--- loncom/lonnet/perl/lonnet.pm	2013/12/13 02:28:45	1.1172.2.36
+++ loncom/lonnet/perl/lonnet.pm	2016/08/05 15:14:19	1.1172.2.71
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # TCP networking package
 #
-# $Id: lonnet.pm,v 1.1172.2.36 2013/12/13 02:28:45 raeburn Exp $
+# $Id: lonnet.pm,v 1.1172.2.71 2016/08/05 15:14:19 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -671,7 +671,7 @@ sub appenv {
 	    if (($key =~ /^user\.role/) || ($key =~ /^user\.priv/)) {
                 $refused = 1;
                 if (ref($roles) eq 'ARRAY') {
-                    my ($type,$role) = ($key =~ /^user\.(role|priv)\.([^.]+)\./);
+                    my ($type,$role) = ($key =~ m{^user\.(role|priv)\.(.+?)\./});
                     if (grep(/^\Q$role\E$/,@{$roles})) {
                         $refused = 0;
                     }
@@ -844,10 +844,8 @@ sub spareserver {
     if (ref($spareshash) eq 'HASH') {
         if (ref($spareshash->{'primary'}) eq 'ARRAY') {
             foreach my $try_server (@{ $spareshash->{'primary'} }) {
-                if ($uint_dom) {
-                    next unless (&spare_can_host($udom,$uint_dom,$remotesessions,
-                                                 $try_server));
-                }
+                next unless (&spare_can_host($udom,$uint_dom,$remotesessions,
+                                             $try_server));
 	        ($spare_server, $lowest_load) =
 	            &compare_server_load($try_server, $spare_server, $lowest_load);
             }
@@ -858,10 +856,8 @@ sub spareserver {
         if (!$found_server) {
             if (ref($spareshash->{'default'}) eq 'ARRAY') { 
 	        foreach my $try_server (@{ $spareshash->{'default'} }) {
-                    if ($uint_dom) {
-                        next unless (&spare_can_host($udom,$uint_dom,
-                                                     $remotesessions,$try_server));
-                    }
+                    next unless (&spare_can_host($udom,$uint_dom,
+                                                 $remotesessions,$try_server));
 	            ($spare_server, $lowest_load) =
 		        &compare_server_load($try_server, $spare_server, $lowest_load);
                 }
@@ -885,7 +881,17 @@ sub spareserver {
 }
 
 sub compare_server_load {
-    my ($try_server, $spare_server, $lowest_load) = @_;
+    my ($try_server, $spare_server, $lowest_load, $required) = @_;
+
+    if ($required) {
+        my ($reqdmajor,$reqdminor) = ($required =~ /^(\d+)\.(\d+)$/);
+        my $remoterev = &get_server_loncaparev(undef,$try_server);
+        my ($major,$minor) = ($remoterev =~ /^\'?(\d+)\.(\d+)\.[\w.\-]+\'?$/);
+        if (($major eq '' && $minor eq '') ||
+            (($reqdmajor > $major) || (($reqdmajor == $major) && ($reqdminor > $minor)))) {
+            return ($spare_server,$lowest_load);
+        }
+    }
 
     my $loadans     = &reply('load',    $try_server);
     my $userloadans = &reply('userload',$try_server);
@@ -946,26 +952,43 @@ sub has_user_session {
 # --------- determine least loaded server in a user's domain which allows login
 
 sub choose_server {
-    my ($udom,$checkloginvia) = @_;
+    my ($udom,$checkloginvia,$required,$skiploadbal) = @_;
     my %domconfhash = &Apache::loncommon::get_domainconf($udom);
     my %servers = &get_servers($udom);
     my $lowest_load = 30000;
-    my ($login_host,$hostname,$portal_path,$isredirect);
+    my ($login_host,$hostname,$portal_path,$isredirect,$balancers);
+    if ($skiploadbal) {
+        ($balancers,my $cached)=&is_cached_new('loadbalancing',$udom);
+        unless (defined($cached)) {
+            my $cachetime = 60*60*24;
+            my %domconfig =
+                &Apache::lonnet::get_dom('configuration',['loadbalancing'],$udom);
+            if (ref($domconfig{'loadbalancing'}) eq 'HASH') {
+                $balancers = &do_cache_new('loadbalancing',$udom,$domconfig{'loadbalancing'},
+                                           $cachetime);
+            }
+        }
+    }
     foreach my $lonhost (keys(%servers)) {
         my $loginvia;
+        if ($skiploadbal) {
+            if (ref($balancers) eq 'HASH') {
+                next if (exists($balancers->{$lonhost}));
+            }
+        }
         if ($checkloginvia) {
             $loginvia = $domconfhash{$udom.'.login.loginvia_'.$lonhost};
             if ($loginvia) {
                 my ($server,$path) = split(/:/,$loginvia);
                 ($login_host, $lowest_load) =
-                    &compare_server_load($server, $login_host, $lowest_load);
+                    &compare_server_load($server, $login_host, $lowest_load, $required);
                 if ($login_host eq $server) {
                     $portal_path = $path;
                     $isredirect = 1;
                 }
             } else {
                 ($login_host, $lowest_load) =
-                    &compare_server_load($lonhost, $login_host, $lowest_load);
+                    &compare_server_load($lonhost, $login_host, $lowest_load, $required);
                 if ($login_host eq $lonhost) {
                     $portal_path = '';
                     $isredirect = ''; 
@@ -973,7 +996,7 @@ sub choose_server {
             }
         } else {
             ($login_host, $lowest_load) =
-                &compare_server_load($lonhost, $login_host, $lowest_load);
+                &compare_server_load($lonhost, $login_host, $lowest_load, $required);
         }
     }
     if ($login_host ne '') {
@@ -1146,19 +1169,27 @@ sub can_host_session {
 sub spare_can_host {
     my ($udom,$uint_dom,$remotesessions,$try_server)=@_;
     my $canhost=1;
-    my @intdoms;
-    my $internet_names = &Apache::lonnet::get_internet_names($try_server);
-    if (ref($internet_names) eq 'ARRAY') {
-        @intdoms = @{$internet_names};
-    }
-    unless (grep(/^\Q$uint_dom\E$/,@intdoms)) {
-        my $serverhomeID = &Apache::lonnet::get_server_homeID($try_server);
-        my $serverhomedom = &Apache::lonnet::host_domain($serverhomeID);
-        my %defdomdefaults = &Apache::lonnet::get_domain_defaults($serverhomedom);
-        my $remoterev = &Apache::lonnet::get_server_loncaparev(undef,$try_server);
-        $canhost = &can_host_session($udom,$try_server,$remoterev,
-                                     $remotesessions,
-                                     $defdomdefaults{'hostedsessions'});
+    my $try_server_hostname = &hostname($try_server);
+    my $serverhomeID = &get_server_homeID($try_server_hostname);
+    my $serverhomedom = &host_domain($serverhomeID);
+    my %defdomdefaults = &get_domain_defaults($serverhomedom);
+    if (ref($defdomdefaults{'offloadnow'}) eq 'HASH') {
+        if ($defdomdefaults{'offloadnow'}{$try_server}) {
+            $canhost = 0;
+        }
+    }
+    if (($canhost) && ($uint_dom)) {
+        my @intdoms;
+        my $internet_names = &get_internet_names($try_server);
+        if (ref($internet_names) eq 'ARRAY') {
+            @intdoms = @{$internet_names};
+        }
+        unless (grep(/^\Q$uint_dom\E$/,@intdoms)) {
+            my $remoterev = &get_server_loncaparev(undef,$try_server);
+            $canhost = &can_host_session($udom,$try_server,$remoterev,
+                                         $remotesessions,
+                                         $defdomdefaults{'hostedsessions'});
+        }
     }
     return $canhost;
 }
@@ -1620,6 +1651,7 @@ sub dump_dom {
 
