--- loncom/interface/lonpreferences.pm	2012/12/18 14:25:59	1.201
+++ loncom/interface/lonpreferences.pm	2021/03/06 19:44:12	1.238
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Preferences
 #
-# $Id: lonpreferences.pm,v 1.201 2012/12/18 14:25:59 raeburn Exp $
+# $Id: lonpreferences.pm,v 1.238 2021/03/06 19:44:12 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -27,8 +27,6 @@
 #
 # This package uses the "londes.js" javascript code. 
 #
-# TODOs that have to be completed:
-#    interface with lonnet to change the password
  
 package Apache::lonpreferences;
 
@@ -36,8 +34,6 @@ use strict;
 use LONCAPA;
 use Apache::Constants qw(:common);
 use Apache::File;
-use Crypt::DES;
-use DynaLoader; # for Crypt::DES version
 use Apache::loncommon();
 use Apache::lonhtmlcommon();
 use Apache::lonlocal;
@@ -45,50 +41,6 @@ use Apache::lonnet;
 use LONCAPA::lonauthcgi();
 use LONCAPA();
 
-#
-# Write lonnet::passwd to do the call below.
-# Use:
-#   my $answer=reply("encrypt:passwd:$udom:$uname:$upass",$tryserver);
-#
-##################################################
-#          password associated functions         #
-##################################################
-sub des_keys {
-    # Make a new key for DES encryption.
-    # Each key has two parts which are returned separately.
-    # Please note:  Each key must be passed through the &hex function
-    # before it is output to the web browser.  The hex versions cannot
-    # be used to decrypt.
-    my @hexstr=('0','1','2','3','4','5','6','7',
-                '8','9','a','b','c','d','e','f');
-    my $lkey='';
-    for (0..7) {
-        $lkey.=$hexstr[rand(15)];
-    }
-    my $ukey='';
-    for (0..7) {
-        $ukey.=$hexstr[rand(15)];
-    }
-    return ($lkey,$ukey);
-}
-
-sub des_decrypt {
-    my ($key,$cyphertext) = @_;
-    my $keybin=pack("H16",$key);
-    my $cypher;
-    if ($Crypt::DES::VERSION>=2.03) {
-        $cypher=new Crypt::DES $keybin;
-    } else {
-        $cypher=new DES $keybin;
-    }
-    my $plaintext=
-	$cypher->decrypt(unpack("a8",pack("H16",substr($cyphertext,0,16))));
-    $plaintext.=
-	$cypher->decrypt(unpack("a8",pack("H16",substr($cyphertext,16,16))));
-    $plaintext=substr($plaintext,1,ord(substr($plaintext,0,1)) );
-    return $plaintext;
-}
-
 ################################################################
 #                       Handler subroutines                    #
 ################################################################
@@ -152,32 +104,16 @@ sub languagechanger {
                 text => 'Change Language'});
     $r->print(Apache::loncommon::start_page('Content Display Settings'));
     $r->print(Apache::lonhtmlcommon::breadcrumbs('Change Language')); 
-    my $user       = $env{'user.name'};
-    my $domain     = $env{'user.domain'};
-    my %userenv = &Apache::lonnet::get
-        ('environment',['languages']);
+    my %userenv = &Apache::lonnet::get('environment',['languages']);
     my $language=$userenv{'languages'};
 
-    my $pref=&mt('Preferred language');
-    my %langchoices=('' => 'No language preference');
-    foreach (&Apache::loncommon::languageids()) {
-	if (&Apache::loncommon::supportedlanguagecode($_)) {
-	    $langchoices{&Apache::loncommon::supportedlanguagecode($_)}
-	               = &Apache::loncommon::plainlanguagedescription($_);
-	}
-    }
-    %langchoices = &Apache::lonlocal::texthash(%langchoices);
-    my $selectionbox=
-           &Apache::loncommon::select_form(
-               $language,
-               'language',
-               \%langchoices);
-    $r->print(<<ENDLSCREEN);
-<form name="prefs" action="/adm/preferences" method="post">
-<input type="hidden" name="action" value="verify_and_change_languages" />
-<br />$pref: $selectionbox
-ENDLSCREEN
-    $r->print('<br /><input type="submit" value="'.&mt('Save').'" />');
+    $r->print(
+        '<form name="prefs" action="/adm/preferences" method="post">'."\n".
+        '<input type="hidden" name="action" value="verify_and_change_languages" />'.
+        '<br /><span class="LC_nobreak">'.&mt('Preferred language').':&nbsp;'.
+        &Apache::loncommon::select_language('language',$language,1).'</span>'."\n".
+        '<br /><input type="submit" value="'.&mt('Save').'" /></form>'
+    );
 }
 
 
@@ -222,11 +158,13 @@ sub texenginechanger {
     my $domain     = $env{'user.domain'};
     my %userenv = &Apache::lonnet::get('environment',['texengine']);
     my $texengine=$userenv{'texengine'};
+    if (lc($texengine) eq 'jsmath') {
+        $texengine = 'MathJax';
+    }
 
     my %mathchoices=('' => 'Default',
 		     'tth' => 'tth (TeX to HTML)',
 		     #'ttm' => 'TeX to MathML',
-		     'jsMath' => 'jsMath',
 		     'MathJax' => 'MathJax',
 		     'mimetex' => 'mimetex (Convert to Images)',
                      'raw' => 'Raw (Screen Reader)'
@@ -238,33 +176,17 @@ sub texenginechanger {
                'texengine',
                \%mathchoices);
     my $MathJax_start=&Apache::lontexconvert::MathJax_header();
-    my $jsMath_start=&Apache::lontexconvert::jsMath_header();
     my %lt=&Apache::lonlocal::texthash(
       'headline' => 'Change how math is displayed',
       'preftxt'  => 'Preferred method to display math',
       'change'   => 'Save',
       'exmpl'    => 'Examples',
       'mathjax'  => 'MathJax:',
-      'jsmath'   => 'jsMath:',
+      'mathjaxinfo' => 'MathJax provides rendered equations whose source code can be extracted in TeX and MathML formats by right clicking the equation.',
       'tth'      => 'tth (TeX to HTML):',
       'mimetex'  => 'mimetex (Convert to Images):',
     );
 
-    my $jsMathWarning='<p>'
-                     .'<div class="LC_warning">'
-                     .&mt("It looks like you don't have the TeX math fonts installed.")
-                     .'</div>'
-                     .'<div>'
-                     .&mt('The jsMath example on this page may not look right without them. '
-                         .'The [_1]jsMath Home Page[_2] has information on how to download the '
-                         .'needed fonts. In the meantime, jsMath will do the best it can '
-                         .'with the fonts you have, but it may not be pretty and some equations '
-                         .'may not be rendered correctly.'
-                         ,'<a href="http://www.math.union.edu/locate/jsMath/" target="_blank">'
-                         ,'</a>')
-                     .'</div>'
-                     .'</p>';
-
     $r->print(<<ENDLSCREEN);
 <h2>$lt{'headline'}</h2>
 <form name="prefs" action="/adm/preferences" method="post">
@@ -281,37 +203,22 @@ $lt{'exmpl'}
 
