--- loncom/auth/lonlogout.pm	2007/08/25 00:51:24	1.27
+++ loncom/auth/lonlogout.pm	2008/11/12 20:01:09	1.33
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Logout Handler
 #
-# $Id: lonlogout.pm,v 1.27 2007/08/25 00:51:24 albertel Exp $
+# $Id: lonlogout.pm,v 1.33 2008/11/12 20:01:09 jms Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -41,23 +41,20 @@ sub handler {
 
     #Check for cookie
     my $requrl=$r->uri;
-    my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
-    my $lonid=$cookies{'lonID'};
-    my $cookie;
-    if (!$lonid) {
-	return FORBIDDEN;
-    }
-
+    my $handle = &Apache::lonnet::check_for_valid_session($r);
     #check if cookie still valid
-    my $handle=&LONCAPA::clean_handle($lonid->value);
-    my $lonidsdir=$r->dir_config('lonIDsDir');
-    if ((!-e "$lonidsdir/$handle.id") || ($handle eq '')) {
+    if ($handle eq '') {
 	$r->log_reason("Cookie $handle not valid", $r->filename); 
 	return FORBIDDEN;
     }
 
     #we've got a valid user
+    #any locks in place?
+    my $locknum=&Apache::lonnet::get_locks();
+    if ($locknum) { return 409; }
+    #nope, go ahead
     my @profile;
+    my $lonidsdir=$r->dir_config('lonIDsDir');
     &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
     unlink("$lonidsdir/$handle.id");
     my %temp=('logout' => time);
@@ -94,15 +91,9 @@ sub handler {
     } else {
 	$start_page=&Apache::loncommon::start_page('Logged Out',undef,
 						   {'no_inline_link' => 1,});
-	my %lt=&Apache::lonlocal::texthash('gb' => 'Goodbye',
-					   'cw' => 'close this window',
-					   'li' => 'log in again',
-					   'pe' => 'Please either',
-					   'or' => 'or');
 	
-	$relogmessage.=(<<ENDRELOG);
-	<h1>$lt{'gb'}!</h1>
-ENDRELOG
+        $relogmessage.='<h1>'.&mt('Goodbye').'</h1>'
+                      .'<p>'.&mt('Thank you for using LON-CAPA.').'</p>';
 
 	if (!$env{'request.sso.norelogin'}) {
 	    my $relogin_server;
@@ -112,11 +103,23 @@ ENDRELOG
 	    my $login_url = $relogin_server.'/adm/'.
 		($env{'request.sso.login'} ? 'roles': 'login');
 
-	    $relogmessage.=(<<ENDRELOG);
-	    $lt{'pe'} <a href="javascript:self.close();">$lt{'cw'}</a> $lt{'or'}
-	<a href="$login_url?domain=$env{'user.domain'}">$lt{'li'}</a>.
-ENDRELOG
-
+            $relogmessage.='<p>'.&mt('You have been successfully logged out.').' '
+                          .&mt('You can [_1]close this window[_2] now.'
+                              ,'','')
+#                              ,'<a href="javascript:self.close();">','</a>');
+=pod
+
+=head1 NOTES:
+
+'<a href="javascript:self.close();">','</a>');
+
+Due to security reasons in new web browsers a window could only be closed with java script, if this window has also been opend with javascript. This is not done here which means that in most cases the close link will not work. Unless we find another solution, this link should not be offered. (Stefan Bisitz, 2008-08-01)
+
+=cut
+                          .'</p>'
+                          .'<p>'.&mt('[_1]Log in again[_2]'
+                              ,'<a href="'.$login_url.'?domain='.$env{'user.domain'}.'">','</a>')
+                          .'</p>';
         }
 	my $domain = $env{'user.domain'};
         if ($env{'request.sso.login'}
@@ -139,10 +142,15 @@ $windowinfo
 $relogmessage
 $end_page
 ENDDOCUMENT
-    &Apache::lonnet::flushcourselogs();
+    $r->register_cleanup(\&flush_course_logs);
     return OK; 
 }
 
+sub flush_course_logs {
+    &Apache::lonnet::flushcourselogs();
+    return OK;
+}
+
 1;
 __END__