 sub get_dom {
     my ($namespace,$storearr,$udom,$uhome)=@_;
+    return if ($udom eq 'public');
     my $items='';
     foreach my $item (@$storearr) {
         $items.=&escape($item).'&';
@@ -1627,6 +1659,7 @@ sub get_dom {
     $items=~s/\&$//;
     if (!$udom) {
         $udom=$env{'user.domain'};
+        return if ($udom eq 'public');
         if (defined(&domain($udom,'primary'))) {
             $uhome=&domain($udom,'primary');
         } else {
@@ -1730,14 +1763,13 @@ sub retrieve_inst_usertypes {
     my %domdefs = &Apache::lonnet::get_domain_defaults($udom);
     if ((ref($domdefs{'inststatustypes'}) eq 'HASH') && 
         (ref($domdefs{'inststatusorder'}) eq 'ARRAY')) {
-        %returnhash = %{$domdefs{'inststatustypes'}};
-        @order = @{$domdefs{'inststatusorder'}};
+        return ($domdefs{'inststatustypes'},$domdefs{'inststatusorder'});
     } else {
         if (defined(&domain($udom,'primary'))) {
             my $uhome=&domain($udom,'primary');
             my $rep=&reply("inst_usertypes:$udom",$uhome);
             if ($rep =~ /^(con_lost|error|no_such_host|refused)/) {
-                &logthis("get_dom failed - $rep returned from $uhome in domain: $udom");
+                &logthis("retrieve_inst_usertypes failed - $rep returned from $uhome in domain: $udom");
                 return (\%returnhash,\@order);
             }
             my ($hashitems,$orderitems) = split(/:/,$rep); 
@@ -1753,10 +1785,10 @@ sub retrieve_inst_usertypes {
                 push(@order,&unescape($item));
             }
         } else {
-            &logthis("get_dom failed - no primary domain server for $udom");
+            &logthis("retrieve_inst_usertypes failed - no primary domain server for $udom");
         }
+        return (\%returnhash,\@order);
     }
-    return (\%returnhash,\@order);
 }
 
 sub is_domainimage {
@@ -1902,6 +1934,63 @@ sub get_instuser {
     return ($outcome,%userinfo);
 }
 
+sub get_multiple_instusers {
+    my ($udom,$users,$caller) = @_;
+    my ($outcome,$results);
+    if (ref($users) eq 'HASH') {
+        my $count = keys(%{$users});
+        my $requested = &freeze_escape($users);
+        my $homeserver = &domain($udom,'primary');
+        if ($homeserver ne '') {
+            my $queryid=&reply('querysend:getmultinstusers:::'.$caller.'='.$requested,$homeserver);
+            my $host=&hostname($homeserver);
+            if ($queryid !~/^\Q$host\E\_/) {
+                &logthis('get_multiple_instusers invalid queryid: '.$queryid.
+                         ' for host: '.$homeserver.'in domain '.$udom);
+                return ($outcome,$results);
+            }
+            my $response = &get_query_reply($queryid);
+            my $maxtries = 5;
+            if ($count > 100) {
+                $maxtries = 1+int($count/20);
+            }
+            my $tries = 1;
+            while (($response=~/^timeout/) && ($tries <= $maxtries)) {
+                $response = &get_query_reply($queryid);
+                $tries ++;
+            }
+            if ($response eq '') {
+                $results = {};
+                foreach my $key (keys(%{$users})) {
+                    my ($uname,$id);
+                    if ($caller eq 'id') {
+                        $id = $key;
+                    } else {
+                        $uname = $key;
+                    }
+                    my ($resp,%info) = &get_instuser($udom,$uname,$id);
+                    $outcome = $resp;
+                    if ($resp eq 'ok') {
+                        %{$results} = (%{$results}, %info);
+                    } else {
+                        last;
+                    }
+                }
+            } elsif(!&error($response) && ($response ne 'refused')) {
+                if (($response eq 'unavailable') || ($response eq 'invalid') || ($response eq 'timeout')) {
+                    $outcome = $response;
+                } else {
+                    ($outcome,my $userdata) = split(/=/,$response,2);
+                    if ($outcome eq 'ok') {
+                        $results = &thaw_unescape($userdata);
+                    }
+                }
+            }
+        }
+    }
+    return ($outcome,$results);
+}
+
 sub inst_rulecheck {
     my ($udom,$uname,$id,$item,$rules) = @_;
     my %returnhash;
@@ -1997,7 +2086,9 @@ sub get_domain_defaults {
          &Apache::lonnet::get_dom('configuration',['defaults','quotas',
                                   'requestcourses','inststatus',
                                   'coursedefaults','usersessions',
-                                  'requestauthor'],$domain);
+                                  'requestauthor','selfenrollment',
+                                  'coursecategories'],$domain);
+    my @coursetypes = ('official','unofficial','community','textbook');
     if (ref($domconfig{'defaults'}) eq 'HASH') {
         $domdefaults{'lang_def'} = $domconfig{'defaults'}{'lang_def'}; 
         $domdefaults{'auth_def'} = $domconfig{'defaults'}{'auth_def'};
@@ -2027,7 +2118,7 @@ sub get_domain_defaults {
         }
     }
     if (ref($domconfig{'requestcourses'}) eq 'HASH') {
-        foreach my $item ('official','unofficial','community') {
+        foreach my $item ('official','unofficial','community','textbook') {
             $domdefaults{$item} = $domconfig{'requestcourses'}{$item};
         }
     }
@@ -2035,19 +2126,41 @@ sub get_domain_defaults {
         $domdefaults{'requestauthor'} = $domconfig{'requestauthor'};
     }
     if (ref($domconfig{'inststatus'}) eq 'HASH') {
-        foreach my $item ('inststatustypes','inststatusorder') {
+        foreach my $item ('inststatustypes','inststatusorder','inststatusguest') {
             $domdefaults{$item} = $domconfig{'inststatus'}{$item};
         }
     }
     if (ref($domconfig{'coursedefaults'}) eq 'HASH') {
-        if (ref($domconfig{'coursedefaults'}{'coursecredits'}) eq 'HASH') {
-            $domdefaults{'officialcredits'} = $domconfig{'coursedefaults'}{'coursecredits'}{'official'};
-            $domdefaults{'unofficialcredits'} = $domconfig{'coursedefaults'}{'coursecredits'}{'unofficial'};
-        }
-        if (ref($domconfig{'coursedefaults'}{'uploadquota'}) eq 'HASH') {
-            $domdefaults{'officialquota'} = $domconfig{'coursedefaults'}{'uploadquota'}{'official'};
-            $domdefaults{'unofficialquota'} = $domconfig{'coursedefaults'}{'uploadquota'}{'unofficial'};
-            $domdefaults{'communityquota'} = $domconfig{'coursedefaults'}{'uploadquota'}{'community'};
+        $domdefaults{'usejsme'} = $domconfig{'coursedefaults'}{'usejsme'};
+        $domdefaults{'uselcmath'} = $domconfig{'coursedefaults'}{'uselcmath'};
+        if (ref($domconfig{'coursedefaults'}{'postsubmit'}) eq 'HASH') {
+            $domdefaults{'postsubmit'} = $domconfig{'coursedefaults'}{'postsubmit'}{'client'};
+        }
+        foreach my $type (@coursetypes) {
+            if (ref($domconfig{'coursedefaults'}{'coursecredits'}) eq 'HASH') {
+                unless ($type eq 'community') {
+                    $domdefaults{$type.'credits'} = $domconfig{'coursedefaults'}{'coursecredits'}{$type};
+                }
+            }
+            if (ref($domconfig{'coursedefaults'}{'uploadquota'}) eq 'HASH') {
+                $domdefaults{$type.'quota'} = $domconfig{'coursedefaults'}{'uploadquota'}{$type};
+            }
+            if ($domdefaults{'postsubmit'} eq 'on') {
+                if (ref($domconfig{'coursedefaults'}{'postsubmit'}{'timeout'}) eq 'HASH') {
+                    $domdefaults{$type.'postsubtimeout'} =
+                        $domconfig{'coursedefaults'}{'postsubmit'}{'timeout'}{$type};
+                }
+            }
+        }
+        if (ref($domconfig{'coursedefaults'}{'canclone'}) eq 'HASH') {
+            if (ref($domconfig{'coursedefaults'}{'canclone'}{'instcode'}) eq 'ARRAY') {
+                my @clonecodes = @{$domconfig{'coursedefaults'}{'canclone'}{'instcode'}};
+                if (@clonecodes) {
+                    $domdefaults{'canclone'} = join('+',@clonecodes);
+                }
+            }
+        } elsif ($domconfig{'coursedefaults'}{'canclone'}) {
+            $domdefaults{'canclone'}=$domconfig{'coursedefaults'}{'canclone'};
         }
     }
     if (ref($domconfig{'usersessions'}) eq 'HASH') {
@@ -2057,6 +2170,47 @@ sub get_domain_defaults {
         if (ref($domconfig{'usersessions'}{'hosted'}) eq 'HASH') {
             $domdefaults{'hostedsessions'} = $domconfig{'usersessions'}{'hosted'};
         }
+        if (ref($domconfig{'usersessions'}{'offloadnow'}) eq 'HASH') {
+            $domdefaults{'offloadnow'} = $domconfig{'usersessions'}{'offloadnow'};
+        }
+    }
+    if (ref($domconfig{'selfenrollment'}) eq 'HASH') {
+        if (ref($domconfig{'selfenrollment'}{'admin'}) eq 'HASH') {
+            my @settings = ('types','registered','enroll_dates','access_dates','section',
+                            'approval','limit');
+            foreach my $type (@coursetypes) {
+                if (ref($domconfig{'selfenrollment'}{'admin'}{$type}) eq 'HASH') {
+                    my @mgrdc = ();
+                    foreach my $item (@settings) {
+                        if ($domconfig{'selfenrollment'}{'admin'}{$type}{$item} eq '0') {
+                            push(@mgrdc,$item);
+                        }
+                    }
+                    if (@mgrdc) {
+                        $domdefaults{$type.'selfenrolladmdc'} = join(',',@mgrdc);
+                    }
+                }
+            }
+        }
+        if (ref($domconfig{'selfenrollment'}{'default'}) eq 'HASH') {
+            foreach my $type (@coursetypes) {
+                if (ref($domconfig{'selfenrollment'}{'default'}{$type}) eq 'HASH') {
+                    foreach my $item (keys(%{$domconfig{'selfenrollment'}{'default'}{$type}})) {
+                        $domdefaults{$type.'selfenroll'.$item} = $domconfig{'selfenrollment'}{'default'}{$type}{$item};
+                    }
+                }
+            }
+        }
+    }
+    if (ref($domconfig{'coursecategories'}) eq 'HASH') {
+        $domdefaults{'catauth'} = 'std';
+        $domdefaults{'catunauth'} = 'std';
+        if ($domconfig{'coursecategories'}{'auth'}) {
+            $domdefaults{'catauth'} = $domconfig{'coursecategories'}{'auth'};
+        }
+        if ($domconfig{'coursecategories'}{'unauth'}) {
+            $domdefaults{'catunauth'} = $domconfig{'coursecategories'}{'unauth'};
+        }
     }
     &do_cache_new('domdefaults',$domain,\%domdefaults,$cachetime);
     return %domdefaults;
@@ -2648,7 +2802,12 @@ sub ssi {
     &Apache::lonenc::check_encrypt(\$fn);
     if (%form) {
       $request=new HTTP::Request('POST',&absolute_url().$fn);
-      $request->content(join('&',map { &escape($_).'='.&escape($form{$_}) } keys(%form)));
+      $request->content(join('&',map {
+            my $name = escape($_);
+            "$name=" . ( ref($form{$_}) eq 'ARRAY'
+            ? join("&$name=", map {escape($_) } @{$form{$_}})
+            : &escape($form{$_}) );
+        } keys(%form)));
     } else {
       $request=new HTTP::Request('GET',&absolute_url().$fn);
     }
@@ -4168,7 +4327,8 @@ sub courseiddump {
     my ($domfilter,$descfilter,$sincefilter,$instcodefilter,$ownerfilter,
         $coursefilter,$hostidflag,$hostidref,$typefilter,$regexp_ok,
         $selfenrollonly,$catfilter,$showhidden,$caller,$cloner,$cc_clone,
-        $cloneonly,$createdbefore,$createdafter,$creationcontext,$domcloner)=@_;
+        $cloneonly,$createdbefore,$createdafter,$creationcontext,$domcloner,
+        $hasuniquecode,$reqcrsdom,$reqinstcode)=@_;
     my $as_hash = 1;
     my %returnhash;
     if (!$domfilter) { $domfilter=''; }
@@ -4191,7 +4351,8 @@ sub courseiddump {
                                 &escape($catfilter), $showhidden, $caller,
                                 &escape($cloner), &escape($cc_clone), $cloneonly,
                                 &escape($createdbefore), &escape($createdafter),
-                                &escape($creationcontext), $domcloner)));
+                                &escape($creationcontext),$domcloner,$hasuniquecode,
+                                $reqcrsdom,&escape($reqinstcode))));
                 } else {
                     $rep = &reply('courseiddump:'.&host_domain($tryserver).':'.
                              $sincefilter.':'.&escape($descfilter).':'.
@@ -4202,8 +4363,8 @@ sub courseiddump {
                              $showhidden.':'.$caller.':'.&escape($cloner).':'.
                              &escape($cc_clone).':'.$cloneonly.':'.
                              &escape($createdbefore).':'.&escape($createdafter).':'.
-                             &escape($creationcontext).':'.$domcloner,
-                             $tryserver);
+                             &escape($creationcontext).':'.$domcloner.':'.$hasuniquecode.
+                             ':'.$reqcrsdom.':'.&escape($reqinstcode),$tryserver);
                 }
 
