--- loncom/interface/loncommon.pm	2017/01/01 16:32:01	1.1268
+++ loncom/interface/loncommon.pm	2017/12/30 19:51:30	1.1306
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # a pile of common routines
 #
-# $Id: loncommon.pm,v 1.1268 2017/01/01 16:32:01 raeburn Exp $
+# $Id: loncommon.pm,v 1.1306 2017/12/30 19:51:30 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -71,6 +71,7 @@ use Apache::lonuserutils();
 use Apache::lonuserstate();
 use Apache::courseclassifier();
 use LONCAPA qw(:DEFAULT :match);
+use LONCAPA::LWPReq;
 use DateTime::TimeZone;
 use DateTime::Locale;
 use Encode();
@@ -83,6 +84,8 @@ use Crypt::DES;
 use DynaLoader; # for Crypt::DES version
 use MIME::Lite;
 use MIME::Types;
+use File::Copy();
+use File::Path();
 
 # ---------------------------------------------- Designs
 use vars qw(%defaultdesign);
@@ -2476,10 +2479,24 @@ sub create_text_file {
 # ------------------------------------------
 
 sub domain_select {
-    my ($name,$value,$multiple)=@_;
+    my ($name,$value,$multiple,$incdoms,$excdoms)=@_;
+    my @possdoms;
+    if (ref($incdoms) eq 'ARRAY') {
+        @possdoms = @{$incdoms};
+    } else {
+        @possdoms = &Apache::lonnet::all_domains();
+    }
+
     my %domains=map { 
 	$_ => $_.' '. &Apache::lonnet::domain($_,'description') 
-    } &Apache::lonnet::all_domains();
+    } @possdoms;
+
+    if ((ref($excdoms) eq 'ARRAY') && (@{$excdoms} > 0)) {
+        foreach my $dom (@{$excdoms}) {
+            delete($domains{$dom});
+        }
+    }
+
     if ($multiple) {
 	$domains{''}=&mt('Any domain');
 	$domains{'select_form_order'} = [sort {lc($a) cmp lc($b) } (keys(%domains))];
@@ -4562,9 +4579,15 @@ sub get_previous_attempt {
       }
       $prevattempts.= &end_data_table_row().&end_data_table();
     } else {
+      my $msg;
+      if ($symb =~ /ext\.tool$/) {
+          $msg = &mt('No grade passed back.');
+      } else {
+          $msg = &mt('Nothing submitted - no attempts.');
+      }
       $prevattempts=
 	  &start_data_table().&start_data_table_row().
-	  '<td>'.&mt('Nothing submitted - no attempts.').'</td>'.
+	  '<td>'.$msg.'</td>'.
 	  &end_data_table_row().&end_data_table();
     }
   } else {
@@ -4669,6 +4692,9 @@ sub get_student_view {
   }
   if (defined($target)) { $form{'grade_target'} = $target; }
   $feedurl=&Apache::lonnet::clutter($feedurl);
+  if (($feedurl =~ /ext\.tool$/) && ($target eq 'tex')) {
+      $feedurl =~ s{^/adm/wrapper}{};
+  }
   my ($userview,$response)=&Apache::lonnet::ssi_body($feedurl,%form);
   $userview=~s/\<body[^\>]*\>//gi;
   $userview=~s/\<\/body\>//gi;
@@ -4991,7 +5017,8 @@ sub blockcheck {
     # boards, chat or groups, check for blocking in current course only.
 
     if (($activity eq 'boards' || $activity eq 'chat' ||
-         $activity eq 'groups' || $activity eq 'printout') &&
+         $activity eq 'groups' || $activity eq 'printout' ||
+         $activity eq 'reinit' || $activity eq 'alert') &&
         ($env{'request.course.id'})) {
         foreach my $key (keys(%live_courses)) {
             if ($key ne $env{'request.course.id'}) {
@@ -5075,7 +5102,7 @@ sub blockcheck {
                                                                 $tdom,$spec,$trest,$area);
                         }
                     }
-                    my ($author,$adv) = &Apache::lonnet::set_userprivs(\%userroles,\%allroles);
+                    my ($author,$adv,$rar) = &Apache::lonnet::set_userprivs(\%userroles,\%allroles);
                     if ($userroles{'user.priv.'.$checkrole} =~ /evb\&([^\:]*)/) {
                         if ($1) {
                             $no_userblock = 1;
@@ -5097,9 +5124,9 @@ sub blockcheck {
                  ($env{'request.role'} !~ m{^st\./\Q$cdom\E/\Q$cnum\E}));
         next if ($no_userblock);
 
-        # Retrieve blocking times and identity of locker for course
+        # Retrieve blocking times and identity of blocker for course
         # of specified user, unless user has 'evb' privilege.
-        
+
         my ($start,$end,$trigger) = 
             &get_blocks($setters,$activity,$cdom,$cnum,$url);
         if (($start != 0) && 
@@ -5186,13 +5213,19 @@ sub get_blocks {
                 my $end = $start + $env{'course.'.$cdom.'_'.$cnum.'.timerinterval.'.$timersymb}; 
                 if ($start && $end) {
                     if (($start <= time) && ($end >= time)) {
-                        unless (grep(/^\Q$block\E$/,@blockers)) {
-                            push(@blockers,$block);
-                            $triggered{$block} = {
-                                                   start => $start,
-                                                   end   => $end,
-                                                   type  => $type,
-                                                 };
+                        if (ref($commblocks{$block}) eq 'HASH') {
+                            if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {
+                                if ($commblocks{$block}{'blocks'}{$activity} eq 'on') {
+                                    unless(grep(/^\Q$block\E$/,@blockers)) {
+                                        push(@blockers,$block);
+                                        $triggered{$block} = {
+                                                               start => $start,
+                                                               end   => $end,
+                                                               type  => $type,
+                                                             };
+                                    }
+                                }
+                            }
                         }
                     }
                 }
@@ -5302,6 +5335,10 @@ END_MYBLOCK
         $text = &mt('Printing Blocked');
     } elsif ($activity eq 'passwd') {
         $text = &mt('Password Changing Blocked');
+    } elsif ($activity eq 'alert') {
+        $text = &mt('Checking Critical Messages Blocked');
+    } elsif ($activity eq 'reinit') {
+        $text = &mt('Checking Course Update Blocked');
     }
     $output .= <<"END_BLOCK";
 <div class='$class'>
@@ -5809,6 +5846,10 @@ Inputs:
 
 =item * $args, optional argument valid values are
             no_auto_mt_title -> prevents &mt()ing the title arg
+            use_absolute     -> for external resource or syllabus, this will
+                                contain https://<hostname> if server uses
+                                https (as per hosts.tab), but request is for http
+            hostname         -> hostname, from $r->hostname().
 
