--- loncom/interface/createaccount.pm	2008/07/12 14:08:58	1.17
+++ loncom/interface/createaccount.pm	2008/07/14 08:26:57	1.20
@@ -3,7 +3,7 @@
 # institutional log-in ID (institutional authentication required - localauth
 #  or kerberos) or an e-mail address.
 #
-# $Id: createaccount.pm,v 1.17 2008/07/12 14:08:58 raeburn Exp $
+# $Id: createaccount.pm,v 1.20 2008/07/14 08:26:57 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -87,16 +87,39 @@ sub handler {
         $r->print($start_page."\n".'<h2>'.&mt('You are already logged in').'</h2>'.
                   '<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]logout[_4].','<a href="/adm/roles">','</a>','<a href="/adm/logout">','</a>').
                   '</p><p><a href="/adm/loginproblems.html">'.&mt('Login problems?').'</a></p>'.$end_page);
-       return OK;
+        return OK;
     }
-    $start_page =
-        &Apache::loncommon::start_page('Create a user account in LON-CAPA','',
-                                       {'no_inline_link'   => 1,});
-    if ($env{'form.phase'} eq 'username_activation') {
+
+    my $courseid;
+    if (defined($env{'form.courseid'})) {
+        $courseid = &validate_course($env{'form.courseid'});
+    }
+    if ($env{'form.phase'} eq 'selfenroll_login') {
         if ($env{'form.udom'} ne '') {
             $domain = $env{'form.udom'};
         }
+        my ($result,$output) =
+            &username_validation($r,$env{'form.uname'},$domain,$domdesc,
+ 
+                                 $contact_name,$contact_email,$courseid,
+                                 $lonhost);
+        if ($result eq 'existingaccount') {
+            $r->print($output);
+            $r->print(&Apache::loncommon::end_page());
+            return OK;
+        } else {
+            $start_page = 
+                &Apache::loncommon::start_page('Self-enroll in a LON-CAPA course','',
+                                               {'no_inline_link'   => 1,});
+            &print_header($r,$start_page);
+            $r->print($output.&Apache::loncommon::end_page());    
+            return OK;
+        }
     }
+
+    $start_page =
+        &Apache::loncommon::start_page('Create a user account in LON-CAPA','',
+                                       {'no_inline_link'   => 1,});
     my @cancreate;
     my %domconfig = &Apache::lonnet::get_dom('configuration',['usercreation'],$domain);
     if (ref($domconfig{'usercreation'}) eq 'HASH') {
@@ -120,41 +143,20 @@ sub handler {
         return OK;
     }
 
-    my $courseid;
-    if (defined($env{'form.courseid'})) {
-        $courseid = &validate_course($env{'form.courseid'});
-    }
-
     if ($sso_username ne '') {
         &print_header($r,$start_page);
-        my $msg;
+        my ($msg,$sso_logout);
+        $sso_logout = &sso_logout_frag($r,$domain);
         if (grep(/^sso$/,@cancreate)) {
             $msg = '<h3>'.&mt('Account creation').'</h3>'.
                    &mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account at this institution.").'<br />';
-            my ($output,$checkfail) = &username_check($sso_username,$domain,
-                                                      $domdesc,$courseid,
-                                                      $lonhost,$contact_email);
-            if ($checkfail) {
-                $msg .= '<h4>'.&mt('Account creation unavailable').'</h4>';
-                if ($checkfail eq 'username') {
-                    $msg .= '<span class="LC_warning">'.
-                            &mt('A LON-CAPA account may not be created with the username you use.').
-                            '</span><br /><br />'.$output;
-                } elsif ($checkfail eq 'authtoken') {
-                    $msg .= '<span class="LC_error">'.&mt('Error creating token.').'</span>'.
-                            '<br />'.$output;
-                }
-                $msg .= &mt('Please contact the [_1] ([_2]) for assistance.',
-                            $contact_name,$contact_email).'<br /><hr />'.
-                        &sso_logout_frag($r,$domain);    
 
