乱码(数据库中是正常的) 将php文件.html文件都设置成统一的utf8还是一样 ...
远程工具（SSH Secure）连接Centos出现中文乱码问题的解决办法
问题原因使用远程工具进行连接时,如果linux有中文文件或目录,显示时会出现乱码,原因是linux编码是UTF-8,而远程工具默认是当前系统本地编码即GBK.所以解决方案是统一两者编码就OK了,但是 ...

随机推荐

C语言学习002:第一个完整的C程序代码
#include <stdio.h>//引用相关的外部库,stdio.h包含了终端读写数据的代码 //程序入口,程序通过main函数的返回值判断程序是否运行成功,0表示成功,非0表示程序运 ...
C# ~ 泛型委托
泛型应用 1. 比较 2 个对象的大小? 参考 1. .NET面试题系列 - 对象大小比较:由一个泛型方法想到的 - 对象大小比较:
启用数据库的 Service Broker
--is_broker_enabled为0未启用,为1启用SELECT name,is_broker_enabled FROM sys.databases WHERE name = 'DBNAME' ...
jquery取消超链接
JSON的简单例子
JSON(JavaScript Object Notation) 是一种轻量级的数据交换格式. 下载JSON所需要的jar文件并加入工程后,编写如下代码: package com.hzhi.json; ...
python CGI编程Apache配置
1. 编辑http.conf,添加两行,路径可以自定义 <Directory "C:/AppServ/www/cgi-bin"> AllowOverride None ...
通过rsync+inotify实现数据实时备份同步
一.环境描述测试环境需求:服务器A与服务器B为主备服务模式,需要保持文件一致性,现采用sersync基于rsync+inotify实现数据实时同步环境描述: 主服务器172.26.7.50 ,从 ...
PDF.NET SOD 开源框架红包派送活动 && 新手快速入门指引
一.框架的由来快速入门有关框架的更多信息,请看框架官方主页! 本套框架的思想是借鉴Java平台的Hibernate 和 iBatis 而来,兼有ORM和SQL-MAP的特性,同时还参考了后来.N ...
something
var colors=['red','green','yellow']; console.log(colors)//['red','green','yellow'] console.log(color ...
FingerprintJS - 在浏览器端实现指纹识别
FingerprintJS 是一个快速的浏览器指纹库,纯 JavaScript 实现,没有依赖关系.默认情况下,使用 Murmur Hash 算法返回一个32位整数.Hash 函数可以很容易地更换. ...

Moinmoin wiki 中文附件名的解决办法

Moinmoin wiki 中文附件名的解决办法的更多相关文章

随机推荐

热门专题