loncom/lonnet/perl/lonnet.pm - diff

Return to lonnet.pm CVS log

Up to [LON-CAPA] / loncom / lonnet / perl

Diff for /loncom/lonnet/perl/lonnet.pm between versions 1.1172.2.118.2.7 and 1.1172.2.146.2.11

version 1.1172.2.118.2.7, 2020/09/08 02:08:27	version 1.1172.2.146.2.11, 2023/01/22 17:39:48
Line 95 use Cache::Memcached;	Line 95 use Cache::Memcached;
use Digest::MD5;	use Digest::MD5;
use Math::Random;	use Math::Random;
use File::MMagic;	use File::MMagic;
	use Net::CIDR;
	use Sys::Hostname::FQDN();
use LONCAPA qw(:DEFAULT :match);	use LONCAPA qw(:DEFAULT :match);
use LONCAPA::Configuration;	use LONCAPA::Configuration;
use LONCAPA::lonmetadata;	use LONCAPA::lonmetadata;
Line 125 our @EXPORT = qw(%env);	Line 127 our @EXPORT = qw(%env);
$logid ++;	$logid ++;
my $now = time();	my $now = time();
my $id=$now.'00000'.$$.'00000'.$logid;	my $id=$now.'00000'.$$.'00000'.$logid;
	my $ip = &get_requestor_ip();
my $logentry = {	my $logentry = {
$id => {	$id => {
'exe_uname' => $env{'user.name'},	'exe_uname' => $env{'user.name'},
'exe_udom' => $env{'user.domain'},	'exe_udom' => $env{'user.domain'},
'exe_time' => $now,	'exe_time' => $now,
'exe_ip' => $ENV{'REMOTE_ADDR'},	'exe_ip' => $ip,
'delflag' => $delflag,	'delflag' => $delflag,
'logentry' => $storehash,	'logentry' => $storehash,
'uname' => $uname,	'uname' => $uname,
Line 688 sub check_for_valid_session {	Line 691 sub check_for_valid_session {
if (ref($userhashref) eq 'HASH') {	if (ref($userhashref) eq 'HASH') {
$userhashref->{'name'} = $disk_env{'user.name'};	$userhashref->{'name'} = $disk_env{'user.name'};
$userhashref->{'domain'} = $disk_env{'user.domain'};	$userhashref->{'domain'} = $disk_env{'user.domain'};
	if ($disk_env{'request.role'}) {
	$userhashref->{'role'} = $disk_env{'request.role'};
	}
}	}
untie(%disk_env);	untie(%disk_env);

Line 916 sub userload {	Line 922 sub userload {
# ------------------------------ Find server with least workload from spare.tab	# ------------------------------ Find server with least workload from spare.tab

sub spareserver {	sub spareserver {
my ($loadpercent,$userloadpercent,$want_server_name,$udom) = @_;	my ($r,$loadpercent,$userloadpercent,$want_server_name,$udom) = @_;
my $spare_server;	my $spare_server;
if ($userloadpercent !~ /\d/) { $userloadpercent=0; }	if ($userloadpercent !~ /\d/) { $userloadpercent=0; }
my $lowest_load=($loadpercent > $userloadpercent) ? $loadpercent	my $lowest_load=($loadpercent > $userloadpercent) ? $loadpercent
Line 961 sub spareserver {	Line 967 sub spareserver {
if ($protocol{$spare_server} eq 'https') {	if ($protocol{$spare_server} eq 'https') {
$protocol = $protocol{$spare_server};	$protocol = $protocol{$spare_server};
}	}
	my $alias = &Apache::lonnet::use_proxy_alias($r,$spare_server);
	$hostname = $alias if ($alias ne '');
$spare_server = $protocol.'://'.$hostname;	$spare_server = $protocol.'://'.$hostname;
}	}
}	}
Line 1082 sub check_for_balancer_cookie {	Line 1090 sub check_for_balancer_cookie {
return ($otherserver,$cookie);	return ($otherserver,$cookie);
}	}

	sub updatebalcookie {
	my ($cookie,$balancer,$lastentry)=@_;
	if ($cookie =~ /^($match_domain)\_($match_username)\_[a-f0-9]{32}$/) {
	my ($udom,$uname) = ($1,$2);
	my $uprimary_id = &domain($udom,'primary');
	my $uintdom = &internet_dom($uprimary_id);
	my $intdom = &internet_dom($balancer);
	my $serverhomedom = &host_domain($balancer);
	if (($uintdom ne '') && ($uintdom eq $intdom)) {
	return &reply('updatebalcookie:'.&escape($cookie).':'.&escape($lastentry),$balancer);
	}
	}
	return;
	}

sub delbalcookie {	sub delbalcookie {
my ($cookie,$balancer) =@_;	my ($cookie,$balancer) =@_;
if ($cookie =~ /^($match_domain)\_($match_username)\_[a-f0-9]{32}$/) {	if ($cookie =~ /^($match_domain)\_($match_username)\_[a-f0-9]{32}$/) {
Line 1091 sub delbalcookie {	Line 1114 sub delbalcookie {
my $intdom = &internet_dom($balancer);	my $intdom = &internet_dom($balancer);
my $serverhomedom = &host_domain($balancer);	my $serverhomedom = &host_domain($balancer);
if (($uintdom ne '') && ($uintdom eq $intdom)) {	if (($uintdom ne '') && ($uintdom eq $intdom)) {
return &reply("delbalcookie:$cookie",$balancer);	return &reply('delbalcookie:'.&escape($cookie),$balancer);
}	}
}	}
}	}
Line 1231 sub changepass {	Line 1254 sub changepass {
sub queryauthenticate {	sub queryauthenticate {
my ($uname,$udom)=@_;	my ($uname,$udom)=@_;
my $uhome=&homeserver($uname,$udom);	my $uhome=&homeserver($uname,$udom);
if (!$uhome) {	if ((!$uhome) \|\| ($uhome eq 'no_host')) {
&logthis("User $uname at $udom is unknown when looking for authentication mechanism");	&logthis("User $uname at $udom is unknown when looking for authentication mechanism");
return 'no_host';	return 'no_host';
}	}
Line 1280 sub authenticate {	Line 1303 sub authenticate {
}	}
if ($answer eq 'non_authorized') {	if ($answer eq 'non_authorized') {
&logthis("User $uname at $udom rejected by $uhome");	&logthis("User $uname at $udom rejected by $uhome");
return 'no_host';	return 'no_host';
}	}
&logthis("User $uname at $udom threw error $answer when checking authentication mechanism");	&logthis("User $uname at $udom threw error $answer when checking authentication mechanism");
return 'no_host';	return 'no_host';
}	}

	sub can_switchserver {
	my ($udom,$home) = @_;
	my ($canswitch,@intdoms);
	my $internet_names = &get_internet_names($home);
	if (ref($internet_names) eq 'ARRAY') {
	@intdoms = @{$internet_names};
	}
	my $uint_dom = &internet_dom(&domain($udom,'primary'));
	if ($uint_dom ne '' && grep(/^\Q$uint_dom\E$/,@intdoms)) {
	$canswitch = 1;
	} else {
	my $serverhomeID = &get_server_homeID(&hostname($home));
	my $serverhomedom = &host_domain($serverhomeID);
	my %defdomdefaults = &get_domain_defaults($serverhomedom);
	my %udomdefaults = &get_domain_defaults($udom);
	my $remoterev = &get_server_loncaparev('',$home);
	$canswitch = &can_host_session($udom,$home,$remoterev,
	$udomdefaults{'remotesessions'},
	$defdomdefaults{'hostedsessions'});
	}
	return $canswitch;
	}

sub can_host_session {	sub can_host_session {
my ($udom,$lonhost,$remoterev,$remotesessions,$hostedsessions) = @_;	my ($udom,$lonhost,$remoterev,$remotesessions,$hostedsessions) = @_;
my $canhost = 1;	my $canhost = 1;
Line 1360 sub spare_can_host {	Line 1406 sub spare_can_host {
$canhost = 0;	$canhost = 0;
}	}
}	}
	if ($canhost) {
	if (ref($defdomdefaults{'offloadoth'}) eq 'HASH') {
	if ($defdomdefaults{'offloadoth'}{$try_server}) {
	unless (&shared_institution($udom,$try_server)) {
	$canhost = 0;
	}
	}
	}
	}
if (($canhost) && ($uint_dom)) {	if (($canhost) && ($uint_dom)) {
my @intdoms;	my @intdoms;
my $internet_names = &get_internet_names($try_server);	my $internet_names = &get_internet_names($try_server);
Line 1578 sub check_loadbalancing {	Line 1633 sub check_loadbalancing {
if ($domneedscache) {	if ($domneedscache) {
&do_cache_new('loadbalancing',$domneedscache,$is_balancer,$cachetime);	&do_cache_new('loadbalancing',$domneedscache,$is_balancer,$cachetime);
}	}
if ($is_balancer) {	if (($is_balancer) && ($caller ne 'switchserver')) {
my $lowest_load = 30000;	my $lowest_load = 30000;
if (ref($offloadto) eq 'HASH') {	if (ref($offloadto) eq 'HASH') {
if (ref($offloadto->{'primary'}) eq 'ARRAY') {	if (ref($offloadto->{'primary'}) eq 'ARRAY') {
Line 1618 sub check_loadbalancing {	Line 1673 sub check_loadbalancing {
}	}
}	}
}	}
unless ($homeintdom) {	}
undef($setcookie);	if (($is_balancer) && (!$homeintdom)) {
}	undef($setcookie);
}	}
return ($is_balancer,$otherserver,$setcookie);	return ($is_balancer,$otherserver,$setcookie);
}	}
Line 1850 sub dump_dom {	Line 1905 sub dump_dom {
# ------------------------------------------ get items from domain db files	# ------------------------------------------ get items from domain db files

sub get_dom {	sub get_dom {
my ($namespace,$storearr,$udom,$uhome)=@_;	my ($namespace,$storearr,$udom,$uhome,$encrypt)=@_;
return if ($udom eq 'public');	return if ($udom eq 'public');
my $items='';	my $items='';
foreach my $item (@$storearr) {	foreach my $item (@$storearr) {
Line 1874 sub get_dom {	Line 1929 sub get_dom {
}	}
if ($udom && $uhome && ($uhome ne 'no_host')) {	if ($udom && $uhome && ($uhome ne 'no_host')) {
my $rep;	my $rep;
if ($namespace =~ /^enc/) {	if (grep { $_ eq $uhome } &current_machine_ids()) {
$rep=&reply("encrypt:egetdom:$udom:$namespace:$items",$uhome);	# domain information is hosted on this machine
	$rep = &LONCAPA::Lond::get_dom("getdom:$udom:$namespace:$items");
} else {	} else {
$rep=&reply("getdom:$udom:$namespace:$items",$uhome);	if ($encrypt) {
	$rep=&reply("encrypt:egetdom:$udom:$namespace:$items",$uhome);
	} else {
	$rep=&reply("getdom:$udom:$namespace:$items",$uhome);
	}
}	}
my %returnhash;	my %returnhash;
if ($rep eq '' \|\| $rep =~ /^error: 2 /) {	if ($rep eq '' \|\| $rep =~ /^error: 2 /) {
Line 1901 sub get_dom {	Line 1961 sub get_dom {
# -------------------------------------------- put items in domain db files	# -------------------------------------------- put items in domain db files

sub put_dom {	sub put_dom {
my ($namespace,$storehash,$udom,$uhome)=@_;	my ($namespace,$storehash,$udom,$uhome,$encrypt)=@_;
if (!$udom) {	if (!$udom) {
$udom=$env{'user.domain'};	$udom=$env{'user.domain'};
if (defined(&domain($udom,'primary'))) {	if (defined(&domain($udom,'primary'))) {
Line 1922 sub put_dom {	Line 1982 sub put_dom {
$items.=&escape($item).'='.&freeze_escape($$storehash{$item}).'&';	$items.=&escape($item).'='.&freeze_escape($$storehash{$item}).'&';
}	}
$items=~s/\&$//;	$items=~s/\&$//;
if ($namespace =~ /^enc/) {	if ($encrypt) {
return &reply("encrypt:putdom:$udom:$namespace:$items",$uhome);	return &reply("encrypt:putdom:$udom:$namespace:$items",$uhome);
} else {	} else {
return &reply("putdom:$udom:$namespace:$items",$uhome);	return &reply("putdom:$udom:$namespace:$items",$uhome);
Line 1960 sub del_dom {	Line 2020 sub del_dom {
}	}
}	}

	sub store_dom {
	my ($storehash,$id,$namespace,$dom,$home,$encrypt) = @_;
	$$storehash{'ip'}=&get_requestor_ip();
	$$storehash{'host'}=$perlvar{'lonHostID'};
	my $namevalue='';
	foreach my $key (keys(%{$storehash})) {
	$namevalue.=&escape($key).'='.&freeze_escape($$storehash{$key}).'&';
	}
	$namevalue=~s/\&$//;
	if (grep { $_ eq $home } current_machine_ids()) {
	return LONCAPA::Lond::store_dom("storedom:$dom:$namespace:$id:$namevalue");
	} else {
	if ($namespace eq 'private') {
	return 'refused';
	} elsif ($encrypt) {
	return reply("encrypt:storedom:$dom:$namespace:$id:$namevalue",$home);
	} else {
	return reply("storedom:$dom:$namespace:$id:$namevalue",$home);
	}
	}
	}

	sub restore_dom {
	my ($id,$namespace,$dom,$home,$encrypt) = @_;
	my $answer;
	if (grep { $_ eq $home } current_machine_ids()) {
	$answer = LONCAPA::Lond::restore_dom("restoredom:$dom:$namespace:$id");
	} elsif ($namespace ne 'private') {
	if ($encrypt) {
	$answer=&reply("encrypt:restoredom:$dom:$namespace:$id",$home);
	} else {
	$answer=&reply("restoredom:$dom:$namespace:$id",$home);
	}
	}
	my %returnhash=();
	unless (($answer eq '') \|\| ($answer eq 'con_lost') \|\| ($answer eq 'refused') \|\|
	($answer eq 'unknown_cmd') \|\| ($answer eq 'rejected')) {
	foreach my $line (split(/\&/,$answer)) {
	my ($name,$value)=split(/\=/,$line);
	$returnhash{&unescape($name)}=&thaw_unescape($value);
	}
	my $version;
	for ($version=1;$version<=$returnhash{'version'};$version++) {
	foreach my $item (split(/\:/,$returnhash{$version.':keys'})) {
	$returnhash{$item}=$returnhash{$version.':'.$item};
	}
	}
	}
	return %returnhash;
	}

