--- loncom/auth/lonlogout.pm	2003/05/23 21:18:56	1.9
+++ loncom/auth/lonlogout.pm	2011/10/22 23:53:46	1.43
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Logout Handler
 #
-# $Id: lonlogout.pm,v 1.9 2003/05/23 21:18:56 www Exp $
+# $Id: lonlogout.pm,v 1.43 2011/10/22 23:53:46 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -25,10 +25,19 @@
 #
 # http://www.lon-capa.org/
 #
-# (Cookie Based Access Handler
-# 5/21/99,5/22,5/29,5/31,6/15,16/11,22/11,
-# 01/06,01/13 Gerd Kortemeyer)
-# 05/31,11/29,12/29 Gerd Kortemeyer
+
+=head1 NAME
+
+Apache::lonlogout
+
+=head1 SYNOPSIS
+
+
+This is part of the LearningOnline Network with CAPA project
+described at http://www.lon-capa.org.
+
+
+=cut
 
 package Apache::lonlogout;
 
@@ -38,80 +47,134 @@ use Apache::File;
 use Apache::lonnet;
 use Apache::lonmenu;
 use CGI::Cookie();
+use Apache::lonlocal;
 
 sub handler {
     my $r = shift;
 
+    #Check for cookie
     my $requrl=$r->uri;
-    my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
-    my $lonid=$cookies{'lonID'};
-    my $cookie;
-    if ($lonid) {
-	my $handle=$lonid->value;
-        $handle=~s/\W//g;
-        my $lonidsdir=$r->dir_config('lonIDsDir');
-        if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
-           my @profile;
-           my %sessionhash;
-	    {
-             my $idf=Apache::File->new("$lonidsdir/$handle.id");
-             @profile=<$idf>;
-	    }
-            my $envi;
-            for ($envi=0;$envi<=$#profile;$envi++) {
-		chomp($profile[$envi]);
-		my ($envname,$envvalue)=split(/=/,$profile[$envi]);
-                $sessionhash{$envname}=$envvalue;
-            }
-            unlink("$lonidsdir/$handle.id");
-	    my %temp=('logout' => time);
-	    &Apache::lonnet::put('email_status',\%temp);
-	    &Apache::lonnet::log($sessionhash{'user.domain'},
-                                 $sessionhash{'user.name'},
-                                 $sessionhash{'user.home'},
-                                 "Logout $ENV{'REMOTE_ADDR'}");
-            $r->content_type('text/html');
-            $r->send_http_header;
-            return OK if $r->header_only;
+    my $handle = &Apache::lonnet::check_for_valid_session($r);
+    #check if cookie still valid
+    if ($handle eq '') {
+	$r->log_reason("Cookie $handle not valid", $r->filename); 
+	return FORBIDDEN;
+    }
+
+    #we've got a valid user
+    #any locks in place?
+    my $locknum=&Apache::lonnet::get_locks();
+    if ($locknum) { return 409; }
+    #nope, go ahead
+    my @profile;
+    my $lonidsdir=$r->dir_config('lonIDsDir');
+    &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
+    unlink("$lonidsdir/$handle.id");
+    my %temp=('logout' => time);
+    &Apache::lonnet::put('email_status',\%temp);
+    &Apache::lonnet::log($env{'user.domain'},
+			 $env{'user.name'},
+			 $env{'user.home'},
+			 "Logout $ENV{'REMOTE_ADDR'}");
+
+    &Apache::loncommon::content_type($r,'text/html');
+
+    #expire the cookie
+    my $c = new CGI::Cookie(-name    => 'lonID',
+			    -value   => '',
+			    -expires => '-10y',);
+    $r->header_out('Set-cookie' => $c);
+
+    $r->send_http_header;
+    return OK if $r->header_only;
 # -------------------------------------------------------- Menu script and info
 
