--- loncom/auth/lonauth.pm 2009/07/22 20:24:07 1.100
+++ loncom/auth/lonauth.pm 2010/03/10 21:25:29 1.102
@@ -1,7 +1,7 @@
# The LearningOnline Network
# User Authentication Module
#
-# $Id: lonauth.pm,v 1.100 2009/07/22 20:24:07 raeburn Exp $
+# $Id: lonauth.pm,v 1.102 2010/03/10 21:25:29 droeschl Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -40,6 +40,7 @@ use Apache::lonmenu();
use Apache::createaccount;
use Fcntl qw(:flock);
use Apache::lonlocal;
+use HTML::Entities;
# ------------------------------------------------------------ Successful login
sub success {
@@ -85,47 +86,42 @@ sub success {
&Apache::lonnet::role_status($envkey,$then,$refresh,$now,\$role,\$where,
\$trolecode,\$tstatus,\$tstart,\$tend);
if ($tstatus eq 'is') {
- if ($destination =~ /\?/) {
- $destination .= '&';
- } else {
- $destination .= '?';
- }
- $destination .= 'selectrole=1&'.$form->{role}.'=1';
- if (defined($form->{symb})) {
- my $destsymb = $form->{symb};
- if ($destsymb =~ /___/) {
- # FIXME Need to deal with encrypted symbs and urls as needed.
- my ($map,$resid,$desturl)=split(/___/,$destsymb);
- unless ($desturl=~/^(adm|uploaded|editupload|public)/) {
- $desturl = &Apache::lonnet::clutter($desturl);
- }
- $destination .= '&destinationurl='.$desturl.
- '&destsymb='.$destsymb;
- } else {
- $destination .= '&destinationurl='.$destsymb;
- }
- }
+ $destination .= ($destination =~ /\?/) ? '&' : '?';
+ my $newrole = &HTML::Entities::encode($form->{role},'"<>&');
+ $destination .= 'selectrole=1&'.$newrole.'=1';
}
}
}
+ if (defined($form->{symb})) {
+ my $destsymb = $form->{symb};
+ $destination .= ($destination =~ /\?/) ? '&' : '?';
+ if ($destsymb =~ /___/) {
+ # FIXME Need to deal with encrypted symbs and urls as needed.
+ my ($map,$resid,$desturl)=split(/___/,$destsymb);
+ unless ($desturl=~/^(adm|uploaded|editupload|public)/) {
+ $desturl = &Apache::lonnet::clutter($desturl);
+ }
+ $desturl = &HTML::Entities::encode($desturl,'"<>&');
+ $destsymb = &HTML::Entities::encode($destsymb,'"<>&');
+ $destination .= '&destinationurl='.$desturl.
+ '&destsymb='.$destsymb;
+ } else {
+ $destsymb = &HTML::Entities::encode($destsymb,'"<>&');
+ $destination .= '&destinationurl='.$destsymb;
+ }
+ }
- my $windowinfo=&Apache::lonmenu::open($env{'browser.os'});
- my $startupremote=&Apache::lonmenu::startupremote($destination);
- my $remoteinfo=&Apache::lonmenu::load_remote_msg($lowerurl);
- my $setflags=&Apache::lonmenu::setflags();
- my $maincall=&Apache::lonmenu::maincall();
+ my $windowinfo = Apache::lonhtmlcommon::scripttag('self.name="loncapaclient";');
+ my $header = '';
my $brcrum = [{'href' => '',
'text' => 'Successful Login'},];
my $start_page=&Apache::loncommon::start_page('Successful Login',
- $startupremote,
+ $header,
{'no_inline_link' => 1,
'bread_crumbs' => $brcrum,});
my $end_page =&Apache::loncommon::end_page();
- my $continuelink;
- if ($env{'environment.remote'} eq 'off') {
- $continuelink=''.&mt('Continue').'';
- }
+ my $continuelink=''.&mt('Continue').'';
# ------------------------------------------------- Output for successful login
&Apache::loncommon::content_type($r,'text/html');
@@ -140,13 +136,10 @@ sub success {
);
$r->print(<$lt{'wel'}
$lt{'mes'}
$lt{'pro'}
-$remoteinfo
-$maincall
$continuelink
$end_page
ENDSUCCESS