loncom/lonnet/perl/lonnet.pm - diff

Return to lonnet.pm CVS log

Up to [LON-CAPA] / loncom / lonnet / perl

Diff for /loncom/lonnet/perl/lonnet.pm between versions 1.1172.2.52 and 1.1402

version 1.1172.2.52, 2014/06/25 18:44:10	version 1.1402, 2019/01/27 16:02:58
Line 71 delayed.	Line 71 delayed.
package Apache::lonnet;	package Apache::lonnet;

use strict;	use strict;
use LWP::UserAgent();
use HTTP::Date;	use HTTP::Date;
use Image::Magick;	use Image::Magick;
	use CGI::Cookie;

	use Encode;

use vars qw(%perlvar %spareid %pr %prp $memcache %packagetab $tmpdir	use vars qw(%perlvar %spareid %pr %prp $memcache %packagetab $tmpdir
$_64bit %env %protocol %loncaparevs %serverhomeIDs %needsrelease	$_64bit %env %protocol %loncaparevs %serverhomeIDs %needsrelease
Line 89 use GDBM_File;	Line 91 use GDBM_File;
use HTML::LCParser;	use HTML::LCParser;
use Fcntl qw(:flock);	use Fcntl qw(:flock);
use Storable qw(thaw nfreeze);	use Storable qw(thaw nfreeze);
use Time::HiRes qw( gettimeofday tv_interval );	use Time::HiRes qw( sleep gettimeofday tv_interval );
use Cache::Memcached;	use Cache::Memcached;
use Digest::MD5;	use Digest::MD5;
use Math::Random;	use Math::Random;
Line 98 use LONCAPA qw(:DEFAULT :match);	Line 100 use LONCAPA qw(:DEFAULT :match);
use LONCAPA::Configuration;	use LONCAPA::Configuration;
use LONCAPA::lonmetadata;	use LONCAPA::lonmetadata;
use LONCAPA::Lond;	use LONCAPA::Lond;
	use LONCAPA::LWPReq;

use File::Copy;	use File::Copy;

my $readit;	my $readit;
my $max_connection_retries = 10; # Or some such value.	my $max_connection_retries = 20; # Or some such value.

require Exporter;	require Exporter;

our @ISA = qw (Exporter);	our @ISA = qw (Exporter);
our @EXPORT = qw(%env);	our @EXPORT = qw(%env);


# ------------------------------------ Logging (parameters, docs, slots, roles)	# ------------------------------------ Logging (parameters, docs, slots, roles)
{	{
my $logid;	my $logid;
Line 123 our @EXPORT = qw(%env);	Line 127 our @EXPORT = qw(%env);
$logid ++;	$logid ++;
my $now = time();	my $now = time();
my $id=$now.'00000'.$$.'00000'.$logid;	my $id=$now.'00000'.$$.'00000'.$logid;
my $logentry = {	my $logentry = {
$id => {	$id => {
'exe_uname' => $env{'user.name'},	'exe_uname' => $env{'user.name'},
'exe_udom' => $env{'user.domain'},	'exe_udom' => $env{'user.domain'},
'exe_time' => $now,	'exe_time' => $now,
'exe_ip' => $ENV{'REMOTE_ADDR'},	'exe_ip' => $ENV{'REMOTE_ADDR'},
'delflag' => $delflag,	'delflag' => $delflag,
'logentry' => $storehash,	'logentry' => $storehash,
'uname' => $uname,	'uname' => $uname,
'udom' => $udom,	'udom' => $udom,
}	}
};	};
return &put('nohist_'.$hash_name,$logentry,$cdom,$cnum);	return &put('nohist_'.$hash_name,$logentry,$cdom,$cnum);
}	}
}	}

sub logtouch {	sub logtouch {
my $execdir=$perlvar{'lonDaemons'};	my $execdir=$perlvar{'lonDaemons'};
unless (-e "$execdir/logs/lonnet.log") {	unless (-e "$execdir/logs/lonnet.log") {
open(my $fh,">>$execdir/logs/lonnet.log");	open(my $fh,">>","$execdir/logs/lonnet.log");
close $fh;	close $fh;
}	}
my ($wwwuid,$wwwgid)=(getpwnam('www'))[2,3];	my ($wwwuid,$wwwgid)=(getpwnam('www'))[2,3];
Line 154 sub logthis {	Line 158 sub logthis {
my $execdir=$perlvar{'lonDaemons'};	my $execdir=$perlvar{'lonDaemons'};
my $now=time;	my $now=time;
my $local=localtime($now);	my $local=localtime($now);
if (open(my $fh,">>$execdir/logs/lonnet.log")) {	if (open(my $fh,">>","$execdir/logs/lonnet.log")) {
my $logstring = $local. " ($$): ".$message."\n"; # Keep any \'s in string.	my $logstring = $local. " ($$): ".$message."\n"; # Keep any \'s in string.
print $fh $logstring;	print $fh $logstring;
close($fh);	close($fh);
Line 167 sub logperm {	Line 171 sub logperm {
my $execdir=$perlvar{'lonDaemons'};	my $execdir=$perlvar{'lonDaemons'};
my $now=time;	my $now=time;
my $local=localtime($now);	my $local=localtime($now);
if (open(my $fh,">>$execdir/logs/lonnet.perm.log")) {	if (open(my $fh,">>","$execdir/logs/lonnet.perm.log")) {
print $fh "$now:$message:$local\n";	print $fh "$now:$message:$local\n";
close($fh);	close($fh);
}	}
Line 180 sub create_connection {	Line 184 sub create_connection {
Type => SOCK_STREAM,	Type => SOCK_STREAM,
Timeout => 10);	Timeout => 10);
return 0 if (!$client);	return 0 if (!$client);
print $client (join(':',$hostname,$lonid,&machine_ids($hostname))."\n");	print $client (join(':',$hostname,$lonid,&machine_ids($hostname),$loncaparevs{$lonid})."\n");
my $result = <$client>;	my $result = <$client>;
chomp($result);	chomp($result);
return 1 if ($result eq 'done');	return 1 if ($result eq 'done');
Line 225 sub get_server_distarch {	Line 229 sub get_server_distarch {
return;	return;
}	}

	sub get_servercerts_info {
	my ($lonhost,$hostname,$context) = @_;
	return if ($lonhost eq '');
	if ($hostname eq '') {
	$hostname = &hostname($lonhost);
	}
	return if ($hostname eq '');
	my ($rep,$uselocal);
	if ($context eq 'install') {
	$uselocal = 1;
	} elsif (grep { $_ eq $lonhost } &current_machine_ids()) {
	$uselocal = 1;
	}
	if (($context ne 'cgi') && ($context ne 'install') && ($uselocal)) {
	my $distro = (split(/\:/,&get_server_distarch($lonhost)))[0];
	if ($distro eq '') {
	$uselocal = 0;
	} elsif ($distro =~ /^(?:centos\|redhat\|scientific)(\d+)$/) {
	if ($1 < 6) {
	$uselocal = 0;
	}
	} elsif ($distro =~ /^(?:sles)(\d+)$/) {
	if ($1 < 12) {
	$uselocal = 0;
	}
	}
	}
	if ($uselocal) {
	$rep = LONCAPA::Lond::server_certs(\%perlvar,$lonhost,$hostname);
	} else {
	$rep=&reply('servercerts',$lonhost);
	}
	my ($result,%returnhash);
	if (($rep=~/^(refused\|rejected\|error)/) \|\| ($rep eq 'con_lost') \|\|
	($rep eq 'unknown_cmd')) {
	$result = $rep;
	} else {
	$result = 'ok';
	my @pairs=split(/\&/,$rep);
	foreach my $item (@pairs) {
	my ($key,$value)=split(/=/,$item,2);
	my $what = &unescape($key);
	$returnhash{$what}=&thaw_unescape($value);
	}
	}
	return ($result,\%returnhash);
	}

sub get_server_loncaparev {	sub get_server_loncaparev {
my ($dom,$lonhost,$ignore_cache,$caller) = @_;	my ($dom,$lonhost,$ignore_cache,$caller) = @_;
if (defined($lonhost)) {	if (defined($lonhost)) {
Line 259 sub get_server_loncaparev {	Line 311 sub get_server_loncaparev {
$answer = &reply('serverloncaparev',$lonhost);	$answer = &reply('serverloncaparev',$lonhost);
if (($answer eq 'unknown_cmd') \|\| ($answer eq 'con_lost')) {	if (($answer eq 'unknown_cmd') \|\| ($answer eq 'con_lost')) {
if ($caller eq 'loncron') {	if ($caller eq 'loncron') {
my $ua=new LWP::UserAgent;	my $hostname = &hostname($lonhost);
$ua->timeout(4);
my $protocol = $protocol{$lonhost};	my $protocol = $protocol{$lonhost};
$protocol = 'http' if ($protocol ne 'https');	$protocol = 'http' if ($protocol ne 'https');
my $url = $protocol.'://'.&hostname($lonhost).'/adm/about.html';	my $url = $protocol.'://'.$hostname.'/adm/about.html';
my $request=new HTTP::Request('GET',$url);	my $request=new HTTP::Request('GET',$url);
my $response=$ua->request($request);	my $response=&LONCAPA::LWPReq::makerequest($lonhost,$request,'',\%perlvar,4,1);
unless ($response->is_error()) {	unless ($response->is_error()) {
my $content = $response->content;	my $content = $response->content;
if ($content =~ /<p>VERSION\:\s*([\w.\-]+)<\/p>/) {	if ($content =~ /<p>VERSION\:\s*([\w.\-]+)<\/p>/) {
Line 356 sub remote_devalidate_cache {	Line 407 sub remote_devalidate_cache {
my $items;	my $items;
return unless (ref($cachekeys) eq 'ARRAY');	return unless (ref($cachekeys) eq 'ARRAY');
my $cachestr = join('&',@{$cachekeys});	my $cachestr = join('&',@{$cachekeys});
return &reply('devalidatecache:'.&escape($cachestr),$lonhost);	my $response = &reply('devalidatecache:'.&escape($cachestr),$lonhost);
	return $response;
}	}

# -------------------------------------------------- Non-critical communication	# -------------------------------------------------- Non-critical communication
Line 370 sub subreply {	Line 422 sub subreply {

my $lockfile=$peerfile.".lock";	my $lockfile=$peerfile.".lock";
while (-e $lockfile) { # Need to wait for the lockfile to disappear.	while (-e $lockfile) { # Need to wait for the lockfile to disappear.
sleep(1);	sleep(0.1);
}	}
# At this point, either a loncnew parent is listening or an old lonc	# At this point, either a loncnew parent is listening or an old lonc
# or loncnew child is listening so we can connect or everything's dead.	# or loncnew child is listening so we can connect or everything's dead.
Line 388 sub subreply {	Line 440 sub subreply {
} else {	} else {
&create_connection(&hostname($server),$server);	&create_connection(&hostname($server),$server);
}	}
sleep(1); # Try again later if failed connection.	sleep(0.1); # Try again later if failed connection.
}	}
my $answer;	my $answer;
if ($client) {	if ($client) {
Line 407 sub reply {	Line 459 sub reply {
unless (defined(&hostname($server))) { return 'no_such_host'; }	unless (defined(&hostname($server))) { return 'no_such_host'; }
my $answer=subreply($cmd,$server);	my $answer=subreply($cmd,$server);
if (($answer=~/^refused/) \|\| ($answer=~/^rejected/)) {	if (($answer=~/^refused/) \|\| ($answer=~/^rejected/)) {
&logthis("<font color=\"blue\">WARNING:".	my $logged = $cmd;
" $cmd to $server returned $answer</font>");	if ($cmd =~ /^encrypt:([^:]+):/) {
	my $subcmd = $1;
	if (($subcmd eq 'auth') \|\| ($subcmd eq 'passwd') \|\|
	($subcmd eq 'changeuserauth') \|\| ($subcmd eq 'makeuser') \|\|
	($subcmd eq 'putdom') \|\| ($subcmd eq 'autoexportgrades')) {
	(undef,undef,my @rest) = split(/:/,$cmd);
	if (($subcmd eq 'auth') \|\| ($subcmd eq 'putdom')) {
	splice(@rest,2,1,'Hidden');
	} elsif ($subcmd eq 'passwd') {
	splice(@rest,2,2,('Hidden','Hidden'));
	} elsif (($subcmd eq 'changeuserauth') \|\| ($subcmd eq 'makeuser') \|\|
	($subcmd eq 'autoexportgrades')) {
	splice(@rest,3,1,'Hidden');
	}
	$logged = join(':',('encrypt:'.$subcmd,@rest));
	}
	}
	&logthis("<font color=\"blue\">WARNING:".
	" $logged to $server returned $answer</font>");
}	}
return $answer;	return $answer;
}	}
Line 417 sub reply {	Line 487 sub reply {

sub reconlonc {	sub reconlonc {
my ($lonid) = @_;	my ($lonid) = @_;
my $hostname = &hostname($lonid);
if ($lonid) {	if ($lonid) {
	my $hostname = &hostname($lonid);
my $peerfile="$perlvar{'lonSockDir'}/$hostname";	my $peerfile="$perlvar{'lonSockDir'}/$hostname";
if ($hostname && -e $peerfile) {	if ($hostname && -e $peerfile) {
&logthis("Trying to reconnect lonc for $lonid ($hostname)");	&logthis("Trying to reconnect lonc for $lonid ($hostname)");
Line 436 sub reconlonc {	Line 506 sub reconlonc {

&logthis("Trying to reconnect lonc");	&logthis("Trying to reconnect lonc");
my $loncfile="$perlvar{'lonDaemons'}/logs/lonc.pid";	my $loncfile="$perlvar{'lonDaemons'}/logs/lonc.pid";
if (open(my $fh,"<$loncfile")) {	if (open(my $fh,"<",$loncfile)) {
my $loncpid=<$fh>;	my $loncpid=<$fh>;
chomp($loncpid);	chomp($loncpid);
if (kill 0 => $loncpid) {	if (kill 0 => $loncpid) {
&logthis("lonc at pid $loncpid responding, sending USR1");	&logthis("lonc at pid $loncpid responding, sending USR1");
kill USR1 => $loncpid;	kill USR1 => $loncpid;
sleep 1;	sleep 1;
} else {	} else {
&logthis(	&logthis(
"<font color=\"blue\">WARNING:".	"<font color=\"blue\">WARNING:".
" lonc at pid $loncpid not responding, giving up</font>");	" lonc at pid $loncpid not responding, giving up</font>");
Line 464 sub critical {	Line 534 sub critical {
}	}
my $answer=reply($cmd,$server);	my $answer=reply($cmd,$server);
if ($answer eq 'con_lost') {	if ($answer eq 'con_lost') {
&reconlonc("$perlvar{'lonSockDir'}/$server");	&reconlonc($server);
my $answer=reply($cmd,$server);	my $answer=reply($cmd,$server);
if ($answer eq 'con_lost') {	if ($answer eq 'con_lost') {
my $now=time;	my $now=time;
Line 476 sub critical {	Line 546 sub critical {
$dumpcount++;	$dumpcount++;
{	{
my $dfh;	my $dfh;
if (open($dfh,">$dfilename")) {	if (open($dfh,">",$dfilename)) {
print $dfh "$cmd\n";	print $dfh "$cmd\n";
close($dfh);	close($dfh);
}	}
}	}
sleep 2;	sleep 1;
my $wcmd='';	my $wcmd='';
{	{
my $dfh;	my $dfh;
if (open($dfh,"<$dfilename")) {	if (open($dfh,"<",$dfilename)) {
$wcmd=<$dfh>;	$wcmd=<$dfh>;
close($dfh);	close($dfh);
}	}
Line 601 sub transfer_profile_to_env {	Line 671 sub transfer_profile_to_env {

# ---------------------------------------------------- Check for valid session	# ---------------------------------------------------- Check for valid session
sub check_for_valid_session {	sub check_for_valid_session {
my ($r,$name,$userhashref) = @_;	my ($r,$name,$userhashref,$domref) = @_;
my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));	my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
if ($name eq '') {	my ($lonidsdir,$linkname,$pubname,$secure,$lonid);
$name = 'lonID';
}
my $lonid=$cookies{$name};
return undef if (!$lonid);

my $handle=&LONCAPA::clean_handle($lonid->value);
my $lonidsdir;
if ($name eq 'lonDAV') {	if ($name eq 'lonDAV') {
$lonidsdir=$r->dir_config('lonDAVsessDir');	$lonidsdir=$r->dir_config('lonDAVsessDir');
} else {	} else {
$lonidsdir=$r->dir_config('lonIDsDir');	$lonidsdir=$r->dir_config('lonIDsDir');
	if ($name eq '') {
	$name = 'lonID';
	}
	}
	if ($name eq 'lonID') {
	$secure = 'lonSID';
	$linkname = 'lonLinkID';
	$pubname = 'lonPubID';
	if (exists($cookies{$secure})) {
	$lonid=$cookies{$secure};
	} elsif (exists($cookies{$name})) {
	$lonid=$cookies{$name};
	} elsif ((exists($cookies{$linkname})) && ($ENV{'SERVER_PORT'} != 443)) {
	$lonid=$cookies{$linkname};
	} elsif (exists($cookies{$pubname})) {
	$lonid=$cookies{$pubname};
	}
	} else {
	$lonid=$cookies{$name};
	}
	return undef if (!$lonid);

	my $handle=&LONCAPA::clean_handle($lonid->value);
	if (-l "$lonidsdir/$handle.id") {
	my $link = readlink("$lonidsdir/$handle.id");
	if ((-e $link) && ($link =~ m{^\Q$lonidsdir\E/(.+)\.id$})) {
	$handle = $1;
	}
	}
	if (!-e "$lonidsdir/$handle.id") {
	if ((ref($domref)) && ($name eq 'lonID') &&
	($handle =~ /^($match_username)\_\d+\_($match_domain)\_(.+)$/)) {
	my ($possuname,$possudom,$possuhome) = ($1,$2,$3);
	if ((&domain($possudom) ne '') && (&homeserver($possuname,$possudom) eq $possuhome)) {
	$$domref = $possudom;
	}
	}
	return undef;
}	}
return undef if (!-e "$lonidsdir/$handle.id");

my $opened = open(my $idf,'+<',"$lonidsdir/$handle.id");	my $opened = open(my $idf,'+<',"$lonidsdir/$handle.id");
return undef if (!$opened);	return undef if (!$opened);
Line 630 sub check_for_valid_session {	Line 730 sub check_for_valid_session {

if (!defined($disk_env{'user.name'})	if (!defined($disk_env{'user.name'})
\|\| !defined($disk_env{'user.domain'})) {	\|\| !defined($disk_env{'user.domain'})) {
	untie(%disk_env);
return undef;	return undef;
}	}

if (ref($userhashref) eq 'HASH') {	if (ref($userhashref) eq 'HASH') {
$userhashref->{'name'} = $disk_env{'user.name'};	$userhashref->{'name'} = $disk_env{'user.name'};
$userhashref->{'domain'} = $disk_env{'user.domain'};	$userhashref->{'domain'} = $disk_env{'user.domain'};
	$userhashref->{'lti'} = $disk_env{'request.lti.login'};
	if ($userhashref->{'lti'}) {
	$userhashref->{'ltitarget'} = $disk_env{'request.lti.target'};
	$userhashref->{'ltiuri'} = $disk_env{'request.lti.uri'};
	}
}	}
	untie(%disk_env);

return $handle;	return $handle;
}	}
Line 661 sub timed_flock {	Line 768 sub timed_flock {
}	}
}	}

	sub get_sessionfile_vars {
	my ($handle,$lonidsdir,$storearr) = @_;
	my %returnhash;
	unless (ref($storearr) eq 'ARRAY') {
	return %returnhash;
	}
	if (-l "$lonidsdir/$handle.id") {
	my $link = readlink("$lonidsdir/$handle.id");
	if ((-e $link) && ($link =~ m{^\Q$lonidsdir\E/(.+)\.id$})) {
	$handle = $1;
	}
	}
	if ((-e "$lonidsdir/$handle.id") &&
	($handle =~ /^($match_username)\_\d+\_($match_domain)\_(.+)$/)) {
	my ($possuname,$possudom,$possuhome) = ($1,$2,$3);
	if ((&domain($possudom) ne '') && (&homeserver($possuname,$possudom) eq $possuhome)) {
	if (open(my $idf,'+<',"$lonidsdir/$handle.id")) {
	flock($idf,LOCK_SH);
	if (tie(my %disk_env,'GDBM_File',"$lonidsdir/$handle.id",
	&GDBM_READER(),0640)) {
	foreach my $item (@{$storearr}) {
	$returnhash{$item} = $disk_env{$item};
	}
	untie(%disk_env);
	}
	}
	}
	}
	return %returnhash;
	}

# ---------------------------------------------------------- Append Environment	# ---------------------------------------------------------- Append Environment

sub appenv {	sub appenv {
Line 686 sub appenv {	Line 824 sub appenv {
$env{$key}=$newenv->{$key};	$env{$key}=$newenv->{$key};
}	}
}	}
my $opened = open(my $env_file,'+<',$env{'user.environment'});	my $lonids = $perlvar{'lonIDsDir'};
if ($opened	if ($env{'user.environment'} =~ m{^\Q$lonids/\E$match_username\_\d+\_$match_domain\_[\w\-.]+\.id$}) {
&& &timed_flock($env_file,LOCK_EX)	my $opened = open(my $env_file,'+<',$env{'user.environment'});
&&	if ($opened
tie(my %disk_env,'GDBM_File',$env{'user.environment'},	&& &timed_flock($env_file,LOCK_EX)
(&GDBM_WRITER()\|&GDBM_NOLOCK()),0640)) {	&&
while (my ($key,$value) = each(%{$newenv})) {	tie(my %disk_env,'GDBM_File',$env{'user.environment'},
$disk_env{$key} = $value;	(&GDBM_WRITER()\|&GDBM_NOLOCK()),0640)) {
}	while (my ($key,$value) = each(%{$newenv})) {
untie(%disk_env);	$disk_env{$key} = $value;
	}
	untie(%disk_env);
	}
}	}
}	}
return 'ok';	return 'ok';
Line 811 sub userload {	Line 952 sub userload {
while ($filename=readdir(LONIDS)) {	while ($filename=readdir(LONIDS)) {
next if ($filename eq '.' \|\| $filename eq '..');	next if ($filename eq '.' \|\| $filename eq '..');
next if ($filename =~ /publicuser_\d+\.id/);	next if ($filename =~ /publicuser_\d+\.id/);
	next if ($filename =~ /^[a-f0-9]+_linked\.id$/);
my ($mtime)=(stat($perlvar{'lonIDsDir'}.'/'.$filename))[9];	my ($mtime)=(stat($perlvar{'lonIDsDir'}.'/'.$filename))[9];
if ($curtime-$mtime < 1800) { $numusers++; }	if ($curtime-$mtime < 1800) { $numusers++; }
}	}
Line 844 sub spareserver {	Line 986 sub spareserver {
if (ref($spareshash) eq 'HASH') {	if (ref($spareshash) eq 'HASH') {
if (ref($spareshash->{'primary'}) eq 'ARRAY') {	if (ref($spareshash->{'primary'}) eq 'ARRAY') {
foreach my $try_server (@{ $spareshash->{'primary'} }) {	foreach my $try_server (@{ $spareshash->{'primary'} }) {
if ($uint_dom) {	next unless (&spare_can_host($udom,$uint_dom,$remotesessions,
next unless (&spare_can_host($udom,$uint_dom,$remotesessions,	$try_server));
$try_server));
}
($spare_server, $lowest_load) =	($spare_server, $lowest_load) =
&compare_server_load($try_server, $spare_server, $lowest_load);	&compare_server_load($try_server, $spare_server, $lowest_load);
}	}
Line 858 sub spareserver {	Line 998 sub spareserver {
if (!$found_server) {	if (!$found_server) {
if (ref($spareshash->{'default'}) eq 'ARRAY') {	if (ref($spareshash->{'default'}) eq 'ARRAY') {
foreach my $try_server (@{ $spareshash->{'default'} }) {	foreach my $try_server (@{ $spareshash->{'default'} }) {
if ($uint_dom) {	next unless (&spare_can_host($udom,$uint_dom,
next unless (&spare_can_host($udom,$uint_dom,	$remotesessions,$try_server));
$remotesessions,$try_server));
}
($spare_server, $lowest_load) =	($spare_server, $lowest_load) =
&compare_server_load($try_server, $spare_server, $lowest_load);	&compare_server_load($try_server, $spare_server, $lowest_load);
}	}
Line 870 sub spareserver {	Line 1008 sub spareserver {
}	}

if (!$want_server_name) {	if (!$want_server_name) {
my $protocol = 'http';
if ($protocol{$spare_server} eq 'https') {
$protocol = $protocol{$spare_server};
}
if (defined($spare_server)) {	if (defined($spare_server)) {
my $hostname = &hostname($spare_server);	my $hostname = &hostname($spare_server);
if (defined($hostname)) {	if (defined($hostname)) {
	my $protocol = 'http';
	if ($protocol{$spare_server} eq 'https') {
	$protocol = $protocol{$spare_server};
	}
$spare_server = $protocol.'://'.$hostname;	$spare_server = $protocol.'://'.$hostname;
}	}
}	}
Line 943 sub find_existing_session {	Line 1081 sub find_existing_session {
return;	return;
}	}

	# check if user's browser sent load balancer cookie and server still has session
	# and is not overloaded.
	sub check_for_balancer_cookie {
	my ($r,$update_mtime) = @_;
	my ($otherserver,$cookie);
	my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
	if (exists($cookies{'balanceID'})) {
	my $balid = $cookies{'balanceID'};
	$cookie=&LONCAPA::clean_handle($balid->value);
	my $balancedir=$r->dir_config('lonBalanceDir');
	if ((-d $balancedir) && (-e "$balancedir/$cookie.id")) {
	if ($cookie =~ /^($match_domain)_($match_username)_[a-f0-9]+$/) {
	my ($possudom,$possuname) = ($1,$2);
	my $has_session = 0;
	if ((&domain($possudom) ne '') &&
	(&homeserver($possuname,$possudom) ne 'no_host')) {
	my $try_server;
	my $opened = open(my $idf,'+<',"$balancedir/$cookie.id");
	if ($opened) {
	flock($idf,LOCK_SH);
	while (my $line = <$idf>) {
	chomp($line);
	if (&hostname($line) ne '') {
	$try_server = $line;
	last;
	}
	}
	close($idf);
	if (($try_server) &&
	(&has_user_session($try_server,$possudom,$possuname))) {
	my $lowest_load = 30000;
	($otherserver,$lowest_load) =
	&compare_server_load($try_server,undef,$lowest_load);
	if ($otherserver ne '' && $lowest_load < 100) {
	$has_session = 1;
	} else {
	undef($otherserver);
	}
	}
	}
	}
	if ($has_session) {
	if ($update_mtime) {
	my $atime = my $mtime = time;
	utime($atime,$mtime,"$balancedir/$cookie.id");
	}
	} else {
	unlink("$balancedir/$cookie.id");
	}
	}
	}
	}
	return ($otherserver,$cookie);
	}

	sub delbalcookie {
	my ($cookie,$balancer) =@_;
	if ($cookie =~ /^($match_domain)\_($match_username)\_[a-f0-9]{32}$/) {
	my ($udom,$uname) = ($1,$2);
	my $uprimary_id = &domain($udom,'primary');
	my $uintdom = &internet_dom($uprimary_id);
	my $intdom = &internet_dom($balancer);
	my $serverhomedom = &host_domain($balancer);
	if (($uintdom ne '') && ($uintdom eq $intdom)) {
	return &reply("delbalcookie:$cookie",$balancer);
	}
	}
	}

