1: # The LearningOnline Network
2: # Cookie Based Access Handler
3: # 5/21/99,5/22,5/29,5/31,6/15,16/11,22/11,
4: # 01/06,01/13,05/31,06/01 Gerd Kortemeyer
5:
6: package Apache::lonacc;
7:
8: use strict;
9: use Apache::Constants qw(:common :http);
10: use Apache::File;
11: use Apache::lonnet;
12: use CGI::Cookie();
13:
14: sub handler {
15: my $r = shift;
16: my $requrl=$r->uri;
17: my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
18: my $lonid=$cookies{'lonID'};
19: my $cookie;
20: if ($lonid) {
21: my $handle=$lonid->value;
22: $handle=~s/\W//g;
23: my $lonidsdir=$r->dir_config('lonIDsDir');
24: if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
25:
26: # ------------------------------------------- Transfer profile into environment
27:
28: my @profile;
29: {
30: my $idf=Apache::File->new("$lonidsdir/$handle.id");
31: @profile=<$idf>;
32: }
33: my $envi;
34: for ($envi=0;$envi<=$#profile;$envi++) {
35: chomp($profile[$envi]);
36: my ($envname,$envvalue)=split(/=/,$profile[$envi]);
37: $r->subprocess_env("$envname" => "$envvalue");
38: $ENV{$envname}=$envvalue;
39: }
40: $r->subprocess_env("user.environment" => "$lonidsdir/$handle.id",
41: "request.state" => "published",
42: "request.filename" => $r->filename);
43:
44: # -------------------------------------------------------- Load POST parameters
45:
46: my $buffer;
47:
48: $r->read($buffer,$r->header_in('Content-length'));
49: my @pairs=split(/&/,$buffer);
50: my $pair;
51: foreach $pair (@pairs) {
52: my ($name,$value) = split(/=/,$pair);
53: $value =~ tr/+/ /;
54: $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
55: $r->subprocess_env("form.$name" => $value);
56: }
57:
58:
59: # ---------------------------------------------------------------- Check access
60:
61: if ($requrl!~/^\/adm\//) {
62: if (&Apache::lonnet::allowed('bre',$requrl) eq '') {
63: $ENV{'user.error.msg'}="$requrl:bre:1:1:Access denied";
64: return HTTP_NOT_ACCEPTABLE;
65: }
66: }
67: return OK;
68: } else {
69: $r->log_reason("Cookie $handle not valid", $r->filename)
70: };
71: }
72:
73: # ----------------------------------------------- Store where they wanted to go
74:
75: $ENV{'request.firsturl'}=$requrl;
76: return FORBIDDEN;
77: }
78:
79: 1;
80: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>