--- loncom/interface/createaccount.pm	2019/05/05 23:19:47	1.78
+++ loncom/interface/createaccount.pm	2025/02/18 17:45:11	1.90
@@ -4,7 +4,7 @@
 # kerberos, or SSO) or an e-mail address. Requests to use an e-mail address as
 # username may be processed automatically, or may be queued for approval.
 #
-# $Id: createaccount.pm,v 1.78 2019/05/05 23:19:47 raeburn Exp $
+# $Id: createaccount.pm,v 1.90 2025/02/18 17:45:11 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -37,7 +37,6 @@ use Apache::lonacc;
 use Apache::lonnet;
 use Apache::loncommon;
 use Apache::lonhtmlcommon;
-use Apache::lonuserutils;
 use Apache::lonlocal;
 use Apache::lonauth;
 use Apache::resetpw;
@@ -95,17 +94,24 @@ sub handler {
     my $lonhost = $r->dir_config('lonHostID');
     my $include = $r->dir_config('lonIncludes');
     my $start_page;
+    my $args = {};
 
+    (undef,undef,undef,my $clientmathml,my $clientunicode) =
+        &Apache::loncommon::decode_user_agent();
+    if ($clientunicode && !$clientmathml) {
+        $args->{'browser.unicode'} = 1;
+    }
     my $handle = &Apache::lonnet::check_for_valid_session($r);
     if (($handle ne '') && ($handle !~ /^publicuser_\d+$/)) {
         $start_page =
-            &Apache::loncommon::start_page('Already logged in');
+            &Apache::loncommon::start_page('Already logged in',undef,$args);
         my $end_page =
             &Apache::loncommon::end_page();
-        $r->print($start_page."\n".'<h2>'.&mt('You are already logged in').'</h2>'.
+        $r->print($start_page."\n".'<div class="LC_landmark" role="main">'.
+                  '<h2 class="LC_heading_2">'.&mt('You are already logged in').'</h2>'.
                   '<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].',
                             '<a href="/adm/roles">','</a>','<a href="/adm/logout">','</a>').
-                  '</p><p><a href="/adm/loginproblems.html">'.&mt('Login problems?').'</a></p>'.$end_page);
+                  '</p><p><a href="/adm/loginproblems.html">'.&mt('Login problems?').'</a></p></div>'.$end_page);
         return OK;
     }
 
@@ -140,7 +146,7 @@ sub handler {
             &print_footer($r);
             return OK;
         } else {
-            $start_page = &Apache::loncommon::start_page($title,$js); 
+            $start_page = &Apache::loncommon::start_page($title,$js,$args); 
             &print_header($r,$start_page,$courseid);
             $r->print($output);
             &print_footer($r);    
@@ -153,7 +159,7 @@ sub handler {
     my ($cancreate,$statustocreate,$statusforemail,$emailusername,
         $emailoptions,$verification,$emaildomain,$types,$usertypes,$othertitle) =
         &get_creation_controls($domain,$domconfig{'usercreation'});
-    my ($additems,$pagetitle);
+    my ($pagetitle,$need_affiliation);
     if (ref($cancreate) eq 'ARRAY') {
         unless (($env{'form.token'}) || ($sso_username ne '') || ($env{'form.phase'}) ||
                 ($env{'form.create_with_email'})) {
@@ -162,20 +168,21 @@ sub handler {
                 if ((($usertype eq '') || (!grep(/^\Q$usertype\E$/,@{$statusforemail}))) && 
                     (@{$statusforemail} > 0)) {
                     $js .= &setelements_js($statusforemail,$types,$usertypes,$othertitle);
-                    $additems = {'add_entries' => { 'onload' => "setElements();"} };
+                    $args->{'add_entries'} = { 'onload' => "setElements();"};
                     if ((@{$cancreate} == 1) && (@{$statusforemail} > 0)) {
                         $pagetitle = 'Select affiliation';
                     }
+                    $need_affiliation = 1;
                 } else {
                     $js .= &username_js();
                 }
             }
         }
     }
-    $start_page = &Apache::loncommon::start_page($title,$js,$additems);
+    $start_page = &Apache::loncommon::start_page($title,$js,$args);
     if (@{$cancreate} == 0) {
         &print_header($r,$start_page,$courseid,$pagetitle);
-        my $output = '<h3>'.&mt('Account creation unavailable').'</h3>'.