 =item * $advtoolsref, optional argument, ref to an array containing
             inlineremote items to be added in "Functions" menu below
@@ -5834,6 +5875,7 @@ sub bodytag {
     }
     if (!$args->{'no_auto_mt_title'}) { $title = &mt($title); }
     my $httphost = $args->{'use_absolute'};
+    my $hostname = $args->{'hostname'};
 
     $function = &get_users_function() if (!$function);
     my $img =    &designparm($function.'.img',$domain);
@@ -5862,7 +5904,11 @@ sub bodytag {
         if ($env{'request.role'} !~ /^cr/) {
             $role = &Apache::lonnet::plaintext($role,&course_type());
         } elsif ($role =~ m{^cr/($match_domain)/\1-domainconfig/(\w+)$}) {
-            $role = &mt('Helpdesk[_1]','&nbsp;'.$2); 
+            if ($env{'request.role.desc'}) {
+                $role = $env{'request.role.desc'};
+            } else {
+                $role = &mt('Helpdesk[_1]','&nbsp;'.$2);
+            }
         } else {
             $role = (split(/\//,$role,4))[-1]; 
         }
@@ -5958,17 +6004,18 @@ sub bodytag {
             $bodytag .= Apache::lonhtmlcommon::scripttag('', 'end');
             if ($env{'request.state'} eq 'construct') {
                 $bodytag .= &Apache::lonmenu::innerregister($forcereg,
-                                $args->{'bread_crumbs'});
+                                $args->{'bread_crumbs'},'','',$hostname);
             } elsif ($forcereg) {
                 $bodytag .= &Apache::lonmenu::innerregister($forcereg,undef,
                                                             $args->{'group'},
-                                                            $args->{'hide_buttons'});
+                                                            $args->{'hide_buttons'},
+                                                            $hostname);
             } else {
                 $bodytag .= 
                     &Apache::lonmenu::prepare_functions($env{'request.noversionuri'},
                                                         $forcereg,$args->{'group'},
                                                         $args->{'bread_crumbs'},
-                                                        $advtoolsref);
+                                                        $advtoolsref,'',$hostname);
             }
         }else{
             # this is to seperate menu from content when there's no secondary
@@ -6430,6 +6477,11 @@ td.LC_menubuttons_text {
   background: $tabbg;
 }
 
+td.LC_zero_height {
+  line-height: 0; 
+  cellpadding: 0;
+}
+
 table.LC_data_table {
   border: 1px solid #000000;
   border-collapse: separate;
@@ -6751,6 +6803,12 @@ td.LC_parm_overview_restrictions  {
   border-collapse: collapse;
 }
 
+span.LC_parm_recursive,
+td.LC_parm_recursive {
+  font-weight: bold;
+  font-size: smaller;
+}
+
 table.LC_parm_overview_restrictions td {
   border-width: 1px 4px 1px 4px;
   border-style: solid;
@@ -7102,6 +7160,12 @@ table.LC_data_table tr > td.LC_docs_entr
   color: #990000;
 }
 
+.LC_docs_alias {
+  color: #440055;  
+}
+
+.LC_domprefs_email,
+.LC_docs_alias_name,
 .LC_docs_reinit_warn,
 .LC_docs_ext_edit {
   font-size: x-small;
@@ -8122,6 +8186,39 @@ section.role-warning>h1:before {
   content:url('/adm/daxe/images/section_icons/warning.png');
 }
 
+#LC_minitab_header {
+  float:left;
+  width:100%;
+  background:#DAE0D2 url("/res/adm/pages/minitabmenu_bg.gif") repeat-x bottom;
+  font-size:93%;
+  line-height:normal;
+  margin: 0.5em 0 0.5em 0;
+}
+#LC_minitab_header ul {
+  margin:0;
+  padding:10px 10px 0;
+  list-style:none;
+}
+#LC_minitab_header li {
+  float:left;
+  background:url("/res/adm/pages/minitabmenu_left.gif") no-repeat left top;
+  margin:0;
+  padding:0 0 0 9px;
+}
+#LC_minitab_header a {
+  display:block;
+  background:url("/res/adm/pages/minitabmenu_right.gif") no-repeat right top;
+  padding:5px 15px 4px 6px;
+}
+#LC_minitab_header #LC_current_minitab {
+  background-image:url("/res/adm/pages/minitabmenu_left_on.gif");
+}
+#LC_minitab_header #LC_current_minitab a {
+  background-image:url("/res/adm/pages/minitabmenu_right_on.gif");
+  padding-bottom:5px;
+}
+
+
 END
 }
 
@@ -8314,6 +8411,7 @@ OFFLOAD
 <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=0, minimum-scale=1.0, maximum-scale=1.0">
 <meta name="apple-mobile-web-app-capable" content="yes" />';
     }
+    $result .= '<meta name="google" content="notranslate" />'."\n";
     return $result.'</head>';
 }
 
@@ -8493,8 +8591,14 @@ $args - additional optional args support
              no_auto_mt_title -> prevent &mt()ing the title arg
              bread_crumbs ->             Array containing breadcrumbs
              bread_crumbs_component ->  if exists show it as headline else show only the breadcrumbs
+             bread_crumbs_nomenu -> if true will pass false as the value of $menulink
+                                    to lonhtmlcommon::breadcrumbs
              group          -> includes the current group, if page is for a 
-                               specific group  
+                               specific group
+             use_absolute   -> for request for external resource or syllabus, this
+                               will contain https://<hostname> if server uses
+                               https (as per hosts.tab), but request is for http
+             hostname       -> hostname, originally from $r->hostname(), (optional).
 
 =back
 
@@ -8558,15 +8662,21 @@ sub start_page {
                 if (@advtools > 0) {
                     &Apache::lonmenu::advtools_crumbs(@advtools);
                 }
-
+                my $menulink;
+                # if arg: bread_crumbs_nomenu is true pass 0 as $menulink item.
+                if ((exists($args->{'bread_crumbs_nomenu'})) ||
+                     ((($args->{'crstype'} eq 'Placement') || (($env{'request.course.id'}) &&
+                     ($env{'course.'.$env{'request.course.id'}.'.type'} eq 'Placement'))) &&
+                     (!$env{'request.role.adv'}))) {
+                    $menulink = 0;
+                } else {
+                    undef($menulink);
+                }
 		#if bread_crumbs_component exists show it as headline else show only the breadcrumbs
 		if(exists($args->{'bread_crumbs_component'})){
-			$result .= &Apache::lonhtmlcommon::breadcrumbs($args->{'bread_crumbs_component'});
-		} elsif ($args->{'crstype'} eq 'Placement') {
-			$result .= &Apache::lonhtmlcommon::breadcrumbs('','','','','','','','','',
-                                                                       $args->{'crstype'});
+			$result .= &Apache::lonhtmlcommon::breadcrumbs($args->{'bread_crumbs_component'},'',$menulink);
                 } else {
-			$result .= &Apache::lonhtmlcommon::breadcrumbs();
+			$result .= &Apache::lonhtmlcommon::breadcrumbs('','',$menulink);
 		}
     }
     return $result;
@@ -8792,8 +8902,9 @@ sub end_togglebox {
 }
 
 sub LCprogressbar_script {
-   my ($id)=@_;
-   return(<<ENDPROGRESS);
+   my ($id,$number_to_do)=@_;
+   if ($number_to_do) {
+       return(<<ENDPROGRESS);
 <script type="text/javascript">
 // <![CDATA[
 \$('#progressbar$id').progressbar({
@@ -8806,21 +8917,43 @@ sub LCprogressbar_script {
 // ]]>
 </script>
 ENDPROGRESS
+   } else {
+       return(<<ENDPROGRESS);
+<script type="text/javascript">
+// <![CDATA[
+\$('#progressbar$id').progressbar({
+  value: false,
+  create: function(event, ui) {
+    \$('.ui-widget-header', this).css({'background':'#F0F0F0'});
+    \$('.ui-progressbar-overlay', this).css({'margin':'0'});
+  }
+});
+// ]]>
+</script>
+ENDPROGRESS
+   }
 }
 
 sub LCprogressbarUpdate_script {
    return(<<ENDPROGRESSUPDATE);
 <style type="text/css">
 .ui-progressbar { position:relative; }
+.progress-label {position: absolute; width: 100%; text-align: center; top: 1px; font-weight: bold; text-shadow: 1px 1px 0 #fff;margin: 0; line-height: 200%; }
 .pblabel { position: absolute; width: 100%; text-align: center; line-height: 1.9em; }
 </style>
 <script type="text/javascript">
 // <![CDATA[
 var LCprogressTxt='---';
 
