--- loncom/interface/loncommon.pm	2022/05/31 23:11:47	1.1075.2.161.2.7
+++ loncom/interface/loncommon.pm	2024/02/28 01:21:29	1.1075.2.161.2.21
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # a pile of common routines
 #
-# $Id: loncommon.pm,v 1.1075.2.161.2.7 2022/05/31 23:11:47 raeburn Exp $
+# $Id: loncommon.pm,v 1.1075.2.161.2.21 2024/02/28 01:21:29 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -71,6 +71,7 @@ use Apache::lonuserutils();
 use Apache::lonuserstate();
 use Apache::courseclassifier();
 use LONCAPA qw(:DEFAULT :match);
+use LONCAPA::map();
 use HTTP::Request;
 use DateTime::TimeZone;
 use DateTime::Locale;
@@ -430,7 +431,7 @@ sub studentbrowser_javascript {
 <script type="text/javascript" language="Javascript">
 // <![CDATA[
     var stdeditbrowser;
-    function openstdbrowser(formname,uname,udom,clicker,roleflag,ignorefilter,courseadv) {
+    function openstdbrowser(formname,uname,udom,clicker,roleflag,ignorefilter,courseadv,uident) {
         var url = '/adm/pickstudent?';
         var filter;
 	if (!ignorefilter) {
@@ -451,6 +452,7 @@ sub studentbrowser_javascript {
             }
         }
         if ((courseadv == 'only') || (courseadv == 'none')) { url+="&courseadv="+courseadv; }
+        if (uident !== '') { url+="&identelement="+uident; }
         var title = 'Student_Browser';
         var options = 'scrollbars=1,resizable=1,menubar=0';
         options += ',width=700,height=600';
@@ -482,7 +484,7 @@ ENDRESBRW
 }
 
 sub selectstudent_link {
-   my ($form,$unameele,$udomele,$courseadv,$clickerid)=@_;
+   my ($form,$unameele,$udomele,$courseadv,$clickerid,$identelem)=@_;
    my $callargs = "'".&Apache::lonhtmlcommon::entity_encode($form)."','".
                       &Apache::lonhtmlcommon::entity_encode($unameele)."','".
                       &Apache::lonhtmlcommon::entity_encode($udomele)."'";
@@ -499,6 +501,11 @@ sub selectstudent_link {
            $callargs .= ",'','','$courseadv'";
        } elsif ($courseadv eq 'condition') {
            $callargs .= ",'','','$courseadv'";
+       } elsif ($identelem ne '') {
+           $callargs .= ",'','',''";
+       }
+       if ($identelem ne '') {
+           $callargs .= ",'".&Apache::lonhtmlcommon::entity_encode($identelem)."'";
        }
        return '<span class="LC_nobreak">'.
               '<a href="javascript:openstdbrowser('.$callargs.');">'.
@@ -950,8 +957,8 @@ ENDSCRT
 }
 
 sub select_timezone {
-   my ($name,$selected,$onchange,$includeempty,$disabled)=@_;
-   my $output='<select name="'.$name.'" '.$onchange.$disabled.'>'."\n";
+   my ($name,$selected,$onchange,$includeempty,$id,$disabled)=@_;
+   my $output='<select name="'.$name.'" '.$id.$onchange.$disabled.'>'."\n";
    if ($includeempty) {
        $output .= '<option value=""';
        if (($selected eq '') || ($selected eq 'local')) {
@@ -1279,7 +1286,8 @@ sub help_open_topic {
     my $target = ' target="_top"';
     if ($links_target) {
         $target = ' target="'.$links_target.'"';
-    } elsif (($env{'request.deeplink.login'}) && ($env{'request.deeplink.target'} eq '_self')) {
+    } elsif ((($env{'request.lti.login'}) && ($env{'request.lti.target'} eq 'iframe')) ||
+             (($env{'request.deeplink.login'}) && ($env{'request.deeplink.target'} eq '_self'))) {
         $target = '';
     }
     if ($text ne "") {	
@@ -1720,8 +1728,6 @@ the id of the element to resize, second
 surrounds everything that comes after the textarea, this routine needs
 to be attached to the <body> for the onload and onresize events.
 
-=back
-
 =cut
 
 sub resize_textarea_js {
@@ -2008,6 +2014,107 @@ sub insert_folding_button {
             value=\"".&mt('Hide')."\" onclick=\"fold_box('$curDepth','$lastresource')\">";
 }
 
+=pod
+
+=item * &iframe_wrapper_headjs()
+
+emits javascript containing two global vars to facilitate handling of resizing
+by code in iframe_wrapper_resizejs() used when an iframe is present in a page
+with standard LON-CAPA menus.
+
+=cut
+
+#
+# Where iframe is in use, if window.onload() executes before the custom resize function
+# has been defined (jQuery), two global javascript vars (LCnotready and LCresizedef)
+# are used to ensure document.ready() triggers a call to resize, so the iframe contents
+# do not obscure the Functions menu.
+#
+
+sub iframe_wrapper_headjs {
+    return <<"ENDJS";
+<script type="text/javascript">
+// <![CDATA[
+var LCnotready = 0;
+var LCresizedef = 0;
+// ]]>
+</script>
+
+ENDJS
+
+}
+
+=pod
+
+=item * &iframe_wrapper_resizejs()
+
+emits javascript used to handle resizing for a page containing
+an iframe, to ensure that the iframe does not obscure any
+standard LON-CAPA menu items.
+
+=back
+
+=cut
+
+#
+# jQuery to use when iframe is in use and a page resize occurs.
+# This script will ensure that the iframe does not obscure any
+# standard LON-CAPA inline menus (primary, secondary, and/or
+# breadcrumbs and Functions menus. Expects javascript from
+# &iframe_wrapper_headjs() to be in head portion of the web page,
+# e.g., by inclusion in second arg passed to &start_page().
+#
+
+sub iframe_wrapper_resizejs {
+    my $offset = 5;
+    &get_unprocessed_cgi($ENV{'QUERY_STRING'},['inhibitmenu']);
+    if (($env{'form.inhibitmenu'} eq 'yes') || ($env{'form.only_body'})) {
+        $offset = 0;
+    }
+    return &Apache::lonhtmlcommon::scripttag(<<SCRIPT);
+    \$(document).ready( function() {
+        \$(window).unbind('resize').resize(function(){
+            var header = null;
+            var offset = $offset;
+            var height = 0;
+            var hdrtop = 0;
+            if (\$('div.LC_menus_content:first').length) {
+                if (\$('div.LC_menus_content:first').hasClass ("shown")) {
+                    header = \$('div.LC_menus_content:first');
+                    offset = 12;
+                }
+            } else if (\$('div.LC_head_subbox:first').length) {
+                header = \$('div.LC_head_subbox:first');
+                offset = 9;
+            } else {
+                if (\$('#LC_breadcrumbs').length) {
+                    header = \$('#LC_breadcrumbs');
+                }
+            }
+            if (header != null && header.length) {
+                height = header.height();
+                hdrtop = header.position().top;
+            }
+            var pos = height + hdrtop + offset;
+            \$('.LC_iframecontainer').css('top', pos);
+        });
+        LCresizedef = 1;
+        if (LCnotready == 1) {
+            LCnotready = 0;
+            \$(window).trigger('resize');
+        }
+    });
+    window.onload = function(){
+         if (LCresizedef) {
+             LCnotready = 0;
+             \$(window).trigger('resize');
+         } else {
+             LCnotready = 1;
+         }
+    };
+SCRIPT
+
+}
 
