--- loncom/auth/lonacc.pm	2007/11/06 02:42:40	1.113
+++ loncom/auth/lonacc.pm	2008/12/31 20:22:47	1.116.2.2
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Cookie Based Access Handler
 #
-# $Id: lonacc.pm,v 1.113 2007/11/06 02:42:40 albertel Exp $
+# $Id: lonacc.pm,v 1.116.2.2 2008/12/31 20:22:47 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -57,7 +57,7 @@ sub goodbye {
 ###############################################
 
 sub get_posted_cgi {
-    my ($r) = @_;
+    my ($r,$fields) = @_;
 
     my $buffer;
     if ($r->header_in('Content-length')) {
@@ -73,6 +73,9 @@ sub get_posted_cgi {
 	    $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
 	    $name  =~ tr/+/ /;
 	    $name  =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
+            if (ref($fields) eq 'ARRAY') {
+                next if (!grep(/^\Q$name\E$/,@{$fields}));
+            }
 	    &Apache::loncommon::add_to_env("form.$name",$value);
 	}
     } else {
@@ -87,13 +90,26 @@ sub get_posted_cgi {
 	    if ($lines[$i]=~/^--\Q$contentsep\E/) {
 		if ($name) {
 		    chomp($value);
+                    if (ref($fields) eq 'ARRAY') {
+                        next if (!grep(/^\Q$name\E$/,@{$fields}));
+                    }
 		    if ($fname) {
-			$env{"form.$name.filename"}=$fname;
-			$env{"form.$name.mimetype"}=$fmime;
+                        if ($env{'form.symb'} ne '') {
+                            my $size = (length($value))/(1024.0 * 1024.0);
+                            if (&upload_size_allowed($name,$size,$fname) eq 'ok') {
+                                $env{"form.$name.filename"}=$fname;
+                                $env{"form.$name.mimetype"}=$fmime;
+                                &Apache::loncommon::add_to_env("form.$name",$value);
+                            }
+                        } else {
+			    $env{"form.$name.filename"}=$fname;
+			    $env{"form.$name.mimetype"}=$fmime;
+                            &Apache::loncommon::add_to_env("form.$name",$value);
+                        }
 		    } else {
 			$value=~s/\s+$//s;
+                        &Apache::loncommon::add_to_env("form.$name",$value);
 		    }
-		    &Apache::loncommon::add_to_env("form.$name",$value);
 		}
 		if ($i<$#lines) {
 		    $i++;
@@ -139,6 +155,34 @@ sub get_posted_cgi {
     $r->headers_in->unset('Content-length');
 }
 
+#
+# Perform size checks for file uploads to essayresponse items in course context.
+#
+# Add form.HWFILESIZE.$part_$id to %env with file size (MB)
+# If file exceeds maximum allowed size, add form.HWFILETOOBIG.$part_$id to %env.
+#
+
+sub upload_size_allowed {
+    my ($name,$size,$fname) = @_;
+    if ($name =~ /^HWFILE(\w+)$/) {
+        my $ident = $1;
+        my $item = 'HWFILESIZE'.$ident;
+        my $savesize = sprintf("%.6f",$size);
+        &Apache::loncommon::add_to_env("form.$item",$savesize);
+        my $maxsize= &Apache::lonnet::EXT("resource.$ident.maxfilesize");
+        if (!$maxsize) {
+            $maxsize = 10.0; # FIXME This should become a domain configuration.
+        }
+        if ($size > $maxsize) {
+            my $warn = 'HWFILETOOBIG'.$ident;
+            &Apache::loncommon::add_to_env("form.$warn",$fname);
+            return;
+        }
+    }
+    return 'ok';
+}
+
+
 # handle the case of the single sign on user, at this point $r->user 
 # will be set and valid now need to find the loncapa user info and possibly
 # balance them
@@ -181,6 +225,9 @@ sub sso_login {
 		      'server'    => $r->dir_config('lonHostID'),
 		      'sso.login' => 1
 		      );
+            if ($r->dir_config("ssodirecturl") == 1) {
+                $info{'origurl'} = $r->uri;
+            }
             if (defined($r->dir_config("lonSSOReloginServer"))) {
                 $info{'sso.reloginserver'} = 
                     $r->dir_config('lonSSOReloginServer'); 
@@ -197,7 +244,24 @@ sub sso_login {
 	&Apache::lonnet::logthis(" SSO authorized unknown user $user ");
         $r->subprocess_env->set('SSOUserUnknown' => $user);
         $r->subprocess_env->set('SSOUserDomain' => $domain);
-	$r->internal_redirect($r->dir_config('lonSSOUserUnknownRedirect'));
+        my @cancreate;
+        my %domconfig =
+            &Apache::lonnet::get_dom('configuration',['usercreation'],$domain);
+        if (ref($domconfig{'usercreation'}) eq 'HASH') {
+            if (ref($domconfig{'usercreation'}{'cancreate'}) eq 'HASH') {
+                if (ref($domconfig{'usercreation'}{'cancreate'}{'selfcreate'}) eq 'ARRAY') {
+                    @cancreate = @{$domconfig{'usercreation'}{'cancreate'}{'selfcreate'}};
+                } elsif (($domconfig{'usercreation'}{'cancreate'}{'selfcreate'} ne 'none') && 
+                         ($domconfig{'usercreation'}{'cancreate'}{'selfcreate'} ne '')) {
+                    @cancreate = ($domconfig{'usercreation'}{'cancreate'}{'selfcreate'});
+                }
+            }
+        }
+        if (grep(/^sso$/,@cancreate)) {
+            $r->internal_redirect('/adm/createaccount');
+        } else {
+	    $r->internal_redirect($r->dir_config('lonSSOUserUnknownRedirect'));
+        }
 	$r->set_handlers('PerlHandler'=> undef);
 	return OK;
     }
@@ -211,12 +275,15 @@ sub handler {
         return OK;
     }
 
-    
+    if ($requrl =~ m{^/res/adm/pages/[^/]+\.(gif|png)$}) {
+        return OK;
+    }
+ 
     my $handle = &Apache::lonnet::check_for_valid_session($r);
 
     my $result = &sso_login($r,$handle);
     if (defined($result)) {
-	return $result
+	return $result;
     }