--- loncom/lonnet/perl/lonnet.pm 2012/08/21 04:04:58 1.1186 +++ loncom/lonnet/perl/lonnet.pm 2012/09/04 20:48:05 1.1190 @@ -1,7 +1,7 @@ # The LearningOnline Network # TCP networking package # -# $Id: lonnet.pm,v 1.1186 2012/08/21 04:04:58 raeburn Exp $ +# $Id: lonnet.pm,v 1.1190 2012/09/04 20:48:05 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -113,11 +113,11 @@ our @ISA = qw (Exporter); our @EXPORT = qw(%env); -# ---------------------------------------------------------------- Role Logging +# ------------------------------------ Logging (parameters, docs, slots, roles) { my $logid; - sub write_rolelog { - my ($context,$hash_name,$storehash,$delflag,$udom,$uname,$cdom,$cnum)=@_; + sub write_log { + my ($context,$hash_name,$storehash,$delflag,$uname,$udom,$cnum,$cdom)=@_; if ($context eq 'course') { if (($cnum eq '') || ($cdom eq '')) { $cnum = $env{'course.'.$env{'request.course.id'}.'.num'}; @@ -2406,7 +2406,7 @@ sub chatsend { sub getversion { my $fname=&clutter(shift); - unless ($fname=~/^\/res\//) { return -1; } + unless ($fname=~m{^(/adm/wrapper|)/res/}) { return -1; } return ¤tversion(&filelocation('',$fname)); } @@ -3555,8 +3555,8 @@ sub courserolelog { } else { $storehash{'section'} = $sec; } - &write_rolelog('course',$namespace,\%storehash,$delflag,$domain, - $username,$cdom,$cnum); + &write_log('course',$namespace,\%storehash,$delflag,$username, + $domain,$cnum,$cdom); if (($trole ne 'st') || ($sec ne '')) { &devalidate_cache_new('getcourseroles',$cdom.'_'.$cnum); } @@ -3576,8 +3576,8 @@ sub domainrolelog { end => $tend, context => $context, ); - &write_rolelog('domain',$namespace,\%storehash,$delflag,$domain, - $username,$cdom,$domconfiguser); + &write_log('domain',$namespace,\%storehash,$delflag,$username, + $domain,$domconfiguser,$cdom); } return; @@ -3595,8 +3595,8 @@ sub coauthorrolelog { end => $tend, context => $context, ); - &write_rolelog('author',$namespace,\%storehash,$delflag,$domain, - $username,$audom,$auname); + &write_log('author',$namespace,\%storehash,$delflag,$username, + $domain,$auname,$audom); } return; } @@ -10018,7 +10018,7 @@ sub symblist { # --------------------------------------------------------------- Verify a symb sub symbverify { - my ($symb,$thisurl)=@_; + my ($symb,$thisurl,$encstate)=@_; my $thisfn=$thisurl; $thisfn=&declutter($thisfn); # direct jump to resource in page or to a sequence - will construct own symbs @@ -10054,11 +10054,14 @@ sub symbverify { } if ( &symbclean(&declutter($bighash{'map_id_'.$mapid}).'___'.$resid.'___'.$thisfn) - eq $symb) { + eq $symb) { + if (ref($encstate)) { + $$encstate = $bighash{'encrypted_'.$id}; + } if (($env{'request.role.adv'}) || ($bighash{'encrypted_'.$id} eq $env{'request.enc'}) || ($thisurl eq '/adm/navmaps')) { - $okay=1; + $okay=1; } } } @@ -12255,12 +12258,14 @@ returns the data handle =item * -symbverify($symb,$thisfn) : verifies that $symb actually exists and is -a possible symb for the URL in $thisfn, and if is an encryypted +symbverify($symb,$thisfn,$encstate) : verifies that $symb actually exists +and is a possible symb for the URL in $thisfn, and if is an encrypted resource that the user accessed using /enc/ returns a 1 on success, 0 -on failure, user must be in a course, as it assumes the existance of -the course initial hash, and uses $env('request.course.id'} - +on failure, user must be in a course, as it assumes the existence of +the course initial hash, and uses $env('request.course.id'}. The third +arg is an optional reference to a scalar. If this arg is passed in the +call to symbverify, it will be set to 1 if the symb has been set to be +encrypted; otherwise it will be null. =item *