-function LCupdateProgress(percent,progresstext,id) {
+function LCupdateProgress(percent,progresstext,id,maxnum) {
    LCprogressTxt=progresstext;
-   \$('#progressbar'+id).progressbar('value',percent);
+   if ((maxnum == '') || (maxnum == undefined) || (maxnum == null)) {
+       \$('#progressbar'+id).find('.progress-label').text(LCprogressTxt);
+   } else if (percent === \$('#progressbar'+id).progressbar( "value" )) {
+       \$('#progressbar'+id).find('.pblabel').text(LCprogressTxt);
+   } else {
+       \$('#progressbar'+id).progressbar('value',percent);
+   }
 }
 // ]]>
 </script>
@@ -8832,37 +8965,54 @@ my $LCidcnt;
 my $LCcurrentid;
 
 sub LCprogressbar {
-    my ($r)=(@_);
+    my ($r,$number_to_do,$preamble)=@_;
     $LClastpercent=0;
     $LCidcnt++;
     $LCcurrentid=$$.'_'.$LCidcnt;
-    my $starting=&mt('Starting');
-    my $content=(<<ENDPROGBAR);
+    my ($starting,$content);
+    if ($number_to_do) {
+        $starting=&mt('Starting');
+        $content=(<<ENDPROGBAR);
+$preamble
   <div id="progressbar$LCcurrentid">
     <span class="pblabel">$starting</span>
   </div>
 ENDPROGBAR
-    &r_print($r,$content.&LCprogressbar_script($LCcurrentid));
+    } else {
+        $starting=&mt('Loading...');
+        $LClastpercent='false';
+        $content=(<<ENDPROGBAR);
+$preamble
+  <div id="progressbar$LCcurrentid">
+      <div class="progress-label">$starting</div>
+  </div>
+ENDPROGBAR
+    }
+    &r_print($r,$content.&LCprogressbar_script($LCcurrentid,$number_to_do));
 }
 
 sub LCprogressbarUpdate {
-    my ($r,$val,$text)=@_;
-    unless ($val) { 
-       if ($LClastpercent) {
-           $val=$LClastpercent;
-       } else {
-           $val=0;
-       }
+    my ($r,$val,$text,$number_to_do)=@_;
+    if ($number_to_do) {
+        unless ($val) { 
+            if ($LClastpercent) {
+                $val=$LClastpercent;
+            } else {
+                $val=0;
+            }
+        }
+        if ($val<0) { $val=0; }
+        if ($val>100) { $val=0; }
+        $LClastpercent=$val;
+        unless ($text) { $text=$val.'%'; }
+    } else {
+        $val = 'false';
     }
-    if ($val<0) { $val=0; }
-    if ($val>100) { $val=0; }
-    $LClastpercent=$val;
-    unless ($text) { $text=$val.'%'; }
     $text=&js_ready($text);
     &r_print($r,<<ENDUPDATE);
 <script type="text/javascript">
 // <![CDATA[
-LCupdateProgress($val,'$text','$LCcurrentid');
+LCupdateProgress($val,'$text','$LCcurrentid','$number_to_do');
 // ]]>
 </script>
 ENDUPDATE
@@ -9047,14 +9197,21 @@ function expand_div(caller) {
 
 sub simple_error_page {
     my ($r,$title,$msg,$args) = @_;
+    my %displayargs;
     if (ref($args) eq 'HASH') {
         if (!$args->{'no_auto_mt_msg'}) { $msg = &mt($msg); }
+        if ($args->{'only_body'}) {
+            $displayargs{'only_body'} = 1;
+        }
+        if ($args->{'no_nav_bar'}) {
+            $displayargs{'no_nav_bar'} = 1;
+        }
     } else {
         $msg = &mt($msg);
     }
 
     my $page =
-	&Apache::loncommon::start_page($title).
+	&Apache::loncommon::start_page($title,'',\%displayargs).
 	'<p class="LC_error">'.$msg.'</p>'.
 	&Apache::loncommon::end_page();
     if (ref($r)) {
@@ -9982,7 +10139,7 @@ sub get_secgrprole_info {
 }
 
 sub user_picker {
-    my ($dom,$srch,$forcenewuser,$caller,$cancreate,$usertype,$context,$fixeddom) = @_;
+    my ($dom,$srch,$forcenewuser,$caller,$cancreate,$usertype,$context,$fixeddom,$noinstd) = @_;
     my $currdom = $dom;
     my @alldoms = &Apache::lonnet::all_domains();
     if (@alldoms == 1) {
@@ -10047,10 +10204,21 @@ sub user_picker {
     &html_escape(\%html_lt);
     &js_escape(\%js_lt);
     my $domform;
+    my $allow_blank = 1;
     if ($fixeddom) {
-        $domform = &select_dom_form($currdom,'srchdomain',1,1,undef,[$currdom]);
+        $allow_blank = 0;
+        $domform = &select_dom_form($currdom,'srchdomain',$allow_blank,1,undef,[$currdom]);
     } else {
-        $domform = &select_dom_form($currdom,'srchdomain',1,1);
+        my $defdom = $env{'request.role.domain'};
+        my ($trusted,$untrusted);
+        if (($context eq 'requestcrs') || ($context eq 'course')) {
+            ($trusted,$untrusted) = &Apache::lonnet::trusted_domains('enroll',$defdom);
+        } elsif ($context eq 'author') {
+            ($trusted,$untrusted) = &Apache::lonnet::trusted_domains('othcoau',$defdom);
+        } elsif ($context eq 'domain') {
+            ($trusted,$untrusted) = &Apache::lonnet::trusted_domains('domroles',$defdom);
+        }
+        $domform = &select_dom_form($currdom,'srchdomain',$allow_blank,1,undef,$trusted,$untrusted);
     }
     my $srchinsel = ' <select name="srchin">';
 
