--- loncom/homework/grades.pm	2001/08/06 20:29:37	1.13
+++ loncom/homework/grades.pm	2001/10/05 21:51:14	1.16
@@ -2,6 +2,7 @@
 # 2/9,2/13 Guy Albertelli
 # 6/8 Gerd Kortemeyer
 # 7/26 H.K. Ng
+# 8/20 Gerd Kortemeyer
 
 package Apache::grades;
 use strict;
@@ -17,11 +18,16 @@ sub moreinfo {
   $request->print("Unable to process request: $reason");
   if ( $Apache::grades::viewgrades eq 'F' ) {
     $request->print('<form action="/adm/grades" method="post">'."\n");
-    $request->print('<input type="hidden" name="url" value="'.$ENV{'form.url'}.'"></input>'."\n");
-    $request->print('<input type="hidden" name="command" value="'.$ENV{'form.command'}.'"></input>'."\n");
-    $request->print("Student:".'<input type="text" name="student" value="'.$ENV{'form.student'}.'"></input>'."<br />\n");
-    $request->print("Domain:".'<input type="text" name="domain" value="'.$ENV{'user.domain'}.'"></input>'."<br />\n");
-    $request->print('<input type="submit" name="submit" value="ReSubmit"></input>'."<br />\n");
+    if ($ENV{'form.url'}) {
+      $request->print('<input type="hidden" name="url" value="'.$ENV{'form.url'}.'" />'."\n");
+    }
+    if ($ENV{'form.symb'}) {
+      $request->print('<input type="hidden" name="symb" value="'.$ENV{'form.symb'}.'" />'."\n");
+    }
+    $request->print('<input type="hidden" name="command" value="'.$ENV{'form.command'}.'" />'."\n");
+    $request->print("Student:".'<input type="text" name="student" value="'.$ENV{'form.student'}.'" />'."<br />\n");
+    $request->print("Domain:".'<input type="text" name="domain" value="'.$ENV{'user.domain'}.'" />'."<br />\n");
+    $request->print('<input type="submit" name="submit" value="ReSubmit" />'."<br />\n");
     $request->print('</form>');
   }
   return '';
@@ -40,18 +46,23 @@ sub listStudents {
       my $reply=&Apache::lonnet::reply('get:'.$sdom.':'.$sname.
 		     ':environment:lastname&generation&firstname&middlename',
 		      &Apache::lonnet::homeserver($sname,$sdom));
-      print "reply=$reply<br>";
+      #print "reply=$reply<br>";
       my (@nameparts) = split /&/,$reply;
 #      my $sfullname = $Apache::lonnet::unescape($nameparts[0]);
 
       if ( $Apache::grades::viewgrades eq 'F' ) {
 	  $request->print('<form action="/adm/grades" method="post">'."\n");
 	  $request->print("$sname @nameparts\n");
-	  $request->print('<input type="hidden" name="url" value="'.$ENV{'form.url'}.'"></input>'."\n");
-	  $request->print('<input type="hidden" name="command" value="'.$ENV{'form.command'}.'"></input>'."\n");
-	  $request->print('<input type="hidden" name="student" value="'.$sname.'"></input>'."\n");
-	  $request->print('<input type="hidden" name="domain" value="'.$sdom.'"></input>'."\n");
-	  $request->print('<input type="submit" name="submit" value="View"></input>'."<br />\n");
+	  if ($ENV{'form.url'}) {
+	    $request->print('<input type="hidden" name="url" value="'.$ENV{'form.url'}.'" />'."\n");
+	  }
+	  if ($ENV{'form.symb'}) {
+	    $request->print('<input type="hidden" name="symb" value="'.$ENV{'form.symb'}.'" />'."\n");
+	  }
+	  $request->print('<input type="hidden" name="command" value="'.$ENV{'form.command'}.'" />'."\n");
+	  $request->print('<input type="hidden" name="student" value="'.$sname.'" />'."\n");
+	  $request->print('<input type="hidden" name="domain" value="'.$sdom.'" />'."\n");
+	  $request->print('<input type="submit" name="submit" value="View" />'."<br />\n");
 	  $request->print('</form>');
       }
   }
@@ -90,10 +101,10 @@ sub getclasslist {
     my ($end,$start)=split(/:/,$value);
     # still a student?
     if (($hideexpired) && ($end) && ($end < $now)) {
-      print "Skipping:$name:$end:$now<br />\n";
+      #print "Skipping:$name:$end:$now<br />\n";
       next;
     }
-    print "record=$record<br>";
+    #print "record=$record<br>";
     push( @{ $classlist{'allids'} }, $name); 
   }
   return (%classlist);
@@ -210,7 +221,12 @@ sub submission {
 #  if ($ENV{'form.student'} eq '') { &listStudents($request); return ''; }
   my ($uname,$udom) = &finduser($ENV{'form.student'});
   if ($uname eq '') { &moreinfo($request,"Unable to find student"); return ''; }
-  my $symb=&Apache::lonnet::symbread($url);
+  my $symb;
+  if ($ENV{'form.symb'}) {
+    $symb=$ENV{'form.symb'};
+  } else {
+    $symb=&Apache::lonnet::symbread($url);
+  }
   if ($symb eq '') { $request->print("Unable to handle ambiguous references:$url:."); return ''; }
   my $answer=&Apache::loncommon::get_previous_attempt($symb,$uname,$udom,
 						      $ENV{'request.course.id'});
@@ -244,8 +260,8 @@ sub viewgrades {
 