# -------------------------------- ask if server already has a session for user	# -------------------------------- ask if server already has a session for user
sub has_user_session {	sub has_user_session {
my ($lonid,$udom,$uname) = @_;	my ($lonid,$udom,$uname) = @_;
Line 974 sub choose_server {	Line 1181 sub choose_server {
}	}
}	}
foreach my $lonhost (keys(%servers)) {	foreach my $lonhost (keys(%servers)) {
my $loginvia;
if ($skiploadbal) {	if ($skiploadbal) {
if (ref($balancers) eq 'HASH') {	if (ref($balancers) eq 'HASH') {
next if (exists($balancers->{$lonhost}));	next if (exists($balancers->{$lonhost}));
}	}
}	}
	my $loginvia;
if ($checkloginvia) {	if ($checkloginvia) {
$loginvia = $domconfhash{$udom.'.login.loginvia_'.$lonhost};	$loginvia = $domconfhash{$udom.'.login.loginvia_'.$lonhost};
if ($loginvia) {	if ($loginvia) {
Line 1006 sub choose_server {	Line 1213 sub choose_server {
if ($login_host ne '') {	if ($login_host ne '') {
$hostname = &hostname($login_host);	$hostname = &hostname($login_host);
}	}
return ($login_host,$hostname,$portal_path,$isredirect);	return ($login_host,$hostname,$portal_path,$isredirect,$lowest_load);
}	}

# --------------------------------------------- Try to change a user's password	# --------------------------------------------- Try to change a user's password
Line 1173 sub can_host_session {	Line 1380 sub can_host_session {
sub spare_can_host {	sub spare_can_host {
my ($udom,$uint_dom,$remotesessions,$try_server)=@_;	my ($udom,$uint_dom,$remotesessions,$try_server)=@_;
my $canhost=1;	my $canhost=1;
my @intdoms;	my $try_server_hostname = &hostname($try_server);
my $internet_names = &Apache::lonnet::get_internet_names($try_server);	my $serverhomeID = &get_server_homeID($try_server_hostname);
if (ref($internet_names) eq 'ARRAY') {	my $serverhomedom = &host_domain($serverhomeID);
@intdoms = @{$internet_names};	my %defdomdefaults = &get_domain_defaults($serverhomedom);
}	if (ref($defdomdefaults{'offloadnow'}) eq 'HASH') {
unless (grep(/^\Q$uint_dom\E$/,@intdoms)) {	if ($defdomdefaults{'offloadnow'}{$try_server}) {
my $serverhomeID = &Apache::lonnet::get_server_homeID($try_server);	$canhost = 0;
my $serverhomedom = &Apache::lonnet::host_domain($serverhomeID);	}
my %defdomdefaults = &Apache::lonnet::get_domain_defaults($serverhomedom);	}
my $remoterev = &Apache::lonnet::get_server_loncaparev(undef,$try_server);	if (($canhost) && ($uint_dom)) {
$canhost = &can_host_session($udom,$try_server,$remoterev,	my @intdoms;
$remotesessions,	my $internet_names = &get_internet_names($try_server);
$defdomdefaults{'hostedsessions'});	if (ref($internet_names) eq 'ARRAY') {
	@intdoms = @{$internet_names};
	}
	unless (grep(/^\Q$uint_dom\E$/,@intdoms)) {
	my $remoterev = &get_server_loncaparev(undef,$try_server);
	$canhost = &can_host_session($udom,$try_server,$remoterev,
	$remotesessions,
	$defdomdefaults{'hostedsessions'});
	}
}	}
return $canhost;	return $canhost;
}	}
Line 1270 sub get_lonbalancer_config {	Line 1485 sub get_lonbalancer_config {
}	}

sub check_loadbalancing {	sub check_loadbalancing {
my ($uname,$udom) = @_;	my ($uname,$udom,$caller) = @_;
my ($is_balancer,$currtargets,$currrules,$dom_in_use,$homeintdom,	my ($is_balancer,$currtargets,$currrules,$dom_in_use,$homeintdom,
$rule_in_effect,$offloadto,$otherserver);	$rule_in_effect,$offloadto,$otherserver,$setcookie,$dom_balancers);
my $lonhost = $perlvar{'lonHostID'};	my $lonhost = $perlvar{'lonHostID'};
my @hosts = &current_machine_ids();	my @hosts = &current_machine_ids();
my $uprimary_id = &Apache::lonnet::domain($udom,'primary');	my $uprimary_id = &Apache::lonnet::domain($udom,'primary');
my $uintdom = &Apache::lonnet::internet_dom($uprimary_id);	my $uintdom = &Apache::lonnet::internet_dom($uprimary_id);
my $intdom = &Apache::lonnet::internet_dom($lonhost);	my $intdom = &Apache::lonnet::internet_dom($lonhost);
my $serverhomedom = &host_domain($lonhost);	my $serverhomedom = &host_domain($lonhost);
	my $domneedscache;
my $cachetime = 606024;	my $cachetime = 606024;

if (($uintdom ne '') && ($uintdom eq $intdom)) {	if (($uintdom ne '') && ($uintdom eq $intdom)) {
Line 1294 sub check_loadbalancing {	Line 1509 sub check_loadbalancing {
&Apache::lonnet::get_dom('configuration',['loadbalancing'],$dom_in_use);	&Apache::lonnet::get_dom('configuration',['loadbalancing'],$dom_in_use);
if (ref($domconfig{'loadbalancing'}) eq 'HASH') {	if (ref($domconfig{'loadbalancing'}) eq 'HASH') {
$result = &do_cache_new('loadbalancing',$dom_in_use,$domconfig{'loadbalancing'},$cachetime);	$result = &do_cache_new('loadbalancing',$dom_in_use,$domconfig{'loadbalancing'},$cachetime);
	} else {
	$domneedscache = $dom_in_use;
}	}
}	}
if (ref($result) eq 'HASH') {	if (ref($result) eq 'HASH') {
($is_balancer,$currtargets,$currrules) =	($is_balancer,$currtargets,$currrules,$setcookie,$dom_balancers) =
&check_balancer_result($result,@hosts);	&check_balancer_result($result,@hosts);
if ($is_balancer) {	if ($is_balancer) {
if (ref($currrules) eq 'HASH') {	if (ref($currrules) eq 'HASH') {
Line 1352 sub check_loadbalancing {	Line 1569 sub check_loadbalancing {
my %domconfig =	my %domconfig =
&Apache::lonnet::get_dom('configuration',['loadbalancing'],$serverhomedom);	&Apache::lonnet::get_dom('configuration',['loadbalancing'],$serverhomedom);
if (ref($domconfig{'loadbalancing'}) eq 'HASH') {	if (ref($domconfig{'loadbalancing'}) eq 'HASH') {
$result = &do_cache_new('loadbalancing',$dom_in_use,$domconfig{'loadbalancing'},$cachetime);	$result = &do_cache_new('loadbalancing',$serverhomedom,$domconfig{'loadbalancing'},$cachetime);
	} else {
	$domneedscache = $serverhomedom;
}	}
}	}
if (ref($result) eq 'HASH') {	if (ref($result) eq 'HASH') {
($is_balancer,$currtargets,$currrules) =	($is_balancer,$currtargets,$currrules,$setcookie,$dom_balancers) =
&check_balancer_result($result,@hosts);	&check_balancer_result($result,@hosts);
if ($is_balancer) {	if ($is_balancer) {
if (ref($currrules) eq 'HASH') {	if (ref($currrules) eq 'HASH') {
Line 1372 sub check_loadbalancing {	Line 1591 sub check_loadbalancing {
$is_balancer = 1;	$is_balancer = 1;
$offloadto = &this_host_spares($dom_in_use);	$offloadto = &this_host_spares($dom_in_use);
}	}
	unless (defined($cached)) {
	$domneedscache = $serverhomedom;
	}
}	}
} else {	} else {
if ($perlvar{'lonBalancer'} eq 'yes') {	if ($perlvar{'lonBalancer'} eq 'yes') {
$is_balancer = 1;	$is_balancer = 1;
$offloadto = &this_host_spares($dom_in_use);	$offloadto = &this_host_spares($dom_in_use);
}	}
	unless (defined($cached)) {
	$domneedscache = $serverhomedom;
	}
	}
	if ($domneedscache) {
	&do_cache_new('loadbalancing',$domneedscache,$is_balancer,$cachetime);
}	}
if ($is_balancer) {	if ($is_balancer) {
my $lowest_load = 30000;	my $lowest_load = 30000;
Line 1408 sub check_loadbalancing {	Line 1636 sub check_loadbalancing {
}	}
}	}
}	}
if (($otherserver ne '') && (grep(/^\Q$otherserver\E$/,@hosts))) {	unless ($caller eq 'login') {
$is_balancer = 0;	if (($otherserver ne '') && (grep(/^\Q$otherserver\E$/,@hosts))) {
if ($uname ne '' && $udom ne '') {	$is_balancer = 0;
if (($env{'user.name'} eq $uname) && ($env{'user.domain'} eq $udom)) {	if ($uname ne '' && $udom ne '') {
	if (($env{'user.name'} eq $uname) && ($env{'user.domain'} eq $udom)) {
&appenv({'user.loadbalexempt' => $lonhost,	&appenv({'user.loadbalexempt' => $lonhost,
'user.loadbalcheck.time' => time});	'user.loadbalcheck.time' => time});
	}
}	}
}	}
}	}
	unless ($homeintdom) {
	undef($setcookie);
	}
}	}
return ($is_balancer,$otherserver);	return ($is_balancer,$otherserver,$setcookie,$offloadto,$dom_balancers);
}	}

sub check_balancer_result {	sub check_balancer_result {
my ($result,@hosts) = @_;	my ($result,@hosts) = @_;
my ($is_balancer,$currtargets,$currrules);	my ($is_balancer,$currtargets,$currrules,$setcookie,$dom_balancers);
if (ref($result) eq 'HASH') {	if (ref($result) eq 'HASH') {
if ($result->{'lonhost'} ne '') {	if ($result->{'lonhost'} ne '') {
my $currbalancer = $result->{'lonhost'};	my $currbalancer = $result->{'lonhost'};
Line 1433 sub check_balancer_result {	Line 1665 sub check_balancer_result {
$currtargets = $result->{'targets'};	$currtargets = $result->{'targets'};
$currrules = $result->{'rules'};	$currrules = $result->{'rules'};
}	}
	$dom_balancers = $currbalancer;
} else {	} else {
foreach my $key (keys(%{$result})) {	if (keys(%{$result})) {
if (($key ne '') && (grep(/^\Q$key\E$/,@hosts)) &&	foreach my $key (keys(%{$result})) {
(ref($result->{$key}) eq 'HASH')) {	if (($key ne '') && (grep(/^\Q$key\E$/,@hosts)) &&
$is_balancer = 1;	(ref($result->{$key}) eq 'HASH')) {
$currrules = $result->{$key}{'rules'};	$is_balancer = 1;
$currtargets = $result->{$key}{'targets'};	$currrules = $result->{$key}{'rules'};
last;	$currtargets = $result->{$key}{'targets'};
	$setcookie = $result->{$key}{'cookie'};
	last;
	}
}	}
	$dom_balancers = join(',',sort(keys(%{$result})));
}	}
}	}
}	}
return ($is_balancer,$currtargets,$currrules);	return ($is_balancer,$currtargets,$currrules,$setcookie,$dom_balancers);
}	}

sub get_loadbalancer_targets {	sub get_loadbalancer_targets {
Line 1517 sub internet_dom_servers {	Line 1754 sub internet_dom_servers {
return %uniqservers;	return %uniqservers;
}	}

	sub trusted_domains {
	my ($cmdtype,$calldom) = @_;
	my ($trusted,$untrusted);
	if (&domain($calldom) eq '') {
	return ($trusted,$untrusted);
	}
	unless ($cmdtype =~ /^(content\|shared\|enroll\|coaurem\|othcoau\|domroles\|catalog\|reqcrs\|msg)$/) {
	return ($trusted,$untrusted);
	}
	my $callprimary = &domain($calldom,'primary');
	my $intcalldom = &Apache::lonnet::internet_dom($callprimary);
	if ($intcalldom eq '') {
	return ($trusted,$untrusted);
	}

	my ($trustconfig,$cached)=&Apache::lonnet::is_cached_new('trust',$calldom);
	unless (defined($cached)) {
	my %domconfig = &Apache::lonnet::get_dom('configuration',['trust'],$calldom);
	&Apache::lonnet::do_cache_new('trust',$calldom,$domconfig{'trust'},3600);
	$trustconfig = $domconfig{'trust'};
	}
	if (ref($trustconfig)) {
	my (%possexc,%possinc,@allexc,@allinc);
	if (ref($trustconfig->{$cmdtype}) eq 'HASH') {
	if (ref($trustconfig->{$cmdtype}->{'exc'}) eq 'ARRAY') {
	map { $possexc{$_} = 1; } @{$trustconfig->{$cmdtype}->{'exc'}};
	}
	if (ref($trustconfig->{$cmdtype}->{'inc'}) eq 'ARRAY') {
	$possinc{$intcalldom} = 1;
	map { $possinc{$_} = 1; } @{$trustconfig->{$cmdtype}->{'inc'}};
	}
	}
	if (keys(%possexc)) {
	if (keys(%possinc)) {
	foreach my $key (sort(keys(%possexc))) {
	next if ($key eq $intcalldom);
	unless ($possinc{$key}) {
	push(@allexc,$key);
	}
	}
	} else {
	@allexc = sort(keys(%possexc));
	}
	}
	if (keys(%possinc)) {
	$possinc{$intcalldom} = 1;
	@allinc = sort(keys(%possinc));
	}
	if ((@allexc > 0) \|\| (@allinc > 0)) {
	my %doms_by_intdom;
	my %allintdoms = &all_host_intdom();
	my %alldoms = &all_host_domain();
	foreach my $key (%allintdoms) {
	if (ref($doms_by_intdom{$allintdoms{$key}}) eq 'ARRAY') {
	unless (grep(/^\Q$alldoms{$key}\E$/,@{$doms_by_intdom{$allintdoms{$key}}})) {
	push(@{$doms_by_intdom{$allintdoms{$key}}},$alldoms{$key});
	}
	} else {
	$doms_by_intdom{$allintdoms{$key}} = [$alldoms{$key}];
	}
	}
	foreach my $exc (@allexc) {
	if (ref($doms_by_intdom{$exc}) eq 'ARRAY') {
	push(@{$untrusted},@{$doms_by_intdom{$exc}});
	}
	}
	foreach my $inc (@allinc) {
	if (ref($doms_by_intdom{$inc}) eq 'ARRAY') {
	push(@{$trusted},@{$doms_by_intdom{$inc}});
	}
	}
	}
	}
	return ($trusted,$untrusted);
	}

	sub will_trust {
	my ($cmdtype,$domain,$possdom) = @_;
	return 1 if ($domain eq $possdom);
	my ($trustedref,$untrustedref) = &trusted_domains($cmdtype,$possdom);
	my $willtrust;
	if ((ref($trustedref) eq 'ARRAY') && (@{$trustedref} > 0)) {
	if (grep(/^\Q$domain\E$/,@{$trustedref})) {
	$willtrust = 1;
	}
	} elsif ((ref($untrustedref) eq 'ARRAY') && (@{$untrustedref} > 0)) {
	unless (grep(/^\Q$domain\E$/,@{$untrustedref})) {
	$willtrust = 1;
	}
	} else {
	$willtrust = 1;
	}
	return $willtrust;
	}

# ---------------------- Find the homebase for a user from domain's lib servers	# ---------------------- Find the homebase for a user from domain's lib servers

my %homecache;	my %homecache;
Line 1542 sub homeserver {	Line 1874 sub homeserver {
return 'no_host';	return 'no_host';
}	}

# ------------------------------------- Find the usernames behind a list of IDs	# ----- Find the usernames behind a list of student/employee IDs or clicker IDs

sub idget {	sub idget {
my ($udom,@ids)=@_;	my ($udom,$idsref,$namespace)=@_;
my %returnhash=();	my %returnhash=();
	my @ids=();
	if (ref($idsref) eq 'ARRAY') {
	@ids = @{$idsref};
	} else {
	return %returnhash;
	}
	if ($namespace eq '') {
	$namespace = 'ids';
	}

my %servers = &get_servers($udom,'library');	my %servers = &get_servers($udom,'library');
foreach my $tryserver (keys(%servers)) {	foreach my $tryserver (keys(%servers)) {
my $idlist=join('&',@ids);	my $idlist=join('&', map { &escape($_); } @ids);
$idlist=~tr/A-Z/a-z/;	if ($namespace eq 'ids') {
my $reply=&reply("idget:$udom:".$idlist,$tryserver);	$idlist=~tr/A-Z/a-z/;
	}
	my $reply;
	if ($namespace eq 'ids') {
	$reply=&reply("idget:$udom:".$idlist,$tryserver);
	} else {
	$reply=&reply("getdom:$udom:$namespace:$idlist",$tryserver);
	}
my @answer=();	my @answer=();
if (($reply ne 'con_lost') && ($reply!~/^error\:/)) {	if (($reply ne 'con_lost') && ($reply!~/^error\:/)) {
@answer=split(/\&/,$reply);	@answer=split(/\&/,$reply);
Line 1560 sub idget {	Line 1908 sub idget {
my $i;	my $i;
for ($i=0;$i<=$#ids;$i++) {	for ($i=0;$i<=$#ids;$i++) {
if ($answer[$i]) {	if ($answer[$i]) {
$returnhash{$ids[$i]}=$answer[$i];	$returnhash{$ids[$i]}=&unescape($answer[$i]);
}	}
}	}
}	}
return %returnhash;	return %returnhash;
}	}

Line 1578 sub idrget {	Line 1926 sub idrget {
return %returnhash;	return %returnhash;
}	}

# ------------------------------- Store away a list of names and associated IDs	# Store away a list of names and associated student/employee IDs or clicker IDs

sub idput {	sub idput {
my ($udom,%ids)=@_;	my ($udom,$idsref,$uhom,$namespace)=@_;
my %servers=();	my %servers=();
	my %ids=();
	my %byid = ();
	if (ref($idsref) eq 'HASH') {
	%ids=%{$idsref};
	}
	if ($namespace eq '') {
	$namespace = 'ids';
	}
foreach my $uname (keys(%ids)) {	foreach my $uname (keys(%ids)) {
&cput('environment',{'id'=>$ids{$uname}},$udom,$uname);	&cput('environment',{'id'=>$ids{$uname}},$udom,$uname);
my $uhom=&homeserver($uname,$udom);	if ($uhom eq '') {
	$uhom=&homeserver($uname,$udom);
	}
if ($uhom ne 'no_host') {	if ($uhom ne 'no_host') {
my $id=&escape($ids{$uname});
$id=~tr/A-Z/a-z/;
my $esc_unam=&escape($uname);	my $esc_unam=&escape($uname);
if ($servers{$uhom}) {	if ($namespace eq 'ids') {
$servers{$uhom}.='&'.$id.'='.$esc_unam;	my $id=&escape($ids{$uname});
	$id=~tr/A-Z/a-z/;
	my $esc_unam=&escape($uname);
	$servers{$uhom}.=$id.'='.$esc_unam.'&';
} else {	} else {
$servers{$uhom}=$id.'='.$esc_unam;	my @currids = split(/,/,$ids{$uname});
	foreach my $id (@currids) {
	$byid{$uhom}{$id} .= $uname.',';
	}
	}
	}
	}
	if ($namespace eq 'clickers') {
	foreach my $server (keys(%byid)) {
	if (ref($byid{$server}) eq 'HASH') {
	foreach my $id (keys(%{$byid{$server}})) {
	$byid{$server} =~ s/,$//;
	$servers{$uhom}.=&escape($id).'='.&escape($byid{$server}).'&';
	}
}	}
}	}
}	}
foreach my $server (keys(%servers)) {	foreach my $server (keys(%servers)) {
&critical('idput:'.$udom.':'.$servers{$server},$server);	$servers{$server} =~ s/\&$//;
	if ($namespace eq 'ids') {
	&critical('idput:'.$udom.':'.$servers{$server},$server);
	} else {
	&critical('updateclickers:'.$udom.':add:'.$servers{$server},$server);
	}
}	}
}	}

# ---------------------------------------- Delete unwanted IDs from ids.db file	# ------------- Delete unwanted student/employee IDs or clicker IDs from domain

sub iddel {	sub iddel {
my ($udom,$idshashref,$uhome)=@_;	my ($udom,$idshashref,$uhome,$namespace)=@_;
my %result=();	my %result=();
unless (ref($idshashref) eq 'HASH') {	my %ids=();
	my %byid = ();
	if (ref($idshashref) eq 'HASH') {
	%ids=%{$idshashref};
	} else {
return %result;	return %result;
}	}
	if ($namespace eq '') {
	$namespace = 'ids';
	}
my %servers=();	my %servers=();
while (my ($id,$uname) = each(%{$idshashref})) {	while (my ($id,$unamestr) = each(%ids)) {
my $uhom;	if ($namespace eq 'ids') {
if ($uhome) {	my $uhom = $uhome;
$uhom = $uhome;	if ($uhom eq '') {
} else {	$uhom=&homeserver($unamestr,$udom);
$uhom=&homeserver($uname,$udom);	}
}	if ($uhom ne 'no_host') {
if ($uhom ne 'no_host') {
if ($servers{$uhom}) {
$servers{$uhom}.='&'.&escape($id);	$servers{$uhom}.='&'.&escape($id);
} else {	}
$servers{$uhom}=&escape($id);	} else {
	my @curritems = split(/,/,$ids{$id});
	foreach my $uname (@curritems) {
	my $uhom = $uhome;
	if ($uhom eq '') {
	$uhom=&homeserver($uname,$udom);
	}
	if ($uhom ne 'no_host') {
	$byid{$uhom}{$id} .= $uname.',';
	}
	}
	}
	}
	if ($namespace eq 'clickers') {
	foreach my $server (keys(%byid)) {
	if (ref($byid{$server}) eq 'HASH') {
	foreach my $id (keys(%{$byid{$server}})) {
	$byid{$server}{$id} =~ s/,$//;
	$servers{$server}.=&escape($id).'='.&escape($byid{$server}{$id}).'&';
	}
}	}
}	}
}	}
foreach my $server (keys(%servers)) {	foreach my $server (keys(%servers)) {
$result{$server} = &critical('iddel:'.$udom.':'.$servers{$server},$uhome);	$servers{$server} =~ s/\&$//;
	if ($namespace eq 'ids') {
	$result{$server} = &critical('iddel:'.$udom.':'.$servers{$server},$uhome);
	} elsif ($namespace eq 'clickers') {
	$result{$server} = &critical('updateclickers:'.$udom.':del:'.$servers{$server},$server);
	}
}	}
return %result;	return %result;
}	}

	# ----- Update clicker ID-to-username look-ups in clickers.db on library server

	sub updateclickers {
	my ($udom,$action,$idshashref,$uhome,$critical) = @_;
	my %clickers;
	if (ref($idshashref) eq 'HASH') {
	%clickers=%{$idshashref};
	} else {
	return;
	}
	my $items='';
	foreach my $item (keys(%clickers)) {
	$items.=&escape($item).'='.&escape($clickers{$item}).'&';
	}
	$items=~s/\&$//;
	my $request = "updateclickers:$udom:$action:$items";
	if ($critical) {
	return &critical($request,$uhome);
	} else {
	return &reply($request,$uhome);
	}
	}

