--- loncom/auth/lonlogout.pm	2006/08/29 20:34:39	1.20
+++ loncom/auth/lonlogout.pm	2007/08/25 00:51:24	1.27
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Logout Handler
 #
-# $Id: lonlogout.pm,v 1.20 2006/08/29 20:34:39 albertel Exp $
+# $Id: lonlogout.pm,v 1.27 2007/08/25 00:51:24 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -49,8 +49,7 @@ sub handler {
     }
 
     #check if cookie still valid
-    my $handle=$lonid->value;
-    $handle=~s/\W//g;
+    my $handle=&LONCAPA::clean_handle($lonid->value);
     my $lonidsdir=$r->dir_config('lonIDsDir');
     if ((!-e "$lonidsdir/$handle.id") || ($handle eq '')) {
 	$r->log_reason("Cookie $handle not valid", $r->filename); 
@@ -59,25 +58,23 @@ sub handler {
 
     #we've got a valid user
     my @profile;
-    my %sessionhash;
-    {
-	my $idf=Apache::File->new("$lonidsdir/$handle.id");
-	@profile=<$idf>;
-    }
-    my $envi;
-    for ($envi=0;$envi<=$#profile;$envi++) {
-	chomp($profile[$envi]);
-	my ($envname,$envvalue)=split(/=/,$profile[$envi]);
-	$sessionhash{$envname}=$envvalue;
-    }
+    &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
     unlink("$lonidsdir/$handle.id");
     my %temp=('logout' => time);
     &Apache::lonnet::put('email_status',\%temp);
-    &Apache::lonnet::log($sessionhash{'user.domain'},
-			 $sessionhash{'user.name'},
-			 $sessionhash{'user.home'},
+    &Apache::lonnet::log($env{'user.domain'},
+			 $env{'user.name'},
+			 $env{'user.home'},
 			 "Logout $ENV{'REMOTE_ADDR'}");
+
     &Apache::loncommon::content_type($r,'text/html');
+
+    #expire the cookie
+    my $c = new CGI::Cookie(-name    => 'lonID',
+			    -value   => '',
+			    -expires => '-10y',);
+    $r->header_out('Set-cookie' => $c);
+
     $r->send_http_header;
     return OK if $r->header_only;
 # -------------------------------------------------------- Menu script and info
@@ -102,16 +99,32 @@ sub handler {
 					   'li' => 'log in again',
 					   'pe' => 'Please either',
 					   'or' => 'or');
-	my $login_url = '/adm/'.($env{'request.sso.login'} ? 'roles' 
-                                                           : 'login');
 	
-	$relogmessage=(<<ENDRELOG);
+	$relogmessage.=(<<ENDRELOG);
 	<h1>$lt{'gb'}!</h1>
+ENDRELOG
+
+	if (!$env{'request.sso.norelogin'}) {
+	    my $relogin_server;
+	    if ($env{'request.sso.reloginserver'}) {
+		$relogin_server = $env{'request.sso.reloginserver'};
+	    }
+	    my $login_url = $relogin_server.'/adm/'.
+		($env{'request.sso.login'} ? 'roles': 'login');
+
+	    $relogmessage.=(<<ENDRELOG);
 	    $lt{'pe'} <a href="javascript:self.close();">$lt{'cw'}</a> $lt{'or'}
-	<a href="$login_url?domain=$sessionhash{'user.domain'}">$lt{'li'}</a>.
+	<a href="$login_url?domain=$env{'user.domain'}">$lt{'li'}</a>.
 ENDRELOG
 
+        }
+	my $domain = $env{'user.domain'};
         if ($env{'request.sso.login'}
+	    && defined($r->dir_config("lonSSOUserLogoutMessageFile_$domain"))) {
+	    open(my $fh,$r->dir_config("lonSSOUserLogoutMessageFile_$domain"));
+	    $relogmessage.= join('',<$fh>);
+	}
+	if ($env{'request.sso.login'}
 	    && defined($r->dir_config('lonSSOUserLogoutMessageFile'))) {
 	    open(my $fh,$r->dir_config('lonSSOUserLogoutMessageFile'));
 	    $relogmessage.= join('',<$fh>);