-            } else {
-                $msg .= '<br />'.&mt('To create one, use the table below to provide information about yourself (if appropriate), then click the "Create LON-CAPA account" button.').'<br />'.$output;
-            }
+            $msg .= &username_check($sso_username,$domain,$domdesc,$courseid, 
+                                    $lonhost,$contact_email,$contact_name,$sso_logout);
         } else {
             $msg = '<h3>'.&mt('Account creation unavailable').'</h3>'.
                    '<span class="LC_warning">'.&mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account at this institution, and you are not permitted to create one.").'</span><br /><br />'.&mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email).'<hr />'.
-                   &sso_logout_frag($r,$domain);
+                   $sso_logout;
         }
         $r->print($msg);
         $r->print(&Apache::loncommon::end_page());
@@ -196,19 +198,26 @@ sub handler {
         $r->print($output);
         $r->print(&Apache::loncommon::end_page());
         return OK;
-    }
-
-    &print_header($r,$start_page);
-    if ($env{'form.create_with_email'}) {
+    } elsif ($env{'form.phase'} eq 'username_validation') { 
+        (my $result,$output) = 
+            &username_validation($r,$env{'form.uname'},$domain,$domdesc,
+                                 $contact_name,$contact_email,$courseid,
+                                 $lonhost);
+        if ($result eq 'existingaccount') {
+            $r->print($output);
+            $r->print(&Apache::loncommon::end_page());
+            return OK;
+        } else {
+            &print_header($r,$start_page);
+        }
+    } elsif ($env{'form.create_with_email'}) {
+        &print_header($r,$start_page);
         $output = &process_email_request($env{'form.useremail'},$domain,$domdesc,
                                          $contact_name,$contact_email,\@cancreate,
                                          $lonhost,$domconfig{'usercreation'},
                                          $courseid);
-    } elsif ($env{'form.phase'} eq 'username_validation') {
-        $output = &username_validation($env{'form.uname'},$domain,$domdesc,
-                                       $contact_name,$contact_email,$courseid,
-                                       $lonhost);
     } elsif (!$token) {
+        &print_header($r,$start_page);
         my $now=time;
         if (grep(/^login$/,@cancreate)) {
             my $jsh=Apache::File->new($include."/londes.js");
@@ -334,31 +343,10 @@ sub print_username_form {
             my %domdefaults = &Apache::lonnet::get_domain_defaults($domain);
             if ((($domdefaults{'auth_def'} =~/^krb/) && ($domdefaults{'auth_arg_def'} ne '')) || ($domdefaults{'auth_def'} eq 'localauth')) {
                 $output = '<div class="LC_left_float"><h3>'.&mt('Create account with a username provided by this institution').'</h3>';
-                $output .= &mt('If you already have a log-in ID at this institution,[_1] you may be able to use it for LON-CAPA.','<br />').'<br /><br />'.&mt('Type in your log-in ID and password to find out.').'<br /><br />';
-                my ($lkey,$ukey) = &Apache::lonpreferences::des_keys();
-                my ($lextkey,$uextkey) = &getkeys($lkey,$ukey);
-                my $logtoken=Apache::lonnet::reply('tmpput:'.$ukey.$lkey.'&createaccount',
-                                                   $lonhost);
-                $output .= &serverform($logtoken,$lonhost,undef,$courseid);
-                my $unameform = '<input type="text" name="uname" size="10" value="" />';
-                my $upassform = '<input type="password" name="upass'.$now.'" size="10" />';
                 my $submit_text = &mt('Create LON-CAPA account');
-                $output .= '<form name="client" method="post" action="/adm/createaccount">'."\n". 
-                           &Apache::lonhtmlcommon::start_pick_box()."\n".
-                           &Apache::lonhtmlcommon::row_title(&mt('Log-in ID'),
-                                                        'LC_pick_box_title')."\n".
-                           $unameform."\n".
-                           &Apache::lonhtmlcommon::row_closure(1)."\n".
-                           &Apache::lonhtmlcommon::row_title(&mt('Password'),
-                                                        'LC_pick_box_title')."\n".
-                           $upassform."\n".'<br /><br />'."\n".
-                           '<input type="button" name="username_validation" value="'.
-                           $submit_text.'" onclick="javascript:send()" />'."\n". 
-                           &Apache::lonhtmlcommon::row_closure(1)."\n".
-                           &Apache::lonhtmlcommon::end_pick_box().'<br /><br />'."\n".
-                           '<input type="hidden" name="lextkey" value="'.$lextkey.'">'."\n".
-                           '<input type="hidden" name="uextkey" value="'.$uextkey.'">'."\n".
-                           '</form></div>';
+                $output .= &mt('If you already have a log-in ID at this institution,[_1] you may be able to use it for LON-CAPA.','<br />').'<br /><br />'.&mt('Type in your log-in ID and password to find out.').'<br /><br />';
+                $output .= &login_box($now,$lonhost,$courseid,$submit_text,
+                                      $domain,'createaccount');
             }
         }
         if (grep(/^email$/,@{$cancreate})) {
@@ -398,6 +386,48 @@ sub print_username_form {
     return $output;
 }
 