                 my @pairs=split(/\&/,$rep);
@@ -4342,7 +4503,7 @@ my $cachedkey='';
 # The cached times for this user
 my %cachedtimes=();
 # When this was last done
-my $cachedtime=();
+my $cachedtime='';
 
 sub load_all_first_access {
     my ($uname,$udom)=@_;
@@ -4860,7 +5021,7 @@ sub tmprestore {
 # ----------------------------------------------------------------------- Store
 
 sub store {
-    my ($storehash,$symb,$namespace,$domain,$stuname) = @_;
+    my ($storehash,$symb,$namespace,$domain,$stuname,$laststore) = @_;
     my $home='';
 
     if ($stuname) { $home=&homeserver($stuname,$domain); }
@@ -4890,13 +5051,13 @@ sub store {
     }
     $namevalue=~s/\&$//;
     &courselog($symb.':'.$stuname.':'.$domain.':STORE:'.$namevalue);
-    return reply("store:$domain:$stuname:$namespace:$symb:$namevalue","$home");
+    return reply("store:$domain:$stuname:$namespace:$symb:$namevalue:$laststore","$home");
 }
 
 # -------------------------------------------------------------- Critical Store
 
 sub cstore {
-    my ($storehash,$symb,$namespace,$domain,$stuname) = @_;
+    my ($storehash,$symb,$namespace,$domain,$stuname,$laststore) = @_;
     my $home='';
 
     if ($stuname) { $home=&homeserver($stuname,$domain); }
@@ -4927,7 +5088,7 @@ sub cstore {
     $namevalue=~s/\&$//;
     &courselog($symb.':'.$stuname.':'.$domain.':CSTORE:'.$namevalue);
     return critical
-                ("store:$domain:$stuname:$namespace:$symb:$namevalue","$home");
+                ("store:$domain:$stuname:$namespace:$symb:$namevalue:$laststore","$home");
 }
 
 # --------------------------------------------------------------------- Restore
@@ -5107,7 +5268,7 @@ sub privileged {
         my %rolesdump = &dump("roles", $domain, $username) or return 0;
         my $now = time;
 
-        for my $role (@rolesdump{grep { ! /^rolesdef_/ } keys %rolesdump}) {
+        for my $role (@rolesdump{grep { ! /^rolesdef_/ } keys(%rolesdump)}) {
             my ($trole, $tend, $tstart) = split(/_/, $role);
             if (grep(/^\Q$trole\E$/,@{$roles})) {
                 return 1 unless ($tend && $tend < $now)
@@ -5196,7 +5357,7 @@ sub rolesinit {
     my %allroles=();
     my %allgroups=();
 
-    for my $area (grep { ! /^rolesdef_/ } keys %rolesdump) {
+    for my $area (grep { ! /^rolesdef_/ } keys(%rolesdump)) {
         my $role = $rolesdump{$area};
         $area =~ s/\_\w\w$//;
 
@@ -5288,7 +5449,7 @@ sub set_arearole {
 sub custom_roleprivs {
     my ($allroles,$trole,$tdomain,$trest,$spec,$area) = @_;
     my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$trole);
-    my $homsvr=homeserver($rauthor,$rdomain);
+    my $homsvr = &homeserver($rauthor,$rdomain);
     if (&hostname($homsvr) ne '') {
         my ($rdummy,$roledef)=
             &get('roles',["rolesdef_$rrole"],$rdomain,$rauthor);
@@ -5409,11 +5570,11 @@ sub set_userprivs {
 
 sub role_status {
     my ($rolekey,$update,$refresh,$now,$role,$where,$trolecode,$tstatus,$tstart,$tend) = @_;
-    my @pwhere = ();
     if (exists($env{$rolekey}) && $env{$rolekey} ne '') {
-        (undef,undef,$$role,@pwhere)=split(/\./,$rolekey);
+        my ($one,$two) = split(m{\./},$rolekey,2);
+        (undef,undef,$$role) = split(/\./,$one,3);
         unless (!defined($$role) || $$role eq '') {
-            $$where=join('.',@pwhere);
+            $$where = '/'.$two;
             $$trolecode=$$role.'.'.$$where;
             ($$tstart,$$tend)=split(/\./,$env{$rolekey});
             $$tstatus='is';
@@ -5636,18 +5797,17 @@ sub dump {
     if (!$uname) { $uname=$env{'user.name'}; }
     my $uhome=&homeserver($uname,$udomain);
 
