loncom/auth/loncacc.pm - view

Return to loncacc.pm CVS log

Up to [LON-CAPA] / loncom / auth

File: [LON-CAPA] / loncom / auth / loncacc.pm
Revision 1.10: download - view: text, annotated - select for diffs
Thu Sep 28 17:01:17 2000 UTC (23 years, 8 months ago) by www
Branches: MAIN
CVS tags: HEAD

Now also unescape form element name

    1: # The LearningOnline Network
    2: # Cookie Based Access Handler for Construction Area
    3: # (lonacc: 5/21/99,5/22,5/29,5/31 Gerd Kortemeyer)
    4: # 6/15,16/11,22/11,
    5: # 01/06,01/11,6/1,9/25,9/28 Gerd Kortemeyer
    6: 
    7: package Apache::loncacc;
    8: 
    9: use strict;
   10: use Apache::Constants qw(:common :http :methods);
   11: use Apache::File;
   12: use CGI::Cookie();
   13: 
   14: sub handler {
   15:     my $r = shift;
   16:     my $requrl=$r->uri;
   17:     my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
   18:     my $lonid=$cookies{'lonID'};
   19:     my $cookie;
   20:     if ($lonid) {
   21: 	my $handle=$lonid->value;
   22:         $handle=~s/\W//g;
   23:         my $lonidsdir=$r->dir_config('lonIDsDir');
   24:         if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
   25:             my $ownername=$requrl;
   26:             $ownername=~s/\/\~(\w+).*/\1/;
   27:             my $ownerdomain=$r->dir_config('lonDefDomain');
   28:             my @handleparts=split(/\_/,$handle);
   29:             my $username=$handleparts[0];
   30:             my $domain=$handleparts[2];
   31:             if (($username ne $ownername) || ($domain ne $ownerdomain)) {
   32:                 $r->log_reason
   33:                    ("$username at $domain not authorized", $r->filename); 
   34: 	        return HTTP_NOT_ACCEPTABLE;
   35:             }
   36:             my @profile;
   37: 	    {
   38:              my $idf=Apache::File->new("$lonidsdir/$handle.id");
   39:              @profile=<$idf>;
   40: 	    }
   41:             my $envi;
   42:             for ($envi=0;$envi<=$#profile;$envi++) {
   43: 		chomp($profile[$envi]);
   44: 		my ($envname,$envvalue)=split(/=/,$profile[$envi]);
   45:                 $ENV{$envname} = $envvalue;
   46:             }
   47:             $ENV{'user.environment'} = "$lonidsdir/$handle.id";
   48:             $ENV{'request.state'}    = "construct";
   49:             $ENV{'request.filename'} = $r->filename;
   50: 
   51: # -------------------------------------------------------- Load POST parameters
   52: 
   53: 
   54:             my $buffer;
   55: 
   56:             $r->read($buffer,$r->header_in('Content-length'));
   57:             my @pairs=split(/&/,$buffer);
   58:             my $pair;
   59:             foreach $pair (@pairs) {
   60:                my ($name,$value) = split(/=/,$pair);
   61:                $value =~ tr/+/ /;
   62:                $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
   63:                $name  =~ tr/+/ /;
   64:                $name  =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
   65:                $ENV{"form.$name"}=$value;
   66:             } 
   67: 
   68:             $r->method_number(M_GET);
   69: 	    $r->method('GET');
   70:             $r->headers_in->unset('Content-length');
   71: 
   72:             return OK; 
   73:         } else { 
   74:             $r->log_reason("Cookie $handle not valid", $r->filename) 
   75:         };
   76:     }
   77: 
   78: # ----------------------------------------------- Store where they wanted to go
   79: 
   80:     $ENV{'request.firsturl'}=$requrl;
   81:     return FORBIDDEN;
   82: }
   83: 
   84: 1;
   85: __END__
   86: 
   87: 
   88: 
   89: 
   90: 
   91: 
   92: 
   93:

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>