 =pod
 
@@ -2728,6 +2835,8 @@ This is not an optimal method, but it wo
 
 =item * authform_filesystem
 
+=item * authform_lti
+
 =back
 
 See loncreateuser.pm for invocation and use examples.
@@ -3152,6 +3261,64 @@ sub authform_filesystem {
     return $result;
 }
 
+sub authform_lti {
+    my %in = (
+              formname => 'document.cu',
+              kerb_def_dom => 'MSU.EDU',
+              @_,
+              );
+    my ($lticheck,$result,$authtype,$autharg,$jscall,$disabled);
+    my ($authnum,%can_assign) = &get_assignable_auth($in{'domain'});
+    if ($in{'readonly'}) {
+        $disabled = ' disabled="disabled"';
+    }
+    if (defined($in{'curr_authtype'})) {
+        if ($in{'curr_authtype'} eq 'lti') {
+            if ($can_assign{'lti'}) {
+                $lticheck = 'checked="checked" ';
+                if (defined($in{'mode'})) {
+                    if ($in{'mode'} eq 'modifyuser') {
+                        $lticheck = '';
+                    }
+                }
+            } else {
+                $result = &mt('Currently LTI Authenticated.');
+                return $result;
+            }
+        }
+    } else {
+        if ($authnum == 1) {
+            $authtype = '<input type="hidden" name="login" value="lti" />';
+        }
+    }
+    if (!$can_assign{'lti'}) {
+        return;
+    } elsif ($authtype eq '') {
+        if (defined($in{'mode'})) {
+            if ($in{'mode'} eq 'modifycourse') {
+                if ($authnum == 1) {
+                    $authtype = '<input type="radio" name="login" value="lti"'.$disabled.' />';
+                }
+            }
+        }
+    }
+    $jscall = "javascript:changed_radio('lti',$in{'formname'});";
+    if (($authtype eq '') && (($in{'mode'} eq 'modifycourse') || ($in{'curr_authtype'} ne 'lti'))) {
+        $authtype = '<input type="radio" name="login" value="lti" '.
+                    $lticheck.' onchange="'.$jscall.'" onclick="'.
+                    $jscall.'"'.$disabled.' />';
+    }
+    $autharg = '<input type="hidden" name="ltiarg" value="" />';
+    if ($authtype) {
+        $result = &mt('[_1] LTI Authenticated',
+                      '<label>'.$authtype.'</label>'.$autharg);
+    } else {
+        $result = '<b>'.&mt('LTI Authenticated').'</b>'.
+                  $autharg;
+    }
+    return $result;
+}
+
 sub get_assignable_auth {
     my ($dom) = @_;
     if ($dom eq '') {
@@ -3834,6 +4001,30 @@ sub syllabuswrapper {
     return qq{<a href="/public/$domain/$coursedir/syllabus">$linktext</a>};
 }
 
+sub aboutme_on {
+    my ($uname,$udom)=@_;
+    unless ($uname) { $uname=$env{'user.name'}; }
+    unless ($udom)  { $udom=$env{'user.domain'}; }
+    return if ($udom eq 'public' && $uname eq 'public');
+    my $hashkey=$uname.':'.$udom;
+    my ($aboutme,$cached)=&Apache::lonnet::is_cached_new('aboutme',$hashkey);
+    if ($cached) {
+        return $aboutme;
+    }
+    $aboutme = &Apache::lonnet::usertools_access($uname,$udom,'aboutme');
+    &Apache::lonnet::do_cache_new('aboutme',$hashkey,$aboutme,3600);
+    return $aboutme;
+}
+
+sub devalidate_aboutme_cache {
+    my ($uname,$udom)=@_;
+    if (!$udom)  { $udom =$env{'user.domain'}; }
+    if (!$uname) { $uname=$env{'user.name'};   }
+    return if ($udom eq 'public' && $uname eq 'public');
+    my $id=$uname.':'.$udom;
+    &Apache::lonnet::devalidate_cache_new('aboutme',$id);
+}
+
 # -----------------------------------------------------------------------------
 
 sub track_student_link {
@@ -4437,9 +4628,15 @@ sub get_previous_attempt {
       }
       $prevattempts.= &end_data_table_row().&end_data_table();
     } else {
+      my $msg;
+      if ($symb =~ /ext\.tool$/) {
+          $msg = &mt('No grade passed back.');
+      } else {
+          $msg = &mt('Nothing submitted - no attempts.');
+      }
       $prevattempts=
 	  &start_data_table().&start_data_table_row().
-	  '<td>'.&mt('Nothing submitted - no attempts.').'</td>'.
+	  '<td>'.$msg.'</td>'.
 	  &end_data_table_row().&end_data_table();
     }
   } else {
@@ -5534,7 +5731,7 @@ sub get_domainconf {
                                 foreach my $host (keys(%{$domconfig{'login'}{$key}})) {
                                     if (ref($domconfig{'login'}{$key}{$host}) eq 'HASH') {
                                         $designhash{$udom.'.login.'.$key.'_'.$host} = 1;
-                                        foreach my $item ('text','img','alt','url','title','notsso') {
+                                        foreach my $item ('text','img','alt','url','title','window','notsso') {
                                             $designhash{$udom.'.login.'.$key.'_'.$item.'_'.$host} = $domconfig{'login'}{$key}{$host}{$item};
                                         }
                                     }
@@ -5805,6 +6002,9 @@ sub CSTR_pageheader {
     if ($frameset) {
         $target = ' target="_parent"';
         $crumbtarget = '_parent';
+    } elsif (($env{'request.lti.login'}) && ($env{'request.lti.target'} eq 'iframe')) {
+        $target = '';
+        $crumbtarget = '';
     } elsif (($env{'request.deeplink.login'}) && ($env{'request.deeplink.target'})) {
         $target = ' target="'.$env{'request.deeplink.target'}.'"';
         $crumbtarget = $env{'request.deeplink.target'};
@@ -5834,6 +6034,109 @@ sub CSTR_pageheader {
     return $output;
 }
 