+sub login_box {
+    my ($now,$lonhost,$courseid,$submit_text,$domain,$context) = @_;
+    my $output;
+    my %titles = &Apache::lonlocal::texthash(
+                                              createaccount => 'Log-in ID',
+                                              selfenroll    => 'Username',
+                                            );
+    my ($lkey,$ukey) = &Apache::lonpreferences::des_keys();
+    my ($lextkey,$uextkey) = &getkeys($lkey,$ukey);
+    my $logtoken=Apache::lonnet::reply('tmpput:'.$ukey.$lkey.'&createaccount',
+                                       $lonhost);
+    $output = &serverform($logtoken,$lonhost,undef,$courseid,$context);
+    my $unameform = '<input type="text" name="uname" size="10" value="" />';
+    my $upassform = '<input type="password" name="upass'.$now.'" size="10" />';
+    $output .= '<form name="client" method="post" action="/adm/createaccount">'."\n".
+               &Apache::lonhtmlcommon::start_pick_box()."\n";
+    if ($context eq 'selfenroll') {
+        my $udomform =  '<input type="text" name="udom" size="10" value="'.
+                        $domain.'" />';
+        $output .= &Apache::lonhtmlcommon::row_title(&mt('Domain'),
+                                                     'LC_pick_box_title')."\n".
+                   $udomform."\n".
+                   &Apache::lonhtmlcommon::row_closure(1)."\n";
+    }
+
+    $output .= &Apache::lonhtmlcommon::row_title($titles{$context},
+                                                 'LC_pick_box_title')."\n".
+               $unameform."\n".
+               &Apache::lonhtmlcommon::row_closure(1)."\n".
+               &Apache::lonhtmlcommon::row_title(&mt('Password'),
+                                                'LC_pick_box_title')."\n".
+               $upassform."\n".'<br /><br />'."\n".
+               '<input type="button" name="username_validation" value="'.
+               $submit_text.'" onclick="javascript:send()" />'."\n".
+               &Apache::lonhtmlcommon::row_closure(1)."\n".
+               &Apache::lonhtmlcommon::end_pick_box().'<br /><br />'."\n".
+               '<input type="hidden" name="lextkey" value="'.$lextkey.'">'."\n".
+               '<input type="hidden" name="uextkey" value="'.$uextkey.'">'."\n".
+               '</form></div>';
+    return $output;
+}
+
 sub process_email_request {
     my ($useremail,$domain,$domdesc,$contact_name,$contact_email,$cancreate,
         $server,$settings,$courseid) = @_;
@@ -584,7 +614,9 @@ sub start_session {
     if ($r->dir_config('lonBalancer') eq 'yes') {
         &Apache::lonauth::success($r,$form{'uname'},$form{'udom'},
                                   $lonhost,'noredirect',undef,\%form);
-        my $delete = &Apache::lonnet::tmpdel($token);
+        if ($token ne '') { 
+            my $delete = &Apache::lonnet::tmpdel($token);
+        }
         $r->internal_redirect('/adm/switchserver');
     } else {
         &Apache::lonauth::success($r,$form{'uname'},$form{'udom'},
@@ -723,21 +755,32 @@ sub create_account {
 }
 
 sub username_validation {
-    my ($username,$domain,$domdesc,$contact_name,$contact_email,$courseid,$lonhost) = @_;
+    my ($r,$username,$domain,$domdesc,$contact_name,$contact_email,$courseid,
+        $lonhost) = @_;
     my ($retrieved,$output,$upass);
 
     $username= &LONCAPA::clean_username($username);
     $domain = &LONCAPA::clean_domain($domain);
     my $uhome = &Apache::lonnet::homeserver($username,$domain);
 
