--- loncom/auth/lonauth.pm 2003/03/17 13:41:12 1.46 +++ loncom/auth/lonauth.pm 2003/07/17 15:24:46 1.54 @@ -1,7 +1,7 @@ # The LearningOnline Network # User Authentication Module # -# $Id: lonauth.pm,v 1.46 2003/03/17 13:41:12 matthew Exp $ +# $Id: lonauth.pm,v 1.54 2003/07/17 15:24:46 www Exp $ # # Copyright Michigan State University Board of Trustees # @@ -106,6 +106,13 @@ sub success { if (($userenv{'interface'}) && (!$FORM{'interface'})) { $FORM{'interface'}=$userenv{'interface'}; } + $ENV{'environment.remote'}=$userenv{'remote'}; +# --------------- Do not trust query string to be put directly into environment + foreach ('imagesuppress','appletsuppress', + 'embedsuppress','fontenhance','blackwhite', + 'interface','localpath','localres') { + $FORM{$_}=~s/[\n\r\=]//gs; + } # --------------------------------------------------------- Write first profile { @@ -125,10 +132,15 @@ sub success { print $idf "browser.mathml=$clientmathml\n"; print $idf "browser.unicode=$clientunicode\n"; print $idf "browser.os=$clientos\n"; + if ($FORM{'localpath'}) { + print $idf "browser.localpath=$FORM{'localpath'}\n"; + print $idf "browser.localres=$FORM{'localres'}\n"; + } print $idf "request.course.fn=\n"; print $idf "request.course.uri=\n"; print $idf "request.course.sec=\n"; print $idf "request.role=cm\n"; + print $idf "request.role.adv=$ENV{'user.adv'}\n"; print $idf "request.host=$ENV{'REMOTE_ADDR'}\n"; if ($FORM{'interface'}) { $FORM{'interface'}=~s/\W//gs; @@ -146,6 +158,7 @@ sub success { $idf->close(); } $ENV{'request.role'}='cm'; + $ENV{'request.role.adv'}=$ENV{'user.adv'}; $ENV{'browser.type'}=$clientbrowser; # -------------------------------------------------------------------- Log this @@ -229,7 +242,7 @@ sub handler { my $r = shift; my $buffer; - $r->read($buffer,$r->header_in('Content-length')); + $r->read($buffer,$r->header_in('Content-length'),0); my @pairs=split(/&/,$buffer); my $pair; my $name; my $value; undef %FORM;