-    my $windowinfo=&Apache::lonmenu::close();
 # ---------------------------------------------------------------- Get handover
     &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['handover']);
     my $switch='';
-    my $bodytag='';
+    my $start_page='';
     my $relogmessage='';
-    if ($ENV{'form.handover'}) {
-       $switch='<meta HTTP-EQUIV="Refresh" CONTENT="0.5; url='.
-	   $ENV{'form.handover'}.'">';
-       $bodytag=&Apache::loncommon::bodytag('Switching Server ...');
-   } else {
-       $bodytag=&Apache::loncommon::bodytag('Logged Out',undef,' ');
-       $relogmessage=(<<ENDRELOG);
-<h1>Goodbye!</h1>
-Please either <a href="javascript:self.close();">close this window</a> or
-<a href="/adm/login">log in again</a>.
-ENDRELOG
-   }
+    if ($env{'form.handover'}) {
+	$switch='<meta HTTP-EQUIV="Refresh" CONTENT="0.5; url='.
+	    $env{'form.handover'}.'" />';
+	$start_page=&Apache::loncommon::start_page('Switching Server ...',
+						   $switch);
+    } else {
+	$start_page=&Apache::loncommon::start_page('Logged Out',undef,
+                           {'no_nav_bar'     => 1,});
+	
+        $relogmessage.='<h1>'.&mt('Goodbye').'</h1>'
+                      .'<p>'.&mt('Thank you for using LON-CAPA.').'</p>';
+
+        my $domain = $env{'user.domain'};
+	if (!$env{'request.sso.norelogin'}) {
+	    my ($relogin_server,$login_url);
+	    if ($env{'request.sso.reloginserver'}) {
+		$relogin_server = $env{'request.sso.reloginserver'};
+	    } else {
+                 my %domdefaults = &Apache::lonnet::get_domain_defaults($domain);
+                 if ($domdefaults{'portal_def'}) {
+                     $login_url = $domdefaults{'portal_def'};
+                 } else {
+                     my $checkloginvia = 1;
+                     my ($lonhost,$server,$path) = 
+                         &Apache::lonnet::choose_server($domain,$checkloginvia);
+                     if ($server && $lonhost) {
+                         $login_url = $Apache::lonnet::protocol{$lonhost}.
+                                      '://'.$server.$path;
+                         if ($path eq '/adm/login' && $domain ne '') {
+                             $login_url .= '?domain='.$domain;
+                         }
+                     }
+                 }
+            }
+            if ($login_url eq '') {
+	        $login_url = $relogin_server.'/adm/'.
+		    ($env{'request.sso.login'} ? 'roles': 'login?domain='.$domain);
+            }
+            $relogmessage.='<p>'.&mt('You have been successfully logged out.').' '
+                          .&mt('You can [_1]close this window[_2] now.'
+                              ,'','') # ,'<a href="javascript:self.close();">','</a>')
+                          .'</p>';
+=pod
+
+=head1 NOTES:
+
+'<a href="javascript:self.close();">','</a>'
+
+Due to security reasons in new web browsers a window could only be closed with java script, if this window has also been opend with javascript. This is not done here which means that in most cases the close link will not work. Unless we find another solution, this link should not be offered. (Stefan Bisitz, 2008-08-01)
+
+=cut
+            $relogmessage.='<p>'.&mt('[_1]Log in again[_2]'
+                              ,'<a href="'.$login_url.'">','</a>')
+                          .'</p>';
+        }
+        if ($env{'request.sso.login'}
+	    && defined($r->dir_config("lonSSOUserLogoutMessageFile_$domain"))) {
+	    open(my $fh,$r->dir_config("lonSSOUserLogoutMessageFile_$domain"));
+	    $relogmessage.= join('',<$fh>);
+	}
+	if ($env{'request.sso.login'}
+	    && defined($r->dir_config('lonSSOUserLogoutMessageFile'))) {
+	    open(my $fh,$r->dir_config('lonSSOUserLogoutMessageFile'));
+	    $relogmessage.= join('',<$fh>);
+	}
+
+    }
+    my $end_page=&Apache::loncommon::end_page();
 # --------------------------------------------------------------- Screen Output
-            $r->print(<<ENDDOCUMENT);
-<html>
-<head><title>The LearningOnline Network with CAPA Logout</title>
-$switch
-</head>
-$bodytag
-$windowinfo
+    $r->print(<<ENDDOCUMENT);
+$start_page
 $relogmessage
-</body>
-</html>
+$end_page
 ENDDOCUMENT
-            &Apache::lonnet::flushcourselogs();
-            return OK; 
-        } else { 
-            $r->log_reason("Cookie $handle not valid", $r->filename); 
-        }
-    }
-    return FORBIDDEN;
+    $r->register_cleanup(\&flush_course_logs);
+    return OK; 
+}
+
+sub flush_course_logs {
+    &Apache::lonnet::flushcourselogs();
+    return OK;
 }
 
 1;
@@ -119,7 +182,6 @@ __END__
 
 
 
-