-    my $reply;
+    if ($regexp) {
+        $regexp=&escape($regexp);
+    } else {
+        $regexp='.';
+    }
     if (grep { $_ eq $uhome } &current_machine_ids()) {
         # user is hosted on this machine
-        $reply = LONCAPA::Lond::dump_with_regexp(join(':', ($udomain,
+        my $reply = LONCAPA::Lond::dump_with_regexp(join(':', ($udomain,
                     $uname, $namespace, $regexp, $range)), $perlvar{'lonVersion'});
         return %{&unserialize($reply, $escapedkeys)};
     }
-    if ($regexp) {
-	$regexp=&escape($regexp);
-    } else {
-	$regexp='.';
-    }
     my $rep=&reply("dump:$udomain:$uname:$namespace:$regexp:$range",$uhome);
     my @pairs=split(/\&/,$rep);
     my %returnhash=();
@@ -5695,7 +5855,15 @@ sub currentdump {
    $sdom     = $env{'user.domain'}       if (! defined($sdom));
    $sname    = $env{'user.name'}         if (! defined($sname));
    my $uhome = &homeserver($sname,$sdom);
-   my $rep=reply('currentdump:'.$sdom.':'.$sname.':'.$courseid,$uhome);
+   my $rep;
+
+   if (grep { $_ eq $uhome } current_machine_ids()) {
+       $rep = LONCAPA::Lond::dump_profile_database(join(":", ($sdom, $sname,
+                   $courseid)));
+   } else {
+       $rep = reply('currentdump:'.$sdom.':'.$sname.':'.$courseid,$uhome);
+   }
+
    return if ($rep =~ /^(error:|no_such_host)/);
    #
    my %returnhash=();
@@ -5816,7 +5984,7 @@ sub newput {
 # ---------------------------------------------------------  putstore interface
 
 sub putstore {
-   my ($namespace,$symb,$version,$storehash,$udomain,$uname)=@_;
+   my ($namespace,$symb,$version,$storehash,$udomain,$uname,$tolog)=@_;
    if (!$udomain) { $udomain=$env{'user.domain'}; }
    if (!$uname) { $uname=$env{'user.name'}; }
    my $uhome=&homeserver($uname,$udomain);
@@ -5830,6 +5998,17 @@ sub putstore {
    my $reply =
        &reply("putstore:$udomain:$uname:$namespace:$esc_symb:$esc_v:$items",
 	      $uhome);
+   if (($tolog) && ($reply eq 'ok')) {
+       my $namevalue='';
+       foreach my $key (keys(%{$storehash})) {
+           $namevalue.=&escape($key).'='.&freeze_escape($storehash->{$key}).'&';
+       }
+       $namevalue .= 'ip='.&escape($ENV{'REMOTE_ADDR'}).
+                     '&host='.&escape($perlvar{'lonHostID'}).
+                     '&version='.$esc_v.
+                     '&by='.&escape($env{'user.name'}.':'.$env{'user.domain'});
+       &Apache::lonnet::courselog($symb.':'.$uname.':'.$udomain.':PUTSTORE:'.$namevalue);
+   }
    if ($reply eq 'unknown_cmd') {
        # gfall back to way things use to be done
        return &old_putstore($namespace,$symb,$version,$storehash,$udomain,
@@ -5988,10 +6167,15 @@ sub get_timebased_id {
         my %inuse = &Apache::lonnet::dump('nohist_'.$namespace,$cdom,$cnum,$prefix);
         my $id = time;
         $newid = $id;
+        if ($idtype eq 'addcode') {
+            $newid .= &sixnum_code();
+        }
         my $idtries = 0;
         while (exists($inuse{$prefix."\0".$newid}) && $idtries < $maxtries) {
             if ($idtype eq 'concat') {
                 $newid = $id.$idtries;
+            } elsif ($idtype eq 'addcode') {
+                $newid = $newid.&sixnum_code();
             } else {
                 $newid ++;
             }
@@ -6008,6 +6192,7 @@ sub get_timebased_id {
                 $error = 'error saving new item: '.$putresult;
             }
         } else {
+             undef($newid);
              $error = ('error: no unique suffix available for the new item ');
         }
 #  remove lock
@@ -6016,10 +6201,21 @@ sub get_timebased_id {
     } else {
         $error = "error: could not obtain lockfile\n";
         $dellock = 'ok';
+        if (($prefix eq 'paste') && ($namespace eq 'courseeditor') && ($keyid eq 'num')) {
+            $dellock = 'nolock';
+        }
     }
     return ($newid,$dellock,$error);
 }
 
+sub sixnum_code {
+    my $code;
+    for (0..6) {
+        $code .= int( rand(9) );
+    }
+    return $code;
+}
+
 # -------------------------------------------------- portfolio access checking
 
 sub portfolio_access {
@@ -6274,6 +6470,7 @@ sub usertools_access {
                       official   => 1,
                       unofficial => 1,
                       community  => 1,
+                      textbook   => 1,
                  );
     } elsif ($context eq 'requestauthor') {
         %tools = (
@@ -6570,7 +6767,7 @@ sub customaccess {
 # ------------------------------------------------- Check for a user privilege
 
 sub allowed {
-    my ($priv,$uri,$symb,$role)=@_;
+    my ($priv,$uri,$symb,$role,$clientip,$noblockcheck)=@_;
     my $ver_orguri=$uri;
     $uri=&deversion($uri);
     my $orguri=$uri;
@@ -6765,11 +6962,16 @@ sub allowed {
         if ($match) {
             if ($env{'user.priv.'.$env{'request.role'}.'./'}
                   =~/\Q$priv\E\&([^\:]*)/) {
-                my @blockers = &has_comm_blocking($priv,$symb,$uri);
-                if (@blockers > 0) {
-                    $thisallowed = 'B';
+                my $value = $1;
+                if ($noblockcheck) {
+                    $thisallowed.=$value;
                 } else {
-                    $thisallowed.=$1;
+                    my @blockers = &has_comm_blocking($priv,$symb,$uri);
+                    if (@blockers > 0) {
+                        $thisallowed = 'B';
+                    } else {
+                        $thisallowed.=$value;
+                    }
                 }
             }
         } else {
@@ -6781,11 +6983,15 @@ sub allowed {
                     $refuri=&declutter($refuri);
                     my ($match) = &is_on_map($refuri);
                     if ($match) {
-                        my @blockers = &has_comm_blocking($priv,$symb,$refuri);
-                        if (@blockers > 0) {
-                            $thisallowed = 'B';
-                        } else {
+                        if ($noblockcheck) {
                             $thisallowed='F';
+                        } else {
+                            my @blockers = &has_comm_blocking($priv,$symb,$refuri);
+                            if (@blockers > 0) {
+                                $thisallowed = 'B';
+                            } else {
+                                $thisallowed='F';
+                            }
                         }
                     }
                 }
@@ -6840,11 +7046,15 @@ sub allowed {
                =~/\Q$priv\E\&([^\:]*)/) {
                my $value = $1;
                if ($priv eq 'bre') {
-                   my @blockers = &has_comm_blocking($priv,$symb,$uri);
-                   if (@blockers > 0) {
-                       $thisallowed = 'B';
-                   } else {
+                   if ($noblockcheck) {
                        $thisallowed.=$value;
+                   } else {
+                       my @blockers = &has_comm_blocking($priv,$symb,$uri);
+                       if (@blockers > 0) {
+                           $thisallowed = 'B';
+                       } else {
+                           $thisallowed.=$value;
+                       }
                    }
                } else {
                    $thisallowed.=$value;
@@ -6878,11 +7088,15 @@ sub allowed {
                   =~/\Q$priv\E\&([^\:]*)/) {
                   my $value = $1;
                   if ($priv eq 'bre') {
-                      my @blockers = &has_comm_blocking($priv,$symb,$refuri);
-                      if (@blockers > 0) {
-                          $thisallowed = 'B';
-                      } else {
+                      if ($noblockcheck) {
                           $thisallowed.=$value;
+                      } else {
+                          my @blockers = &has_comm_blocking($priv,$symb,$refuri);
+                          if (@blockers > 0) {
+                              $thisallowed = 'B';
+                          } else {
+                              $thisallowed.=$value;
+                          }
                       }
                   } else {
                       $thisallowed.=$value;
@@ -7113,6 +7327,32 @@ sub constructaccess {
     return '';
 }
 