 <h3>$lt{'mathjax'}</h3>
 </script>
-<iframe src="/res/adm/pages/math_example.tex?inhibitmenu=yes&texengine=MathJax" width="400" height="120"></iframe>
+<iframe src="/res/adm/pages/math_example.tex?inhibitmenu=yes&texengine=MathJax" width="400" height="150"></iframe>
 </p>
 <p>
-MathJax provides rendered equations whose source code can be extracted in TeX and MathML formats by right clicking the equation.
-</p>
-
-<h3>$lt{'jsmath'}</h3> 
-<p>
-$jsMath_start
-<script type="text/javascript" language="JavaScript">
-if (jsMath.nofonts == 1) {
-    document.writeln($jsMathWarning);
-}
-
-</script>
-<iframe src="/res/adm/pages/math_example.tex?inhibitmenu=yes&texengine=jsMath" width="400" height="120"></iframe>
+$lt{'mathjaxinfo'}
 </p>
 
 <h3>$lt{'mimetex'}</h3>
 <p>
-<iframe src="/res/adm/pages/math_example.tex?inhibitmenu=yes&texengine=mimetex" width="400" height="100"></iframe>
+<iframe src="/res/adm/pages/math_example.tex?inhibitmenu=yes&texengine=mimetex" width="400" height="150"></iframe>
 </p>
 
 <h3>$lt{'tth'}</h3>
 <p>
-<iframe src="/res/adm/pages/math_example.tex?inhibitmenu=yes&texengine=tth" width="400" height="220"></iframe>
+<iframe src="/res/adm/pages/math_example.tex?inhibitmenu=yes&texengine=tth" width="400" height="150"></iframe>
 </p>
 ENDLSCREEN
-    if ($env{'environment.texengine'} ne 'jsMath') {
-	$r->print('<script type="text/javascript" language="JavaScript">jsMath.Process()</script>');
-    }
 }
 
 
@@ -322,6 +229,9 @@ sub verify_and_change_texengine {
 # Screenname
     my $newtexengine  = $env{'form.texengine'};
     $newtexengine=~s/[^\-\w]//g;
+    if (lc($newtexengine) eq 'jsmath') {
+        $newtexengine = 'MathJax';
+    }
     if ($newtexengine eq 'ttm') {
 	&Apache::lonnet::appenv({'browser.mathml' => 1});
     } else {
@@ -453,7 +363,7 @@ $options.'
 &Apache::lonhtmlcommon::row_closure(1).
 &Apache::lonhtmlcommon::end_pick_box().'
 </div>');
-    if ($roles_check_list) { 
+    if ($roles_check_list) {
         $r->print('<div class="LC_left_float">
 <h4>'.&mt('Freeze Roles').'</h4>
 <p>'.&mt('The table below can be used to [_1]freeze[_2] '.$lc_role.'s in the Hotlist.','<q>','</q>').'<br />'.
@@ -463,7 +373,7 @@ $options.'
 </div>');
      } else {
          $r->print('<br clear="all" />'.
-                   &mt('Once the Hotlist contains recently visited '.$lc_role.'s, you can return to this page to also set frozen roles.'));
+                   &mt('Once the Hotlist contains recently visited '.$lc_role.'s you can return to this page to also set frozen roles.'));
      }
      $r->print('
 <br clear="all" />
@@ -565,7 +475,6 @@ sub verify_and_change_rolespref {
 }
 
 
-
 ################################################################
 #         Anonymous Discussion Name Change Subroutines         #
 ################################################################
@@ -718,7 +627,7 @@ sub icon_options {
 }
 
 sub icon_previews {
-     my %icon_text = (
+     my %icon_text = &Apache::lonlocal::texthash (
                       annotate => 'Notes',
                       wishlist => 'Stored Links',
                       catalog  => 'Info',
@@ -727,12 +636,12 @@ sub icon_previews {
                       printout => 'Print',
                      );
     my %inlinetools = (
-        printout => "s&8&3&prt.png&$icon_text{'printout'}&printout[_1]&gopost('/adm/printout',currentURL)&Prepare a printable document",
-        wishlist => "s&9&1&wishlist-link.png&$icon_text{'wishlist'}&wishlistlink[_2]&set_wishlistlink()&Save a link for this resource in your personal Stored Links repository",
-        evaluate => "s&8&1&eval.png&$icon_text{'evaluate'}&this[_1]&gopost('/adm/evaluate',currentURL,1)&Provide my evaluation of this resource",
-        feedback => "s&8&2&fdbk.png&$icon_text{'feedback'}&discuss[_1]&gopost('/adm/feedback',currentURL,1)&Provide feedback messages or contribute to the course discussion about this resource",
-        annotate => "s&9&3&anot.png&$icon_text{'annotate'}&tations[_1]&annotate()&Make notes and annotations about this resource",
-        catalog  => "s&6&3&catalog.png&$icon_text{'catalog'}&info[_1]&catalog_info()&Show Metadata",
+        printout => "s&8&3&prt.png&$icon_text{'printout'}&printout[_1]&gopost('/adm/printout',currentURL)&".&mt('Prepare a printable document'),
+        wishlist => "s&9&1&wishlist-link.png&$icon_text{'wishlist'}&wishlistlink[_2]&set_wishlistlink()&".&mt('Save a link for this resource in your personal Stored Links repository'),
+        evaluate => "s&8&1&eval.png&$icon_text{'evaluate'}&this[_1]&gopost('/adm/evaluate',currentURL,1)&".&mt('Provide my evaluation of this resource'),
+        feedback => "s&8&2&fdbk.png&$icon_text{'feedback'}&discuss[_1]&gopost('/adm/feedback',currentURL,1)&".&mt('Provide feedback messages or contribute to the course discussion about this resource'),
+        annotate => "s&9&3&anot.png&$icon_text{'annotate'}&tations[_1]&annotate()&".&mt('Make notes and annotations about this resource'),
+        catalog  => "s&6&3&catalog.png&$icon_text{'catalog'}&info[_1]&catalog_info()&".&mt('Show Metadata'),
     );
     my @toolsorder = qw(annotate wishlist evaluate feedback printout catalog);
     return (\%inlinetools,\@toolsorder);
@@ -774,16 +683,51 @@ sub verify_and_change_clicker {
     my $r = shift;
     my $user       = $env{'user.name'};
     my $domain     = $env{'user.domain'};
+    my $uhome      = $env{'user.home'};
     my $newclickers  = $env{'form.clickers'};
+    my $message;
     $newclickers=~s/[^\w\:\-]+/\,/gs;
     $newclickers=~tr/a-z/A-Z/;
     $newclickers=~s/[\:\-]+/\-/g;
     $newclickers=~s/\,+/\,/g;
     $newclickers=~s/^\,//;
     $newclickers=~s/\,$//;
-    &Apache::lonnet::put('environment',{'clickers' => $newclickers});
-    &Apache::lonnet::appenv({'environment.clickers' => $newclickers});
-    my $message=&Apache::lonhtmlcommon::confirm_success(&mt('Registering clickers: [_1]',$newclickers));
+    my @oldclickers = split(/,/,$env{'environment.clickers'});
+    my @newclickers = split(/,/,$newclickers);
+    my %newuniq;
+    map { $newuniq{$_} = 1; }  @newclickers;
+    @newclickers = sort(keys(%newuniq));
+    my @differences = &Apache::loncommon::compare_arrays(\@oldclickers,\@newclickers);
+    if (@differences) {
+        my $putres = &Apache::lonnet::put('environment',{'clickers' => $newclickers});
+        if ($putres eq 'ok') {
+            my @adds = ();
+            my @dels = ();
+            foreach my $item (@differences) {
+                if (grep(/^\Q$item\E$/,@newclickers)) {
+                    push(@adds,$item);
+                } else {
+                    push(@dels,$item);
+                }
+            }
+            if (@dels) {
+                 my %delclicker;
+                 map { $delclicker{$_} = $user; } @dels;
+                 my $putresult = &Apache::lonnet::iddel($domain,\%delclicker,$uhome,'clickers');
+            }
+            if (@adds) {
+                 my %addclicker;
+                 map { $addclicker{$_} = $user; } @adds;
+                 my $putresult = &Apache::lonnet::updateclickers($domain,'add',\%addclicker,$uhome,1);
+            }
+            &Apache::lonnet::appenv({'environment.clickers' => $newclickers});
+            $message=&Apache::lonhtmlcommon::confirm_success(&mt('Registering clickers: [_1]',$newclickers));
+        } else {
+            $message=&Apache::lonhtmlcommon::confirm_success(&mt('Error saving clicker ID').1);
+        }
+    } else {
+        $message='<span class="LC_info">'.&mt('Clicker information unchanged').'</span>';
+    }
     $message=&Apache::loncommon::confirmwrapper($message);
     &print_main_menu($r, $message);
 }
@@ -807,11 +751,13 @@ sub domcoordchanger {
     if ($userenv{'domcoord.author'} eq 'blocked') {
        $constchecked=' checked="checked"';
     }
-    my $text=&mt('By default, the Domain Coordinator can enter your construction space.');
-    my $construction=&mt('Block access to construction space');
+    my $text=&mt('By default, the Domain Coordinator can enter your Authoring Space.');
+    my $construction=&mt('Block access to Authoring Space');
     my $change=&mt('Save');
+    my $returnurl = &HTML::Entities::encode($env{'form.returnurl'},'"<>&\'');
     $r->print(<<ENDSCREEN);
 <form name="prefs" action="/adm/preferences" method="post">
+<input type="hidden" name="returnurl" value="$returnurl" />
 <input type="hidden" name="action" value="verify_and_change_domcoord" />
 $text<br />
 <label><input type="checkbox" name="construction"$constchecked />$construction</label><br />
@@ -834,9 +780,13 @@ sub verify_and_change_domcoord {
     } else {
         $status=&mt('off');
     }
-    my $message=&Apache::lonhtmlcommon::confirm_success(&mt('Set [_1] to [_2]','<i>'.&mt('Block access to construction space').'</i>','<tt>'.$status.'</tt>'));
+    my $message=&Apache::lonhtmlcommon::confirm_success(&mt('Set [_1] to [_2]','<i>'.&mt('Block access to Authoring Space').'</i>','<tt>'.$status.'</tt>'));
     $message=&Apache::loncommon::confirmwrapper($message);
-    &print_main_menu($r,$message);
+    if ($env{'form.returnurl'}) {
+        &do_redirect($r,$env{'form.returnurl'},$message);
+    } else {
+        &print_main_menu($r,$message);
+    }
 }
 
