version 1.107, 2007/01/31 16:48:54
|
version 1.112, 2007/11/06 02:26:07
|
Line 37 use Apache::loncommon();
|
Line 37 use Apache::loncommon();
|
use Apache::lonlocal; |
use Apache::lonlocal; |
use Apache::restrictedaccess(); |
use Apache::restrictedaccess(); |
use Apache::blockedaccess(); |
use Apache::blockedaccess(); |
use CGI::Cookie(); |
|
use Fcntl qw(:flock); |
use Fcntl qw(:flock); |
use LONCAPA; |
use LONCAPA; |
|
|
Line 64 sub get_posted_cgi {
|
Line 63 sub get_posted_cgi {
|
if ($r->header_in('Content-length')) { |
if ($r->header_in('Content-length')) { |
$r->read($buffer,$r->header_in('Content-length'),0); |
$r->read($buffer,$r->header_in('Content-length'),0); |
} |
} |
unless ($buffer=~/^(\-+\w+)\s+Content\-Disposition\:\s*form\-data/si) { |
unless ($buffer=~/^(\-+[\+\w]+)\s+Content\-Disposition\:\s*form\-data/si) { |
my @pairs=split(/&/,$buffer); |
my @pairs=split(/&/,$buffer); |
my $pair; |
my $pair; |
foreach $pair (@pairs) { |
foreach $pair (@pairs) { |
Line 84 sub get_posted_cgi {
|
Line 83 sub get_posted_cgi {
|
my $fmime=''; |
my $fmime=''; |
my $i; |
my $i; |
for ($i=0;$i<=$#lines;$i++) { |
for ($i=0;$i<=$#lines;$i++) { |
if ($lines[$i]=~/^$contentsep/) { |
if ($lines[$i]=~/^\Q$contentsep\E/) { |
if ($name) { |
if ($name) { |
chomp($value); |
chomp($value); |
if ($fname) { |
if ($fname) { |
Line 145 sub get_posted_cgi {
|
Line 144 sub get_posted_cgi {
|
# returns OK if it was a SSO and user was handled |
# returns OK if it was a SSO and user was handled |
# undef if not SSO or no means to hanle the user |
# undef if not SSO or no means to hanle the user |
sub sso_login { |
sub sso_login { |
my ($r,$lonid,$handle) = @_; |
my ($r,$handle) = @_; |
|
|
my $lonidsdir=$r->dir_config('lonIDsDir'); |
my $lonidsdir=$r->dir_config('lonIDsDir'); |
if (!($r->user |
if (!($r->user |
&& (!defined($env{'user.name'}) && !defined($env{'user.domain'})) |
&& (!defined($env{'user.name'}) && !defined($env{'user.domain'})) |
&& (!$lonid || !-e "$lonidsdir/$handle.id" || $handle eq ''))) { |
&& ($handle eq ''))) { |
# not an SSO case or already logged in |
# not an SSO case or already logged in |
return undef; |
return undef; |
} |
} |
Line 207 sub sso_login {
|
Line 206 sub sso_login {
|
sub handler { |
sub handler { |
my $r = shift; |
my $r = shift; |
my $requrl=$r->uri; |
my $requrl=$r->uri; |
my %cookies=CGI::Cookie->parse($r->header_in('Cookie')); |
if (&Apache::lonnet::is_domainimage($requrl)) { |
my $lonid=$cookies{'lonID'}; |
return OK; |
my $cookie; |
|
my $lonidsdir=$r->dir_config('lonIDsDir'); |
|
|
|
my $handle; |
|
if ($lonid) { |
|
$handle=&LONCAPA::clean_handle($lonid->value); |
|
} |
} |
|
|
my $result = &sso_login($r,$lonid,$handle); |
|
|
my $handle = &Apache::lonnet::check_for_valid_session($r); |
|
|
|
my $result = &sso_login($r,$handle); |
if (defined($result)) { |
if (defined($result)) { |
return $result |
return $result |
} |
} |
Line 230 sub handler {
|
Line 226 sub handler {
|
|
|
if ($handle eq '') { |
if ($handle eq '') { |
$r->log_reason("Cookie $handle not valid", $r->filename); |
$r->log_reason("Cookie $handle not valid", $r->filename); |
} elsif ((-e "$lonidsdir/$handle.id") && ($handle ne '')) { |
} elsif ($handle ne '') { |
|
|
# ------------------------------------------------------ Initialize Environment |
# ------------------------------------------------------ Initialize Environment |
|
my $lonidsdir=$r->dir_config('lonIDsDir'); |
&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle); |
&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle); |
|
|
# --------------------------------------------------------- Initialize Language |
# --------------------------------------------------------- Initialize Language |
Line 284 sub handler {
|
Line 280 sub handler {
|
$env{'user.domain'}; |
$env{'user.domain'}; |
if ($requrl !~ /^\Q$start\E/) { |
if ($requrl !~ /^\Q$start\E/) { |
$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied"; |
$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied"; |
|
return HTTP_NOT_ACCEPTABLE; |
|
} |
|
} |
|
if ($requrl =~ m|^/zipspool/|) { |
|
my $start='/zipspool/zipout/'.$env{'user.name'}.":". |
|
$env{'user.domain'}; |
|
if ($requrl !~ /^\Q$start\E/) { |
|
$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied"; |
return HTTP_NOT_ACCEPTABLE; |
return HTTP_NOT_ACCEPTABLE; |
} |
} |
} |
} |