--- loncom/interface/loncreateuser.pm	2014/06/30 14:49:35	1.403
+++ loncom/interface/loncreateuser.pm	2016/10/22 15:53:55	1.406.2.4
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Create a user
 #
-# $Id: loncreateuser.pm,v 1.403 2014/06/30 14:49:35 raeburn Exp $
+# $Id: loncreateuser.pm,v 1.406.2.4 2016/10/22 15:53:55 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -813,7 +813,7 @@ sub entry_form {
     }
     my $cancreate =
         &Apache::lonuserutils::can_create_user($dom,$context,$usertype);
-    my $userpicker = 
+    my ($userpicker,$cansearch) = 
        &Apache::loncommon::user_picker($dom,$srch,$forcenewuser,
                                        'document.crtuser',$cancreate,$usertype);
     my $srchbutton = &mt('Search');
@@ -822,7 +822,9 @@ sub entry_form {
     } elsif ($cancreate && $responsemsg ne '' && $inexact) {
         $srchbutton = &mt('Search or Add New User');
     }
-    my $output = <<"ENDBLOCK";
+    my $output;
+    if ($cansearch) {
+        $output = <<"ENDBLOCK";
 <form action="/adm/createuser" method="post" name="crtuser">
 <input type="hidden" name="action" value="$env{'form.action'}" />
 <input type="hidden" name="phase" value="get_user_info" />
@@ -830,6 +832,9 @@ $userpicker
 <input name="userrole" type="button" value="$srchbutton" onclick="javascript:validateEntry(document.crtuser)" />
 </form>
 ENDBLOCK
+    } else {
+        $output = '<p>'.$userpicker.'</p>';
+    }
     if ($env{'form.phase'} eq '') {
         my $defdom=$env{'request.role.domain'};
         my $domform = &Apache::loncommon::select_dom_form($defdom,'srchdomain');
@@ -2244,8 +2249,8 @@ sub personal_data_display {
                    '<input type="text" name="uname" size="25" value="" autocomplete="off" />';
         $rowcount ++;
         $output .= &Apache::lonhtmlcommon::row_closure(1);
-        my $upassone = '<input type="password" name="upass'.$now.'" size="10" autocomplete="off" />';
-        my $upasstwo = '<input type="password" name="upasscheck'.$now.'" size="10" autocomplete="off" />';
+        my $upassone = '<input type="password" name="upass'.$now.'" size="20" autocomplete="off" />';
+        my $upasstwo = '<input type="password" name="upasscheck'.$now.'" size="20" autocomplete="off" />';
         $output .= &Apache::lonhtmlcommon::row_title(&mt('Password').'<b>*</b>',
                                                     'LC_pick_box_title',
                                                     'LC_oddrow_value')."\n".
@@ -2351,7 +2356,7 @@ sub personal_data_display {
     }
     if (($context eq 'selfcreate') && ($newuser eq 'email')) {
         if ($captchaform) {
-            $output .= &Apache::lonhtmlcommon::row_title($lt{'valid'},
+            $output .= &Apache::lonhtmlcommon::row_title($lt{'valid'}.'*',
                                                          'LC_pick_box_title')."\n".
                        $captchaform."\n".'<br /><br />'.
                        &Apache::lonhtmlcommon::row_closure(1); 
@@ -3625,7 +3630,7 @@ sub update_roles {
     my @rolechanges;
     my %disallowed;
     $r->print('<h3>'.&mt('Modifying Roles').'</h3>');
-    foreach my $key (keys (%env)) {
+    foreach my $key (keys(%env)) {
 	next if (! $env{$key});
         next if ($key eq 'form.action');
 	# Revoke roles
@@ -3807,7 +3812,7 @@ sub update_roles {
                 } else {
 		    my %curr_groups =
 			&Apache::longroup::coursegroups($one,$two);
-                    foreach my $sec (sort {$a cmp $b} keys %sections) {
+                    foreach my $sec (sort {$a cmp $b} keys(%sections)) {
                         if (($sec eq 'none') || ($sec eq 'all') || 
                             exists($curr_groups{$sec})) {
                             $disallowed{$sec} = $url;
@@ -3853,7 +3858,7 @@ sub update_roles {
                     my %curr_groups = 
 			&Apache::longroup::coursegroups($one,$two);
                     my $emptysec = 0;
-                    foreach my $sec (sort {$a cmp $b} keys %sections) {
+                    foreach my $sec (sort {$a cmp $b} keys(%sections)) {
                         $sec =~ s/\W//g;
                         if ($sec ne '') {
                             if (($sec eq 'none') || ($sec eq 'all') || 
@@ -3893,7 +3898,7 @@ sub update_roles {
                     $r->print(&Apache::loncommon::commit_standardrole($udom,$uname,$url,$two,$start,$end,$one,undef,'',$context));
                 } else {
                     my $emptysec = 0;