 #################################################################
@@ -850,7 +800,7 @@ sub lockwarning {
     my $textbottom=&mt('Changing roles or logging out may result in data corruption.');
     my ($num,%which)=&Apache::lonnet::get_locks();
     my $which='';
-    foreach my $id (keys %which) {
+    foreach my $id (keys(%which)) {
        $which.='<li>'.$which{$id}.'</li>';
     }
     my $change=&mt('Override');
@@ -892,15 +842,15 @@ sub msgforwardchanger {
                                           foad  => 'Forward to account(s)',
                                           fwdm  => 'Forward messages to other account(s) in LON-CAPA',
                                           noti  => 'E-mail notification of LON-CAPA messages',
-                                          foad_exmpl => 'e.g. <tt>userA:domain1,userB:domain2,...</tt>',
                                           mnot  => 'E-mail address(es) which should be notified about new LON-CAPA messages',
-                                          mnot_exmpl => 'e.g. <tt>joe@doe.com</tt>',
                                           chg   => 'Save',
                                           email => 'The e-mail address entered in row ',
                                           notv => 'is not a valid e-mail address',
                                           toen => "To enter multiple addresses, enter one address at a time, click 'Change' and then add the next one", 
                                           prme => 'Back',
                                         );
+    $lt{'foad_exmpl'} = &mt('e.g. [_1]userA:domain1,userB:domain2,...[_2]','<tt>','</tt>');
+    $lt{'mnot_exmpl'} = &mt('e.g. [_1]joe@doe.com[_2]','<tt>','</tt>');
     Apache::lonhtmlcommon::add_breadcrumb(
 	    {	href => '/adm/preferences?action=changemsgforward',
 		text => 'Messages & Notifications'});
@@ -1004,7 +954,7 @@ ENDMSG
                    '" onclick="javscript:delete_address('."'$num'".')" />'.
                    &mt('Delete').'</label></span></td>'.
                    '<td><input type="text" value="'.$item.'" name="address_'.
-                   $num.'" onFocus="javascript:address_changes('."'$num'".
+                   $num.'" onfocus="javascript:address_changes('."'$num'".
                    ')" /></td><td>';
         my %chk;
         if (defined($allnot{$item}{'crit'})) {
@@ -1053,7 +1003,7 @@ ENDMSG
                '<input type="checkbox" name="add_notify_'.$num.
                '" value="1" />'.&mt('Add new address').'</label></span></td>'.
                '<td><input type="text" value="" name="address_'.$num.
-               '" onFocus="javascript:new_address('."'$num'".')" /></td><td>';
+               '" onfocus="javascript:new_address('."'$num'".')" /></td><td>';
     foreach my $type ('all','crit','reg') {
         $output .= '<span class="LC_nobreak"><label>'.
                    '<input type="radio" name="notify_type_'.$num.
@@ -1238,13 +1188,13 @@ sub colorschanger {
     my $resetbutton = &mt('Reset All');
     my $resetbuttondesc = &mt('Reset All Colors to Default');
     my $colorchooser=&Apache::lonhtmlcommon::color_picker();
-    $r-print('<script type="text/javascript" language="JavaScript">
+    $r->print('<script type="text/javascript" language="JavaScript">
 ' . $colorchooser . '
 </script>
 ');
     $r->print(<<ENDCOL);
 