@@ -10063,6 +10231,7 @@ sub user_picker {
         next if ($option eq 'alc');
         next if (($option eq 'crs') && ($env{'form.form'} eq 'requestcrs'));  
         next if ($option eq 'crs' && !$env{'request.course.id'});
+        next if (($option eq 'instd') && ($noinstd));
         if ($curr_selected{'srchin'} eq $option) {
             $srchinsel .= ' 
    <option value="'.$option.'" selected="selected">'.$html_lt{$option}.'</option>';
@@ -12483,6 +12652,18 @@ sub decompress_uploaded_file {
 
 sub process_decompression {
     my ($docudom,$docuname,$file,$destination,$dir_root,$hiddenelem) = @_;
+    unless (($dir_root eq '/userfiles') && ($destination =~ m{^(docs|supplemental)/(default|\d+)/\d+$})) {
+        return '<p class="LC_error">'.&mt('Not extracted.').'<br />'.
+               &mt('Unexpected file path.').'</p>'."\n";
+    }
+    unless (($docudom =~ /^$match_domain$/) && ($docuname =~ /^$match_courseid$/)) {
+        return '<p class="LC_error">'.&mt('Not extracted.').'<br />'.
+               &mt('Unexpected course context.').'</p>'."\n";
+    }
+    unless ($file eq &Apache::lonnet::clean_filename($file)) {
+        return '<p class="LC_error">'.&mt('Not extracted.').'<br />'.
+               &mt('Filename contained unexpected characters.').'</p>'."\n";
+    }
     my ($dir,$error,$warning,$output);
     if ($file !~ /\.(zip|tar|bz2|gz|tar.gz|tar.bz2|tgz)$/i) {
         $error = &mt('Filename not a supported archive file type.').
@@ -12517,30 +12698,44 @@ sub process_decompression {
                 }
             }
             my $numskip = scalar(@to_skip);
-            if (($numskip > 0) && 
-                ($numskip == $env{'form.archive_itemcount'})) {
+            my $numoverwrite = scalar(@to_overwrite);
+            if (($numskip) && (!$numoverwrite)) { 
                 $warning = &mt('All items in the archive file already exist, and no overwriting of existing files has been requested.');         
             } elsif ($dir eq '') {
                 $error = &mt('Directory containing archive file unavailable.');
             } elsif (!$error) {
                 my ($decompressed,$display);
-                if ($numskip > 0) {
+                if (($numskip) || ($numoverwrite)) {
                     my $tempdir = time.'_'.$$.int(rand(10000));
                     mkdir("$dir/$tempdir",0755);
-                    system("mv $dir/$file $dir/$tempdir/$file");
-                    ($decompressed,$display) = 
-                        &decompress_uploaded_file($file,"$dir/$tempdir");
-                    foreach my $item (@to_skip) {
-                        if (($item ne '') && ($item !~ /\.\./)) {
-                            if (-f "$dir/$tempdir/$item") { 
-                                unlink("$dir/$tempdir/$item");
-                            } elsif (-d "$dir/$tempdir/$item") {
-                                system("rm -rf $dir/$tempdir/$item");
+                    if (&File::Copy::move("$dir/$file","$dir/$tempdir/$file")) {
+                        ($decompressed,$display) = 
+                            &decompress_uploaded_file($file,"$dir/$tempdir");
+                        foreach my $item (@to_skip) {
+                            if (($item ne '') && ($item !~ /\.\./)) {
+                                if (-f "$dir/$tempdir/$item") { 
+                                    unlink("$dir/$tempdir/$item");
+                                } elsif (-d "$dir/$tempdir/$item") {
+                                    &File::Path::remove_tree("$dir/$tempdir/$item",{ safe => 1 });
+                                }
+                            }
+                        }
+                        foreach my $item (@to_overwrite) {
+                            if ((-e "$dir/$tempdir/$item") && (-e "$dir/$item")) {
+                                if (($item ne '') && ($item !~ /\.\./)) {
+                                    if (-f "$dir/$item") {
+                                        unlink("$dir/$item");
+                                    } elsif (-d "$dir/$item") {
+                                        &File::Path::remove_tree("$dir/$item",{ safe => 1 });
+                                    }
+                                    &File::Copy::move("$dir/$tempdir/$item","$dir/$item");
+                                }
                             }
                         }
+                        if (&File::Copy::move("$dir/$tempdir/$file","$dir/$file")) {
+                            &File::Path::remove_tree("$dir/$tempdir",{ safe => 1 });
+                        }
                     }
-                    system("mv $dir/$tempdir/* $dir");
-                    rmdir("$dir/$tempdir");   
                 } else {
                     ($decompressed,$display) = 
                         &decompress_uploaded_file($file,$dir);
@@ -12558,8 +12753,7 @@ sub process_decompression {
                     if (ref($newdirlistref) eq 'ARRAY') {
                         foreach my $dir_line (@{$newdirlistref}) {
                             my ($item,undef,undef,$testdir)=split(/\&/,$dir_line,5);
-                            unless (($item =~ /^\.+$/) || ($item eq $file) || 
-                                    ((@to_skip > 0) && (grep(/^\Q$item\E$/,@to_skip)))) {
+                            unless (($item =~ /^\.+$/) || ($item eq $file)) {
                                 push(@newitems,$item);
                                 if ($dirptr&$testdir) {
                                     $is_dir{$item} = 1;
@@ -13044,7 +13238,7 @@ END
 sub process_extracted_files {
     my ($context,$docudom,$docuname,$destination,$dir_root,$hiddenelem) = @_;
     my $numitems = $env{'form.archive_count'};
-    return unless ($numitems);
+    return if ((!$numitems) || ($numitems =~ /\D/));
     my @ids=&Apache::lonnet::current_machine_ids();
     my ($prefix,$pathtocheck,$dir,$ishome,$error,$warning,%toplevelitems,%is_dir,
         %folders,%containers,%mapinner,%prompttofetch);
@@ -13057,7 +13251,7 @@ sub process_extracted_files {
     } else {
         $prefix = $Apache::lonnet::perlvar{'lonDocRoot'};
         $pathtocheck = "$dir_root/$docudom/$docuname/$destination";
-        $dir = "$dir_root/$docudom/$docuname";    
+        $dir = "$dir_root/$docudom/$docuname";
     }
     my $currdir = "$dir_root/$destination";
     (my $docstype,$mapinner{'0'}) = ($destination =~ m{^(docs|supplemental)/(\w+)/});
@@ -13146,7 +13340,9 @@ sub process_extracted_files {
                                                         '.'.$containers{$outer},1,1);
                             $newseqid{$i} = $newidx;
                             unless ($errtext) {
-                                $result .=  '<li>'.&mt('Folder: [_1] added to course',$docstitle).'</li>'."\n";
+                                $result .=  '<li>'.&mt('Folder: [_1] added to course',
+                                                       &HTML::Entities::encode($docstitle,'<>&"')).
+                                            '</li>'."\n";
                             }
                         }
                     } else {
@@ -13155,38 +13351,47 @@ sub process_extracted_files {
                             my $url = '/uploaded/'.$docudom.'/'.$docuname.'/'.
                                       $docstype.'/'.$mapinner{$outer}.'/'.$newidx.'/'.
                                       $title;
-                            if (!-e "$prefix$dir/$docstype/$mapinner{$outer}") {