+# ----------------------------------------------------------- Content Blocking
+
+{
+# Caches for faster Course Contents display where content blocking
+# is in operation (i.e., interval param set) for timed quiz.
+#
+# User for whom data are being temporarily cached.
+my $cacheduser='';
+# Cached blockers for this user (a hash of blocking items).
+my %cachedblockers=();
+# When the data were last cached.
+my $cachedlast='';
+
+sub load_all_blockers {
+    my ($uname,$udom,$blocks)=@_;
+    if (($uname ne '') && ($udom ne '')) {
+        if (($cacheduser eq $uname.':'.$udom) &&
+            (abs($cachedlast-time)<5)) {
+            return;
+        }
+    }
+    $cachedlast=time;
+    $cacheduser=$uname.':'.$udom;
+    %cachedblockers = &get_commblock_resources($blocks);
+}
+
 sub get_comm_blocks {
     my ($cdom,$cnum) = @_;
     if ($cdom eq '' || $cnum eq '') {
@@ -7133,27 +7373,21 @@ sub get_comm_blocks {
     return %commblocks;
 }
 
-sub has_comm_blocking {
-    my ($priv,$symb,$uri,$blocks) = @_;
-    return unless ($env{'request.course.id'});
-    return unless ($priv eq 'bre');
-    return if ($env{'user.priv.'.$env{'request.role'}} =~/evb\&([^\:]*)/);
+sub get_commblock_resources {
+    my ($blocks) = @_;
+    my %blockers = ();
+    return %blockers unless ($env{'request.course.id'});
+    return %blockers if ($env{'user.priv.'.$env{'request.role'}} =~/evb\&([^\:]*)/);
     my %commblocks;
     if (ref($blocks) eq 'HASH') {
         %commblocks = %{$blocks};
     } else {
         %commblocks = &get_comm_blocks();
     }
-    return unless (keys(%commblocks) > 0);
-    if (!$symb) { $symb=&symbread($uri,1); }
-    my ($map,$resid,undef)=&decode_symb($symb);
-    my %tocheck = (
-                    maps      => $map,
-                    resources => $symb,
-                  );
-    my @blockers;
-    my $now = time;
+    return %blockers unless (keys(%commblocks) > 0);
     my $navmap = Apache::lonnavmaps::navmap->new();
+    return %blockers unless (ref($navmap));
+    my $now = time;
     foreach my $block (keys(%commblocks)) {
         if ($block =~ /^(\d+)____(\d+)$/) {
             my ($start,$end) = ($1,$2);
@@ -7161,17 +7395,13 @@ sub has_comm_blocking {
                 if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {
                     if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {
                         if (ref($commblocks{$block}{'blocks'}{'docs'}{'maps'}) eq 'HASH') {
-                            if ($commblocks{$block}{'blocks'}{'docs'}{'maps'}{$map}) {
-                                unless (grep(/^\Q$block\E$/,@blockers)) {
-                                    push(@blockers,$block);
-                                }
+                            if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'maps'}})) {
+                                $blockers{$block}{maps} = $commblocks{$block}{'blocks'}{'docs'}{'maps'};
                             }
                         }
                         if (ref($commblocks{$block}{'blocks'}{'docs'}{'resources'}) eq 'HASH') {
-                            if ($commblocks{$block}{'blocks'}{'docs'}{'resources'}{$symb}) {
-                                unless (grep(/^\Q$block\E$/,@blockers)) {  
-                                    push(@blockers,$block);
-                                }
+                            if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'resources'}})) {
+                                $blockers{$block}{'resources'} = $commblocks{$block}{'blocks'}{'docs'}{'resources'};
                             }
                         }
                     }
@@ -7182,32 +7412,31 @@ sub has_comm_blocking {
             my @to_test;
             if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {
                 if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {
-                    my $check_interval;
-                    if (&check_docs_block($commblocks{$block}{'blocks'}{'docs'},\%tocheck)) {
-                        my @interval;
-                        my $type = 'map';
-                        if ($item eq 'course') {
-                            $type = 'course';
-                            @interval=&EXT("resource.0.interval");
+                    my @interval;
+                    my $type = 'map';
+                    if ($item eq 'course') {
+                        $type = 'course';
+                        @interval=&EXT("resource.0.interval");
+                    } else {
+                        if ($item =~ /___\d+___/) {
+                            $type = 'resource';
+                            @interval=&EXT("resource.0.interval",$item);
+                            if (ref($navmap)) {
+                                my $res = $navmap->getBySymb($item);
+                                push(@to_test,$res);
+                            }
                         } else {
-                            if ($item =~ /___\d+___/) {
-                                $type = 'resource';
-                                @interval=&EXT("resource.0.interval",$item);
-                                if (ref($navmap)) {                        
-                                    my $res = $navmap->getBySymb($item); 
-                                    push(@to_test,$res);
-                                }
-                            } else {
-                                my $mapsymb = &symbread($item,1);
-                                if ($mapsymb) {
-                                    if (ref($navmap)) {
-                                        my $mapres = $navmap->getBySymb($mapsymb);
-                                        @to_test = $mapres->retrieveResources($mapres,undef,0,1);
-                                        foreach my $res (@to_test) {
-                                            my $symb = $res->symb();
-                                            next if ($symb eq $mapsymb);
-                                            if ($symb ne '') {
-                                                @interval=&EXT("resource.0.interval",$symb);
+                            my $mapsymb = &symbread($item,1);
+                            if ($mapsymb) {
+                                if (ref($navmap)) {
+                                    my $mapres = $navmap->getBySymb($mapsymb);
+                                    @to_test = $mapres->retrieveResources($mapres,undef,0,0,0,1);
+                                    foreach my $res (@to_test) {
+                                        my $symb = $res->symb();
+                                        next if ($symb eq $mapsymb);
+                                        if ($symb ne '') {
+                                            @interval=&EXT("resource.0.interval",$symb);
+                                            if ($interval[1] eq 'map') {
                                                 last;
                                             }
                                         }
@@ -7215,26 +7444,35 @@ sub has_comm_blocking {
                                 }
                             }
                         }
-                        if ($interval[0] =~ /\d+/) {
-                            my $first_access;
-                            if ($type eq 'resource') {
-                                $first_access=&get_first_access($interval[1],$item);
-                            } elsif ($type eq 'map') {
-                                $first_access=&get_first_access($interval[1],undef,$item);
-                            } else {
-                                $first_access=&get_first_access($interval[1]);
-                            }
-                            if ($first_access) {
-                                my $timesup = $first_access+$interval[0];
-                                if ($timesup > $now) {
-                                    foreach my $res (@to_test) {
-                                        if ($res->is_problem()) {
-                                            if ($res->completable()) {
-                                                unless (grep(/^\Q$block\E$/,@blockers)) {
-                                                    push(@blockers,$block);
-                                                }
-                                                last;
-                                            }
+                    }
+                    if ($interval[0] =~ /^\d+$/) {
+                        my $first_access;
+                        if ($type eq 'resource') {
+                            $first_access=&get_first_access($interval[1],$item);
+                        } elsif ($type eq 'map') {
+                            $first_access=&get_first_access($interval[1],undef,$item);
+                        } else {
+                            $first_access=&get_first_access($interval[1]);
+                        }
+                        if ($first_access) {
+                            my $timesup = $first_access+$interval[0];
+                            if ($timesup > $now) {
+                                my $activeblock;
+                                foreach my $res (@to_test) {
+                                    if ($res->answerable()) {
+                                        $activeblock = 1;
+                                        last;
+                                    }
+                                }
+                                if ($activeblock) {
+                                    if (ref($commblocks{$block}{'blocks'}{'docs'}{'maps'}) eq 'HASH') {
+                                         if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'maps'}})) {
+                                             $blockers{$block}{'maps'} = $commblocks{$block}{'blocks'}{'docs'}{'maps'};
+                                         }
+                                    }
+                                    if (ref($commblocks{$block}{'blocks'}{'docs'}{'resources'}) eq 'HASH') {
+                                        if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'resources'}})) {
+                                            $blockers{$block}{'resources'} = $commblocks{$block}{'blocks'}{'docs'}{'resources'};
                                         }
                                     }
                                 }
@@ -7245,33 +7483,66 @@ sub has_comm_blocking {
             }
         }
     }
-    return @blockers;
+    return %blockers;
 }
 