-<form name="parmform">
+<form name="parmform" action="">
 <input type="hidden" name="pres_marker" />
 <input type="hidden" name="pres_type" />
 <input type="hidden" name="pres_value" />
@@ -1280,7 +1230,7 @@ sub verify_and_change_colors {
     );
 
     my $message='';
-    foreach my $item (keys %colortypes) {
+    foreach my $item (keys(%colortypes)) {
         my $color=$env{'form.'.$item};
 	if (!($color =~ /^#/)) {
 	    $color = '#' . $color;
@@ -1311,7 +1261,7 @@ sub verify_and_change_colors {
 #            password handler subroutines            #
 ######################################################
 sub passwordchanger {
-    my ($r,$errormessage,$caller,$mailtoken) = @_;
+    my ($r,$errormessage,$caller,$mailtoken,$timelimit,$extrafields) = @_;
     # This function is a bit of a mess....
     # Passwords are encrypted using londes.js (DES encryption)
     $errormessage = ($errormessage || '');
@@ -1329,43 +1279,55 @@ sub passwordchanger {
         if (!defined($caller)) {
             $caller = 'preferences';
         }
+        my ($blocked,$blocktext) =
+            &Apache::loncommon::blocking_status('passwd');
+        if ($blocked) {
+            $r->print('<p class="LC_warning">'.$blocktext.'</p>');
+            return;
+        }
     } elsif ($caller eq 'reset_by_email') {
-            my %data = &Apache::lonnet::tmpget($mailtoken);
-            if (keys(%data) == 0) {
-                $r->print(
-                    '<p class="LC_warning">'
-                   .&mt('Sorry, the URL you provided to complete the reset of your password was invalid. Either the token included in the URL has been deleted or the URL you provided was invalid. Please submit a [_1]new request[_2] for a password reset, and follow the link to the new URL included in the e-mail that will be sent to you, to allow you to enter a new password.'
-                       ,'<a href="/adm/resetpw">','</a>')
-                   .'</p>'
-                );
-                return;
-            }
-            if (defined($data{time})) {
-                if (time - $data{'time'} < 7200) {
-                    $user = $data{'username'};
-                    $domain = $data{'domain'};
-                    $currentpass = $data{'temppasswd'};
-                } else {
-                    $r->print(
-                        '<p class="LC_warning">'
-                       .&mt('Sorry, the token generated when you requested'
-                           .' a password reset has expired.')
-                       .'</p>'
-                    );
+        my %data = &Apache::lonnet::tmpget($mailtoken);
+        if (keys(%data) == 0) {
+            $r->print(
+                '<p class="LC_warning">'
+               .&mt('Sorry, the URL you provided to complete the reset of your password was invalid. Either the token included in the URL has been deleted or the URL you provided was invalid. Please submit a [_1]new request[_2] for a password reset, and follow the link to the new URL included in the e-mail that will be sent to you, to allow you to enter a new password.'
+                   ,'<a href="/adm/resetpw">','</a>')
+               .'</p>'
+            );
+            return;
+        }
+        if (defined($data{time})) {
+            if (time - $data{'time'} < $timelimit) {
+                $user = $data{'username'};
+                $domain = $data{'domain'};
+                $currentpass = $data{'temppasswd'};
+                my ($blocked,$blocktext) =
+                    &Apache::loncommon::blocking_status('passwd',$user,$domain);
+                if ($blocked) {
+                    $r->print('<p class="LC_warning">'.$blocktext.'</p>');
                     return;
                 }
             } else {
                 $r->print(
                     '<p class="LC_warning">'
-                   .&mt('Sorry, the URL generated when you requested reset of'
-                       .' your password contained incomplete information.')
+                   .&mt('Sorry, the token generated when you requested'
+                       .' a password reset has expired.')
                    .'</p>'
                 );
                 return;
             }
-            if (&Apache::lonnet::domain($domain) eq '') {
-                $domain = $r->dir_config('lonDefDomain');
-            }
+        } else {
+            $r->print(
+                '<p class="LC_warning">'
+               .&mt('Sorry, the URL generated when you requested reset of'
+                   .' your password contained incomplete information.')
+               .'</p>'
+            );
+            return;
+        }
+        if (&Apache::lonnet::domain($domain) eq '') {
+            $domain = $r->dir_config('lonDefDomain');
+        }
     } else {
         $r->print(
             '<p class="LC_error">'
@@ -1379,9 +1341,9 @@ sub passwordchanger {
     return if ($currentauth !~ /^(unix|internal):/);
     #
     # Generate keys
-    my ($lkey_cpass ,$ukey_cpass ) = &des_keys();
-    my ($lkey_npass1,$ukey_npass1) = &des_keys();
-    my ($lkey_npass2,$ukey_npass2) = &des_keys();
+    my ($lkey_cpass ,$ukey_cpass ) = &Apache::loncommon::des_keys();
+    my ($lkey_npass1,$ukey_npass1) = &Apache::loncommon::des_keys();
+    my ($lkey_npass2,$ukey_npass2) = &Apache::loncommon::des_keys();
     # Store the keys in the log files
     my $lonhost = $r->dir_config('lonHostID');
     my $logtoken=Apache::lonnet::reply('tmpput:'
@@ -1404,7 +1366,7 @@ sub passwordchanger {
 	my $jsh=Apache::File->new($include."/londes.js");
 	$r->print(<$jsh>);
     }
-    $r->print(&jscript_send($caller));
+    $r->print(&jscript_send($caller,$domain,$currentauth,$extrafields));
     $r->print(<<ENDFORM);
 $errormessage
 
@@ -1413,57 +1375,155 @@ $errormessage
      ensure that unencrypted passwords will not be sent out by a
      crappy browser -->
 ENDFORM
-    $r->print(&server_form($logtoken,$caller,$mailtoken));
-    $r->print(&client_form($caller,\%hexkey,$currentpass,$domain));
+    $r->print(&server_form($logtoken,$caller,$mailtoken,$extrafields));
+    $r->print(&client_form($caller,\%hexkey,$currentpass,$domain,$extrafields));
 