# ------------------------------dump from db file owned by domainconfig user	# ------------------------------dump from db file owned by domainconfig user
sub dump_dom {	sub dump_dom {
my ($namespace, $udom, $regexp) = @_;	my ($namespace, $udom, $regexp) = @_;
Line 1647 sub dump_dom {	Line 2076 sub dump_dom {

sub get_dom {	sub get_dom {
my ($namespace,$storearr,$udom,$uhome)=@_;	my ($namespace,$storearr,$udom,$uhome)=@_;
	return if ($udom eq 'public');
my $items='';	my $items='';
foreach my $item (@$storearr) {	foreach my $item (@$storearr) {
$items.=&escape($item).'&';	$items.=&escape($item).'&';
Line 1654 sub get_dom {	Line 2084 sub get_dom {
$items=~s/\&$//;	$items=~s/\&$//;
if (!$udom) {	if (!$udom) {
$udom=$env{'user.domain'};	$udom=$env{'user.domain'};
	return if ($udom eq 'public');
if (defined(&domain($udom,'primary'))) {	if (defined(&domain($udom,'primary'))) {
$uhome=&domain($udom,'primary');	$uhome=&domain($udom,'primary');
} else {	} else {
Line 1667 sub get_dom {	Line 2098 sub get_dom {
}	}
}	}
if ($udom && $uhome && ($uhome ne 'no_host')) {	if ($udom && $uhome && ($uhome ne 'no_host')) {
my $rep=&reply("getdom:$udom:$namespace:$items",$uhome);	my $rep;
	if ($namespace =~ /^enc/) {
	$rep=&reply("encrypt:egetdom:$udom:$namespace:$items",$uhome);
	} else {
	$rep=&reply("getdom:$udom:$namespace:$items",$uhome);
	}
my %returnhash;	my %returnhash;
if ($rep eq '' \|\| $rep =~ /^error: 2 /) {	if ($rep eq '' \|\| $rep =~ /^error: 2 /) {
return %returnhash;	return %returnhash;
Line 1711 sub put_dom {	Line 2147 sub put_dom {
$items.=&escape($item).'='.&freeze_escape($$storehash{$item}).'&';	$items.=&escape($item).'='.&freeze_escape($$storehash{$item}).'&';
}	}
$items=~s/\&$//;	$items=~s/\&$//;
return &reply("putdom:$udom:$namespace:$items",$uhome);	if ($namespace =~ /^enc/) {
	return &reply("encrypt:putdom:$udom:$namespace:$items",$uhome);
	} else {
	return &reply("putdom:$udom:$namespace:$items",$uhome);
	}
} else {	} else {
&logthis("put_dom failed - no homeserver and/or domain");	&logthis("put_dom failed - no homeserver and/or domain");
}	}
Line 1787 sub retrieve_inst_usertypes {	Line 2227 sub retrieve_inst_usertypes {

sub is_domainimage {	sub is_domainimage {
my ($url) = @_;	my ($url) = @_;
if ($url=~m-^/+res/+($match_domain)/+\1\-domainconfig/+(img\|logo\|domlogo)/+-) {	if ($url=~m-^/+res/+($match_domain)/+\1\-domainconfig/+(img\|logo\|domlogo)/+[^/]-) {
if (&domain($1) ne '') {	if (&domain($1) ne '') {
return '1';	return '1';
}	}
Line 1802 sub inst_directory_query {	Line 2242 sub inst_directory_query {
my $homeserver = &domain($udom,'primary');	my $homeserver = &domain($udom,'primary');
my $outcome;	my $outcome;
if ($homeserver ne '') {	if ($homeserver ne '') {
	unless ($homeserver eq $perlvar{'lonHostID'}) {
	if ($srch->{'srchby'} eq 'email') {
	my $lcrev = &get_server_loncaparev(undef,$homeserver);
	my ($major,$minor) = ($lcrev =~ /^\'?(\d+)\.(\d+)\.[\w.\-]+\'?$/);
	if (($major eq '' && $minor eq '') \|\| ($major < 2) \|\|
	(($major == 2) && ($minor < 12))) {
	return;
	}
	}
	}
my $queryid=&reply("querysend:instdirsearch:".	my $queryid=&reply("querysend:instdirsearch:".
&escape($srch->{'srchby'}).':'.	&escape($srch->{'srchby'}).':'.
&escape($srch->{'srchterm'}).':'.	&escape($srch->{'srchterm'}).':'.
&escape($srch->{'srchtype'}),$homeserver);	&escape($srch->{'srchtype'}),$homeserver);
my $host=&hostname($homeserver);	my $host=&hostname($homeserver);
if ($queryid !~/^\Q$host\E\_/) {	if ($queryid !~/^\Q$host\E\_/) {
&logthis('instituional directory search invalid queryid: '.$queryid.' for host: '.$homeserver.'in domain '.$udom);	&logthis('institutional directory search invalid queryid: '.$queryid.' for host: '.$homeserver.' in domain '.$udom);
return;	return;
}	}
my $response = &get_query_reply($queryid);	my $response = &get_query_reply($queryid);
Line 1843 sub usersearch {	Line 2293 sub usersearch {
my $query = 'usersearch';	my $query = 'usersearch';
foreach my $tryserver (keys(%libserv)) {	foreach my $tryserver (keys(%libserv)) {
if (&host_domain($tryserver) eq $dom) {	if (&host_domain($tryserver) eq $dom) {
	unless ($tryserver eq $perlvar{'lonHostID'}) {
	if ($srch->{'srchby'} eq 'email') {
	my $lcrev = &get_server_loncaparev(undef,$tryserver);
	my ($major,$minor) = ($lcrev =~ /^\'?(\d+)\.(\d+)\.[\w.\-]+\'?$/);
	next if (($major eq '' && $minor eq '') \|\| ($major < 2) \|\|
	(($major == 2) && ($minor < 12)));
	}
	}
my $host=&hostname($tryserver);	my $host=&hostname($tryserver);
my $queryid=	my $queryid=
&reply("querysend:".&escape($query).':'.	&reply("querysend:".&escape($query).':'.
Line 1928 sub get_instuser {	Line 2386 sub get_instuser {
return ($outcome,%userinfo);	return ($outcome,%userinfo);
}	}

	sub get_multiple_instusers {
	my ($udom,$users,$caller) = @_;
	my ($outcome,$results);
	if (ref($users) eq 'HASH') {
	my $count = keys(%{$users});
	my $requested = &freeze_escape($users);
	my $homeserver = &domain($udom,'primary');
	if ($homeserver ne '') {
	my $queryid=&reply('querysend:getmultinstusers:::'.$caller.'='.$requested,$homeserver);
	my $host=&hostname($homeserver);
	if ($queryid !~/^\Q$host\E\_/) {
	&logthis('get_multiple_instusers invalid queryid: '.$queryid.
	' for host: '.$homeserver.'in domain '.$udom);
	return ($outcome,$results);
	}
	my $response = &get_query_reply($queryid);
	my $maxtries = 5;
	if ($count > 100) {
	$maxtries = 1+int($count/20);
	}
	my $tries = 1;
	while (($response=~/^timeout/) && ($tries <= $maxtries)) {
	$response = &get_query_reply($queryid);
	$tries ++;
	}
	if ($response eq '') {
	$results = {};
	foreach my $key (keys(%{$users})) {
	my ($uname,$id);
	if ($caller eq 'id') {
	$id = $key;
	} else {
	$uname = $key;
	}
	my ($resp,%info) = &get_instuser($udom,$uname,$id);
	$outcome = $resp;
	if ($resp eq 'ok') {
	%{$results} = (%{$results}, %info);
	} else {
	last;
	}
	}
	} elsif(!&error($response) && ($response ne 'refused')) {
	if (($response eq 'unavailable') \|\| ($response eq 'invalid') \|\| ($response eq 'timeout')) {
	$outcome = $response;
	} else {
	($outcome,my $userdata) = split(/=/,$response,2);
	if ($outcome eq 'ok') {
	$results = &thaw_unescape($userdata);
	}
	}
	}
	}
	}
	return ($outcome,$results);
	}

sub inst_rulecheck {	sub inst_rulecheck {
my ($udom,$uname,$id,$item,$rules) = @_;	my ($udom,$uname,$id,$item,$rules) = @_;
my %returnhash;	my %returnhash;
Line 2024 sub get_domain_defaults {	Line 2539 sub get_domain_defaults {
'requestcourses','inststatus',	'requestcourses','inststatus',
'coursedefaults','usersessions',	'coursedefaults','usersessions',
'requestauthor','selfenrollment',	'requestauthor','selfenrollment',
'coursecategories'],$domain);	'coursecategories','ssl','autoenroll',
my @coursetypes = ('official','unofficial','community','textbook');	'trust','helpsettings'],$domain);
	my @coursetypes = ('official','unofficial','community','textbook','placement');
if (ref($domconfig{'defaults'}) eq 'HASH') {	if (ref($domconfig{'defaults'}) eq 'HASH') {
$domdefaults{'lang_def'} = $domconfig{'defaults'}{'lang_def'};	$domdefaults{'lang_def'} = $domconfig{'defaults'}{'lang_def'};
$domdefaults{'auth_def'} = $domconfig{'defaults'}{'auth_def'};	$domdefaults{'auth_def'} = $domconfig{'defaults'}{'auth_def'};
Line 2033 sub get_domain_defaults {	Line 2549 sub get_domain_defaults {
$domdefaults{'timezone_def'} = $domconfig{'defaults'}{'timezone_def'};	$domdefaults{'timezone_def'} = $domconfig{'defaults'}{'timezone_def'};
$domdefaults{'datelocale_def'} = $domconfig{'defaults'}{'datelocale_def'};	$domdefaults{'datelocale_def'} = $domconfig{'defaults'}{'datelocale_def'};
$domdefaults{'portal_def'} = $domconfig{'defaults'}{'portal_def'};	$domdefaults{'portal_def'} = $domconfig{'defaults'}{'portal_def'};
	$domdefaults{'intauth_cost'} = $domconfig{'defaults'}{'intauth_cost'};
	$domdefaults{'intauth_switch'} = $domconfig{'defaults'}{'intauth_switch'};
	$domdefaults{'intauth_check'} = $domconfig{'defaults'}{'intauth_check'};
} else {	} else {
$domdefaults{'lang_def'} = &domain($domain,'lang_def');	$domdefaults{'lang_def'} = &domain($domain,'lang_def');
$domdefaults{'auth_def'} = &domain($domain,'auth_def');	$domdefaults{'auth_def'} = &domain($domain,'auth_def');
Line 2055 sub get_domain_defaults {	Line 2574 sub get_domain_defaults {
}	}
}	}
if (ref($domconfig{'requestcourses'}) eq 'HASH') {	if (ref($domconfig{'requestcourses'}) eq 'HASH') {
foreach my $item ('official','unofficial','community','textbook') {	foreach my $item ('official','unofficial','community','textbook','placement') {
$domdefaults{$item} = $domconfig{'requestcourses'}{$item};	$domdefaults{$item} = $domconfig{'requestcourses'}{$item};
}	}
}	}
Line 2068 sub get_domain_defaults {	Line 2587 sub get_domain_defaults {
}	}
}	}
if (ref($domconfig{'coursedefaults'}) eq 'HASH') {	if (ref($domconfig{'coursedefaults'}) eq 'HASH') {
	$domdefaults{'canuse_pdfforms'} = $domconfig{'coursedefaults'}{'canuse_pdfforms'};
	$domdefaults{'usejsme'} = $domconfig{'coursedefaults'}{'usejsme'};
	$domdefaults{'uselcmath'} = $domconfig{'coursedefaults'}{'uselcmath'};
	if (ref($domconfig{'coursedefaults'}{'postsubmit'}) eq 'HASH') {
	$domdefaults{'postsubmit'} = $domconfig{'coursedefaults'}{'postsubmit'}{'client'};
	}
foreach my $type (@coursetypes) {	foreach my $type (@coursetypes) {
if (ref($domconfig{'coursedefaults'}{'coursecredits'}) eq 'HASH') {	if (ref($domconfig{'coursedefaults'}{'coursecredits'}) eq 'HASH') {
unless ($type eq 'community') {	unless ($type eq 'community') {
Line 2077 sub get_domain_defaults {	Line 2602 sub get_domain_defaults {
if (ref($domconfig{'coursedefaults'}{'uploadquota'}) eq 'HASH') {	if (ref($domconfig{'coursedefaults'}{'uploadquota'}) eq 'HASH') {
$domdefaults{$type.'quota'} = $domconfig{'coursedefaults'}{'uploadquota'}{$type};	$domdefaults{$type.'quota'} = $domconfig{'coursedefaults'}{'uploadquota'}{$type};
}	}
	if ($domdefaults{'postsubmit'} eq 'on') {
	if (ref($domconfig{'coursedefaults'}{'postsubmit'}{'timeout'}) eq 'HASH') {
	$domdefaults{$type.'postsubtimeout'} =
	$domconfig{'coursedefaults'}{'postsubmit'}{'timeout'}{$type};
	}
	}
	}
	if (ref($domconfig{'coursedefaults'}{'canclone'}) eq 'HASH') {
	if (ref($domconfig{'coursedefaults'}{'canclone'}{'instcode'}) eq 'ARRAY') {
	my @clonecodes = @{$domconfig{'coursedefaults'}{'canclone'}{'instcode'}};
	if (@clonecodes) {
	$domdefaults{'canclone'} = join('+',@clonecodes);
	}
	}
	} elsif ($domconfig{'coursedefaults'}{'canclone'}) {
	$domdefaults{'canclone'}=$domconfig{'coursedefaults'}{'canclone'};
}	}
	if ($domconfig{'coursedefaults'}{'texengine'}) {
	$domdefaults{'texengine'} = $domconfig{'coursedefaults'}{'texengine'};
	}
}	}
if (ref($domconfig{'usersessions'}) eq 'HASH') {	if (ref($domconfig{'usersessions'}) eq 'HASH') {
if (ref($domconfig{'usersessions'}{'remote'}) eq 'HASH') {	if (ref($domconfig{'usersessions'}{'remote'}) eq 'HASH') {
Line 2086 sub get_domain_defaults {	Line 2630 sub get_domain_defaults {
if (ref($domconfig{'usersessions'}{'hosted'}) eq 'HASH') {	if (ref($domconfig{'usersessions'}{'hosted'}) eq 'HASH') {
$domdefaults{'hostedsessions'} = $domconfig{'usersessions'}{'hosted'};	$domdefaults{'hostedsessions'} = $domconfig{'usersessions'}{'hosted'};
}	}
	if (ref($domconfig{'usersessions'}{'offloadnow'}) eq 'HASH') {
	$domdefaults{'offloadnow'} = $domconfig{'usersessions'}{'offloadnow'};
	}
}	}
if (ref($domconfig{'selfenrollment'}) eq 'HASH') {	if (ref($domconfig{'selfenrollment'}) eq 'HASH') {
if (ref($domconfig{'selfenrollment'}{'admin'}) eq 'HASH') {	if (ref($domconfig{'selfenrollment'}{'admin'}) eq 'HASH') {
Line 2118 sub get_domain_defaults {	Line 2665 sub get_domain_defaults {
if (ref($domconfig{'coursecategories'}) eq 'HASH') {	if (ref($domconfig{'coursecategories'}) eq 'HASH') {
$domdefaults{'catauth'} = 'std';	$domdefaults{'catauth'} = 'std';
$domdefaults{'catunauth'} = 'std';	$domdefaults{'catunauth'} = 'std';
if ($domconfig{'coursecategories'}{'auth'}) {	if ($domconfig{'coursecategories'}{'auth'}) {
$domdefaults{'catauth'} = $domconfig{'coursecategories'}{'auth'};	$domdefaults{'catauth'} = $domconfig{'coursecategories'}{'auth'};
}	}
if ($domconfig{'coursecategories'}{'unauth'}) {	if ($domconfig{'coursecategories'}{'unauth'}) {
$domdefaults{'catunauth'} = $domconfig{'coursecategories'}{'unauth'};	$domdefaults{'catunauth'} = $domconfig{'coursecategories'}{'unauth'};
}	}
}	}
	if (ref($domconfig{'ssl'}) eq 'HASH') {
	if (ref($domconfig{'ssl'}{'replication'}) eq 'HASH') {
	$domdefaults{'replication'} = $domconfig{'ssl'}{'replication'};
	}
	if (ref($domconfig{'ssl'}{'connto'}) eq 'HASH') {
	$domdefaults{'connect'} = $domconfig{'ssl'}{'connto'};
	}
	if (ref($domconfig{'ssl'}{'connfrom'}) eq 'HASH') {
	$domdefaults{'connect'} = $domconfig{'ssl'}{'connfrom'};
	}
	}
	if (ref($domconfig{'trust'}) eq 'HASH') {
	my @prefixes = qw(content shared enroll othcoau coaurem domroles catalog reqcrs msg);
	foreach my $prefix (@prefixes) {
	if (ref($domconfig{'trust'}{$prefix}) eq 'HASH') {
	$domdefaults{'trust'.$prefix} = $domconfig{'trust'}{$prefix};
	}
	}
	}
	if (ref($domconfig{'autoenroll'}) eq 'HASH') {
	$domdefaults{'autofailsafe'} = $domconfig{'autoenroll'}{'autofailsafe'};
	}
	if (ref($domconfig{'helpsettings'}) eq 'HASH') {
	$domdefaults{'submitbugs'} = $domconfig{'helpsettings'}{'submitbugs'};
	if (ref($domconfig{'helpsettings'}{'adhoc'}) eq 'HASH') {
	$domdefaults{'adhocroles'} = $domconfig{'helpsettings'}{'adhoc'};
	}
	}
&do_cache_new('domdefaults',$domain,\%domdefaults,$cachetime);	&do_cache_new('domdefaults',$domain,\%domdefaults,$cachetime);
return %domdefaults;	return %domdefaults;
}	}

	sub course_portal_url {
	my ($cnum,$cdom) = @_;
	my $chome = &homeserver($cnum,$cdom);
	my $hostname = &hostname($chome);
	my $protocol = $protocol{$chome};
	$protocol = 'http' if ($protocol ne 'https');
	my %domdefaults = &get_domain_defaults($cdom);
	my $firsturl;
	if ($domdefaults{'portal_def'}) {
	$firsturl = $domdefaults{'portal_def'};
	} else {
	$firsturl = $protocol.'://'.$hostname;
	}
	return $firsturl;
	}

# --------------------------------------------------- Assign a key to a student	# --------------------------------------------------- Assign a key to a student

sub assign_access_key {	sub assign_access_key {
Line 2365 sub make_key {	Line 2956 sub make_key {
sub devalidate_cache_new {	sub devalidate_cache_new {
my ($name,$id,$debug) = @_;	my ($name,$id,$debug) = @_;
if ($debug) { &Apache::lonnet::logthis("deleting $name:$id"); }	if ($debug) { &Apache::lonnet::logthis("deleting $name:$id"); }
	my $remembered_id=$name.':'.$id;
$id=&make_key($name,$id);	$id=&make_key($name,$id);
$memcache->delete($id);	$memcache->delete($id);
delete($remembered{$id});	delete($remembered{$remembered_id});
delete($accessed{$id});	delete($accessed{$remembered_id});
}	}

sub is_cached_new {	sub is_cached_new {
my ($name,$id,$debug) = @_;	my ($name,$id,$debug) = @_;
$id=&make_key($name,$id);	my $remembered_id=$name.':'.$id; # this is to avoid make_key (which is slow) whenever possible
if (exists($remembered{$id})) {	if (exists($remembered{$remembered_id})) {
if ($debug) { &Apache::lonnet::logthis("Early return $id of $remembered{$id} "); }	if ($debug) { &Apache::lonnet::logthis("Early return $remembered_id of $remembered{$remembered_id} "); }
$accessed{$id}=[&gettimeofday()];	$accessed{$remembered_id}=[&gettimeofday()];
$hits++;	$hits++;
return ($remembered{$id},1);	return ($remembered{$remembered_id},1);
}	}
	$id=&make_key($name,$id);
my $value = $memcache->get($id);	my $value = $memcache->get($id);
if (!(defined($value))) {	if (!(defined($value))) {
if ($debug) { &Apache::lonnet::logthis("getting $id is not defined"); }	if ($debug) { &Apache::lonnet::logthis("getting $id is not defined"); }
Line 2389 sub is_cached_new {	Line 2982 sub is_cached_new {
if ($debug) { &Apache::lonnet::logthis("getting $id is __undef__"); }	if ($debug) { &Apache::lonnet::logthis("getting $id is __undef__"); }
$value=undef;	$value=undef;
}	}
&make_room($id,$value,$debug);	&make_room($remembered_id,$value,$debug);
if ($debug) { &Apache::lonnet::logthis("getting $id is $value"); }	if ($debug) { &Apache::lonnet::logthis("getting $id is $value"); }
return ($value,1);	return ($value,1);
}	}

sub do_cache_new {	sub do_cache_new {
my ($name,$id,$value,$time,$debug) = @_;	my ($name,$id,$value,$time,$debug) = @_;
	my $remembered_id=$name.':'.$id;
$id=&make_key($name,$id);	$id=&make_key($name,$id);
my $setvalue=$value;	my $setvalue=$value;
if (!defined($setvalue)) {	if (!defined($setvalue)) {
Line 2411 sub do_cache_new {	Line 3005 sub do_cache_new {
$memcache->disconnect_all();	$memcache->disconnect_all();
}	}
# need to make a copy of $value	# need to make a copy of $value
&make_room($id,$value,$debug);	&make_room($remembered_id,$value,$debug);
return $value;	return $value;
}	}

sub make_room {	sub make_room {
my ($id,$value,$debug)=@_;	my ($remembered_id,$value,$debug)=@_;

$remembered{$id}= (ref($value)) ? &Storable::dclone($value)	$remembered{$remembered_id}= (ref($value)) ? &Storable::dclone($value)
: $value;	: $value;
if ($to_remember<0) { return; }	if ($to_remember<0) { return; }
$accessed{$id}=[&gettimeofday()];	$accessed{$remembered_id}=[&gettimeofday()];
if (scalar(keys(%remembered)) <= $to_remember) { return; }	if (scalar(keys(%remembered)) <= $to_remember) { return; }
my $to_kick;	my $to_kick;
my $max_time=0;	my $max_time=0;
Line 2633 sub repcopy {	Line 3227 sub repcopy {
mkdir($path,0777);	mkdir($path,0777);
}	}
}	}
my $ua=new LWP::UserAgent;
my $request=new HTTP::Request('GET',"$remoteurl");	my $request=new HTTP::Request('GET',"$remoteurl");
my $response=$ua->request($request,$transname);	my $response;
	if ($remoteurl =~ m{/raw/}) {
	$response=&LONCAPA::LWPReq::makerequest($home,$request,$transname,\%perlvar,'',0,1);
	} else {
	$response=&LONCAPA::LWPReq::makerequest($home,$request,$transname,\%perlvar,'',1);
	}
if ($response->is_error()) {	if ($response->is_error()) {
unlink($transname);	unlink($transname);
my $message=$response->status_line;	my $message=$response->status_line;
Line 2645 sub repcopy {	Line 3243 sub repcopy {
} else {	} else {
if ($remoteurl!~/\.meta$/) {	if ($remoteurl!~/\.meta$/) {
my $mrequest=new HTTP::Request('GET',$remoteurl.'.meta');	my $mrequest=new HTTP::Request('GET',$remoteurl.'.meta');
my $mresponse=$ua->request($mrequest,$filename.'.meta');	my $mresponse;
	if ($remoteurl =~ m{/raw/}) {
	$mresponse = &LONCAPA::LWPReq::makerequest($home,$mrequest,$filename.'.meta',\%perlvar,'',0,1);
	} else {
	$mresponse = &LONCAPA::LWPReq::makerequest($home,$mrequest,$filename.'.meta',\%perlvar,'',1);
	}
if ($mresponse->is_error()) {	if ($mresponse->is_error()) {
unlink($filename.'.meta');	unlink($filename.'.meta');
&logthis(	&logthis(
Line 2708 sub absolute_url {	Line 3311 sub absolute_url {
sub ssi {	sub ssi {

my ($fn,%form)=@_;	my ($fn,%form)=@_;
my $ua=new LWP::UserAgent;
my $request;	my $request;

$form{'no_update_last_known'}=1;	$form{'no_update_last_known'}=1;
&Apache::lonenc::check_encrypt(\$fn);	&Apache::lonenc::check_encrypt(\$fn);
if (%form) {	if (%form) {
$request=new HTTP::Request('POST',&absolute_url().$fn);	$request=new HTTP::Request('POST',&absolute_url().$fn);
$request->content(join('&',map { &escape($_).'='.&escape($form{$_}) } keys(%form)));	$request->content(join('&',map {
	my $name = escape($_);
	"$name=" . ( ref($form{$_}) eq 'ARRAY'
	? join("&$name=", map {escape($_) } @{$form{$_}})
	: &escape($form{$_}) );
	} keys(%form)));
} else {	} else {
$request=new HTTP::Request('GET',&absolute_url().$fn);	$request=new HTTP::Request('GET',&absolute_url().$fn);
}	}

$request->header(Cookie => $ENV{'HTTP_COOKIE'});	$request->header(Cookie => $ENV{'HTTP_COOKIE'});
my $response= $ua->request($request);	my $lonhost = $perlvar{'lonHostID'};
	my $islocal;
	if (($env{'request.course.id'}) &&
	($form{'grade_courseid'} eq $env{'request.course.id'}) &&
	($form{'grade_username'} ne '') && ($form{'grade_domain'} ne '') &&
	($form{'grade_symb'} ne '') &&
	(&Apache::lonnet::allowed('mgr',$env{'request.course.id'}.
	($env{'request.course.sec'}?'/'.$env{'request.course.sec'}:'')))) {
	$islocal = 1;
	}
	my $response= &LONCAPA::LWPReq::makerequest($lonhost,$request,'',\%perlvar,
	'','','',$islocal);

if (wantarray) {	if (wantarray) {
return ($response->content, $response);	return ($response->content, $response);
} else {	} else {
Line 2731 sub ssi {	Line 3350 sub ssi {

sub externalssi {	sub externalssi {
my ($url)=@_;	my ($url)=@_;
my $ua=new LWP::UserAgent;
my $request=new HTTP::Request('GET',$url);	my $request=new HTTP::Request('GET',$url);
my $response=$ua->request($request);	my $response = &LONCAPA::LWPReq::makerequest('',$request,'',\%perlvar);
if (wantarray) {	if (wantarray) {
return ($response->content, $response);	return ($response->content, $response);
} else {	} else {
Line 2741 sub externalssi {	Line 3359 sub externalssi {
}	}
}	}


	# If the local copy of a replicated resource is outdated, trigger a
	# connection from the homeserver to flush the delayed queue. If no update
	# happens, remove local copies of outdated resource (and corresponding
	# metadata file).

	sub remove_stale_resfile {
	my ($url) = @_;
	my $removed;
	if ($url=~m{^/res/($match_domain)/($match_username)/}) {
	my $audom = $1;
	my $auname = $2;
	unless (($url =~ /\.\d+\.\w+$/) \|\| ($url =~ m{^/res/lib/templates/})) {
	my $homeserver = &homeserver($auname,$audom);
	unless (($homeserver eq 'no_host') \|\|
	(grep { $_ eq $homeserver } &current_machine_ids())) {
	my $fname = &filelocation('',$url);
	if (-e $fname) {
	my $hostname = &hostname($homeserver);
	if ($hostname) {
	my $protocol = $protocol{$homeserver};
	$protocol = 'http' if ($protocol ne 'https');
	my $uri = &declutter($url);
	my $request=new HTTP::Request('HEAD',$protocol.'://'.$hostname.'/raw/'.$uri);
	my $response = &LONCAPA::LWPReq::makerequest($homeserver,$request,'',\%perlvar,5,0,1);
	if ($response->is_success()) {
	my $remmodtime = &HTTP::Date::str2time( $response->header('Last-modified') );
	my $locmodtime = (stat($fname))[9];
	if ($locmodtime < $remmodtime) {
	my $stale;
	my $answer = &reply('pong',$homeserver);
	if ($answer eq $homeserver.':'.$perlvar{'lonHostID'}) {
	sleep(0.2);
	$locmodtime = (stat($fname))[9];
	if ($locmodtime < $remmodtime) {
	my $posstransfer = $fname.'.in.transfer';
	if ((-e $posstransfer) && ($remmodtime < (stat($posstransfer))[9])) {
	$removed = 1;
	} else {
	$stale = 1;
	}
	} else {
	$removed = 1;
	}
	} else {
	$stale = 1;
	}
	if ($stale) {
	unlink($fname);
	if ($uri!~/\.meta$/) {
	unlink($fname.'.meta');
	}
	&reply("unsub:$fname",$homeserver);
	$removed = 1;
	}
	}
	}
	}
	}
	}
	}
	}
	return $removed;
	}

# -------------------------------- Allow a /uploaded/ URI to be vouched for	# -------------------------------- Allow a /uploaded/ URI to be vouched for

sub allowuploaded {	sub allowuploaded {
Line 2757 sub allowuploaded {	Line 3440 sub allowuploaded {
#	#
# Determine if the current user should be able to edit a particular resource,	# Determine if the current user should be able to edit a particular resource,
# when viewing in course context.	# when viewing in course context.
# (a) When viewing resource used to determine if "Edit" item is included in	# (a) When viewing resource used to determine if "Edit" item is included in
# Functions.	# Functions.
# (b) When displaying folder contents in course editor, used to determine if	# (b) When displaying folder contents in course editor, used to determine if
# "Edit" link will be displayed alongside resource.	# "Edit" link will be displayed alongside resource.
Line 2765 sub allowuploaded {	Line 3448 sub allowuploaded {
# input: six args -- filename (decluttered), course number, course domain,	# input: six args -- filename (decluttered), course number, course domain,
# url, symb (if registered) and group (if this is a group	# url, symb (if registered) and group (if this is a group
# item -- e.g., bulletin board, group page etc.).	# item -- e.g., bulletin board, group page etc.).
# output: array of five scalars --	# output: array of five scalars --
# $cfile -- url for file editing if editable on current server	# $cfile -- url for file editing if editable on current server
# $home -- homeserver of resource (i.e., for author if published,	# $home -- homeserver of resource (i.e., for author if published,
# or course if uploaded.).	# or course if uploaded.).
# $switchserver -- 1 if server switch will be needed.	# $switchserver -- 1 if server switch will be needed.
# $forceedit -- 1 if icon/link should be to go to edit mode	# $forceedit -- 1 if icon/link should be to go to edit mode
# $forceview -- 1 if icon/link should be to go to view mode	# $forceview -- 1 if icon/link should be to go to view mode
#	#