-sub check_docs_block {
-    my ($docsblock,$tocheck) =@_;
-    if ((ref($docsblock) ne 'HASH') || (ref($tocheck) ne 'HASH')) {
-        return;
+sub has_comm_blocking {
+    my ($priv,$symb,$uri,$blocks) = @_;
+    my @blockers;
+    return unless ($env{'request.course.id'});
+    return unless ($priv eq 'bre');
+    return if ($env{'user.priv.'.$env{'request.role'}} =~/evb\&([^\:]*)/);
+    return if ($env{'request.state'} eq 'construct');
+    &load_all_blockers($env{'user.name'},$env{'user.domain'},$blocks);
+    return unless (keys(%cachedblockers) > 0);
+    my (%possibles,@symbs);
+    if (!$symb) {
+        $symb = &symbread($uri,1,1,1,\%possibles);
     }
-    if (ref($docsblock->{'maps'}) eq 'HASH') {
-        if ($tocheck->{'maps'}) {
-            if ($docsblock->{'maps'}{$tocheck->{'maps'}}) {
-                return 1;
+    if ($symb) {
+        @symbs = ($symb);
+    } elsif (keys(%possibles)) {
+        @symbs = keys(%possibles);
+    }
+    my $noblock;
+    foreach my $symb (@symbs) {
+        last if ($noblock);
+        my ($map,$resid,$resurl)=&decode_symb($symb);
+        foreach my $block (keys(%cachedblockers)) {
+            if ($block =~ /^firstaccess____(.+)$/) {
+                my $item = $1;
+                if (($item eq $map) || ($item eq $symb)) {
+                    $noblock = 1;
+                    last;
+                }
             }
-        }
-    }
-    if (ref($docsblock->{'resources'}) eq 'HASH') {
-        if ($tocheck->{'resources'}) {
-            if ($docsblock->{'resources'}{$tocheck->{'resources'}}) {
-                return 1;
+            if (ref($cachedblockers{$block}) eq 'HASH') {
+                if (ref($cachedblockers{$block}{'resources'}) eq 'HASH') {
+                    if ($cachedblockers{$block}{'resources'}{$symb}) {
+                        unless (grep(/^\Q$block\E$/,@blockers)) {
+                            push(@blockers,$block);
+                        }
+                    }
+                }
+            }
+            if (ref($cachedblockers{$block}{'maps'}) eq 'HASH') {
+                if ($cachedblockers{$block}{'maps'}{$map}) {
+                    unless (grep(/^\Q$block\E$/,@blockers)) {
+                        push(@blockers,$block);
+                    }
+                }
             }
         }
     }
-    return;
+    return if ($noblock);
+    return @blockers;
 }
+}
+
+# -------------------------------- Deversion and split uri into path an filename
 
 #
-#   Removes the versino from a URI and
+#   Removes the version from a URI and
 #   splits it in to its filename and path to the filename.
 #   Seems like File::Basename could have done this more clearly.
 #   Parameters:
@@ -7885,17 +8156,20 @@ sub auto_courserequest_checks {
 }
 
 sub auto_courserequest_validation {
-    my ($dom,$owner,$crstype,$inststatuslist,$instcode,$instseclist) = @_;
+    my ($dom,$owner,$crstype,$inststatuslist,$instcode,$instseclist,$custominfo) = @_;
     my ($homeserver,$response);
     if ($dom =~ /^$match_domain$/) {
         $homeserver = &domain($dom,'primary');
     }
-    unless ($homeserver eq 'no_host') {  
-          
+    unless ($homeserver eq 'no_host') {
+        my $customdata;
+        if (ref($custominfo) eq 'HASH') {
+            $customdata = &freeze_escape($custominfo);
+        }
         $response=&unescape(&reply('autocrsreqvalidation:'.$dom.':'.&escape($owner).
                                     ':'.&escape($crstype).':'.&escape($inststatuslist).
-                                    ':'.&escape($instcode).':'.&escape($instseclist),
-                                    $homeserver));
+                                    ':'.&escape($instcode).':'.&escape($instseclist).':'.
+                                    $customdata,$homeserver));
     }
     return $response;
 }
@@ -7914,6 +8188,108 @@ sub auto_validate_class_sec {
     return $response;
 }
 
+sub auto_crsreq_update {
+    my ($cdom,$cnum,$crstype,$action,$ownername,$ownerdomain,$fullname,$title,
+        $code,$accessstart,$accessend,$inbound) = @_;
+    my ($homeserver,%crsreqresponse);
+    if ($cdom =~ /^$match_domain$/) {
+        $homeserver = &domain($cdom,'primary');
+    }
+    unless (($homeserver eq 'no_host') || ($homeserver eq '')) {
+        my $info;
+        if (ref($inbound) eq 'HASH') {
+            $info = &freeze_escape($inbound);
+        }
+        my $response=&reply('autocrsrequpdate:'.$cdom.':'.$cnum.':'.&escape($crstype).
+                            ':'.&escape($action).':'.&escape($ownername).':'.
+                            &escape($ownerdomain).':'.&escape($fullname).':'.
+                            &escape($title).':'.&escape($code).':'.
+                            &escape($accessstart).':'.&escape($accessend).':'.$info,$homeserver);
+        unless ($response =~ /(con_lost|error|no_such_host|refused)/) {
+            my @items = split(/&/,$response);
+            foreach my $item (@items) {
+                my ($key,$value) = split('=',$item);
+                $crsreqresponse{&unescape($key)} = &thaw_unescape($value);
+            }
+        }
+    }
+    return \%crsreqresponse;
+}
+
+sub check_instcode_cloning {
+    my ($codedefaults,$code_order,$cloner,$clonefromcode,$clonetocode) = @_;
+    unless ((ref($codedefaults) eq 'HASH') && (ref($code_order) eq 'ARRAY')) {
+        return;
+    }
+    my $canclone;
+    if (@{$code_order} > 0) {
+        my $instcoderegexp ='^';
+        my @clonecodes = split(/\&/,$cloner);
+        foreach my $item (@{$code_order}) {
+            if (grep(/^\Q$item\E=/,@clonecodes)) {
+                foreach my $pair (@clonecodes) {
+                    my ($key,$val) = split(/\=/,$pair,2);
+                    $val = &unescape($val);
+                    if ($key eq $item) {
+                        $instcoderegexp .= '('.$val.')';
+                        last;
+                    }
+                }
+            } else {
+                $instcoderegexp .= $codedefaults->{$item};
+            }
+        }
+        $instcoderegexp .= '$';
+        my (@from,@to);
+        eval {
+               (@from) = ($clonefromcode =~ /$instcoderegexp/);
+               (@to) = ($clonetocode =~ /$instcoderegexp/);
+        };
+        if ((@from > 0) && (@to > 0)) {
+            my @diffs = &Apache::loncommon::compare_arrays(\@from,\@to);
+            if (!@diffs) {
+                $canclone = 1;
+            }
+        }
+    }
+    return $canclone;
+}
+
+sub default_instcode_cloning {
+    my ($clonedom,$domdefclone,$clonefromcode,$clonetocode,$codedefaultsref,$codeorderref) = @_;
+    my (%codedefaults,@code_order,$canclone);
+    if ((ref($codedefaultsref) eq 'HASH') && (ref($codeorderref) eq 'ARRAY')) {
+        %codedefaults = %{$codedefaultsref};
+        @code_order = @{$codeorderref};
+    } elsif ($clonedom) {
+        &auto_instcode_defaults($clonedom,\%codedefaults,\@code_order);
+    }
+    if (($domdefclone) && (@code_order)) {
+        my @clonecodes = split(/\+/,$domdefclone);
+        my $instcoderegexp ='^';
+        foreach my $item (@code_order) {
+            if (grep(/^\Q$item\E$/,@clonecodes)) {
+                $instcoderegexp .= '('.$codedefaults{$item}.')';
+            } else {
+                $instcoderegexp .= $codedefaults{$item};
+            }
+        }
+        $instcoderegexp .= '$';
+        my (@from,@to);
+        eval {
+            (@from) = ($clonefromcode =~ /$instcoderegexp/);
+            (@to) = ($clonetocode =~ /$instcoderegexp/);
+        };
+        if ((@from > 0) && (@to > 0)) {
+            my @diffs = &Apache::loncommon::compare_arrays(\@from,\@to);
+            if (!@diffs) {
+                $canclone = 1;
+            }
+        }
+    }
+    return $canclone;
+}
+
 # ------------------------------------------------------- Course Group routines
 
 sub get_coursegroups {
@@ -9688,10 +10064,12 @@ sub get_userresdata {
     }
     #error 2 occurs when the .db doesn't exist
     if ($tmp!~/error: 2 /) {
-	&logthis("<font color=\"blue\">WARNING:".
-		 " Trying to get resource data for ".
-		 $uname." at ".$udom.": ".
-		 $tmp."</font>");
+        if ((!defined($cached)) || ($tmp ne 'con_lost')) {
+	    &logthis("<font color=\"blue\">WARNING:".
+		     " Trying to get resource data for ".
+		     $uname." at ".$udom.": ".
+		     $tmp."</font>");
+        }
     } elsif ($tmp=~/error: 2 /) {
 	#&EXT_cache_set($udom,$uname);
 	&do_cache_new('userres',$hashid,undef,600);
@@ -10189,7 +10567,7 @@ sub metadata {
         ($uri =~ m|/$|) || ($uri =~ m|/.meta$|) || ($uri =~ m{^/*uploaded/.+\.sequence$})) {
 	return undef;
     }
-    if (($uri =~ /^priv/ || $uri=~/home\/httpd\/html\/priv/) 
+    if (($uri =~ /^priv/ || $uri=~m{^home/httpd/html/priv}) 
 	&& &Apache::lonxml::get_state('target') =~ /^(|meta)$/) {
 	return undef;
     }
@@ -10450,7 +10828,7 @@ sub metadata {
 
