--- loncom/auth/lonacc.pm	2017/01/21 20:40:46	1.159.2.5
+++ loncom/auth/lonacc.pm	2018/07/02 20:53:07	1.170
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Cookie Based Access Handler
 #
-# $Id: lonacc.pm,v 1.159.2.5 2017/01/21 20:40:46 raeburn Exp $
+# $Id: lonacc.pm,v 1.170 2018/07/02 20:53:07 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -159,7 +159,7 @@ sub get_posted_cgi {
                         if (length($value) == 1) {
                             $value=~s/[\r\n]$//;
                         }
-                    } elsif ($fname =~ /\.(xls|doc|ppt)x$/i) {
+                    } elsif ($fname =~ /\.(xls|doc|ppt)(x|m)$/i) {
                         $value=~s/[\r\n]$//;
                     }
                     if (ref($fields) eq 'ARRAY') {
@@ -202,6 +202,14 @@ sub get_posted_cgi {
 			$fname='';
 			$fmime='';
 		    }
+                    if ($i<$#lines && $lines[$i+1]=~/^Content\-Type\:\s*([\w\-\/]+)/i) {
+                        # TODO: something with $1 !
+                        $i++;
+                    }
+                    if ($i<$#lines && $lines[$i+1]=~/^Content\-transfer\-encoding\:\s*([\w\-\/]+)/i) {
+                        # TODO: something with $1 !
+                        $i++;
+                    }
 		    $i++;
 		}
 	    } else {
@@ -281,7 +289,6 @@ sub upload_size_allowed {
 sub sso_login {
     my ($r,$handle,$username) = @_;
 
-    my $lonidsdir=$r->dir_config('lonIDsDir');
     if (($r->user eq '') || ($username ne '') || ($r->user eq 'public:public') ||
         (defined($env{'user.name'}) && (defined($env{'user.domain'}))
 	  && ($handle ne ''))) {
@@ -366,7 +373,7 @@ sub sso_login {
 	} else {
 	    # need to login them in, so generate the need data that
 	    # migrate expects to do login
-            my $ip = $r->get_remote_host();
+	    my $ip = $r->get_remote_host();
 	    my %info=('ip'        => $ip,
 		      'domain'    => $domain,
 		      'username'  => $user,
@@ -517,7 +524,8 @@ sub handler {
             }
         } elsif ($env{'request.course.id'} &&
                  (($requrl =~ m{^/adm/$match_domain/$match_username/aboutme$}) ||
-                  ($requrl =~ m{^/public/$cdom/$cnum/syllabus$}))) {
+                  ($requrl eq "/public/$cdom/$cnum/syllabus") ||
+                  ($requrl =~ m{^/adm/$cdom/$cnum/\d+/ext\.tool$}))) {
             my $query = $r->args;
             if ($query) {
                 foreach my $pair (split(/&/,$query)) {
@@ -575,7 +583,9 @@ sub handler {
                 $env{'form.origurl'} = $r->uri;
             }
         }
-
+        if ($requrl=~m{^/+tiny/+$match_domain/+\w+$}) {
+            return OK;
+        }
 # ---------------------------------------------------------------- Check access
 	my $now = time;
 	if ($requrl !~ m{^/(?:adm|public|prtspool)/}
@@ -665,7 +675,8 @@ sub handler {
 		($requrl=~m|\.problem/smpedit$|) ||
 		($requrl=~/^\/public\/.*\/syllabus$/) ||
                 ($requrl=~/^\/adm\/(viewclasslist|navmaps)$/) ||
-                ($requrl=~/^\/adm\/.*\/aboutme\/portfolio(\?|$)/)) {
+                ($requrl=~/^\/adm\/.*\/aboutme\/portfolio(\?|$)/) ||
+                ($requrl=~m{^/adm/$cdom/$cnum/\d+/ext\.tool$})) {
 # ------------------------------------- This is serious stuff, get symb and log
 		my $symb;
 		if ($query) {
@@ -760,7 +771,7 @@ sub handler {
 # ------------------------------------ See if this is a viewable portfolio file
     if (&Apache::lonnet::is_portfolio_url($requrl)) {
         my $clientip = $r->get_remote_host();
-	my $access=&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip);
+        my $access=&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip);
 	if ($access eq 'A') {
 	    &Apache::restrictedaccess::setup_handler($r);
 	    return OK;