     #
     return;
 }
 
 sub jscript_send {
-    my ($caller) = @_;
+    my ($caller,$domain,$currentauth,$extrafields) = @_;
+    my ($min,$max,$rulestr,$numrules);
+    $min = $Apache::lonnet::passwdmin;
+    my %js_lt = &Apache::lonlocal::texthash(
+              uc => 'New password needs at least one upper case letter',
+              lc => 'New password needs at least one lower case letter',
+              num => 'New password needs at least one number',
+              spec => 'New password needs at least one non-alphanumeric',
+              blank1 => 'Empty Password field',
+              blank2 => 'Empty Confirm Password field',
+              mismatch => 'Contents of Password and Confirm Password fields must match',
+              fail => 'Please fix the following:',
+    );
+    &js_escape(\%js_lt);
+    if ($currentauth eq 'internal:') {
+        if ($domain ne '') {
+            my %passwdconf = &Apache::lonnet::get_passwdconf($domain);
+            if (keys(%passwdconf)) {
+                if ($passwdconf{min}) {
+                    $min = $passwdconf{min};
+                }
+                if ($passwdconf{max}) {
+                    $max = $passwdconf{max};
+                    $js_lt{'long'} = &js_escape(&mt('Maximum password length: [_1]',$max));
+                }
+                if (ref($passwdconf{chars}) eq 'ARRAY') {
+                    if (@{$passwdconf{chars}}) {
+                        $rulestr =  join('","',@{$passwdconf{chars}});
+                        $numrules = scalar(@{$passwdconf{chars}});
+                    }
+                }
+            }
+        }
+    }
+    $js_lt{'short'} = &js_escape(&mt('Minimum password length: [_1]',$min));
+
+    my $passwdcheck = <<"ENDJS";
+        var errors = new Array();
+        var min = parseInt("$min") || 0;
+        var currauth = "$currentauth";
+        if (this.document.client.elements.newpass_1.value == '') {
+            errors.push("$js_lt{'blank1'}");
+        }
+        if (this.document.client.elements.newpass_2.value == '') {
+            errors.push("$js_lt{'blank2'}");
+        }
+        if (errors.length == 0) {
+            if (this.document.client.elements.newpass_1.value !=  this.document.client.elements.newpass_2.value) {
+                errors.push("$js_lt{'mismatch'}");
+            }
+            var posspass = this.document.client.elements.newpass_1.value;
+            if (min > 0) {
+                if (posspass.length < min) {
+                    errors.push("$js_lt{'short'}");
+                }
+            }
+            if (currauth == 'internal:') {
+                var max = parseInt("$max") || 0;
+                if (max > 0) {
+                    if (posspass.length > max) {
+                        errors.push("$js_lt{'long'}");
+                    }
+                }
+                var numrules = parseInt("$numrules") || 0;
+                if (numrules > 0) {
+                    var rules = new Array("$rulestr");
+                    for (var i=0; i<rules.length; i++) {
+                        if (rules[i] == 'uc') {
+                            if (!posspass.match(/[A-Z]/)) {
+                                errors.push("$js_lt{'uc'}");
+                            }
+                        } else if (rules[i] == 'lc') {
+                            if (!posspass.match(/[a-z]/)) {
+                                errors.push("$js_lt{'lc'}");
+                            }
+                        } else if (rules[i] == 'num') {
+                            if (!posspass.match(/\\d/)) {
+                                errors.push("$js_lt{'num'}");
+                            }
+                        } else if (rules[i] == 'spec') {
+                            var pattern = /^[!@#$%^&*()_+\\-=\\[\\]{};':"\\\|,.<a>\\/?]/;
+                            if (!posspass.match(pattern)) {
+                                errors.push("$js_lt{'spec'}");
+                            }
+                        }
+                    }
+                }
+            }
+        }
+        if (errors.length > 0) {
+            alert("$js_lt{'fail'}"+"\\n\\n"+errors.join("\\n"));
+            return;
+        }
+ENDJS
     my $output = qq|
 <script type="text/javascript" language="JavaScript">
 
     function send() {
+$passwdcheck
         uextkey=this.document.client.elements.ukey_cpass.value;
         lextkey=this.document.client.elements.lkey_cpass.value;
         initkeys();
-
-        this.document.pserver.elements.currentpass.value
-            =crypted(this.document.client.elements.currentpass.value);
-
+        this.document.pserver.elements.currentpass.value =
+            getCrypted(this.document.client.elements.currentpass.value);
         uextkey=this.document.client.elements.ukey_npass1.value;
         lextkey=this.document.client.elements.lkey_npass1.value;
         initkeys();
         this.document.pserver.elements.newpass_1.value
-            =crypted(this.document.client.elements.newpass_1.value);
-
+            =getCrypted(this.document.client.elements.newpass_1.value);
         uextkey=this.document.client.elements.ukey_npass2.value;
         lextkey=this.document.client.elements.lkey_npass2.value;
         initkeys();
         this.document.pserver.elements.newpass_2.value
-            =crypted(this.document.client.elements.newpass_2.value);
+            =getCrypted(this.document.client.elements.newpass_2.value);
 |;
     if ($caller eq 'reset_by_email') {
-        $output .= qq|
+        if ((ref($extrafields) eq 'HASH') && ($extrafields->{'username'})) {
+            $output .= qq|
         this.document.pserver.elements.uname.value =
                    this.document.client.elements.uname.value;
         this.document.pserver.elements.udom.value =
                    this.document.client.elements.udom.options[this.document.client.elements.udom.selectedIndex].value;
+|;
+        }
+        if ((ref($extrafields) eq 'HASH') && ($extrafields->{'email'})) {
+            $output .= qq|
         this.document.pserver.elements.email.value =
                    this.document.client.elements.email.value;
 |;
+        }
     }
     $ output .= qq|
         this.document.pserver.submit();
     }
+
 </script>
 |;
 }
 
 sub client_form {
-    my ($caller,$hexkey,$currentpass,$defdom) = @_;
+    my ($caller,$hexkey,$currentpass,$defdom,$extrafields) = @_;
     my %lt=&Apache::lonlocal::texthash(
                 'email' => 'E-mail Address',
                 'username' => 'Username',
@@ -1474,38 +1534,44 @@ sub client_form {
                 'changepass' => 'Save',
     );
 
-    my $output = '<form name="client">'
+    my $output = '<form name="client" action="">'
                 .&Apache::lonhtmlcommon::start_pick_box();
     if ($caller eq 'reset_by_email') {
-        $output .= &Apache::lonhtmlcommon::row_title(
+        if ((ref($extrafields) eq 'HASH') && ($extrafields->{'email'})) {
+            $output .= &Apache::lonhtmlcommon::row_title(
                        '<label for="email">'.$lt{'email'}.'</label>')
-                  .'<input type="text" name="email" size="30" />'
-                  .&Apache::lonhtmlcommon::row_closure()
-                  .&Apache::lonhtmlcommon::row_title(
+                      .'<input type="text" name="email" size="30" autocapitalize="off" autocorrect="off" />'
+                      .&Apache::lonhtmlcommon::row_closure();
+        }
+        if ((ref($extrafields) eq 'HASH') && ($extrafields->{'username'})) {
+            $output .= &Apache::lonhtmlcommon::row_title(
                        '<label for="uname">'.$lt{'username'}.'</label>')
-                  .'<input type="text" name="uname" size="15" />'
-                  .'<input type="hidden" name="currentpass" value="'.$currentpass.'" />'
-                  .&Apache::lonhtmlcommon::row_closure()
-                  .&Apache::lonhtmlcommon::row_title(
+                      .'<input type="text" name="uname" size="20" autocapitalize="off" autocorrect="off" />'
+                      .&Apache::lonhtmlcommon::row_closure()
+                      .&Apache::lonhtmlcommon::row_title(
                        '<label for="udom">'.$lt{'domain'}.'</label>')
-                  .&Apache::loncommon::select_dom_form($defdom,'udom')
-                  .&Apache::lonhtmlcommon::row_closure();
+                      .&Apache::loncommon::select_dom_form($defdom,'udom')
+                      .&Apache::lonhtmlcommon::row_closure();
+        }
     } else {
         $output .= &Apache::lonhtmlcommon::row_title(
                        '<label for="currentpass">'.$lt{'currentpass'}.'</label>')
-                  .'<input type="password" name="currentpass" size="10"/>'
+                  .'<input type="password" name="currentpass" size="20"/>'
                   .&Apache::lonhtmlcommon::row_closure();
     }
     $output .= &Apache::lonhtmlcommon::row_title(
                    '<label for="newpass_1">'.$lt{'newpass'}.'</label>')
-              .'<input type="password" name="newpass_1" size="10" />'
+              .'<input type="password" name="newpass_1" size="20" />'
               .&Apache::lonhtmlcommon::row_closure()
               .&Apache::lonhtmlcommon::row_title(
                    '<label for="newpass_2">'.$lt{'confirmpass'}.'</label>')
-              .'<input type="password" name="newpass_2" size="10" />'
+              .'<input type="password" name="newpass_2" size="20" />'
               .&Apache::lonhtmlcommon::row_closure(1)
               .&Apache::lonhtmlcommon::end_pick_box();
-    $output .= '<p><input type="button" value="'.$lt{'changepass'}.'" onClick="send();" /></p>'
+    if ($caller eq 'reset_by_email') {
+        $output .= '<input type="hidden" name="currentpass" value="'.$currentpass.'" />';
+    }
+    $output .= '<p><input type="button" value="'.$lt{'changepass'}.'" onclick="send();" /></p>'
               .qq|
 <input type="hidden" name="ukey_cpass"  value="$hexkey->{'ukey_cpass'}" />
 <input type="hidden" name="lkey_cpass"  value="$hexkey->{'lkey_cpass'}" />
@@ -1520,7 +1586,7 @@ sub client_form {
 }
 
