--- loncom/auth/lonacc.pm 2016/08/05 20:27:18 1.159.2.2 +++ loncom/auth/lonacc.pm 2016/08/16 20:17:49 1.164 @@ -1,7 +1,7 @@ # The LearningOnline Network # Cookie Based Access Handler # -# $Id: lonacc.pm,v 1.159.2.2 2016/08/05 20:27:18 raeburn Exp $ +# $Id: lonacc.pm,v 1.164 2016/08/16 20:17:49 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -202,6 +202,14 @@ sub get_posted_cgi { $fname=''; $fmime=''; } + if ($i<$#lines && $lines[$i+1]=~/^Content\-Type\:\s*([\w\-\/]+)/i) { + # TODO: something with $1 ! + $i++; + } + if ($i<$#lines && $lines[$i+1]=~/^Content\-transfer\-encoding\:\s*([\w\-\/]+)/i) { + # TODO: something with $1 ! + $i++; + } $i++; } } else { @@ -352,14 +360,7 @@ sub sso_login { } else { # need to login them in, so generate the need data that # migrate expects to do login - my $ip; - my $c = $r->connection; - eval { - $ip = $c->remote_ip(); - }; - if ($@) { - $ip = $c->client_ip(); - } + my $ip = $r->get_remote_host(); my %info=('ip' => $ip, 'domain' => $domain, 'username' => $user, @@ -605,6 +606,12 @@ sub handler { return HTTP_NOT_ACCEPTABLE; } } + } elsif (($handle =~ /^publicuser_\d+$/) && (&Apache::lonnet::is_portfolio_url($requrl))) { + my $clientip = $r->get_remote_host(); + if (&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip) ne 'F') { + $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied"; + return HTTP_NOT_ACCEPTABLE; + } } else { $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied"; return HTTP_NOT_ACCEPTABLE; @@ -743,7 +750,8 @@ sub handler { } # ------------------------------------ See if this is a viewable portfolio file if (&Apache::lonnet::is_portfolio_url($requrl)) { - my $access=&Apache::lonnet::allowed('bre',$requrl); + my $clientip = $r->get_remote_host(); + my $access=&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip); if ($access eq 'A') { &Apache::restrictedaccess::setup_handler($r); return OK;