# ----------------------------------construct domainconfig user for a domain	# ----------------------------------construct domainconfig user for a domain
sub get_domainconfiguser {	sub get_domainconfiguser {
my ($udom) = @_;	my ($udom) = @_;
Line 2002 sub retrieve_inst_usertypes {	Line 2113 sub retrieve_inst_usertypes {

sub is_domainimage {	sub is_domainimage {
my ($url) = @_;	my ($url) = @_;
if ($url=~m-^/+res/+($match_domain)/+\1\-domainconfig/+(img\|logo\|domlogo)/+[^/]-) {	if ($url=~m-^/+res/+($match_domain)/+\1\-domainconfig/+(img\|logo\|domlogo\|login)/+[^/]-) {
if (&domain($1) ne '') {	if (&domain($1) ne '') {
return '1';	return '1';
}	}
Line 2238 sub inst_rulecheck {	Line 2349 sub inst_rulecheck {
$response=&unescape(&reply('instidrulecheck:'.&escape($udom).	$response=&unescape(&reply('instidrulecheck:'.&escape($udom).
':'.&escape($id).':'.$rulestr,	':'.&escape($id).':'.$rulestr,
$homeserver));	$homeserver));
	} elsif ($item eq 'unamemap') {
	$response=&unescape(&reply('instunamemapcheck:'.
	&escape($udom).':'.&escape($uname).
	':'.$rulestr,$homeserver));
} elsif ($item eq 'selfcreate') {	} elsif ($item eq 'selfcreate') {
$response=&unescape(&reply('instselfcreatecheck:'.	$response=&unescape(&reply('instselfcreatecheck:'.
&escape($udom).':'.&escape($uname).	&escape($udom).':'.&escape($uname).
Line 2271 sub inst_userrules {	Line 2386 sub inst_userrules {
} elsif ($check eq 'email') {	} elsif ($check eq 'email') {
$response=&reply('instemailrules:'.&escape($udom),	$response=&reply('instemailrules:'.&escape($udom),
$homeserver);	$homeserver);
	} elsif ($check eq 'unamemap') {
	$response=&reply('unamemaprules:'.&escape($udom),
	$homeserver);
} else {	} else {
$response=&reply('instuserrules:'.&escape($udom),	$response=&reply('instuserrules:'.&escape($udom),
$homeserver);	$homeserver);
Line 2317 sub get_domain_defaults {	Line 2435 sub get_domain_defaults {
'coursedefaults','usersessions',	'coursedefaults','usersessions',
'requestauthor','selfenrollment',	'requestauthor','selfenrollment',
'coursecategories','autoenroll',	'coursecategories','autoenroll',
'helpsettings'],$domain);	'helpsettings','wafproxy','ltisec'],$domain);
my @coursetypes = ('official','unofficial','community','textbook');	my @coursetypes = ('official','unofficial','community','textbook');
if (ref($domconfig{'defaults'}) eq 'HASH') {	if (ref($domconfig{'defaults'}) eq 'HASH') {
$domdefaults{'lang_def'} = $domconfig{'defaults'}{'lang_def'};	$domdefaults{'lang_def'} = $domconfig{'defaults'}{'lang_def'};
Line 2329 sub get_domain_defaults {	Line 2447 sub get_domain_defaults {
$domdefaults{'intauth_cost'} = $domconfig{'defaults'}{'intauth_cost'};	$domdefaults{'intauth_cost'} = $domconfig{'defaults'}{'intauth_cost'};
$domdefaults{'intauth_switch'} = $domconfig{'defaults'}{'intauth_switch'};	$domdefaults{'intauth_switch'} = $domconfig{'defaults'}{'intauth_switch'};
$domdefaults{'intauth_check'} = $domconfig{'defaults'}{'intauth_check'};	$domdefaults{'intauth_check'} = $domconfig{'defaults'}{'intauth_check'};
	$domdefaults{'unamemap_rule'} = $domconfig{'defaults'}{'unamemap_rule'};
} else {	} else {
$domdefaults{'lang_def'} = &domain($domain,'lang_def');	$domdefaults{'lang_def'} = &domain($domain,'lang_def');
$domdefaults{'auth_def'} = &domain($domain,'auth_def');	$domdefaults{'auth_def'} = &domain($domain,'auth_def');
Line 2365 sub get_domain_defaults {	Line 2484 sub get_domain_defaults {
}	}
if (ref($domconfig{'coursedefaults'}) eq 'HASH') {	if (ref($domconfig{'coursedefaults'}) eq 'HASH') {
$domdefaults{'usejsme'} = $domconfig{'coursedefaults'}{'usejsme'};	$domdefaults{'usejsme'} = $domconfig{'coursedefaults'}{'usejsme'};
	$domdefaults{'inline_chem'} = $domconfig{'coursedefaults'}{'inline_chem'};
$domdefaults{'uselcmath'} = $domconfig{'coursedefaults'}{'uselcmath'};	$domdefaults{'uselcmath'} = $domconfig{'coursedefaults'}{'uselcmath'};
if (ref($domconfig{'coursedefaults'}{'postsubmit'}) eq 'HASH') {	if (ref($domconfig{'coursedefaults'}{'postsubmit'}) eq 'HASH') {
$domdefaults{'postsubmit'} = $domconfig{'coursedefaults'}{'postsubmit'}{'client'};	$domdefaults{'postsubmit'} = $domconfig{'coursedefaults'}{'postsubmit'}{'client'};
Line 2398 sub get_domain_defaults {	Line 2518 sub get_domain_defaults {
if ($domconfig{'coursedefaults'}{'texengine'}) {	if ($domconfig{'coursedefaults'}{'texengine'}) {
$domdefaults{'texengine'} = $domconfig{'coursedefaults'}{'texengine'};	$domdefaults{'texengine'} = $domconfig{'coursedefaults'}{'texengine'};
}	}
	if (exists($domconfig{'coursedefaults'}{'ltiauth'})) {
	$domdefaults{'crsltiauth'} = $domconfig{'coursedefaults'}{'ltiauth'};
	}
}	}
if (ref($domconfig{'usersessions'}) eq 'HASH') {	if (ref($domconfig{'usersessions'}) eq 'HASH') {
if (ref($domconfig{'usersessions'}{'remote'}) eq 'HASH') {	if (ref($domconfig{'usersessions'}{'remote'}) eq 'HASH') {
Line 2409 sub get_domain_defaults {	Line 2532 sub get_domain_defaults {
if (ref($domconfig{'usersessions'}{'offloadnow'}) eq 'HASH') {	if (ref($domconfig{'usersessions'}{'offloadnow'}) eq 'HASH') {
$domdefaults{'offloadnow'} = $domconfig{'usersessions'}{'offloadnow'};	$domdefaults{'offloadnow'} = $domconfig{'usersessions'}{'offloadnow'};
}	}
	if (ref($domconfig{'usersessions'}{'offloadoth'}) eq 'HASH') {
	$domdefaults{'offloadoth'} = $domconfig{'usersessions'}{'offloadoth'};
	}
}	}
if (ref($domconfig{'selfenrollment'}) eq 'HASH') {	if (ref($domconfig{'selfenrollment'}) eq 'HASH') {
if (ref($domconfig{'selfenrollment'}{'admin'}) eq 'HASH') {	if (ref($domconfig{'selfenrollment'}{'admin'}) eq 'HASH') {
Line 2450 sub get_domain_defaults {	Line 2576 sub get_domain_defaults {
}	}
if (ref($domconfig{'autoenroll'}) eq 'HASH') {	if (ref($domconfig{'autoenroll'}) eq 'HASH') {
$domdefaults{'autofailsafe'} = $domconfig{'autoenroll'}{'autofailsafe'};	$domdefaults{'autofailsafe'} = $domconfig{'autoenroll'}{'autofailsafe'};
	$domdefaults{'failsafe'} = $domconfig{'autoenroll'}{'failsafe'};
}	}
if (ref($domconfig{'helpsettings'}) eq 'HASH') {	if (ref($domconfig{'helpsettings'}) eq 'HASH') {
$domdefaults{'submitbugs'} = $domconfig{'helpsettings'}{'submitbugs'};	$domdefaults{'submitbugs'} = $domconfig{'helpsettings'}{'submitbugs'};
Line 2457 sub get_domain_defaults {	Line 2584 sub get_domain_defaults {
$domdefaults{'adhocroles'} = $domconfig{'helpsettings'}{'adhoc'};	$domdefaults{'adhocroles'} = $domconfig{'helpsettings'}{'adhoc'};
}	}
}	}
	if (ref($domconfig{'wafproxy'}) eq 'HASH') {
	foreach my $item ('ipheader','trusted','vpnint','vpnext','sslopt') {
	if ($domconfig{'wafproxy'}{$item}) {
	$domdefaults{'waf_'.$item} = $domconfig{'wafproxy'}{$item};
	}
	}
	}
	if (ref($domconfig{'ltisec'}) eq 'HASH') {
	if (ref($domconfig{'ltisec'}{'encrypt'}) eq 'HASH') {
	$domdefaults{'linkprotenc_crs'} = $domconfig{'ltisec'}{'encrypt'}{'crs'};
	$domdefaults{'linkprotenc_dom'} = $domconfig{'ltisec'}{'encrypt'}{'dom'};
	$domdefaults{'ltienc_consumers'} = $domconfig{'ltisec'}{'encrypt'}{'consumers'};
	}
	if (ref($domconfig{'ltisec'}{'private'}) eq 'HASH') {
	if (ref($domconfig{'ltisec'}{'private'}{'keys'}) eq 'ARRAY') {
	$domdefaults{'privhosts'} = $domconfig{'ltisec'}{'private'}{'keys'};
	}
	}
	}
&do_cache_new('domdefaults',$domain,\%domdefaults,$cachetime);	&do_cache_new('domdefaults',$domain,\%domdefaults,$cachetime);
return %domdefaults;	return %domdefaults;
}	}
Line 2493 sub get_dom_instcats {	Line 2639 sub get_dom_instcats {
if (&auto_instcode_format($caller,$dom,\%coursecodes,\%codes,	if (&auto_instcode_format($caller,$dom,\%coursecodes,\%codes,
\@codetitles,\%cat_titles,\%cat_order) eq 'ok') {	\@codetitles,\%cat_titles,\%cat_order) eq 'ok') {
$instcats = {	$instcats = {
	totcodes => $totcodes,
codes => \%codes,	codes => \%codes,
codetitles => \@codetitles,	codetitles => \@codetitles,
cat_titles => \%cat_titles,	cat_titles => \%cat_titles,
Line 2544 sub get_passwdconf {	Line 2691 sub get_passwdconf {
}	}

sub course_portal_url {	sub course_portal_url {
my ($cnum,$cdom) = @_;	my ($cnum,$cdom,$r) = @_;
my $chome = &homeserver($cnum,$cdom);	my $chome = &homeserver($cnum,$cdom);
my $hostname = &hostname($chome);	my $hostname = &hostname($chome);
my $protocol = $protocol{$chome};	my $protocol = $protocol{$chome};
Line 2554 sub course_portal_url {	Line 2701 sub course_portal_url {
if ($domdefaults{'portal_def'}) {	if ($domdefaults{'portal_def'}) {
$firsturl = $domdefaults{'portal_def'};	$firsturl = $domdefaults{'portal_def'};
} else {	} else {
	my $alias = &Apache::lonnet::use_proxy_alias($r,$chome);
	$hostname = $alias if ($alias ne '');
$firsturl = $protocol.'://'.$hostname;	$firsturl = $protocol.'://'.$hostname;
}	}
return $firsturl;	return $firsturl;
Line 3143 sub ssi_body {	Line 3292 sub ssi_body {
# --------------------------------------------------------- Server Side Include	# --------------------------------------------------------- Server Side Include

sub absolute_url {	sub absolute_url {
my ($host_name) = @_;	my ($host_name,$unalias,$keep_proto) = @_;
my $protocol = ($ENV{'SERVER_PORT'} == 443?'https://':'http://');	my $protocol = ($ENV{'SERVER_PORT'} == 443?'https://':'http://');
if ($host_name eq '') {	if ($host_name eq '') {
$host_name = $ENV{'SERVER_NAME'};	$host_name = $ENV{'SERVER_NAME'};
}	}
	if ($unalias) {
	my $alias = &get_proxy_alias();
	if ($alias eq $host_name) {
	my $lonhost = $perlvar{'lonHostID'};
	my $hostname = &hostname($lonhost);
	my $lcproto;
	if (($keep_proto) \|\| ($hostname eq '')) {
	$lcproto = $protocol;
	} else {
	$lcproto = $protocol{$lonhost};
	$lcproto = 'http' if ($lcproto ne 'https');
	$lcproto .= '://';
	}
	unless ($hostname eq '') {
	return $lcproto.$hostname;
	}
	}
	}
return $protocol.$host_name;	return $protocol.$host_name;
}	}

Line 3164 sub absolute_url {	Line 3331 sub absolute_url {
sub ssi {	sub ssi {

my ($fn,%form)=@_;	my ($fn,%form)=@_;
my ($request,$response);	my ($host,$request,$response);
	$host = &absolute_url('',1);

$form{'no_update_last_known'}=1;	$form{'no_update_last_known'}=1;
&Apache::lonenc::check_encrypt(\$fn);	&Apache::lonenc::check_encrypt(\$fn);
if (%form) {	if (%form) {
$request=new HTTP::Request('POST',&absolute_url().$fn);	$request=new HTTP::Request('POST',$host.$fn);
$request->content(join('&',map {	$request->content(join('&',map {
my $name = escape($_);	my $name = escape($_);
"$name=" . ( ref($form{$_}) eq 'ARRAY'	"$name=" . ( ref($form{$_}) eq 'ARRAY'
Line 3177 sub ssi {	Line 3345 sub ssi {
: &escape($form{$_}) );	: &escape($form{$_}) );
} keys(%form)));	} keys(%form)));
} else {	} else {
$request=new HTTP::Request('GET',&absolute_url().$fn);	$request=new HTTP::Request('GET',$host.$fn);
}	}