+        my $output = '<h2 class="LC_heading_2">'.&mt('Account creation unavailable').'</h2>'.
                      '<span class="LC_warning">'.
                      &mt('Creation of a new user account using an institutional log-in ID or e-mail verification is not permitted for: [_1].',$domdesc).
                      '</span><br /><br />';
@@ -189,7 +196,7 @@ sub handler {
         my ($msg,$sso_logout);
         $sso_logout = &sso_logout_frag($r,$domain);
         if (grep(/^sso$/,@{$cancreate})) {
-            $msg = '<h3>'.&mt('Account creation').'</h3>'.
+            $msg = '<h2 class="LC_heading_2">'.&mt('Account creation').'</h2>'.
                    &mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account at this institution.").'<br />';
             my $shibenv;
             if (($r->dir_config('lonOtherAuthen') eq 'yes') && 
@@ -223,7 +230,7 @@ sub handler {
                                     $lonhost,$contact_email,$contact_name,
                                     $sso_logout,$statustocreate,$shibenv);
         } else {
-            $msg = '<h3>'.&mt('Account creation unavailable').'</h3>'.
+            $msg = '<h2 class="LC_heading_2">'.&mt('Account creation unavailable').'</h2>'.
                    '<span class="LC_warning">'.&mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account at this institution, and you are not permitted to create one.").'</span><br /><br />'.&mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email).'<hr />'.
                    $sso_logout;
         }
@@ -328,7 +335,8 @@ sub handler {
     } elsif (!$token) {
         &print_header($r,$start_page,$courseid,$pagetitle);
         my $now=time;
-        if ((grep(/^login$/,@{$cancreate})) && (!grep(/^email$/,@{$cancreate}))) {
+        if ((grep(/^login$/,@{$cancreate})) &&
+            ((!grep(/^email$/,@{$cancreate})) || ($need_affiliation))) {
             if (open(my $jsh,"<","$include/londes.js")) {
                 while(my $line = <$jsh>) {
                     $r->print($line);
@@ -438,7 +446,9 @@ sub javascript_setforms {
                 }
                 $setuserinfo .= '                    server.elements.'.$key.'.value=client.elements.'.$key.'.value;'."\n";
             }
-            $setuserinfo .= '                    server.elements.type.value=client.elements.type.value;'."\n"; 
+            if ($usertype ne '') {
+                $setuserinfo .= '                    server.elements.type.value=client.elements.type.value;'."\n";
+            }
         }
         if ($captcha eq 'original') {
             $setuserinfo .= '                    server.elements.code.value=client.elements.code.value;'."\n".
@@ -526,7 +536,7 @@ sub javascript_checkpass {
     my $mismatchpass = &mt('The passwords you entered did not match.')."\n".
                        &mt('Please try again.'); 
     my ($numrules,$intargjs) =
-        &Apache::lonuserutils::passwd_validation_js('upass',$domain);
+        &Apache::loncommon::passwd_validation_js('upass',$domain);
     &js_escape(\$nopass);
     &js_escape(\$mismatchpass);
     my $js = <<"ENDSCRIPT";
@@ -570,8 +580,7 @@ sub javascript_validmail {
     my %js_lt = &Apache::lonlocal::texthash (
                email => 'The e-mail address you entered',
                notv  => 'is not a valid e-mail address',
-               avae  => 'A valid e-mail address is not formed when the value you entered',
-               isco  => 'is combined with the required domain',
+               avae  => 'A valid e-mail address is not formed when the value you entered is combined with the required domain',
     );
     my $output =  "\n".'<script type="text/javascript">'."\n".
                   '// <![CDATA['."\n".