 sub server_form {
-    my ($logtoken,$caller,$mailtoken) = @_;
+    my ($logtoken,$caller,$mailtoken,$extrafields) = @_;
     my $action = '/adm/preferences';
     if ($caller eq 'reset_by_email') {
         $action = '/adm/resetpw';
@@ -1531,15 +1597,22 @@ sub server_form {
 <input type="hidden" name="currentpass" value="" />
 <input type="hidden" name="newpass_1"   value="" />
 <input type="hidden" name="newpass_2"   value="" />
-    |;
+|;
     if ($caller eq 'reset_by_email') {
         $output .=  qq|
 <input type="hidden" name="token"   value="$mailtoken" />
+|;
+       if ((ref($extrafields) eq 'HASH') && ($extrafields->{'username'})) {
+           $output .=  qq|
 <input type="hidden" name="uname"   value="" />
 <input type="hidden" name="udom"   value="" />
+|;
+       }
+       if ((ref($extrafields) eq 'HASH') && ($extrafields->{'email'})) {
+           $output .=  qq|
 <input type="hidden" name="email"   value="" />
-
 |;
+       }
     }
     $output .= qq|
 <input type="hidden" name="action" value="verify_and_change_pass" />
@@ -1549,7 +1622,7 @@ sub server_form {
 }
 
 sub verify_and_change_password {
-    my ($r,$caller,$mailtoken) = @_;
+    my ($r,$caller,$mailtoken,$timelimit,$extrafields,$ended) = @_;
     my ($user,$domain,$homeserver);
     if ($caller eq 'reset_by_email') {
         $user       = $env{'form.uname'};
@@ -1559,20 +1632,30 @@ sub verify_and_change_password {
             if ($homeserver eq 'no_host') {
         &passwordchanger($r,"<p>\n<span class='LC_error'>".
                          &mt("Invalid username and/or domain")."</span>\n</p>",
-                         $caller,$mailtoken);
-                return 1;
+                         $caller,$mailtoken,$timelimit,$extrafields);
+                return 'no_host';
             }
         } else {
             &passwordchanger($r,"<p>\n<span class='LC_error'>".
                              &mt("Username and domain were blank")."</span>\n</p>",
-                             $caller,$mailtoken);
-            return 1;
+                             $caller,$mailtoken,$timelimit,$extrafields);
+            return 'missingdata';
         }
     } else {
         $user       = $env{'user.name'};
         $domain     = $env{'user.domain'};
         $homeserver = $env{'user.home'};
     }
+    my ($blocked,$blocktext) =
+        &Apache::loncommon::blocking_status('passwd',$user,$domain);
+    if ($blocked) {
+        $r->print('<p class="LC_warning">'.$blocktext.'</p>');
+        if ($caller eq 'reset_by_email') {
+            return 'blocked';
+        } else {
+            return;
+        }
+    }
     my $currentauth=&Apache::lonnet::queryauthenticate($user,$domain);
     # Check for authentication types that allow changing of the password.
     if ($currentauth !~ /^(unix|internal):/) {
@@ -1580,8 +1663,8 @@ sub verify_and_change_password {
             &passwordchanger($r,"<p>\n<span class='LC_error'>".
                              &mt("Authentication type for this user can not be changed by this mechanism").
                              "</span>\n</p>",
-                              $caller,$mailtoken);
-            return 1;
+                              $caller,$mailtoken,$timelimit,$extrafields);
+            return 'otherauth';
         } else {
             return;
         }
@@ -1597,8 +1680,12 @@ sub verify_and_change_password {
 	    defined($newpass2)    ){
 	&passwordchanger($r,"<p>\n<span class='LC_error'>".
 			 &mt("One or more password fields were blank").
-                         "</span>\n</p>",$caller,$mailtoken);
-	return;
+                         "</span>\n</p>",$caller,$mailtoken,$timelimit,$extrafields);
+        if ($caller eq 'reset_by_email') {
+            return 'missingdata';
+        } else {
+            return;
+        }
     }
     # Get the keys
     my $lonhost = $r->dir_config('lonHostID');
@@ -1616,13 +1703,17 @@ sub verify_and_change_password {
 </p>
 ENDERROR
         # Probably should log an error here
-        return 1;
+        if ($caller eq 'reset_by_email') {
+            return 'internalerror';
+        } else {
+            return;
+        }
     }
     my ($ckey,$n1key,$n2key)=split(/&/,$tmpinfo);
-    # 
-    $currentpass = &des_decrypt($ckey ,$currentpass);
-    $newpass1    = &des_decrypt($n1key,$newpass1);
-    $newpass2    = &des_decrypt($n2key,$newpass2);
+    #
+    $currentpass = &Apache::loncommon::des_decrypt($ckey ,$currentpass);
+    $newpass1    = &Apache::loncommon::des_decrypt($n1key,$newpass1);
+    $newpass2    = &Apache::loncommon::des_decrypt($n2key,$newpass2);
     #
     if ($caller eq 'reset_by_email') {
         my %data = &Apache::lonnet::tmpget($mailtoken);
@@ -1630,30 +1721,53 @@ ENDERROR
             &passwordchanger($r,
                          '<span class="LC_error">'.
                          &mt('Could not verify current authentication.').'  '.
-                         &mt('Please try again.').'</span>',$caller,$mailtoken);
-            return 1;
+                         &mt('Please try again.').'</span>',$caller,$mailtoken,$timelimit,$extrafields);
+            return 'emptydata';
         }
         if ($currentpass ne $data{'temppasswd'}) {
             &passwordchanger($r,
                          '<span class="LC_error">'.
                          &mt('Could not verify current authentication.').'  '.
-                         &mt('Please try again.').'</span>',$caller,$mailtoken);
-            return 1;
+                         &mt('Please try again.').'</span>',$caller,$mailtoken,$timelimit,$extrafields);
+            return 'missingtemp';
         }
-    } 
+    }
     if ($newpass1 ne $newpass2) {
 	&passwordchanger($r,
 			 '<span class="LC_warning">'.
 			 &mt('The new passwords you entered do not match.').'  '.
-			 &mt('Please try again.').'</span>',$caller,$mailtoken);
-	return 1;
+			 &mt('Please try again.').'</span>',$caller,$mailtoken,$timelimit,$extrafields);
+        if ($caller eq 'reset_by_email') {
+            return 'mismatch';
+        } else {
+            return;
+        }
     }
-    if (length($newpass1) < 7) {
-	&passwordchanger($r,
-			 '<span class="LC_warning">'.
-			 &mt('Passwords must be a minimum of 7 characters long.').'  '.
-			 &mt('Please try again.').'</span>',$caller,$mailtoken);
-	return 1;
+    if ($currentauth eq 'unix:') {
+        if (length($newpass1) < 7) {
+            &passwordchanger($r,
+                             '<span class="LC_warning">'.
+                             &mt('Passwords must be a minimum of 7 characters long.').'  '.
+                             &mt('Please try again.').'</span>',$caller,$mailtoken,$timelimit,$extrafields);
+            if ($caller eq 'reset_by_email') {
+                return 'length';
+            } else {
+                return;
+            }
+        }
+    } else {
+        my $warning = &Apache::loncommon::check_passwd_rules($domain,$newpass1);
+        if ($warning) {
+            &passwordchanger($r,'<span class="LC_warning">'.
+                            $warning.
+                            &mt('Please try again.').'</span>',
+                            $caller,$mailtoken,$timelimit,$extrafields);
+            if ($caller eq 'reset_by_email') {
+                return 'rules';
+            } else {
+                return;
+            }
+        }
     }
     #
     # Check for bad characters
@@ -1672,8 +1786,12 @@ ENDERROR
 ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_\`abcdefghijklmnopqrstuvwxyz{|}~
 </pre></span>
 ENDERROR
-        &passwordchanger($r,$errormessage,$caller,$mailtoken);
-        return 1;
+        &passwordchanger($r,$errormessage,$caller,$mailtoken,$timelimit,$extrafields);
+        if ($caller eq 'reset_by_email') {
+            return 'badchars';
+        } else {
+            return;
+        }
     }
     # 
     # Change the password (finally)
@@ -1688,20 +1806,32 @@ ENDERROR
             $r->print($message.'<br />');
         } else {
             &print_main_menu($r, $message);
+            if (ref($ended)) {
+                $$ended = 1;
+            }
         }
     } else {
 	# error error: run in circles, scream and shout
         if ($caller eq 'reset_by_email') {
             if (!$result) {
-                return 1;
+                return 'error';
             } else {
                 return $result;
             }
         } else {
+            my $feedback;
+            if ($result eq 'prioruse') {
+                $feedback = &mt('Please enter a password that you have not used recently.');
+            } else {
+                $feedback = &mt('Please make sure your old password was entered correctly.');
+            }
             $message = &Apache::lonhtmlcommon::confirm_success(
-                &mt("The password for user [_1] was not changed.",'<i>'.$user.'</i>').' '.&mt('Please make sure your old password was entered correctly.'),1);
+                &mt("The password for user [_1] was not changed.",'<i>'.$user.'</i>').' '.$feedback,1);
             $message=&Apache::loncommon::confirmwrapper($message);
             &print_main_menu($r, $message);
+            if (ref($ended)) {
+                $$ended = 1;
+            }
         }
     }
     return;
@@ -1835,7 +1965,7 @@ sub verify_and_change_discussion {
     if (defined($env{'form.discmark'}) ) {
         my $newmark = $env{'form.newmark'};
         if ($newmark eq 'ondisp') {
-            $message.=&Apache::lonhtmlcommon::confirm_success(&mt('In discussions: new posts will be cease to be identified as "NEW" after display.')).'<br />';
+            $message.=&Apache::lonhtmlcommon::confirm_success(&mt('In discussions: new posts will cease to be identified as "NEW" after display.')).'<br />';
             &Apache::lonnet::put('environment',{'discmarkread' => $newmark});
             &Apache::lonnet::appenv({'environment.discmarkread' => $newmark});
         } else {
@@ -1937,6 +2067,64 @@ sub verify_and_change_coursepage {
     &print_main_menu($r,$message);
 }
 
