Annotation of loncom/auth/lonacc.pm, revision 1.12
1.1 albertel 1: # The LearningOnline Network
2: # Cookie Based Access Handler
1.4 www 3: # 5/21/99,5/22,5/29,5/31,6/15,16/11,22/11,
1.11 www 4: # 01/06,01/13,05/31,06/01,09/06,09/25,09/28,10/30 Gerd Kortemeyer
1.1 albertel 5:
6: package Apache::lonacc;
7:
8: use strict;
1.8 www 9: use Apache::Constants qw(:common :http :methods);
1.2 www 10: use Apache::File;
1.6 www 11: use Apache::lonnet;
1.1 albertel 12: use CGI::Cookie();
13:
14: sub handler {
15: my $r = shift;
16: my $requrl=$r->uri;
17: my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
18: my $lonid=$cookies{'lonID'};
19: my $cookie;
20: if ($lonid) {
21: my $handle=$lonid->value;
22: $handle=~s/\W//g;
23: my $lonidsdir=$r->dir_config('lonIDsDir');
24: if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
1.6 www 25:
26: # ------------------------------------------- Transfer profile into environment
27:
1.2 www 28: my @profile;
29: {
30: my $idf=Apache::File->new("$lonidsdir/$handle.id");
31: @profile=<$idf>;
32: }
33: my $envi;
34: for ($envi=0;$envi<=$#profile;$envi++) {
35: chomp($profile[$envi]);
36: my ($envname,$envvalue)=split(/=/,$profile[$envi]);
1.9 www 37: $ENV{$envname} = $envvalue;
1.2 www 38: }
1.9 www 39: $ENV{'user.environment'} = "$lonidsdir/$handle.id";
40: $ENV{'request.state'} = "published";
41: $ENV{'request.filename'} = $r->filename;
1.12 ! www 42:
! 43: # ---- Figure out referer, first from HTTP_REFERER, then cache, then wild guess
! 44:
! 45: my $referer='';
! 46: if ($referer=$r->header_in('Referer')) {
! 47: $ENV{'HTTP_REFERER'}=$referer;
! 48: } else {
! 49: $ENV{'HTTP_REFERER'}=$ENV{'httpref.'.$requrl};
! 50: unless($ENV{'HTTP_REFERER'}) {
! 51: my $pathpart=$requrl;
! 52: $pathpart=~s/\/[\w\.]*$//;
! 53: map {
! 54: if ($_=~/^httpref.$pathpart/) {
! 55: $ENV{'HTTP_REFERER'}=$ENV{$_};
! 56: }
! 57: } keys %ENV;
! 58: }
! 59: }
1.6 www 60:
61: # -------------------------------------------------------- Load POST parameters
62:
1.8 www 63:
64:
1.5 www 65: my $buffer;
1.6 www 66:
1.5 www 67: $r->read($buffer,$r->header_in('Content-length'));
68: my @pairs=split(/&/,$buffer);
1.6 www 69: my $pair;
1.5 www 70: foreach $pair (@pairs) {
1.6 www 71: my ($name,$value) = split(/=/,$pair);
72: $value =~ tr/+/ /;
73: $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
1.10 www 74: $name =~ tr/+/ /;
75: $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
1.9 www 76: $ENV{"form.$name"}=$value;
1.6 www 77: }
78:
1.8 www 79: $r->method_number(M_GET);
80: $r->method('GET');
81: $r->headers_in->unset('Content-length');
1.6 www 82:
83: # ---------------------------------------------------------------- Check access
84:
85: if ($requrl!~/^\/adm\//) {
1.7 www 86: my $access=&Apache::lonnet::allowed('bre',$requrl);
87: if ($access eq '1') {
88: $ENV{'user.error.msg'}="$requrl:bre:0:0:Choose Course";
89: return HTTP_NOT_ACCEPTABLE;
90: }
91: if (($access ne '2') && ($access ne 'F')) {
92: $ENV{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
93: return HTTP_NOT_ACCEPTABLE;
94: }
1.5 www 95: }
1.2 www 96: return OK;
1.1 albertel 97: } else {
1.5 www 98: $r->log_reason("Cookie $handle not valid", $r->filename)
1.1 albertel 99: };
100: }
1.6 www 101:
102: # ----------------------------------------------- Store where they wanted to go
103:
104: $ENV{'request.firsturl'}=$requrl;
1.1 albertel 105: return FORBIDDEN;
106: }
107:
108: 1;
109: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to lonacc.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / auth