--- loncom/auth/lonauth.pm	2011/09/29 13:43:22	1.119
+++ loncom/auth/lonauth.pm	2013/12/20 14:54:34	1.129
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # User Authentication Module
 #
-# $Id: lonauth.pm,v 1.119 2011/09/29 13:43:22 raeburn Exp $
+# $Id: lonauth.pm,v 1.129 2013/12/20 14:54:34 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -103,7 +103,7 @@ sub success {
         if ($destsymb =~ /___/) {
             # FIXME Need to deal with encrypted symbs and urls as needed.
             my ($map,$resid,$desturl)=split(/___/,$destsymb);
-            unless ($desturl=~/^(adm|uploaded|editupload|public)/) {
+            unless ($desturl=~/^(adm|editupload|public)/) {
                 $desturl = &Apache::lonnet::clutter($desturl);
             }
             $desturl = &HTML::Entities::encode($desturl,'"<>&');
@@ -139,15 +139,19 @@ sub success {
     my %lt=&Apache::lonlocal::texthash(
 				       'wel' => 'Welcome',
 				       'pro' => 'Login problems?',
-				       'log' => 'loginproblems.html',
 				       );
+    my $loginhelp = &loginhelpdisplay($domain);
+    if ($loginhelp) {
+        $loginhelp = '<p><a href="'.$loginhelp.'">'.$lt{'pro'}.'</a></p>';
+    }
+
     my $welcome = &mt('Welcome to the Learning[_1]Online[_2] Network with CAPA. Please wait while your session is being set up.','<i>','</i>'); 
     $r->print(<<ENDSUCCESS);
 $start_page
 $windowinfo
 <h1>$lt{'wel'}</h1>
-$welcome<p>
-<a href="/adm/$lt{'log'}">$lt{'pro'}</a></p>
+$welcome
+$loginhelp
 $continuelink
 $end_page
 ENDSUCCESS
@@ -157,25 +161,53 @@ ENDSUCCESS
 
 sub failed {
     my ($r,$message,$form) = @_;
-    my $start_page = &Apache::loncommon::start_page('Unsuccessful Login',undef);
-    my $retry = '/adm/login?username='.$form->{'uname'}.
-                '&domain='.$form->{'udom'};
+    (undef,undef,undef,my $clientmathml,my $clientunicode) =
+        &Apache::loncommon::decode_user_agent();
+    my $args = {};
+    if ($clientunicode && !$clientmathml) {
+        $args = {'browser.unicode' => 1};
+    }
+
+    my $start_page = &Apache::loncommon::start_page('Unsuccessful Login',undef,$args);
+    my $uname = &Apache::loncommon::cleanup_html($form->{'uname'});
+    my $udom = &Apache::loncommon::cleanup_html($form->{'udom'});
+    if (&Apache::lonnet::domain($udom,'description') eq '') {
+        undef($udom);
+    }  
+    my $retry = '/adm/login';
+    if ($uname eq $form->{'uname'}) {
+        $retry .= '?username='.$uname;
+    }
+    if ($udom) {
+        $retry .= (($retry=~/\?/)?'&amp;':'?').'domain='.$udom;
+    }
     if (exists($form->{role})) {
-        $retry .= '&role='.$form->{role};
+        my $role = &Apache::loncommon::cleanup_html($form->{role});
+        if ($role ne '') { 
+            $retry .= (($retry=~/\?/)?'&amp;':'?').'role='.$role;
+        }
     }
     if (exists($form->{symb})) {
-        $retry .= '&symb='.$form->{symb};
+        my $symb = &Apache::loncommon::cleanup_html($form->{symb});
+        if ($symb ne '') {
+            $retry .= (($retry=~/\?/)?'&amp;':'?').'symb='.$symb;
+        }
     }
-    my $end_page   = &Apache::loncommon::end_page();
+    my $end_page = &Apache::loncommon::end_page();
     &Apache::loncommon::content_type($r,'text/html');
     $r->send_http_header;
+    my $loginhelp = &loginhelpdisplay($udom);
+    if ($loginhelp) {
+        $loginhelp = '<p><a href="'.$loginhelp.'">'.&mt('Login problems?').'</a></p>';
+    }
+
     $r->print(
        $start_page
       .'<h1>'.&mt('Sorry ...').'</h1>'
       .'<p class="LC_warning">'.&mt($message).'</p>'
       .'<p>'.&mt('Please [_1]log in again[_2].','<a href="'.$retry.'">','</a>')
       .'</p>'
-      .'<p><a href="/adm/loginproblems.html">'.&mt('Login problems?').'</a></p>'
+      .$loginhelp
       .$end_page
     );
  }
@@ -186,18 +218,19 @@ sub reroute {
     my ($r) = @_;
     &Apache::loncommon::content_type($r,'text/html');
     $r->send_http_header;
-    my $msg='<h1>'.&mt('Sorry ...').'</h1>'
+    my $msg='<b>'.&mt('Sorry ...').'</b><br />'
            .&mt('Please [_1]log in again[_2].');
-    &Apache::loncommon::simple_error_page($r,'Rerouting',$msg);
+    &Apache::loncommon::simple_error_page($r,'Rerouting',$msg,{'no_auto_mt_msg' => 1});
 }
 