+##############################################
+=pod
+
+=item * &nocodemirror()
+
+Input: None
+
+Returns: 1 if CodeMirror is deactivated based on
+         user's preference, or domain default,
+         if user indicated use of default.
+
+=cut
+
+sub nocodemirror {
+    my $nocodem = $env{'environment.nocodemirror'};
+    unless ($nocodem) {
+        my %domdefs = &Apache::lonnet::get_domain_defaults($env{'user.domain'});
+        if ($domdefs{'nocodemirror'}) {
+            $nocodem = 'yes';
+        }
+    }
+    if ($nocodem eq 'yes') {
+        return 1;
+    }
+    return;
+}
+
+##############################################
+=pod
+
+=item * &permitted_editors()
+
+Input: $uri (optional)
+
+Returns: %editors hash in which keys are editors
+         permitted in current Authoring Space.
+         Value for each key is 1. Possible keys
+         are: edit, xml, and daxe. If no specific
+         set of editors has been set for the Author
+         who owns the Authoring Space, then the
+         domain default will be used.  If no domain
+         default has been set, then the keys will be
+         edit and xml.
+
+=cut
+
+sub permitted_editors {
+    my ($uri) = @_;
+    my ($is_author,$is_coauthor,$auname,$audom,%editors);
+    if ($env{'request.role'} =~ m{^au\./}) {
+        $is_author = 1;
+    } elsif ($env{'request.role'} =~ m{^(?:ca|aa)\./($match_domain)/($match_username)}) {
+        ($audom,$auname) = ($1,$2);
+        if (($audom ne '') && ($auname ne '')) {
+            if (($env{'user.domain'} eq $audom) &&
+                ($env{'user.name'} eq $auname)) {
+                $is_author = 1;
+            } else {
+                $is_coauthor = 1;
+            }
+        }
+    } elsif ($env{'request.course.id'}) {
+        if ($env{'request.editurl'} =~ m{^/priv/($match_domain)/($match_username)/}) {
+            ($audom,$auname) = ($1,$2);
+        } elsif ($env{'request.uri'} =~ m{^/priv/($match_domain)/($match_username)/}) {
+            ($audom,$auname) = ($1,$2);
+        } elsif (($uri eq '/daxesave') &&
+                 ($env{'form.path'} =~ m{^/daxeopen/priv/($match_domain)/($match_username)/})) {
+            ($audom,$auname) = ($1,$2);
+        }
+        if (($audom ne '') && ($auname ne '')) {
+            if (($env{'user.domain'} eq $audom) &&
+                ($env{'user.name'} eq $auname)) {
+                $is_author = 1;
+            } else {
+                $is_coauthor = 1;
+            }
+        }
+    }
+    if ($is_author) {
+        if (exists($env{'environment.editors'})) {
+            map { $editors{$_} = 1; } split(/,/,$env{'environment.editors'});
+        } else {
+            %editors = ( edit => 1,
+                         xml => 1,
+                       );
+        }
+    } elsif ($is_coauthor) {
+        if (exists($env{"environment.internal.editors./$audom/$auname"})) {
+            map { $editors{$_} = 1; } split(/,/,$env{"environment.internal.editors./$audom/$auname"});
+        } else {
+            %editors = ( edit => 1,
+                         xml => 1,
+                       );
+        }
+    } else {
+        %editors = ( edit => 1,
+                     xml => 1,
+                   );
+    }
+    return %editors;
+}
+
 ###############################################
 ###############################################
 
@@ -5898,6 +6201,21 @@ Inputs:
             context, this will contain a reference to hash of items
             to be included in the page header and/or inline menu.
 
+=item * $menucoll, optional argument, if specific menu collection is in
+            effect, either set as the default for the course, or set for
+            the deeplink paramater for $env{'request.deeplink.login'}
+            then $menucoll will be the number of that collection.
+
+=item * $menuref, optional argument, reference to a hash, containing the
+            menu options included for the menu in effect, based on the
+            configuration for the numbered menu collection in use.
+
+=item * $showncrumbsref, reference to a scalar. Calls to lonmenu::innerregister
+            within &bodytag() can result in calls to lonhtmlcommon::breadcrumbs(),
+            if so, $showncrumbsref is set there to 1, and will propagate back
+            via &bodytag() to &start_page(), to prevent lonhtmlcommon::breadcrumbs()
+            being called a second time.
+
 =back
 
 Returns: A uniform header for LON-CAPA web pages.  
@@ -5910,7 +6228,7 @@ other decorations will be returned.
 sub bodytag {
     my ($title,$function,$addentries,$bodyonly,$domain,$forcereg,
         $no_nav_bar,$bgcolor,$no_inline_link,$args,$advtoolsref,
-        $ltiscope,$ltiuri,$ltimenu,$menucoll,$menuref)=@_;
+        $ltiscope,$ltiuri,$ltimenu,$menucoll,$menuref,$showncrumbsref)=@_;
 
     my $public;
     if ((($env{'user.name'} eq 'public') && ($env{'user.domain'} eq 'public'))
@@ -6061,10 +6379,21 @@ sub bodytag {
         $bodytag .= Apache::lonhtmlcommon::scripttag(
             Apache::lonmenu::utilityfunctions($httphost), 'start');
 
+        if ($args->{'collapsible_header'} ne '') {
+            my $alttext = &mt('menu state: collapsed');
+            my $tooltip = &mt('display standard menus');
+            $bodytag .= <<"END";
+<div id="LC_expandingContainer" style="display:inline;">
+<div id="LC_collapsible" class="LC_collapse_trigger" style="position: absolute;top: -5px;left: 0px; z-index:101; display:inline;">
+<a href="#" style="text-decoration:none;"><img class="LC_collapsible_indicator" alt="$alttext" title="$tooltip" src="/res/adm/pages/collapsed.png" style="border:0;margin:0;padding:0;max-width:100%;height:auto" /></a></div>
+<div class="LC_menus_content hidden">
+END
+        }
         unless ($args->{'no_primary_menu'}) {
             my ($left,$right) = Apache::lonmenu::primary_menu($crstype,$ltimenu,$menucoll,$menuref,
                                                               $args->{'links_disabled'},
-                                                              $args->{'links_target'});
+                                                              $args->{'links_target'},
+                                                              $args->{'collapsible_header'});
             if ($env{'request.noversionuri'} =~ m{^/res/adm/pages/}) {
                 if ($dc_info) {
                     $dc_info = qq|<span class="LC_cusr_subheading">$dc_info</span>|;
@@ -6103,12 +6432,12 @@ sub bodytag {
             $bodytag .= Apache::lonhtmlcommon::scripttag('', 'end');
             if ($env{'request.state'} eq 'construct') {
                 $bodytag .= &Apache::lonmenu::innerregister($forcereg,
-                                $args->{'bread_crumbs'},'','',$hostname,$ltiscope,$ltiuri);
+                                $args->{'bread_crumbs'},'','',$hostname,
+                                $ltiscope,$ltiuri,$showncrumbsref);
             } elsif ($forcereg) {
                 $bodytag .= &Apache::lonmenu::innerregister($forcereg,undef,
-                                                            $args->{'group'},
-                                                            $args->{'hide_buttons'},
-                                                            $hostname,$ltiscope,$ltiuri);
+                                $args->{'group'},$args->{'hide_buttons'},
+                                $hostname,$ltiscope,$ltiuri,$showncrumbsref);
             } else {
                 my $forbodytag;
                 &Apache::lonmenu::prepare_functions($env{'request.noversionuri'},
@@ -6126,7 +6455,11 @@ sub bodytag {
             $bodytag .= '<hr style="clear:both" />';
             $bodytag .= Apache::lonhtmlcommon::scripttag('', 'end'); 
         }
-
+        if ($args->{'collapsible_header'} ne '') {
+            $bodytag .= $args->{'collapsible_header'}.
+                        '<div id="LC_collapsible_separator"></div>'.
+                        '</div></div>';
+        }
         return $bodytag;
     }
 
