--- loncom/lonnet/perl/lonnet.pm	2004/08/23 15:56:46	1.528
+++ loncom/lonnet/perl/lonnet.pm	2004/08/24 07:26:04	1.531
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # TCP networking package
 #
-# $Id: lonnet.pm,v 1.528 2004/08/23 15:56:46 sakharuk Exp $
+# $Id: lonnet.pm,v 1.531 2004/08/24 07:26:04 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -1267,10 +1267,8 @@ sub process_coursefile {
 # input: name of form element, coursedoc=1 means this is for the course
 # output: url of file in userspace
 
-sub userfileupload {
-    my ($formname,$coursedoc,$subdir)=@_;
-    if (!defined($subdir)) { $subdir='unknown'; }
-    my $fname=$ENV{'form.'.$formname.'.filename'};
+sub clean_filename {
+    my ($fname)=@_;
 # Replace Windows backslashes by forward slashes
     $fname=~s/\\/\//g;
 # Get rid of everything but the actual filename
@@ -1279,6 +1277,14 @@ sub userfileupload {
     $fname=~s/\s+/\_/g;
 # Replace all other weird characters by nothing
     $fname=~s/[^\w\.\-]//g;
+    return $fname;
+}
+
+sub userfileupload {
+    my ($formname,$coursedoc,$subdir)=@_;
+    if (!defined($subdir)) { $subdir='unknown'; }
+    my $fname=$ENV{'form.'.$formname.'.filename'};
+    $fname=&clean_filename($fname);
 # See if there is anything left
     unless ($fname) { return 'error: no uploaded file'; }
     chop($ENV{'form.'.$formname});
@@ -1372,6 +1378,19 @@ sub removeuserfile {
     return &reply("removeuserfile:$docudom/$docuname/$fname",$home);
 }
 
+sub mkdiruserfile {
+    my ($docuname,$docudom,$dir)=@_;
+    my $home=&homeserver($docuname,$docudom);
+    return &reply("mkdiruserfile:".&escape("$docudom/$docuname/$dir"),$home);
+}
+
+sub renameuserfile {
+    my ($docuname,$docudom,$old,$new)=@_;
+    my $home=&homeserver($docuname,$docudom);
+    return &reply("renameuserfile:$docudom:$docuname:".&escape("$old").':'.
+		  &escape("$new"),$home);
+}
+
 # ------------------------------------------------------------------------- Log
 
 sub log {
@@ -2697,8 +2716,8 @@ sub allowed {
 
     if (defined($ENV{'allowed.'.$priv})) { return $ENV{'allowed.'.$priv}; }
 # Free bre access to adm and meta resources
-
-    if ((($uri=~/^adm\//) || ($uri=~/\.meta$/)) && ($priv eq 'bre')) {
+    if (((($uri=~/^adm\//) && ($uri !~ m|/bulletinboard$|)) 
+	 || ($uri=~/\.meta$/)) && ($priv eq 'bre')) {
 	return 'F';
     }
 
@@ -4197,7 +4216,9 @@ sub metadata {
     my ($uri,$what,$liburi,$prefix,$depthcount)=@_;
     $uri=&declutter($uri);
     # if it is a non metadata possible uri return quickly
-    if (($uri eq '') || (($uri =~ m|^/*adm/|) && ($uri !~ m|^adm/includes|)) ||
+    if (($uri eq '') || 
+	(($uri =~ m|^/*adm/|) && 
+	     ($uri !~ m|^adm/includes|) && ($uri !~ m|/bulletinboard$|)) ||
         ($uri =~ m|/$|) || ($uri =~ m|/.meta$|) || ($uri =~ /^~/) ||
 	($uri =~ m|home/[^/]+/public_html/|)) {
 	return undef;