Line 2859 sub can_edit_resource {	Line 3542 sub can_edit_resource {
$forceedit = 1;	$forceedit = 1;
}	}
$cfile = $resurl;	$cfile = $resurl;
} elsif (($resurl ne '') && (&is_on_map($resurl))) {	} elsif (($resurl ne '') && (&is_on_map($resurl))) {
if ($resurl =~ m{^/adm/$match_domain/$match_username/\d+/smppg\|bulletinboard$}) {	if ($resurl =~ m{^/adm/$match_domain/$match_username/\d+/smppg\|bulletinboard$}) {
$incourse = 1;	$incourse = 1;
if ($env{'form.forceedit'}) {	if ($env{'form.forceedit'}) {
Line 2879 sub can_edit_resource {	Line 3562 sub can_edit_resource {
$forceedit = 1;	$forceedit = 1;
}	}
$cfile = $resurl;	$cfile = $resurl;
	} elsif ($resurl =~ m{^/adm/wrapper/adm/$cdom/$cnum/\d+/ext\.tool$}) {
	$incourse = 1;
	if ($env{'form.forceedit'}) {
	$forceview = 1;
	} else {
	$forceedit = 1;
	}
	$cfile = $resurl;
} elsif ($resurl =~ m{^/?adm/viewclasslist$}) {	} elsif ($resurl =~ m{^/?adm/viewclasslist$}) {
$incourse = 1;	$incourse = 1;
if ($env{'form.forceedit'}) {	if ($env{'form.forceedit'}) {
Line 2890 sub can_edit_resource {	Line 3581 sub can_edit_resource {
}	}
} elsif ($resurl eq '/res/lib/templates/simpleproblem.problem/smpedit') {	} elsif ($resurl eq '/res/lib/templates/simpleproblem.problem/smpedit') {
my $template = '/res/lib/templates/simpleproblem.problem';	my $template = '/res/lib/templates/simpleproblem.problem';
if (&is_on_map($template)) {	if (&is_on_map($template)) {
$incourse = 1;	$incourse = 1;
$forceview = 1;	$forceview = 1;
$cfile = $template;	$cfile = $template;
Line 2903 sub can_edit_resource {	Line 3594 sub can_edit_resource {
$forceedit = 1;	$forceedit = 1;
}	}
$cfile = $resurl;	$cfile = $resurl;
	} elsif (($resurl =~ m{^/adm/wrapper/adm/$cdom/$cnum/\d+/ext\.tool$}) && ($env{'form.folderpath'} =~ /^supplemental/)) {
	$incourse = 1;
	if ($env{'form.forceedit'}) {
	$forceview = 1;
	} else {
	$forceedit = 1;
	}
	$cfile = $resurl;
} elsif (($resurl eq '/adm/extresedit') && ($symb \|\| $env{'form.folderpath'})) {	} elsif (($resurl eq '/adm/extresedit') && ($symb \|\| $env{'form.folderpath'})) {
$incourse = 1;	$incourse = 1;
$forceview = 1;	$forceview = 1;
Line 2912 sub can_edit_resource {	Line 3611 sub can_edit_resource {
$cfile = &clutter($res);	$cfile = &clutter($res);
} else {	} else {
$cfile = $env{'form.suppurl'};	$cfile = $env{'form.suppurl'};
$cfile =~ s{^http://}{};	my $escfile = &unescape($cfile);
$cfile = '/adm/wrapper/ext/'.$cfile;	if ($escfile =~ m{^/adm/$cdom/$cnum/\d+/ext\.tool$}) {
	$cfile = '/adm/wrapper'.$escfile;
	} else {
	$escfile =~ s{^http://}{};
	$cfile = &escape("/adm/wrapper/ext/$escfile");
	}
}	}
} elsif ($resurl =~ m{^/?adm/viewclasslist$}) {	} elsif ($resurl =~ m{^/?adm/viewclasslist$}) {
if ($env{'form.forceedit'}) {	if ($env{'form.forceedit'}) {
Line 2937 sub can_edit_resource {	Line 3641 sub can_edit_resource {
$cfile=$file;	$cfile=$file;
}	}
}	}
if (($cfile ne '') && (!$incourse \|\| $uploaded) &&	if (($cfile ne '') && (!$incourse \|\| $uploaded) &&
(($home ne '') && ($home ne 'no_host'))) {	(($home ne '') && ($home ne 'no_host'))) {
my @ids=&current_machine_ids();	my @ids=&current_machine_ids();
unless (grep(/^\Q$home\E$/,@ids)) {	unless (grep(/^\Q$home\E$/,@ids)) {
Line 2964 sub in_course {	Line 3668 sub in_course {
if ($hideprivileged) {	if ($hideprivileged) {
my $skipuser;	my $skipuser;
my %coursehash = &coursedescription($cdom.'_'.$cnum);	my %coursehash = &coursedescription($cdom.'_'.$cnum);
my @possdoms = ($cdom);	my @possdoms = ($cdom);
if ($coursehash{'checkforpriv'}) {	if ($coursehash{'checkforpriv'}) {
push(@possdoms,split(/,/,$coursehash{'checkforpriv'}));	push(@possdoms,split(/,/,$coursehash{'checkforpriv'}));
}	}
if (&privileged($uname,$udom,\@possdoms)) {	if (&privileged($uname,$udom,\@possdoms)) {
$skipuser = 1;	$skipuser = 1;
Line 3069 sub process_coursefile {	Line 3773 sub process_coursefile {
$home);	$home);
}	}
} elsif ($action eq 'uploaddoc') {	} elsif ($action eq 'uploaddoc') {
open(my $fh,'>'.$filepath.'/'.$fname);	open(my $fh,'>',$filepath.'/'.$fname);
print $fh $env{'form.'.$source};	print $fh $env{'form.'.$source};
close($fh);	close($fh);
if ($parser eq 'parse') {	if ($parser eq 'parse') {
Line 3127 sub store_edited_file {	Line 3831 sub store_edited_file {
($fpath,$fname) = ($file =~ m\|^(.*)/([^/]+)$\|);	($fpath,$fname) = ($file =~ m\|^(.*)/([^/]+)$\|);
$fpath=$docudom.'/'.$docuname.'/'.$fpath;	$fpath=$docudom.'/'.$docuname.'/'.$fpath;
my $filepath = &build_filepath($fpath);	my $filepath = &build_filepath($fpath);
open(my $fh,'>'.$filepath.'/'.$fname);	open(my $fh,'>',$filepath.'/'.$fname);
print $fh $content;	print $fh $content;
close($fh);	close($fh);
my $home=&homeserver($docuname,$docudom);	my $home=&homeserver($docuname,$docudom);
Line 3201 sub resizeImage {	Line 3905 sub resizeImage {
# input: $formname - the contents of the file are in $env{"form.$formname"}	# input: $formname - the contents of the file are in $env{"form.$formname"}
# the desired filename is in $env{"form.$formname.filename"}	# the desired filename is in $env{"form.$formname.filename"}
# $context - possible values: coursedoc, existingfile, overwrite,	# $context - possible values: coursedoc, existingfile, overwrite,
# canceloverwrite, or ''.	# canceloverwrite, scantron or ''.
# if 'coursedoc': upload to the current course	# if 'coursedoc': upload to the current course
# if 'existingfile': write file to tmp/overwrites directory	# if 'existingfile': write file to tmp/overwrites directory
# if 'canceloverwrite': delete file written to tmp/overwrites directory	# if 'canceloverwrite': delete file written to tmp/overwrites directory
# $context is passed as argument to &finishuserfileupload	# $context is passed as argument to &finishuserfileupload
# $subdir - directory in userfile to store the file into	# $subdir - directory in userfile to store the file into
# $parser - instruction to parse file for objects ($parser = parse)	# $parser - instruction to parse file for objects ($parser = parse) or
	# if context is 'scantron', $parser is hashref of csv column mapping
	# (e.g.,{ PaperID => 0, LastName => 1, FirstName => 2, ID => 3,
	# Section => 4, CODE => 5, FirstQuestion => 9 }).
# $allfiles - reference to hash for embedded objects	# $allfiles - reference to hash for embedded objects
# $codebase - reference to hash for codebase of java objects	# $codebase - reference to hash for codebase of java objects
# $desuname - username for permanent storage of uploaded file	# $desuname - username for permanent storage of uploaded file
Line 3243 sub userfileupload {	Line 3950 sub userfileupload {
'_'.$env{'user.domain'}.'/pending';	'_'.$env{'user.domain'}.'/pending';
} elsif (($context eq 'existingfile') \|\| ($context eq 'canceloverwrite')) {	} elsif (($context eq 'existingfile') \|\| ($context eq 'canceloverwrite')) {
my ($docuname,$docudom);	my ($docuname,$docudom);
if ($destudom) {	if ($destudom =~ /^$match_domain$/) {
$docudom = $destudom;	$docudom = $destudom;
} else {	} else {
$docudom = $env{'user.domain'};	$docudom = $env{'user.domain'};
}	}
if ($destuname) {	if ($destuname =~ /^$match_username$/) {
$docuname = $destuname;	$docuname = $destuname;
} else {	} else {
$docuname = $env{'user.name'};	$docuname = $env{'user.name'};
Line 3278 sub userfileupload {	Line 3985 sub userfileupload {
mkdir($fullpath,0777);	mkdir($fullpath,0777);
}	}
}	}
open(my $fh,'>'.$fullpath.'/'.$fname);	open(my $fh,'>',$fullpath.'/'.$fname);
print $fh $env{'form.'.$formname};	print $fh $env{'form.'.$formname};
close($fh);	close($fh);
if ($context eq 'existingfile') {	if ($context eq 'existingfile') {
Line 3353 sub finishuserfileupload {	Line 4060 sub finishuserfileupload {

# Save the file	# Save the file
{	{
if (!open(FH,'>'.$filepath.'/'.$file)) {	if (!open(FH,'>',$filepath.'/'.$file)) {
&logthis('Failed to create '.$filepath.'/'.$file);	&logthis('Failed to create '.$filepath.'/'.$file);
print STDERR ('Failed to create '.$filepath.'/'.$file."\n");	print STDERR ('Failed to create '.$filepath.'/'.$file."\n");
return '/adm/notfound.html';	return '/adm/notfound.html';
Line 3397 sub finishuserfileupload {	Line 4104 sub finishuserfileupload {
}	}
}	}
}	}
if ($parser eq 'parse') {	if (($context ne 'scantron') && ($parser eq 'parse')) {
if ((ref($mimetype)) && ($$mimetype eq 'text/html')) {	if ((ref($mimetype)) && ($$mimetype eq 'text/html')) {
my $parse_result = &extract_embedded_items($filepath.'/'.$file,	my $parse_result = &extract_embedded_items($filepath.'/'.$file,
$allfiles,$codebase);	$allfiles,$codebase);
Line 3406 sub finishuserfileupload {	Line 4113 sub finishuserfileupload {
' for embedded media: '.$parse_result);	' for embedded media: '.$parse_result);
}	}
}	}
	} elsif (($context eq 'scantron') && (ref($parser) eq 'HASH')) {
	my $format = $env{'form.scantron_format'};
	&bubblesheet_converter($docudom,$filepath.'/'.$file,$parser,$format);
}	}
if (($thumbwidth =~ /^\d+$/) && ($thumbheight =~ /^\d+$/)) {	if (($thumbwidth =~ /^\d+$/) && ($thumbheight =~ /^\d+$/)) {
my $input = $filepath.'/'.$file;	my $input = $filepath.'/'.$file;
my $output = $filepath.'/'.'tn-'.$file;	my $output = $filepath.'/'.'tn-'.$file;
my $thumbsize = $thumbwidth.'x'.$thumbheight;	my $thumbsize = $thumbwidth.'x'.$thumbheight;
system("convert -sample $thumbsize $input $output");	my @args = ('convert','-sample',$thumbsize,$input,$output);
	system({$args[0]} @args);
if (-e $filepath.'/'.'tn-'.$file) {	if (-e $filepath.'/'.'tn-'.$file) {
$fetchthumb = 1;	$fetchthumb = 1;
}	}
Line 3470 sub extract_embedded_items {	Line 4181 sub extract_embedded_items {
}	}
if (lc($tagname) eq 'a') {	if (lc($tagname) eq 'a') {
unless (($attr->{'href'} =~ /^#/) \|\| ($attr->{'href'} eq '')) {	unless (($attr->{'href'} =~ /^#/) \|\| ($attr->{'href'} eq '')) {
&add_filetype($allfiles,$attr->{'href'},'href');	&add_filetype($allfiles,$attr->{'href'},'href');
}	}
}	}
if (lc($tagname) eq 'script') {	if (lc($tagname) eq 'script') {
Line 3645 sub embedded_dependency {	Line 4356 sub embedded_dependency {
return;	return;
}	}

	sub bubblesheet_converter {
	my ($cdom,$fullpath,$config,$format) = @_;
	if ((&domain($cdom) ne '') &&
	($fullpath =~ m{^\Q$perlvar{'lonDocRoot'}/userfiles/$cdom/$match_courseid/scantron_orig}) &&
	(-e $fullpath) && (ref($config) eq 'HASH') && ($format ne '')) {
	my %csvcols = %{$config};
	my %csvbynum = reverse(%csvcols);
	my %scantronconf = &get_scantron_config($format,$cdom);
	if (keys(%scantronconf)) {
	my %bynum = (
	$scantronconf{CODEstart} => 'CODEstart',
	$scantronconf{IDstart} => 'IDstart',
	$scantronconf{PaperID} => 'PaperID',
	$scantronconf{FirstName} => 'FirstName',
	$scantronconf{LastName} => 'LastName',
	$scantronconf{Qstart} => 'Qstart',
	);
	my @ordered;
	foreach my $item (sort { $a <=> $b } keys(%bynum)) {
	push (@ordered,$bynum{$item}));
	}
	my %mapstart = (
	CODEstart => 'CODE',
	IDstart => 'ID',
	PaperID => 'PaperID',
	FirstName => 'FirstName',
	LastName => 'LastName',
	Qstart => 'FirstQuestion',
	);
	my %maplength = (
	CODEstart => 'CODElength',
	IDstart => 'IDlength',
	PaperID => 'PaperIDlength',
	FirstName => 'FirstNamelength',
	LastName => 'LastNamelength',
	);
	if (open(my $fh,'<',$fullpath)) {
	my $output;
	while (my $line=<$fh>) {
	$line =~ s{[\r\n]+$}{};
	my %found;
	my @values = split(/,/,$line);
	my ($qstart,$record);
	for (my $i=0; $i<@values; $i++) {
	if (($qstart ne '') && ($i > $qstart)) {
	$found{'FirstQuestion'} .= $values[$i];
	} elsif (exists($csvbynum{$i})) {
	if ($csvbynum{$i} eq 'FirstQuestion') {
	$qstart = $i;
	} else {
	$values[$i] =~ s/^\s+//;
	if ($csvbynum{$i} eq 'PaperID') {
	while (length($values[$i]) < $scantronconf{$maplength{$csvbynum{$i}}}) {
	$values[$i] = '0'.$values[$i];
	}
	}
	}
	$found{$csvbynum{$i}} = $values[$i];
	}
	}
	foreach my $item (@ordered) {
	my $currlength = 1+length($record);
	my $numspaces = $scantronconf{$item} - $currlength;
	if ($numspaces > 0) {
	$record .= (' ' x $numspaces);
	}
	if (($mapstart{$item} ne '') && (exists($found{$mapstart{$item}}))) {
	unless ($item eq 'Qstart') {
	if (length($found{$mapstart{$item}}) > $scantronconf{$maplength{$item}}) {
	$found{$mapstart{$item}} = substr($found{$mapstart{$item}},0,$scantronconf{$maplength{$item}});
	}
	}
	$record .= $found{$mapstart{$item}};
	}
	}
	$output .= "$record\n";
	}
	close($fh);
	if ($output) {
	if (open(my $fh,'>',$fullpath)) {
	print $fh $output;
	close($fh);
	}
	}
	}
	}
	return;
	}
	}

	sub get_scantron_config {
	my ($which,$cdom) = @_;
	my @lines = &get_scantronformat_file($cdom);
	my %config;
	#FIXME probably should move to XML it has already gotten a bit much now
	foreach my $line (@lines) {
	my ($name,$descrip)=split(/:/,$line);
	if ($name ne $which ) { next; }
	chomp($line);
	my @config=split(/:/,$line);
	$config{'name'}=$config[0];
	$config{'description'}=$config[1];
	$config{'CODElocation'}=$config[2];
	$config{'CODEstart'}=$config[3];
	$config{'CODElength'}=$config[4];
	$config{'IDstart'}=$config[5];
	$config{'IDlength'}=$config[6];
	$config{'Qstart'}=$config[7];
	$config{'Qlength'}=$config[8];
	$config{'Qoff'}=$config[9];
	$config{'Qon'}=$config[10];
	$config{'PaperID'}=$config[11];
	$config{'PaperIDlength'}=$config[12];
	$config{'FirstName'}=$config[13];
	$config{'FirstNamelength'}=$config[14];
	$config{'LastName'}=$config[15];
	$config{'LastNamelength'}=$config[16];
	$config{'BubblesPerRow'}=$config[17];
	last;
	}
	return %config;
	}

	sub get_scantronformat_file {
	my ($cdom) = @_;
	if ($cdom eq '') {
	$cdom= $env{'course.'.$env{'request.course.id'}.'.domain'};
	}
	my %domconfig = &get_dom('configuration',['scantron'],$cdom);
	my $gottab = 0;
	my @lines;
	if (ref($domconfig{'scantron'}) eq 'HASH') {
	if ($domconfig{'scantron'}{'scantronformat'} ne '') {
	my $formatfile = &getfile($perlvar{'lonDocRoot'}.$domconfig{'scantron'}{'scantronformat'});
	if ($formatfile ne '-1') {
	@lines = split("\n",$formatfile,-1);
	$gottab = 1;
	}
	}
	}
	if (!$gottab) {
	my $confname = $cdom.'-domainconfig';
	my $default = $perlvar{'lonDocRoot'}.'/res/'.$cdom.'/'.$confname.'/default.tab';
	my $formatfile = &getfile($default);
	if ($formatfile ne '-1') {
	@lines = split("\n",$formatfile,-1);
	$gottab = 1;
	}
	}
	if (!$gottab) {
	my @domains = &current_machine_domains();
	if (grep(/^\Q$cdom\E$/,@domains)) {
	if (open(my $fh,'<',$perlvar{'lonTabDir'}.'/scantronformat.tab')) {
	@lines = <$fh>;
	close($fh);
	}
	} else {
	if (open(my $fh,'<',$perlvar{'lonTabDir'}.'/default_scantronformat.tab')) {
	@lines = <$fh>;
	close($fh);
	}
	}
	}
	return @lines;
	}

sub removeuploadedurl {	sub removeuploadedurl {
my ($url)=@_;	my ($url)=@_;
my (undef,undef,$udom,$uname,$fname)=split('/',$url,5);	my (undef,undef,$udom,$uname,$fname)=split('/',$url,5);
Line 3795 sub flushcourselogs {	Line 4672 sub flushcourselogs {
}	}
}	}
#	#
# Reverse lookup of domain roles (dc, ad, li, sc, au)	# Reverse lookup of domain roles (dc, ad, li, sc, dh, da, au)
#	#
my %domrolebuffer = ();	my %domrolebuffer = ();
foreach my $entry (keys(%domainrolehash)) {	foreach my $entry (keys(%domainrolehash)) {
Line 3810 sub flushcourselogs {	Line 4687 sub flushcourselogs {
delete $domainrolehash{$entry};	delete $domainrolehash{$entry};
}	}
foreach my $dom (keys(%domrolebuffer)) {	foreach my $dom (keys(%domrolebuffer)) {
my %servers = &get_servers($dom,'library');	my %servers;
	if (defined(&domain($dom,'primary'))) {
	my $primary=&domain($dom,'primary');
	my $hostname=&hostname($primary);
	$servers{$primary} = $hostname;
	} else {
	%servers = &get_servers($dom,'library');
	}
foreach my $tryserver (keys(%servers)) {	foreach my $tryserver (keys(%servers)) {
unless (&reply('domroleput:'.$dom.':'.	if (&reply('domroleput:'.$dom.':'.
$domrolebuffer{$dom},$tryserver) eq 'ok') {	$domrolebuffer{$dom},$tryserver) eq 'ok') {
	last;
	} else {
&logthis('Put of domain roles failed for '.$dom.' and '.$tryserver);	&logthis('Put of domain roles failed for '.$dom.' and '.$tryserver);
}	}
}	}
Line 3933 sub userrolelog {	Line 4819 sub userrolelog {
{$trole.':'.$username.':'.$domain.':'.$env{'user.name'}.':'.$env{'user.domain'}.':'}	{$trole.':'.$username.':'.$domain.':'.$env{'user.name'}.':'.$env{'user.domain'}.':'}
=$tend.':'.$tstart;	=$tend.':'.$tstart;
}	}
if ($trole =~ /^(dc\|ad\|li\|au\|dg\|sc)/ ) {	if ($trole =~ /^(dc\|ad\|li\|au\|dg\|sc\|dh\|da)/ ) {
my (undef,$rudom,$runame,$rsec)=split(/\//,$area);	my (undef,$rudom,$runame,$rsec)=split(/\//,$area);
$domainrolehash	$domainrolehash
{$trole.':'.$username.':'.$domain.':'.$runame.':'.$rudom.':'.$rsec}	{$trole.':'.$username.':'.$domain.':'.$runame.':'.$rudom.':'.$rsec}
Line 4141 sub get_my_roles {	Line 5027 sub get_my_roles {
} else {	} else {
my $possdoms = [$domain];	my $possdoms = [$domain];
if (ref($roledoms) eq 'ARRAY') {	if (ref($roledoms) eq 'ARRAY') {
push(@{$possdoms},@{$roledoms});	push(@{$possdoms},@{$roledoms});
}	}
if (&privileged($username,$domain,$possdoms,\@privroles)) {	if (&privileged($username,$domain,$possdoms,\@privroles)) {
if (!$nothide{$username.':'.$domain}) {	if (!$nothide{$username.':'.$domain}) {
Line 4160 sub get_my_roles {	Line 5046 sub get_my_roles {
return %returnhash;	return %returnhash;
}	}

	sub get_all_adhocroles {
	my ($dom) = @_;
	my @roles_by_num = ();
	my %domdefaults = &get_domain_defaults($dom);
	my (%description,%access_in_dom,%access_info);
	if (ref($domdefaults{'adhocroles'}) eq 'HASH') {
	my $count = 0;
	my %domcurrent = %{$domdefaults{'adhocroles'}};
	my %ordered;
	foreach my $role (sort(keys(%domcurrent))) {
	my ($order,$desc,$access_in_dom);
	if (ref($domcurrent{$role}) eq 'HASH') {
	$order = $domcurrent{$role}{'order'};
	$desc = $domcurrent{$role}{'desc'};
	$access_in_dom{$role} = $domcurrent{$role}{'access'};
	$access_info{$role} = $domcurrent{$role}{$access_in_dom{$role}};
	}
	if ($order eq '') {
	$order = $count;
	}
	$ordered{$order} = $role;
	if ($desc ne '') {
	$description{$role} = $desc;
	} else {
	$description{$role}= $role;
	}
	$count++;
	}
	foreach my $item (sort {$a <=> $b } (keys(%ordered))) {
	push(@roles_by_num,$ordered{$item});
	}
	}
	return (\@roles_by_num,\%description,\%access_in_dom,\%access_info);
	}

	sub get_my_adhocroles {
	my ($cid,$checkreg) = @_;
	my ($cdom,$cnum,%info,@possroles,$description,$roles_by_num);
	if ($env{'request.course.id'} eq $cid) {
	$cdom = $env{'course.'.$cid.'.domain'};
	$cnum = $env{'course.'.$cid.'.num'};
	$info{'internal.coursecode'} = $env{'course.'.$cid.'.internal.coursecode'};
	} elsif ($cid =~ /^($match_domain)_($match_courseid)$/) {
	$cdom = $1;
	$cnum = $2;
	%info = &Apache::lonnet::get('environment',['internal.coursecode'],
	$cdom,$cnum);
	}
	if (($info{'internal.coursecode'} ne '') && ($checkreg)) {
	my $user = $env{'user.name'}.':'.$env{'user.domain'};
	my %rosterhash = &get('classlist',[$user],$cdom,$cnum);
	if ($rosterhash{$user} ne '') {
	my $type = (split(/:/,$rosterhash{$user}))[5];
	return ([],{}) if ($type eq 'auto');
	}
	}
	if (($cdom ne '') && ($cnum ne '')) {
	if (($env{"user.role.dh./$cdom/"}) \|\| ($env{"user.role.da./$cdom/"})) {
	my $then=$env{'user.login.time'};
	my $update=$env{'user.update.time'};
	if (!$update) {
	$update = $then;
	}
	my @liveroles;
	foreach my $role ('dh','da') {
	if ($env{"user.role.$role./$cdom/"}) {
	my ($tstart,$tend)=split(/\./,$env{"user.role.$role./$cdom/"});
	my $limit = $update;
	if ($env{'request.role'} eq "$role./$cdom/") {
	$limit = $then;
	}
	my $activerole = 1;
	if ($tstart && $tstart>$limit) { $activerole = 0; }
	if ($tend && $tend <$limit) { $activerole = 0; }
	if ($activerole) {
	push(@liveroles,$role);
	}
	}
	}
	if (@liveroles) {
	if (&homeserver($cnum,$cdom) ne 'no_host') {
	my ($accessref,$accessinfo,%access_in_dom);
	($roles_by_num,$description,$accessref,$accessinfo) = &get_all_adhocroles($cdom);
	if (ref($roles_by_num) eq 'ARRAY') {
	if (@{$roles_by_num}) {
	my %settings;
	if ($env{'request.course.id'} eq $cid) {
	foreach my $envkey (keys(%env)) {
	if ($envkey =~ /^\Qcourse.$cid.\E(internal\.adhoc.+)$/) {
	$settings{$1} = $env{$envkey};
	}
	}
	} else {
	%settings = &dump('environment',$cdom,$cnum,'internal\.adhoc');
	}
	my %setincrs;
	if ($settings{'internal.adhocaccess'}) {
	map { $setincrs{$_} = 1; } split(/,/,$settings{'internal.adhocaccess'});
	}
	my @statuses;
	if ($env{'environment.inststatus'}) {
	@statuses = split(/,/,$env{'environment.inststatus'});
	}
	my $user = $env{'user.name'}.':'.$env{'user.domain'};
	if (ref($accessref) eq 'HASH') {
	%access_in_dom = %{$accessref};
	}
	foreach my $role (@{$roles_by_num}) {
	my ($curraccess,@okstatus,@personnel);
	if ($setincrs{$role}) {
	($curraccess,my $rest) = split(/=/,$settings{'internal.adhoc.'.$role});
	if ($curraccess eq 'status') {
	@okstatus = split(/\&/,$rest);
	} elsif (($curraccess eq 'exc') \|\| ($curraccess eq 'inc')) {
	@personnel = split(/\&/,$rest);
	}
	} else {
	$curraccess = $access_in_dom{$role};
	if (ref($accessinfo) eq 'HASH') {
	if ($curraccess eq 'status') {
	if (ref($accessinfo->{$role}) eq 'ARRAY') {
	@okstatus = @{$accessinfo->{$role}};
	}
	} elsif (($curraccess eq 'exc') \|\| ($curraccess eq 'inc')) {
	if (ref($accessinfo->{$role}) eq 'ARRAY') {
	@personnel = @{$accessinfo->{$role}};
	}
	}
	}
	}
	if ($curraccess eq 'none') {
	next;
	} elsif ($curraccess eq 'all') {
	push(@possroles,$role);
	} elsif ($curraccess eq 'dh') {
	if (grep(/^dh$/,@liveroles)) {
	push(@possroles,$role);
	} else {
	next;
	}
	} elsif ($curraccess eq 'da') {
	if (grep(/^da$/,@liveroles)) {
	push(@possroles,$role);
	} else {
	next;
	}
	} elsif ($curraccess eq 'status') {
	if (@okstatus) {
	if (!@statuses) {
	if (grep(/^default$/,@okstatus)) {
	push(@possroles,$role);
	}
	} else {
	foreach my $status (@okstatus) {
	if (grep(/^\Q$status\E$/,@statuses)) {
	push(@possroles,$role);
	last;
	}
	}
	}
	}
	} elsif (($curraccess eq 'exc') \|\| ($curraccess eq 'inc')) {
	if (grep(/^\Q$user\E$/,@personnel)) {
	if ($curraccess eq 'exc') {
	push(@possroles,$role);
	}
	} elsif ($curraccess eq 'inc') {
	push(@possroles,$role);
	}
	}
	}
	}
	}
	}
	}
	}
	}
	unless (ref($description) eq 'HASH') {
	if (ref($roles_by_num) eq 'ARRAY') {
	my %desc;
	map { $desc{$_} = $_; } (@{$roles_by_num});
	$description = \%desc;
	} else {
	$description = {};
	}
	}
	return (\@possroles,$description);
	}