 # ---------------------------------------------------------------- Main handler
 
 sub handler {
     my $r = shift;
+    my $londocroot = $r->dir_config('lonDocRoot');
     my $form;
 # Are we re-routing?
-    if (-e '/home/httpd/html/lon-status/reroute.txt') {
+    if (-e "$londocroot/lon-status/reroute.txt") {
 	&reroute($r);
 	return OK;
     }
@@ -226,7 +259,7 @@ sub handler {
             }
             $r->print(
                $start_page
-              .'<h1>'.&mt('You are already logged in!').'</h1>'
+              .'<p class="LC_warning">'.&mt('You are already logged in!').'</p>'
               .'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].'
                     ,'<a href="'.$dest.'">','</a>','<a href="/adm/logout">','</a>')
               .'</p>'
@@ -249,7 +282,7 @@ sub handler {
        $value =~ tr/+/ /;
        $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
        $form{$name}=$value;
-    } 
+    }
 
     if ((!$form{'uname'}) || (!$form{'upass0'}) || (!$form{'udom'})) {
 	&failed($r,'Username, password and domain need to be specified.',
@@ -274,6 +307,12 @@ sub handler {
     my $tmpinfo=Apache::lonnet::reply('tmpget:'.$form{'logtoken'},
                                       $form{'serverid'});
 
+    my %sessiondata;
+    if ($form{'iptoken'}) {
+        %sessiondata = &Apache::lonnet::tmpget($form{'iptoken'});
+        my $delete = &Apache::lonnet::tmpdel($form{'token'});
+    }
+
     if (($tmpinfo=~/^error/) || ($tmpinfo eq 'con_lost') || 
         ($tmpinfo eq 'no_such_host')) {
 	&failed($r,'Information needed to verify your login information is missing, inaccessible or expired.',\%form);
@@ -386,6 +425,15 @@ sub handler {
 	($firsturl=~/^\/adm\/(logout|remote)/)) {
 	$firsturl='/adm/roles';
     }
+
+    my $hosthere;
+    if ($form{'iptoken'}) {
+        if (($sessiondata{'domain'} eq $form{'udom'}) &&
+            ($sessiondata{'username'} eq $form{'uname'})) {
+            $hosthere = 1;
+        }
+    }
+
 # --------------------------------- Are we attempting to login as somebody else?
     if ($form{'suname'}) {
 # ------------ see if the original user has enough privileges to pull this stunt
@@ -409,8 +457,12 @@ sub handler {
 	}
     }
 
-    my ($is_balancer,$otherserver) = 
-        &Apache::lonnet::check_loadbalancing($form{'uname'},$form{'udom'});
+    my ($is_balancer,$otherserver);
+
+    unless ($hosthere) {
+        ($is_balancer,$otherserver) =
+            &Apache::lonnet::check_loadbalancing($form{'uname'},$form{'udom'});
+    }
 
     if ($is_balancer) {
         if (!$otherserver) { 
@@ -542,6 +594,33 @@ sub noswitch {
     return $result;
 }
 
+sub loginhelpdisplay {
+    my ($authdomain) = @_;
+    my $login_help = 1;
+    my $lang = &Apache::lonlocal::current_language();
+    if ($login_help) {
+        my $dom = $authdomain;
+        if ($dom eq '') {
+            $dom = &Apache::lonnet::default_login_domain();
+        }
+        my %domconfhash = &Apache::loncommon::get_domainconf($dom);
+        my $loginhelp_url;
+        if ($lang) {
+            $loginhelp_url = $domconfhash{$dom.'.login.helpurl_'.$lang};
+            if ($loginhelp_url ne '') {
+                return $loginhelp_url;
+            }
+        }
+        $loginhelp_url = $domconfhash{$dom.'.login.helpurl_nolang'};
+        if ($loginhelp_url ne '') {
+            return $loginhelp_url;
+        } else {
+            return '/adm/loginproblems.html';
+        }
+    }
+    return;
+}
+
 1;
 __END__