 	$metaentry{':keys'} = join(',',keys(%metathesekeys));
 	&metadata_generate_part0(\%metathesekeys,\%metaentry,$uri);
-	$metaentry{':allpossiblekeys'}=join(',',keys %metathesekeys);
+	$metaentry{':allpossiblekeys'}=join(',',keys(%metathesekeys));
 	&do_cache_new('meta',$uri,\%metaentry,$cachetime);
 # this is the end of "was not already recently cached
     }
@@ -10821,15 +11199,17 @@ sub deversion {
 # ------------------------------------------------------ Return symb list entry
 
 sub symbread {
-    my ($thisfn,$donotrecurse)=@_;
-    my $cache_str;
-    if ($thisfn ne '') {
-        $cache_str='request.symbread.cached.'.$thisfn;
-        if ($env{$cache_str} ne '') {
+    my ($thisfn,$donotrecurse,$ignorecachednull,$checkforblock,$possibles)=@_;
+    my $cache_str='request.symbread.cached.'.$thisfn;
+    if (defined($env{$cache_str})) {
+        if ($ignorecachednull) {
+            return $env{$cache_str} unless ($env{$cache_str} eq '');
+        } else {
             return $env{$cache_str};
         }
-   } else {
+    }
 # no filename provided? try from environment
+    unless ($thisfn) {
         if ($env{'request.symb'}) {
             return $env{$cache_str}=&symbclean($env{'request.symb'});
         }
@@ -10889,18 +11269,46 @@ sub symbread {
 		     my ($mapid,$resid)=split(/\./,$ids);
 		     $syval=&encode_symb($bighash{'map_id_'.$mapid},
 						    $resid,$thisfn);
-                 } elsif (!$donotrecurse) {
+                     if (ref($possibles) eq 'HASH') {
+                         $possibles->{$syval} = 1;
+                     }
+                     if ($checkforblock) {
+                         my @blockers = &has_comm_blocking('bre',$syval,$bighash{'src_'.$ids});
+                         if (@blockers) {
+                             $syval = '';
+                             return;
+                         }
+                     }
+                 } elsif ((!$donotrecurse) || ($checkforblock) || (ref($possibles) eq 'HASH')) {
 # ------------------------------------------ There is more than one possibility
                      my $realpossible=0;
                      foreach my $id (@possibilities) {
 			 my $file=$bighash{'src_'.$id};
-                         if (&allowed('bre',$file)) {
-         		    my ($mapid,$resid)=split(/\./,$id);
-                            if ($bighash{'map_type_'.$mapid} ne 'page') {
-				$realpossible++;
-                                $syval=&encode_symb($bighash{'map_id_'.$mapid},
-						    $resid,$thisfn);
-                            }
+                         my $canaccess;
+                         if (($donotrecurse) || ($checkforblock) || (ref($possibles) eq 'HASH')) {
+                             $canaccess = 1;
+                         } else {
+                             $canaccess = &allowed('bre',$file);
+                         }
+                         if ($canaccess) {
+         		     my ($mapid,$resid)=split(/\./,$id);
+                             if ($bighash{'map_type_'.$mapid} ne 'page') {
+                                 my $poss_syval=&encode_symb($bighash{'map_id_'.$mapid},
+                                                             $resid,$thisfn);
+                                 if (ref($possibles) eq 'HASH') {
+                                     $possibles->{$syval} = 1;
+                                 }
+                                 if ($checkforblock) {
+                                     my @blockers = &has_comm_blocking('bre',$poss_syval,$file);
+                                     unless (@blockers > 0) {
+                                         $syval = $poss_syval;
+                                         $realpossible++;
+                                     }
+                                 } else {
+                                     $syval = $poss_syval;
+                                     $realpossible++;
+                                 }
+                             }
 			 }
                      }
 		     if ($realpossible!=1) { $syval=''; }
@@ -10908,7 +11316,7 @@ sub symbread {
                      $syval='';
                  }
 	      }
-              untie(%bighash)
+              untie(%bighash);
            }
         }
         if ($syval) {
@@ -11246,8 +11654,12 @@ sub rndseed_CODE_64bit5 {
 sub setup_random_from_rndseed {
     my ($rndseed)=@_;
     if ($rndseed =~/([,:])/) {
-	my ($num1,$num2)=split(/[,:]/,$rndseed);
-	&Math::Random::random_set_seed(abs($num1),abs($num2));
+	my ($num1,$num2) = map { abs($_); } (split(/[,:]/,$rndseed));
+        if ((!$num1) || (!$num2) || ($num1 > 2147483562) || ($num2 > 2147483398)) {
+            &Math::Random::random_set_seed_from_phrase($rndseed);
+        } else {
+            &Math::Random::random_set_seed($num1,$num2);
+        }
     } else {
 	&Math::Random::random_set_seed_from_phrase($rndseed);
     }
@@ -11638,7 +12050,9 @@ sub default_login_domain {
 sub declutter {
     my $thisfn=shift;
     if ($thisfn=~m|^/enc/|) { $thisfn=&Apache::lonenc::unencrypted($thisfn); }
-    $thisfn=~s/^\Q$perlvar{'lonDocRoot'}\E//;
+    unless ($thisfn=~m{^/home/httpd/html/priv/}) {
+        $thisfn=~s{^/home/httpd/html}{};
+    }
     $thisfn=~s/^\///;
     $thisfn=~s|^adm/wrapper/||;
     $thisfn=~s|^adm/coursedocs/showdoc/||;
@@ -11765,7 +12179,7 @@ sub get_dns {
 	$alldns{$host} = $protocol;
     }
     while (%alldns) {
-	my ($dns) = keys(%alldns);
+	my ($dns) = sort { $b cmp $a } keys(%alldns);
 	my $ua=new LWP::UserAgent;
         $ua->timeout(30);
 	my $request=new HTTP::Request('GET',"$alldns{$dns}://$dns$url");
@@ -11791,8 +12205,22 @@ sub get_dns {
 # ------------------------------------------------------Get DNS checksums file
 sub parse_dns_checksums_tab {
     my ($lines,$hashref) = @_;
-    my $machine_dom = &Apache::lonnet::host_domain($perlvar{'lonHostID'});
+    my $lonhost = $perlvar{'lonHostID'};
+    my $machine_dom = &Apache::lonnet::host_domain($lonhost);
     my $loncaparev = &get_server_loncaparev($machine_dom);
+    my $distro = (split(/\:/,&get_server_distarch($lonhost)))[0];
+    my $webconfdir = '/etc/httpd/conf';
+    if ($distro =~ /^(ubuntu|debian)(\d+)$/) {
+        $webconfdir = '/etc/apache2';
+    } elsif ($distro =~ /^sles(\d+)$/) {
+        if ($1 >= 10) {
+            $webconfdir = '/etc/apache2';
+        }
+    } elsif ($distro =~ /^suse(\d+\.\d+)$/) {
+        if ($1 >= 10.0) {
+            $webconfdir = '/etc/apache2';
+        }
+    }
     my ($release,$timestamp) = split(/\-/,$loncaparev);
     my (%chksum,%revnum);
     if (ref($lines) eq 'ARRAY') {
@@ -11801,6 +12229,11 @@ sub parse_dns_checksums_tab {
         if ($version eq $release) {
             foreach my $line (@{$lines}) {
                 my ($file,$version,$shasum) = split(/,/,$line);
+                if ($file =~ m{^/etc/httpd/conf}) {
+                    if ($webconfdir eq '/etc/apache2') {
+                        $file =~ s{^\Q/etc/httpd/conf/\E}{$webconfdir/};
+                    }
+                }
                 $chksum{$file} = $shasum;
                 $revnum{$file} = $version;
             }
@@ -11818,7 +12251,7 @@ sub parse_dns_checksums_tab {
 sub fetch_dns_checksums {
     my %checksums;
     my $machine_dom = &Apache::lonnet::host_domain($perlvar{'lonHostID'});
-    my $loncaparev = &get_server_loncaparev($machine_dom);
+    my $loncaparev = &get_server_loncaparev($machine_dom,$perlvar{'lonHostID'});
     my ($release,$timestamp) = split(/\-/,$loncaparev);
     &get_dns("/adm/dns/checksums/$release",\&parse_dns_checksums_tab,1,1,
              \%checksums);
@@ -11853,8 +12286,8 @@ sub fetch_dns_checksums {
     }
 