@@ -583,7 +592,7 @@ function validate_email(client) {
     var condition = '$condition';
     if (validmail(field,condition) == false) {
         if ((condition != undefined) && (condition != '')) {
-            alert("$js_lt{'avae'}: "+field.value+" $js_lt{'isco'}: "+condition);
+            alert("$js_lt{'avae'}: "+condition);
         } else {
             alert("$js_lt{'email'}: "+field.value+" $js_lt{'notv'}.");
         }
@@ -614,7 +623,7 @@ sub print_username_form {
         if (grep(/^login$/,@{$cancreate})) {
             my %domdefaults = &Apache::lonnet::get_domain_defaults($domain);
             if ((($domdefaults{'auth_def'} =~/^krb/) && ($domdefaults{'auth_arg_def'} ne '')) || ($domdefaults{'auth_def'} eq 'localauth')) {
-                $output = '<div class="LC_left_float"><h3>'.$lt{'crac'}.'</h3>';
+                $output = '<div class="LC_left_float"><h2 class="LC_heading_2">'.$lt{'crac'}.'</h2>';
                 $output .= &mt('If you already have a log-in ID at this institution [_1]you may be able to use it for LON-CAPA.','<br />').
                            '<br /><br />'.
                            $lt{'type'}.
@@ -624,7 +633,7 @@ sub print_username_form {
             }
         }
         if (grep(/^email$/,@{$cancreate})) {
-            $output .= '<div class="LC_left_float"><h3>'.$lt{'crae'}.'</h3>';
+            $output .= '<div class="LC_left_float"><h2 class="LC_heading_2">'.$lt{'crae'}.'</h2>';
             if ($usertype ne '') {
                 if ((ref($statusforemail) eq 'ARRAY') && (@{$statusforemail} > 0)) {
                     unless (grep(/^\Q$usertype\E$/,@{$statusforemail})) {
@@ -640,9 +649,9 @@ sub print_username_form {
                 unless (grep(/^default$/,@posstypes)) {
                     push(@posstypes,'default');
                 }
-                $output .= '<p>'.&mt('Choose your affiliation at [_1]',$domdesc).'</p>'."\n".
-                           '<form name="reportstatus" id="LC_reportstatus" action="/adm/createaccount" method="post" '.
-                           'onsubmit="return checkVerification();"><p>';
+                $output .= '<form name="reportstatus" id="LC_reportstatus" action="/adm/createaccount" method="post" '.
+                           'onsubmit="return checkVerification();"><fieldset><legend>'.
+                           &mt('Choose your affiliation at [_1]',$domdesc).'</legend>';
                 foreach my $type (@posstypes) {
                     my $name;
                     if ($type eq 'default') {
@@ -665,7 +674,8 @@ sub print_username_form {
                 if ($env{'form.courseid'} =~ /^$match_domain\_$match_courseid$/) {
                     $output .= "\n".'<input type="hidden" name="courseid" value="'.$env{'form.courseid'}.'" />';
                 }
-                $output .= '</p>'."\n".'<p><input type="submit" name="reportedtype" value="'.&mt('Submit').'" /></p></form>';
+                $output .= "\n".'<p><input type="submit" name="reportedtype" value="'.&mt('Submit').'" />'.
+                           '</p></fieldset></form>'."\n";
             } else {
                 my ($captchaform,$error,$captcha,$recaptchaversion) = 
                     &Apache::loncommon::captcha_display('usercreation',$lonhost);
@@ -739,15 +749,15 @@ sub login_box {
     my $logtoken=Apache::lonnet::reply('tmpput:'.$ukey.$lkey.'&createaccount:createaccount',
                                        $lonhost);
     $output = &serverform($logtoken,$lonhost,undef,$courseid,$context);
-    my $unameform = '<input type="text" name="uname" size="20" value="" autocomplete="off" />';
-    my $upassform = '<input type="password" name="upass'.$now.'" size="20" autocomplete="off" />';
+    my $unameform = '<input type="text" name="uname" id="uname" size="20" value="" autocomplete="off" />';
+    my $upassform = '<input type="password" name="upass'.$now.'" id="upass'.$now.'" size="20" autocomplete="new-password" />';
     $output .= '<form name="client" method="post" action="" onsubmit="return(send('."'server','client'".'));">'."\n".