-    if ($uhome ne 'no_host') {
-        $output = &invalid_state('existinguser',$domdesc,
-                                 $contact_name,$contact_email);
-        return $output;
-    }
     ($retrieved,$output,$upass) = &process_credentials($env{'form.logtoken'},
                                                        $env{'form.serverid'});
-    if ($retrieved eq 'ok') {
+    if ($retrieved ne 'ok') {
+        return ('fail',$output);
+    }
+    if ($uhome ne 'no_host') {
+        my $result = &Apache::lonnet::authenticate($username,$upass,$domain);
+        if ($result ne 'no_host') { 
+            my %form = &start_session($r,$username,$domain,$lonhost,$courseid);
+            $output = '<br /><br />'.&mt('A LON-CAPA account already exists for username [_1] at this institution ([_2]).','<tt>'.$username.'</tt>',$domdesc).'<br />'.&mt('The password entered was also correct so you have been logged in.');
+            return ('existingaccount',$output);
+        } else {
+            $output = '<div class="LC_warning">'.
+                      &mt('Username and/or password could not be authenticated.').
+                      '</div>'.
+                      &mt('Please check the username and password.');
+        }
+    } else {
         my $primlibserv = &Apache::lonnet::domain($domain,'primary');
         my $authok;
         my %domdefaults = &Apache::lonnet::get_domain_defaults($domain);
@@ -749,21 +792,23 @@ sub username_validation {
             $authok = 'non_authorized';
         }
         if ($authok eq 'authorized') {
-            ($output,undef) = &username_check($username,$domain,$domdesc,
-                                              $courseid,$lonhost,$contact_email); 
+            $output = &username_check($username,$domain,$domdesc,$courseid,$lonhost,
+                                      $contact_email,$contact_name);
         } else {
-            $output = '<div class="LC_warning">'
-                     .&mt('Username and/or password could not be authenticated.')
-                     .'</div>'
-                     .&mt('Please check the username and password.'); 
+            $output = '<div class="LC_warning">'.
+                      &mt('Username and/or password could not be authenticated.').
+                      '</div>'.
+                      &mt('Please check the username and password.'); 
         }
     }
-    return $output;
+    return ('ok',$output);
 }
 
