version 1.159.2.8.2.3, 2020/09/02 02:21:37
|
version 1.175, 2019/01/27 16:02:43
|
Line 102 use Apache::loncommon();
|
Line 102 use Apache::loncommon();
|
use Apache::lonlocal; |
use Apache::lonlocal; |
use Apache::restrictedaccess(); |
use Apache::restrictedaccess(); |
use Apache::blockedaccess(); |
use Apache::blockedaccess(); |
|
use Apache::lonprotected(); |
use Fcntl qw(:flock); |
use Fcntl qw(:flock); |
use LONCAPA qw(:DEFAULT :match); |
use LONCAPA qw(:DEFAULT :match); |
|
|
Line 202 sub get_posted_cgi {
|
Line 203 sub get_posted_cgi {
|
$fname=''; |
$fname=''; |
$fmime=''; |
$fmime=''; |
} |
} |
|
if ($i<$#lines && $lines[$i+1]=~/^Content\-Type\:\s*([\w\-\/]+)/i) { |
|
# TODO: something with $1 ! |
|
$i++; |
|
} |
|
if ($i<$#lines && $lines[$i+1]=~/^Content\-transfer\-encoding\:\s*([\w\-\/]+)/i) { |
|
# TODO: something with $1 ! |
|
$i++; |
|
} |
$i++; |
$i++; |
} |
} |
} else { |
} else { |
Line 377 sub sso_login {
|
Line 386 sub sso_login {
|
} else { |
} else { |
# need to login them in, so generate the need data that |
# need to login them in, so generate the need data that |
# migrate expects to do login |
# migrate expects to do login |
my $ip = $r->get_remote_host(); |
my $ip = $r->get_remote_host(); |
my %info=('ip' => $ip, |
my %info=('ip' => $ip, |
'domain' => $domain, |
'domain' => $domain, |
'username' => $user, |
'username' => $user, |
Line 528 sub handler {
|
Line 537 sub handler {
|
} |
} |
} elsif ($env{'request.course.id'} && |
} elsif ($env{'request.course.id'} && |
(($requrl =~ m{^/adm/$match_domain/$match_username/aboutme$}) || |
(($requrl =~ m{^/adm/$match_domain/$match_username/aboutme$}) || |
($requrl =~ m{^/public/$cdom/$cnum/syllabus$}))) { |
($requrl eq "/public/$cdom/$cnum/syllabus") || |
|
($requrl =~ m{^/adm/$cdom/$cnum/\d+/ext\.tool$}))) { |
my $query = $r->args; |
my $query = $r->args; |
if ($query) { |
if ($query) { |
foreach my $pair (split(/&/,$query)) { |
foreach my $pair (split(/&/,$query)) { |
Line 599 sub handler {
|
Line 609 sub handler {
|
} |
} |
} |
} |
if ($requrl=~m{^/+tiny/+$match_domain/+\w+$}) { |
if ($requrl=~m{^/+tiny/+$match_domain/+\w+$}) { |
if ($env{'user.name'} eq 'public' && |
return OK; |
$env{'user.domain'} eq 'public') { |
|
$env{'request.firsturl'}=$requrl; |
|
return FORBIDDEN; |
|
} else { |
|
return OK; |
|
} |
|
} |
} |
|
|
# ---------------------------------------------------------------- Check access |
# ---------------------------------------------------------------- Check access |
my $now = time; |
my $now = time; |
if ($requrl !~ m{^/(?:adm|public|(?:prt|zip)spool)/} |
if ($requrl !~ m{^/(?:adm|public|prtspool)/} |
|| $requrl =~ /^\/adm\/.*\/(smppg|bulletinboard)(\?|$ )/x) { |
|| $requrl =~ /^\/adm\/.*\/(smppg|bulletinboard)(\?|$ )/x) { |
my $access=&Apache::lonnet::allowed('bre',$requrl); |
my $access=&Apache::lonnet::allowed('bre',$requrl); |
if ($handle eq '') { |
if ($handle eq '') { |
Line 632 sub handler {
|
Line 635 sub handler {
|
&Apache::blockedaccess::setup_handler($r); |
&Apache::blockedaccess::setup_handler($r); |
return OK; |
return OK; |
} |
} |
|
if ($access eq 'D') { |
|
&Apache::lonprotected::setup_handler($r); |
|
return OK; |
|
} |
if (($access ne '2') && ($access ne 'F')) { |
if (($access ne '2') && ($access ne 'F')) { |
if ($requrl =~ m{^/res/}) { |
if ($requrl =~ m{^/res/}) { |
$access = &Apache::lonnet::allowed('bro',$requrl); |
$access = &Apache::lonnet::allowed('bro',$requrl); |
Line 697 sub handler {
|
Line 704 sub handler {
|
($requrl=~m|\.problem/smpedit$|) || |
($requrl=~m|\.problem/smpedit$|) || |
($requrl=~/^\/public\/.*\/syllabus$/) || |
($requrl=~/^\/public\/.*\/syllabus$/) || |
($requrl=~/^\/adm\/(viewclasslist|navmaps)$/) || |