-                                mkdir("$prefix$dir/$docstype/$mapinner{$outer}",0755);
-                            }
-                            if (!-e "$prefix$dir/$docstype/$mapinner{$outer}/$newidx") {
-                                mkdir("$prefix$dir/$docstype/$mapinner{$outer}/$newidx");
-                            }
-                            if (-e "$prefix$dir/$docstype/$mapinner{$outer}/$newidx") {
-                                system("mv $prefix$path $prefix$dir/$docstype/$mapinner{$outer}/$newidx/$title");
-                                $newdest{$i} = "$prefix$dir/$docstype/$mapinner{$outer}/$newidx";
-                                unless ($ishome) {
-                                    my $fetch = "$newdest{$i}/$title";
-                                    $fetch =~ s/^\Q$prefix$dir\E//;
-                                    $prompttofetch{$fetch} = 1;
+                            if (($outer !~ /\D/) && ($mapinner{$outer} !~ /\D/) && ($newidx !~ /\D/)) {
+                                if (!-e "$prefix$dir/$docstype/$mapinner{$outer}") {
+                                    mkdir("$prefix$dir/$docstype/$mapinner{$outer}",0755);
                                 }
-                            }
-                            $LONCAPA::map::resources[$newidx]=
-                                $docstitle.':'.$url.':false:normal:res';
-                            push(@LONCAPA::map::order, $newidx);
-                            my ($outtext,$errtext)=
-                                &LONCAPA::map::storemap('/uploaded/'.$docudom.'/'.
-                                                        $docuname.'/'.$folders{$outer}.
-                                                        '.'.$containers{$outer},1,1);
-                            unless ($errtext) {
-                                if (-e "$prefix$dir/$docstype/$mapinner{$outer}/$newidx/$title") {
-                                    $result .= '<li>'.&mt('File: [_1] added to course',$docstitle).'</li>'."\n";
+                                if (!-e "$prefix$dir/$docstype/$mapinner{$outer}/$newidx") {
+                                    mkdir("$prefix$dir/$docstype/$mapinner{$outer}/$newidx");
+                                }
+                                if (-e "$prefix$dir/$docstype/$mapinner{$outer}/$newidx") {
+                                    if (rename("$prefix$path","$prefix$dir/$docstype/$mapinner{$outer}/$newidx/$title")) {
+                                        $newdest{$i} = "$prefix$dir/$docstype/$mapinner{$outer}/$newidx";
+                                        unless ($ishome) {
+                                            my $fetch = "$newdest{$i}/$title";
+                                            $fetch =~ s/^\Q$prefix$dir\E//;
+                                            $prompttofetch{$fetch} = 1;
+                                        }
+                                    }
                                 }
+                                $LONCAPA::map::resources[$newidx]=
+                                    $docstitle.':'.$url.':false:normal:res';
+                                push(@LONCAPA::map::order, $newidx);
+                                my ($outtext,$errtext)=
+                                    &LONCAPA::map::storemap('/uploaded/'.$docudom.'/'.
+                                                            $docuname.'/'.$folders{$outer}.
+                                                            '.'.$containers{$outer},1,1);
+                                unless ($errtext) {
+                                    if (-e "$prefix$dir/$docstype/$mapinner{$outer}/$newidx/$title") {
+                                        $result .= '<li>'.&mt('File: [_1] added to course',
+                                                              &HTML::Entities::encode($docstitle,'<>&"')).
+                                                   '</li>'."\n";
+                                    }
+                                }
+                            } else {
+                                $warning .= &mt('Item extracted from archive: [_1] has unexpected path.',
+                                                &HTML::Entities::encode($path,'<>&"')).'<br />';
                             }
                         }
                     }
                 }
             } else {
-                $warning .= &mt('Item extracted from archive: [_1] has unexpected path.',$path).'<br />'; 
+                $warning .= &mt('Item extracted from archive: [_1] has unexpected path.',
+                                &HTML::Entities::encode($path,'<>&"')).'<br />'; 
             }
         }
         for (my $i=1; $i<=$numitems; $i++) {
@@ -13247,7 +13452,9 @@ sub process_extracted_files {
                         }
                         if ($fullpath ne '') {
                             if (-e "$prefix$path") {
-                                system("mv $prefix$path $fullpath/$title");
+                                unless (rename("$prefix$path","$fullpath/$title")) {
+                                     $warning .= &mt('Failed to rename dependency').'<br />';
+                                }
                             }
                             if (-e "$fullpath/$title") {
                                 my $showpath;
@@ -13256,21 +13463,26 @@ sub process_extracted_files {
                                 } else {
                                     $showpath = "/$title";
                                 } 
-                                $result .= '<li>'.&mt('[_1] included as a dependency',$showpath).'</li>'."\n";
-                            } 
-                            unless ($ishome) {
-                                my $fetch = "$fullpath/$title";
-                                $fetch =~ s/^\Q$prefix$dir\E//; 
-                                $prompttofetch{$fetch} = 1;
+                                $result .= '<li>'.&mt('[_1] included as a dependency',
+                                                      &HTML::Entities::encode($showpath,'<>&"')).
+                                           '</li>'."\n";
+                                unless ($ishome) {
+                                    my $fetch = "$fullpath/$title";
+                                    $fetch =~ s/^\Q$prefix$dir\E//; 
+                                    $prompttofetch{$fetch} = 1;
+                                }
                             }
                         }
                     }
                 } elsif ($env{'form.archive_'.$referrer{$i}} eq 'discard') {
                     $warning .= &mt('[_1] is a dependency of [_2], which was discarded.',
-                                    $path,$env{'form.archive_content_'.$referrer{$i}}).'<br />';
+                                    &HTML::Entities::encode($path,'<>&"'),
+                                    &HTML::Entities::encode($env{'form.archive_content_'.$referrer{$i}},'<>&"')).
+                                '<br />';
                 }
             } else {
-                $warning .= &mt('Item extracted from archive: [_1] has unexpected path.',$path).'<br />'; 
+                $warning .= &mt('Item extracted from archive: [_1] has unexpected path.',
+                                &HTML::Entities::encode($path)).'<br />';
             }
         }
         if (keys(%todelete)) {
@@ -13544,8 +13756,11 @@ sub upfile_store {
     $env{'form.upfile'}=~s/\n+/\n/gs;
     $env{'form.upfile'}=~s/\n+$//gs;
 