 sub username_check {
-    my ($username,$domain,$domdesc,$courseid,$lonhost,$contact_email) = @_;
-    my (%rulematch,%inst_results,$newuser,%alerts,%curr_rules,%got_rules);
+    my ($username,$domain,$domdesc,$courseid,$lonhost,$contact_email,$contact_name,
+        $sso_logout) = @_;
+    my (%rulematch,%inst_results,$newuser,$checkfail,$rowcount,$editable,$output,$msg,
+        %alerts,%curr_rules,%got_rules);
     $newuser = 1;
     my $checkhash;
     my $checks = { 'username' => 1 };
@@ -773,48 +818,75 @@ sub username_check {
     if (ref($alerts{'username'}) eq 'HASH') {
         if (ref($alerts{'username'}{$domain}) eq 'HASH') {
             if ($alerts{'username'}{$domain}{$username}) {
-                my ($userchkmsg,$checkfail);
                 if (ref($curr_rules{$domain}) eq 'HASH') {
-                    $userchkmsg =
+                    $output =
                         &Apache::loncommon::instrule_disallow_msg('username',$domdesc,1,
                                                                   'selfcreate').
                         &Apache::loncommon::user_rule_formats($domain,$domdesc,
                                 $curr_rules{$domain}{'username'},'username');
-                    if ($userchkmsg) {
-                        $checkfail = 'username';
-                    }
                 }
-                return ($userchkmsg,$checkfail);
+                $checkfail = 'username';
             }
         }
     }
-    my $submit_text = &mt('Create LON-CAPA account');
-    my $output = '<form method="post" action="/adm/createaccount">'.
-                 &Apache::loncreateuser::personal_data_display($username,$domain,1,
-                                    undef,$inst_results{$username.':'.$domain}).
-                '<br /><br /><input type="hidden" name="uname" value="'.$username.'" />'."\n".
-                '<input type="hidden" name="udom" value="'.$domain.'" />'."\n".
-                '<input type="hidden" name="phase" value="username_activation" />';
-    my $now = time;
-    my %info = ('ip'         => $ENV{'REMOTE_ADDR'},
-                'time'       => $now,
-                'domain'     => $domain,
-                'username'   => $username);
-    my $authtoken = &Apache::lonnet::tmpput(\%info,$lonhost);
-    if ($authtoken !~ /^error/ && $authtoken ne 'no_such_host') {
-        $output .= '<input type="hidden" name="authtoken" value="'.&HTML::Entities::encode($authtoken,'&<>"').'" />';
+    if (!$checkfail) {
+        $output = '<form method="post" action="/adm/createaccount">';
+        (my $datatable,$rowcount,$editable) = 
+            &Apache::loncreateuser::personal_data_display($username,$domain,1,'selfcreate',
+                                                         $inst_results{$username.':'.$domain});
+        if ($rowcount > 0) {
+            $output .= $datatable;
+        }
+        $output .=  '<br /><br /><input type="hidden" name="uname" value="'.$username.'" />'."\n".
+                    '<input type="hidden" name="udom" value="'.$domain.'" />'."\n".
+                    '<input type="hidden" name="phase" value="username_activation" />';
+        my $now = time;
+        my %info = ('ip'         => $ENV{'REMOTE_ADDR'},
+                    'time'       => $now,
+                    'domain'     => $domain,
+                    'username'   => $username);
+        my $authtoken = &Apache::lonnet::tmpput(\%info,$lonhost);
+        if ($authtoken !~ /^error/ && $authtoken ne 'no_such_host') {
+            $output .= '<input type="hidden" name="authtoken" value="'.&HTML::Entities::encode($authtoken,'&<>"').'" />';
+        } else {
+            $output = &mt('An error occurred when storing a token').'<br />'.
+                      &mt('You will not be able to proceed to the next stage of account creation').
+                      &linkto_email_help($contact_email,$domdesc);
+            $checkfail = 'authtoken';
+        }
+    }
+    if ($checkfail) { 
+        $msg = '<h4>'.&mt('Account creation unavailable').'</h4>';
+        if ($checkfail eq 'username') {
+            $msg .= '<span class="LC_warning">'.
+                     &mt('A LON-CAPA account may not be created with the username you use.').
+                     '</span><br /><br />'.$output;
+        } elsif ($checkfail eq 'authtoken') {
+            $msg .= '<span class="LC_error">'.&mt('Error creating token.').'</span>'.
+                    '<br />'.$output;
+        }
+        $msg .= &mt('Please contact the [_1] ([_2]) for assistance.',
+                $contact_name,$contact_email).'<br /><hr />'.
+                $sso_logout;
+        &Apache::lonnet::logthis("ERROR: failure type of '$checkfail' when performing username check to create account for authenticated user: $username, in domain $domain");
     } else {
-        $output = &mt('An error occurred when storing a token').'<br />'.
-                  &mt('You will not be able to proceed to the next stage of account creation').
-                  &linkto_email_help($contact_email,$domdesc);
-        return($output,'authtoken');
-    }
-    if ($courseid ne '') {
-        $output .= '<input type="hidden" name="courseid" value="'.$courseid.'" />';
-    }
-    $output .= '<input type="submit" name="newaccount" value="'.
-               $submit_text.'" /></form>';
-    return ($output,'');
+        if ($courseid ne '') {
+            $output .= '<input type="hidden" name="courseid" value="'.$courseid.'" />';
+        }
+        $output .= '<input type="submit" name="newaccount" value="'.
+                   &mt('Create LON-CAPA account').'" /></form>';
+        if ($rowcount) {
+            if ($editable) {
+                $msg = &mt('To create one, use the table below to provide information about yourself, then click the [_1]Create LON-CAPA account[_2] button.','<span class="LC_cusr_emph">','</span>').'<br />';
+            } else {
+                 $msg = &mt('A user account will be created with information displayed in the table below, when you click the [_1]Create LON-CAPA account[_2] button.','<span class="LC_cusr_emph">','</span>').'<br />';
+            }
+        } else {
+            $msg = '<br />'.&mt('Confirm that you wish to create an account.');
+        }
+        $msg .= $output;
+    }
+    return $msg;
 }
 
 sub username_activation {
@@ -983,15 +1055,19 @@ sub getkeys {
 }
 
 sub serverform {
-    my ($logtoken,$lonhost,$mailtoken,$courseid) = @_;
+    my ($logtoken,$lonhost,$mailtoken,$courseid,$context) = @_;
+    my $phase = 'username_validation"';
+    if ($context eq 'selfenroll') {
+        $phase = 'selfenroll_login';
+    }
     my $output .= <<ENDSERVERFORM;
-  <form name="server" method="post" target="_top">
+  <form name="server" method="post" action="/adm/createaccount">
    <input type="hidden" name="logtoken" value="$logtoken" />
    <input type="hidden" name="token" value="$mailtoken" />
    <input type="hidden" name="serverid" value="$lonhost" />
    <input type="hidden" name="uname" value="" />
    <input type="hidden" name="upass" value="" />
-   <input type="hidden" name="phase" value="username_validation" />
+   <input type="hidden" name="phase" value="$phase" />
    <input type="hidden" name="courseid" value="$courseid" />
   </form>
 ENDSERVERFORM