$request->header(Cookie => $ENV{'HTTP_COOKIE'});	$request->header(Cookie => $ENV{'HTTP_COOKIE'});
Line 3748 sub clean_filename {	Line 3916 sub clean_filename {
# Replace all .\d. sequences with _\d. so they no longer look like version	# Replace all .\d. sequences with _\d. so they no longer look like version
# numbers	# numbers
$fname=~s/\.(\d+)(?=\.)/_$1/g;	$fname=~s/\.(\d+)(?=\.)/_$1/g;
	# Replace three or more adjacent underscores with one for consistency
	# with loncfile::filename_check() so complete url can be extracted by
	# lonnet::decode_symb()
	$fname=~s/_{3,}/_/g;
return $fname;	return $fname;
}	}

Line 4305 sub bubblesheet_converter {	Line 4477 sub bubblesheet_converter {
next if (($num == 1) && ($csvoptions{'hdr'} == 1));	next if (($num == 1) && ($csvoptions{'hdr'} == 1));
$line =~ s{[\r\n]+$}{};	$line =~ s{[\r\n]+$}{};
my %found;	my %found;
my @values = split(/,/,$line);	my @values = split(/,/,$line,-1);
my ($qstart,$record);	my ($qstart,$record);
for (my $i=0; $i<@values; $i++) {	for (my $i=0; $i<@values; $i++) {
if ((($qstart ne '') && ($i > $qstart)) \|\|	if ((($qstart ne '') && ($i > $qstart)) \|\|
Line 4488 sub get_scantronformat_file {	Line 4660 sub get_scantronformat_file {
close($fh);	close($fh);
}	}
}	}
	chomp(@lines);
}	}
return @lines;	return @lines;
}	}
Line 4609 sub flushcourselogs {	Line 4782 sub flushcourselogs {
if (! defined($dom) \|\| $dom eq '' \|\|	if (! defined($dom) \|\| $dom eq '' \|\|
! defined($name) \|\| $name eq '') {	! defined($name) \|\| $name eq '') {
my $cid = $env{'request.course.id'};	my $cid = $env{'request.course.id'};
	#
	# FIXME 11/29/2021
	# Typo in rev. 1.458 (2003/12/09)??
	# These should likely by $env{'course.'.$cid.'.domain'} and $env{'course.'.$cid.'.num'}
	#
	# While these ramain as $env{'request.'.$cid.'.domain'} and $env{'request.'.$cid.'.num'}
	# $dom and $name will always be null, so the &inc() call will default to storing this data
	# in a nohist_accesscount.db file for the user rather than the course.
	#
	# That said there is a lot of noise in the data being stored.
	# So counts for prtspool/ and adm/ etc. are recorded.
	#
	# A review of which items ending '___count' are written to %accesshash should likely be
	# made before deciding whether to set these to 'course.' instead of 'request.'
	#
	# Under the current scheme each user receives a nohist_accesscount.db file listing
	# accesses for things which are not published resources, regardless of course, and
	# there is not a nohist_accesscount.db file in a course, which might log accesses from
	# anyone in the course for things which are not published resources.
	#
	# For an author, nohist_accesscount.db ends up having records for other items
	# mixed up with the legitimate access counts for the author's published resources.
	#
$dom = $env{'request.'.$cid.'.domain'};	$dom = $env{'request.'.$cid.'.domain'};
$name = $env{'request.'.$cid.'.num'};	$name = $env{'request.'.$cid.'.num'};
}	}
Line 4718 sub courseacclog {	Line 4914 sub courseacclog {
if ($formitem =~ /^HWFILE(?:SIZE\|TOOBIG)/) {	if ($formitem =~ /^HWFILE(?:SIZE\|TOOBIG)/) {
$what.=':'.$formitem.'='.$env{$key};	$what.=':'.$formitem.'='.$env{$key};
} elsif ($formitem !~ /^HWFILE(?:[^.]+)$/) {	} elsif ($formitem !~ /^HWFILE(?:[^.]+)$/) {
$what.=':'.$formitem.'='.$env{$key};	if ($formitem eq 'proctorpassword') {
	$what.=':'.$formitem.'=' . '*' x length($env{$key});
	} else {
	$what.=':'.$formitem.'='.$env{$key};
	}
}	}
}	}
}	}
Line 5550 sub checkout {	Line 5750 sub checkout {
my ($symb,$tuname,$tudom,$tcrsid)=@_;	my ($symb,$tuname,$tudom,$tcrsid)=@_;
my $now=time;	my $now=time;
my $lonhost=$perlvar{'lonHostID'};	my $lonhost=$perlvar{'lonHostID'};
	my $ip = &get_requestor_ip();
my $infostr=&escape(	my $infostr=&escape(
'CHECKOUTTOKEN&'.	'CHECKOUTTOKEN&'.
$tuname.'&'.	$tuname.'&'.
$tudom.'&'.	$tudom.'&'.
$tcrsid.'&'.	$tcrsid.'&'.
$symb.'&'.	$symb.'&'.
$now.'&'.$ENV{'REMOTE_ADDR'});	$now.'&'.$ip);
my $token=&reply('tmpput:'.$infostr,$lonhost);	my $token=&reply('tmpput:'.$infostr,$lonhost);
if ($token=~/^error\:/) {	if ($token=~/^error\:/) {
&logthis("<font color=\"blue\">WARNING: ".	&logthis("<font color=\"blue\">WARNING: ".
Line 5570 sub checkout {	Line 5771 sub checkout {

my %infohash=('resource.0.outtoken' => $token,	my %infohash=('resource.0.outtoken' => $token,
'resource.0.checkouttime' => $now,	'resource.0.checkouttime' => $now,
'resource.0.outremote' => $ENV{'REMOTE_ADDR'});	'resource.0.outremote' => $ip);

unless (&cstore(\%infohash,$symb,$tcrsid,$tudom,$tuname) eq 'ok') {	unless (&cstore(\%infohash,$symb,$tcrsid,$tudom,$tuname) eq 'ok') {
return '';	return '';
Line 5601 sub checkin {	Line 5802 sub checkin {
$lonhost=~tr/A-Z/a-z/;	$lonhost=~tr/A-Z/a-z/;
my $dtoken=$ta.'_'.&hostname($lonhost).'_'.$tb;	my $dtoken=$ta.'_'.&hostname($lonhost).'_'.$tb;
$dtoken=~s/\W/\_/g;	$dtoken=~s/\W/\_/g;
	my $ip = &get_requestor_ip();
my ($dummy,$tuname,$tudom,$tcrsid,$symb,$chtim,$rmaddr)=	my ($dummy,$tuname,$tudom,$tcrsid,$symb,$chtim,$rmaddr)=
split(/\&/,&unescape(&reply('tmpget:'.$dtoken,$lonhost)));	split(/\&/,&unescape(&reply('tmpget:'.$dtoken,$lonhost)));

Line 5617 sub checkin {	Line 5819 sub checkin {

my %infohash=('resource.0.intoken' => $token,	my %infohash=('resource.0.intoken' => $token,
'resource.0.checkintime' => $now,	'resource.0.checkintime' => $now,
'resource.0.inremote' => $ENV{'REMOTE_ADDR'});	'resource.0.inremote' => $ip);

unless (&cstore(\%infohash,$symb,$tcrsid,$tudom,$tuname) eq 'ok') {	unless (&cstore(\%infohash,$symb,$tcrsid,$tudom,$tuname) eq 'ok') {
return '';	return '';
Line 5885 sub tmpreset {	Line 6087 sub tmpreset {
if (!$domain) { $domain=$env{'user.domain'}; }	if (!$domain) { $domain=$env{'user.domain'}; }
if (!$stuname) { $stuname=$env{'user.name'}; }	if (!$stuname) { $stuname=$env{'user.name'}; }
if ($domain eq 'public' && $stuname eq 'public') {	if ($domain eq 'public' && $stuname eq 'public') {
$stuname=$ENV{'REMOTE_ADDR'};	$stuname=&get_requestor_ip();
}	}
my $path=LONCAPA::tempdir();	my $path=LONCAPA::tempdir();
my %hash;	my %hash;
Line 5922 sub tmpstore {	Line 6124 sub tmpstore {
if (!$domain) { $domain=$env{'user.domain'}; }	if (!$domain) { $domain=$env{'user.domain'}; }
if (!$stuname) { $stuname=$env{'user.name'}; }	if (!$stuname) { $stuname=$env{'user.name'}; }
if ($domain eq 'public' && $stuname eq 'public') {	if ($domain eq 'public' && $stuname eq 'public') {
$stuname=$ENV{'REMOTE_ADDR'};	$stuname=&get_requestor_ip();
}	}
my $now=time;	my $now=time;
my %hash;	my %hash;
Line 5966 sub tmprestore {	Line 6168 sub tmprestore {
if (!$domain) { $domain=$env{'user.domain'}; }	if (!$domain) { $domain=$env{'user.domain'}; }
if (!$stuname) { $stuname=$env{'user.name'}; }	if (!$stuname) { $stuname=$env{'user.name'}; }
if ($domain eq 'public' && $stuname eq 'public') {	if ($domain eq 'public' && $stuname eq 'public') {
$stuname=$ENV{'REMOTE_ADDR'};	$stuname=&get_requestor_ip();
}	}
my %returnhash;	my %returnhash;
$namespace=~s/\//\_/g;	$namespace=~s/\//\_/g;
Line 6022 sub store {	Line 6224 sub store {
}	}
if (!$home) { $home=$env{'user.home'}; }	if (!$home) { $home=$env{'user.home'}; }

$$storehash{'ip'}=$ENV{'REMOTE_ADDR'};	$$storehash{'ip'}=&get_requestor_ip();
$$storehash{'host'}=$perlvar{'lonHostID'};	$$storehash{'host'}=$perlvar{'lonHostID'};

my $namevalue='';	my $namevalue='';
Line 6058 sub cstore {	Line 6260 sub cstore {
}	}
if (!$home) { $home=$env{'user.home'}; }	if (!$home) { $home=$env{'user.home'}; }

$$storehash{'ip'}=$ENV{'REMOTE_ADDR'};	$$storehash{'ip'}=&get_requestor_ip();
$$storehash{'host'}=$perlvar{'lonHostID'};	$$storehash{'host'}=$perlvar{'lonHostID'};

my $namevalue='';	my $namevalue='';
Line 6476 sub course_adhocrole_privs {	Line 6678 sub course_adhocrole_privs {
$full{$priv} = $restrict;	$full{$priv} = $restrict;
}	}
foreach my $item (split(/,/,$overrides{"internal.adhocpriv.$rolename"})) {	foreach my $item (split(/,/,$overrides{"internal.adhocpriv.$rolename"})) {
next if ($item eq '');	next if ($item eq '');
my ($rule,$rest) = split(/=/,$item);	my ($rule,$rest) = split(/=/,$item);
next unless (($rule eq 'off') \|\| ($rule eq 'on'));	next unless (($rule eq 'off') \|\| ($rule eq 'on'));
foreach my $priv (split(/:/,$rest)) {	foreach my $priv (split(/:/,$rest)) {
if ($priv ne '') {	if ($priv ne '') {
if ($rule eq 'off') {	if ($rule eq 'off') {
$possremove{$priv} = 1;	$possremove{$priv} = 1;
} else {	} else {
$possadd{$priv} = 1;	$possadd{$priv} = 1;
}	}
}	}
}	}
}	}
foreach my $priv (sort(keys(%full))) {	foreach my $priv (sort(keys(%full))) {
if (exists($currprivs{$priv})) {	if (exists($currprivs{$priv})) {
unless (exists($possremove{$priv})) {	unless (exists($possremove{$priv})) {
$storeprivs{$priv} = $currprivs{$priv};	$storeprivs{$priv} = $currprivs{$priv};
}	}
} elsif (exists($possadd{$priv})) {	} elsif (exists($possadd{$priv})) {
$storeprivs{$priv} = $full{$priv};	$storeprivs{$priv} = $full{$priv};
}	}
}	}
$coursepriv = ':'.join(':',map { $_.'&'.$storeprivs{$_}; } sort(keys(%storeprivs)));	$coursepriv = ':'.join(':',map { $_.'&'.$storeprivs{$_}; } sort(keys(%storeprivs)));
}	}
return $coursepriv;	return $coursepriv;
}	}

sub group_roleprivs {	sub group_roleprivs {
Line 6764 sub set_adhoc_privileges {	Line 6966 sub set_adhoc_privileges {
my ($author,$adv,$rar)= &set_userprivs(\%userroles,\%rolehash);	my ($author,$adv,$rar)= &set_userprivs(\%userroles,\%rolehash);
&appenv(\%userroles,[$role,'cm']);	&appenv(\%userroles,[$role,'cm']);
&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$spec);	&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$spec);
unless ($caller eq 'constructaccess' && $env{'request.course.id'}) {	unless (($caller eq 'constructaccess' && $env{'request.course.id'}) \|\|
	($caller eq 'tiny')) {
&appenv( {'request.role' => $spec,	&appenv( {'request.role' => $spec,
'request.role.domain' => $dcdom,	'request.role.domain' => $dcdom,
'request.course.sec' => $sec,	'request.course.sec' => $sec,
Line 6839 sub unserialize {	Line 7042 sub unserialize {
# see Lond::dump_with_regexp	# see Lond::dump_with_regexp
# if $escapedkeys hash keys won't get unescaped.	# if $escapedkeys hash keys won't get unescaped.
sub dump {	sub dump {
my ($namespace,$udomain,$uname,$regexp,$range,$escapedkeys)=@_;	my ($namespace,$udomain,$uname,$regexp,$range,$escapedkeys,$encrypt)=@_;
if (!$udomain) { $udomain=$env{'user.domain'}; }	if (!$udomain) { $udomain=$env{'user.domain'}; }
if (!$uname) { $uname=$env{'user.name'}; }	if (!$uname) { $uname=$env{'user.name'}; }
my $uhome=&homeserver($uname,$udomain);	my $uhome=&homeserver($uname,$udomain);
Line 6855 sub dump {	Line 7058 sub dump {
$uname, $namespace, $regexp, $range)), $perlvar{'lonVersion'});	$uname, $namespace, $regexp, $range)), $perlvar{'lonVersion'});
return %{&unserialize($reply, $escapedkeys)};	return %{&unserialize($reply, $escapedkeys)};
}	}
my $rep=&reply("dump:$udomain:$uname:$namespace:$regexp:$range",$uhome);	my $rep;
	if ($encrypt) {
	$rep=&reply("encrypt:edump:$udomain:$uname:$namespace:$regexp:$range",$uhome);
	} else {
	$rep=&reply("dump:$udomain:$uname:$namespace:$regexp:$range",$uhome);
	}
my @pairs=split(/\&/,$rep);	my @pairs=split(/\&/,$rep);
my %returnhash=();	my %returnhash=();
if (!($rep =~ /^error/ )) {	if (!($rep =~ /^error/ )) {
Line 6915 sub currentdump {	Line 7123 sub currentdump {
#	#
my %returnhash=();	my %returnhash=();
#	#
if ($rep eq 'unknown_cmd') {	if ($rep eq "unknown_cmd") {
# an old lond will not know currentdump	# an old lond will not know currentdump
# Do a dump and make it look like a currentdump	# Do a dump and make it look like a currentdump
my @tmp = &dumpstore($courseid,$sdom,$sname,'.');	my @tmp = &dumpstore($courseid,$sdom,$sname,'.');
Line 7001 sub inc {	Line 7209 sub inc {
# --------------------------------------------------------------- put interface	# --------------------------------------------------------------- put interface