                &Apache::lonhtmlcommon::start_pick_box()."\n".
-               &Apache::lonhtmlcommon::row_title($titles{$context},
+               &Apache::lonhtmlcommon::row_title('<label for="uname">'.$titles{$context}.'</label>',
                                                  'LC_pick_box_title')."\n".
                $unameform."\n".
                &Apache::lonhtmlcommon::row_closure(1)."\n".
-               &Apache::lonhtmlcommon::row_title(&mt('Password'),
+               &Apache::lonhtmlcommon::row_title('<label for="upass'.$now.'">'.&mt('Password').'</label>',
                                                 'LC_pick_box_title')."\n".
                $upassform;
     if ($context eq 'selfenroll') {
@@ -761,7 +771,8 @@ sub login_box {
         $output .= '<input type="hidden" name="udom" value="'.$domain.'" />';
     }
     $output .= &Apache::lonhtmlcommon::row_closure(1).
-               &Apache::lonhtmlcommon::row_title().
+               &Apache::lonhtmlcommon::row_title('<span class="LC_visually_hidden">'.
+                                                 &mt('Submit').'</span>','','','',1).
                '<br /><input type="submit" name="username_validation" value="'.
                $submit_text.'" />'."\n";
     if ($context eq 'selfenroll') {
@@ -890,7 +901,7 @@ sub process_email_request {
                               $contact_email,$courseid,$emailusername,$usertype,
                               $uname);
     }
-    return $output;
+    return '<div class="LC_landmark" role="main">'.$output.'</div>';
 }
 
 sub call_rulecheck {
@@ -910,7 +921,7 @@ sub call_rulecheck {
 sub send_token {
     my ($domain,$email,$server,$domdesc,$contact_name,$contact_email,$courseid,$emailusername,
         $usertype,$uname) = @_;
-    my $msg = '<h3>'.&mt('Account creation status').'</h3>'.
+    my $msg = '<h2 class="LC_heading_2">'.&mt('Account creation status').'</h2>'.
               &mt('Thank you for your request to create a new LON-CAPA account.').
               '<br /><br />';
     my $now = time;
@@ -933,30 +944,30 @@ sub send_token {
 # Check if the password entered by the user satisfies domain's requirements
         my %passwdconf = &Apache::lonnet::get_passwdconf($domain);
         my ($min,$max,@chars);
+        $min = $Apache::lonnet::passwdmin;
         if (ref($passwdconf{'chars'}) eq 'ARRAY') {
             if ($passwdconf{'min'} =~ /^\d+$/) {
-                $min = $passwdconf{'min'};
+                if ($passwdconf{'min'} > $min) {
+                    $min = $passwdconf{'min'};
+                }
             }
             if ($passwdconf{'max'} =~ /^\d+$/) {
                 $max = $passwdconf{'max'};
             }
             @chars = @{$passwdconf{'chars'}};
-        } else {
-            $min = 7;
         }
-        if (($min ne '') || ($max ne '') || (@chars > 0)) {
-            my ($plainpass,$encpass);
-            my $encpass = $env{'form.upass'};
-            if ($encpass eq '') {
-                $msg = &mt('Password retrieved was blank.').
-                       '<br /><p>'.&mt('[_1]Return[_2] to the previous page to try again.',
-                                       '<a href="javascript:document.retryemail.submit();">','</a>');
-                $earlyout = 1;
-            } else {
+        my $encpass = $env{'form.upass'};
+        if ($encpass eq '') {
+            $msg = &mt('Password retrieved was blank.').
