--- loncom/cgi/loncgi.pm 2006/05/18 14:24:06 1.7 +++ loncom/cgi/loncgi.pm 2018/07/04 16:58:26 1.16 @@ -1,7 +1,7 @@ # # LON-CAPA helpers for cgi-bin scripts # -# $Id: loncgi.pm,v 1.7 2006/05/18 14:24:06 albertel Exp $ +# $Id: loncgi.pm,v 1.16 2018/07/04 16:58:26 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -36,8 +36,8 @@ loncgi =head1 SYNOPSIS -Provides subroutines for checking a LON-CAPA cookie and loading the users -environment. +Provides subroutines for checking a LON-CAPA cookie, loading the user's +environment, and retrieving arguments passed in via a CGI's Query String. =head1 Subroutines @@ -54,11 +54,14 @@ use warnings FATAL=>'all'; no warnings 'uninitialized'; use lib '/home/httpd/lib/perl/'; -use CGI(); +use CGI qw(:standard); use CGI::Cookie(); +use MIME::Types(); use Fcntl qw(:flock); use LONCAPA; use LONCAPA::Configuration(); +use GDBM_File; +use Apache::lonlocal; my $lonidsdir; @@ -68,33 +71,32 @@ BEGIN { $lonidsdir = $perlvar->{'lonIDsDir'}; } + ############################################# ############################################# =pod -=item check_cookie_and_load_env +=item check_cookie_and_load_env() -Inputs: none +Inputs: 1 ( optional). When called from a handler in mod_perl, + pass in the request object. -Returns: 1 if the user has a LON-CAPA cookie 0 if not. -Loads the users environment into the %env hash if the cookie is correct. +Returns: 1 if the user has a LON-CAPA cookie, 0 if not. +Side effect: Loads the user's environment into the %env hash + if the cookie is correct. =cut ############################################# ############################################# sub check_cookie_and_load_env { - my %cookies=fetch CGI::Cookie; - if (exists($cookies{'lonID'}) && - -e "$lonidsdir/".$cookies{'lonID'}->value.".id") { - # cookie found - &transfer_profile_to_env($cookies{'lonID'}->value); - return 1; - } else { - # No cookie found - return 0; + my ($r) = @_; + my ($hascookie,$handle) = &check_cookie($r); + if (($hascookie) && ($handle)) { + &transfer_profile_to_env($handle); } + return $hascookie; } ############################################# @@ -102,10 +104,15 @@ sub check_cookie_and_load_env { =pod -=item check_cookie +=item check_cookie() Inputs: none +Array context: +Returns: (1,$handle) if the user has a LON-CAPA cookie; +(0) if user does not have a LON-CAPA cookie. + +Scalar context: Returns: 1 if the user has a LON-CAPA cookie and 0 if not. =cut @@ -113,13 +120,52 @@ Returns: 1 if the user has a LON-CAPA co ############################################# ############################################# sub check_cookie { - my %cookies=fetch CGI::Cookie; - if (exists($cookies{'lonID'}) && - -e "$lonidsdir/".$cookies{'lonID'}->value.".id") { - # cookie found - return 1; + my ($r) = @_; + my %cookies; + if (ref($r)) { + %cookies = CGI::Cookie->fetch($r); + } else { + %cookies = CGI::Cookie->fetch(); + } + if (keys(%cookies)) { + my $name = 'lonID'; + my $secure = 'lonSID'; + my $linkname = 'lonLinkID'; + my $pubname = 'lonPubID'; + my $lonid; + if (exists($cookies{$secure})) { + $lonid=$cookies{$secure}; + } elsif (exists($cookies{$name})) { + $lonid=$cookies{$name}; + } elsif (exists($cookies{$linkname})) { + $lonid=$cookies{$linkname}; + } elsif (exists($cookies{$pubname})) { + $lonid=$cookies{$pubname}; + } + if ($lonid) { + my $handle=&LONCAPA::clean_handle($lonid->value); + if ($handle) { + if (-l "$lonidsdir/$handle.id") { + my $link = readlink("$lonidsdir/$handle.id"); + if ((-e $link) && ($link =~ m{^\Q$lonidsdir\E/(.+)\.id$})) { + $handle = $1; + } + } + if (-e "$lonidsdir/".$handle.".id") { + # valid cookie found + if (wantarray) { + return (1,$handle); + } else { + return 1; + } + } + } + } + } + # No valid cookie found + if (wantarray) { + return (0); } else { - # No cookie found return 0; } } @@ -129,7 +175,7 @@ sub check_cookie { =pod -=item transfer_profile_to_env +=item transfer_profile_to_env() Load the users environment into the %env hash. @@ -143,19 +189,10 @@ Returns: undef ############################################# sub transfer_profile_to_env { my ($handle)=@_; - my @profile; - { - open(IDFILE, "<$lonidsdir/$handle.id"); - flock(IDFILE,LOCK_SH); - @profile=; - close(IDFILE); - } - foreach my $envrow (@profile) { - chomp($envrow); - my ($envname,$envvalue)=split(/=/,$envrow,2); - $envname = &unescape($envname); - $envvalue = &unescape($envvalue); - $Apache::lonnet::env{$envname} = $envvalue; + if (tie(my %disk_env,'GDBM_File',"$lonidsdir/$handle.id",&GDBM_READER(), + 0640)) { + %Apache::lonnet::env = %disk_env; + untie(%disk_env); } $Apache::lonnet::env{'user.environment'} = "$lonidsdir/$handle.id"; return undef; @@ -164,6 +201,104 @@ sub transfer_profile_to_env { ############################################# ############################################# +=pod + +=item missing_cookie_msg() + +Inputs: none +Returns: HTML for a page indicating cookie information absent. + +=cut + +############################################# +############################################# +sub missing_cookie_msg { + my %lt = &Apache::lonlocal::texthash ( + cook => 'Bad Cookie', + your => 'Your cookie information is incorrect.', + ); + return < +$lt{'cook'} + +$lt{'your'} + + +END + +} + +############################################# +############################################# + +=pod + +=cgi_getitems() + +Inputs: $query - the CGI query string (required) + $getitems - reference to a hash (required) + $possname - permitted names of keys (optional) + +Returns: nothing + +Side Effects: populates $getitems hash ref with key => value + where each key is the name of the form item in the query string + and value is an array of corresponding values. + +=cut + +############################################# +############################################# +sub cgi_getitems { + my ($query,$getitems,$possnames)= @_; + foreach (split(/&/,$query)) { + my ($name, $value) = split(/=/,$_); + $name = &unescape($name); + if (ref($possnames) eq 'ARRAY') { + next unless (grep(/^\Q$name\E$/,@{$possnames})); + } + $value =~ tr/+/ /; + $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg; + push(@{$$getitems{$name}},$value); + } + return; +} + +############################################# +############################################# + +=pod + +=cgi_header() + +Inputs: $contenttype - Content Type (e.g., text/html or text/plain) + $nocache - Boolean 1 = nocache +Returns: HTTP Response headers constructed using CGI.pm + +=cut + +############################################# +############################################# +sub cgi_header { + my ($contenttype,$nocache) = @_; + my $mimetypes = MIME::Types->new; + my %headers; + if ($contenttype ne '') { + if ($mimetypes->type($contenttype) ne '') { + $headers{'-type'} = $contenttype; + if ($contenttype =~ m{^text/}) { + $headers{'-charset'} = 'utf-8'; + } + } + } + if ($nocache) { + $headers{'-expires'} = 'now'; + } + if (%headers) { + return CGI::header(%headers); + } + return; +} =pod