sub put {	sub put {
my ($namespace,$storehash,$udomain,$uname)=@_;	my ($namespace,$storehash,$udomain,$uname,$encrypt)=@_;
if (!$udomain) { $udomain=$env{'user.domain'}; }	if (!$udomain) { $udomain=$env{'user.domain'}; }
if (!$uname) { $uname=$env{'user.name'}; }	if (!$uname) { $uname=$env{'user.name'}; }
my $uhome=&homeserver($uname,$udomain);	my $uhome=&homeserver($uname,$udomain);
Line 7010 sub put {	Line 7218 sub put {
$items.=&escape($item).'='.&freeze_escape($$storehash{$item}).'&';	$items.=&escape($item).'='.&freeze_escape($$storehash{$item}).'&';
}	}
$items=~s/\&$//;	$items=~s/\&$//;
return &reply("put:$udomain:$uname:$namespace:$items",$uhome);	if ($encrypt) {
	return &reply("encrypt:put:$udomain:$uname:$namespace:$items",$uhome);
	} else {
	return &reply("put:$udomain:$uname:$namespace:$items",$uhome);
	}
}	}

# ------------------------------------------------------------ newput interface	# ------------------------------------------------------------ newput interface
Line 7050 sub putstore {	Line 7262 sub putstore {
foreach my $key (keys(%{$storehash})) {	foreach my $key (keys(%{$storehash})) {
$namevalue.=&escape($key).'='.&freeze_escape($storehash->{$key}).'&';	$namevalue.=&escape($key).'='.&freeze_escape($storehash->{$key}).'&';
}	}
$namevalue .= 'ip='.&escape($ENV{'REMOTE_ADDR'}).	my $ip = &get_requestor_ip();
	$namevalue .= 'ip='.&escape($ip).
'&host='.&escape($perlvar{'lonHostID'}).	'&host='.&escape($perlvar{'lonHostID'}).
'&version='.$esc_v.	'&version='.$esc_v.
'&by='.&escape($env{'user.name'}.':'.$env{'user.domain'});	'&by='.&escape($env{'user.name'}.':'.$env{'user.domain'});
Line 7274 sub portfolio_access {	Line 7487 sub portfolio_access {
if ($result) {	if ($result) {
my %setters;	my %setters;
if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {	if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {
my ($startblock,$endblock) =	my ($startblock,$endblock,$triggerblock,$by_ip,$blockdom) =
&Apache::loncommon::blockcheck(\%setters,'port',$unum,$udom);	&Apache::loncommon::blockcheck(\%setters,'port',$clientip,$unum,$udom);
if ($startblock && $endblock) {	if (($startblock && $endblock) \|\| ($by_ip)) {
return 'B';	return 'B';
}	}
} else {	} else {
my ($startblock,$endblock) =	my ($startblock,$endblock,$triggerblock,$by_ip,$blockdo) =
&Apache::loncommon::blockcheck(\%setters,'port');	&Apache::loncommon::blockcheck(\%setters,'port',$clientip);
if ($startblock && $endblock) {	if (($startblock && $endblock) \|\| ($by_ip)) {
return 'B';	return 'B';
}	}
}	}
Line 7546 sub usertools_access {	Line 7759 sub usertools_access {
blog => 1,	blog => 1,
webdav => 1,	webdav => 1,
portfolio => 1,	portfolio => 1,
	timezone => 1,
);	);
}	}
return if (!defined($tools{$tool}));	return if (!defined($tools{$tool}));
Line 7831 sub customaccess {	Line 8045 sub customaccess {
# ------------------------------------------------- Check for a user privilege	# ------------------------------------------------- Check for a user privilege

sub allowed {	sub allowed {
my ($priv,$uri,$symb,$role,$clientip,$noblockcheck)=@_;	my ($priv,$uri,$symb,$role,$clientip,$noblockcheck,$ignorecache,$nodeeplinkcheck,$nodeeplinkout)=@_;
my $ver_orguri=$uri;	my $ver_orguri=$uri;
$uri=&deversion($uri);	$uri=&deversion($uri);
my $orguri=$uri;	my $orguri=$uri;
$uri=&declutter($uri);	$uri=&declutter($uri);

if ($priv eq 'evb') {	if ($priv eq 'evb') {
# Evade communication block restrictions for specified role in a course	# Evade communication block restrictions for specified role in a course or domain
if ($env{'user.priv.'.$role} =~/evb\&([^\:]*)/) {	if ($env{'user.priv.'.$role} =~/evb\&([^\:]*)/) {
return $1;	return $1;
} else {	} else {
Line 7848 sub allowed {	Line 8062 sub allowed {

if (defined($env{'allowed.'.$priv})) { return $env{'allowed.'.$priv}; }	if (defined($env{'allowed.'.$priv})) { return $env{'allowed.'.$priv}; }
# Free bre access to adm and meta resources	# Free bre access to adm and meta resources
if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg\|bulletinboard\|ext\.tool)$}))	if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg\|bulletinboard\|viewclasslist\|aboutme\|ext\.tool)$}))
\|\| (($uri=~/\.meta$/) && ($uri!~m\|^uploaded/\|) ))	\|\| (($uri=~/\.meta$/) && ($uri!~m\|^uploaded/\|) ))
&& ($priv eq 'bre')) {	&& ($priv eq 'bre')) {
return 'F';	return 'F';
Line 7859 sub allowed {	Line 8073 sub allowed {
if (($space=~/^(uploaded\|editupload)$/) && ($env{'user.name'} eq $name) &&	if (($space=~/^(uploaded\|editupload)$/) && ($env{'user.name'} eq $name) &&
($env{'user.domain'} eq $domain) && ('portfolio' eq $dir[0])) {	($env{'user.domain'} eq $domain) && ('portfolio' eq $dir[0])) {
my %setters;	my %setters;
my ($startblock,$endblock) =	my ($startblock,$endblock,$triggerblock,$by_ip,$blockdom) =
&Apache::loncommon::blockcheck(\%setters,'port');	&Apache::loncommon::blockcheck(\%setters,'port',$clientip);
if ($startblock && $endblock) {	if (($startblock && $endblock) \|\| ($by_ip)) {
return 'B';	return 'B';
} else {	} else {
return 'F';	return 'F';
Line 7896 sub allowed {	Line 8110 sub allowed {
# Free bre to public access	# Free bre to public access

if ($priv eq 'bre') {	if ($priv eq 'bre') {
my $copyright=&metadata($uri,'copyright');	my $copyright;
	unless ($uri =~ /ext\.tool/) {
	$copyright=&metadata($uri,'copyright');
	}
if (($copyright eq 'public') && (!$env{'request.course.id'})) {	if (($copyright eq 'public') && (!$env{'request.course.id'})) {
return 'F';	return 'F';
}	}
Line 7954 sub allowed {	Line 8171 sub allowed {
my $adom = $1;	my $adom = $1;
foreach my $key (keys(%env)) {	foreach my $key (keys(%env)) {
if ($key =~ m{^user\.role\.(ca\|aa)/\Q$adom\E}) {	if ($key =~ m{^user\.role\.(ca\|aa)/\Q$adom\E}) {
my ($start,$end) = split('.',$env{$key});	my ($start,$end) = split(/\./,$env{$key});
if (($now >= $start) && (!$end \|\| $end < $now)) {	if (($now >= $start) && (!$end \|\| $end > $now)) {
$ownaccess = 1;	$ownaccess = 1;
last;	last;
}	}
Line 7967 sub allowed {	Line 8184 sub allowed {
foreach my $role ('ca','aa') {	foreach my $role ('ca','aa') {
if ($env{"user.role.$role./$adom/$aname"}) {	if ($env{"user.role.$role./$adom/$aname"}) {
my ($start,$end) =	my ($start,$end) =
split('.',$env{"user.role.$role./$adom/$aname"});	split(/\./,$env{"user.role.$role./$adom/$aname"});
if (($now >= $start) && (!$end \|\| $end < $now)) {	if (($now >= $start) && (!$end \|\| $end > $now)) {
$ownaccess = 1;	$ownaccess = 1;
last;	last;
}	}
Line 8053 sub allowed {	Line 8270 sub allowed {
if ($env{'user.priv.'.$env{'request.role'}.'./'}	if ($env{'user.priv.'.$env{'request.role'}.'./'}
=~/\Q$priv\E\&([^\:]*)/) {	=~/\Q$priv\E\&([^\:]*)/) {
my $value = $1;	my $value = $1;
if ($noblockcheck) {	my $deeplinkblock;
	unless ($nodeeplinkcheck) {
	$deeplinkblock = &deeplink_check($priv,$symb,$uri);
	}
	if ($deeplinkblock) {
	$thisallowed='D';
	} elsif ($noblockcheck) {
$thisallowed.=$value;	$thisallowed.=$value;
} else {	} else {
my @blockers = &has_comm_blocking($priv,$symb,$uri);	my @blockers = &has_comm_blocking($priv,$symb,$uri,$ignorecache);
if (@blockers > 0) {	if (@blockers > 0) {
$thisallowed = 'B';	$thisallowed = 'B';
} else {	} else {
Line 8073 sub allowed {	Line 8296 sub allowed {
$refuri=&declutter($refuri);	$refuri=&declutter($refuri);
my ($match) = &is_on_map($refuri);	my ($match) = &is_on_map($refuri);
if ($match) {	if ($match) {
if ($noblockcheck) {	my $deeplinkblock;
	unless ($nodeeplinkcheck) {
	$deeplinkblock = &deeplink_check($priv,$symb,$refuri);
	}
	if ($deeplinkblock) {
	$thisallowed='D';
	} elsif ($noblockcheck) {
$thisallowed='F';	$thisallowed='F';
} else {	} else {
my @blockers = &has_comm_blocking($priv,$symb,$refuri);	my @blockers = &has_comm_blocking($priv,'',$refuri,'',1);
if (@blockers > 0) {	if (@blockers > 0) {
$thisallowed = 'B';	$thisallowed = 'B';
} else {	} else {
Line 8146 sub allowed {	Line 8375 sub allowed {
=~/\Q$priv\E\&([^\:]*)/) {	=~/\Q$priv\E\&([^\:]*)/) {
my $value = $1;	my $value = $1;
if ($priv eq 'bre') {	if ($priv eq 'bre') {
if ($noblockcheck) {	my $deeplinkblock;
	unless ($nodeeplinkcheck) {
	$deeplinkblock = &deeplink_check($priv,$symb,$uri);
	}
	if ($deeplinkblock) {
	$thisallowed = 'D';
	} elsif ($noblockcheck) {
$thisallowed.=$value;	$thisallowed.=$value;
} else {	} else {
my @blockers = &has_comm_blocking($priv,$symb,$uri);	my @blockers = &has_comm_blocking($priv,$symb,$uri,$ignorecache);
if (@blockers > 0) {	if (@blockers > 0) {
$thisallowed = 'B';	$thisallowed = 'B';
} else {	} else {
Line 8162 sub allowed {	Line 8397 sub allowed {
$checkreferer=0;	$checkreferer=0;
}	}
}	}

if ($checkreferer) {	if ($checkreferer) {
my $refuri=$env{'httpref.'.$orguri};	my $refuri=$env{'httpref.'.$orguri};
unless ($refuri) {	unless ($refuri) {
Line 8188 sub allowed {	Line 8423 sub allowed {
=~/\Q$priv\E\&([^\:]*)/) {	=~/\Q$priv\E\&([^\:]*)/) {
my $value = $1;	my $value = $1;
if ($priv eq 'bre') {	if ($priv eq 'bre') {
if ($noblockcheck) {	my $deeplinkblock;
	unless ($nodeeplinkcheck) {
	$deeplinkblock = &deeplink_check($priv,$symb,$refuri);
	}
	if ($deeplinkblock) {
	$thisallowed = 'D';
	} elsif ($noblockcheck) {
$thisallowed.=$value;	$thisallowed.=$value;
} else {	} else {
my @blockers = &has_comm_blocking($priv,$symb,$refuri);	my @blockers = &has_comm_blocking($priv,'',$refuri,'',1);
if (@blockers > 0) {	if (@blockers > 0) {
$thisallowed = 'B';	$thisallowed = 'B';
} else {	} else {
Line 8233 sub allowed {	Line 8474 sub allowed {
#	#

# Possibly locked functionality, check all courses	# Possibly locked functionality, check all courses
	# In roles.tab, L (unless locked) available for bre, pch, plc, pac and sma.
# Locks might take effect only after 10 minutes cache expiration for other	# Locks might take effect only after 10 minutes cache expiration for other
# courses, and 2 minutes for current course	# courses, and 2 minutes for current course, in which user has st or ta role
	# which is neither expired nor a future role (unless current course).