+sub author_space_settings {
+    my $r = shift;
+    &Apache::lonhtmlcommon::add_breadcrumb(
+            {   href => '/adm/preferences?action=authorsettings',
+                text => 'Authoring Space Settings'});
+    my $user       = $env{'user.name'};
+    my $domain     = $env{'user.domain'};
+    my %author_roles = &Apache::lonnet::get_my_roles($user,$domain,'userroles','',['au','ca','aa']);
+    if (keys(%author_roles) > 0) {
+            $r->print(Apache::loncommon::start_page('Authoring Space Settings'));
+            $r->print(Apache::lonhtmlcommon::breadcrumbs('Authoring Space Settings'));
+            my %userenv = &Apache::lonnet::get('environment',['nocodemirror']);
+            my $constchecked='';
+            if ($env{'environment.nocodemirror'}) {
+               $constchecked=' checked="checked"';
+            }
+            my $text=&mt('By default, CodeMirror an editor with advanced functionality for editing code is activated for authors.');
+            my $cmoff=&mt('Deactivate CodeMirror. This can improve performance on slow computers and accessibility.');
+            my $change=&mt('Save');
+            my $returnurl = &HTML::Entities::encode($env{'form.returnurl'},'"<>&\'');
+            $r->print(<<ENDSCREEN);
+        <form name="prefs" action="/adm/preferences" method="post">
+        <input type="hidden" name="returnurl" value="$returnurl" />
+        <input type="hidden" name="action" value="change_authoring_settings" />
+        $text<br />
+        <label><input type="checkbox" name="cmoff"$constchecked />$cmoff</label><br />
+        <input type="submit" value="$change" />
+        </form>
+ENDSCREEN
+    }
+}
+
+sub change_authoring_settings {
+    my $r = shift;
+    my $user       = $env{'user.name'};
+    my $domain     = $env{'user.domain'};
+    my %author_roles = &Apache::lonnet::get_my_roles($user,$domain,'userroles','',['au','ca','aa']);
+    if (keys(%author_roles) > 0) {
+            my %ausettings=('environment.nocodemirror' => '');
+            if ($env{'form.cmoff'}) { $ausettings{'environment.nocodemirror'}='yes'; }
+            &Apache::lonnet::put('environment',\%ausettings);
+            &Apache::lonnet::appenv({'environment.nocodemirror' => $ausettings{'environment.nocodemirror'}});
+            my $status='';
+            if ($ausettings{'environment.nocodemirror'} eq 'yes') {
+                $status=&mt('on');
+            } else {
+                $status=&mt('off');
+            }
+            my $message=&Apache::lonhtmlcommon::confirm_success(&mt('Set [_1] to [_2]','<i>'.&mt('Deactivate CodeMirror in Authoring Space').'</i>','<tt>'.$status.'</tt>'));
+            $message=&Apache::loncommon::confirmwrapper($message);
+            if ($env{'form.returnurl'}) {
+                &do_redirect($r,$env{'form.returnurl'},$message);
+            } else {
+                &print_main_menu($r,$message);
+            }
+    }
+}
+
 sub lockednameschanger {
     my $r = shift;
     &Apache::lonhtmlcommon::add_breadcrumb(
@@ -2178,6 +2366,18 @@ push(@{ $menu[4]->{items} }, {
 	});
 