+                   '<br /><p>'.&mt('[_1]Return[_2] to the previous page to try again.',
+                                   '<a href="javascript:document.retryemail.submit();">','</a>');
+            $earlyout = 1;
+        } else {
 # Split the logtoken to retrieve the DES key and decrypt the encypted password
-                my ($key,$caller)=split(/&/,$tmpinfo);
-                if ($caller eq 'createaccount') {
-                    $plainpass = &Apache::loncommon::des_decrypt($key,$encpass);
+            my ($key,$caller)=split(/&/,$tmpinfo);
+            if ($caller eq 'createaccount') {
+                my $plainpass = &Apache::loncommon::des_decrypt($key,$encpass);
+                if (($min > 0) || ($max ne '') || (@chars > 0)) {
                     my $warning = &Apache::loncommon::check_passwd_rules($domain,$plainpass);
                     if ($warning) {
                         $msg = $warning.
@@ -983,7 +994,8 @@ sub send_token {
             $msg .= '</form></p>';
             return $msg;
         }
-        my %info = ('ip'         => $ENV{'REMOTE_ADDR'},
+        my $ip = &Apache::lonnet::get_requestor_ip();
+        my %info = ('ip'         => $ip,
                     'time'       => $now,
                     'domain'     => $domain,
                     'username'   => $email,
@@ -1099,8 +1111,9 @@ sub process_mailtoken {
                             &create_account($r,$domain,$domdesc,\%data);
                         if ($result eq 'ok') {
                             $msg = $output;
+                            my $ip = &Apache::lonnet::get_requestor_ip();
                             my $shownow = &Apache::lonlocal::locallocaltime($now);
-                            my $mailmsg = &mt('A LON-CAPA account for the institution: [_1] has been created [_2] from IP address: [_3]. If you did not perform this action or authorize it, please contact the [_4] ([_5]).',$domdesc,$shownow,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n";
+                            my $mailmsg = &mt('A LON-CAPA account for the institution: [_1] has been created [_2] from IP address: [_3]. If you did not perform this action or authorize it, please contact the [_4] ([_5]).',$domdesc,$shownow,$ip,$contact_name,$contact_email)."\n";
                             my $mailresult = &Apache::resetpw::send_mail($domdesc,$data{'email'},
                                                                         $mailmsg,$contact_name,
                                                                         $contact_email);
@@ -1180,42 +1193,54 @@ sub print_dataentry_form {
         my ($lextkey,$uextkey) = &getkeys($lkey,$ukey);
         my $logtoken=Apache::lonnet::reply('tmpput:'.$ukey.$lkey.'&createaccount:createaccount',
                                            $lonhost);
-        $output .=
+        my $showsubmit = 1;
+        my $serverform =
             '<form name="createaccount" method="post" target="_top" action="/adm/createaccount">';
         if ($courseid ne '') {
-            $output .= '<input type="hidden" name="courseid" value="'.$courseid.'"/>'."\n";
+            $serverform .= '<input type="hidden" name="courseid" value="'.$courseid.'"/>'."\n";
         }
         if (ref($emailusername) eq 'HASH') {
             if (ref($emailusername->{$usertype}) eq 'HASH') {
                 foreach my $field (sort(keys(%{$emailusername->{$usertype}}))) {
-                    $output .= '<input type="hidden" name="'.$field.'" value="" />'."\n";
+                    $serverform .= '<input type="hidden" name="'.$field.'" value="" />'."\n";
                 }
             }
         }
         if ($captcha eq 'original') {
-            $output .= '
+            $serverform .= '
    <input type="hidden" name="crypt" value="" />
    <input type="hidden" name="code" value="" />
 ';
         } elsif ($captcha eq 'recaptcha') {
             if ($recaptchaversion eq '2') {
-                $output .= "$captchaform\n";
+                $serverform .= &Apache::lonhtmlcommon::start_pick_box().
+                               &Apache::lonhtmlcommon::row_title(&mt('Validation').'<b>*</b>',
+                                                                 'LC_pick_box_title',
+                                                                 'LC_oddrow_value')."\n".
+                                                                 $captchaform.