my $envkey;	my ($needlockcheck,$now,$crsonly);
if ($thisallowed=~/L/) {	if ($thisallowed=~/L/) {
foreach $envkey (keys(%env)) {	$now = time;
	if ($priv eq 'bre') {
	if ($uri ne '') {
	if ($orguri =~ m{^/+res/}) {
	if ($uri =~ m{^lib/templates/}) {
	if ($env{'request.course.id'}) {
	$crsonly = 1;
	$needlockcheck = 1;
	}
	} else {
	$needlockcheck = 1;
	}
	} elsif ($env{'request.course.id'}) {
	my ($crsdom,$crsnum) = split('_',$env{'request.course.id'});
	if (($uri =~ m{^(adm\|uploaded\|public)/$crsdom/$crsnum/}) \|\|
	($uri =~ m{^adm/$match_domain/$match_username/\d+/(smppg\|bulletinboard)$})) {
	$crsonly = 1;
	}
	$needlockcheck = 1;
	}
	}
	} elsif (($priv eq 'pch') \|\| ($priv eq 'plc') \|\| ($priv eq 'pac') \|\| ($priv eq 'sma')) {
	$needlockcheck = 1;
	}
	}
	if ($needlockcheck) {
	foreach my $envkey (keys(%env)) {
if ($envkey=~/^user\.role\.(st\|ta)\.([^\.]*)/) {	if ($envkey=~/^user\.role\.(st\|ta)\.([^\.]*)/) {
my $courseid=$2;	my $courseid=$2;
my $roleid=$1.'.'.$2;	my $roleid=$1.'.'.$2;
$courseid=~s/^\///;	$courseid=~s/^\///;
	unless ($env{'request.role'} eq $roleid) {
	my ($start,$end) = split(/\./,$env{$envkey});
	next unless (($now >= $start) && (!$end \|\| $end > $now));
	}
my $expiretime=600;	my $expiretime=600;
if ($env{'request.role'} eq $roleid) {	if ($env{'request.role'} eq $roleid) {
$expiretime=120;	$expiretime=120;
Line 8265 sub allowed {	Line 8538 sub allowed {
}	}
if (($env{$prefix.'priv.'.$priv.'.lock.sections'}=~/\,\Q$csec\E\,/)	if (($env{$prefix.'priv.'.$priv.'.lock.sections'}=~/\,\Q$csec\E\,/)
\|\| ($env{$prefix.'priv.'.$priv.'.lock.sections'} eq 'all')) {	\|\| ($env{$prefix.'priv.'.$priv.'.lock.sections'} eq 'all')) {
if ($env{'priv.'.$priv.'.lock.expire'}>time) {	if ($env{$prefix.'priv.'.$priv.'.lock.expire'}>time) {
&log($env{'user.domain'},$env{'user.name'},	&log($env{'user.domain'},$env{'user.name'},
$env{'user.home'},	$env{'user.home'},
'Locked by priv: '.$priv.' for '.$uri.' due to '.	'Locked by priv: '.$priv.' for '.$uri.' due to '.
Line 8277 sub allowed {	Line 8550 sub allowed {
}	}
}	}
}	}

#	#
# Rest of the restrictions depend on selected course	# Rest of the restrictions depend on selected course
#	#
Line 8336 sub allowed {	Line 8609 sub allowed {
}	}
}	}

	# Restricted for deeplinked session?

	if ($env{'request.deeplink.login'}) {
	if ($env{'acc.deeplinkout'} && !$nodeeplinkout) {
	if (!$symb) { $symb=&symbread($uri,1); }
	if (($symb) && ($env{'acc.deeplinkout'}=~/\&\Q$symb\E\&/)) {
	return '';
	}
	}
	}

# Restricted by state or randomout?	# Restricted by state or randomout?

if ($thisallowed=~/X/) {	if ($thisallowed=~/X/) {
Line 8356 sub allowed {	Line 8640 sub allowed {
return 'A';	return 'A';
} elsif ($thisallowed eq 'B') {	} elsif ($thisallowed eq 'B') {
return 'B';	return 'B';
	} elsif ($thisallowed eq 'D') {
	return 'D';
}	}
return 'F';	return 'F';
}	}
Line 8435 sub constructaccess {	Line 8721 sub constructaccess {
#	#
# User for whom data are being temporarily cached.	# User for whom data are being temporarily cached.
my $cacheduser='';	my $cacheduser='';
	# Course for which data are being temporarily cached.
	my $cachedcid='';
# Cached blockers for this user (a hash of blocking items).	# Cached blockers for this user (a hash of blocking items).
my %cachedblockers=();	my %cachedblockers=();
# When the data were last cached.	# When the data were last cached.
my $cachedlast='';	my $cachedlast='';

sub load_all_blockers {	sub load_all_blockers {
my ($uname,$udom,$blocks)=@_;	my ($uname,$udom)=@_;
if (($uname ne '') && ($udom ne '')) {	if (($uname ne '') && ($udom ne '')) {
if (($cacheduser eq $uname.':'.$udom) &&	if (($cacheduser eq $uname.':'.$udom) &&
	($cachedcid eq $env{'request.course.id'}) &&
(abs($cachedlast-time)<5)) {	(abs($cachedlast-time)<5)) {
return;	return;
}	}
}	}
$cachedlast=time;	$cachedlast=time;
$cacheduser=$uname.':'.$udom;	$cacheduser=$uname.':'.$udom;
%cachedblockers = &get_commblock_resources($blocks);	$cachedcid=$env{'request.course.id'};
	%cachedblockers = &get_commblock_resources();
	return;
}	}

sub get_comm_blocks {	sub get_comm_blocks {
Line 8477 sub get_commblock_resources {	Line 8768 sub get_commblock_resources {
my ($blocks) = @_;	my ($blocks) = @_;
my %blockers = ();	my %blockers = ();
return %blockers unless ($env{'request.course.id'});	return %blockers unless ($env{'request.course.id'});
return %blockers if ($env{'user.priv.'.$env{'request.role'}} =~/evb\&([^\:]*)/);	my $courseurl = &courseid_to_courseurl($env{'request.course.id'});
	if ($env{'request.course.sec'}) {
	$courseurl .= '/'.$env{'request.course.sec'};
	}
	return %blockers if ($env{'user.priv.'.$env{'request.role'}.'.'.$courseurl} =~/evb\&([^\:]*)/);
my %commblocks;	my %commblocks;
if (ref($blocks) eq 'HASH') {	if (ref($blocks) eq 'HASH') {
%commblocks = %{$blocks};	%commblocks = %{$blocks};
Line 8509 sub get_commblock_resources {	Line 8804 sub get_commblock_resources {
}	}
} elsif ($block =~ /^firstaccess____(.+)$/) {	} elsif ($block =~ /^firstaccess____(.+)$/) {
my $item = $1;	my $item = $1;
my @to_test;
if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {
if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {
my @interval;	my (@interval,$mapname);
my $type = 'map';	my $type = 'map';
if ($item eq 'course') {	if ($item eq 'course') {
$type = 'course';	$type = 'course';
Line 8521 sub get_commblock_resources {	Line 8815 sub get_commblock_resources {
if ($item =~ /___\d+___/) {	if ($item =~ /___\d+___/) {
$type = 'resource';	$type = 'resource';
@interval=&EXT("resource.0.interval",$item);	@interval=&EXT("resource.0.interval",$item);
if (ref($navmap)) {
my $res = $navmap->getBySymb($item);
push(@to_test,$res);
}
} else {	} else {
my $mapsymb = &symbread($item,1);	$mapname = &deversion($item);
if ($mapsymb) {	if (ref($navmap)) {
if (ref($navmap)) {	my $timelimit = $navmap->get_mapparam(undef,$mapname,'0.interval');
my $mapres = $navmap->getBySymb($mapsymb);	@interval = ($timelimit,'map');
@to_test = $mapres->retrieveResources($mapres,undef,0,0,0,1);
foreach my $res (@to_test) {
my $symb = $res->symb();
next if ($symb eq $mapsymb);
if ($symb ne '') {
@interval=&EXT("resource.0.interval",$symb);
if ($interval[1] eq 'map') {
last;
}
}
}
}
}	}
}	}
}	}
if ($interval[0] =~ /^(\d+)/) {	if ($interval[0] =~ /^(\d+)/) {
my $timelimit = $1;	my $timelimit = $1;
my $first_access;	my $first_access;
if ($type eq 'resource') {	if ($type eq 'resource') {
$first_access=&get_first_access($interval[1],$item);	$first_access=&get_first_access($interval[1],$item);
Line 8559 sub get_commblock_resources {	Line 8837 sub get_commblock_resources {
my $timesup = $first_access+$timelimit;	my $timesup = $first_access+$timelimit;
if ($timesup > $now) {	if ($timesup > $now) {
my $activeblock;	my $activeblock;
foreach my $res (@to_test) {	if ($type eq 'resource') {
if ($res->answerable()) {	if (ref($navmap)) {
$activeblock = 1;	my $res = $navmap->getBySymb($item);
last;	if ($res->answerable()) {
	$activeblock = 1;
	}
	}
	} elsif ($type eq 'map') {
	my $mapsymb = &symbread($mapname,1);
	if (($mapsymb) && (ref($navmap))) {
	my $mapres = $navmap->getBySymb($mapsymb);
	if (ref($mapres)) {
	my $first = $mapres->map_start();
	my $finish = $mapres->map_finish();
	my $it = $navmap->getIterator($first,$finish,undef,0,0);
	if (ref($it)) {
	my $res;
	while ($res = $it->next(undef,1)) {
	next unless (ref($res));
	my $symb = $res->symb();
	next if (($symb eq $mapsymb) \|\| ($symb eq ''));
	@interval=&EXT("resource.0.interval",$symb);
	if ($interval[1] eq 'map') {
	if ($res->answerable()) {
	$activeblock = 1;
	last;
	}
	}
	}
	}
	}
}	}
}	}
if ($activeblock) {	if ($activeblock) {
Line 8588 sub get_commblock_resources {	Line 8893 sub get_commblock_resources {
}	}

sub has_comm_blocking {	sub has_comm_blocking {
my ($priv,$symb,$uri,$blocks) = @_;	my ($priv,$symb,$uri,$ignoresymbdb,$noenccheck,$blocked,$blocks) = @_;
my @blockers;	my @blockers;
return unless ($env{'request.course.id'});	return unless ($env{'request.course.id'});
return unless ($priv eq 'bre');	return unless ($priv eq 'bre');
return if ($env{'user.priv.'.$env{'request.role'}} =~/evb\&([^\:]*)/);
return if ($env{'request.state'} eq 'construct');	return if ($env{'request.state'} eq 'construct');
&load_all_blockers($env{'user.name'},$env{'user.domain'},$blocks);	my $courseurl = &courseid_to_courseurl($env{'request.course.id'});
return unless (keys(%cachedblockers) > 0);	if ($env{'request.course.sec'}) {
	$courseurl .= '/'.$env{'request.course.sec'};
	}
	return if ($env{'user.priv.'.$env{'request.role'}.'.'.$courseurl} =~/evb\&([^\:]*)/);
	my %blockinfo;
	if (ref($blocks) eq 'HASH') {
	%blockinfo = &get_commblock_resources($blocks);
	} else {
	&load_all_blockers($env{'user.name'},$env{'user.domain'});
	%blockinfo = %cachedblockers;
	}
	return unless (keys(%blockinfo) > 0);
my (%possibles,@symbs);	my (%possibles,@symbs);
if (!$symb) {	if (!$symb) {
$symb = &symbread($uri,1,1,1,\%possibles);	$symb = &symbread($uri,1,1,1,\%possibles,$ignoresymbdb,$noenccheck);
}	}
if ($symb) {	if ($symb) {
@symbs = ($symb);	@symbs = ($symb);
Line 8609 sub has_comm_blocking {	Line 8924 sub has_comm_blocking {
foreach my $symb (@symbs) {	foreach my $symb (@symbs) {
last if ($noblock);	last if ($noblock);
my ($map,$resid,$resurl)=&decode_symb($symb);	my ($map,$resid,$resurl)=&decode_symb($symb);
foreach my $block (keys(%cachedblockers)) {	foreach my $block (keys(%blockinfo)) {
if ($block =~ /^firstaccess____(.+)$/) {	if ($block =~ /^firstaccess____(.+)$/) {
my $item = $1;	my $item = $1;
if (($item eq $map) \|\| ($item eq $symb)) {	unless ($blocked) {
$noblock = 1;	if (($item eq $map) \|\| ($item eq $symb)) {
last;	$noblock = 1;
	last;
	}
}	}
}	}
if (ref($cachedblockers{$block}) eq 'HASH') {	if (ref($blockinfo{$block}) eq 'HASH') {
if (ref($cachedblockers{$block}{'resources'}) eq 'HASH') {	if (ref($blockinfo{$block}{'resources'}) eq 'HASH') {
if ($cachedblockers{$block}{'resources'}{$symb}) {	if ($blockinfo{$block}{'resources'}{$symb}) {
unless (grep(/^\Q$block\E$/,@blockers)) {	unless (grep(/^\Q$block\E$/,@blockers)) {
push(@blockers,$block);	push(@blockers,$block);
}	}
}	}
}	}
}	if (ref($blockinfo{$block}{'maps'}) eq 'HASH') {
if (ref($cachedblockers{$block}{'maps'}) eq 'HASH') {	if ($blockinfo{$block}{'maps'}{$map}) {
if ($cachedblockers{$block}{'maps'}{$map}) {	unless (grep(/^\Q$block\E$/,@blockers)) {
unless (grep(/^\Q$block\E$/,@blockers)) {	push(@blockers,$block);
push(@blockers,$block);	}
}	}
}	}
}	}
}	}
}	}
return if ($noblock);	unless ($noblock) {
return @blockers;	return @blockers;
	}
	return;
}	}
}	}

	sub deeplink_check {
	my ($priv,$symb,$uri) = @_;
	return unless ($env{'request.course.id'});
	return unless ($priv eq 'bre');
	return if ($env{'request.state'} eq 'construct');
	return if ($env{'request.role.adv'});
	my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
	my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
	my (%possibles,@symbs);
	if (!$symb) {
	$symb = &symbread($uri,1,1,1,\%possibles);
	}
	if ($symb) {
	@symbs = ($symb);
	} elsif (keys(%possibles)) {
	@symbs = keys(%possibles);
	}