@@ -6251,12 +6584,45 @@ sub endbodytag {
     }
     if ( exists( $env{'internal.head.redirect'} ) ) {
         if (!(ref($args) eq 'HASH' && $args->{'noredirectlink'})) {
+            my ($endbodyjs,$idattr);
+            if ($env{'internal.head.to_opener'}) {
+                my $linkid = 'LC_continue_link';
+                $idattr = ' id="'.$linkid.'"';
+                my $redirect_for_js = &js_escape($env{'internal.head.redirect'});
+                $endbodyjs=<<ENDJS;
+<script type="text/javascript">
+// <![CDATA[
+function ebFunction(evt) {
+    evt.preventDefault();
+    var dest = '$redirect_for_js';
+    if (window.opener != null && !window.opener.closed) {
+        window.opener.location.href=dest;
+        window.close();
+    } else {
+        window.location.href=dest;
+    }
+    return false;
+}
+
+\$(document).ready(function () {
+  if (document.getElementById('$linkid')) {
+    var clickelem = document.getElementById('$linkid');
+    clickelem.addEventListener('click',ebFunction,false);
+  }
+});
+// ]]>
+</script>
+ENDJS
+            }
 	    $endbodytag=
-	        "<br /><a href=\"$env{'internal.head.redirect'}\">".
+	        "$endbodyjs<br /><a href=\"$env{'internal.head.redirect'}\"$idattr>".
 	        &mt('Continue').'</a>'.
 	        $endbodytag;
         }
     }
+    if ((ref($args) eq 'HASH') && ($args->{'dashjs'})) {
+        $endbodytag = &Apache::lonhtmlcommon::dash_to_minus_js().$endbodytag;
+    }
     return $endbodytag;
 }
 
@@ -6341,6 +6707,14 @@ form, .inline {
   display: inline;
 }
 
+.LC_menus_content.shown{
+  display: inline;
+}
+
+.LC_menus_content.hidden {
+  display: none;
+}
+
 .LC_right {
   text-align:right;
 }
@@ -6361,6 +6735,12 @@ form, .inline {
   width:400px;
 }
 
+#LC_collapsible_separator {
+    border: 1px solid black;
+    width: 99.9%;
+    height: 0px;
+}
+
 .LC_iframecontainer {
     width: 98%;
     margin: 0;
@@ -7556,6 +7936,11 @@ fieldset {
   /* overflow: hidden; */
 }
 
+fieldset#LC_selectuser {
+    margin: 0;
+    padding: 0;
+}
+
 article.geogebraweb div {
     margin: 0;
 }
@@ -8099,6 +8484,10 @@ a#LC_content_toolbar_edittoplevel {
   background-image:url(/res/adm/pages/edittoplevel.gif);
 }
 
+a#LC_content_toolbar_printout {
+  background-image:url(/res/adm/pages/printout.gif);
+}
+
 ul#LC_toolbar li a:hover {
   background-position: bottom center;
 }
@@ -8237,6 +8626,16 @@ pre.LC_wordwrap {
 }
 
 /*
+  styles used for response display
+*/
+div.LC_radiofoil, div.LC_rankfoil {
+  margin: .5em 0em .5em 0em;
+}
+table.LC_itemgroup {
+  margin-top: 1em;
+}
+
+/*
   styles used by TTH when "Default set of options to pass to tth/m
   when converting TeX" in course settings has been set
 
@@ -8257,6 +8656,87 @@ span.roman {font-family: serif; font-sty
 span.overacc2 {position: relative;  left: .8em; top: -1.2ex;}
 span.overacc1 {position: relative;  left: .6em; top: -1.2ex;}
 
+/*
+  sections with roles, for content only
+*/
+section[class^="role-"] {
+  padding-left: 10px;
+  padding-right: 5px;
+  margin-top: 8px;
+  margin-bottom: 8px;
+  border: 1px solid #2A4;
+  border-radius: 5px;
+  box-shadow: 0px 1px 1px #BBB;
+}
+section[class^="role-"]>h1 {
+  position: relative;
+  margin: 0px;
+  padding-top: 10px;
+  padding-left: 40px;
+}
+section[class^="role-"]>h1:before {
+  position: absolute;
+  left: -5px;
+  top: 5px;
+}
+section.role-activity>h1:before {
+  content:url('/adm/daxe/images/section_icons/activity.png');
+}
+section.role-advice>h1:before {
+  content:url('/adm/daxe/images/section_icons/advice.png');
+}
+section.role-bibliography>h1:before {
+  content:url('/adm/daxe/images/section_icons/bibliography.png');
+}
+section.role-citation>h1:before {
+  content:url('/adm/daxe/images/section_icons/citation.png');
+}
+section.role-conclusion>h1:before {
+  content:url('/adm/daxe/images/section_icons/conclusion.png');
+}
+section.role-definition>h1:before {
+  content:url('/adm/daxe/images/section_icons/definition.png');
+}
+section.role-demonstration>h1:before {
+  content:url('/adm/daxe/images/section_icons/demonstration.png');
+}
+section.role-example>h1:before {
+  content:url('/adm/daxe/images/section_icons/example.png');
+}
+section.role-explanation>h1:before {
+  content:url('/adm/daxe/images/section_icons/explanation.png');
+}
+section.role-introduction>h1:before {
+  content:url('/adm/daxe/images/section_icons/introduction.png');
+}
+section.role-method>h1:before {
+  content:url('/adm/daxe/images/section_icons/method.png');
+}
+section.role-more_information>h1:before {
+  content:url('/adm/daxe/images/section_icons/more_information.png');
+}
+section.role-objectives>h1:before {
+  content:url('/adm/daxe/images/section_icons/objectives.png');
+}
+section.role-prerequisites>h1:before {
+  content:url('/adm/daxe/images/section_icons/prerequisites.png');
+}
+section.role-remark>h1:before {
+  content:url('/adm/daxe/images/section_icons/remark.png');
+}
+section.role-reminder>h1:before {
+  content:url('/adm/daxe/images/section_icons/reminder.png');
+}
+section.role-summary>h1:before {
+  content:url('/adm/daxe/images/section_icons/summary.png');
+}
+section.role-syntax>h1:before {
+  content:url('/adm/daxe/images/section_icons/syntax.png');
+}
+section.role-warning>h1:before {
+  content:url('/adm/daxe/images/section_icons/warning.png');
+}
+
 #LC_minitab_header {
   float:left;
   width:100%;
@@ -8310,7 +8790,13 @@ Inputs: $title - optional title for the
                                    3- whether the side effect should occur
                            (side effect of setting 
                                $env{'internal.head.redirect'} to the url 
-                               redirected too)
+                               redirected to)
+                                   4- whether the redirect target should be
+                                      the opener of the current (pop-up)
+                                      window (side effect of setting
+                                      $env{'internal.head.to_opener'} to
+                                      1, if true.
+                                   5- whether encrypt check should be skipped
             domain         -> force to color decorate a page for a specific
                                domain
             function       -> force usage of a specific rolish color scheme
@@ -8373,15 +8859,45 @@ sub headtag {
         }
     }
     if (ref($args->{'redirect'})) {
-	my ($time,$url,$inhibit_continue) = @{$args->{'redirect'}};
-	$url = &Apache::lonenc::check_encrypt($url);
+	my ($time,$url,$inhibit_continue,$to_opener,$skip_enc_check) = @{$args->{'redirect'}};
+        if (!$skip_enc_check) {
+	    $url = &Apache::lonenc::check_encrypt($url);
+        }
 	if (!$inhibit_continue) {
 	    $env{'internal.head.redirect'} = $url;
 	}
-	$result.=<<ADDMETA
+        $result.=<<"ADDMETA";
 <meta http-equiv="pragma" content="no-cache" />
+ADDMETA
+        if ($to_opener) {
+            $env{'internal.head.to_opener'} = 1;
+            my $dest = &js_escape($url);
+            my $timeout = int($time * 1000);
+            $result .=<<"ENDJS";
+<script type="text/javascript">
+// <![CDATA[
+function LC_To_Opener() {
+    var dest = '$dest';
+    if (dest != '') {
+        if (window.opener != null && !window.opener.closed) {
+            window.opener.location.href=dest;
+            window.close();
+        } else {
+            window.location.href=dest;
+        }
+    }
+}
+\$(document).ready(function () {
+    setTimeout('LC_To_Opener()',$timeout);
+});
+// ]]>
+</script>
+ENDJS
+        } else {
+            $result.=<<"ADDMETA";
 <meta http-equiv="Refresh" content="$time; url=$url" />
 ADDMETA
+        }
     } else {
         unless (($args->{'frameset'}) || ($args->{'js_ready'}) || ($args->{'only_body'}) || ($args->{'no_nav_bar'})) {
             my $requrl = $env{'request.uri'};
@@ -8820,6 +9336,7 @@ sub start_page {
         }
     }
 
