--- loncom/auth/lonacc.pm	2007/11/06 02:26:07	1.112
+++ loncom/auth/lonacc.pm	2008/05/14 18:27:30	1.115
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Cookie Based Access Handler
 #
-# $Id: lonacc.pm,v 1.112 2007/11/06 02:26:07 albertel Exp $
+# $Id: lonacc.pm,v 1.115 2008/05/14 18:27:30 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -57,13 +57,14 @@ sub goodbye {
 ###############################################
 
 sub get_posted_cgi {
-    my ($r) = @_;
+    my ($r,$fields) = @_;
 
     my $buffer;
     if ($r->header_in('Content-length')) {
 	$r->read($buffer,$r->header_in('Content-length'),0);
     }
-    unless ($buffer=~/^(\-+[\+\w]+)\s+Content\-Disposition\:\s*form\-data/si) {
+    my $content_type = $r->header_in('Content-type');
+    if ($content_type !~ m{^multipart/form-data}) {
 	my @pairs=split(/&/,$buffer);
 	my $pair;
 	foreach $pair (@pairs) {
@@ -72,10 +73,13 @@ sub get_posted_cgi {
 	    $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
 	    $name  =~ tr/+/ /;
 	    $name  =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
+            if (ref($fields) eq 'ARRAY') {
+                next if (!grep(/^\Q$name\E$/,@{$fields}));
+            }
 	    &Apache::loncommon::add_to_env("form.$name",$value);
 	}
     } else {
-	my $contentsep=$1;
+	my ($contentsep) = ($content_type =~ /boundary=\"?([^\";,]+)\"?/);
 	my @lines = split (/\n/,$buffer);
 	my $name='';
 	my $value='';
@@ -83,7 +87,7 @@ sub get_posted_cgi {
 	my $fmime='';
 	my $i;
 	for ($i=0;$i<=$#lines;$i++) {
-	    if ($lines[$i]=~/^\Q$contentsep\E/) {
+	    if ($lines[$i]=~/^--\Q$contentsep\E/) {
 		if ($name) {
 		    chomp($value);
 		    if ($fname) {
@@ -92,6 +96,9 @@ sub get_posted_cgi {
 		    } else {
 			$value=~s/\s+$//s;
 		    }
+                    if (ref($fields) eq 'ARRAY') {
+                        next if (!grep(/^\Q$name\E$/,@{$fields}));
+                    }
 		    &Apache::loncommon::add_to_env("form.$name",$value);
 		}
 		if ($i<$#lines) {
@@ -196,7 +203,24 @@ sub sso_login {
 	&Apache::lonnet::logthis(" SSO authorized unknown user $user ");
         $r->subprocess_env->set('SSOUserUnknown' => $user);
         $r->subprocess_env->set('SSOUserDomain' => $domain);
-	$r->internal_redirect($r->dir_config('lonSSOUserUnknownRedirect'));
+        my @cancreate;
+        my %domconfig =
+            &Apache::lonnet::get_dom('configuration',['usercreation'],$domain);
+        if (ref($domconfig{'usercreation'}) eq 'HASH') {
+            if (ref($domconfig{'usercreation'}{'cancreate'}) eq 'HASH') {
+                if (ref($domconfig{'usercreation'}{'cancreate'}{'selfcreate'}) eq 'ARRAY') {
+                    @cancreate = @{$domconfig{'usercreation'}{'cancreate'}{'selfcreate'}};
+                } elsif (($domconfig{'usercreation'}{'cancreate'}{'selfcreate'} ne 'none') && 
+                         ($domconfig{'usercreation'}{'cancreate'}{'selfcreate'} ne '')) {
+                    @cancreate = ($domconfig{'usercreation'}{'cancreate'}{'selfcreate'});
+                }
+            }
+        }
+        if (grep(/^sso$/,@cancreate)) {
+            $r->internal_redirect('/adm/createaccount');
+        } else {
+	    $r->internal_redirect($r->dir_config('lonSSOUserUnknownRedirect'));
+        }
 	$r->set_handlers('PerlHandler'=> undef);
 	return OK;
     }