+                               &Apache::lonhtmlcommon::row_closure(1)."\n".
+                               &Apache::lonhtmlcommon::row_title()."\n".
+                               '<br /><input type="button" name="createaccount" value="'.
+                               &mt('Create account').'" onclick="checkpass('."'createaccount','newemail'".')" />'.
+                               &Apache::lonhtmlcommon::row_closure(1)."\n".
+                               &Apache::lonhtmlcommon::end_pick_box();
                 undef($captchaform);
+                undef($showsubmit);
             } else {
-                $output .= '
+                $serverform .= '
    <input type="hidden" name="recaptcha_challenge_field" value="" />
    <input type="hidden" name="recaptcha_response_field" value="" />
 ';
             }
         }
         if ($usertype ne '') {
-            $output .= '<input type="hidden" name="type" value="'.
-                       &HTML::Entities::encode($usertype,'\'<>"&').'" />'."\n";
+            $serverform .= '<input type="hidden" name="type" value="'.
+                           &HTML::Entities::encode($usertype,'\'<>"&').'" />'."\n";
         }
         if ($usernameset eq 'free') {
-            $output .= '<input type="hidden" name="username" value="" />'."\n"; 
+            $serverform .= '<input type="hidden" name="username" value="" />'."\n"; 
         }
-        $output .= <<"ENDSERVERFORM";
+        $serverform .= <<"ENDSERVERFORM";
    <input type="hidden" name="logtoken" value="$logtoken" />
    <input type="hidden" name="serverid" value="$lonhost" />
    <input type="hidden" name="uname" value="" />
@@ -1227,25 +1252,33 @@ sub print_dataentry_form {
 ENDSERVERFORM
         my $beginclientform = '<form name="newemail" method="post" action="" '.
                               'onsubmit="return checkpass('."'createaccount','newemail'".');">'."\n";
-        my $endclientform = '<input type="hidden" name="udom" value="'.$domain.'" />'."\n".
-                            '<input type="hidden" name="lextkey" value="'.$lextkey.'" />'."\n".
-                            '<input type="hidden" name="uextkey" value="'.$uextkey.'" />'."\n".
-                            '</form>'."\n".
-                            '<p class="LC_info">'.&mt('Fields marked [_1]*[_2] are required.','<b>','</b>').'</p>';
+        my $endclientform;
+        unless ($showsubmit) {
+            if ($usertype ne '') {
+                $endclientform = '<input type="hidden" name="type" value="'.
+                                 &HTML::Entities::encode($usertype,'\'<>"&').'" />'."\n";
+            }
+        }
+        $endclientform .= '<input type="hidden" name="udom" value="'.$domain.'" />'."\n".
+                          '<input type="hidden" name="lextkey" value="'.$lextkey.'" />'."\n".
+                          '<input type="hidden" name="uextkey" value="'.$uextkey.'" />'."\n".
+                          '</form>'."\n";
         my ($datatable,$rowcount) =
             &Apache::loncreateuser::personal_data_display('',$domain,'email','selfcreate',
-                                                          '','',$now,$captchaform,
+                                                          '','','',$now,$captchaform,
                                                           $emailusername,$usertype,
-                                                          $usernameset,$condition,$excluded);
+                                                          $usernameset,$condition,$excluded,
+                                                          $showsubmit);
         if ($rowcount) {
-            $output .= '<div class="LC_left_float">'.$beginclientform.$datatable.$endclientform;
+            $output .= '<div class="LC_left_float">'.$beginclientform.$datatable.$endclientform.'</div>'."\n".
+                       '<div class="LC_clear_float_footer"></div>'."\n";
         } else {
             $output .= $beginclientform.$endclientform;
         }
-        if ($rowcount) {
-            $output .= '</div>'."\n".
-                       '<div class="LC_clear_float_footer"></div>'."\n";
-        }
+        $output .= $serverform.
+                   '<p class="LC_info">'.
+                   &mt('Fields marked [_1]*[_2] are required.','<b>','</b>').
