Diff for /loncom/auth/lonauth.pm between versions 1.60 and 1.62

version 1.60, 2003/11/21 22:10:25 version 1.62, 2004/03/16 20:42:50
Line 231  ENDFHEADER Line 231  ENDFHEADER
 <head>  <head>
 <title>Unsuccessful Login to the LearningOnline Network with CAPA</title>  <title>Unsuccessful Login to the LearningOnline Network with CAPA</title>
 </head>  </head>
 <html>  
 $bodytag  $bodytag
 <h1>Sorry ...</h1>  <h1>Sorry ...</h1>
 <p><b>$message</b></p>  <p><b>$message</b></p>
Line 268  ENDRFHEADER Line 267  ENDRFHEADER
 <head>  <head>
 <title>Rerouting Login to the LearningOnline Network with CAPA</title>  <title>Rerouting Login to the LearningOnline Network with CAPA</title>
 </head>  </head>
 <html>  
 $bodytag  $bodytag
 <h1>Sorry ...</h1>  <h1>Sorry ...</h1>
 Please <a href="/">log in again</a>.  Please <a href="/">log in again</a>.
Line 310  ENDFHEADER Line 308  ENDFHEADER
 <head>  <head>
 <title>Already logged in</title>  <title>Already logged in</title>
 </head>  </head>
 <html>  
 $bodytag  $bodytag
 <h1>You are already logged in</h1>  <h1>You are already logged in</h1>
 <p>Please either <a href="/adm/roles">continue the current session</a> or  <p>Please either <a href="/adm/roles">continue the current session</a> or
Line 344  ENDFAILED Line 341  ENDFAILED
  failed($r,'Username, password and domain need to be specified.');   failed($r,'Username, password and domain need to be specified.');
         return OK;          return OK;
     }      }
   
   # split user logging in and "su"-user
   
       ($FORM{'uname'},$FORM{'suname'})=split(/\:/,$FORM{'uname'});
     $FORM{'uname'} =~ s/\W//g;      $FORM{'uname'} =~ s/\W//g;
       $FORM{'suname'} =~ s/\W//g;
     $FORM{'udom'}  =~ s/\W//g;      $FORM{'udom'}  =~ s/\W//g;
   
     my $role   = $r->dir_config('lonRole');      my $role   = $r->dir_config('lonRole');
Line 401  ENDFAILED Line 403  ENDFAILED
  ($firsturl=~/^\/adm\/(logout|remote)/)) {   ($firsturl=~/^\/adm\/(logout|remote)/)) {
  $firsturl='/adm/roles';   $firsturl='/adm/roles';
     }      }
   # --------------------------------- Are we attempting to login as somebody else?
     success($r,$FORM{'uname'},$FORM{'udom'},$authhost,$firsturl);      if ($FORM{'suname'}) {
   # ------------ see if the original user has enough privileges to pull this stunt
    if (&Apache::lonnet::privileged($FORM{'uname'},$FORM{'udom'})) {
   # ---------------------------------------------------- see if the su-user exists
       unless (&Apache::lonnet::homeserver($FORM{'suname'},$FORM{'udom'})
    eq 'no_host') {
    &Apache::lonnet::logthis(&Apache::lonnet::homeserver($FORM{'suname'},$FORM{'udom'}));
   # ------------------------------ see if the su-user is not too highly privileged
    unless (&Apache::lonnet::privileged($FORM{'suname'},$FORM{'udom'})) {
   # -------------------------------------------------------- actually switch users
       &Apache::lonnet::logperm('User '.$FORM{'uname'}.' at '.$FORM{'udom'}.
    ' logging in as '.$FORM{'suname'});
       $FORM{'uname'}=$FORM{'suname'};
    } else {
       &Apache::lonnet::logthis('Attempted switch user to privileged user');
    }
       }
    } else {
       &Apache::lonnet::logthis('Non-privileged user attempting switch user');
    }
       }
       &success($r,$FORM{'uname'},$FORM{'udom'},$authhost,$firsturl);
     return OK;      return OK;
 }  }
   

Removed from v.1.60  
changed lines
  Added in v.1.62


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>