-                    foreach my $sec (sort {$a cmp $b} keys %sections) {
+                    foreach my $sec (sort {$a cmp $b} keys(%sections)) {
                         if ($sec ne '') {
                             my $securl = $url.'/'.$sec;
                             $r->print(&Apache::loncommon::commit_standardrole($udom,$uname,$securl,$two,$start,$end,$one,undef,$sec,$context));
@@ -5544,6 +5549,7 @@ sub print_selfenroll_menu {
         butn => 'but no user types have been checked.',
         wilf => "Please uncheck 'activate' or check at least one type.",
     );
+    &js_escape(\%alerts);
     my $selfenroll_js = <<"ENDSCRIPT";
 function update_types(caller,num) {
     var delidx = getIndexByName('selfenroll_delete');
@@ -5745,6 +5751,12 @@ ENDSCRIPT
         $cathash = $domconfig{'coursecategories'}{'cats'};
         $cattype{'auth'} = $domconfig{'coursecategories'}{'auth'};
         $cattype{'unauth'} = $domconfig{'coursecategories'}{'unauth'};
+        if ($cattype{'auth'} eq '') {
+            $cattype{'auth'} = 'std';
+        }
+        if ($cattype{'unauth'} eq '') {
+            $cattype{'unauth'} = 'std';
+        }
     } else {
         $cathash = {};
         $cattype{'auth'} = 'std';
@@ -6816,13 +6828,29 @@ sub user_search_result {
         }
     }
     if ($response ne '') {
-        $response = '<span class="LC_warning">'.$response.'</span>';
+        $response = '<span class="LC_warning">'.$response.'</span><br />';
     }
     if ($srch->{'srchin'} eq 'instd') {
-        my $instd_chk = &directorysrch_check($srch);
+        my $instd_chk = &instdirectorysrch_check($srch);
         if ($instd_chk ne 'ok') {
-            $response = '<span class="LC_warning">'.$instd_chk.'</span>'.
-                        '<br />'.&mt('You may want to search in the LON-CAPA domain instead of the institutional directory.').'<br /><br />';
+            my $domd_chk = &domdirectorysrch_check($srch);
+            $response .= '<span class="LC_warning">'.$instd_chk.'</span><br />';
+            if ($domd_chk eq 'ok') {
+                $response .= &mt('You may want to search in the LON-CAPA domain instead of the institutional directory.');
+            }
+            $response .= '<br /><br />';
+        }
+    } else {
+        unless (($context eq 'requestcrs') && ($srch->{'srchtype'} eq 'exact')) {
+            my $domd_chk = &domdirectorysrch_check($srch);
+            if ($domd_chk ne 'ok') {
+                my $instd_chk = &instdirectorysrch_check($srch);
+                $response .= '<span class="LC_warning">'.$domd_chk.'</span><br />';
+                if ($instd_chk eq 'ok') {
+                    $response .= &mt('You may want to search in the institutional directory instead of the LON-CAPA domain.');
+                }
+                $response .= '<br /><br />';
+            }
         }
     }
     if ($response ne '') {
@@ -6997,7 +7025,26 @@ sub user_search_result {
     return ($currstate,$response,$forcenewuser,\%srch_results);
 }
 
-sub directorysrch_check {
+sub domdirectorysrch_check {
+    my ($srch) = @_;
+    my $response;
+    my %dom_inst_srch = &Apache::lonnet::get_dom('configuration',
+                                             ['directorysrch'],$srch->{'srchdomain'});
+    my $showdom = &display_domain_info($srch->{'srchdomain'});
+    if (ref($dom_inst_srch{'directorysrch'}) eq 'HASH') {
+        if ($dom_inst_srch{'directorysrch'}{'lcavailable'} eq '0') {
+            return &mt('LON-CAPA directory search is not available in domain: [_1]',$showdom);
+        }
+        if ($dom_inst_srch{'directorysrch'}{'lclocalonly'}) {
+            if ($env{'request.role.domain'} ne $srch->{'srchdomain'}) {
+                return &mt('LON-CAPA directory search in domain: [_1] is only allowed for users with a current role in the domain.',$showdom);
+            }
+        }
+    }
+    return 'ok';
+}
+
+sub instdirectorysrch_check {
     my ($srch) = @_;
     my $can_search = 0;
     my $response;
@@ -7451,8 +7498,8 @@ sub course_level_dc {
         my $plrole=&Apache::lonnet::plaintext($role);
         $otheritems .= '  <option value="'.$role.'">'.$plrole.'</option>';
     }
-    if ( keys %customroles > 0) {
-        foreach my $cust (sort keys %customroles) {
+    if ( keys(%customroles) > 0) {
+        foreach my $cust (sort(keys(%customroles))) {
             my $custrole='cr_cr_'.$env{'user.domain'}.
                     '_'.$env{'user.name'}.'_'.$cust;
             $otheritems .= '  <option value="'.$custrole.'">'.$cust.'</option>';