# ----------------------------------------------------- Frontpage Announcements	# ----------------------------------------------------- Frontpage Announcements
#	#
#	#
Line 4173 sub postannounce {	Line 5248 sub postannounce {

sub getannounce {	sub getannounce {

if (open(my $fh,$perlvar{'lonDocRoot'}.'/announcement.txt')) {	if (open(my $fh,"<",$perlvar{'lonDocRoot'}.'/announcement.txt')) {
my $announcement='';	my $announcement='';
while (my $line = <$fh>) { $announcement .= $line; }	while (my $line = <$fh>) { $announcement .= $line; }
close($fh);	close($fh);
Line 4236 sub courseiddump {	Line 5311 sub courseiddump {
$coursefilter,$hostidflag,$hostidref,$typefilter,$regexp_ok,	$coursefilter,$hostidflag,$hostidref,$typefilter,$regexp_ok,
$selfenrollonly,$catfilter,$showhidden,$caller,$cloner,$cc_clone,	$selfenrollonly,$catfilter,$showhidden,$caller,$cloner,$cc_clone,
$cloneonly,$createdbefore,$createdafter,$creationcontext,$domcloner,	$cloneonly,$createdbefore,$createdafter,$creationcontext,$domcloner,
$hasuniquecode)=@_;	$hasuniquecode,$reqcrsdom,$reqinstcode)=@_;
my $as_hash = 1;	my $as_hash = 1;
my %returnhash;	my %returnhash;
if (!$domfilter) { $domfilter=''; }	if (!$domfilter) { $domfilter=''; }
Line 4249 sub courseiddump {	Line 5324 sub courseiddump {
if (($domfilter eq '') \|\|	if (($domfilter eq '') \|\|
(&host_domain($tryserver) eq $domfilter)) {	(&host_domain($tryserver) eq $domfilter)) {
my $rep;	my $rep;
if (grep { $_ eq $tryserver } &current_machine_ids()) {	if (grep { $_ eq $tryserver } current_machine_ids()) {
$rep = &LONCAPA::Lond::dump_course_id_handler(	$rep = LONCAPA::Lond::dump_course_id_handler(
join(":", (&host_domain($tryserver), $sincefilter,	join(":", (&host_domain($tryserver), $sincefilter,
&escape($descfilter), &escape($instcodefilter),	&escape($descfilter), &escape($instcodefilter),
&escape($ownerfilter), &escape($coursefilter),	&escape($ownerfilter), &escape($coursefilter),
&escape($typefilter), &escape($regexp_ok),	&escape($typefilter), &escape($regexp_ok),
$as_hash, &escape($selfenrollonly),	$as_hash, &escape($selfenrollonly),
&escape($catfilter), $showhidden, $caller,	&escape($catfilter), $showhidden, $caller,
&escape($cloner), &escape($cc_clone), $cloneonly,	&escape($cloner), &escape($cc_clone), $cloneonly,
&escape($createdbefore), &escape($createdafter),	&escape($createdbefore), &escape($createdafter),
&escape($creationcontext), $domcloner, $hasuniquecode)));	&escape($creationcontext),$domcloner,$hasuniquecode,
	$reqcrsdom,&escape($reqinstcode))));
} else {	} else {
$rep = &reply('courseiddump:'.&host_domain($tryserver).':'.	$rep = &reply('courseiddump:'.&host_domain($tryserver).':'.
$sincefilter.':'.&escape($descfilter).':'.	$sincefilter.':'.&escape($descfilter).':'.
Line 4270 sub courseiddump {	Line 5346 sub courseiddump {
$showhidden.':'.$caller.':'.&escape($cloner).':'.	$showhidden.':'.$caller.':'.&escape($cloner).':'.
&escape($cc_clone).':'.$cloneonly.':'.	&escape($cc_clone).':'.$cloneonly.':'.
&escape($createdbefore).':'.&escape($createdafter).':'.	&escape($createdbefore).':'.&escape($createdafter).':'.
&escape($creationcontext).':'.$domcloner.':'.$hasuniquecode,	&escape($creationcontext).':'.$domcloner.':'.$hasuniquecode.
$tryserver);	':'.$reqcrsdom.':'.&escape($reqinstcode),$tryserver);
}	}

my @pairs=split(/\&/,$rep);	my @pairs=split(/\&/,$rep);
foreach my $item (@pairs) {	foreach my $item (@pairs) {
my ($key,$value)=split(/\=/,$item,2);	my ($key,$value)=split(/\=/,$item,2);
Line 4399 sub get_domain_roles {	Line 5475 sub get_domain_roles {
return %personnel;	return %personnel;
}	}

	sub get_active_domroles {
	my ($dom,$roles) = @_;
	return () unless (ref($roles) eq 'ARRAY');
	my $now = time;
	my %dompersonnel = &get_domain_roles($dom,$roles,$now,$now);
	my %domroles;
	foreach my $server (keys(%dompersonnel)) {
	foreach my $user (sort(keys(%{$dompersonnel{$server}}))) {
	my ($trole,$uname,$udom,$runame,$rudom,$rsec) = split(/:/,$user);
	$domroles{$uname.':'.$udom} = $dompersonnel{$server}{$user};
	}
	}
	return %domroles;
	}

# ----------------------------------------------------------- Interval timing	# ----------------------------------------------------------- Interval timing

{	{
Line 4410 my $cachedkey='';	Line 5501 my $cachedkey='';
# The cached times for this user	# The cached times for this user
my %cachedtimes=();	my %cachedtimes=();
# When this was last done	# When this was last done
my $cachedtime=();	my $cachedtime='';

sub load_all_first_access {	sub load_all_first_access {
my ($uname,$udom)=@_;	my ($uname,$udom,$ignorecache)=@_;
if (($cachedkey eq $uname.':'.$udom) &&	if (($cachedkey eq $uname.':'.$udom) &&
(abs($cachedtime-time)<5) && (!$env{'form.markaccess'})) {	(abs($cachedtime-time)<5) && (!$env{'form.markaccess'}) &&
	(!$ignorecache)) {
return;	return;
}	}
$cachedtime=time;	$cachedtime=time;
Line 4424 sub load_all_first_access {	Line 5516 sub load_all_first_access {
}	}

sub get_first_access {	sub get_first_access {
my ($type,$argsymb,$argmap)=@_;	my ($type,$argsymb,$argmap,$ignorecache)=@_;
my ($symb,$courseid,$udom,$uname)=&whichuser();	my ($symb,$courseid,$udom,$uname)=&whichuser();
if ($argsymb) { $symb=$argsymb; }	if ($argsymb) { $symb=$argsymb; }
my ($map,$id,$res)=&decode_symb($symb);	my ($map,$id,$res)=&decode_symb($symb);
Line 4436 sub get_first_access {	Line 5528 sub get_first_access {
} else {	} else {
$res=$symb;	$res=$symb;
}	}
&load_all_first_access($uname,$udom);	&load_all_first_access($uname,$udom,$ignorecache);
return $cachedtimes{"$courseid\0$res"};	return $cachedtimes{"$courseid\0$res"};
}	}

Line 4453 sub set_first_access {	Line 5545 sub set_first_access {
}	}
$cachedkey='';	$cachedkey='';
my $firstaccess=&get_first_access($type,$symb,$map);	my $firstaccess=&get_first_access($type,$symb,$map);
if (!$firstaccess) {	if ($firstaccess) {
	&logthis("First access time already set ($firstaccess) when attempting ".
	"to set new value (type: $type, extent: $res) for $uname:$udom ".
	"in $courseid");
	return 'already_set';
	} else {
my $start = time;	my $start = time;
my $putres = &put('firstaccesstimes',{"$courseid\0$res"=>$start},	my $putres = &put('firstaccesstimes',{"$courseid\0$res"=>$start},
$udom,$uname);	$udom,$uname);
Line 4466 sub set_first_access {	Line 5563 sub set_first_access {
'course.'.$courseid.'.timerinterval.'.$res => $interval,	'course.'.$courseid.'.timerinterval.'.$res => $interval,
}	}
);	);
	if (($cachedtime) && (abs($start-$cachedtime) < 5)) {
	$cachedtimes{"$courseid\0$res"} = $start;
	}
	} elsif ($putres ne 'refused') {
	&logthis("Result: $putres when attempting to set first access time ".
	"(type: $type, extent: $res) for $uname:$udom in $courseid");
}	}
return $putres;	return $putres;
}	}
Line 4473 sub set_first_access {	Line 5576 sub set_first_access {
}	}
}	}

sub checkout {
my ($symb,$tuname,$tudom,$tcrsid)=@_;
my $now=time;
my $lonhost=$perlvar{'lonHostID'};
my $infostr=&escape(
'CHECKOUTTOKEN&'.
$tuname.'&'.
$tudom.'&'.
$tcrsid.'&'.
$symb.'&'.
$now.'&'.$ENV{'REMOTE_ADDR'});
my $token=&reply('tmpput:'.$infostr,$lonhost);
if ($token=~/^error\:/) {
&logthis("<font color=\"blue\">WARNING: ".
"Checkout tmpput failed ".$tudom.' - '.$tuname.' - '.$symb.
"</font>");
return '';
}

$token=~s/^(\d+)\_.\_(\d+)$/$1\$2\*$lonhost/;
$token=~tr/a-z/A-Z/;

my %infohash=('resource.0.outtoken' => $token,
'resource.0.checkouttime' => $now,
'resource.0.outremote' => $ENV{'REMOTE_ADDR'});

unless (&cstore(\%infohash,$symb,$tcrsid,$tudom,$tuname) eq 'ok') {
return '';
} else {
&logthis("<font color=\"blue\">WARNING: ".
"Checkout cstore failed ".$tudom.' - '.$tuname.' - '.$symb.
"</font>");
}

if (&log($tudom,$tuname,&homeserver($tuname,$tudom),
&escape('Checkout '.$infostr.' - '.
$token)) ne 'ok') {
return '';
} else {
&logthis("<font color=\"blue\">WARNING: ".
"Checkout log failed ".$tudom.' - '.$tuname.' - '.$symb.
"</font>");
}
return $token;
}

# ------------------------------------------------------------ Check in an item

sub checkin {
my $token=shift;
my $now=time;
my ($ta,$tb,$lonhost)=split(/\*/,$token);
$lonhost=~tr/A-Z/a-z/;
my $dtoken=$ta.'_'.&hostname($lonhost).'_'.$tb;
$dtoken=~s/\W/\_/g;
my ($dummy,$tuname,$tudom,$tcrsid,$symb,$chtim,$rmaddr)=
split(/\&/,&unescape(&reply('tmpget:'.$dtoken,$lonhost)));

unless (($tuname) && ($tudom)) {
&logthis('Check in '.$token.' ('.$dtoken.') failed');
return '';
}

unless (&allowed('mgr',$tcrsid)) {
&logthis('Check in '.$token.' ('.$dtoken.') unauthorized: '.
$env{'user.name'}.' - '.$env{'user.domain'});
return '';
}

my %infohash=('resource.0.intoken' => $token,
'resource.0.checkintime' => $now,
'resource.0.inremote' => $ENV{'REMOTE_ADDR'});

unless (&cstore(\%infohash,$symb,$tcrsid,$tudom,$tuname) eq 'ok') {
return '';
}

if (&log($tudom,$tuname,&homeserver($tuname,$tudom),
&escape('Checkin - '.$token)) ne 'ok') {
return '';
}

return ($symb,$tuname,$tudom,$tcrsid);
}

# --------------------------------------------- Set Expire Date for Spreadsheet	# --------------------------------------------- Set Expire Date for Spreadsheet

sub expirespread {	sub expirespread {
Line 4928 sub tmprestore {	Line 5946 sub tmprestore {
# ----------------------------------------------------------------------- Store	# ----------------------------------------------------------------------- Store

sub store {	sub store {
my ($storehash,$symb,$namespace,$domain,$stuname) = @_;	my ($storehash,$symb,$namespace,$domain,$stuname,$laststore) = @_;
my $home='';	my $home='';

if ($stuname) { $home=&homeserver($stuname,$domain); }	if ($stuname) { $home=&homeserver($stuname,$domain); }
Line 4958 sub store {	Line 5976 sub store {
}	}
$namevalue=~s/\&$//;	$namevalue=~s/\&$//;
&courselog($symb.':'.$stuname.':'.$domain.':STORE:'.$namevalue);	&courselog($symb.':'.$stuname.':'.$domain.':STORE:'.$namevalue);
return reply("store:$domain:$stuname:$namespace:$symb:$namevalue","$home");	return reply("store:$domain:$stuname:$namespace:$symb:$namevalue:$laststore","$home");
}	}

# -------------------------------------------------------------- Critical Store	# -------------------------------------------------------------- Critical Store

sub cstore {	sub cstore {
my ($storehash,$symb,$namespace,$domain,$stuname) = @_;	my ($storehash,$symb,$namespace,$domain,$stuname,$laststore) = @_;
my $home='';	my $home='';

if ($stuname) { $home=&homeserver($stuname,$domain); }	if ($stuname) { $home=&homeserver($stuname,$domain); }
Line 4995 sub cstore {	Line 6013 sub cstore {
$namevalue=~s/\&$//;	$namevalue=~s/\&$//;
&courselog($symb.':'.$stuname.':'.$domain.':CSTORE:'.$namevalue);	&courselog($symb.':'.$stuname.':'.$domain.':CSTORE:'.$namevalue);
return critical	return critical
("store:$domain:$stuname:$namespace:$symb:$namevalue","$home");	("store:$domain:$stuname:$namespace:$symb:$namevalue:$laststore","$home");
}	}

# --------------------------------------------------------------------- Restore	# --------------------------------------------------------------------- Restore
Line 5151 sub privileged {	Line 6169 sub privileged {
my $now = time;	my $now = time;
my $roles;	my $roles;
if (ref($possroles) eq 'ARRAY') {	if (ref($possroles) eq 'ARRAY') {
$roles = $possroles;	$roles = $possroles;
} else {	} else {
$roles = ['dc','su'];	$roles = ['dc','su'];
}	}
Line 5175 sub privileged {	Line 6193 sub privileged {
my %rolesdump = &dump("roles", $domain, $username) or return 0;	my %rolesdump = &dump("roles", $domain, $username) or return 0;
my $now = time;	my $now = time;

for my $role (@rolesdump{grep { ! /^rolesdef_/ } keys %rolesdump}) {	for my $role (@rolesdump{grep { ! /^rolesdef_/ } keys(%rolesdump)}) {
my ($trole, $tend, $tstart) = split(/_/, $role);	my ($trole, $tend, $tstart) = split(/_/, $role);
if (grep(/^\Q$trole\E$/,@{$roles})) {	if (grep(/^\Q$trole\E$/,@{$roles})) {
return 1 unless ($tend && $tend < $now)	return 1 unless ($tend && $tend < $now)
or ($tstart && $tstart > $now);	or ($tstart && $tstart > $now);
}	}
}	}
Line 5216 sub privileged_by_domain {	Line 6234 sub privileged_by_domain {
my ($trole,$uname,$udom,$rest) = split(/:/,$item,4);	my ($trole,$uname,$udom,$rest) = split(/:/,$item,4);
my ($end,$start) = split(/:/,$dompersonnel{$server}{$item});	my ($end,$start) = split(/:/,$dompersonnel{$server}{$item});
next if ($end && $end < $now);	next if ($end && $end < $now);
$privileged{$dom}{$trole}{$uname.':'.$udom} =	$privileged{$dom}{$trole}{$uname.':'.$udom} =
$dompersonnel{$server}{$item};	$dompersonnel{$server}{$item};
}	}
}	}
Line 5264 sub rolesinit {	Line 6282 sub rolesinit {
my %allroles=();	my %allroles=();
my %allgroups=();	my %allgroups=();

for my $area (grep { ! /^rolesdef_/ } keys %rolesdump) {	for my $area (grep { ! /^rolesdef_/ } keys(%rolesdump)) {
my $role = $rolesdump{$area};	my $role = $rolesdump{$area};
$area =~ s/\_\w\w$//;	$area =~ s/\_\w\w$//;

Line 5337 sub rolesinit {	Line 6355 sub rolesinit {
}	}
}	}

@userroles{'user.author', 'user.adv'} = &set_userprivs(\%userroles,	@userroles{'user.author','user.adv','user.rar'} = &set_userprivs(\%userroles,
\%allroles, \%allgroups);	\%allroles, \%allgroups);
$env{'user.adv'} = $userroles{'user.adv'};	$env{'user.adv'} = $userroles{'user.adv'};
	$env{'user.rar'} = $userroles{'user.rar'};

return (\%userroles,\%firstaccenv,\%timerintenv);	return (\%userroles,\%firstaccenv,\%timerintenv);
}	}
Line 5375 sub custom_roleprivs {	Line 6394 sub custom_roleprivs {
$$allroles{$spec.'./'.$tdomain.'/'}.=':'.$dompriv;	$$allroles{$spec.'./'.$tdomain.'/'}.=':'.$dompriv;
}	}
if (($trest ne '') && (defined($coursepriv))) {	if (($trest ne '') && (defined($coursepriv))) {
	if ($trole =~ m{^cr/$tdomain/$tdomain\Q-domainconfig\E/([^/]+)$}) {
	my $rolename = $1;
	$coursepriv = &course_adhocrole_privs($rolename,$tdomain,$trest,$coursepriv);
	}
$$allroles{'cm.'.$area}.=':'.$coursepriv;	$$allroles{'cm.'.$area}.=':'.$coursepriv;
$$allroles{$spec.'.'.$area}.=':'.$coursepriv;	$$allroles{$spec.'.'.$area}.=':'.$coursepriv;
}	}
Line 5383 sub custom_roleprivs {	Line 6406 sub custom_roleprivs {
}	}
}	}

	sub course_adhocrole_privs {
	my ($rolename,$cdom,$cnum,$coursepriv) = @_;
	my %overrides = &get('environment',["internal.adhocpriv.$rolename"],$cdom,$cnum);
	if ($overrides{"internal.adhocpriv.$rolename"}) {
	my (%currprivs,%storeprivs);
	foreach my $item (split(/:/,$coursepriv)) {
	my ($priv,$restrict) = split(/\&/,$item);
	$currprivs{$priv} = $restrict;
	}
	my (%possadd,%possremove,%full);
	foreach my $item (split(/\:/,$Apache::lonnet::pr{'cr:c'})) {
	my ($priv,$restrict)=split(/\&/,$item);
	$full{$priv} = $restrict;
	}
	foreach my $item (split(/,/,$overrides{"internal.adhocpriv.$rolename"})) {
	next if ($item eq '');
	my ($rule,$rest) = split(/=/,$item);
	next unless (($rule eq 'off') \|\| ($rule eq 'on'));
	foreach my $priv (split(/:/,$rest)) {
	if ($priv ne '') {
	if ($rule eq 'off') {
	$possremove{$priv} = 1;
	} else {
	$possadd{$priv} = 1;
	}
	}
	}
	}
	foreach my $priv (sort(keys(%full))) {
	if (exists($currprivs{$priv})) {
	unless (exists($possremove{$priv})) {
	$storeprivs{$priv} = $currprivs{$priv};
	}
	} elsif (exists($possadd{$priv})) {
	$storeprivs{$priv} = $full{$priv};
	}
	}
	$coursepriv = ':'.join(':',map { $_.'&'.$storeprivs{$_}; } sort(keys(%storeprivs)));
	}
	return $coursepriv;
	}

sub group_roleprivs {	sub group_roleprivs {
my ($allgroups,$area,$group_privs,$tend,$tstart) = @_;	my ($allgroups,$area,$group_privs,$tend,$tstart) = @_;
my $access = 1;	my $access = 1;
Line 5417 sub set_userprivs {	Line 6482 sub set_userprivs {
my ($userroles,$allroles,$allgroups,$groups_roles) = @_;	my ($userroles,$allroles,$allgroups,$groups_roles) = @_;
my $author=0;	my $author=0;
my $adv=0;	my $adv=0;
	my $rar=0;
my %grouproles = ();	my %grouproles = ();
if (keys(%{$allgroups}) > 0) {	if (keys(%{$allgroups}) > 0) {
my @groupkeys;	my @groupkeys;
Line 5464 sub set_userprivs {	Line 6530 sub set_userprivs {
$thesepriv{$privilege}.=$restrictions;	$thesepriv{$privilege}.=$restrictions;
}	}
if ($thesepriv{'adv'} eq 'F') { $adv=1; }	if ($thesepriv{'adv'} eq 'F') { $adv=1; }
	if ($thesepriv{'rar'} eq 'F') { $rar=1; }
}	}
}	}
my $thesestr='';	my $thesestr='';
Line 5472 sub set_userprivs {	Line 6539 sub set_userprivs {
}	}
$userroles->{'user.priv.'.$role} = $thesestr;	$userroles->{'user.priv.'.$role} = $thesestr;
}	}
return ($author,$adv);	return ($author,$adv,$rar);
}	}

sub role_status {	sub role_status {
Line 5517 sub role_status {	Line 6584 sub role_status {
push(@rolecodes,$$role);	push(@rolecodes,$$role);
&standard_roleprivs(\%allroles,$$role,$tdomain,$spec,$trest,$$where);	&standard_roleprivs(\%allroles,$$role,$tdomain,$spec,$trest,$$where);
}	}
my ($author,$adv)= &set_userprivs(\%userroles,\%allroles,\%allgroups,\%groups_roles);	my ($author,$adv,$rar)= &set_userprivs(\%userroles,\%allroles,\%allgroups,
	\%groups_roles);
&appenv(\%userroles,\@rolecodes);	&appenv(\%userroles,\@rolecodes);
&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$role);	&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$spec);
}	}
}	}
$$tstatus = 'is';	$$tstatus = 'is';
Line 5595 sub delete_env_groupprivs {	Line 6663 sub delete_env_groupprivs {
}	}

sub check_adhoc_privs {	sub check_adhoc_privs {
my ($cdom,$cnum,$update,$refresh,$now,$checkrole,$caller) = @_;	my ($cdom,$cnum,$update,$refresh,$now,$checkrole,$caller,$sec) = @_;
my $cckey = 'user.role.'.$checkrole.'./'.$cdom.'/'.$cnum;	my $cckey = 'user.role.'.$checkrole.'./'.$cdom.'/'.$cnum;
	if ($sec) {
	$cckey .= '/'.$sec;
	}
my $setprivs;	my $setprivs;
if ($env{$cckey}) {	if ($env{$cckey}) {
my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend);	my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend);
&role_status($cckey,$update,$refresh,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);	&role_status($cckey,$update,$refresh,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
unless (($tstatus eq 'is') \|\| ($tstatus eq 'will_not')) {	unless (($tstatus eq 'is') \|\| ($tstatus eq 'will_not')) {
&set_adhoc_privileges($cdom,$cnum,$checkrole,$caller);	&set_adhoc_privileges($cdom,$cnum,$checkrole,$caller,$sec);
$setprivs = 1;	$setprivs = 1;
}	}
} else {	} else {
&set_adhoc_privileges($cdom,$cnum,$checkrole,$caller);	&set_adhoc_privileges($cdom,$cnum,$checkrole,$caller,$sec);
$setprivs = 1;	$setprivs = 1;
}	}
return $setprivs;	return $setprivs;
}	}

sub set_adhoc_privileges {	sub set_adhoc_privileges {
# role can be cc or ca	# role can be cc, ca, or cr/<dom>/<dom>-domainconfig/role
my ($dcdom,$pickedcourse,$role,$caller) = @_;	my ($dcdom,$pickedcourse,$role,$caller,$sec) = @_;
my $area = '/'.$dcdom.'/'.$pickedcourse;	my $area = '/'.$dcdom.'/'.$pickedcourse;
	if ($sec ne '') {
	$area .= '/'.$sec;
	}
my $spec = $role.'.'.$area;	my $spec = $role.'.'.$area;
my %userroles = &set_arearole($role,$area,'','',$env{'user.domain'},	my %userroles = &set_arearole($role,$area,'','',$env{'user.domain'},
$env{'user.name'},1);	$env{'user.name'},1);
my %ccrole = ();	my %rolehash = ();
&standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area);	if ($role =~ m{^\Qcr/$dcdom/$dcdom\E\-domainconfig/(\w+)$}) {
my ($author,$adv)= &set_userprivs(\%userroles,\%ccrole);	my $rolename = $1;
	&custom_roleprivs(\%rolehash,$role,$dcdom,$pickedcourse,$spec,$area);
	my %domdef = &get_domain_defaults($dcdom);
	if (ref($domdef{'adhocroles'}) eq 'HASH') {
	if (ref($domdef{'adhocroles'}{$rolename}) eq 'HASH') {
	&appenv({'request.role.desc' => $domdef{'adhocroles'}{$rolename}{'desc'},});
	}
	}
	} else {
	&standard_roleprivs(\%rolehash,$role,$dcdom,$spec,$pickedcourse,$area);
	}
	my ($author,$adv,$rar)= &set_userprivs(\%userroles,\%rolehash);
&appenv(\%userroles,[$role,'cm']);	&appenv(\%userroles,[$role,'cm']);
&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$role);	&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$spec);
unless ($caller eq 'constructaccess' && $env{'request.course.id'}) {	unless (($caller eq 'constructaccess' && $env{'request.course.id'}) \|\|
	($caller eq 'tiny')) {
&appenv( {'request.role' => $spec,	&appenv( {'request.role' => $spec,
'request.role.domain' => $dcdom,	'request.role.domain' => $dcdom,
'request.course.sec' => ''	'request.course.sec' => $sec,
}	}
);	);
my $tadv=0;	my $tadv=0;
Line 5687 sub unserialize {	Line 6773 sub unserialize {
return {} if $rep =~ /^error/;	return {} if $rep =~ /^error/;

my %returnhash=();	my %returnhash=();
foreach my $item (split(/\&/,$rep)) {	foreach my $item (split(/\&/,$rep)) {
my ($key, $value) = split(/=/, $item, 2);	my ($key, $value) = split(/=/, $item, 2);
$key = unescape($key) unless $escapedkeys;	$key = unescape($key) unless $escapedkeys;
next if $key =~ /^error: 2 /;	next if $key =~ /^error: 2 /;
$returnhash{$key} = &thaw_unescape($value);	$returnhash{$key} = &thaw_unescape($value);
}	}
	#return %returnhash;
return \%returnhash;	return \%returnhash;
}	}

