--- loncom/auth/lonacc.pm 2004/11/11 22:18:23 1.52 +++ loncom/auth/lonacc.pm 2005/02/21 18:22:04 1.60.2.1 @@ -1,7 +1,7 @@ # The LearningOnline Network # Cookie Based Access Handler # -# $Id: lonacc.pm,v 1.52 2004/11/11 22:18:23 raeburn Exp $ +# $Id: lonacc.pm,v 1.60.2.1 2005/02/21 18:22:04 albertel Exp $ # # Copyright Michigan State University Board of Trustees # @@ -52,6 +52,9 @@ sub handler { my $r = shift; my $requrl=$r->uri; my %cookies=CGI::Cookie->parse($r->header_in('Cookie')); + if ($r->header_in('User-Agent')=~/NSDL\_Search\_Bot/) { + return OK; + } my $lonid=$cookies{'lonID'}; my $cookie; if ($lonid) { @@ -109,6 +112,7 @@ sub handler { if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') || ($requrl=~/^\/adm\/.*\/(aboutme|navmaps|smppg|bulletinboard)(\?|$)/) || ($requrl=~/^\/adm\/wrapper\//) || + ($requrl=~m|\.problem/smpedit$|) || ($requrl=~/^\/public\/.*\/syllabus$/)) { # ------------------------------------- This is serious stuff, get symb and log my $query=$r->args; @@ -122,7 +126,9 @@ sub handler { my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb); &Apache::lonnet::symblist($map,$murl => $mid, 'last_known' => $murl); - } elsif (&Apache::lonnet::symbverify($symb,$requrl)) { + } elsif ((&Apache::lonnet::symbverify($symb,$requrl)) || + (($requrl=~m|(.*)/smpedit$|) && + &Apache::lonnet::symbverify($symb,$1))) { my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb); &Apache::lonnet::symblist($map,$murl => $mid, 'last_known' => $murl); @@ -135,6 +141,13 @@ sub handler { } } else { $symb=&Apache::lonnet::symbread($requrl); + if (&Apache::lonnet::is_on_map($requrl) && $symb && + !&Apache::lonnet::symbverify($symb,$requrl)) { + $r->log_reason('Invalid symb for '.$requrl.': '.$symb); + $ENV{'user.error.msg'}= + "$requrl:bre:1:1:Invalid Access"; + return HTTP_NOT_ACCEPTABLE; + } my ($map,$mid,$murl)=split(/\_\_\_/,$symb); &Apache::lonnet::symblist($map,$murl => $mid, 'last_known' => $murl); @@ -156,29 +169,36 @@ sub handler { if ($requrl=~m|^/public/| || (&Apache::lonnet::metadata($requrl,'copyright') eq 'public')) { &Apache::lonnet::logthis('Granting public access: '.$requrl); - my $buffer; - $r->read($buffer,$r->header_in('Content-length'),0); - &Apache::loncommon::get_unprocessed_cgi($buffer); + &Apache::loncommon::get_posted_cgi($r); $ENV{'user.name'}='public'; $ENV{'user.domain'}='public'; $ENV{'request.state'} = "published"; $ENV{'request.publicaccess'} = 1; $ENV{'request.filename'} = $r->filename; + my ($httpbrowser, $clientbrowser, $clientversion, + $clientmathml, $clientunicode, $clientos) = + &Apache::loncommon::decode_user_agent($r); + $ENV{'browser.type'}=$clientbrowser; + $ENV{'browser.version'}=$clientversion; + $ENV{'browser.mathml'}=$clientmathml; + $ENV{'browser.unicode'}=$clientunicode; + $ENV{'browser.os'}=$clientos; + return OK; } # -------------------------------------------------------------- Not authorized $requrl=~/\.(\w+)$/; - if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') || - ($requrl=~/^\/adm\/(roles|logout|email|menu|remote)/) || - ($requrl=~m|^/prtspool/|)) { +# if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') || +# ($requrl=~/^\/adm\/(roles|logout|email|menu|remote)/) || +# ($requrl=~m|^/prtspool/|)) { # -------------------------- Store where they wanted to go and get login screen $ENV{'request.querystring'}=$r->args; $ENV{'request.firsturl'}=$requrl; return FORBIDDEN; - } else { +# } else { # --------------------------------------------------------------------- Goodbye - return HTTP_BAD_REQUEST; - } +# return HTTP_BAD_REQUEST; +# } } 1;