loncom/auth/restrictedaccess.pm - diff

Return to restrictedaccess.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/restrictedaccess.pm between versions 1.1 and 1.2

version 1.1, 2006/07/10 03:58:45	version 1.2, 2006/07/14 21:38:26
Line 30 use strict;	Line 30 use strict;
use lib '/home/httpd/lib/perl/';	use lib '/home/httpd/lib/perl/';
use Apache::Constants qw(:common :http REDIRECT);	use Apache::Constants qw(:common :http REDIRECT);
use CGI::Cookie();	use CGI::Cookie();
use Apache::File ();
use Apache::lonnet;	use Apache::lonnet;
use Apache::loncommon();	use Apache::loncommon();
use Apache::lonauth();	use Apache::lonauth();
Line 42 use LONCAPA;	Line 41 use LONCAPA;
sub handler {	sub handler {
my $r = shift;	my $r = shift;

&Apache::loncommon::get_unprocessed_cgi
($ENV{'QUERY_STRING'}.'&'.$env{'request.querystring'},
['origurl']);

&Apache::lonacc::get_posted_cgi($r);
my $origurl = &unescape($env{'form.origurl'});	my $origurl = &unescape($env{'form.origurl'});
my $msg;	if (!defined($origurl)) {
	$origurl = $r->uri;
	}
if (exists($env{'form.pass1'})) {	if (exists($env{'form.pass1'})) {
my ($result,$end) = &check_pass($r,$origurl);	my ($result,$end) = &check_pass($r,$origurl);
if ($result eq 'ok') {	if ($result eq 'ok') {
my $cookie_check = &print_redirect($r,$end,$origurl);	&Apache::lonnet::appenv(('user.passphrase_access_'.$origurl =>
if ($cookie_check eq 'ok') {	$end));
$env{'request.state'} = "published";	$env{'request.state'} = "published";
$env{'request.filename'} = $origurl;	$env{'request.filename'} = $origurl;
$r->header_out(Location => 'http://'.$ENV{'HTTP_HOST'}.$origurl);	$r->header_out(Location => 'http://'.$ENV{'HTTP_HOST'}.$origurl);
return REDIRECT;	return REDIRECT;
} else {
&print_entryform($r,$origurl,$cookie_check);
}
} else {	} else {
$msg = "Invalid passphrase";	&print_entryform($r,$origurl,"Invalid passphrase");
&print_entryform($r,$origurl,$msg);
}	}
} else {	} else {
&print_entryform($r,$origurl);	&print_entryform($r,$origurl);
Line 85 function verify() {	Line 77 function verify() {
alert("You must enter a passphrase");	alert("You must enter a passphrase");
return;	return;
}	}
if (document.passform.pass1.value != document.passform.pass2.value) {
alert("Passphrases do not match");
return;
}
document.passform.submit();	document.passform.submit();
}	}
</script>');	</script>');
$r->print('<b>'.$msg.'</b>');	$r->print('<span class="LC_error">'.$msg.'</span>');
$r->print('<div align="center"><form name="passform" method="post" '.	$r->print('<div align="center"><form name="passform" method="post" '.
'action="/adm/restrictedaccess">');	'action="/adm/restrictedaccess">');
$r->print('<br /><br /><br />');	$r->print('<br /><br /><br />');
Line 102 function verify() {	Line 90 function verify() {
'<td><input type="password" size="20" name="pass1"></td>');	'<td><input type="password" size="20" name="pass1"></td>');
$r->print(&Apache::loncommon::end_data_table_row());	$r->print(&Apache::loncommon::end_data_table_row());
$r->print(&Apache::loncommon::start_data_table_row());	$r->print(&Apache::loncommon::start_data_table_row());
$r->print('<td><nobr>'.&mt('Confirm passphrase: ').'</nobr></td>');
$r->print('<td><input type="password" size="20" name="pass2" /></td>');
$r->print(&Apache::loncommon::end_data_table_row());
$r->print(&Apache::loncommon::start_data_table_row());
$r->print('<td align="center" colspan="2"><br />'.	$r->print('<td align="center" colspan="2"><br />'.
'<input type="button" name="sendpass" value="'.	'<input type="button" name="sendpass" value="'.
&mt('Submit passphrase').'" onClick="verify()" /></td>');	&mt('Submit passphrase').'" onClick="verify()" /></td>');
Line 116 function verify() {	Line 100 function verify() {
$r->print(&Apache::loncommon::end_page());	$r->print(&Apache::loncommon::end_page());
}	}

sub print_redirect {
my ($r,$end,$requrl) = @_;
my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
my $lonid=$cookies{'lonID'};
my $lonidsdir=$r->dir_config('lonIDsDir');
my $cookie;
if ($lonid) {
$cookie=$lonid->value;
$cookie=~s/\W//g;
}
if ($cookie) {
my $envkey = 'user.passphrase_access_'.$requrl;
open(my $idf,">>$lonidsdir/$cookie.id");
if (!flock($idf,LOCK_EX)) {
&Apache::lonnet::logthis("<font color=blue>WARNING: ".
'Could not obtain exclusive lock in restrictedaccess: '.$!);
close($idf);
return 'error: '.$!;
} else {
print $idf (&escape($envkey).'='.&escape($end)."\n");
close($idf);
return 'ok';
}
} else {
return 'error: no cookie set';
}
}

sub check_pass {	sub check_pass {
my ($r,$origurl) = @_;	my ($r,$origurl) = @_;
my $password = $env{'form.pass1'};
my ($udom,$unum,$group,$file_name,$result,$end);	my ($udom,$unum,$group,$file_name,$result,$end);
if ($origurl =~ m-/+uploaded/([^/]+)/([^/]+)/portfolio(/.+)$-) {	if ($origurl =~ m-/+uploaded/([^/]+)/([^/]+)/portfolio(/.+)$-) {
$udom = $1;	$udom = $1;
Line 165 sub check_pass {	Line 120 sub check_pass {
foreach my $key (sort(keys(%{$access_hash}))) {	foreach my $key (sort(keys(%{$access_hash}))) {
if ($key =~ /^[^:]+:guest_(\d+)/) {	if ($key =~ /^[^:]+:guest_(\d+)/) {
$end = $1;	$end = $1;
my $content = $$access_hash{$key};	if ($env{'form.pass1'} eq $access_hash->{$key}{'password'}) {
my $passwd = $content->{'password'};
if ($password eq $passwd) {
$result = 'ok';	$result = 'ok';
} else {	} else {
$result = 'fail';	$result = 'fail';

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.1
changed lines
	Added in v.1.2