# see Lond::dump_with_regexp	# see Lond::dump_with_regexp
# if $escapedkeys hash keys won't get unescaped.	# if $escapedkeys hash keys won't get unescaped.
Line 5704 sub dump {	Line 6791 sub dump {
if (!$uname) { $uname=$env{'user.name'}; }	if (!$uname) { $uname=$env{'user.name'}; }
my $uhome=&homeserver($uname,$udomain);	my $uhome=&homeserver($uname,$udomain);

my $reply;
if (grep { $_ eq $uhome } &current_machine_ids()) {
# user is hosted on this machine
$reply = LONCAPA::Lond::dump_with_regexp(join(':', ($udomain,
$uname, $namespace, $regexp, $range)), $perlvar{'lonVersion'});
return %{&unserialize($reply, $escapedkeys)};
}
if ($regexp) {	if ($regexp) {
$regexp=&escape($regexp);	$regexp=&escape($regexp);
} else {	} else {
$regexp='.';	$regexp='.';
	}
	if (grep { $_ eq $uhome } current_machine_ids()) {
	# user is hosted on this machine
	my $reply = LONCAPA::Lond::dump_with_regexp(join(":", ($udomain,
	$uname, $namespace, $regexp, $range)), $perlvar{'lonVersion'});
	return %{unserialize($reply, $escapedkeys)};
}	}
my $rep=&reply("dump:$udomain:$uname:$namespace:$regexp:$range",$uhome);	my $rep=&reply("dump:$udomain:$uname:$namespace:$regexp:$range",$uhome);
my @pairs=split(/\&/,$rep);	my @pairs=split(/\&/,$rep);
Line 5722 sub dump {	Line 6808 sub dump {
if (!($rep =~ /^error/ )) {	if (!($rep =~ /^error/ )) {
foreach my $item (@pairs) {	foreach my $item (@pairs) {
my ($key,$value)=split(/=/,$item,2);	my ($key,$value)=split(/=/,$item,2);
$key = &unescape($key) unless ($escapedkeys);	$key = unescape($key) unless $escapedkeys;
	#$key = &unescape($key);
next if ($key =~ /^error: 2 /);	next if ($key =~ /^error: 2 /);
$returnhash{$key}=&thaw_unescape($value);	$returnhash{$key}=&thaw_unescape($value);
}	}
Line 5766 sub currentdump {	Line 6853 sub currentdump {
my $rep;	my $rep;

if (grep { $_ eq $uhome } current_machine_ids()) {	if (grep { $_ eq $uhome } current_machine_ids()) {
$rep = LONCAPA::Lond::dump_profile_database(join(":", ($sdom, $sname,	$rep = LONCAPA::Lond::dump_profile_database(join(":", ($sdom, $sname,
$courseid)));	$courseid)));
} else {	} else {
$rep = reply('currentdump:'.$sdom.':'.$sname.':'.$courseid,$uhome);	$rep = reply('currentdump:'.$sdom.':'.$sname.':'.$courseid,$uhome);
Line 5776 sub currentdump {	Line 6863 sub currentdump {
#	#
my %returnhash=();	my %returnhash=();
#	#
if ($rep eq "unknown_cmd") {	if ($rep eq 'unknown_cmd') {
# an old lond will not know currentdump	# an old lond will not know currentdump
# Do a dump and make it look like a currentdump	# Do a dump and make it look like a currentdump
my @tmp = &dumpstore($courseid,$sdom,$sname,'.');	my @tmp = &dumpstore($courseid,$sdom,$sname,'.');
Line 5892 sub newput {	Line 6979 sub newput {
# --------------------------------------------------------- putstore interface	# --------------------------------------------------------- putstore interface

sub putstore {	sub putstore {
my ($namespace,$symb,$version,$storehash,$udomain,$uname)=@_;	my ($namespace,$symb,$version,$storehash,$udomain,$uname,$tolog)=@_;
if (!$udomain) { $udomain=$env{'user.domain'}; }	if (!$udomain) { $udomain=$env{'user.domain'}; }
if (!$uname) { $uname=$env{'user.name'}; }	if (!$uname) { $uname=$env{'user.name'}; }
my $uhome=&homeserver($uname,$udomain);	my $uhome=&homeserver($uname,$udomain);
Line 5906 sub putstore {	Line 6993 sub putstore {
my $reply =	my $reply =
&reply("putstore:$udomain:$uname:$namespace:$esc_symb:$esc_v:$items",	&reply("putstore:$udomain:$uname:$namespace:$esc_symb:$esc_v:$items",
$uhome);	$uhome);
	if (($tolog) && ($reply eq 'ok')) {
	my $namevalue='';
	foreach my $key (keys(%{$storehash})) {
	$namevalue.=&escape($key).'='.&freeze_escape($storehash->{$key}).'&';
	}
	$namevalue .= 'ip='.&escape($ENV{'REMOTE_ADDR'}).
	'&host='.&escape($perlvar{'lonHostID'}).
	'&version='.$esc_v.
	'&by='.&escape($env{'user.name'}.':'.$env{'user.domain'});
	&Apache::lonnet::courselog($symb.':'.$uname.':'.$udomain.':PUTSTORE:'.$namevalue);
	}
if ($reply eq 'unknown_cmd') {	if ($reply eq 'unknown_cmd') {
# gfall back to way things use to be done	# gfall back to way things use to be done
return &old_putstore($namespace,$symb,$version,$storehash,$udomain,	return &old_putstore($namespace,$symb,$version,$storehash,$udomain,
Line 5999 sub tmpget {	Line 7097 sub tmpget {
if (!defined($server)) { $server = $perlvar{'lonHostID'}; }	if (!defined($server)) { $server = $perlvar{'lonHostID'}; }
my $rep=&reply("tmpget:$token",$server);	my $rep=&reply("tmpget:$token",$server);
my %returnhash;	my %returnhash;
	if ($rep =~ /^(con_lost\|error\|no_such_host)/i) {
	return %returnhash;
	}
foreach my $item (split(/\&/,$rep)) {	foreach my $item (split(/\&/,$rep)) {
my ($key,$value)=split(/=/,$item);	my ($key,$value)=split(/=/,$item);
next if ($key =~ /^error: 2 /);
$returnhash{&unescape($key)}=&thaw_unescape($value);	$returnhash{&unescape($key)}=&thaw_unescape($value);
}	}
return %returnhash;	return %returnhash;
Line 6014 sub tmpdel {	Line 7114 sub tmpdel {
return &reply("tmpdel:$token",$server);	return &reply("tmpdel:$token",$server);
}	}

# ------------------------------------------------------------ get_timebased_id	# ------------------------------------------------------------ get_timebased_id

sub get_timebased_id {	sub get_timebased_id {
my ($prefix,$keyid,$namespace,$cdom,$cnum,$idtype,$who,$locktries,	my ($prefix,$keyid,$namespace,$cdom,$cnum,$idtype,$who,$locktries,
$maxtries) = @_;	$maxtries) = @_;
my ($newid,$error,$dellock);	my ($newid,$error,$dellock);
unless (($prefix =~ /^\w+$/) && ($keyid =~ /^\w+$/) && ($namespace ne '')) {	unless (($prefix =~ /^\w+$/) && ($keyid =~ /^\w+$/) && ($namespace ne '')) {
return ('','ok','invalid call to get suffix');	return ('','ok','invalid call to get suffix');
}	}

Line 6034 sub get_timebased_id {	Line 7134 sub get_timebased_id {
if (!$maxtries) {	if (!$maxtries) {
$maxtries = 10;	$maxtries = 10;
}	}

if (($cdom eq '') \|\| ($cnum eq '')) {	if (($cdom eq '') \|\| ($cnum eq '')) {
if ($env{'request.course.id'}) {	if ($env{'request.course.id'}) {
$cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};	$cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
Line 6064 sub get_timebased_id {	Line 7164 sub get_timebased_id {
my %inuse = &Apache::lonnet::dump('nohist_'.$namespace,$cdom,$cnum,$prefix);	my %inuse = &Apache::lonnet::dump('nohist_'.$namespace,$cdom,$cnum,$prefix);
my $id = time;	my $id = time;
$newid = $id;	$newid = $id;
	if ($idtype eq 'addcode') {
	$newid .= &sixnum_code();
	}
my $idtries = 0;	my $idtries = 0;
while (exists($inuse{$prefix."\0".$newid}) && $idtries < $maxtries) {	while (exists($inuse{$prefix."\0".$newid}) && $idtries < $maxtries) {
if ($idtype eq 'concat') {	if ($idtype eq 'concat') {
$newid = $id.$idtries;	$newid = $id.$idtries;
	} elsif ($idtype eq 'addcode') {
	$newid = $newid.&sixnum_code();
} else {	} else {
$newid ++;	$newid ++;
}	}
Line 6084 sub get_timebased_id {	Line 7189 sub get_timebased_id {
$error = 'error saving new item: '.$putresult;	$error = 'error saving new item: '.$putresult;
}	}
} else {	} else {
	undef($newid);
$error = ('error: no unique suffix available for the new item ');	$error = ('error: no unique suffix available for the new item ');
}	}
# remove lock	# remove lock
Line 6092 sub get_timebased_id {	Line 7198 sub get_timebased_id {
} else {	} else {
$error = "error: could not obtain lockfile\n";	$error = "error: could not obtain lockfile\n";
$dellock = 'ok';	$dellock = 'ok';
	if (($prefix eq 'paste') && ($namespace eq 'courseeditor') && ($keyid eq 'num')) {
	$dellock = 'nolock';
	}
}	}
return ($newid,$dellock,$error);	return ($newid,$dellock,$error);
}	}

	sub sixnum_code {
	my $code;
	for (0..6) {
	$code .= int( rand(9) );
	}
	return $code;
	}

# -------------------------------------------------- portfolio access checking	# -------------------------------------------------- portfolio access checking

sub portfolio_access {	sub portfolio_access {
my ($requrl) = @_;	my ($requrl,$clientip) = @_;
my (undef,$udom,$unum,$file_name,$group) = &parse_portfolio_url($requrl);	my (undef,$udom,$unum,$file_name,$group) = &parse_portfolio_url($requrl);
my $result = &get_portfolio_access($udom,$unum,$file_name,$group);	my $result = &get_portfolio_access($udom,$unum,$file_name,$group,$clientip);
if ($result) {	if ($result) {
my %setters;	my %setters;
if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {	if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {
Line 6127 sub portfolio_access {	Line 7244 sub portfolio_access {
}	}

sub get_portfolio_access {	sub get_portfolio_access {
my ($udom,$unum,$file_name,$group,$access_hash) = @_;	my ($udom,$unum,$file_name,$group,$clientip,$access_hash) = @_;

if (!ref($access_hash)) {	if (!ref($access_hash)) {
my $current_perms = &get_portfile_permissions($udom,$unum);	my $current_perms = &get_portfile_permissions($udom,$unum);
Line 6136 sub get_portfolio_access {	Line 7253 sub get_portfolio_access {
$access_hash = $access_controls{$file_name};	$access_hash = $access_controls{$file_name};
}	}

my ($public,$guest,@domains,@users,@courses,@groups);	my ($public,$guest,@domains,@users,@courses,@groups,@ips);
my $now = time;	my $now = time;
if (ref($access_hash) eq 'HASH') {	if (ref($access_hash) eq 'HASH') {
foreach my $key (keys(%{$access_hash})) {	foreach my $key (keys(%{$access_hash})) {
Line 6160 sub get_portfolio_access {	Line 7277 sub get_portfolio_access {
push(@courses,$key);	push(@courses,$key);
} elsif ($scope eq 'group') {	} elsif ($scope eq 'group') {
push(@groups,$key);	push(@groups,$key);
	} elsif ($scope eq 'ip') {
	push(@ips,$key);
}	}
}	}
if ($public) {	if ($public) {
return 'ok';	return 'ok';
	} elsif (@ips > 0) {
	my $allowed;
	foreach my $ipkey (@ips) {
	if (ref($access_hash->{$ipkey}{'ip'}) eq 'ARRAY') {
	if (&Apache::loncommon::check_ip_acc(join(',',@{$access_hash->{$ipkey}{'ip'}}),$clientip)) {
	$allowed = 1;
	last;
	}
	}
	}
	if ($allowed) {
	return 'ok';
	}
}	}
if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {	if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {
if ($guest) {	if ($guest) {
Line 6351 sub usertools_access {	Line 7483 sub usertools_access {
unofficial => 1,	unofficial => 1,
community => 1,	community => 1,
textbook => 1,	textbook => 1,
	placement => 1,
	lti => 1,
);	);
} elsif ($context eq 'requestauthor') {	} elsif ($context eq 'requestauthor') {
%tools = (	%tools = (
Line 6385 sub usertools_access {	Line 7519 sub usertools_access {

my ($toolstatus,$inststatus,$envkey);	my ($toolstatus,$inststatus,$envkey);
if ($context eq 'requestauthor') {	if ($context eq 'requestauthor') {
$envkey = $context;	$envkey = $context;
} else {	} else {
$envkey = $context.'.'.$tool;	$envkey = $context.'.'.$tool;
}	}
Line 6547 sub is_advanced_user {	Line 7681 sub is_advanced_user {
}	}

sub check_can_request {	sub check_can_request {
my ($dom,$can_request,$request_domains) = @_;	my ($dom,$can_request,$request_domains,$uname,$udom) = @_;
my $canreq = 0;	my $canreq = 0;
	if (($env{'user.name'} ne '') && ($env{'user.domain'} ne '')) {
	$uname = $env{'user.name'};
	$udom = $env{'user.domain'};
	}
my ($types,$typename) = &Apache::loncommon::course_types();	my ($types,$typename) = &Apache::loncommon::course_types();
my @options = ('approval','validate','autolimit');	my @options = ('approval','validate','autolimit');
my $optregex = join('\|',@options);	my $optregex = join('\|',@options);
if ((ref($can_request) eq 'HASH') && (ref($types) eq 'ARRAY')) {	if ((ref($can_request) eq 'HASH') && (ref($types) eq 'ARRAY')) {
foreach my $type (@{$types}) {	foreach my $type (@{$types}) {
if (&usertools_access($env{'user.name'},	if (&usertools_access($uname,$udom,$type,undef,
$env{'user.domain'},	'requestcourses')) {
$type,undef,'requestcourses')) {
$canreq ++;	$canreq ++;
if (ref($request_domains) eq 'HASH') {	if (ref($request_domains) eq 'HASH') {
push(@{$request_domains->{$type}},$env{'user.domain'});	push(@{$request_domains->{$type}},$udom);
}	}
if ($dom eq $env{'user.domain'}) {	if ($dom eq $udom) {
$can_request->{$type} = 1;	$can_request->{$type} = 1;
}	}
}	}
if ($env{'environment.reqcrsotherdom.'.$type} ne '') {	if (($env{'user.name'} ne '') && ($env{'user.domain'} ne '') &&
	($env{'environment.reqcrsotherdom.'.$type} ne '')) {
my @curr = split(',',$env{'environment.reqcrsotherdom.'.$type});	my @curr = split(',',$env{'environment.reqcrsotherdom.'.$type});
if (@curr > 0) {	if (@curr > 0) {
foreach my $item (@curr) {	foreach my $item (@curr) {
Line 6582 sub check_can_request {	Line 7720 sub check_can_request {
}	}
}	}
}	}
unless($dom eq $env{'user.domain'}) {	unless ($dom eq $env{'user.domain'}) {
$canreq ++;	$canreq ++;
if (grep(/^\Q$dom\E:($optregex)(=?\d*)$/,@curr)) {	if (grep(/^\Q$dom\E:($optregex)(=?\d*)$/,@curr)) {
$can_request->{$type} = 1;	$can_request->{$type} = 1;
Line 6647 sub customaccess {	Line 7785 sub customaccess {
# ------------------------------------------------- Check for a user privilege	# ------------------------------------------------- Check for a user privilege

sub allowed {	sub allowed {
my ($priv,$uri,$symb,$role)=@_;	my ($priv,$uri,$symb,$role,$clientip,$noblockcheck)=@_;
my $ver_orguri=$uri;	my $ver_orguri=$uri;
$uri=&deversion($uri);	$uri=&deversion($uri);
my $orguri=$uri;	my $orguri=$uri;
Line 6664 sub allowed {	Line 7802 sub allowed {

if (defined($env{'allowed.'.$priv})) { return $env{'allowed.'.$priv}; }	if (defined($env{'allowed.'.$priv})) { return $env{'allowed.'.$priv}; }
# Free bre access to adm and meta resources	# Free bre access to adm and meta resources
if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg\|bulletinboard)$}))	if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg\|bulletinboard\|ext\.tool)$}))
\|\| (($uri=~/\.meta$/) && ($uri!~m\|^uploaded/\|) ))	\|\| (($uri=~/\.meta$/) && ($uri!~m\|^uploaded/\|) ))
&& ($priv eq 'bre')) {	&& ($priv eq 'bre')) {
return 'F';	return 'F';
Line 6712 sub allowed {	Line 7850 sub allowed {
# Free bre to public access	# Free bre to public access

if ($priv eq 'bre') {	if ($priv eq 'bre') {
my $copyright=&metadata($uri,'copyright');	my $copyright;
	unless ($uri =~ /ext\.tool/) {
	$copyright=&metadata($uri,'copyright');
	}
if (($copyright eq 'public') && (!$env{'request.course.id'})) {	if (($copyright eq 'public') && (!$env{'request.course.id'})) {
return 'F';	return 'F';
}	}
Line 6842 sub allowed {	Line 7983 sub allowed {
if ($match) {	if ($match) {
if ($env{'user.priv.'.$env{'request.role'}.'./'}	if ($env{'user.priv.'.$env{'request.role'}.'./'}
=~/\Q$priv\E\&([^\:]*)/) {	=~/\Q$priv\E\&([^\:]*)/) {
my @blockers = &has_comm_blocking($priv,$symb,$uri);	my $value = $1;
if (@blockers > 0) {	my $deeplinkblock = &deeplink_check($priv,$symb,$uri);
$thisallowed = 'B';	if ($deeplinkblock) {
	$thisallowed='D';
	} elsif ($noblockcheck) {
	$thisallowed.=$value;
} else {	} else {
$thisallowed.=$1;	my @blockers = &has_comm_blocking($priv,$symb,$uri);
	if (@blockers > 0) {
	$thisallowed = 'B';
	} else {
	$thisallowed.=$value;
	}
}	}
}	}
} else {	} else {
Line 6858 sub allowed {	Line 8007 sub allowed {
$refuri=&declutter($refuri);	$refuri=&declutter($refuri);
my ($match) = &is_on_map($refuri);	my ($match) = &is_on_map($refuri);
if ($match) {	if ($match) {
my @blockers = &has_comm_blocking($priv,$symb,$refuri);	my $deeplinkblock = &deeplink_check($priv,$symb,$refuri);
if (@blockers > 0) {	if ($deeplinkblock) {
$thisallowed = 'B';	$thisallowed='D';
} else {	} elsif ($noblockcheck) {
$thisallowed='F';	$thisallowed='F';
	} else {
	my @blockers = &has_comm_blocking($priv,$symb,$refuri);
	if (@blockers > 0) {
	$thisallowed = 'B';
	} else {
	$thisallowed='F';
	}
}	}
}	}
}	}
Line 6874 sub allowed {	Line 8030 sub allowed {
&& $thisallowed ne 'F'	&& $thisallowed ne 'F'
&& $thisallowed ne '2'	&& $thisallowed ne '2'
&& &is_portfolio_url($uri)) {	&& &is_portfolio_url($uri)) {
$thisallowed = &portfolio_access($uri);	$thisallowed = &portfolio_access($uri,$clientip);
}	}

# Full access at system, domain or course-wide level? Exit.	# Full access at system, domain or course-wide level? Exit.
if ($thisallowed=~/F/) {	if ($thisallowed=~/F/) {
return 'F';	return 'F';
Line 6917 sub allowed {	Line 8073 sub allowed {
=~/\Q$priv\E\&([^\:]*)/) {	=~/\Q$priv\E\&([^\:]*)/) {
my $value = $1;	my $value = $1;
if ($priv eq 'bre') {	if ($priv eq 'bre') {
my @blockers = &has_comm_blocking($priv,$symb,$uri);	if ($noblockcheck) {
if (@blockers > 0) {
$thisallowed = 'B';
} else {
$thisallowed.=$value;	$thisallowed.=$value;
	} else {
	my @blockers = &has_comm_blocking($priv,$symb,$uri);
	if (@blockers > 0) {
	$thisallowed = 'B';
	} else {
	$thisallowed.=$value;
	}
}	}
} else {	} else {
$thisallowed.=$value;	$thisallowed.=$value;
Line 6955 sub allowed {	Line 8115 sub allowed {
=~/\Q$priv\E\&([^\:]*)/) {	=~/\Q$priv\E\&([^\:]*)/) {
my $value = $1;	my $value = $1;
if ($priv eq 'bre') {	if ($priv eq 'bre') {
my @blockers = &has_comm_blocking($priv,$symb,$refuri);	my $deeplinkblock = &deeplink_check($priv,$symb,$refuri);
if (@blockers > 0) {	if ($deeplinkblock) {
$thisallowed = 'B';	$thisallowed = 'D';
} else {	} elsif ($noblockcheck) {
$thisallowed.=$value;	$thisallowed.=$value;
	} else {
	my @blockers = &has_comm_blocking($priv,$symb,$refuri);
	if (@blockers > 0) {
	$thisallowed = 'B';
	} else {
	$thisallowed.=$value;
	}
}	}
} else {	} else {
$thisallowed.=$value;	$thisallowed.=$value;
Line 7067 sub allowed {	Line 8234 sub allowed {
my $unamedom=$env{'user.name'}.':'.$env{'user.domain'};	my $unamedom=$env{'user.name'}.':'.$env{'user.domain'};
if ($env{'course.'.$env{'request.course.id'}.'.'.$priv.'.roles.denied'}	if ($env{'course.'.$env{'request.course.id'}.'.'.$priv.'.roles.denied'}
=~/\Q$rolecode\E/) {	=~/\Q$rolecode\E/) {
if (($priv ne 'pch') && ($priv ne 'plc')) {	if (($priv ne 'pch') && ($priv ne 'plc') && ($priv ne 'pac')) {
&logthis($env{'user.domain'}.':'.$env{'user.name'}.':'.$env{'user.home'}.':'.	&logthis($env{'user.domain'}.':'.$env{'user.name'}.':'.$env{'user.home'}.':'.
'Denied by role: '.$priv.' for '.$uri.' as '.$rolecode.' in '.	'Denied by role: '.$priv.' for '.$uri.' as '.$rolecode.' in '.
$env{'request.course.id'});	$env{'request.course.id'});
Line 7077 sub allowed {	Line 8244 sub allowed {

if ($env{'course.'.$env{'request.course.id'}.'.'.$priv.'.users.denied'}	if ($env{'course.'.$env{'request.course.id'}.'.'.$priv.'.users.denied'}
=~/\Q$unamedom\E/) {	=~/\Q$unamedom\E/) {
if (($priv ne 'pch') && ($priv ne 'plc')) {	if (($priv ne 'pch') && ($priv ne 'plc') && ($priv ne 'pac')) {
&logthis($env{'user.domain'}.':'.$env{'user.name'}.':'.$env{'user.home'}.	&logthis($env{'user.domain'}.':'.$env{'user.name'}.':'.$env{'user.home'}.
'Denied by user: '.$priv.' for '.$uri.' as '.$unamedom.' in '.	'Denied by user: '.$priv.' for '.$uri.' as '.$unamedom.' in '.
$env{'request.course.id'});	$env{'request.course.id'});
Line 7119 sub allowed {	Line 8286 sub allowed {
return 'A';	return 'A';
} elsif ($thisallowed eq 'B') {	} elsif ($thisallowed eq 'B') {
return 'B';	return 'B';
	} elsif ($thisallowed eq 'D') {
	return 'D';
}	}
return 'F';	return 'F';
}	}
Line 7135 sub constructaccess {	Line 8304 sub constructaccess {
my ($ownername,$ownerdomain,$ownerhome);	my ($ownername,$ownerdomain,$ownerhome);

($ownerdomain,$ownername) =	($ownerdomain,$ownername) =
($url=~ m{^(?:\Q$perlvar{'lonDocRoot'}\E\|)/priv/($match_domain)/($match_username)/});	($url=~ m{^(?:\Q$perlvar{'lonDocRoot'}\E\|)(?:/daxepage\|/daxeopen)?/priv/($match_domain)/($match_username)(?:/\|$)});

# The URL does not really point to any authorspace, forget it	# The URL does not really point to any authorspace, forget it
unless (($ownername) && ($ownerdomain)) { return ''; }	unless (($ownername) && ($ownerdomain)) { return ''; }
Line 7156 sub constructaccess {	Line 8325 sub constructaccess {
$ownerhome = &homeserver($ownername,$ownerdomain);	$ownerhome = &homeserver($ownername,$ownerdomain);
return ($ownername,$ownerdomain,$ownerhome);	return ($ownername,$ownerdomain,$ownerhome);
}	}
	if ($env{'request.course.id'}) {
	if (($ownername eq $env{'course.'.$env{'request.course.id'}.'.num'}) &&
	($ownerdomain eq $env{'course.'.$env{'request.course.id'}.'.domain'})) {
	if (&allowed('mdc',$env{'request.course.id'})) {
	$ownerhome = $env{'course.'.$env{'request.course.id'}.'.home'};
	return ($ownername,$ownerdomain,$ownerhome);
	}
	}
	}
}	}

# We don't have any access right now. If we are not possibly going to do anything about this,	# We don't have any access right now. If we are not possibly going to do anything about this,
Line 7190 sub constructaccess {	Line 8368 sub constructaccess {
return '';	return '';
}	}