     }
+
+    my %author_coauthor_roles = &Apache::lonnet::get_my_roles($user,$domain,'userroles','',['au','ca','aa']);
+    if (keys(%author_coauthor_roles) > 0) {
+        push(@{ $menu[4]->{items} }, {
+            linktext => 'Authoring Space Configuration',
+            url => '/adm/preferences?action=authorsettings',
+            permission => 'F',
+            icon => 'codemirror.png',
+            linktitle => 'Settings for your authoring space.',
+        });
+    }
+
     if (&can_toggle_debug()) {
 push(@{ $menu[4]->{items} }, {
 	linktext => 'Toggle Debug Messages (Currently '.($env{'user.debug'} ? 'on)' : 'off)'),
@@ -2215,29 +2415,43 @@ sub handler {
                                    ['action','wysiwyg','returnurl','refpage']);
     #
     Apache::lonhtmlcommon::clear_breadcrumbs();
-    my ($brlink,$brtxt,$brhelp);
+    my ($brlink,$brtxt,$brhelp,$ended);
     if (($env{'form.action'} eq 'changerolespref') && ($env{'form.returnurl'} eq '/adm/roles')) {
         $brlink ='/adm/roles';
         $brtxt = 'User Roles';
+    } elsif ((($env{'form.action'} eq 'changedomcoord') ||
+              ($env{'form.action'} eq 'authorsettings')) &&
+             (($env{'form.returnurl'} =~ m{^/(priv/|res($|/))}) ||
+              ($env{'form.returnurl'} eq '/adm/createuser'))) {
+        $brlink = $env{'form.returnurl'};
+        if ($env{'form.returnurl'} eq '/adm/createuser') {
+            $brtxt = 'User Management';
+        } elsif ($env{'form.returnurl'} =~ m{^/res($\/)}) {
+            $brtxt = 'Browse published resources';
+        } else {
+            $brtxt = 'Authoring Space';
+        }
     } else {
         $brlink ='/adm/preferences';
         $brtxt = 'Set User Preferences';
-        $brhelp = 'Prefs_About_Me,Prefs_Language,Prefs_Screen_Name_Nickname,Change_Colors,Change_Password,Prefs_Messages,Change_Discussion_Display';   
+        $brhelp = 'Prefs_About_Me,Prefs_Language,Prefs_Screen_Name_Nickname,Change_Colors,Change_Password,Prefs_Messages,Change_Discussion_Display';
     }
     Apache::lonhtmlcommon::add_breadcrumb
         ({href => $brlink,
           text => $brtxt,
           help => $brhelp,});
     if(!exists $env{'form.action'}) {
-	    &print_main_menu($r);
+	&print_main_menu($r);
+        $ended = 1;
     }elsif($env{'form.action'} eq 'changepass'){
         &passwordchanger($r);
     }elsif($env{'form.action'} eq 'verify_and_change_pass'){
-        &verify_and_change_password($r);
+        &verify_and_change_password($r,'preferences','','','',\$ended);
     }elsif($env{'form.action'} eq 'changescreenname'){
         &screennamechanger($r);
     }elsif($env{'form.action'} eq 'verify_and_change_screenname'){
         &verify_and_change_screenname($r);
+        $ended = 1;
     }elsif($env{'form.action'} eq 'changemsgforward'){
         &msgforwardchanger($r);
     }elsif($env{'form.action'} eq 'verify_and_change_msgforward'){
@@ -2246,38 +2460,47 @@ sub handler {
         &colorschanger($r);
     }elsif($env{'form.action'} eq 'verify_and_change_colors'){
         &verify_and_change_colors($r);
+        $ended = 1;
     }elsif($env{'form.action'} eq 'changelanguages'){
         &languagechanger($r);
     }elsif($env{'form.action'} eq 'verify_and_change_languages'){
         &verify_and_change_languages($r);
+        $ended = 1;
     }elsif($env{'form.action'} eq 'changewysiwyg'){
         &wysiwygchanger($r);
     }elsif($env{'form.action'} eq 'set_wysiwyg'){
         &verify_and_change_wysiwyg($r);
+        $ended = 1;
     }elsif($env{'form.action'} eq 'changediscussions'){
         &discussionchanger($r);
     }elsif($env{'form.action'} eq 'verify_and_change_discussion'){
         &verify_and_change_discussion($r);
+        $ended = 1;
     }elsif($env{'form.action'} eq 'changerolespref'){
         &rolesprefchanger($r);
     }elsif($env{'form.action'} eq 'verify_and_change_rolespref'){
         &verify_and_change_rolespref($r);
+        $ended = 1;
     }elsif($env{'form.action'} eq 'changetexenginepref'){
         &texenginechanger($r);
     }elsif($env{'form.action'} eq 'verify_and_change_texengine'){
         &verify_and_change_texengine($r);
+        $ended = 1;
     }elsif($env{'form.action'} eq 'changeicons'){
         &iconchanger($r);
     }elsif($env{'form.action'} eq 'verify_and_change_icons'){
         &verify_and_change_icons($r);
+        $ended = 1;
     }elsif($env{'form.action'} eq 'changeclicker'){
         &clickerchanger($r);
     }elsif($env{'form.action'} eq 'verify_and_change_clicker'){
         &verify_and_change_clicker($r);
+        $ended = 1;
     }elsif($env{'form.action'} eq 'changedomcoord'){
         &domcoordchanger($r);
     }elsif($env{'form.action'} eq 'verify_and_change_domcoord'){
         &verify_and_change_domcoord($r);
+        $ended = 1;
     }elsif($env{'form.action'} eq 'lockwarning'){
         &lockwarning($r);
     }elsif($env{'form.action'} eq 'verify_and_change_locks'){
@@ -2286,22 +2509,29 @@ sub handler {
         &coursedisplaychanger($r);
     }elsif($env{'form.action'} eq 'verify_and_change_coursepage'){
         &verify_and_change_coursepage($r);
+        $ended = 1;
+    }elsif($env{'form.action'} eq 'authorsettings'){
+        &author_space_settings($r);
+    }elsif($env{'form.action'} eq 'change_authoring_settings'){
+        &change_authoring_settings($r);
+        $ended = 1;
     }elsif($env{'form.action'} eq 'debugtoggle'){
         if (&can_toggle_debug()) {
             &toggle_debug();
         }
 	&print_main_menu($r);
+        $ended = 1;
     } elsif ($env{'form.action'} eq 'changelockednames') {
         &lockednameschanger($r);
     } elsif ($env{'form.action'} eq 'verify_and_change_lockednames') {
         &verify_and_change_lockednames($r);
+        $ended = 1;
     }
 
     # Properly end the HTML page of all preference pages
     # started in each sub routine
     # Exception: print_main_menu has its own end_page call
-    unless (!exists $env{'form.action'} ||
-            $env{'form.action'} eq 'debugtoggle') {
+    unless ($ended) {
         $r->print(&Apache::loncommon::end_page());
     }
 
@@ -2374,5 +2604,16 @@ sub updateable_userinfo {
     return %updateable;
 }
 
+sub do_redirect {
+    my ($r,$url,$msg) = @_;
+    $r->print(
+        &Apache::loncommon::start_page('Switching Server ...',undef,
+                                       {'redirect'       => [0.5,$url]}).
+        '<div style="padding:0;clear:both;margin:0;border:0"></div>'."\n".
+        "$msg\n".
+        &Apache::loncommon::end_page());
+    return;
+}
+
 1;
 __END__
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
<p>Please contact the server administrator at 
 root@localhost to inform them of the time this error occurred,
 and the actions you performed just before this error.</p>
<p>More information about this error may be available
in the server error log.</p>
</body></html>