+    my $showncrumbs;
     if (! exists($args->{'skip_phases'}{'body'}) ) {
 	if ($args->{'frameset'}) {
 	    my $attr_string = &make_attr_string($args->{'force_register'},
@@ -8833,7 +9350,7 @@ sub start_page {
                          $args->{'force_register'}, $args->{'no_nav_bar'},
                          $args->{'bgcolor'},        $args->{'no_inline_link'},
                          $args,                     \@advtools,
-                         $ltiscope,$ltiuri,\%ltimenu,$menucoll,\%menu);
+                         $ltiscope,$ltiuri,\%ltimenu,$menucoll,\%menu,\$showncrumbs);
         }
     }
 
@@ -8855,6 +9372,7 @@ sub start_page {
 
     #Breadcrumbs
     if (exists($args->{'bread_crumbs'}) or exists($args->{'bread_crumbs_component'})) {
+        unless ($showncrumbs) {
 		&Apache::lonhtmlcommon::clear_breadcrumbs();
 		#if any br links exists, add them to the breadcrumbs
 		if (exists($args->{'bread_crumbs'}) and ref($args->{'bread_crumbs'}) eq 'ARRAY') {         
@@ -8874,12 +9392,20 @@ sub start_page {
                 } else {
                     undef($menulink);
                 }
+                my $linkprotout;
+                if ($env{'request.deeplink.login'}) {
+                    my $linkprotout = &Apache::lonmenu::linkprot_exit();
+                    if ($linkprotout) {
+                        &Apache::lonhtmlcommon::add_breadcrumb_tool('tools',$linkprotout);
+                    }
+                }
 		#if bread_crumbs_component exists show it as headline else show only the breadcrumbs
 		if(exists($args->{'bread_crumbs_component'})){
 			$result .= &Apache::lonhtmlcommon::breadcrumbs($args->{'bread_crumbs_component'},'',$menulink);
 		} else {
 			$result .= &Apache::lonhtmlcommon::breadcrumbs('','',$menulink);
 		}
+        }
     } elsif (($env{'environment.remote'} eq 'on') &&
              ($env{'form.inhibitmenu'} ne 'yes') &&
              ($env{'request.noversionuri'} =~ m{^/res/}) &&
@@ -9018,6 +9544,50 @@ sub symb_from_tinyurl {
     }
 }
 