	# ----------------------------------------------------------- Content Blocking

	{
	# Caches for faster Course Contents display where content blocking
	# is in operation (i.e., interval param set) for timed quiz.
	#
	# User for whom data are being temporarily cached.
	my $cacheduser='';
	# Cached blockers for this user (a hash of blocking items).
	my %cachedblockers=();
	# When the data were last cached.
	my $cachedlast='';

	sub load_all_blockers {
	my ($uname,$udom,$blocks)=@_;
	if (($uname ne '') && ($udom ne '')) {
	if (($cacheduser eq $uname.':'.$udom) &&
	(abs($cachedlast-time)<5)) {
	return;
	}
	}
	$cachedlast=time;
	$cacheduser=$uname.':'.$udom;
	%cachedblockers = &get_commblock_resources($blocks);
	}

sub get_comm_blocks {	sub get_comm_blocks {
my ($cdom,$cnum) = @_;	my ($cdom,$cnum) = @_;
if ($cdom eq '' \|\| $cnum eq '') {	if ($cdom eq '' \|\| $cnum eq '') {
Line 7210 sub get_comm_blocks {	Line 8414 sub get_comm_blocks {
return %commblocks;	return %commblocks;
}	}

sub has_comm_blocking {	sub get_commblock_resources {
my ($priv,$symb,$uri,$blocks) = @_;	my ($blocks) = @_;
return unless ($env{'request.course.id'});	my %blockers = ();
return unless ($priv eq 'bre');	return %blockers unless ($env{'request.course.id'});
return if ($env{'user.priv.'.$env{'request.role'}} =~/evb\&([^\:]*)/);	return %blockers if ($env{'user.priv.'.$env{'request.role'}} =~/evb\&([^\:]*)/);
my %commblocks;	my %commblocks;
if (ref($blocks) eq 'HASH') {	if (ref($blocks) eq 'HASH') {
%commblocks = %{$blocks};	%commblocks = %{$blocks};
} else {	} else {
%commblocks = &get_comm_blocks();	%commblocks = &get_comm_blocks();
}	}
return unless (keys(%commblocks) > 0);	return %blockers unless (keys(%commblocks) > 0);
if (!$symb) { $symb=&symbread($uri,1); }
my ($map,$resid,undef)=&decode_symb($symb);
my %tocheck = (
maps => $map,
resources => $symb,
);
my @blockers;
my $now = time;
my $navmap = Apache::lonnavmaps::navmap->new();	my $navmap = Apache::lonnavmaps::navmap->new();
	return %blockers unless (ref($navmap));
	my $now = time;
foreach my $block (keys(%commblocks)) {	foreach my $block (keys(%commblocks)) {
if ($block =~ /^(\d+)____(\d+)$/) {	if ($block =~ /^(\d+)____(\d+)$/) {
my ($start,$end) = ($1,$2);	my ($start,$end) = ($1,$2);
Line 7238 sub has_comm_blocking {	Line 8436 sub has_comm_blocking {
if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {
if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {
if (ref($commblocks{$block}{'blocks'}{'docs'}{'maps'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}{'docs'}{'maps'}) eq 'HASH') {
if ($commblocks{$block}{'blocks'}{'docs'}{'maps'}{$map}) {	if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'maps'}})) {
unless (grep(/^\Q$block\E$/,@blockers)) {	$blockers{$block}{maps} = $commblocks{$block}{'blocks'}{'docs'}{'maps'};
push(@blockers,$block);
}
}	}
}	}
if (ref($commblocks{$block}{'blocks'}{'docs'}{'resources'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}{'docs'}{'resources'}) eq 'HASH') {
if ($commblocks{$block}{'blocks'}{'docs'}{'resources'}{$symb}) {	if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'resources'}})) {
unless (grep(/^\Q$block\E$/,@blockers)) {	$blockers{$block}{'resources'} = $commblocks{$block}{'blocks'}{'docs'}{'resources'};
push(@blockers,$block);
}
}	}
}	}
}	}
Line 7259 sub has_comm_blocking {	Line 8453 sub has_comm_blocking {
my @to_test;	my @to_test;
if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {
if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {
my $check_interval;	my @interval;
if (&check_docs_block($commblocks{$block}{'blocks'}{'docs'},\%tocheck)) {	my $type = 'map';
my @interval;	if ($item eq 'course') {
my $type = 'map';	$type = 'course';
if ($item eq 'course') {	@interval=&EXT("resource.0.interval");
$type = 'course';	} else {
@interval=&EXT("resource.0.interval");	if ($item =~ /___\d+___/) {
	$type = 'resource';
	@interval=&EXT("resource.0.interval",$item);
	if (ref($navmap)) {
	my $res = $navmap->getBySymb($item);
	push(@to_test,$res);
	}
} else {	} else {
if ($item =~ /___\d+___/) {	my $mapsymb = &symbread($item,1);
$type = 'resource';	if ($mapsymb) {
@interval=&EXT("resource.0.interval",$item);	if (ref($navmap)) {
if (ref($navmap)) {	my $mapres = $navmap->getBySymb($mapsymb);
my $res = $navmap->getBySymb($item);	@to_test = $mapres->retrieveResources($mapres,undef,0,0,0,1);
push(@to_test,$res);	foreach my $res (@to_test) {
}	my $symb = $res->symb();
} else {	next if ($symb eq $mapsymb);
my $mapsymb = &symbread($item,1);	if ($symb ne '') {
if ($mapsymb) {	@interval=&EXT("resource.0.interval",$symb);
if (ref($navmap)) {	if ($interval[1] eq 'map') {
my $mapres = $navmap->getBySymb($mapsymb);
@to_test = $mapres->retrieveResources($mapres,undef,0,1);
foreach my $res (@to_test) {
my $symb = $res->symb();
next if ($symb eq $mapsymb);
if ($symb ne '') {
@interval=&EXT("resource.0.interval",$symb);
last;	last;
}	}
}	}
Line 7292 sub has_comm_blocking {	Line 8485 sub has_comm_blocking {
}	}
}	}
}	}
if ($interval[0] =~ /\d+/) {	}
my $first_access;	if ($interval[0] =~ /^(\d+)/) {
if ($type eq 'resource') {	my $timelimit = $1;
$first_access=&get_first_access($interval[1],$item);	my $first_access;
} elsif ($type eq 'map') {	if ($type eq 'resource') {
$first_access=&get_first_access($interval[1],undef,$item);	$first_access=&get_first_access($interval[1],$item);
} else {	} elsif ($type eq 'map') {
$first_access=&get_first_access($interval[1]);	$first_access=&get_first_access($interval[1],undef,$item);
}	} else {
if ($first_access) {	$first_access=&get_first_access($interval[1]);
my $timesup = $first_access+$interval[0];	}
if ($timesup > $now) {	if ($first_access) {
foreach my $res (@to_test) {	my $timesup = $first_access+$timelimit;
if ($res->is_problem()) {	if ($timesup > $now) {
if ($res->completable()) {	my $activeblock;
unless (grep(/^\Q$block\E$/,@blockers)) {	foreach my $res (@to_test) {
push(@blockers,$block);	if ($res->answerable()) {
}	$activeblock = 1;
last;	last;
}	}
	}
	if ($activeblock) {
	if (ref($commblocks{$block}{'blocks'}{'docs'}{'maps'}) eq 'HASH') {
	if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'maps'}})) {
	$blockers{$block}{'maps'} = $commblocks{$block}{'blocks'}{'docs'}{'maps'};
	}
	}
	if (ref($commblocks{$block}{'blocks'}{'docs'}{'resources'}) eq 'HASH') {
	if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'resources'}})) {
	$blockers{$block}{'resources'} = $commblocks{$block}{'blocks'}{'docs'}{'resources'};
}	}
}	}
}	}
Line 7322 sub has_comm_blocking {	Line 8525 sub has_comm_blocking {
}	}
}	}
}	}
	return %blockers;
	}

	sub has_comm_blocking {
	my ($priv,$symb,$uri,$blocks) = @_;
	my @blockers;
	return unless ($env{'request.course.id'});
	return unless ($priv eq 'bre');
	return if ($env{'user.priv.'.$env{'request.role'}} =~/evb\&([^\:]*)/);
	return if ($env{'request.state'} eq 'construct');
	&load_all_blockers($env{'user.name'},$env{'user.domain'},$blocks);
	return unless (keys(%cachedblockers) > 0);
	my (%possibles,@symbs);
	if (!$symb) {
	$symb = &symbread($uri,1,1,1,\%possibles);
	}
	if ($symb) {
	@symbs = ($symb);
	} elsif (keys(%possibles)) {
	@symbs = keys(%possibles);
	}
	my $noblock;
	foreach my $symb (@symbs) {
	last if ($noblock);
	my ($map,$resid,$resurl)=&decode_symb($symb);
	foreach my $block (keys(%cachedblockers)) {
	if ($block =~ /^firstaccess____(.+)$/) {
	my $item = $1;
	if (($item eq $map) \|\| ($item eq $symb)) {
	$noblock = 1;
	last;
	}
	}
	if (ref($cachedblockers{$block}) eq 'HASH') {
	if (ref($cachedblockers{$block}{'resources'}) eq 'HASH') {
	if ($cachedblockers{$block}{'resources'}{$symb}) {
	unless (grep(/^\Q$block\E$/,@blockers)) {
	push(@blockers,$block);
	}
	}
	}
	}
	if (ref($cachedblockers{$block}{'maps'}) eq 'HASH') {
	if ($cachedblockers{$block}{'maps'}{$map}) {
	unless (grep(/^\Q$block\E$/,@blockers)) {
	push(@blockers,$block);
	}
	}
	}
	}
	}
	return if ($noblock);
return @blockers;	return @blockers;
}	}
	}

sub check_docs_block {	sub deeplink_check {
my ($docsblock,$tocheck) =@_;	my ($priv,$symb,$uri) = @_;
if ((ref($docsblock) ne 'HASH') \|\| (ref($tocheck) ne 'HASH')) {	return unless ($env{'request.course.id'});
return;	return unless ($priv eq 'bre');
	return if ($env{'request.state'} eq 'construct');
	return if ($env{'request.role.adv'});
	my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
	my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
	my (%possibles,@symbs);
	if (!$symb) {
	$symb = &symbread($uri,1,1,1,\%possibles);
}	}
if (ref($docsblock->{'maps'}) eq 'HASH') {	if ($symb) {
if ($tocheck->{'maps'}) {	@symbs = ($symb);
if ($docsblock->{'maps'}{$tocheck->{'maps'}}) {	} elsif (keys(%possibles)) {
return 1;	@symbs = keys(%possibles);
	}

	my ($login,$switchrole,$allow);
	if ($env{'request.deeplink.login'} =~ m{^\Q/tiny/$cdom/\E(\w+)$}) {
	my $key = $1;
	my $tinyurl;
	my ($result,$cached)=&Apache::lonnet::is_cached_new('tiny',$cdom."\0".$key);
	if (defined($cached)) {
	$tinyurl = $result;
	} else {
	my $configuname = &Apache::lonnet::get_domainconfiguser($cdom);
	my %currtiny = &Apache::lonnet::get('tiny',[$key],$cdom,$configuname);
	if ($currtiny{$key} ne '') {
	$tinyurl = $currtiny{$key};
	&Apache::lonnet::do_cache_new('tiny',$cdom."\0".$key,$currtiny{$key},600);
	}
	}
	if ($tinyurl ne '') {
	my ($cnumreq,$posslogin) = split(/\&/,$tinyurl);
	if ($cnumreq eq $cnum) {
	$login = $posslogin;
	} else {
	$switchrole = 1;
}	}
}	}
}	}
if (ref($docsblock->{'resources'}) eq 'HASH') {	foreach my $symb (@symbs) {
if ($tocheck->{'resources'}) {	last if ($allow);
if ($docsblock->{'resources'}{$tocheck->{'resources'}}) {	my $deeplink = &EXT("resource.0.deeplink",$symb);
return 1;	if ($deeplink eq '') {
	$allow = 1;
	} else {
	my ($listed,$scope,$access) = split(/,/,$deeplink);
	if ($access eq 'any') {
	$allow = 1;
	} elsif ($login) {
	if ($access eq 'only') {
	if ($scope eq 'res') {
	if ($symb eq $login) {
	$allow = 1;
	}
	} elsif ($scope eq 'map') {
	#FIXME Compare map for $env{'request.deeplink.login'} with map for $symb
	} elsif ($scope eq 'rec') {
	#FIXME Recurse up for $env{'request.deeplink.login'} with map for $symb
	}
	} else {
	my ($acctype,$item) = split(/:/,$access);
	if (($acctype eq 'lti') && ($env{'user.linkprotector'})) {
	if (grep(/^\Q$item\E$/,split(/,/,$env{'user.linkprotector'}))) {
	my %tinyurls = &get('tiny',[$symb],$cdom,$cnum);
	if (grep(/\Q$tinyurls{$symb}\E$/,split(/,/,$env{'user.linkproturis'}))) {
	$allow = 1;
	}
	}
	} elsif (($acctype eq 'key') && ($env{'user.deeplinkkey'})) {
	if (grep(/^\Q$item\E$/,split(/,/,$env{'user.deeplinkkey'}))) {
	my %tinyurls = &get('tiny',[$symb],$cdom,$cnum);
	if (grep(/\Q$tinyurls{$symb}\E$/,split(/,/,$env{'user.keyedlinkuri'}))) {
	$allow = 1;
	}
	}
	}
	}
}	}
}	}
}	}
return;	return if ($allow);
	return 1;
}	}

	# -------------------------------- Deversion and split uri into path an filename

#	#
# Removes the versino from a URI and	# Removes the version from a URI and
# splits it in to its filename and path to the filename.	# splits it in to its filename and path to the filename.
# Seems like File::Basename could have done this more clearly.	# Seems like File::Basename could have done this more clearly.
# Parameters:	# Parameters:
Line 7416 sub get_symb_from_alias {	Line 8739 sub get_symb_from_alias {

sub definerole {	sub definerole {
if (allowed('mcr','/')) {	if (allowed('mcr','/')) {
my ($rolename,$sysrole,$domrole,$courole)=@_;	my ($rolename,$sysrole,$domrole,$courole,$uname,$udom)=@_;
foreach my $role (split(':',$sysrole)) {	foreach my $role (split(':',$sysrole)) {
my ($crole,$cqual)=split(/\&/,$role);	my ($crole,$cqual)=split(/\&/,$role);
if ($pr{'cr:s'}!~/\Q$crole\E/) { return "refused:s:$crole"; }	if ($pr{'cr:s'}!~/\Q$crole\E/) { return "refused:s:$crole"; }
Line 7444 sub definerole {	Line 8767 sub definerole {
}	}
}	}
}	}
	my $uhome;
	if (($uname ne '') && ($udom ne '')) {
	$uhome = &homeserver($uname,$udom);
	return $uhome if ($uhome eq 'no_host');
	} else {
	$uname = $env{'user.name'};
	$udom = $env{'user.domain'};
	$uhome = $env{'user.home'};
	}
my $command="encrypt:rolesput:$env{'user.domain'}:$env{'user.name'}:".	my $command="encrypt:rolesput:$env{'user.domain'}:$env{'user.name'}:".
"$env{'user.domain'}:$env{'user.name'}:".	"$udom:$uname:rolesdef_$rolename=".
"rolesdef_$rolename=".
escape($sysrole.'_'.$domrole.'_'.$courole);	escape($sysrole.'_'.$domrole.'_'.$courole);
return reply($command,$env{'user.home'});	return reply($command,$uhome);
} else {	} else {
return 'refused';	return 'refused';
}	}
Line 7463 sub metadata_query {	Line 8794 sub metadata_query {
my @server_list = (defined($server_array) ? @$server_array	my @server_list = (defined($server_array) ? @$server_array
: keys(%libserv) );	: keys(%libserv) );
for my $server (@server_list) {	for my $server (@server_list) {
my $domains = '';	my $domains = '';
if (ref($domains_hash) eq 'HASH') {	if (ref($domains_hash) eq 'HASH') {
$domains = $domains_hash->{$server};	$domains = $domains_hash->{$server};
}	}
unless ($custom or $customshow) {	unless ($custom or $customshow) {
my $reply=&reply("querysend:".&escape($query).':::'.&escape($domains),$server);	my $reply=&reply("querysend:".&escape($query).':::'.&escape($domains),$server);
Line 7530 sub update_allusers_table {	Line 8861 sub update_allusers_table {

sub fetch_enrollment_query {	sub fetch_enrollment_query {
my ($context,$affiliatesref,$replyref,$dom,$cnum) = @_;	my ($context,$affiliatesref,$replyref,$dom,$cnum) = @_;
my $homeserver;	my ($homeserver,$sleep,$loopmax);
my $maxtries = 1;	my $maxtries = 1;
if ($context eq 'automated') {	if ($context eq 'automated') {
$homeserver = $perlvar{'lonHostID'};	$homeserver = $perlvar{'lonHostID'};
	$sleep = 2;
	$loopmax = 100;
$maxtries = 10; # will wait for up to 2000s for retrieval of classlist data before timeout	$maxtries = 10; # will wait for up to 2000s for retrieval of classlist data before timeout
} else {	} else {
$homeserver = &homeserver($cnum,$dom);	$homeserver = &homeserver($cnum,$dom);
Line 7551 sub fetch_enrollment_query {	Line 8884 sub fetch_enrollment_query {
&logthis('fetch_enrollment_query: invalid queryid: '.$queryid.' for host: '.$host.' and homeserver: '.$homeserver.' context: '.$context.' '.$cnum);	&logthis('fetch_enrollment_query: invalid queryid: '.$queryid.' for host: '.$host.' and homeserver: '.$homeserver.' context: '.$context.' '.$cnum);
return 'error: '.$queryid;	return 'error: '.$queryid;
}	}
my $reply = &get_query_reply($queryid);	my $reply = &get_query_reply($queryid,$sleep,$loopmax);
my $tries = 1;	my $tries = 1;
while (($reply=~/^timeout/) && ($tries < $maxtries)) {	while (($reply=~/^timeout/) && ($tries < $maxtries)) {
$reply = &get_query_reply($queryid);	$reply = &get_query_reply($queryid,$sleep,$loopmax);
$tries ++;	$tries ++;
}	}
if ( ($reply =~/^timeout/) \|\| ($reply =~/^error/) ) {	if ( ($reply =~/^timeout/) \|\| ($reply =~/^error/) ) {
&logthis('fetch_enrollment_query error: '.$reply.' for '.$dom.' '.$env{'user.name'}.' for '.$queryid.' context: '.$context.' '.$cnum.' maxtries: '.$maxtries.' tries: '.$tries);	&logthis('fetch_enrollment_query error: '.$reply.' for '.$dom.' '.$env{'user.name'}.' for '.$queryid.' context: '.$context.' '.$cnum.' maxtries: '.$maxtries.' tries: '.$tries);
} else {	} else {
my @responses = split(/:/,$reply);	my @responses = split(/:/,$reply);
if ($homeserver eq $perlvar{'lonHostID'}) {	if (grep { $_ eq $homeserver } &current_machine_ids()) {
foreach my $line (@responses) {	foreach my $line (@responses) {
my ($key,$value) = split(/=/,$line,2);	my ($key,$value) = split(/=/,$line,2);
$$replyref{$key} = $value;	$$replyref{$key} = $value;
Line 7579 sub fetch_enrollment_query {	Line 8912 sub fetch_enrollment_query {
if ($xml_classlist =~ /^error/) {	if ($xml_classlist =~ /^error/) {
&logthis('fetch_enrollment_query - autoretrieve error: '.$xml_classlist.' for '.$filename.' from server: '.$homeserver.' '.$context.' '.$cnum);	&logthis('fetch_enrollment_query - autoretrieve error: '.$xml_classlist.' for '.$filename.' from server: '.$homeserver.' '.$context.' '.$cnum);
} else {	} else {
if ( open(FILE,">$destname") ) {	if ( open(FILE,">",$destname) ) {
print FILE &unescape($xml_classlist);	print FILE &unescape($xml_classlist);
close(FILE);	close(FILE);
} else {	} else {
Line 7596 sub fetch_enrollment_query {	Line 8929 sub fetch_enrollment_query {
}	}

sub get_query_reply {	sub get_query_reply {
my $queryid=shift;	my ($queryid,$sleep,$loopmax) = @_;;
	if (($sleep eq '') \|\| ($sleep !~ /^\d+\.?\d*$/)) {
	$sleep = 0.2;
	}
	if (($loopmax eq '') \|\| ($loopmax =~ /\D/)) {
	$loopmax = 100;
	}
my $replyfile=LONCAPA::tempdir().$queryid;	my $replyfile=LONCAPA::tempdir().$queryid;
my $reply='';	my $reply='';
for (1..100) {	for (1..$loopmax) {
sleep 2;	sleep($sleep);
if (-e $replyfile.'.end') {	if (-e $replyfile.'.end') {
if (open(my $fh,$replyfile)) {	if (open(my $fh,"<",$replyfile)) {
$reply = join('',<$fh>);	$reply = join('',<$fh>);
close($fh);	close($fh);
} else { return 'error: reply_file_error'; }	} else { return 'error: reply_file_error'; }
Line 7994 sub auto_validate_class_sec {	Line 9333 sub auto_validate_class_sec {
return $response;	return $response;
}	}

	sub auto_validate_instclasses {
	my ($cdom,$cnum,$owners,$classesref) = @_;
	my ($homeserver,%validations);
	$homeserver = &homeserver($cnum,$cdom);
	unless ($homeserver eq 'no_host') {
	my $ownerlist;
	if (ref($owners) eq 'ARRAY') {
	$ownerlist = join(',',@{$owners});
	} else {
	$ownerlist = $owners;
	}
	if (ref($classesref) eq 'HASH') {
	my $classes = &freeze_escape($classesref);
	my $response=&reply('autovalidateinstclasses:'.&escape($ownerlist).
	':'.$cdom.':'.$classes,$homeserver);
	unless ($response =~ /(con_lost\|error\|no_such_host\|refused)/) {
	my @items = split(/&/,$response);
	foreach my $item (@items) {
	my ($key,$value) = split('=',$item);
	$validations{&unescape($key)} = &thaw_unescape($value);
	}
	}
	}
	}
	return %validations;
	}

sub auto_crsreq_update {	sub auto_crsreq_update {
my ($cdom,$cnum,$crstype,$action,$ownername,$ownerdomain,$fullname,$title,	my ($cdom,$cnum,$crstype,$action,$ownername,$ownerdomain,$fullname,$title,
$code,$accessstart,$accessend,$inbound) = @_;	$code,$accessstart,$accessend,$inbound) = @_;
Line 8010 sub auto_crsreq_update {	Line 9376 sub auto_crsreq_update {
':'.&escape($action).':'.&escape($ownername).':'.	':'.&escape($action).':'.&escape($ownername).':'.
&escape($ownerdomain).':'.&escape($fullname).':'.	&escape($ownerdomain).':'.&escape($fullname).':'.
&escape($title).':'.&escape($code).':'.	&escape($title).':'.&escape($code).':'.
&escape($accessstart).':'.&escape($accessend).':'.$info,$homeserver);	&escape($accessstart).':'.&escape($accessend).':'.$info,
	$homeserver);
unless ($response =~ /(con_lost\|error\|no_such_host\|refused)/) {	unless ($response =~ /(con_lost\|error\|no_such_host\|refused)/) {
my @items = split(/&/,$response);	my @items = split(/&/,$response);
foreach my $item (@items) {	foreach my $item (@items) {
Line 8022 sub auto_crsreq_update {	Line 9389 sub auto_crsreq_update {
return \%crsreqresponse;	return \%crsreqresponse;
}	}

	sub auto_export_grades {
	my ($cdom,$cnum,$inforef,$gradesref) = @_;
	my ($homeserver,%exportresponse);
	if ($cdom =~ /^$match_domain$/) {
	$homeserver = &domain($cdom,'primary');
	}
	unless (($homeserver eq 'no_host') \|\| ($homeserver eq '')) {
	my $info;
	if (ref($inforef) eq 'HASH') {
	$info = &freeze_escape($inforef);
	}
	if (ref($gradesref) eq 'HASH') {
	my $grades = &freeze_escape($gradesref);
	my $response=&reply('encrypt:autoexportgrades:'.$cdom.':'.$cnum.':'.
	$info.':'.$grades,$homeserver);
	unless ($response =~ /(con_lost\|error\|no_such_host\|refused\|unknown_command)/) {
	my @items = split(/&/,$response);
	foreach my $item (@items) {
	my ($key,$value) = split('=',$item);
	$exportresponse{&unescape($key)} = &thaw_unescape($value);
	}
	}
	}
	}
	return \%exportresponse;
	}

	sub check_instcode_cloning {
	my ($codedefaults,$code_order,$cloner,$clonefromcode,$clonetocode) = @_;
	unless ((ref($codedefaults) eq 'HASH') && (ref($code_order) eq 'ARRAY')) {
	return;
	}
	my $canclone;
	if (@{$code_order} > 0) {
	my $instcoderegexp ='^';
	my @clonecodes = split(/\&/,$cloner);
	foreach my $item (@{$code_order}) {
	if (grep(/^\Q$item\E=/,@clonecodes)) {
	foreach my $pair (@clonecodes) {
	my ($key,$val) = split(/\=/,$pair,2);
	$val = &unescape($val);
	if ($key eq $item) {
	$instcoderegexp .= '('.$val.')';
	last;
	}
	}
	} else {
	$instcoderegexp .= $codedefaults->{$item};
	}
	}
	$instcoderegexp .= '$';
	my (@from,@to);
	eval {
	(@from) = ($clonefromcode =~ /$instcoderegexp/);
	(@to) = ($clonetocode =~ /$instcoderegexp/);
	};
	if ((@from > 0) && (@to > 0)) {
	my @diffs = &Apache::loncommon::compare_arrays(\@from,\@to);
	if (!@diffs) {
	$canclone = 1;
	}
	}
	}
	return $canclone;
	}

	sub default_instcode_cloning {
	my ($clonedom,$domdefclone,$clonefromcode,$clonetocode,$codedefaultsref,$codeorderref) = @_;
	my (%codedefaults,@code_order,$canclone);
	if ((ref($codedefaultsref) eq 'HASH') && (ref($codeorderref) eq 'ARRAY')) {
	%codedefaults = %{$codedefaultsref};
	@code_order = @{$codeorderref};
	} elsif ($clonedom) {
	&auto_instcode_defaults($clonedom,\%codedefaults,\@code_order);
	}
	if (($domdefclone) && (@code_order)) {
	my @clonecodes = split(/\+/,$domdefclone);
	my $instcoderegexp ='^';
	foreach my $item (@code_order) {
	if (grep(/^\Q$item\E$/,@clonecodes)) {
	$instcoderegexp .= '('.$codedefaults{$item}.')';
	} else {
	$instcoderegexp .= $codedefaults{$item};
	}
	}
	$instcoderegexp .= '$';
	my (@from,@to);
	eval {
	(@from) = ($clonefromcode =~ /$instcoderegexp/);
	(@to) = ($clonetocode =~ /$instcoderegexp/);
	};
	if ((@from > 0) && (@to > 0)) {
	my @diffs = &Apache::loncommon::compare_arrays(\@from,\@to);
	if (!@diffs) {
	$canclone = 1;
	}
	}
	}
	return $canclone;
	}

