--- loncom/auth/lonacc.pm 1999/11/22 17:23:13 1.3
+++ loncom/auth/lonacc.pm 2000/11/06 16:30:21 1.13
@@ -1,12 +1,14 @@
# The LearningOnline Network
# Cookie Based Access Handler
-# 5/21/99,5/22,5/29,5/31,6/15,16/11 Gerd Kortemeyer
+# 5/21/99,5/22,5/29,5/31,6/15,16/11,22/11,
+# 01/06,01/13,05/31,06/01,09/06,09/25,09/28,10/30,11/6 Gerd Kortemeyer
package Apache::lonacc;
use strict;
-use Apache::Constants qw(:common);
+use Apache::Constants qw(:common :http :methods);
use Apache::File;
+use Apache::lonnet;
use CGI::Cookie();
sub handler {
@@ -20,6 +22,9 @@ sub handler {
$handle=~s/\W//g;
my $lonidsdir=$r->dir_config('lonIDsDir');
if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
+
+# ------------------------------------------- Transfer profile into environment
+
my @profile;
{
my $idf=Apache::File->new("$lonidsdir/$handle.id");
@@ -29,29 +34,67 @@ sub handler {
for ($envi=0;$envi<=$#profile;$envi++) {
chomp($profile[$envi]);
my ($envname,$envvalue)=split(/=/,$profile[$envi]);
- $r->subprocess_env("profile.$envname" => "$envvalue");
+ $ENV{$envname} = $envvalue;
+ }
+ $ENV{'user.environment'} = "$lonidsdir/$handle.id";
+ $ENV{'request.state'} = "published";
+ $ENV{'request.filename'} = $r->filename;
+
+# --------------------- Figure out referer, first from HTTP_REFERER, then cache
+
+ my $referer='';
+ if ($referer=$r->header_in('Referer')) {
+ $ENV{'HTTP_REFERER'}=$referer;
+ } else {
+ $ENV{'HTTP_REFERER'}=$ENV{'httpref.'.$requrl};
+ }
+
+# -------------------------------------------------------- Load POST parameters
+
+
+
+ my $buffer;
+
+ $r->read($buffer,$r->header_in('Content-length'));
+ my @pairs=split(/&/,$buffer);
+ my $pair;
+ foreach $pair (@pairs) {
+ my ($name,$value) = split(/=/,$pair);
+ $value =~ tr/+/ /;
+ $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
+ $name =~ tr/+/ /;
+ $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
+ $ENV{"form.$name"}=$value;
}
- $r->subprocess_env("user.environment" => "$lonidsdir/$handle.id");
- $r->subprocess_env("request.state" => "published");
+
+ $r->method_number(M_GET);
+ $r->method('GET');
+ $r->headers_in->unset('Content-length');
+
+# ---------------------------------------------------------------- Check access
+
+ if ($requrl!~/^\/adm\//) {
+ my $access=&Apache::lonnet::allowed('bre',$requrl);
+ if ($access eq '1') {
+ $ENV{'user.error.msg'}="$requrl:bre:0:0:Choose Course";
+ return HTTP_NOT_ACCEPTABLE;
+ }
+ if (($access ne '2') && ($access ne 'F')) {
+ $ENV{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
+ return HTTP_NOT_ACCEPTABLE;
+ }
+ }
return OK;
} else {
- $r->log_reason("Cookie $handle not valid", $r->filename)
+ $r->log_reason("Cookie $handle not valid", $r->filename)
};
}
- $cookie=CGI::Cookie->new(-name => 'lonURL',
- -value => $requrl,
- -path => '/');
- $r->err_headers_out->add('Set-Cookie' => $cookie);
+
+# ----------------------------------------------- Store where they wanted to go
+
+ $ENV{'request.firsturl'}=$requrl;
return FORBIDDEN;
}
1;
__END__
-
-
-
-
-
-
-
-
500 Internal Server Error
Internal Server Error
The server encountered an internal error or
misconfiguration and was unable to complete
your request.
Please contact the server administrator at
root@localhost to inform them of the time this error occurred,
and the actions you performed just before this error.
More information about this error may be available
in the server error log.