-    my $datatoken=$env{'user.name'}.'_'.$env{'user.domain'}.
-	'_enroll_'.$env{'request.course.id'}.'_'.time.'_'.$$;
+    my $datatoken = &valid_datatoken($env{'user.name'}.'_'.$env{'user.domain'}.
+                                     '_enroll_'.$env{'request.course.id'}.'_'.
+                                     time.'_'.$$);
+    return if ($datatoken eq '');
+
     {
         my $datafile = $r->dir_config('lonDaemons').
                            '/tmp/'.$datatoken.'.tmp';
@@ -13559,20 +13774,21 @@ sub upfile_store {
 
 =pod
 
-=item * &load_tmp_file($r)
+=item * &load_tmp_file($r,$datatoken)
 
 Load uploaded file from tmp, $r should be the HTTP Request object,
-needs $env{'form.datatoken'},
+$datatoken is the name to assign to the temporary file.
 sets $env{'form.upfile'} to the contents of the file
 
 =cut
 
 sub load_tmp_file {
-    my $r=shift;
+    my ($r,$datatoken) = @_;
+    return if ($datatoken eq '');
     my @studentdata=();
     {
         my $studentfile = $r->dir_config('lonDaemons').
-                              '/tmp/'.$env{'form.datatoken'}.'.tmp';
+                              '/tmp/'.$datatoken.'.tmp';
         if ( open(my $fh,"<$studentfile") ) {
             @studentdata=<$fh>;
             close($fh);
@@ -13581,6 +13797,14 @@ sub load_tmp_file {
     $env{'form.upfile'}=join('',@studentdata);
 }
 
+sub valid_datatoken {
+    my ($datatoken) = @_;
+    if ($datatoken =~ /^$match_username\_$match_domain\_enroll_$match_domain\_$match_courseid\_\d+_\d+$/) {
+        return $datatoken;
+    }
+    return;
+}
+
 =pod
 
 =item * &upfile_record_sep()
@@ -14467,7 +14691,14 @@ requestsmail, updatesmail, or idconflict
 defdom (domain for which to retrieve configuration settings),
 
 origmail (scalar - email address of recipient from loncapa.conf, 
-i.e., predates configuration by DC via domainprefs.pm 
+i.e., predates configuration by DC via domainprefs.pm
+
+$requname username of requester (if mailing type is helpdeskmail)
+
+$requdom domain of requester (if mailing type is helpdeskmail)
+
+$reqemail e-mail address of requester (if mailing type is helpdeskmail)
+
 
 Returns: comma separated list of addresses to which to send e-mail.
 
@@ -14478,11 +14709,11 @@ Returns: comma separated list of address
 ############################################################
 ############################################################
 sub build_recipient_list {
-    my ($defmail,$mailing,$defdom,$origmail) = @_;
+    my ($defmail,$mailing,$defdom,$origmail,$requname,$requdom,$reqemail) = @_;
     my @recipients;
-    my $otheremails;
+    my ($otheremails,$lastresort,$allbcc,$addtext);
     my %domconfig =
-         &Apache::lonnet::get_dom('configuration',['contacts'],$defdom);
+        &Apache::lonnet::get_dom('configuration',['contacts'],$defdom);
     if (ref($domconfig{'contacts'}) eq 'HASH') {
         if (exists($domconfig{'contacts'}{$mailing})) {
             if (ref($domconfig{'contacts'}{$mailing}) eq 'HASH') {
@@ -14494,14 +14725,183 @@ sub build_recipient_list {
                             push(@recipients,$addr);
                         }
                     }
-                    $otheremails = $domconfig{'contacts'}{$mailing}{'others'};
+                }
+                $otheremails = $domconfig{'contacts'}{$mailing}{'others'};
+                if ($mailing eq 'helpdeskmail') {
+                    if ($domconfig{'contacts'}{$mailing}{'bcc'}) {
+                        my @bccs = split(/,/,$domconfig{'contacts'}{$mailing}{'bcc'});
+                        my @ok_bccs;
+                        foreach my $bcc (@bccs) {
+                            $bcc =~ s/^\s+//g;
+                            $bcc =~ s/\s+$//g;
+                            if ($bcc =~ m/^[^\@]+\@[^\@]+$/) {
+                                if (!(grep(/^\Q$bcc\E$/,@ok_bccs))) {
+                                    push(@ok_bccs,$bcc);
+                                }
+                            }
+                        }
+                        if (@ok_bccs > 0) {
+                            $allbcc = join(', ',@ok_bccs);
+                        }
+                    }
+                    $addtext = $domconfig{'contacts'}{$mailing}{'include'};
                 }
             }
         } elsif ($origmail ne '') {
-            push(@recipients,$origmail);
+            $lastresort = $origmail;
+        }
+        if ($mailing eq 'helpdeskmail') {
+            if ((ref($domconfig{'contacts'}{'overrides'}) eq 'HASH') &&
+                (keys(%{$domconfig{'contacts'}{'overrides'}}))) {
+                my ($inststatus,$inststatus_checked);
+                if (($env{'user.name'} ne '') && ($env{'user.domain'} ne '') &&
+                    ($env{'user.domain'} ne 'public')) {
+                    $inststatus_checked = 1;
+                    $inststatus = $env{'environment.inststatus'};
+                }
+                unless ($inststatus_checked) {
+                    if (($requname ne '') && ($requdom ne '')) {
+                        if (($requname =~ /^$match_username$/) &&
+                            ($requdom =~ /^$match_domain$/) &&
+                            (&Apache::lonnet::domain($requdom))) {
+                            my $requhome = &Apache::lonnet::homeserver($requname,
+                                                                      $requdom);
+                            unless ($requhome eq 'no_host') {
+                                my %userenv = &Apache::lonnet::userenvironment($requdom,$requname,'inststatus');
+                                $inststatus = $userenv{'inststatus'};
+                                $inststatus_checked = 1;
+                            }
+                        }
+                    }
+                }
+                unless ($inststatus_checked) {
+                    if ($reqemail =~ /^[^\@]+\@[^\@]+$/) {
+                        my %srch = (srchby     => 'email',
+                                    srchdomain => $defdom,
+                                    srchterm   => $reqemail,
+                                    srchtype   => 'exact');
+                        my %srch_results = &Apache::lonnet::usersearch(\%srch);
+                        foreach my $uname (keys(%srch_results)) {
+                            if (ref($srch_results{$uname}{'inststatus'}) eq 'ARRAY') {
+                                $inststatus = join(',',@{$srch_results{$uname}{'inststatus'}});
+                                $inststatus_checked = 1;
+                                last;
+                            }
+                        }
+                        unless ($inststatus_checked) {
+                            my ($dirsrchres,%srch_results) = &Apache::lonnet::inst_directory_query(\%srch);
+                            if ($dirsrchres eq 'ok') {
+                                foreach my $uname (keys(%srch_results)) {
+                                    if (ref($srch_results{$uname}{'inststatus'}) eq 'ARRAY') {
+                                        $inststatus = join(',',@{$srch_results{$uname}{'inststatus'}});
+                                        $inststatus_checked = 1;
+                                        last;
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+                if ($inststatus ne '') {
+                    foreach my $status (split(/\:/,$inststatus)) {
+                        if (ref($domconfig{'contacts'}{'overrides'}{$status}) eq 'HASH') {
+                            my @contacts = ('adminemail','supportemail');
+                            foreach my $item (@contacts) {
+                                if ($domconfig{'contacts'}{'overrides'}{$status}{$item}) {
+                                    my $addr = $domconfig{'contacts'}{'overrides'}{$status};
+                                    if (!grep(/^\Q$addr\E$/,@recipients)) {
+                                        push(@recipients,$addr);
+                                    }
+                                }
+                            }
+                            $otheremails = $domconfig{'contacts'}{'overrides'}{$status}{'others'};
+                            if ($domconfig{'contacts'}{'overrides'}{$status}{'bcc'}) {
+                                my @bccs = split(/,/,$domconfig{'contacts'}{'overrides'}{$status}{'bcc'});
+                                my @ok_bccs;
+                                foreach my $bcc (@bccs) {
+                                    $bcc =~ s/^\s+//g;
+                                    $bcc =~ s/\s+$//g;
+                                    if ($bcc =~ m/^[^\@]+\@[^\@]+$/) {
+                                        if (!(grep(/^\Q$bcc\E$/,@ok_bccs))) {
+                                            push(@ok_bccs,$bcc);
+                                        }
+                                    }
+                                }
+                                if (@ok_bccs > 0) {
+                                    $allbcc = join(', ',@ok_bccs);
+                                }
+                            }
+                            $addtext = $domconfig{'contacts'}{'overrides'}{$status}{'include'};
+                            last;
+                        }
+                    }
+                }
+            }
         }
     } elsif ($origmail ne '') {
-        push(@recipients,$origmail);
+        $lastresort = $origmail;
+    }
+    if (($mailing eq 'helpdeskmail') && ($lastresort ne '')) {
+        unless (grep(/^\Q$defdom\E$/,&Apache::lonnet::current_machine_domains())) {
+            my $lonhost = $Apache::lonnet::perlvar{'lonHostID'};
+            my $machinedom = $Apache::lonnet::perlvar{'lonDefDomain'};
+            my %what = (
+                          perlvar => 1,
+                       );
+            my $primary = &Apache::lonnet::domain($defdom,'primary');
+            if ($primary) {
+                my $gotaddr;
+                my ($result,$returnhash) =
+                    &Apache::lonnet::get_remote_globals($primary,{ perlvar => 1 });
+                if (($result eq 'ok') && (ref($returnhash) eq 'HASH')) {
+                    if ($returnhash->{'lonSupportEMail'} =~ /^[^\@]+\@[^\@]+$/) {
+                        $lastresort = $returnhash->{'lonSupportEMail'};
+                        $gotaddr = 1;
+                    }
+                }
+                unless ($gotaddr) {
+                    my $uintdom = &Apache::lonnet::internet_dom($primary);
+                    my $intdom = &Apache::lonnet::internet_dom($lonhost);
+                    unless ($uintdom eq $intdom) {
+                        my %domconfig =
+                            &Apache::lonnet::get_dom('configuration',['contacts'],$machinedom);
+                        if (ref($domconfig{'contacts'}) eq 'HASH') {
+                            if (ref($domconfig{'contacts'}{'otherdomsmail'}) eq 'HASH') {
+                                my @contacts = ('adminemail','supportemail');
+                                foreach my $item (@contacts) {
+                                    if ($domconfig{'contacts'}{'otherdomsmail'}{$item}) {
+                                        my $addr = $domconfig{'contacts'}{$item};
+                                        if (!grep(/^\Q$addr\E$/,@recipients)) {
+                                            push(@recipients,$addr);
+                                        }
+                                    }
+                                }
+                                if ($domconfig{'contacts'}{'otherdomsmail'}{'others'}) {
+                                    $otheremails = $domconfig{'contacts'}{'otherdomsmail'}{'others'};
+                                }
+                                if ($domconfig{'contacts'}{'otherdomsmail'}{'bcc'}) {
+                                    my @bccs = split(/,/,$domconfig{'contacts'}{'otherdomsmail'}{'bcc'});
+                                    my @ok_bccs;
+                                    foreach my $bcc (@bccs) {
+                                        $bcc =~ s/^\s+//g;
+                                        $bcc =~ s/\s+$//g;
+                                        if ($bcc =~ m/^[^\@]+\@[^\@]+$/) {
+                                            if (!(grep(/^\Q$bcc\E$/,@ok_bccs))) {
+                                                push(@ok_bccs,$bcc);
+                                            }
+                                        }
+                                    }
+                                    if (@ok_bccs > 0) {
+                                        $allbcc = join(', ',@ok_bccs);
+                                    }
+                                }
+                                $addtext = $domconfig{'contacts'}{'otherdomsmail'}{'include'};
+                            }
+                        }
+                    }
+                }
+            }
+        }
     }
     if (defined($defmail)) {
         if ($defmail ne '') {
@@ -14521,8 +14921,21 @@ sub build_recipient_list {
             }
         }
     }
-    my $recipientlist = join(',',@recipients); 
-    return $recipientlist;
+    if ($mailing eq 'helpdeskmail') {
+        if ((!@recipients) && ($lastresort ne '')) {
+            push(@recipients,$lastresort);
+        }
+    } elsif ($lastresort ne '') {
+        if (!grep(/^\Q$lastresort\E$/,@recipients)) {
+            push(@recipients,$lastresort);
+        }
+    }
+    my $recipientlist = join(',',@recipients);
+    if (wantarray) {
+        return ($recipientlist,$allbcc,$addtext);
+    } else {
+        return $recipientlist;
+    }
 }
 