	my ($deeplink_symb,$allow);
	if ($env{'request.deeplink.login'}) {
	$deeplink_symb = &Apache::loncommon::deeplink_login_symb($cnum,$cdom);
	}
	foreach my $symb (@symbs) {
	last if ($allow);
	my $deeplink = &EXT("resource.0.deeplink",$symb);
	if ($deeplink eq '') {
	$allow = 1;
	} else {
	my ($state,$others,$listed,$scope,$protect) = split(/,/,$deeplink);
	if ($state ne 'only') {
	$allow = 1;
	} else {
	my $check_deeplink_entry;
	if ($protect ne 'none') {
	my ($acctype,$item) = split(/:/,$protect);
	if (($acctype eq 'ltic') && ($env{'user.linkprotector'})) {
	if (grep(/^\Q$item\Ec$/,split(/,/,$env{'user.linkprotector'}))) {
	$check_deeplink_entry = 1
	}
	} elsif (($acctype eq 'ltid') && ($env{'user.linkprotector'})) {
	if (grep(/^\Q$item\Ed$/,split(/,/,$env{'user.linkprotector'}))) {
	$check_deeplink_entry = 1;
	}
	} elsif (($acctype eq 'key') && ($env{'user.deeplinkkey'})) {
	if (grep(/^\Q$item\E$/,split(/,/,$env{'user.deeplinkkey'}))) {
	$check_deeplink_entry = 1;
	}
	}
	}
	if (($protect eq 'none') \|\| ($check_deeplink_entry)) {
	if ($scope eq 'res') {
	if ($symb eq $deeplink_symb) {
	$allow = 1;
	}
	} elsif (($scope eq 'map') \|\| ($scope eq 'rec')) {
	my ($map_from_symb,$map_from_login);
	$map_from_symb = &deversion((&decode_symb($symb))[0]);
	if ($deeplink_symb =~ /\.(page\|sequence)$/) {
	$map_from_login = &deversion((&decode_symb($deeplink_symb))[2]);
	} else {
	$map_from_login = &deversion((&decode_symb($deeplink_symb))[0]);
	}
	if (($map_from_symb) && ($map_from_login)) {
	if ($map_from_symb eq $map_from_login) {
	$allow = 1;
	} elsif ($scope eq 'rec') {
	my @recurseup = &get_map_hierarchy($map_from_symb,$env{'request.course.id'});
	if (grep(/^\Q$map_from_login\E$/,@recurseup)) {
	$allow = 1;
	}
	}
	}
	}
	}
	}
	}
	}
	return if ($allow);
	return 1;
	}

# -------------------------------- Deversion and split uri into path an filename	# -------------------------------- Deversion and split uri into path an filename

#	#
Line 9034 sub auto_validate_instcode {	Line 9434 sub auto_validate_instcode {
return ($outcome,$description,$defaultcredits);	return ($outcome,$description,$defaultcredits);
}	}

	sub auto_validate_inst_crosslist {
	my ($cnum,$cdom,$instcode,$inst_xlist,$coowner) = @_;
	my ($homeserver,$response);
	if (($cdom =~ /^$match_domain$/) && ($cnum =~ /^$match_courseid$/)) {
	$homeserver = &homeserver($cnum,$cdom);
	}
	if (!defined($homeserver)) {
	if ($cdom =~ /^$match_domain$/) {
	$homeserver = &domain($cdom,'primary');
	}
	}
	unless (($homeserver eq '') \|\| ($homeserver eq 'no_host')) {
	$response=&reply('autovalidateinstcrosslist:'.$cdom.':'.
	&escape($instcode).':'.&escape($inst_xlist).':'.
	&escape($coowner),$homeserver);
	}
	return $response;
	}

sub auto_create_password {	sub auto_create_password {
my ($cnum,$cdom,$authparam,$udom) = @_;	my ($cnum,$cdom,$authparam,$udom) = @_;
my ($homeserver,$response);	my ($homeserver,$response);
Line 9305 sub auto_validate_class_sec {	Line 9724 sub auto_validate_class_sec {
return $response;	return $response;
}	}

	sub auto_instsec_reformat {
	my ($cdom,$action,$instsecref) = @_;
	return unless(($action eq 'clutter') \|\| ($action eq 'declutter'));
	my @homeservers;
	if (defined(&domain($cdom,'primary'))) {
	push(@homeservers,&domain($cdom,'primary'));
	} else {
	my %servers = &get_servers($cdom,'library');
	foreach my $tryserver (keys(%servers)) {
	if (!grep(/^\Q$tryserver\E$/,@homeservers)) {
	push(@homeservers,$tryserver);
	}
	}
	}
	my $response;
	my %reformatted = %{$instsecref};
	foreach my $server (@homeservers) {
	if (ref($instsecref) eq 'HASH') {
	my $info = &freeze_escape($instsecref);
	my $response=&reply('autoinstsecreformat:'.$cdom.':'.
	$action.':'.$info,$server);
	next if ($response =~ /(con_lost\|error\|no_such_host\|refused\|unknown_command)/);
	my @items = split(/&/,$response);
	foreach my $item (@items) {
	my ($key,$value) = split(/=/,$item);
	$reformatted{&unescape($key)} = &thaw_unescape($value);
	}
	}
	}
	return %reformatted;
	}

sub auto_validate_instclasses {	sub auto_validate_instclasses {
my ($cdom,$cnum,$owners,$classesref) = @_;	my ($cdom,$cnum,$owners,$classesref) = @_;
my ($homeserver,%validations);	my ($homeserver,%validations);
Line 9849 sub autoupdate_coowners {	Line 10300 sub autoupdate_coowners {
if ($domdesign{$cdom.'.autoassign.co-owners'}) {	if ($domdesign{$cdom.'.autoassign.co-owners'}) {
my %coursehash = &coursedescription($cdom.'_'.$cnum);	my %coursehash = &coursedescription($cdom.'_'.$cnum);
my $instcode = $coursehash{'internal.coursecode'};	my $instcode = $coursehash{'internal.coursecode'};
	my $xlists = $coursehash{'internal.crosslistings'};
if ($instcode ne '') {	if ($instcode ne '') {
if (($start && $start <= $now) && ($end == 0) \|\| ($end > $now)) {	if (($start && $start <= $now) && ($end == 0) \|\| ($end > $now)) {
unless ($coursehash{'internal.courseowner'} eq $uname.':'.$udom) {	unless ($coursehash{'internal.courseowner'} eq $uname.':'.$udom) {
my ($delcoowners,@newcoowners,$putresult,$delresult,$coowners);	my ($delcoowners,@newcoowners,$putresult,$delresult,$coowners);
my ($result,$desc) = &auto_validate_instcode($cnum,$cdom,$instcode,$uname.':'.$udom);	my ($result,$desc) = &auto_validate_instcode($cnum,$cdom,$instcode,$uname.':'.$udom);
	unless ($result eq 'valid') {
	if ($xlists ne '') {
	foreach my $xlist (split(',',$xlists)) {
	my ($inst_crosslist,$lcsec) = split(':',$xlist);
	$result =
	&auto_validate_inst_crosslist($cnum,$cdom,$instcode,
	$inst_crosslist,$uname.':'.$udom);
	last if ($result eq 'valid');
	}
	}
	}
if ($result eq 'valid') {	if ($result eq 'valid') {
if ($coursehash{'internal.co-owners'}) {	if ($coursehash{'internal.co-owners'}) {
foreach my $coowner (split(',',$coursehash{'internal.co-owners'})) {	foreach my $coowner (split(',',$coursehash{'internal.co-owners'})) {
Line 9866 sub autoupdate_coowners {	Line 10329 sub autoupdate_coowners {
} else {	} else {
push(@newcoowners,$uname.':'.$udom);	push(@newcoowners,$uname.':'.$udom);
}	}
} else {	} elsif ($coursehash{'internal.co-owners'}) {
if ($coursehash{'internal.co-owners'}) {	foreach my $coowner (split(',',$coursehash{'internal.co-owners'})) {
foreach my $coowner (split(',',$coursehash{'internal.co-owners'})) {	unless ($coowner eq $uname.':'.$udom) {
unless ($coowner eq $uname.':'.$udom) {	push(@newcoowners,$coowner);
push(@newcoowners,$coowner);
}
}
unless (@newcoowners > 0) {
$delcoowners = 1;
$coowners = '';
}	}
}	}
	unless (@newcoowners > 0) {
	$delcoowners = 1;
	$coowners = '';
	}
}	}
if (@newcoowners \|\| $delcoowners) {	if (@newcoowners \|\| $delcoowners) {
&store_coowners($cdom,$cnum,$coursehash{'home'},	&store_coowners($cdom,$cnum,$coursehash{'home'},
Line 9951 sub modifyuserauth {	Line 10412 sub modifyuserauth {
' in domain '.$env{'request.role.domain'});	' in domain '.$env{'request.role.domain'});
my $reply=&reply('encrypt:changeuserauth:'.$udom.':'.$uname.':'.$umode.':'.	my $reply=&reply('encrypt:changeuserauth:'.$udom.':'.$uname.':'.$umode.':'.
&escape($upass),$uhome);	&escape($upass),$uhome);
	my $ip = &get_requestor_ip();
&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},	&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},
'Authentication changed for '.$udom.', '.$uname.', '.$umode.	'Authentication changed for '.$udom.', '.$uname.', '.$umode.
'(Remote '.$ENV{'REMOTE_ADDR'}.'): '.$reply);	'(Remote '.$ip.'): '.$reply);
&log($udom,,$uname,$uhome,	&log($udom,,$uname,$uhome,
'Authentication changed by '.$env{'user.domain'}.', '.	'Authentication changed by '.$env{'user.domain'}.', '.
$env{'user.name'}.', '.$umode.	$env{'user.name'}.', '.$umode.
'(Remote '.$ENV{'REMOTE_ADDR'}.'): '.$reply);	'(Remote '.$ip.'): '.$reply);
unless ($reply eq 'ok') {	unless ($reply eq 'ok') {
&logthis('Authentication mode error: '.$reply);	&logthis('Authentication mode error: '.$reply);
return 'error: '.$reply;	return 'error: '.$reply;
Line 10478 sub store_userdata {	Line 10940 sub store_userdata {
if (($uhome eq '') \|\| ($uhome eq 'no_host')) {	if (($uhome eq '') \|\| ($uhome eq 'no_host')) {
$result = 'error: no_host';	$result = 'error: no_host';
} else {	} else {
$storehash->{'ip'} = $ENV{'REMOTE_ADDR'};	$storehash->{'ip'} = &get_requestor_ip();
$storehash->{'host'} = $perlvar{'lonHostID'};	$storehash->{'host'} = $perlvar{'lonHostID'};

my $namevalue='';	my $namevalue='';
Line 11303 sub get_userresdata {	Line 11765 sub get_userresdata {
# Parameters:	# Parameters:
# $name - Course/user name.	# $name - Course/user name.
# $domain - Name of the domain the user/course is registered on.	# $domain - Name of the domain the user/course is registered on.
# $type - Type of thing $name is (must be 'course' or 'user')	# $type - Type of thing $name is (must be 'course' or 'user'
# @which - Array of names of resources desired.	# @which - Array of names of resources desired.
# Returns:	# Returns:
# The value of the first reasource in @which that is found in the	# The value of the first reasource in @which that is found in the
Line 11322 sub resdata {	Line 11784 sub resdata {
}	}
if (!ref($result)) { return $result; }	if (!ref($result)) { return $result; }
foreach my $item (@which) {	foreach my $item (@which) {
if (ref($item) eq 'ARRAY') {	if (defined($result->{$item->[0]})) {
if (defined($result->{$item->[0]})) {	return [$result->{$item->[0]},$item->[1]];
return [$result->{$item->[0]},$item->[1]];	}
}
}
}	}
return undef;	return undef;
}	}

sub get_domain_ltitools {	sub get_domain_lti {
my ($cdom) = @_;	my ($cdom,$context) = @_;
my %ltitools;	my ($name,$cachename,%lti);
my ($result,$cached)=&is_cached_new('ltitools',$cdom);	if ($context eq 'consumer') {
	$name = 'ltitools';
	} elsif ($context eq 'provider') {
	$name = 'lti';
	} elsif ($context eq 'linkprot') {
	$name = 'ltisec';
	} else {
	return %lti;
	}

	if ($context eq 'linkprot') {
	$cachename = $context;
	} else {
	$cachename = $name;
	}

	my ($result,$cached)=&is_cached_new($cachename,$cdom);
if (defined($cached)) {	if (defined($cached)) {
if (ref($result) eq 'HASH') {	if (ref($result) eq 'HASH') {
%ltitools = %{$result};	%lti = %{$result};
}	}
} else {	} else {
my %domconfig = &get_dom('configuration',['ltitools'],$cdom);	my %domconfig = &get_dom('configuration',[$name],$cdom);
if (ref($domconfig{'ltitools'}) eq 'HASH') {	if (ref($domconfig{$name}) eq 'HASH') {
%ltitools = %{$domconfig{'ltitools'}};	if ($context eq 'linkprot') {
my %encdomconfig = &get_dom('encconfig',['ltitools'],$cdom);	if (ref($domconfig{$name}{'linkprot'}) eq 'HASH') {
if (ref($encdomconfig{'ltitools'}) eq 'HASH') {	%lti = %{$domconfig{$name}{'linkprot'}};
foreach my $id (keys(%ltitools)) {	}
if (ref($encdomconfig{'ltitools'}{$id}) eq 'HASH') {	} else {
foreach my $item ('key','secret') {	%lti = %{$domconfig{$name}};
$ltitools{$id}{$item} = $encdomconfig{'ltitools'}{$id}{$item};	}
	if (($context eq 'consumer') && (keys(%lti))) {
	my %encdomconfig = &get_dom('encconfig',[$name],$cdom,undef,1);
	if (ref($encdomconfig{$name}) eq 'HASH') {
	foreach my $id (keys(%lti)) {
	if (ref($encdomconfig{$name}{$id}) eq 'HASH') {
	foreach my $item ('key','secret') {
	$lti{$id}{$item} = $encdomconfig{$name}{$id}{$item};
	}
}	}
}	}
}	}
}	}
}	}
my $cachetime = 246060;	my $cachetime = 246060;
&do_cache_new('ltitools',$cdom,\%ltitools,$cachetime);	&do_cache_new($cachename,$cdom,\%lti,$cachetime);
	}
	return %lti;
	}

