--- loncom/interface/loncommon.pm	2006/12/04 22:03:15	1.485
+++ loncom/interface/loncommon.pm	2006/12/06 11:36:52	1.488
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # a pile of common routines
 #
-# $Id: loncommon.pm,v 1.485 2006/12/04 22:03:15 albertel Exp $
+# $Id: loncommon.pm,v 1.488 2006/12/06 11:36:52 foxr Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -2936,9 +2936,12 @@ sub blockcheck {
                                                        $tdom,$spec,$trest,$area);
                 }
                 my ($author,$adv) = &Apache::lonnet::set_userprivs(\%userroles,\%allroles);
-		$no_userblock = &Apache::lonnet::allowed('evb',undef,undef,
-							 $checkrole);
-		last if $no_userblock;
+                if ($userroles{'user.priv.'.$checkrole} =~ /evb\&([^\:]*)/) {
+                    if ($1) {
+                        $no_userblock = 1;
+                        last;
+                    }
+                }
              } else {
                 if (&Apache::lonnet::allowed('evb',undef,undef,$checkrole)) {
                     $no_ownblock = 1;
@@ -6286,9 +6289,11 @@ sub construct_course {
 # if specified, key authority is not course, but user
 # only active if keyaccess is yes
     if ($args->{'keyauth'}) {
-	$args->{'keyauth'}=~s/[^\w\@]//g;
-	if ($args->{'keyauth'}) {
-	    $cenv{'keyauth'}=$args->{'keyauth'};
+	my ($user,$domain) = split(':',$args->{'keyauth'});
+	$user = &LONCAPA::clean_username($user);
+	$domain = &LONCAPA::clean_username($domain);
+	if ($user ne '' && $domain ne '') {
+	    $cenv{'keyauth'}=$user.':'.$domain;
 	}
     }