 ############################################################
@@ -15865,8 +16278,6 @@ sub init_user_environment {
 
     my $public=($username eq 'public' && $domain eq 'public');
 
-# See if old ID present, if so, remove
-
     my ($filename,$cookie,$userroles,$firstaccenv,$timerintenv);
     my $now=time;
 
@@ -15888,12 +16299,29 @@ sub init_user_environment {
 	}
 	if (!$cookie) { $cookie="publicuser_$oldest"; }
     } else {
-	# if this isn't a robot, kill any existing non-robot sessions
+	# See if old ID present, if so, remove if this isn't a robot,
+	# killing any existing non-robot sessions
 	if (!$args->{'robot'}) {
 	    opendir(DIR,$lonids);
 	    while ($filename=readdir(DIR)) {
 		if ($filename=~/^$username\_\d+\_$domain\_$authhost\.id$/) {
-		    unlink($lonids.'/'.$filename);
+                    if ($ENV{'SERVER_PORT'} == 443) {
+                        my $linkedfile;
+                        if (tie(my %oldenv,'GDBM_File',"$lonids/$cookie.id",
+                                &GDBM_READER(),0640)) {
+                            if (exists($oldenv{'user.linkedenv'})) {
+                                $linkedfile = $oldenv{'user.linkedenv'};
+                            }
+                            untie(%oldenv);
+                        }
+                        if (unlink($lonids.'/'.$filename)) {
+                            if ($linkedfile =~ /^[a-f0-9]+_linked\.id$/) {
+                                unlink($lonids.'/'.$linkedfile);
+                            }
+                        }
+                    } else {
+                        unlink($lonids.'/'.$filename);
+                    }
 		}
 	    }
 	    closedir(DIR);
@@ -15928,8 +16356,7 @@ sub init_user_environment {
 
     my %userenv = &Apache::lonnet::dump('environment',$domain,$username);
     my ($tmp) = keys(%userenv);
-    if ($tmp !~ /^(con_lost|error|no_such_host)/i) {
-    } else {
+    if ($tmp =~ /^(con_lost|error|no_such_host)/i) {
 	undef(%userenv);
     }
     if (($userenv{'interface'}) && (!$form->{'interface'})) {
@@ -15990,39 +16417,66 @@ sub init_user_environment {
             }
         }
 
-        my %is_adv = ( is_adv => $env{'user.adv'} );
-        my %domdef;
         unless ($domain eq 'public') {
-            %domdef = &Apache::lonnet::get_domain_defaults($domain);
-        }
+            my %is_adv = ( is_adv => $env{'user.adv'} );
+            my %domdef = &Apache::lonnet::get_domain_defaults($domain);
 