+                   '</p>';
     } else {
         $output = &mt('Could not load javascript file [_1]','<tt>londes.js</tt>');
     }
@@ -1406,7 +1439,7 @@ sub create_account {
             unless (($inststatus eq 'default') || ($inststatus eq '')) {
                 &Apache::lonnet::put('environment',{inststatus => $inststatus},$domain,$username);
             }
-            $output .= '<br />'.&mt('Home server: [_1]',$uhome).' '.
+            $output .= '<br />'.&mt('Home Server').": $uhome ".
                        &Apache::lonnet::hostname($uhome).'<br /><br />';
             return ('ok',$output,$uhome);
         } else {
@@ -1516,7 +1549,7 @@ sub login_failure_msg {
     } else {
         $url = "/adm/createaccount";
     }
-    my $output = '<h4>'.&mt('Authentication failed').'</h4><div class="LC_warning">'.
+    my $output = '<h3 class="LC_heading_3">'.&mt('Authentication failed').'</h3><div class="LC_warning">'.
                  &mt('Username and/or password could not be authenticated.').
                  '</div>'.
                  &mt('Please check the username and password.').'<br /><br />';
@@ -1579,7 +1612,8 @@ sub username_check {
                     '<input type="hidden" name="udom" value="'.$domain.'" />'."\n".
                     '<input type="hidden" name="phase" value="username_activation" />';
         my $now = time;
-        my %info = ('ip'         => $ENV{'REMOTE_ADDR'},
+        my $ip = &Apache::lonnet::get_requestor_ip();
+        my %info = ('ip'         => $ip,
                     'time'       => $now,
                     'domain'     => $domain,
                     'username'   => $username);
@@ -1594,7 +1628,7 @@ sub username_check {
         }
     }
     if ($checkfail) { 
-        $msg = '<br /><h4>'.&mt('Account creation unavailable').'</h4>';
+        $msg = '<br /><h3 class="LC_heading_3">'.&mt('Account creation unavailable').'</h3>';
         if ($checkfail eq 'username') {
             $msg .= '<span class="LC_warning">'.
                      &mt('A LON-CAPA account may not be created with the username you use.').
@@ -1620,18 +1654,18 @@ sub username_check {
         if ($rowcount) {
             if ($editable) {
                 if ($courseid ne '') { 
-                    $msg = '<br /><h4>'.&mt('User information').'</h4>';
+                    $msg = '<br /><h3 class="LC_heading_3">'.&mt('User information').'</h3>';
                 }
                 $msg .= &mt('To create one, use the table below to provide information about yourself, then click the [_1]Create LON-CAPA account[_2] button.','<span class="LC_cusr_emph">','</span>').'<br />';
             } else {
                  if ($courseid ne '') {
-                     $msg = '<h4>'.&mt('Review user information').'</h4>';
+                     $msg = '<h3 class="LC_heading_3">'.&mt('Review user information').'</h3>';
                  }
                  $msg .= &mt('A user account will be created with information displayed in the table below, when you click the [_1]Create LON-CAPA account[_2] button.','<span class="LC_cusr_emph">','</span>').'<br />';
             }
         } else {
             if ($courseid ne '') {
-                $msg = '<h4>'.&mt('Confirmation').'</h4>';
+                $msg = '<h3 class="LC_heading_3">'.&mt('Confirmation').'</h3>';
             }
             $msg .= &mt('Confirm that you wish to create an account.');
         }
@@ -1772,7 +1806,7 @@ sub check_id {
 
 sub invalid_state {
     my ($error,$domdesc,$contact_name,$contact_email,$msgtext) = @_;
-    my $msg = '<h3>'.&mt('Account creation unavailable').'</h3><span class="LC_error">';
+    my $msg = '<h2 class="LC_heading_2">'.&mt('Account creation unavailable').'</h2><span class="LC_error">';
     if ($error eq 'baduseremail') {
         $msg .= &mt('The e-mail address you provided does not appear to be a valid address.');
     } elsif ($error eq 'badusername') {