+sub usable_exttools {
+    my %tooltypes;
+    if ($env{'request.course.id'}) {
+        if ($env{'course.'.$env{'request.course.id'}.'.internal.exttool'}) {
+           if ($env{'course.'.$env{'request.course.id'}.'.internal.exttool'} eq 'both') {
+               %tooltypes = (
+                             crs => 1,
+                             dom => 1,
+                            );
+           } elsif ($env{'course.'.$env{'request.course.id'}.'.internal.exttool'} eq 'crs') {
+               $tooltypes{'crs'} = 1;
+           } elsif ($env{'course.'.$env{'request.course.id'}.'.internal.exttool'} eq 'dom') {
+               $tooltypes{'dom'} = 1;
+           }
+        } else {
+            my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
+            my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
+            my $crstype = lc($env{'course.'.$env{'request.course.id'}.'.type'});
+            if ($crstype eq '') {
+                $crstype = 'course';
+            }
+            if ($crstype eq 'course') {
+                if ($env{'course.'.$env{'request.course.id'}.'internal.coursecode'}) {
+                    $crstype = 'official';
+                } elsif ($env{'course.'.$env{'request.course.id'}.'.internal.textbook'}) {
+                    $crstype = 'textbook';
+                } elsif ($env{'course.'.$env{'request.course.id'}.'.internal.lti'}) {
+                    $crstype = 'lti';
+                } else {
+                    $crstype = 'unofficial';
+                }
+            }
+            my %domdefaults = &Apache::lonnet::get_domain_defaults($cdom);
+            if ($domdefaults{$crstype.'domexttool'}) {
+                $tooltypes{'dom'} = 1;
+            }
+            if ($domdefaults{$crstype.'exttool'}) {
+                $tooltypes{'crs'} = 1;
+            }
+        }
+    }
+    return %tooltypes;
+}
+
 sub wishlist_window {
     return(<<'ENDWISHLIST');
 <script type="text/javascript">
@@ -13591,7 +14161,9 @@ sub process_extracted_files {
                             my $url = '/uploaded/'.$docudom.'/'.$docuname.'/'.
                                       $docstype.'/'.$mapinner{$outer}.'/'.$newidx.'/'.
                                       $title;
-                            if (($outer !~ /\D/) && ($mapinner{$outer} !~ /\D/) && ($newidx !~ /\D/)) {
+                            if (($outer !~ /\D/) &&
+                                (($mapinner{$outer} eq 'default') || ($mapinner{$outer} !~ /\D/)) &&
+                                ($newidx !~ /\D/)) {
                                 if (!-e "$prefix$dir/$docstype/$mapinner{$outer}") {
                                     mkdir("$prefix$dir/$docstype/$mapinner{$outer}",0755);
                                 }
@@ -15630,7 +16202,7 @@ sub commit_studentrole {
                 }
                 $oldsecurl = $uurl;
                 $expire_role_result = 
-                    &Apache::lonnet::assignrole($udom,$uname,$uurl,'st',$now,'','',$context);
+                    &Apache::lonnet::assignrole($udom,$uname,$uurl,'st',$now,'','','',$context);
                 if ($env{'request.course.sec'} ne '') { 
                     if ($expire_role_result eq 'refused') {
                         my @roles = ('st');
@@ -16021,6 +16593,9 @@ sub construct_course {
     if ($args->{'crstype'}) {
         $cenv{'type'}=$args->{'crstype'};
     }
+    if ($args->{'lti'}) {
+        $cenv{'internal.lti'}=$args->{'lti'};
+    }
     if ($args->{'crsid'}) {
         $cenv{'courseid'}=$args->{'crsid'};
     }
@@ -16042,6 +16617,7 @@ sub construct_course {
         $cenv{'internal.defaultcredits'} = $args->{'defaultcredits'};
     }
     my @badclasses = (); # Used to accumulate sections/crosslistings that did not pass classlist access check for course owner.
+    my @oklcsecs = (); # Used to accumulate LON-CAPA sections for validated institutional sections.
     if ($args->{'crssections'}) {
         $cenv{'internal.sectionnums'} = '';
         if ($args->{'crssections'} =~ m/,/) {
@@ -16055,7 +16631,11 @@ sub construct_course {
                 my $class = $args->{'crscode'}.$sec;
                 my $addcheck = &Apache::lonnet::auto_new_course($$crsunum,$$crsudom,$class,$cenv{'internal.courseowner'});
                 $cenv{'internal.sectionnums'} .= $item.',';
-                unless ($addcheck eq 'ok') {
+                if ($addcheck eq 'ok') {
+                    unless (grep(/^\Q$gp\E$/,@oklcsecs)) {
+                        push(@oklcsecs,$gp);
+                    }
+                } else {
                     push(@badclasses,$class);
                 }
             }
@@ -16083,7 +16663,11 @@ sub construct_course {
                 my ($xl,$gp) = split/:/,$item;
                 my $addcheck =  &Apache::lonnet::auto_new_course($$crsunum,$$crsudom,$xl,$cenv{'internal.courseowner'});
                 $cenv{'internal.crosslistings'} .= $item.',';
-                unless ($addcheck eq 'ok') {
+                if ($addcheck eq 'ok') {
+                    unless (grep(/^\Q$gp\E$/,@oklcsecs)) {
+                        push(@oklcsecs,$gp);
+                    }
+                } else {
                     push(@badclasses,$xl);
                 }
             }
@@ -16146,6 +16730,36 @@ sub construct_course {
     if ($args->{'no_end_date'}) {
         $args->{'endaccess'} = 0;
     }
+#  If an official course with institutional sections is created by cloning
+#  an existing course, section-specific hiding of course totals in student's
+#  view of grades as copied from cloned course, will be checked for valid
+#  sections.
+    if (($can_clone && $cloneid) &&
+        ($cenv{'internal.coursecode'} ne '') &&
+        ($cenv{'grading'} eq 'standard') &&
+        ($cenv{'hidetotals'} ne '') &&
+        ($cenv{'hidetotals'} ne 'all')) {
+        my @hidesecs;
+        my $deletehidetotals;
+        if (@oklcsecs) {
+            foreach my $sec (split(/,/,$cenv{'hidetotals'})) {
+                if (grep(/^\Q$sec$/,@oklcsecs)) {
+                    push(@hidesecs,$sec);
+                }
+            }
+            if (@hidesecs) {
+                $cenv{'hidetotals'} = join(',',@hidesecs);
+            } else {
+                $deletehidetotals = 1;
+            }
+        } else {
+            $deletehidetotals = 1;
+        }
+        if ($deletehidetotals) {
+            delete($cenv{'hidetotals'});
+            &Apache::lonnet::del('environment',['hidetotals'],$$crsudom,$$crsunum);
+        }
+    }
     $cenv{'internal.autostart'}=$args->{'enrollstart'};
     $cenv{'internal.autoend'}=$args->{'enrollend'};
     $cenv{'default_enrollment_start_date'}=$args->{'startaccess'};
@@ -16264,7 +16878,6 @@ sub construct_course {
 #
     unless (($args->{'nonstandard'}) || ($args->{'firstres'} eq 'blank')
 	    || ($cloneid)) {
-	use LONCAPA::map;
 	$outcome .= &mt('Setting first resource').': ';
 
 	my $map = '/uploaded/'.$$crsudom.'/'.$$crsunum.'/default.sequence';
@@ -16371,12 +16984,13 @@ sub group_term {
 }
 
 sub course_types {
-    my @types = ('official','unofficial','community','textbook');
+    my @types = ('official','unofficial','community','textbook','lti');
     my %typename = (
                          official   => 'Official course',
                          unofficial => 'Unofficial course',
                          community  => 'Community',
                          textbook   => 'Textbook course',
+                         lti        => 'LTI provider',
                    );
     return (\@types,\%typename);
 }
@@ -16627,19 +17241,30 @@ sub init_user_environment {
             my %is_adv = ( is_adv => $env{'user.adv'} );
             my %domdef = &Apache::lonnet::get_domain_defaults($domain);
 
-            foreach my $tool ('aboutme','blog','webdav','portfolio') {
+            foreach my $tool ('aboutme','blog','webdav','portfolio','timezone') {
                 $userenv{'availabletools.'.$tool} = 
                     &Apache::lonnet::usertools_access($username,$domain,$tool,'reload',
                                                       undef,\%userenv,\%domdef,\%is_adv);
             }
 
-            foreach my $crstype ('official','unofficial','community','textbook') {
+            foreach my $crstype ('official','unofficial','community','textbook','lti') {
                 $userenv{'canrequest.'.$crstype} =
                     &Apache::lonnet::usertools_access($username,$domain,$crstype,
                                                       'reload','requestcourses',
                                                       \%userenv,\%domdef,\%is_adv);
             }
 