	sub get_course_lti {
	my ($cnum,$cdom) = @_;
	my $hashid=$cdom.'_'.$cnum;
	my %courselti;
	my ($result,$cached)=&is_cached_new('courselti',$hashid);
	if (defined($cached)) {
	if (ref($result) eq 'HASH') {
	%courselti = %{$result};
	}
	} else {
	%courselti = &dump('lti',$cdom,$cnum,undef,undef,undef,1);
	my $cachetime = 246060;
	&do_cache_new('courselti',$hashid,\%courselti,$cachetime);
	}
	return %courselti;
	}

	sub courselti_itemid {
	my ($cnum,$cdom,$url,$method,$params,$context) = @_;
	my ($chome,$itemid);
	$chome = &homeserver($cnum,$cdom);
	return if ($chome eq 'no_host');
	if (ref($params) eq 'HASH') {
	my $rep;
	if (grep { $_ eq $chome } current_machine_ids()) {
	$rep = LONCAPA::Lond::crslti_itemid($cdom,$cnum,$url,$method,$params,$perlvar{'lonVersion'});
	} else {
	my $escurl = &escape($url);
	my $escmethod = &escape($method);
	my $items = &freeze_escape($params);
	$rep = &reply("encrypt:lti:$cdom:$cnum:$context:$escurl:$escmethod:$items",$chome);
	}
	unless (($rep=~/^(refused\|rejected\|error)/) \|\| ($rep eq 'con_lost') \|\|
	($rep eq 'unknown_cmd')) {
	$itemid = $rep;
	}
}	}
return %ltitools;	return $itemid;
}	}

sub get_numsuppfiles {	sub domainlti_itemid {
my ($cnum,$cdom,$ignorecache)=@_;	my ($cdom,$url,$method,$params,$context) = @_;
	my ($primary_id,$itemid);
	$primary_id = &domain($cdom,'primary');
	return if ($primary_id eq '');
	if (ref($params) eq 'HASH') {
	my $rep;
	if (grep { $_ eq $primary_id } current_machine_ids()) {
	$rep = LONCAPA::Lond::domlti_itemid($cdom,$context,$url,$method,$params,$perlvar{'lonVersion'});
	} else {
	my $cnum = '';
	my $escurl = &escape($url);
	my $escmethod = &escape($method);
	my $items = &freeze_escape($params);
	$rep = &reply("encrypt:lti:$cdom:$cnum:$context:$escurl:$escmethod:$items",$primary_id);
	}
	unless (($rep=~/^(refused\|rejected\|error)/) \|\| ($rep eq 'con_lost') \|\|
	($rep eq 'unknown_cmd')) {
	$itemid = $rep;
	}
	}
	return $itemid;
	}

	sub count_supptools {
	my ($cnum,$cdom,$ignorecache,$reload)=@_;
my $hashid=$cnum.':'.$cdom;	my $hashid=$cnum.':'.$cdom;
my ($suppcount,$cached);	my ($numexttools,$cached);
unless ($ignorecache) {	unless ($ignorecache) {
($suppcount,$cached) = &is_cached_new('suppcount',$hashid);	($numexttools,$cached) = &is_cached_new('supptools',$hashid);
}	}
unless (defined($cached)) {	unless (defined($cached)) {
my $chome=&homeserver($cnum,$cdom);	my $chome=&homeserver($cnum,$cdom);
	$numexttools = 0;
unless ($chome eq 'no_host') {	unless ($chome eq 'no_host') {
($suppcount,my $errors) = (0,0);	my ($supplemental) = &Apache::loncommon::get_supplemental($cnum,$cdom,$reload);
my $suppmap = 'supplemental.sequence';	if (ref($supplemental) eq 'HASH') {
($suppcount,$errors) =	if ((ref($supplemental->{'ids'}) eq 'HASH') && (ref($supplemental->{'hidden'}) eq 'HASH')) {
&Apache::loncommon::recurse_supplemental($cnum,$cdom,$suppmap,$suppcount,$errors);	foreach my $key (keys(%{$supplemental->{'ids'}})) {
	if ($key =~ m{^/adm/$cdom/$cnum/\d+/ext\.tool$}) {
	$numexttools ++;
	}
	}
	}
	}
	}
	&do_cache_new('supptools',$hashid,$numexttools,600);
	}
	return $numexttools;
	}

	sub has_unhidden_suppfiles {
	my ($cnum,$cdom,$ignorecache,$possdel)=@_;
	my $hashid=$cnum.':'.$cdom;
	my ($showsupp,$cached);
	unless ($ignorecache) {
	($showsupp,$cached) = &is_cached_new('showsupp',$hashid);
	}
	unless (defined($cached)) {
	my $chome=&homeserver($cnum,$cdom);
	unless ($chome eq 'no_host') {
	my ($supplemental) = &Apache::loncommon::get_supplemental($cnum,$cdom,$ignorecache,$possdel);
	if (ref($supplemental) eq 'HASH') {
	if ((ref($supplemental->{'ids'}) eq 'HASH') && (ref($supplemental->{'hidden'}) eq 'HASH')) {
	foreach my $key (keys(%{$supplemental->{'ids'}})) {
	next if ($key =~ /\.sequence$/);
	if (ref($supplemental->{'ids'}->{$key}) eq 'ARRAY') {
	foreach my $id (@{$supplemental->{'ids'}->{$key}}) {
	unless ($supplemental->{'hidden'}->{$id}) {
	$showsupp = 1;
	last;
	}
	}
	}
	last if ($showsupp);
	}
	}
	}
}	}
&do_cache_new('suppcount',$hashid,$suppcount,600);	&do_cache_new('showsupp',$hashid,$showsupp,600);
}	}
return $suppcount;	return $showsupp;
}	}

#	#
# EXT resource caching routines	# EXT resource caching routines
#	#

	{
	# Cache (5 seconds) of map hierarchy for speedup of navmaps display
	#
	# The course for which we cache
	my $cachedmapkey='';
	# The cached recursive maps for this course
	my %cachedmaps=();
	# When this was last done
	my $cachedmaptime='';

sub clear_EXT_cache_status {	sub clear_EXT_cache_status {
&delenv('cache.EXT.');	&delenv('cache.EXT.');
}	}
Line 11440 sub EXT {	Line 12038 sub EXT {
if ( (defined($Apache::lonhomework::parsing_a_problem)	if ( (defined($Apache::lonhomework::parsing_a_problem)
\|\| defined($Apache::lonhomework::parsing_a_task))	\|\| defined($Apache::lonhomework::parsing_a_task))
&&	&&
($symbparm eq &symbread()) ) {	($symbparm eq &symbread()) ) {
# if we are in the middle of processing the resource the	# if we are in the middle of processing the resource the
# get the value we are planning on committing	# get the value we are planning on committing
if (defined($Apache::lonhomework::results{$qualifierrest})) {	if (defined($Apache::lonhomework::results{$qualifierrest})) {
Line 11697 sub EXT {	Line 12295 sub EXT {
if ($space eq 'name') {	if ($space eq 'name') {
return $ENV{'SERVER_NAME'};	return $ENV{'SERVER_NAME'};
}	}
	} elsif ($realm eq 'client') {
	if ($space eq 'remote_addr') {
	return &get_requestor_ip();
	}
}	}
return '';	return '';
}	}
Line 11730 sub check_group_parms {	Line 12332 sub check_group_parms {
return $coursereply;	return $coursereply;
}	}

	sub get_map_hierarchy {
	my ($mapname,$courseid) = @_;
	my @recurseup = ();
	if ($mapname) {
	if (($cachedmapkey eq $courseid) &&
	(abs($cachedmaptime-time)<5)) {
	if (ref($cachedmaps{$mapname}) eq 'ARRAY') {
	return @{$cachedmaps{$mapname}};
	}
	}
	my $navmap = Apache::lonnavmaps::navmap->new();
	if (ref($navmap)) {
	@recurseup = $navmap->recurseup_maps($mapname);
	undef($navmap);
	$cachedmaps{$mapname} = \@recurseup;
	$cachedmaptime=time;
	$cachedmapkey=$courseid;
	}
	}
	return @recurseup;
	}

	}

sub sort_course_groups { # Sort groups based on defined rankings. Default is sort().	sub sort_course_groups { # Sort groups based on defined rankings. Default is sort().
my ($courseid,@groups) = @_;	my ($courseid,@groups) = @_;
@groups = sort(@groups);	@groups = sort(@groups);
Line 12351 sub get_coursechange {	Line 12977 sub get_coursechange {
}	}

sub devalidate_coursechange_cache {	sub devalidate_coursechange_cache {
my ($cnum,$cdom)=@_;	my ($cdom,$cnum)=@_;
my $hashid=$cnum.':'.$cdom;	my $hashid=$cdom.'_'.$cnum;
&devalidate_cache_new('crschange',$hashid);	&devalidate_cache_new('crschange',$hashid);
}	}

	sub get_suppchange {
	my ($cdom,$cnum) = @_;
	if ($cdom eq '' \|\| $cnum eq '') {
	return unless ($env{'request.course.id'});
	$cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
	$cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
	}
	my $hashid=$cdom.'_'.$cnum;
	my ($change,$cached)=&is_cached_new('suppchange',$hashid);
	if ((defined($cached)) && ($change ne '')) {
	return $change;
	} else {
	my %crshash = &get('environment',['internal.supplementalchange'],$cdom,$cnum);
	if ($crshash{'internal.supplementalchange'} eq '') {
	$change = $env{'course.'.$cdom.'_'.$cnum.'.internal.created'};
	if ($change eq '') {
	%crshash = &get('environment',['internal.created'],$cdom,$cnum);
	$change = $crshash{'internal.created'};
	}
	} else {
	$change = $crshash{'internal.supplementalchange'};
	}
	my $cachetime = 600;
	&do_cache_new('suppchange',$hashid,$change,$cachetime);
	}
	return $change;
	}

	sub devalidate_suppchange_cache {
	my ($cdom,$cnum)=@_;
	my $hashid=$cdom.'_'.$cnum;
	&devalidate_cache_new('suppchange',$hashid);
	}

	sub update_supp_caches {
	my ($cdom,$cnum) = @_;
	my %servers = &internet_dom_servers($cdom);
	my @ids=&current_machine_ids();
	foreach my $server (keys(%servers)) {
	next if (grep(/^\Q$server\E$/,@ids));
	my $hashid=$cnum.':'.$cdom;
	my $cachekey = &escape('showsupp').':'.&escape($hashid);
	&remote_devalidate_cache($server,[$cachekey]);
	}
	&has_unhidden_suppfiles($cnum,$cdom,1,1);
	&count_supptools($cnum,$cdom,1);
	my $now = time;
	if ($env{'request.course.id'} eq $cdom.'_'.$cnum) {
	&Apache::lonnet::appenv({'request.course.suppupdated' => $now});
	}
	&put('environment',{'internal.supplementalchange' => $now},
	$cdom,$cnum);
	&Apache::lonnet::appenv(
	{'course.'.$cdom.'_'.$cnum.'.internal.supplementalchange' => $now});
	&do_cache_new('suppchange',$cdom.'_'.$cnum,$now,600);
	}

# ------------------------------------------------- Update symbolic store links	# ------------------------------------------------- Update symbolic store links

sub symblist {	sub symblist {
Line 12511 sub deversion {	Line 13194 sub deversion {
# ------------------------------------------------------ Return symb list entry	# ------------------------------------------------------ Return symb list entry

sub symbread {	sub symbread {
my ($thisfn,$donotrecurse,$ignorecachednull,$checkforblock,$possibles)=@_;	my ($thisfn,$donotrecurse,$ignorecachednull,$checkforblock,$possibles,
	$ignoresymbdb,$noenccheck)=@_;
my $cache_str='request.symbread.cached.'.$thisfn;	my $cache_str='request.symbread.cached.'.$thisfn;
if (defined($env{$cache_str})) {	if (defined($env{$cache_str})) {
if ($ignorecachednull) {	unless (ref($possibles) eq 'HASH') {
return $env{$cache_str} unless ($env{$cache_str} eq '');	if ($ignorecachednull) {
} else {	return $env{$cache_str} unless ($env{$cache_str} eq '');
return $env{$cache_str};	} else {
	return $env{$cache_str};
	}
}	}
}	}
# no filename provided? try from environment	# no filename provided? try from environment
Line 12539 sub symbread {	Line 13225 sub symbread {
my %bighash;	my %bighash;
my $syval='';	my $syval='';
if (($env{'request.course.fn'}) && ($thisfn)) {	if (($env{'request.course.fn'}) && ($thisfn)) {
my $targetfn = $thisfn;	unless ($ignoresymbdb) {
if ( ($thisfn =~ m/^(uploaded\|editupload)\//) && ($thisfn !~ m/\.(page\|sequence)$/) ) {	if (tie(%hash,'GDBM_File',$env{'request.course.fn'}.'_symb.db',
$targetfn = 'adm/wrapper/'.$thisfn;	&GDBM_READER(),0640)) {
}	$syval=$hash{$thisfn};
if ($targetfn =~ m\|^adm/wrapper/(ext/.*)\|) {	untie(%hash);
$targetfn=$1;	}
}	if ($syval && $checkforblock) {
if (tie(%hash,'GDBM_File',$env{'request.course.fn'}.'_symb.db',	my @blockers = &has_comm_blocking('bre',$syval,$thisfn,$ignoresymbdb,$noenccheck);
&GDBM_READER(),0640)) {	if (@blockers) {
$syval=$hash{$targetfn};	$syval='';
untie(%hash);	}
	}
}	}
# ---------------------------------------------------------- There was an entry	# ---------------------------------------------------------- There was an entry
if ($syval) {	if ($syval) {
Line 12582 sub symbread {	Line 13269 sub symbread {
$syval=&encode_symb($bighash{'map_id_'.$mapid},	$syval=&encode_symb($bighash{'map_id_'.$mapid},
$resid,$thisfn);	$resid,$thisfn);
if (ref($possibles) eq 'HASH') {	if (ref($possibles) eq 'HASH') {
$possibles->{$syval} = 1;	unless ($bighash{'randomout_'.$ids} \|\| $env{'request.role.adv'}) {
	$possibles->{$syval} = 1;
	}
}	}
if ($checkforblock) {	if ($checkforblock) {
my @blockers = &has_comm_blocking('bre',$syval,$bighash{'src_'.$ids});	unless ($bighash{'randomout_'.$ids} \|\| $env{'request.role.adv'}) {
if (@blockers) {	my @blockers = &has_comm_blocking('bre',$syval,$bighash{'src_'.$ids},'',$noenccheck);
$syval = '';	if (@blockers) {
return;	$syval = '';
	untie(%bighash);
	return $env{$cache_str}='';
	}
}	}
}	}
} elsif ((!$donotrecurse) \|\| ($checkforblock) \|\| (ref($possibles) eq 'HASH')) {	} elsif ((!$donotrecurse) \|\| ($checkforblock) \|\| (ref($possibles) eq 'HASH')) {
Line 12607 sub symbread {	Line 13299 sub symbread {
if ($bighash{'map_type_'.$mapid} ne 'page') {	if ($bighash{'map_type_'.$mapid} ne 'page') {
my $poss_syval=&encode_symb($bighash{'map_id_'.$mapid},	my $poss_syval=&encode_symb($bighash{'map_id_'.$mapid},
$resid,$thisfn);	$resid,$thisfn);
if (ref($possibles) eq 'HASH') {	next if ($bighash{'randomout_'.$id} && !$env{'request.role.adv'});
$possibles->{$syval} = 1;	next unless (($noenccheck) \|\| ($bighash{'encrypted_'.$id} eq $env{'request.enc'}));
}
if ($checkforblock) {	if ($checkforblock) {
my @blockers = &has_comm_blocking('bre',$poss_syval,$file);	my @blockers = &has_comm_blocking('bre',$poss_syval,$file,'',$noenccheck);
unless (@blockers > 0) {	if (@blockers > 0) {
	$syval = '';
	} else {
$syval = $poss_syval;	$syval = $poss_syval;
$realpossible++;	$realpossible++;
}	}
Line 12620 sub symbread {	Line 13313 sub symbread {
$syval = $poss_syval;	$syval = $poss_syval;
$realpossible++;	$realpossible++;
}	}
	if ($syval) {
	if (ref($possibles) eq 'HASH') {
	$possibles->{$syval} = 1;
	}
	}
}	}
}	}
}	}
Line 13339 sub machine_ids {	Line 14037 sub machine_ids {

