--- loncom/auth/restrictedaccess.pm	2006/07/10 03:58:45	1.1
+++ loncom/auth/restrictedaccess.pm	2006/07/14 21:38:26	1.2
@@ -30,7 +30,6 @@ use strict;
 use lib '/home/httpd/lib/perl/';
 use Apache::Constants qw(:common :http REDIRECT);
 use CGI::Cookie();
-use Apache::File ();
 use Apache::lonnet;
 use Apache::loncommon();
 use Apache::lonauth();
@@ -42,28 +41,21 @@ use LONCAPA;
 sub handler {
     my $r = shift;
 
-    &Apache::loncommon::get_unprocessed_cgi
-        ($ENV{'QUERY_STRING'}.'&'.$env{'request.querystring'},
-         ['origurl']);
-
-    &Apache::lonacc::get_posted_cgi($r);
     my $origurl = &unescape($env{'form.origurl'});
-    my $msg;
+    if (!defined($origurl)) {
+	$origurl = $r->uri;
+    }
     if (exists($env{'form.pass1'})) {
         my ($result,$end) = &check_pass($r,$origurl);
         if ($result eq 'ok') {
-            my $cookie_check = &print_redirect($r,$end,$origurl);
-            if ($cookie_check eq 'ok') {
-                $env{'request.state'} = "published";
-                $env{'request.filename'} = $origurl;
-                $r->header_out(Location => 'http://'.$ENV{'HTTP_HOST'}.$origurl);
-                return REDIRECT;
-            } else {
-                &print_entryform($r,$origurl,$cookie_check);
-            }
+	    &Apache::lonnet::appenv(('user.passphrase_access_'.$origurl =>
+					 $end));
+	    $env{'request.state'} = "published";
+	    $env{'request.filename'} = $origurl;
+	    $r->header_out(Location => 'http://'.$ENV{'HTTP_HOST'}.$origurl);
+	    return REDIRECT;
         } else {
-            $msg = "Invalid passphrase";
-            &print_entryform($r,$origurl,$msg);
+            &print_entryform($r,$origurl,"Invalid passphrase");
         }
     } else {
         &print_entryform($r,$origurl);
@@ -85,14 +77,10 @@ function verify() {
         alert("You must enter a passphrase");
         return;
     }
-    if (document.passform.pass1.value != document.passform.pass2.value) {
-        alert("Passphrases do not match");
-        return;
-    }
     document.passform.submit();
 } 
 </script>');
-    $r->print('<b>'.$msg.'</b>');
+    $r->print('<span class="LC_error">'.$msg.'</span>');
     $r->print('<div align="center"><form name="passform" method="post" '.
               'action="/adm/restrictedaccess">');
     $r->print('<br /><br /><br />');
@@ -102,10 +90,6 @@ function verify() {
               '<td><input type="password" size="20" name="pass1"></td>');
     $r->print(&Apache::loncommon::end_data_table_row());
     $r->print(&Apache::loncommon::start_data_table_row());
-    $r->print('<td><nobr>'.&mt('Confirm passphrase: ').'</nobr></td>');
-    $r->print('<td><input type="password" size="20" name="pass2" /></td>');
-    $r->print(&Apache::loncommon::end_data_table_row());
-    $r->print(&Apache::loncommon::start_data_table_row());
     $r->print('<td align="center" colspan="2"><br />'.
               '<input type="button" name="sendpass" value="'.
               &mt('Submit passphrase').'" onClick="verify()" /></td>');
@@ -116,37 +100,8 @@ function verify() {
     $r->print(&Apache::loncommon::end_page());
 }
 
-sub print_redirect {
-    my ($r,$end,$requrl) = @_;
-    my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
-    my $lonid=$cookies{'lonID'};
-    my $lonidsdir=$r->dir_config('lonIDsDir');
-    my $cookie;
-    if ($lonid) {
-        $cookie=$lonid->value;
-        $cookie=~s/\W//g;
-    }
-    if ($cookie) {
-        my $envkey = 'user.passphrase_access_'.$requrl;
-        open(my $idf,">>$lonidsdir/$cookie.id");
-        if (!flock($idf,LOCK_EX)) {
-            &Apache::lonnet::logthis("<font color=blue>WARNING: ".
-                   'Could not obtain exclusive lock in restrictedaccess: '.$!);
-            close($idf);
-            return 'error: '.$!;
-        } else {
-            print $idf (&escape($envkey).'='.&escape($end)."\n");
-            close($idf);
-            return 'ok';
-        }
-    } else {
-        return 'error: no cookie set';
-    }
-}
-
 sub check_pass {
     my ($r,$origurl) = @_;
-    my $password = $env{'form.pass1'};
     my ($udom,$unum,$group,$file_name,$result,$end);
     if ($origurl =~  m-/+uploaded/([^/]+)/([^/]+)/portfolio(/.+)$-) {
         $udom = $1;
@@ -165,9 +120,7 @@ sub check_pass {
     foreach my $key (sort(keys(%{$access_hash}))) {
         if ($key =~ /^[^:]+:guest_(\d+)/) {
             $end = $1;
-            my $content = $$access_hash{$key};
-            my $passwd = $content->{'password'};
-            if ($password eq $passwd) {
+            if ($env{'form.pass1'} eq $access_hash->{$key}{'password'}) {
                 $result = 'ok';
             } else {
                 $result = 'fail';