-        foreach my $tool ('aboutme','blog','webdav','portfolio') {
-            $userenv{'availabletools.'.$tool} = 
-                &Apache::lonnet::usertools_access($username,$domain,$tool,'reload',
-                                                  undef,\%userenv,\%domdef,\%is_adv);
-        }
+            foreach my $tool ('aboutme','blog','webdav','portfolio') {
+                $userenv{'availabletools.'.$tool} = 
+                    &Apache::lonnet::usertools_access($username,$domain,$tool,'reload',
+                                                      undef,\%userenv,\%domdef,\%is_adv);
+            }
 
-        foreach my $crstype ('official','unofficial','community','textbook','placement') {
-            $userenv{'canrequest.'.$crstype} =
-                &Apache::lonnet::usertools_access($username,$domain,$crstype,
-                                                  'reload','requestcourses',
-                                                  \%userenv,\%domdef,\%is_adv);
-        }
+            foreach my $crstype ('official','unofficial','community','textbook','placement') {
+                $userenv{'canrequest.'.$crstype} =
+                    &Apache::lonnet::usertools_access($username,$domain,$crstype,
+                                                      'reload','requestcourses',
+                                                      \%userenv,\%domdef,\%is_adv);
+            }
 
-        $userenv{'canrequest.author'} =
-            &Apache::lonnet::usertools_access($username,$domain,'requestauthor',
-                                        'reload','requestauthor',
-                                        \%userenv,\%domdef,\%is_adv);
-        my %reqauthor = &Apache::lonnet::get('requestauthor',['author_status','author'],
-                                             $domain,$username);
-        my $reqstatus = $reqauthor{'author_status'};
-        if ($reqstatus eq 'approval' || $reqstatus eq 'approved') { 
-            if (ref($reqauthor{'author'}) eq 'HASH') {
-                $userenv{'requestauthorqueued'} = $reqstatus.':'.
-                                                  $reqauthor{'author'}{'timestamp'};
+            $userenv{'canrequest.author'} =
+                &Apache::lonnet::usertools_access($username,$domain,'requestauthor',
+                                                  'reload','requestauthor',
+                                                  \%userenv,\%domdef,\%is_adv);
+            my %reqauthor = &Apache::lonnet::get('requestauthor',['author_status','author'],
+                                                 $domain,$username);
+            my $reqstatus = $reqauthor{'author_status'};
+            if ($reqstatus eq 'approval' || $reqstatus eq 'approved') { 
+                if (ref($reqauthor{'author'}) eq 'HASH') {
+                    $userenv{'requestauthorqueued'} = $reqstatus.':'.
+                                                      $reqauthor{'author'}{'timestamp'};
+                }
+            }
+            my ($types,$typename) = &course_types();
+            if (ref($types) eq 'ARRAY') {
+                my @options = ('approval','validate','autolimit');
+                my $optregex = join('|',@options);
+                my (%willtrust,%trustchecked);
+                foreach my $type (@{$types}) {
+                    my $dom_str = $env{'environment.reqcrsotherdom.'.$type};
+                    if ($dom_str ne '') {
+                        my $updatedstr = '';
+                        my @possdomains = split(',',$dom_str);
+                        foreach my $entry (@possdomains) {
+                            my ($extdom,$extopt) = split(':',$entry);
+                            unless ($trustchecked{$extdom}) {
+                                $willtrust{$extdom} = &Apache::lonnet::will_trust('reqcrs',$domain,$extdom);
+                                $trustchecked{$extdom} = 1;
+                            }
+                            if ($willtrust{$extdom}) {
+                                $updatedstr .= $entry.',';
+                            }
+                        }
+                        $updatedstr =~ s/,$//;
+                        if ($updatedstr) {
+                            $userenv{'reqcrsotherdom.'.$type} = $updatedstr;
+                        } else {
+                            delete($userenv{'reqcrsotherdom.'.$type});
+                        }
+                    }
+                }
             }
         }
-
 	$env{'user.environment'} = "$lonids/$cookie.id";
 
 	if (tie(my %disk_env,'GDBM_File',"$lonids/$cookie.id",
@@ -16835,8 +17289,12 @@ sub needs_coursereinit {
         $interval = 600;
     }
     if (($now-$env{'request.course.timechecked'})>$interval) {
-        my $lastchange = &Apache::lonnet::get_coursechange($cdom,$cnum);
         &Apache::lonnet::appenv({'request.course.timechecked'=>$now});
+        my $blocked = &blocking_status('reinit',$cnum,$cdom,undef,1);
+        if ($blocked) {
+            return ();
+        }
+        my $lastchange = &Apache::lonnet::get_coursechange($cdom,$cnum);
         if ($lastchange > $env{'request.course.tied'}) {
             my %curr_reqd_hash = &Apache::lonnet::userenvironment($cdom,$cnum,'internal.releaserequired');
             if ($curr_reqd_hash{'internal.releaserequired'} ne '') {
@@ -17201,14 +17659,19 @@ sub check_recaptcha {
     my ($privkey,$version) = @_;
     my $captcha_chk;
     if ($version >= 2) {
-        my $ua = LWP::UserAgent->new;
-        $ua->timeout(10);
         my %info = (
                      secret   => $privkey, 
                      response => $env{'form.g-recaptcha-response'},
                      remoteip => $ENV{'REMOTE_ADDR'},
                    );
-        my $response = $ua->post('https://www.google.com/recaptcha/api/siteverify',\%info);
+        my $request=new HTTP::Request('POST','https://www.google.com/recaptcha/api/siteverify');
+        $request->content(join('&',map {
+                         my $name = escape($_);
+                         "$name=" . ( ref($info{$_}) eq 'ARRAY'
+                         ? join("&$name=", map {escape($_) } @{$info{$_}})
+                         : &escape($info{$_}) );
+        } keys(%info)));
+        my $response = &LONCAPA::LWPReq::makerequest('',$request,'','',10,1);
         if ($response->is_success)  {
             my $data = JSON::DWIW->from_json($response->decoded_content);
             if (ref($data) eq 'HASH') {
@@ -17271,9 +17734,25 @@ sub cleanup_html {
 
 # Checks for critical messages and returns a redirect url if one exists.
 # $interval indicates how often to check for messages.
+# $context is the calling context -- roles, grades, contents, menu or flip. 
 sub critical_redirect {
-    my ($interval) = @_;
+    my ($interval,$context) = @_;
     if ((time-$env{'user.criticalcheck.time'})>$interval) {
+        if (($env{'request.course.id'}) && (($context eq 'flip') || ($context eq 'contents'))) {
+            my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
+            my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
+            my $blocked = &blocking_status('alert',$cnum,$cdom,undef,1);
+            if ($blocked) {
+                my $checkrole = "cm./$cdom/$cnum";
+                if ($env{'request.course.sec'} ne '') {
+                    $checkrole .= "/$env{'request.course.sec'}";
+                }
+                unless ((&Apache::lonnet::allowed('evb',undef,undef,$checkrole)) &&
+                        ($env{'request.role'} !~ m{^st\./$cdom/$cnum})) {
+                    return;
+                }
+            }
+        }
         my @what=&Apache::lonnet::dump('critical', $env{'user.domain'}, 
                                         $env{'user.name'});
         &Apache::lonnet::appenv({'user.criticalcheck.time'=>time});