     sub load_domain_tab {
-	my ($ignore_cache) = @_;
-	&get_dns('/adm/dns/domain',\&parse_domain_tab,$ignore_cache);
+	my ($ignore_cache,$nocache) = @_;
+	&get_dns('/adm/dns/domain',\&parse_domain_tab,$ignore_cache,$nocache);
 	my $fh;
 	if (open($fh,"<".$perlvar{'lonTabDir'}.'/domain.tab')) {
 	    my @lines = <$fh>;
@@ -11940,8 +12373,8 @@ sub fetch_dns_checksums {
     }
 
     sub load_hosts_tab {
-	my ($ignore_cache) = @_;
-	&get_dns('/adm/dns/hosts',\&parse_hosts_tab,$ignore_cache);
+	my ($ignore_cache,$nocache) = @_;
+	&get_dns('/adm/dns/hosts',\&parse_hosts_tab,$ignore_cache,$nocache);
 	open(my $config,"<$perlvar{'lonTabDir'}/hosts.tab");
 	my @config = <$config>;
 	&parse_hosts_tab(\@config);
@@ -11963,7 +12396,8 @@ sub fetch_dns_checksums {
     }
 
     sub all_names {
-	&load_hosts_tab() if (!$loaded);
+        my ($ignore_cache,$nocache) = @_;
+	&load_hosts_tab($ignore_cache,$nocache) if (!$loaded);
 
 	return %name_to_host;
     }
@@ -12085,7 +12519,7 @@ sub fetch_dns_checksums {
     }
     
     sub get_iphost {
-	my ($ignore_cache) = @_;
+	my ($ignore_cache,$nocache) = @_;
 
 	if (!$ignore_cache) {
 	    if (%iphost) {
@@ -12109,7 +12543,7 @@ sub fetch_dns_checksums {
 	    %old_name_to_ip = %{$ip_info->[1]};
 	}
 
-	my %name_to_host = &all_names();
+	my %name_to_host = &all_names($ignore_cache,$nocache);
 	foreach my $name (keys(%name_to_host)) {
 	    my $ip;
 	    if (!exists($name_to_ip{$name})) {
@@ -12134,9 +12568,11 @@ sub fetch_dns_checksums {
 	    }
 	    push(@{$iphost{$ip}},@{$name_to_host{$name}});
 	}
-	&do_cache_new('iphost','iphost',
-		      [\%iphost,\%name_to_ip,\%lonid_to_ip],
-		      48*60*60);
+        unless ($nocache) {
+	    &do_cache_new('iphost','iphost',
+		          [\%iphost,\%name_to_ip,\%lonid_to_ip],
+		          48*60*60);
+        }
 
 	return %iphost;
     }
@@ -12198,7 +12634,7 @@ sub fetch_dns_checksums {
 }
 
 sub all_loncaparevs {
-    return qw(1.1 1.2 1.3 2.0 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 2.10);
+    return qw(1.1 1.2 1.3 2.0 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 2.10 2.11);
 }
 
 # ------------------------------------------------------- Read loncaparev table
@@ -12517,7 +12953,7 @@ were new keys. I.E. 1:foo will become 1:
 Calling convention:
 
  my %record=&Apache::lonnet::restore($symb,$courseid,$domain,$uname);
- &Apache::lonnet::cstore(\%newrecord,$symb,$courseid,$domain,$uname);
+ &Apache::lonnet::cstore(\%newrecord,$symb,$courseid,$domain,$uname,$laststore);
 
 For more detailed information, see lonnet specific documentation.
 
@@ -12653,13 +13089,29 @@ escaped strings of the action recorded i
 
 =item *
 
-allowed($priv,$uri,$symb,$role) : check for a user privilege; returns codes for allowed actions
+allowed($priv,$uri,$symb,$role,$clientip,$noblockcheck) : check for a user privilege; 
+returns codes for allowed actions.
+
+The first argument is required, all others are optional.
+
+$priv is the privilege being checked.
+$uri contains additional information about what is being checked for access (e.g.,
+URL, course ID etc.).
+$symb is the unique resource instance identifier in a course; if needed,
+but not provided, it will be retrieved via a call to &symbread().
+$role is the role for which a priv is being checked (only used if priv is evb).
+$clientip is the user's IP address (only used when checking for access to portfolio
+files).
+$noblockcheck, if true, skips calls to &has_comm_blocking() for the bre priv. This
+prevents recursive calls to &allowed.
+
  F: full access
  U,I,K: authentication modes (cxx only)
  '': forbidden
  1: user needs to choose course
  2: browse allowed
  A: passphrase authentication needed
+ B: access temporarily blocked because of a blocking event in a course.
 
 =item *
 
@@ -13053,7 +13505,20 @@ will be stored for query
 
 =item *
 
-symbread($filename) : return symbolic list entry (filename argument optional);
+symbread($filename,$donotrecurse,$ignorecachednull,$checkforblock,$possibles) :
+return symbolic list entry (all arguments optional).
+
+Args: filename is the filename (including path) for the file for which a symb
+is required; donotrecurse, if true will prevent calls to allowed() being made
+to check access status if more than one resource was found in the bighash
+(see rev. 1.249) to avoid an infinite loop if an ambiguous resource is part of
+a randompick); ignorecachednull, if true will prevent a symb of '' being
+returned if $env{$cache_str} is defined as ''; checkforblock if true will
+cause possible symbs to be checked to determine if they are subject to content
+blocking, if so they will not be included as possible symbs; possibles is a
+ref to a hash, which, as a side effect, will be populated with all possible
+symbs (content blocking not tested).
+
 returns the data handle
 
 =item *
@@ -13154,15 +13619,21 @@ homeserver.
 
 =item *
 
-store($storehash,$symb,$namespace,$udom,$uname) : stores hash permanently
-for this url; hashref needs to be given and should be a \%hashname; the
-remaining args aren't required and if they aren't passed or are '' they will
-be derived from the env
+store($storehash,$symb,$namespace,$udom,$uname,$laststore) : stores hash 
+permanently for this url; hashref needs to be given and should be a \%hashname;
+the remaining args aren't required and if they aren't passed or are '' they will
+be derived from the env (with the exception of $laststore, which is an
+optional arg used when a user's submission is stored in grading).
+$laststore is $version=$timestamp, where $version is the most recent version
+number retrieved for the corresponding $symb in the $namespace db file, and
+$timestamp is the timestamp for that transaction (UNIX time).
+$laststore is currently only passed when cstore() is called by
+structuretags::finalize_storage().
 
 =item *
 
-cstore($storehash,$symb,$namespace,$udom,$uname) : same as store but
-uses critical subroutine
+cstore($storehash,$symb,$namespace,$udom,$uname,$laststore) : same as store 
+but uses critical subroutine
 
 =item *
 
@@ -13185,10 +13656,11 @@ $range should be either an integer '100'
 
 =item *
 
-putstore($namespace,$symb,$version,$storehash,$udomain,$uname) :
+putstore($namespace,$symb,$version,$storehash,$udomain,$uname,$tolog) :
 replaces a &store() version of data with a replacement set of data
 for a particular resource in a namespace passed in the $storehash hash 
-reference
+reference. If $tolog is true, the transaction is logged in the courselog
+with an action=PUTSTORE.
 
 =item *
 
@@ -13332,7 +13804,7 @@ requestcourses: ability to request cours
 =over
 
 =item
-official, unofficial, community
+official, unofficial, community, textbook
 
 =back
 
@@ -13342,7 +13814,7 @@ inststatus: types of institutional affil
 =over
 
 =item
-inststatustypes, inststatusorder
+inststatustypes, inststatusorder, inststatusguest
 
 =back
 
@@ -13353,7 +13825,8 @@ for course's uploaded content.
 =over
 
 =item
-canuse_pdfforms, officialcredits, unofficialcredits, officialquota, unofficialquota, communityquota
+canuse_pdfforms, officialcredits, unofficialcredits, textbookcredits, officialquota, unofficialquota,
+communityquota, textbookquota
 
 =back
 
@@ -13606,7 +14079,8 @@ filelocation except for hrefs
 
 =item *
 
-declutter() : declutters URLs (remove docroot, beginning slashes, 'res' etc)
+declutter() : declutters URLs -- remove beginning slashes, 'res' etc.
+also removes beginning /home/httpd/html unless /priv/ follows it.
 
 =back