sub additional_machine_domains {	sub additional_machine_domains {
my @domains;	my @domains;
open(my $fh,"<","$perlvar{'lonTabDir'}/expected_domains.tab");	if (-e "$perlvar{'lonTabDir'}/expected_domains.tab") {
while( my $line = <$fh>) {	if (open(my $fh,"<","$perlvar{'lonTabDir'}/expected_domains.tab")) {
$line =~ s/\s//g;	while( my $line = <$fh>) {
push(@domains,$line);	chomp($line);
	$line =~ s/\s//g;
	push(@domains,$line);
	}
	close($fh);
	}
}	}
return @domains;	return @domains;
}	}
Line 13361 sub default_login_domain {	Line 14064 sub default_login_domain {
}	}

sub shared_institution {	sub shared_institution {
my ($dom) = @_;	my ($dom,$lonhost) = @_;
	if ($lonhost eq '') {
	$lonhost = $perlvar{'lonHostID'};
	}
my $same_intdom;	my $same_intdom;
my $hostintdom = &internet_dom($perlvar{'lonHostID'});	my $hostintdom = &internet_dom($lonhost);
if ($hostintdom ne '') {	if ($hostintdom ne '') {
my %iphost = &get_iphost();	my %iphost = &get_iphost();
my $primary_id = &domain($dom,'primary');	my $primary_id = &domain($dom,'primary');
Line 13420 sub uses_sts {	Line 14126 sub uses_sts {
return;	return;
}	}

	sub waf_allssl {
	my ($host_name) = @_;
	my $alias = &get_proxy_alias();
	if ($host_name eq '') {
	$host_name = $ENV{'SERVER_NAME'};
	}
	if (($host_name ne '') && ($alias eq $host_name)) {
	my $serverhomedom = &host_domain($perlvar{'lonHostID'});
	my %defdomdefaults = &get_domain_defaults($serverhomedom);
	if ($defdomdefaults{'waf_sslopt'}) {
	return $defdomdefaults{'waf_sslopt'};
	}
	}
	return;
	}

	sub get_requestor_ip {
	my ($r,$nolookup,$noproxy) = @_;
	my $from_ip;
	if (ref($r)) {
	if ($r->can('useragent_ip')) {
	if ($noproxy && $r->can('client_ip')) {
	$from_ip = $r->client_ip();
	} else {
	$from_ip = $r->useragent_ip();
	}
	} elsif ($r->connection->can('remote_ip')) {
	$from_ip = $r->connection->remote_ip();
	} else {
	$from_ip = $r->get_remote_host($nolookup);
	}
	} else {
	$from_ip = $ENV{'REMOTE_ADDR'};
	}
	return $from_ip if ($noproxy);
	# Who controls proxy settings for server
	my $dom_in_use = $Apache::lonnet::perlvar{'lonDefDomain'};
	my $proxyinfo = &get_proxy_settings($dom_in_use);
	if ((ref($proxyinfo) eq 'HASH') && ($from_ip)) {
	if ($proxyinfo->{'vpnint'}) {
	if (&ip_match($from_ip,$proxyinfo->{'vpnint'})) {
	return $from_ip;
	}
	}
	if ($proxyinfo->{'trusted'}) {
	if (&ip_match($from_ip,$proxyinfo->{'trusted'})) {
	my $ipheader = $proxyinfo->{'ipheader'};
	my ($ip,$xfor);
	if (ref($r)) {
	if ($ipheader) {
	$ip = $r->headers_in->{$ipheader};
	}
	$xfor = $r->headers_in->{'X-Forwarded-For'};
	} else {
	if ($ipheader) {
	$ip = $ENV{'HTTP_'.uc($ipheader)};
	}
	$xfor = $ENV{'HTTP_X_FORWARDED_FOR'};
	}
	if (($ip eq '') && ($xfor ne '')) {
	foreach my $poss_ip (reverse(split(/\s,\s/,$xfor))) {
	unless (&ip_match($poss_ip,$proxyinfo->{'trusted'})) {
	$ip = $poss_ip;
	last;
	}
	}
	}
	if ($ip ne '') {
	return $ip;
	}
	}
	}
	}
	return $from_ip;
	}

	sub get_proxy_settings {
	my ($dom_in_use) = @_;
	my %domdefaults = &Apache::lonnet::get_domain_defaults($dom_in_use);
	my $proxyinfo = {
	ipheader => $domdefaults{'waf_ipheader'},
	trusted => $domdefaults{'waf_trusted'},
	vpnint => $domdefaults{'waf_vpnint'},
	vpnext => $domdefaults{'waf_vpnext'},
	sslopt => $domdefaults{'waf_sslopt'},
	};
	return $proxyinfo;
	}

	sub ip_match {
	my ($ip,$pattern_str) = @_;
	$ip=Net::CIDR::cidrvalidate($ip);
	if ($ip) {
	return Net::CIDR::cidrlookup($ip,split(/\s,\s/,$pattern_str));
	}
	return;
	}

	sub get_proxy_alias {
	my ($lonid) = @_;
	if ($lonid eq '') {
	$lonid = $perlvar{'lonHostID'};
	}
	if (!defined(&hostname($lonid))) {
	return;
	}
	if ($lonid ne '') {
	my ($alias,$cached) = &is_cached_new('proxyalias',$lonid);
	if ($cached) {
	return $alias;
	}
	my $dom = &Apache::lonnet::host_domain($lonid);
	if ($dom ne '') {
	my $cachetime = 606024;
	my %domconfig =
	&Apache::lonnet::get_dom('configuration',['wafproxy'],$dom);
	if (ref($domconfig{'wafproxy'}) eq 'HASH') {
	if (ref($domconfig{'wafproxy'}{'alias'}) eq 'HASH') {
	$alias = $domconfig{'wafproxy'}{'alias'}{$lonid};
	}
	}
	return &do_cache_new('proxyalias',$lonid,$alias,$cachetime);
	}
	}
	return;
	}

	sub use_proxy_alias {
	my ($r,$lonid) = @_;
	my $alias = &get_proxy_alias($lonid);
	if ($alias) {
	my $dom = &host_domain($lonid);
	if ($dom ne '') {
	my $proxyinfo = &get_proxy_settings($dom);
	my ($vpnint,$remote_ip);
	if (ref($proxyinfo) eq 'HASH') {
	$vpnint = $proxyinfo->{'vpnint'};
	if ($vpnint) {
	$remote_ip = &get_requestor_ip($r,1,1);
	}
	}
	unless ($vpnint && &ip_match($remote_ip,$vpnint)) {
	return $alias;
	}
	}
	}
	return;
	}

	sub alias_sso {
	my ($lonid) = @_;
	if ($lonid eq '') {
	$lonid = $perlvar{'lonHostID'};
	}
	if (!defined(&hostname($lonid))) {
	return;
	}
	if ($lonid ne '') {
	my ($use_alias,$cached) = &is_cached_new('proxysaml',$lonid);
	if ($cached) {
	return $use_alias;
	}
	my $dom = &Apache::lonnet::host_domain($lonid);
	if ($dom ne '') {
	my $cachetime = 606024;
	my %domconfig =
	&Apache::lonnet::get_dom('configuration',['wafproxy'],$dom);
	if (ref($domconfig{'wafproxy'}) eq 'HASH') {
	if (ref($domconfig{'wafproxy'}{'saml'}) eq 'HASH') {
	$use_alias = $domconfig{'wafproxy'}{'saml'}{$lonid};
	}
	}
	return &do_cache_new('proxysaml',$lonid,$use_alias,$cachetime);
	}
	}
	return;
	}

	sub get_saml_landing {
	my ($lonid) = @_;
	if ($lonid eq '') {
	my $defdom = &default_login_domain();
	my @hosts = &current_machine_ids();
	if (@hosts > 1) {
	foreach my $hostid (@hosts) {
	if (&host_domain($hostid) eq $defdom) {
	$lonid = $hostid;
	last;
	}
	}
	} else {
	$lonid = $perlvar{'lonHostID'};
	}
	if ($lonid) {
	unless (&Apache::lonnet::host_domain($lonid) eq $defdom) {
	return;
	}
	} else {
	return;
	}
	} elsif (!defined(&hostname($lonid))) {
	return;
	}
	my ($landing,$cached) = &is_cached_new('samllanding',$lonid);
	if ($cached) {
	return $landing;
	}
	my $dom = &Apache::lonnet::host_domain($lonid);
	if ($dom ne '') {
	my $cachetime = 606024;
	my %domconfig =
	&Apache::lonnet::get_dom('configuration',['login'],$dom);
	if (ref($domconfig{'login'}) eq 'HASH') {
	if (ref($domconfig{'login'}{'saml'}) eq 'HASH') {
	if (ref($domconfig{'login'}{'saml'}{$lonid}) eq 'HASH') {
	$landing = 1;
	}
	}
	}
	return &do_cache_new('samllanding',$lonid,$landing,$cachetime);
	}
	return;
	}

# ------------------------------------------------------------- Declutters URLs	# ------------------------------------------------------------- Declutters URLs

sub declutter {	sub declutter {
Line 13559 sub get_dns {	Line 14489 sub get_dns {
}	}
while (%alldns) {	while (%alldns) {
my ($dns) = sort { $b cmp $a } keys(%alldns);	my ($dns) = sort { $b cmp $a } keys(%alldns);
my $ua=new LWP::UserAgent;	my @content;
$ua->timeout(30);	if ($dns eq Sys::Hostname::FQDN::fqdn()) {
my $request=new HTTP::Request('GET',"$alldns{$dns}://$dns$url");	my $command = (split('/',$url))[3];
my $response=$ua->request($request);	my ($dir,$file) = &parse_getdns_url($command,$url);
delete($alldns{$dns});	delete($alldns{$dns});
next if ($response->is_error());	next if (($dir eq '') \|\| ($file eq ''));
my @content = split("\n",$response->content);	if (open(my $config,'<',"$dir/$file")) {
	@content = <$config>;
	close($config);
	}
	} else {
	my $ua=new LWP::UserAgent;
	$ua->timeout(30);
	my $request=new HTTP::Request('GET',"$alldns{$dns}://$dns$url");
	my $response=$ua->request($request);
	delete($alldns{$dns});
	next if ($response->is_error());
	@content = split("\n",$response->content);
	}
unless ($nocache) {	unless ($nocache) {
&do_cache_new('dns',$url,\@content,302460*60);	&do_cache_new('dns',$url,\@content,302460*60);
}	}
Line 13637 sub fetch_dns_checksums {	Line 14579 sub fetch_dns_checksums {
return \%checksums;	return \%checksums;
}	}

	sub parse_getdns_url {
	my ($command,$url) = @_;
	my $dir = $perlvar{'lonTabDir'};
	my $file;
	if ($command eq 'hosts') {
	$file = 'dns_hosts.tab';
	} elsif ($command eq 'domain') {
	$file = 'dns_domain.tab';
	} elsif ($command eq 'checksums') {
	my $version = (split('/',$url))[4];
	$file = "dns_checksums/$version.tab",
	}
	return ($dir,$file);
	}

# ------------------------------------------------------------ Read domain file	# ------------------------------------------------------------ Read domain file
{	{
my $loaded;	my $loaded;
Line 14516 prevents recursive calls to &allowed.	Line 15473 prevents recursive calls to &allowed.
2: browse allowed	2: browse allowed
A: passphrase authentication needed	A: passphrase authentication needed
B: access temporarily blocked because of a blocking event in a course.	B: access temporarily blocked because of a blocking event in a course.
	D: access blocked because access is required via session initiated via deep-link

=item *	=item *

Line 14808 data base, returning a hash that is keye	Line 15766 data base, returning a hash that is keye
values that are the resource value. I believe that the timestamps and	values that are the resource value. I believe that the timestamps and
versions are also returned.	versions are also returned.

get_numsuppfiles($cnum,$cdom) : retrieve number of files in a course's
supplemental content area. This routine caches the number of files for
10 minutes.

=back	=back

=head2 Course Modification	=head2 Course Modification

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.1172.2.118.2.7
changed lines
	Added in v.1.1172.2.146.2.11