--- loncom/lonenc.pm	2004/03/31 05:29:23	1.2
+++ loncom/lonenc.pm	2004/12/20 19:26:53	1.9
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # URL translation for encrypted filenames
 #
-# $Id: lonenc.pm,v 1.2 2004/03/31 05:29:23 www Exp $
+# $Id: lonenc.pm,v 1.9 2004/12/20 19:26:53 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -34,6 +34,7 @@ use Apache::lonnet();
 use Apache::File();
 use Apache::loncommon;
 use Crypt::IDEA;
+use Time::HiRes qw(gettimeofday);
 
 sub handler {
     my $r = shift;
@@ -44,11 +45,14 @@ sub handler {
 	my $handle=$lonid->value;
         $handle=~s/\W//g;
         my $lonidsdir=$r->dir_config('lonIDsDir');
+	$ENV{'request.enc'}=1;
         if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
 # Initialize Environment
             &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
 # Decrypt URL and redirect
-	    $r->internal_redirect(&unencrypted($r->uri));
+	    my $redirect=&unencrypted($r->uri);
+	    if ($r->args) { $redirect.='?'.$r->args; }
+	    $r->internal_redirect($redirect);
 	    return OK;
 	} 
     }
@@ -79,26 +83,69 @@ sub unencrypted {
 				  pack("H16",substr($uri,$encidx,16))
 				  );
     }
+    $ENV{'request.enc'}=1;
+    $decuri=&remove_noise($decuri);
     return substr($decuri,0,$cmdlength);
 }
 
+# add a randomish character after every 4th caharacter
+sub add_noise {
+    my ($uri)=@_;
+    my @noise=split(/(.)/,(&gettimeofday())[1]);
+    my $noisy;
+    my $i;
+    foreach my $chunk (split(/(....)/,$uri)) {
+	$noisy.=$chunk;
+	$noisy.=$noise[($i++)%(scalar@noise)];
+    }
+    return $noisy;
+}
+
+# remove every fifth character
+sub remove_noise {
+    my ($uri)=@_;
+    my $clean;
+    foreach my $chunk (split(/(....)./,$uri)) { $clean.=$chunk; }
+    return $clean;
+}
+
 sub encrypted {
     my $uri=shift;
+    if ($ENV{'request.role.adv'}) { return($uri); }
     my $seed=&encryptseed();
     unless ($seed) {
 	return $uri;
     }
     my $cmdlength=length($uri);
-    $uri.='00000000';
+    # add noise before enc so that that same url's look different
+    $uri=&add_noise($uri);
+    my $noiselength=length($uri);
+    $uri.=time;
     my $encuri='';
     my $cipher=new IDEA $seed;
-    for (my $encidx=0;$encidx<=$cmdlength;$encidx+=8) {
+    for (my $encidx=0;$encidx<=$noiselength;$encidx+=8) {
 	$encuri.=unpack("H16",
 			$cipher->encrypt(substr($uri,$encidx,8)));
     }
     return '/enc/'.$cmdlength.'/'.&Apache::lonnet::escape($encuri);
 }
 
+sub check_encrypt {
+    my $str=shift;
+    if ($ENV{'request.enc'}) { return &Apache::lonenc::encrypted($str); }
+    return $str;
+}
+
+sub check_decrypt {
+    my ($str)=@_;
+    if (ref($str)) {
+	if ($$str=~m|^/enc/|) { $$str=&Apache::lonenc::unencrypted($$str); }
+	return;
+    }
+    if ($str=~m|^/enc/|) { return &Apache::lonenc::unencrypted($str); }
+    return $str;
+}
+
 1;
 __END__