--- loncom/auth/lonacc.pm 2004/04/23 23:01:36 1.51 +++ loncom/auth/lonacc.pm 2005/02/08 01:20:11 1.62 @@ -1,7 +1,7 @@ # The LearningOnline Network # Cookie Based Access Handler # -# $Id: lonacc.pm,v 1.51 2004/04/23 23:01:36 albertel Exp $ +# $Id: lonacc.pm,v 1.62 2005/02/08 01:20:11 albertel Exp $ # # Copyright Michigan State University Board of Trustees # @@ -109,6 +109,7 @@ sub handler { if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') || ($requrl=~/^\/adm\/.*\/(aboutme|navmaps|smppg|bulletinboard)(\?|$)/) || ($requrl=~/^\/adm\/wrapper\//) || + ($requrl=~m|\.problem/smpedit$|) || ($requrl=~/^\/public\/.*\/syllabus$/)) { # ------------------------------------- This is serious stuff, get symb and log my $query=$r->args; @@ -118,7 +119,13 @@ sub handler { } if ($ENV{'form.symb'}) { $symb=&Apache::lonnet::symbclean($ENV{'form.symb'}); - if (&Apache::lonnet::symbverify($symb,$requrl)) { + if ($requrl =~ m|^/adm/wrapper/|) { + my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb); + &Apache::lonnet::symblist($map,$murl => $mid, + 'last_known' => $murl); + } elsif ((&Apache::lonnet::symbverify($symb,$requrl)) || + (($requrl=~m|(.*)/smpedit$|) && + &Apache::lonnet::symbverify($symb,$1))) { my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb); &Apache::lonnet::symblist($map,$murl => $mid, 'last_known' => $murl); @@ -131,9 +138,18 @@ sub handler { } } else { $symb=&Apache::lonnet::symbread($requrl); - my ($map,$mid,$murl)=split(/\_\_\_/,$symb); - &Apache::lonnet::symblist($map,$murl => $mid, - 'last_known' => $murl); + if (&Apache::lonnet::is_on_map($requrl) && $symb && + !&Apache::lonnet::symbverify($symb,$requrl)) { + $r->log_reason('Invalid symb for '.$requrl.': '.$symb); + $ENV{'user.error.msg'}= + "$requrl:bre:1:1:Invalid Access"; + return HTTP_NOT_ACCEPTABLE; + } + if ($symb) { + my ($map,$mid,$murl)=split(/\_\_\_/,$symb); + &Apache::lonnet::symblist($map,$murl => $mid, + 'last_known' => $murl); + } } $ENV{'request.symb'}=$symb; &Apache::lonnet::courseacclog($symb); @@ -152,29 +168,36 @@ sub handler { if ($requrl=~m|^/public/| || (&Apache::lonnet::metadata($requrl,'copyright') eq 'public')) { &Apache::lonnet::logthis('Granting public access: '.$requrl); - my $buffer; - $r->read($buffer,$r->header_in('Content-length'),0); - &Apache::loncommon::get_unprocessed_cgi($buffer); + &Apache::loncommon::get_posted_cgi($r); $ENV{'user.name'}='public'; $ENV{'user.domain'}='public'; $ENV{'request.state'} = "published"; $ENV{'request.publicaccess'} = 1; $ENV{'request.filename'} = $r->filename; + my ($httpbrowser, $clientbrowser, $clientversion, + $clientmathml, $clientunicode, $clientos) = + &Apache::loncommon::decode_user_agent($r); + $ENV{'browser.type'}=$clientbrowser; + $ENV{'browser.version'}=$clientversion; + $ENV{'browser.mathml'}=$clientmathml; + $ENV{'browser.unicode'}=$clientunicode; + $ENV{'browser.os'}=$clientos; + return OK; } # -------------------------------------------------------------- Not authorized $requrl=~/\.(\w+)$/; - if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') || - ($requrl=~/^\/adm\/(roles|logout|email|menu|remote)/) || - ($requrl=~m|^/prtspool/|)) { +# if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') || +# ($requrl=~/^\/adm\/(roles|logout|email|menu|remote)/) || +# ($requrl=~m|^/prtspool/|)) { # -------------------------- Store where they wanted to go and get login screen $ENV{'request.querystring'}=$r->args; $ENV{'request.firsturl'}=$requrl; return FORBIDDEN; - } else { +# } else { # --------------------------------------------------------------------- Goodbye - return HTTP_BAD_REQUEST; - } +# return HTTP_BAD_REQUEST; +# } } 1;