+            if ((ref($userroles) eq 'HASH') && ($userroles->{'user.author'}) &&
+                (exists($userroles->{"user.role.au./$domain/"}))) {
+                if ($userenv{'authoreditors'}) {
+                    $userenv{'editors'} = $userenv{'authoreditors'};
+                } elsif ($domdef{'editors'} ne '') {
+                    $userenv{'editors'} = $domdef{'editors'};
+                } else {
+                    $userenv{'editors'} = 'edit,xml';
+                }
+            }
+
             $userenv{'canrequest.author'} =
                 &Apache::lonnet::usertools_access($username,$domain,'requestauthor',
                                                   'reload','requestauthor',
@@ -17460,23 +18085,47 @@ sub needs_coursereinit {
         if ($blocked) {
             return ();
         }
-        my $lastchange = &Apache::lonnet::get_coursechange($cdom,$cnum);
-        if ($lastchange > $env{'request.course.tied'}) {
-            my %curr_reqd_hash = &Apache::lonnet::userenvironment($cdom,$cnum,'internal.releaserequired');
-            if ($curr_reqd_hash{'internal.releaserequired'} ne '') {
-                my $required = $env{'course.'.$cdom.'_'.$cnum.'.internal.releaserequired'};
-                if ($curr_reqd_hash{'internal.releaserequired'} ne $required) {
-                    &Apache::lonnet::appenv({'course.'.$cdom.'_'.$cnum.'.internal.releaserequired' =>
-                                             $curr_reqd_hash{'internal.releaserequired'}});
-                    my ($switchserver,$switchwarning) =
-                        &check_release_required($loncaparev,$cdom.'_'.$cnum,$env{'request.role'},
-                                                $curr_reqd_hash{'internal.releaserequired'});
-                    if ($switchwarning ne '' || $switchserver ne '') {
-                        return ('switch',$switchwarning,$switchserver);
-                    }
+        my $update;
+        my $lastmainchange = &Apache::lonnet::get_coursechange($cdom,$cnum);
+        my $lastsuppchange = &Apache::lonnet::get_suppchange($cdom,$cnum);
+        if ($lastmainchange > $env{'request.course.tied'}) {
+            my ($needswitch,$switchwarning,$switchserver) = &switch_for_update($loncaparev,$cdom,$cnum);
+            if ($needswitch) {
+                return ('switch',$switchwarning,$switchserver);
+            }
+            $update = 'main';
+        }
+        if ($lastsuppchange > $env{'request.course.suppupdated'}) {
+            if ($update) {
+                $update = 'both';
+            } else {
+                my ($needswitch,$switchwarning,$switchserver) = &switch_for_update($loncaparev,$cdom,$cnum);
+                if ($needswitch) {
+                    return ('switch',$switchwarning,$switchserver);
+                } else {
+                    $update = 'supp';
                 }
             }
-            return ('update');
+            return ($update);
+        }
+    }
+    return ();
+}
+
+sub switch_for_update {
+    my ($loncaparev,$cdom,$cnum) = @_;
+    my %curr_reqd_hash = &Apache::lonnet::userenvironment($cdom,$cnum,'internal.releaserequired');
+    if ($curr_reqd_hash{'internal.releaserequired'} ne '') {
+        my $required = $env{'course.'.$cdom.'_'.$cnum.'.internal.releaserequired'};
+        if ($curr_reqd_hash{'internal.releaserequired'} ne $required) {
+            &Apache::lonnet::appenv({'course.'.$cdom.'_'.$cnum.'.internal.releaserequired' =>
+                                    $curr_reqd_hash{'internal.releaserequired'}});
+            my ($switchserver,$switchwarning) =
+                &check_release_required($loncaparev,$cdom.'_'.$cnum,$env{'request.role'},
+                                        $curr_reqd_hash{'internal.releaserequired'});
+            if ($switchwarning ne '' || $switchserver ne '') {
+                return ('switch',$switchwarning,$switchserver);
+            }
         }
     }
     return ();
@@ -17559,8 +18208,10 @@ sub parse_supplemental_title {
         my $name =  &plainname($uname,$udom);
         $name = &HTML::Entities::encode($name,'"<>&\'');
         $renametitle = &HTML::Entities::encode($renametitle,'"<>&\'');
-        $title='<i>'.&Apache::lonlocal::locallocaltime($time).'</i> '.
-            $name.': <br />'.$foldertitle;
+        $title='<i>'.&Apache::lonlocal::locallocaltime($time).'</i> '.$name;
+        if ($foldertitle ne '') {
+            $title .= ': <br />'.$foldertitle;
+        }
     }
     if (wantarray) {
         return ($title,$foldertitle,$renametitle);
@@ -17568,28 +18219,147 @@ sub parse_supplemental_title {
     return $title;
 }
 