   #start the form
   $result = '<form action="/adm/grades" method="post">'."\n".
-    '<input type="hidden" name="symb" value="'.$symb.'"/>'."\n".
-      '<input type="hidden" name="url" value="'.$url.'"/>'."\n".
+    '<input type="hidden" name="symb" value="'.$symb.'" />'."\n".
+      '<input type="hidden" name="url" value="'.$url.'" />'."\n".
 	'<input type="hidden" name="command" value="editgrades" />'."\n".
 	  '<input type="submit" name="submit" value="Submit Changes" />'."\n".
 	    '<table border=0><tr><td bgcolor="#999999">'."\n".
@@ -325,13 +341,43 @@ sub handler {
   }
   $request->send_http_header;
   return OK if $request->header_only;
+  &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'});
   my $url=$ENV{'form.url'};
   my $symb=$ENV{'form.symb'};
   my $command=$ENV{'form.command'};
-  
+  if (!$url) {
+    my ($temp1,$temp2);
+    ($temp1,$temp2,$ENV{'form.url'})=split(/___/,$symb);
+    $url = $ENV{'form.url'};
+  }
   &send_header($request);
   if ($url eq '' && $symb eq '') {
-    $request->print("Non-Contextual Access Unsupported:$command:$url:");
+     if ($ENV{'user.adv'}) {
+         if (($ENV{'form.codeone'}) && ($ENV{'form.codetwo'}) &&
+             ($ENV{'form.codethree'})) {
+             my $token=$ENV{'form.codeone'}.'*'.$ENV{'form.codetwo'}.'*'.
+		        $ENV{'form.codethree'};
+             my ($tsymb,$tuname,$tudom,$tcrsid)=
+		 &Apache::lonnet::checkin($token);
+             if ($tsymb) {
+                my ($map,$id,$url)=split(/\_\_\_/,$tsymb);
+                if (&Apache::lonnet::allowed('mgr',$tcrsid)) {
+                   $request->print(
+                     &Apache::lonnet::ssi('/res/'.$url,
+                        ('grade_username' => $tuname,
+                         'grade_domain' => $tudom,
+                         'grade_courseid' => $tcrsid,
+                         'grade_symb' => $tsymb)));
+                } else {
+                   $request->print('<h1>Not authorized: '.$token.'</h1>');
+                }           
+	    } else {
+                $request->print('<h1>Not a valid DocID: '.$token.'</h1>');
+            }
+	 } else {
+             $request->print(&Apache::lonxml::tokeninputfield());
+         }
+     }
   } else {
     $Apache::grades::viewgrades=&Apache::lonnet::allowed('vgr',$ENV{'request.course.id'});
     if ($command eq 'submission') {