version 1.2, 2002/07/27 19:06:41
|
version 1.3, 2002/07/31 15:23:55
|
Line 36 use Apache::loncommon();
|
Line 36 use Apache::loncommon();
|
|
|
sub handler { |
sub handler { |
my $r = shift; |
my $r = shift; |
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'}, |
my $query=$r->args; |
['token','server']); |
&Apache::loncommon::get_unprocessed_cgi($query,['token','server']); |
my $tmpinfo='no_token'; |
my $tmpinfo='no_token'; |
if (($ENV{'form.token'}) || ($ENV{'form.server'})) { |
if (($ENV{'form.token'}) || ($ENV{'form.server'})) { |
$tmpinfo=&Apache::lonnet::unescape( |
$tmpinfo=&Apache::lonnet::unescape( |
&Apache::lonnet::reply('tmpget:'.$ENV{'form.token'}, |
&Apache::lonnet::reply('tmpget:'.$ENV{'form.token'}, |
$ENV{'form.server'})); |
$ENV{'form.server'})); |
if ($tmpinfo eq $r->uri) { |
chomp($tmpinfo); |
|
my $uri=$r->uri; |
|
if ($tmpinfo=~/$uri$/) { |
return OK; |
return OK; |
} |
} |
} |
} |
$r->log_reason("Invalid token-based access ".$r->uri.' '.$tmpinfo, |
$r->log_reason("Invalid token-based access:".$r->uri.' for '.$tmpinfo.'.', |
$r->filename); |
$r->filename); |
return FORBIDDEN; |
return FORBIDDEN; |
} |
} |