--- loncom/auth/lonlogout.pm 2015/03/12 00:50:46 1.45.2.3 +++ loncom/auth/lonlogout.pm 2021/01/04 03:49:52 1.45.2.8 @@ -1,7 +1,7 @@ # The LearningOnline Network # Logout Handler # -# $Id: lonlogout.pm,v 1.45.2.3 2015/03/12 00:50:46 raeburn Exp $ +# $Id: lonlogout.pm,v 1.45.2.8 2021/01/04 03:49:52 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -45,9 +45,11 @@ use strict; use Apache::Constants qw(:common); use Apache::File; use Apache::lonnet; +use Apache::loncommon; use Apache::lonmenu; use CGI::Cookie(); use Apache::lonlocal; +use LONCAPA qw(:DEFAULT :match); sub handler { my $r = shift; @@ -69,25 +71,35 @@ sub handler { my @profile; my $lonidsdir=$r->dir_config('lonIDsDir'); &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle); - unlink("$lonidsdir/$handle.id"); + if (unlink("$lonidsdir/$handle.id")) { + if (($env{'user.linkedenv'} =~ /^[a-f0-9]+_linked$/) && + (-l "$lonidsdir/$env{'user.linkedenv'}.id") && + (readlink("$lonidsdir/$env{'user.linkedenv'}.id") eq "$lonidsdir/$handle.id")) { + unlink("$lonidsdir/$env{'user.linkedenv'}.id"); + } + } if (!$Apache::lonlocal::lh) { &Apache::lonlocal::get_language_handle($r); } my %temp=('logout' => time); + my $ip = &Apache::lonnet::get_requestor_ip(); &Apache::lonnet::put('email_status',\%temp); &Apache::lonnet::log($env{'user.domain'}, $env{'user.name'}, $env{'user.home'}, - "Logout $ENV{'REMOTE_ADDR'}"); + "Logout $ip"); &Apache::loncommon::content_type($r,'text/html'); - #expire the cookie - my $c = new CGI::Cookie(-name => 'lonID', - -value => '', - -expires => '-10y',); - $r->header_out('Set-cookie' => $c); - + #expire the cookies + my %cookies=CGI::Cookie->parse($r->header_in('Cookie')); + foreach my $name (keys(%cookies)) { + next unless ($name =~ /^lon(|S|Link|Pub)ID$/); + my $c = new CGI::Cookie(-name => $name, + -value => '', + -expires => '-10y',); + $r->headers_out->add('Set-cookie' => $c); + } $r->send_http_header; return OK if $r->header_only; # -------------------------------------------------------- Menu script and info @@ -105,19 +117,32 @@ sub handler { $switch); } else { my $domain = $env{'user.domain'}; - my $headextra; - if ($env{'request.sso.login'} - && defined($r->dir_config("lonSSOUserLogoutHeadFile_$domain"))) { - if (open(my $fh,$r->dir_config("lonSSOUserLogoutHeadFile_$domain"))) { - $headextra = join('',<$fh>); - close($fh); - } - } - if ($env{'request.sso.login'} - && defined($r->dir_config('lonSSOUserLogoutHeadFile'))) { - if (open(my $fh,$r->dir_config('lonSSOUserLogoutHeadFile'))) { - $headextra.= join('',<$fh>); - close($fh); + my ($headextra,$ssofile); + if ($env{'request.sso.login'}) { + my $londocroot = $r->dir_config('lonDocRoot'); + if ($domain =~ /^$match_domain$/) { + if (defined($r->dir_config("lonSSOUserLogoutHeadFile_$domain"))) { + $ssofile = '/'.&Apache::loncommon::clean_path($r->dir_config("lonSSOUserLogoutHeadFile_$domain")); + if ($ssofile eq $r->dir_config("lonSSOUserLogoutHeadFile_$domain")) { + if ($ssofile =~ /^\Q$londocroot\E/) { + if (open(my $fh,'<',$ssofile)) { + $headextra = join('',<$fh>); + close($fh); + } + } + } + } + } + if (defined($r->dir_config('lonSSOUserLogoutHeadFile'))) { + $ssofile = '/'.&Apache::loncommon::clean_path($r->dir_config('lonSSOUserLogoutHeadFile')); + if ($ssofile eq $r->dir_config('lonSSOUserLogoutHeadFile')) { + if ($ssofile =~ /^\Q$londocroot\E/) { + if (open(my $fh,'<',$ssofile)) { + $headextra.= join('',<$fh>); + close($fh); + } + } + } } } $start_page=&Apache::loncommon::start_page('Logged Out',$headextra, @@ -181,14 +206,14 @@ Due to security reasons in new web brows } if ($env{'request.sso.login'} && defined($r->dir_config("lonSSOUserLogoutMessageFile_$domain"))) { - if (open(my $fh,$r->dir_config("lonSSOUserLogoutMessageFile_$domain"))) { + if (open(my $fh,'<',$r->dir_config("lonSSOUserLogoutMessageFile_$domain"))) { $relogmessage.= join('',<$fh>); close($fh); } } if ($env{'request.sso.login'} && defined($r->dir_config('lonSSOUserLogoutMessageFile'))) { - if (open(my $fh,$r->dir_config('lonSSOUserLogoutMessageFile'))) { + if (open(my $fh,'<',$r->dir_config('lonSSOUserLogoutMessageFile'))) { $relogmessage.= join('',<$fh>); close($fh); } @@ -202,6 +227,13 @@ $windowinfo $relogmessage $end_page ENDDOCUMENT + if ($env{'request.balancercookie'}) { + my ($balancer,$cookie) = split(/:/,$env{'request.balancercookie'}); + if ((&Apache::lonnet::hostname($balancer)) && ($cookie =~ /^[a-f0-9]{32}$/)) { + $cookie = $env{'user.domain'}.'_'.$env{'user.name'}.'_'.$cookie; + &Apache::lonnet::delbalcookie($cookie,$balancer); + } + } $r->register_cleanup(\&flush_course_logs); return OK; }