+sub get_supplemental {
+    my ($cnum,$cdom,$ignorecache,$possdel)=@_;
+    my $hashid=$cnum.':'.$cdom;
+    my ($supplemental,$cached,$set_httprefs);
+    unless ($ignorecache) {
+        ($supplemental,$cached) = &Apache::lonnet::is_cached_new('supplemental',$hashid);
+    }
+    unless (defined($cached)) {
+        my $chome=&Apache::lonnet::homeserver($cnum,$cdom);
+        unless ($chome eq 'no_host') {
+            my @order = @LONCAPA::map::order;
+            my @resources = @LONCAPA::map::resources;
+            my @resparms = @LONCAPA::map::resparms;
+            my @zombies = @LONCAPA::map::zombies;
+            my ($errors,%ids,%hidden);
+            $errors =
+                &recurse_supplemental($cnum,$cdom,'supplemental.sequence',
+                                      $errors,$possdel,\%ids,\%hidden);
+            @LONCAPA::map::order = @order;
+            @LONCAPA::map::resources = @resources;
+            @LONCAPA::map::resparms = @resparms;
+            @LONCAPA::map::zombies = @zombies;
+            $set_httprefs = 1;
+            if ($env{'request.course.id'} eq $cdom.'_'.$cnum) {
+                &Apache::lonnet::appenv({'request.course.suppupdated' => time});
+            }
+            $supplemental = {
+                               ids => \%ids,
+                               hidden => \%hidden,
+                            };
+            &Apache::lonnet::do_cache_new('supplemental',$hashid,$supplemental,600);
+        }
+    }
+    return ($supplemental,$set_httprefs);
+}
+
 sub recurse_supplemental {
-    my ($cnum,$cdom,$suppmap,$numfiles,$errors) = @_;
-    if ($suppmap) {
+    my ($cnum,$cdom,$suppmap,$errors,$possdel,$suppids,$hiddensupp,$hidden) = @_;
+    if (($suppmap) && (ref($suppids) eq 'HASH') && (ref($hiddensupp) eq 'HASH')) {
+        my $mapnum;
+        if ($suppmap eq 'supplemental.sequence') {
+            $mapnum = 0;
+        } else {
+            ($mapnum) = ($suppmap =~ /^supplemental_(\d+)\.sequence$/);
+        }
         my ($errtext,$fatal) = &LONCAPA::map::mapread('/uploaded/'.$cdom.'/'.$cnum.'/'.$suppmap);
         if ($fatal) {
             $errors ++;
         } else {
-            if ($#LONCAPA::map::resources > 0) {
-                foreach my $res (@LONCAPA::map::resources) {
-                    my ($title,$src,$ext,$type,$status)=split(/\:/,$res);
+            my @order = @LONCAPA::map::order;
+            if (@order > 0) {
+                my @resources = @LONCAPA::map::resources;
+                my @resparms = @LONCAPA::map::resparms;
+                foreach my $idx (@order) {
+                    my ($title,$src,$ext,$type,$status)=split(/\:/,$resources[$idx]);
                     if (($src ne '') && ($status eq 'res')) {
+                        my $id = $mapnum.':'.$idx;
+                        push(@{$suppids->{$src}},$id);
+                        if (($hidden) || (&get_supp_parameter($resparms[$idx],'parameter_hiddenresource') =~ /^yes/i)) {
+                            $hiddensupp->{$id} = 1;
+                        }
                         if ($src =~ m{^\Q/uploaded/$cdom/$cnum/\E(supplemental_\d+\.sequence)$}) {
-                            ($numfiles,$errors) = &recurse_supplemental($cnum,$cdom,$1,$numfiles,$errors);
+                            $errors = &recurse_supplemental($cnum,$cdom,$1,$errors,$possdel,$suppids,
+                                                            $hiddensupp,$hiddensupp->{$id});
                         } else {
-                            $numfiles ++;
+                            my $allowed;
+                            if (($env{'request.role.adv'}) || (!$hiddensupp->{$id})) {
+                                $allowed = 1;
+                            } elsif ($possdel) {
+                                foreach my $item (@{$suppids->{$src}}) {
+                                    next if ($item eq $id);
+                                    unless ($hiddensupp->{$item}) {
+                                       $allowed = 1;
+                                       last;
+                                    }
+                                }
+                                if ((!$allowed) && (exists($env{'httpref.'.$src}))) {
+                                    &Apache::lonnet::delenv('httpref.'.$src);
+                                }
+                            }
+                            if ($allowed && (!exists($env{'httpref.'.$src}))) {
+                                &Apache::lonnet::allowuploaded('/adm/coursedoc',$src);
+                            }
+                        }
+                    }
+                }
+            }
+        }
+    }
+    return $errors;
+}
+
+sub set_supp_httprefs {
+    my ($cnum,$cdom,$supplemental,$possdel) = @_;
+    if (ref($supplemental) eq 'HASH') {
+        if ((ref($supplemental->{'ids'}) eq 'HASH') && (ref($supplemental->{'hidden'}) eq 'HASH')) {
+            foreach my $src (keys(%{$supplemental->{'ids'}})) {
+                next if ($src =~ /\.sequence$/);
+                if (ref($supplemental->{'ids'}->{$src}) eq 'ARRAY') {
+                    my $allowed;
+                    if ($env{'request.role.adv'}) {
+                        $allowed = 1;
+                    } else {
+                        foreach my $id (@{$supplemental->{'ids'}->{$src}}) {
+                            unless ($supplemental->{'hidden'}->{$id}) {
+                                $allowed = 1;
+                                last;
+                            }
                         }
                     }
+                    if (exists($env{'httpref.'.$src})) {
+                        if ($possdel) {
+                            unless ($allowed) {
+                                &Apache::lonnet::delenv('httpref.'.$src);
+                            }
+                        }
+                    } elsif ($allowed) {
+                        &Apache::lonnet::allowuploaded('/adm/coursedoc',$src);
+                    }
                 }
             }
+            if ($env{'request.course.id'} eq $cdom.'_'.$cnum) {
+                &Apache::lonnet::appenv({'request.course.suppupdated' => time});
+            }
         }
     }
-    return ($numfiles,$errors);
+}
+
+sub get_supp_parameter {
+    my ($resparm,$name)=@_;
+    return if ($resparm eq '');
+    my $value=undef;
+    my $ptype=undef;
+    foreach (split('&&&',$resparm)) {
+        my ($thistype,$thisname,$thisvalue)=split('___',$_);
+        if ($thisname eq $name) {
+            $value=$thisvalue;
+            $ptype=$thistype;
+        }
+    }
+    return $value;
 }
 
 sub symb_to_docspath {
@@ -17662,6 +18432,67 @@ sub symb_to_docspath {
     return $path;
 }
 
+sub validate_folderpath {
+    my ($supplementalflag,$allowed,$coursenum,$coursedom) = @_;
+    if ($env{'form.folderpath'} ne '') {
+        my @items = split(/\&/,$env{'form.folderpath'});
+        my ($badpath,$changed,$got_supp,$supppath,%supphidden,%suppids);
+        for (my $i=0; $i<@items; $i++) {
+            my $odd = $i%2;
+            if (($odd) && (!$supplementalflag) && ($items[$i] !~ /^[^:]*:(|\d+):(|1):(|1):(|1):(|1)$/)) {
+                $badpath = 1;
+            } elsif ($odd && $supplementalflag) {
+                my $idx = $i-1;
+                if ($items[$i] =~ /^([^:]*)::(|1):::$/) {
+                    my $esc_name = $1;
+                    if ((!$allowed) || ($items[$idx] eq 'supplemental')) {
+                        $supppath .= '&'.$esc_name;
+                        $changed = 1;
+                    } else {
+                        $supppath .= '&'.$items[$i];
+                    }
+                } elsif (($allowed) && ($items[$idx] ne 'supplemental')) {
+                    $changed = 1;
+                    my $is_hidden;
+                    unless ($got_supp) {
+                        my ($supplemental) = &get_supplemental($coursenum,$coursedom);
+                        if (ref($supplemental) eq 'HASH') {
+                            if (ref($supplemental->{'hidden'}) eq 'HASH') {
+                                %supphidden = %{$supplemental->{'hidden'}};
+                            }
+                            if (ref($supplemental->{'ids'}) eq 'HASH') {
+                                %suppids = %{$supplemental->{'ids'}};
+                            }
+                        }
+                        $got_supp = 1;
+                    }
+                    if (ref($suppids{"/uploaded/$coursedom/$coursenum/$items[$idx].sequence"}) eq 'ARRAY') {
+                        my $mapid = $suppids{"/uploaded/$coursedom/$coursenum/$items[$idx].sequence"}->[0];
+                        if ($supphidden{$mapid}) {
+                            $is_hidden = 1;
+                        }
+                    }
+                    $supppath .= '&'.$items[$i].'::'.$is_hidden.':::';
+                } else {
+                    $supppath .= '&'.$items[$i];
+                }
+            } elsif ((!$odd) && ($items[$i] !~ /^(default|supplemental)(|_\d+)$/)) {
+                $badpath = 1;
+            } elsif ($supplementalflag) {
+                $supppath .= '&'.$items[$i];
+            }
+            last if ($badpath);
+        }
+        if ($badpath) {
+            delete($env{'form.folderpath'});
+        } elsif ($changed && $supplementalflag) {
+            $supppath =~ s/^\&//;
+            $env{'form.folderpath'} = $supppath;
+        }
+    }
+    return;
+}
+
 sub captcha_display {
     my ($context,$lonhost,$defdom) = @_;
     my ($output,$error);
@@ -17784,7 +18615,7 @@ sub create_captcha {
             $output = '<input type="hidden" name="crypt" value="'.$md5sum.'" />'."\n".
                       '<span class="LC_nobreak">'.
                       &mt('Type in the letters/numbers shown below').'&nbsp;'.
-                      '<input type="text" size="5" name="code" value="" autocomplete="off" />'.
+                      '<input type="text" size="5" name="code" value="" autocomplete="new-password" />'.
                       '</span><br />'.
                       '<img src="'.$captcha_params{'www_output_dir'}.'/'.$md5sum.'.png" alt="captcha" />';
             last;