loncom/auth/lonauth.pm - diff

Return to lonauth.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonauth.pm between versions 1.95 and 1.100

-version 1.95, 2008/10/01 11:11:08
+version 1.100, 2009/07/22 20:24:07
  Line 73  sub success {
  # ------------------------------------------------------------ Get cookie ready
      $cookie="lonID=$cookie; path=/";
  # -------------------------------------------------------- Menu script and info
+     my $destination = $lowerurl;
+     if (defined($form->{role})) {
+         my $envkey = 'user.role.'.$form->{role};
+         my $now=time;
+         my $then=$env{'user.login.time'};
+         my $refresh=$env{'user.refresh.time'};
+         if (exists($env{$envkey})) {
+             my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus);
+             &Apache::lonnet::role_status($envkey,$then,$refresh,$now,\$role,\$where,
+                                          \$trolecode,\$tstatus,\$tstart,\$tend);
+             if ($tstatus eq 'is') {
+                 if ($destination =~ /\?/) {
+                     $destination .= '&';
+                 } else {
+                     $destination .= '?';
+                 }
+                 $destination .= 'selectrole=1&'.$form->{role}.'=1';
+                 if (defined($form->{symb})) {
+                     my $destsymb = $form->{symb};
+                     if ($destsymb =~ /___/) {
+                         # FIXME Need to deal with encrypted symbs and urls as needed.
+                         my ($map,$resid,$desturl)=split(/___/,$destsymb);
+                         unless ($desturl=~/^(adm|uploaded|editupload|public)/) {
+                             $desturl = &Apache::lonnet::clutter($desturl);
+                         }
+                         $destination .= '&destinationurl='.$desturl.
+                                         '&destsymb='.$destsymb;
+                     } else {
+                         $destination .= '&destinationurl='.$destsymb;
+                     }
+                 }
+             }
+         }
+     }
      my $windowinfo=&Apache::lonmenu::open($env{'browser.os'});
-     my $startupremote=&Apache::lonmenu::startupremote($lowerurl);
+     my $startupremote=&Apache::lonmenu::startupremote($destination);
      my $remoteinfo=&Apache::lonmenu::load_remote_msg($lowerurl);
      my $setflags=&Apache::lonmenu::setflags();
      my $maincall=&Apache::lonmenu::maincall();
+     my $brcrum = [{'href' => '',
+                    'text' => 'Successful Login'},];
      my $start_page=&Apache::loncommon::start_page('Successful Login',
- 						  $startupremote,
+                                                   $startupremote,
- 						  {'no_inline_link' => 1,});
+                                                   {'no_inline_link' => 1,
+                                                    'bread_crumbs' => $brcrum,});
      my $end_page  =&Apache::loncommon::end_page();
      my $continuelink;
-     if (($env{'browser.interface'} eq 'textual') ||
+     if ($env{'environment.remote'} eq 'off') {
-         ($env{'environment.remote'} eq 'off')) {
+ 	$continuelink='<a href="'.$destination.'">'.&mt('Continue').'</a>';
- 	$continuelink="<a href=\"$lowerurl\">".&mt('Continue')."</a>";
      }
  # ------------------------------------------------- Output for successful login
- Line 120  sub failed {
+ Line 158  sub failed {
      my ($r,$message,$form) = @_;
      my $start_page = &Apache::loncommon::start_page('Unsuccessful Login',undef,
  						    {'no_inline_link' => 1,});
+     my $retry = '/adm/login?username='.$form->{'uname'}.
+                 '&domain='.$form->{'udom'};
+     if (exists($form->{role})) {
+         $retry .= '&role='.$form->{role};
+     }
+     if (exists($form->{symb})) {
+         $retry .= '&symb='.$form->{symb};
+     }
      my $end_page   = &Apache::loncommon::end_page();
      &Apache::loncommon::content_type($r,'text/html');
-     sleep 1; # brute force counteraction: slow down attackers, which try to hack user authentication with automated scripts
      $r->send_http_header;
      $r->print(
         $start_page
        .'<h1>'.&mt('Sorry ...').'</h1>'
        .'<p class="LC_warning">'.&mt($message).'</p>'
-       .'<p>'.&mt('Please [_1]log in again[_2].'
+       .'<p>'.&mt('Please [_1]log in again[_2].','<a href="'.$retry.'">','</a>')
-                 ,"<a href=\"/adm/login?username=$form->{'uname'}&domain=$form->{'udom'}\">",'</a>')
        .'</p>'
        .'<p><a href="/adm/loginproblems.html">'.&mt('Login problems?').'</a></p>'
        .$end_page
- Line 173  sub handler {
+ Line 217  sub handler {
          $r->print(
             $start_page
            .'<h1>'.&mt('You are already logged in!').'</h1>'
-           .'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]logout[_4].'
+           .'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].'
                      ,'<a href="/adm/roles">','</a>','<a href="/adm/logout">','</a>')
            .'</p>'
            .'<p><a href="/adm/loginproblems.html">'.&mt('Login problems?').'</a></p>'
- Line 232  sub handler {
+ Line 276  sub handler {
  	    return OK;
  	}
      }
      if (!&Apache::lonnet::domain($form{'udom'})) {
          &failed($r,'The domain you provided is not a valid LON-CAPA domain.',\%form);
          return OK;
      }
-     my ($key,$firsturl)=split(/&/,$tmpinfo);
+     my ($key,$firsturl,$rolestr,$symbstr)=split(/&/,$tmpinfo);
+     if ($rolestr) {
+         $rolestr = &unescape($rolestr);
+     }
+     if ($symbstr) {
+         $symbstr= &unescape($symbstr);
+     }
+     if ($rolestr =~ /^role=/) {
+         (undef,$form{'role'}) = split('=',$rolestr);
+     }
+     if ($symbstr =~ /^symb=/) {
+         (undef,$form{'symb'}) = split('=',$symbstr);
+     }
      my $keybin=pack("H16",$key);

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.95
changed lines
	Added in v.1.100