--- loncom/auth/lonacc.pm	2000/01/14 21:12:40	1.5
+++ loncom/auth/lonacc.pm	2000/06/05 20:28:17	1.6
@@ -1,13 +1,14 @@
 # The LearningOnline Network
 # Cookie Based Access Handler
 # 5/21/99,5/22,5/29,5/31,6/15,16/11,22/11,
-# 01/06,01/13 Gerd Kortemeyer
+# 01/06,01/13,05/31,06/01 Gerd Kortemeyer
 
 package Apache::lonacc;
 
 use strict;
-use Apache::Constants qw(:common);
+use Apache::Constants qw(:common :http);
 use Apache::File;
+use Apache::lonnet;
 use CGI::Cookie();
 
 sub handler {
@@ -21,6 +22,9 @@ sub handler {
         $handle=~s/\W//g;
         my $lonidsdir=$r->dir_config('lonIDsDir');
         if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
+
+# ------------------------------------------- Transfer profile into environment
+
             my @profile;
 	    {
              my $idf=Apache::File->new("$lonidsdir/$handle.id");
@@ -31,37 +35,46 @@ sub handler {
 		chomp($profile[$envi]);
 		my ($envname,$envvalue)=split(/=/,$profile[$envi]);
                 $r->subprocess_env("$envname" => "$envvalue");
+                $ENV{$envname}=$envvalue;
             }
             $r->subprocess_env("user.environment" => "$lonidsdir/$handle.id",
                                "request.state"    => "published",
                                "request.filename" => $r->filename);
+
+# -------------------------------------------------------- Load POST parameters
+
             my $buffer;
+
             $r->read($buffer,$r->header_in('Content-length'));
             my @pairs=split(/&/,$buffer);
-            my $pair; my $name; my $value;
+            my $pair;
             foreach $pair (@pairs) {
-               ($name,$value) = split(/=/,$pair);
+               my ($name,$value) = split(/=/,$pair);
+               $value =~ tr/+/ /;
+               $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
                $r->subprocess_env("form.$name" => $value);
+            }
+
+
+# ---------------------------------------------------------------- Check access
+
+            if ($requrl!~/^\/adm\//) {
+               if (&Apache::lonnet::allowed('bre',$requrl) eq '') {
+		  $ENV{'user.error.msg'}="$requrl:bre:1:1:Access denied";
+                  return HTTP_NOT_ACCEPTABLE; 
+               }
             } 
             return OK; 
         } else { 
             $r->log_reason("Cookie $handle not valid", $r->filename) 
         };
     }
-    $cookie=CGI::Cookie->new(-name  => 'lonURL',
-                             -value => $requrl, 
-                             -path  => '/');
-    $r->err_headers_out->add('Set-Cookie' => $cookie);
+
+# ----------------------------------------------- Store where they wanted to go
+
+    $ENV{'request.firsturl'}=$requrl;
     return FORBIDDEN;
 }
 
 1;
 __END__
-
-
-
-
-
-
-
-