($requrl=~/^\/adm\/(viewclasslist|navmaps)$/) || |
($requrl=~/^\/adm\/.*\/aboutme\/portfolio(\?|$)/)) { |
($requrl=~/^\/adm\/.*\/aboutme\/portfolio(\?|$)/) || |
|
($requrl=~m{^/adm/$cdom/$cnum/\d+/ext\.tool$})) { |
# ------------------------------------- This is serious stuff, get symb and log |
# ------------------------------------- This is serious stuff, get symb and log |
my $symb; |
my $symb; |
if ($query) { |
if ($query) { |
Line 705 sub handler {
|
Line 713 sub handler {
|
} |
} |
if ($env{'form.symb'}) { |
if ($env{'form.symb'}) { |
$symb=&Apache::lonnet::symbclean($env{'form.symb'}); |
$symb=&Apache::lonnet::symbclean($env{'form.symb'}); |
if ($requrl eq '/adm/navmaps') { |
if ($requrl =~ m|^/adm/wrapper/| |
my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb); |
|
&Apache::lonnet::symblist($map,$murl => [$murl,$mid]); |
|
} elsif ($requrl =~ m|^/adm/wrapper/| |
|
|| $requrl =~ m|^/adm/coursedocs/showdoc/|) { |
|| $requrl =~ m|^/adm/coursedocs/showdoc/|) { |
my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb); |
my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb); |
if ($map =~ /\.page$/) { |
|
my $mapsymb = &Apache::lonnet::symbread($map); |
|
($map,$mid,$murl)=&Apache::lonnet::decode_symb($mapsymb); |
|
} |
|
&Apache::lonnet::symblist($map,$murl => [$murl,$mid], |
&Apache::lonnet::symblist($map,$murl => [$murl,$mid], |
'last_known' =>[$murl,$mid]); |
'last_known' =>[$murl,$mid]); |
} elsif ((&Apache::lonnet::symbverify($symb,$requrl)) || |
} elsif ((&Apache::lonnet::symbverify($symb,$requrl)) || |
Line 723 sub handler {
|
Line 724 sub handler {
|
(($requrl=~m|(.*/aboutme)/portfolio$|) && |
(($requrl=~m|(.*/aboutme)/portfolio$|) && |
&Apache::lonnet::symbverify($symb,$1))) { |
&Apache::lonnet::symbverify($symb,$1))) { |
my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb); |
my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb); |
if (($map =~ /\.page$/) && ($requrl !~ /\.page$/)) { |
|
my $mapsymb = &Apache::lonnet::symbread($map); |
|
($map,$mid,$murl)=&Apache::lonnet::decode_symb($mapsymb); |
|
} |
|
&Apache::lonnet::symblist($map,$murl => [$murl,$mid], |
&Apache::lonnet::symblist($map,$murl => [$murl,$mid], |
'last_known' =>[$murl,$mid]); |
'last_known' =>[$murl,$mid]); |
} else { |
} else { |
Line 752 sub handler {
|
Line 749 sub handler {
|
if ($symb) { |
if ($symb) { |
my ($map,$mid,$murl)= |
my ($map,$mid,$murl)= |
&Apache::lonnet::decode_symb($symb); |
&Apache::lonnet::decode_symb($symb); |
if ($requrl eq '/adm/navmaps') { |
&Apache::lonnet::symblist($map,$murl =>[$murl,$mid], |
&Apache::lonnet::symblist($map,$murl =>[$murl,$mid]); |
'last_known' =>[$murl,$mid]); |
} else { |
|
if (($map =~ /\.page$/) && ($requrl !~ /\.page$/)) { |
|
my $mapsymb = &Apache::lonnet::symbread($map); |
|
($map,$mid,$murl)=&Apache::lonnet::decode_symb($mapsymb); |
|
} |
|
&Apache::lonnet::symblist($map,$murl =>[$murl,$mid], |
|
'last_known' =>[$murl,$mid]); |
|
} |
|
} |
} |
} |
} |
} |
} |
Line 811 sub handler {
|
Line 800 sub handler {
|
# ------------------------------------ See if this is a viewable portfolio file |
# ------------------------------------ See if this is a viewable portfolio file |
if (&Apache::lonnet::is_portfolio_url($requrl)) { |
if (&Apache::lonnet::is_portfolio_url($requrl)) { |
my $clientip = $r->get_remote_host(); |
my $clientip = $r->get_remote_host(); |
my $access=&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip); |
my $access=&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip); |
if ($access eq 'A') { |
if ($access eq 'A') { |
&Apache::restrictedaccess::setup_handler($r); |
&Apache::restrictedaccess::setup_handler($r); |
return OK; |
return OK; |