# ------------------------------------------------------- Course Group routines	# ------------------------------------------------------- Course Group routines

sub get_coursegroups {	sub get_coursegroups {
Line 8169 sub plaintext {	Line 9637 sub plaintext {
my %rolenames = (	my %rolenames = (
Course => 'std',	Course => 'std',
Community => 'alt1',	Community => 'alt1',
	Placement => 'std',
);	);
if ($cid ne '') {	if ($cid ne '') {
if ($env{'course.'.$cid.'.'.$short.'.plaintext'} ne '') {	if ($env{'course.'.$cid.'.'.$short.'.plaintext'} ne '') {
Line 8250 sub assignrole {	Line 9719 sub assignrole {
}	}
if ($refused) {	if ($refused) {
my ($cdom,$cnum) = ($cwosec =~ m{^/?($match_domain)/($match_courseid)$});	my ($cdom,$cnum) = ($cwosec =~ m{^/?($match_domain)/($match_courseid)$});
if (!$selfenroll && $context eq 'course') {	if (!$selfenroll && (($context eq 'course') \|\| ($context eq 'ltienroll' && $env{'request.lti.login'}))) {
my %crsenv;	my %crsenv;
if ($role eq 'cc' \|\| $role eq 'co') {	if ($role eq 'cc' \|\| $role eq 'co') {
%crsenv = &userenvironment($cdom,$cnum,('internal.courseowner'));	%crsenv = &userenvironment($cdom,$cnum,('internal.courseowner'));
Line 8270 sub assignrole {	Line 9739 sub assignrole {
}	}
}	}
}	}
} elsif (($selfenroll == 1) && ($role eq 'st') && ($udom eq $env{'user.domain'}) && ($uname eq $env{'user.name'})) {	} elsif (($selfenroll == 1) && ($udom eq $env{'user.domain'}) && ($uname eq $env{'user.name'})) {
$refused = '';	if ($role eq 'st') {
	$refused = '';
	} elsif (($context eq 'ltienroll') && ($env{'request.lti.login'})) {
	$refused = '';
	}
} elsif ($context eq 'requestcourses') {	} elsif ($context eq 'requestcourses') {
my @possroles = ('st','ta','ep','in','cc','co');	my @possroles = ('st','ta','ep','in','cc','co');
if ((grep(/^\Q$role\E$/,@possroles)) && ($env{'user.name'} ne '' && $env{'user.domain'} ne '')) {	if ((grep(/^\Q$role\E$/,@possroles)) && ($env{'user.name'} ne '' && $env{'user.domain'} ne '')) {
Line 8290 sub assignrole {	Line 9763 sub assignrole {
}	}
}	}
} elsif ($context eq 'requestauthor') {	} elsif ($context eq 'requestauthor') {
if (($udom eq $env{'user.domain'}) && ($uname eq $env{'user.name'}) &&	if (($udom eq $env{'user.domain'}) && ($uname eq $env{'user.name'}) &&
($url eq '/'.$udom.'/') && ($role eq 'au')) {	($url eq '/'.$udom.'/') && ($role eq 'au')) {
if ($env{'environment.requestauthor'} eq 'automatic') {	if ($env{'environment.requestauthor'} eq 'automatic') {
$refused = '';	$refused = '';
Line 8298 sub assignrole {	Line 9771 sub assignrole {
my %domdefaults = &get_domain_defaults($udom);	my %domdefaults = &get_domain_defaults($udom);
if (ref($domdefaults{'requestauthor'}) eq 'HASH') {	if (ref($domdefaults{'requestauthor'}) eq 'HASH') {
my $checkbystatus;	my $checkbystatus;
if ($env{'user.adv'}) {	if ($env{'user.adv'}) {
my $disposition = $domdefaults{'requestauthor'}{'_LC_adv'};	my $disposition = $domdefaults{'requestauthor'}{'_LC_adv'};
if ($disposition eq 'automatic') {	if ($disposition eq 'automatic') {
$refused = '';	$refused = '';
} elsif ($disposition eq '') {	} elsif ($disposition eq '') {
$checkbystatus = 1;	$checkbystatus = 1;
}	}
} else {	} else {
$checkbystatus = 1;	$checkbystatus = 1;
}	}
Line 8386 sub assignrole {	Line 9859 sub assignrole {
&courserolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,	&courserolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,
$selfenroll,$context);	$selfenroll,$context);
} elsif (($role eq 'li') \|\| ($role eq 'dg') \|\| ($role eq 'sc') \|\|	} elsif (($role eq 'li') \|\| ($role eq 'dg') \|\| ($role eq 'sc') \|\|
($role eq 'au') \|\| ($role eq 'dc')) {	($role eq 'au') \|\| ($role eq 'dc') \|\| ($role eq 'dh') \|\|
	($role eq 'da')) {
&domainrolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,	&domainrolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,
$context);	$context);
} elsif (($role eq 'ca') \|\| ($role eq 'aa')) {	} elsif (($role eq 'ca') \|\| ($role eq 'aa')) {
&coauthorrolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,	&coauthorrolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,
$context);	$context);
}	}
if ($role eq 'cc') {	if ($role eq 'cc') {
&autoupdate_coowners($url,$end,$start,$uname,$udom);	&autoupdate_coowners($url,$end,$start,$uname,$udom);
Line 8536 sub modifyuser {	Line 10010 sub modifyuser {
my $newuser;	my $newuser;
if ($uhome eq 'no_host') {	if ($uhome eq 'no_host') {
$newuser = 1;	$newuser = 1;
	unless (($umode && ($upass ne '')) \|\| ($umode eq 'localauth') \|\|
	($umode eq 'lti')) {
	return 'error: more information needed to create new user';
	}
}	}
# ----------------------------------------------------------------- Create User	# ----------------------------------------------------------------- Create User
if (($uhome eq 'no_host') &&	if (($uhome eq 'no_host') &&
(($umode && $upass) \|\| ($umode eq 'localauth'))) {	(($umode && $upass) \|\| ($umode eq 'localauth') \|\| ($umode eq 'lti'))) {
my $unhome='';	my $unhome='';
if (defined($desiredhome) && &host_domain($desiredhome) eq $udom) {	if (defined($desiredhome) && &host_domain($desiredhome) eq $udom) {
$unhome = $desiredhome;	$unhome = $desiredhome;
Line 8581 sub modifyuser {	Line 10059 sub modifyuser {
'current user id "'.$uidhash{$uname}.'".';	'current user id "'.$uidhash{$uname}.'".';
}	}
} else {	} else {
&idput($udom,($uname => $uid));	&idput($udom,{$uname => $uid},$uhome,'ids');
}	}
}	}
# -------------------------------------------------------------- Add names, etc	# -------------------------------------------------------------- Add names, etc
Line 8691 sub modifyuser {	Line 10169 sub modifyuser {
sub modifystudent {	sub modifystudent {
my ($udom,$uname,$uid,$umode,$upass,$first,$middle,$last,$gene,$usec,	my ($udom,$uname,$uid,$umode,$upass,$first,$middle,$last,$gene,$usec,
$end,$start,$forceid,$desiredhome,$email,$type,$locktype,$cid,	$end,$start,$forceid,$desiredhome,$email,$type,$locktype,$cid,
$selfenroll,$context,$inststatus,$credits)=@_;	$selfenroll,$context,$inststatus,$credits,$instsec)=@_;
if (!$cid) {	if (!$cid) {
unless ($cid=$env{'request.course.id'}) {	unless ($cid=$env{'request.course.id'}) {
return 'not_in_class';	return 'not_in_class';
Line 8706 sub modifystudent {	Line 10184 sub modifystudent {
# student's environment	# student's environment
$uid = undef if (!$forceid);	$uid = undef if (!$forceid);
$reply = &modify_student_enrollment($udom,$uname,$uid,$first,$middle,$last,	$reply = &modify_student_enrollment($udom,$uname,$uid,$first,$middle,$last,
$gene,$usec,$end,$start,$type,$locktype,	$gene,$usec,$end,$start,$type,$locktype,
$cid,$selfenroll,$context,$credits);	$cid,$selfenroll,$context,$credits,$instsec);
return $reply;	return $reply;
}	}

sub modify_student_enrollment {	sub modify_student_enrollment {
my ($udom,$uname,$uid,$first,$middle,$last,$gene,$usec,$end,$start,$type,	my ($udom,$uname,$uid,$first,$middle,$last,$gene,$usec,$end,$start,$type,
$locktype,$cid,$selfenroll,$context,$credits) = @_;	$locktype,$cid,$selfenroll,$context,$credits,$instsec) = @_;
my ($cdom,$cnum,$chome);	my ($cdom,$cnum,$chome);
if (!$cid) {	if (!$cid) {
unless ($cid=$env{'request.course.id'}) {	unless ($cid=$env{'request.course.id'}) {
Line 8760 sub modify_student_enrollment {	Line 10238 sub modify_student_enrollment {
my %old_entry = &Apache::lonnet::get('classlist',[$user],$cdom,$cnum);	my %old_entry = &Apache::lonnet::get('classlist',[$user],$cdom,$cnum);
my $reply=cput('classlist',	my $reply=cput('classlist',
{$user =>	{$user =>
join(':',$end,$start,$uid,$usec,$fullname,$type,$locktype,$credits) },	join(':',$end,$start,$uid,$usec,$fullname,$type,$locktype,$credits,$instsec) },
$cdom,$cnum);	$cdom,$cnum);
if (($reply eq 'ok') \|\| ($reply eq 'delayed')) {	if (($reply eq 'ok') \|\| ($reply eq 'delayed')) {
&devalidate_getsection_cache($udom,$uname,$cid);	&devalidate_getsection_cache($udom,$uname,$cid);
Line 8984 sub is_course {	Line 10462 sub is_course {
my ($cdom, $cnum) = scalar(@_) == 1 ?	my ($cdom, $cnum) = scalar(@_) == 1 ?
($_[0] =~ /^($match_domain)_($match_courseid)$/) : @_;	($_[0] =~ /^($match_domain)_($match_courseid)$/) : @_;

return unless $cdom and $cnum;	return unless (($cdom =~ /^$match_domain$/) && ($cnum =~ /^$match_courseid$/));
	my $uhome=&homeserver($cnum,$cdom);
my %courses = &courseiddump($cdom, '.', 1, '.', '.', $cnum, undef, undef,	my $iscourse;
'.');	if (grep { $_ eq $uhome } current_machine_ids()) {
	$iscourse = &LONCAPA::Lond::is_course($cdom,$cnum);
return unless(exists($courses{$cdom.'_'.$cnum}));	} else {
	my $hashid = $cdom.':'.$cnum;
	($iscourse,my $cached) = &is_cached_new('iscourse',$hashid);
	unless (defined($cached)) {
	my %courses = &courseiddump($cdom, '.', 1, '.', '.',
	$cnum,undef,undef,'.');
	$iscourse = 0;
	if (exists($courses{$cdom.'_'.$cnum})) {
	$iscourse = 1;
	}
	&do_cache_new('iscourse',$hashid,$iscourse,3600);
	}
	}
	return unless ($iscourse);
return wantarray ? ($cdom, $cnum) : $cdom.'_'.$cnum;	return wantarray ? ($cdom, $cnum) : $cdom.'_'.$cnum;
}	}

Line 9125 sub save_selected_files {	Line 10616 sub save_selected_files {
my ($user, $path, @files) = @_;	my ($user, $path, @files) = @_;
my $filename = $user."savedfiles";	my $filename = $user."savedfiles";
my @other_files = &files_not_in_path($user, $path);	my @other_files = &files_not_in_path($user, $path);
open (OUT, '>'.$tmpdir.$filename);	open (OUT,'>',LONCAPA::tempdir().$filename);
foreach my $file (@files) {	foreach my $file (@files) {
print (OUT $env{'form.currentpath'}.$file."\n");	print (OUT $env{'form.currentpath'}.$file."\n");
}	}
Line 9139 sub save_selected_files {	Line 10630 sub save_selected_files {
sub clear_selected_files {	sub clear_selected_files {
my ($user) = @_;	my ($user) = @_;
my $filename = $user."savedfiles";	my $filename = $user."savedfiles";
open (OUT, '>'.LONCAPA::tempdir().$filename);	open (OUT,'>',LONCAPA::tempdir().$filename);
print (OUT undef);	print (OUT undef);
close (OUT);	close (OUT);
return ("ok");	return ("ok");
Line 9149 sub files_in_path {	Line 10640 sub files_in_path {
my ($user, $path) = @_;	my ($user, $path) = @_;
my $filename = $user."savedfiles";	my $filename = $user."savedfiles";
my %return_files;	my %return_files;
open (IN, '<'.LONCAPA::tempdir().$filename);	open (IN,'<',LONCAPA::tempdir().$filename);
while (my $line_in = <IN>) {	while (my $line_in = <IN>) {
chomp ($line_in);	chomp ($line_in);
my @paths_and_file = split (m!/!, $line_in);	my @paths_and_file = split (m!/!, $line_in);
Line 9171 sub files_not_in_path {	Line 10662 sub files_not_in_path {
my $filename = $user."savedfiles";	my $filename = $user."savedfiles";
my @return_files;	my @return_files;
my $path_part;	my $path_part;
open(IN, '<'.LONCAPA::.$filename);	open(IN, '<',LONCAPA::tempdir().$filename);
while (my $line = <IN>) {	while (my $line = <IN>) {
#ok, I know it's clunky, but I want it to work	#ok, I know it's clunky, but I want it to work
my @paths_and_file = split(m\|/\|, $line);	my @paths_and_file = split(m\|/\|, $line);
Line 9188 sub files_not_in_path {	Line 10679 sub files_not_in_path {
return (@return_files);	return (@return_files);
}	}

	#------------------------------Submitted/Handedback Portfolio Files Versioning

	sub portfiles_versioning {
	my ($symb,$domain,$stu_name,$portfiles,$versioned_portfiles) = @_;
	my $portfolio_root = '/userfiles/portfolio';
	return unless ((ref($portfiles) eq 'ARRAY') && (ref($versioned_portfiles) eq 'ARRAY'));
	foreach my $file (@{$portfiles}) {
	&unmark_as_readonly($domain,$stu_name,[$symb,$env{'request.course.id'}],$file);
	my ($directory,$answer_file) =($file =~ /^(.?)([^\/])$/);
	my ($answer_name,$answer_ver,$answer_ext) = &file_name_version_ext($answer_file);
	my $getpropath = 1;
	my ($dir_list,$listerror) = &dirlist($portfolio_root.$directory,$domain,
	$stu_name,$getpropath);
	my $version = &get_next_version($answer_name,$answer_ext,$dir_list);
	my $new_answer =
	&version_selected_portfile($domain,$stu_name,$directory,$answer_file,$version);
	if ($new_answer ne 'problem getting file') {
	push(@{$versioned_portfiles}, $directory.$new_answer);
	&mark_as_readonly($domain,$stu_name,[$directory.$new_answer],
	[$symb,$env{'request.course.id'},'graded']);
	}
	}
	}

	sub get_next_version {
	my ($answer_name, $answer_ext, $dir_list) = @_;
	my $version;
	if (ref($dir_list) eq 'ARRAY') {
	foreach my $row (@{$dir_list}) {
	my ($file) = split(/\&/,$row,2);
	my ($file_name,$file_version,$file_ext) =
	&file_name_version_ext($file);
	if (($file_name eq $answer_name) &&
	($file_ext eq $answer_ext)) {
	# gets here if filename and extension match,
	# regardless of version
	if ($file_version ne '') {
	# a versioned file is found so save it for later
	if ($file_version > $version) {
	$version = $file_version;
	}
	}
	}
	}
	}
	$version ++;
	return($version);
	}

	sub version_selected_portfile {
	my ($domain,$stu_name,$directory,$file_name,$version) = @_;
	my ($answer_name,$answer_ver,$answer_ext) =
	&file_name_version_ext($file_name);
	my $new_answer;
	$env{'form.copy'} =
	&getfile("/uploaded/$domain/$stu_name/portfolio$directory$file_name");
	if($env{'form.copy'} eq '-1') {
	$new_answer = 'problem getting file';
	} else {
	$new_answer = $answer_name.'.'.$version.'.'.$answer_ext;
	my $copy_result =
	&finishuserfileupload($stu_name,$domain,'copy',
	'/portfolio'.$directory.$new_answer);
	}
	undef($env{'form.copy'});
	return ($new_answer);
	}

	sub file_name_version_ext {
	my ($file)=@_;
	my @file_parts = split(/\./, $file);
	my ($name,$version,$ext);
	if (@file_parts > 1) {
	$ext=pop(@file_parts);
	if (@file_parts > 1 && $file_parts[-1] =~ /^\d+$/) {
	$version=pop(@file_parts);
	}
	$name=join('.',@file_parts);
	} else {
	$name=join('.',@file_parts);
	}
	return($name,$version,$ext);
	}

#----------------------------------------------Get portfolio file permissions	#----------------------------------------------Get portfolio file permissions

sub get_portfile_permissions {	sub get_portfile_permissions {
Line 9284 sub modify_access_controls {	Line 10859 sub modify_access_controls {
my $tries = 0;	my $tries = 0;
my $gotlock = &newput('file_permissions',$lockhash,$domain,$user);	my $gotlock = &newput('file_permissions',$lockhash,$domain,$user);

while (($gotlock ne 'ok') && $tries <3) {	while (($gotlock ne 'ok') && $tries < 10) {
$tries ++;	$tries ++;
sleep 1;	sleep(0.1);
$gotlock = &newput('file_permissions',$lockhash,$domain,$user);	$gotlock = &newput('file_permissions',$lockhash,$domain,$user);
}	}
if ($gotlock eq 'ok') {	if ($gotlock eq 'ok') {
Line 9332 sub modify_access_controls {	Line 10907 sub modify_access_controls {
}	}

sub make_public_indefinitely {	sub make_public_indefinitely {
my ($requrl) = @_;	my (@requrl) = @_;
	return &automated_portfile_access('public',\@requrl);
	}

	sub automated_portfile_access {
	my ($accesstype,$addsref,$delsref,$info) = @_;
	unless (($accesstype eq 'public') \|\| ($accesstype eq 'ip')) {
	return 'invalid';
	}
	my %urls;
	if (ref($addsref) eq 'ARRAY') {
	foreach my $requrl (@{$addsref}) {
	if (&is_portfolio_url($requrl)) {
	unless (exists($urls{$requrl})) {
	$urls{$requrl} = 'add';
	}
	}
	}
	}
	if (ref($delsref) eq 'ARRAY') {
	foreach my $requrl (@{$delsref}) {
	if (&is_portfolio_url($requrl)) {
	unless (exists($urls{$requrl})) {
	$urls{$requrl} = 'delete';
	}
	}
	}
	}
	unless (keys(%urls)) {
	return 'invalid';
	}
	my $ip;
	if ($accesstype eq 'ip') {
	if (ref($info) eq 'HASH') {
	if ($info->{'ip'} ne '') {
	$ip = $info->{'ip'};
	}
	}
	if ($ip eq '') {
	return 'invalid';
	}
	}
	my $errors;
my $now = time;	my $now = time;
my $action = 'activate';	my %current_perms;
my $aclnum = 0;	foreach my $requrl (sort(keys(%urls))) {
if (&is_portfolio_url($requrl)) {	my $action;
	if ($urls{$requrl} eq 'add') {
	$action = 'activate';
	} else {
	$action = 'none';
	}
	my $aclnum = 0;
my (undef,$udom,$unum,$file_name,$group) =	my (undef,$udom,$unum,$file_name,$group) =
&parse_portfolio_url($requrl);	&parse_portfolio_url($requrl);
my $current_perms = &get_portfile_permissions($udom,$unum);	unless (exists($current_perms{$unum.':'.$udom})) {
my %access_controls = &get_access_controls($current_perms,	$current_perms{$unum.':'.$udom} = &get_portfile_permissions($udom,$unum);
	}
	my %access_controls = &get_access_controls($current_perms{$unum.':'.$udom},
$group,$file_name);	$group,$file_name);
foreach my $key (keys(%{$access_controls{$file_name}})) {	foreach my $key (keys(%{$access_controls{$file_name}})) {
my ($num,$scope,$end,$start) =	my ($num,$scope,$end,$start) =
($key =~ /^([^:]+):([a-z]+)_(\d)_?(\d)$/);	($key =~ /^([^:]+):([a-z]+)_(\d)_?(\d)$/);
if ($scope eq 'public') {	if ($scope eq $accesstype) {
if ($start <= $now && $end == 0) {	if (($start <= $now) && ($end == 0)) {
$action = 'none';	if ($accesstype eq 'ip') {
} else {	if (ref($access_controls{$file_name}{$key}) eq 'HASH') {
	if (ref($access_controls{$file_name}{$key}{'ip'}) eq 'ARRAY') {
	if (grep(/^\Q$ip\E$/,@{$access_controls{$file_name}{$key}{'ip'}})) {
	if ($urls{$requrl} eq 'add') {
	$action = 'none';
	last;
	} else {
	$action = 'delete';
	$aclnum = $num;
	last;
	}
	}
	}
	}
	} elsif ($accesstype eq 'public') {
	if ($urls{$requrl} eq 'add') {
	$action = 'none';
	last;
	} else {
	$action = 'delete';
	$aclnum = $num;
	last;
	}
	}
	} elsif ($accesstype eq 'public') {
$action = 'update';	$action = 'update';
$aclnum = $num;	$aclnum = $num;
	last;
}	}
last;
}	}
}	}
if ($action eq 'none') {	if ($action eq 'none') {
return 'ok';	next;
} else {	} else {
my %changes;	my %changes;
my $newend = 0;	my $newend = 0;
my $newstart = $now;	my $newstart = $now;
my $newkey = $aclnum.':public_'.$newend.'_'.$newstart;	my $newkey = $aclnum.':'.$accesstype.'_'.$newend.'_'.$newstart;
$changes{$action}{$newkey} = {	$changes{$action}{$newkey} = {
type => 'public',	type => $accesstype,
time => {	time => {
start => $newstart,	start => $newstart,
end => $newend,	end => $newend,
},	},
};	};
	if ($accesstype eq 'ip') {
	$changes{$action}{$newkey}{'ip'} = [$ip];
	}
my ($outcome,$deloutcome,$new_values,$translation) =	my ($outcome,$deloutcome,$new_values,$translation) =
&modify_access_controls($file_name,\%changes,$udom,$unum);	&modify_access_controls($file_name,\%changes,$udom,$unum);
return $outcome;	unless ($outcome eq 'ok') {
	$errors .= $outcome.' ';
	}
}	}
	}
	if ($errors) {
	$errors =~ s/\s$//;
	return $errors;
} else {	} else {
return 'invalid';	return 'ok';
}	}
}	}

Line 9579 sub dirlist {	Line 11237 sub dirlist {
foreach my $user (sort(keys(%allusers))) {	foreach my $user (sort(keys(%allusers))) {
push(@alluserslist,$user.'&user');	push(@alluserslist,$user.'&user');
}	}
return (\@alluserslist);
	if (!%listerror) {
	# no errors
	return (\@alluserslist);
	} elsif (scalar(keys(%servers)) == 1) {
	# one library server, one error
	my ($key) = keys(%listerror);
	return (\@alluserslist, $listerror{$key});
	} elsif ( grep { $_ eq 'con_lost' } values(%listerror) ) {
	# con_lost indicates that we might miss data from at least one
	# library server
	return (\@alluserslist, 'con_lost');
	} else {
	# multiple library servers and no con_lost -> data should be
	# complete.
	return (\@alluserslist);
	}

} else {	} else {
return ([],'missing username');	return ([],'missing username');
}	}
Line 9652 sub stat_file {	Line 11327 sub stat_file {
return ();	return ();
}	}

	# --------------------------------------------------------- recursedirs
	# Recursive function to traverse either a specific user's Authoring Space
	# or corresponding Published Resource Space, and populate the hash ref:
	# $dirhashref with URLs of all directories, and if $filehashref hash
	# ref arg is provided, the URLs of any files, excluding versioned, .meta,
	# or .rights files in resource space, and .meta, .save, .log, and .bak
	# files in Authoring Space.
	#
	# Inputs:
	#
	# $is_home - true if current server is home server for user's space
	# $context - either: priv, or res respectively for Authoring or Resource Space.
	# $docroot - Document root (i.e., /home/httpd/html
	# $toppath - Top level directory (i.e., /res/$dom/$uname or /priv/$dom/$uname
	# $relpath - Current path (relative to top level).
	# $dirhashref - reference to hash to populate with URLs of directories (Required)
	# $filehashref - reference to hash to populate with URLs of files (Optional)
	#
	# Returns: nothing
	#
	# Side Effects: populates $dirhashref, and $filehashref (if provided).
	#
	# Currently used by interface/londocs.pm to create linked select boxes for
	# directory and filename to import a Course "Author" resource into a course, and
	# also to create linked select boxes for Authoring Space and Directory to choose
	# save location for creation of a new "standard" problem from the Course Editor.
	#

	sub recursedirs {
	my ($is_home,$context,$docroot,$toppath,$relpath,$dirhashref,$filehashref) = @_;
	return unless (ref($dirhashref) eq 'HASH');
	my $currpath = $docroot.$toppath;
	if ($relpath) {
	$currpath .= "/$relpath";
	}
	my $savefile;
	if (ref($filehashref)) {
	$savefile = 1;
	}
	if ($is_home) {
	if (opendir(my $dirh,$currpath)) {
	foreach my $item (sort { lc($a) cmp lc($b) } grep(!/^\.+$/,readdir($dirh))) {
	next if ($item eq '');
	if (-d "$currpath/$item") {
	my $newpath;
	if ($relpath) {
	$newpath = "$relpath/$item";
	} else {
	$newpath = $item;
	}
	$dirhashref->{&Apache::lonlocal::js_escape($newpath)} = 1;
	&recursedirs($is_home,$context,$docroot,$toppath,$newpath,$dirhashref,$filehashref);
	} elsif ($savefile) {
	if ($context eq 'priv') {
	unless ($item =~ /\.(meta\|save\|log\|bak\|DS_Store)$/) {
	$filehashref->{&Apache::lonlocal::js_escape($relpath)}{$item} = 1;
	}
	} else {
	unless (($item =~ /\.meta$/) \|\| ($item =~ /\.\d+\.\w+$/) \|\| ($item =~ /\.rights$/)) {
	$filehashref->{&Apache::lonlocal::js_escape($relpath)}{$item} = 1;
	}
	}
	}
	}
	closedir($dirh);
	}
	} else {
	my ($dirlistref,$listerror) =
	&dirlist($toppath.$relpath);
	my @dir_lines;
	my $dirptr=16384;
	if (ref($dirlistref) eq 'ARRAY') {
	foreach my $dir_line (sort
	{
	my ($afile)=split('&',$a,2);
	my ($bfile)=split('&',$b,2);
	return (lc($afile) cmp lc($bfile));
	} (@{$dirlistref})) {
	my ($item,$dom,undef,$testdir,undef,undef,undef,undef,$size,undef,$mtime,undef,undef,undef,$obs,undef) =
	split(/\&/,$dir_line,16);
	$item =~ s/\s+$//;
	next if (($item =~ /^\.\.?$/) \|\| ($obs));
	if ($dirptr&$testdir) {
	my $newpath;
	if ($relpath) {
	$newpath = "$relpath/$item";
	} else {
	$relpath = '/';
	$newpath = $item;
	}
	$dirhashref->{&Apache::lonlocal::js_escape($newpath)} = 1;
	&recursedirs($is_home,$context,$docroot,$toppath,$newpath,$dirhashref,$filehashref);
	} elsif ($savefile) {
	if ($context eq 'priv') {
	unless ($item =~ /\.(meta\|save\|log\|bak\|DS_Store)$/) {
	$filehashref->{$relpath}{$item} = 1;
	}
	} else {
	unless (($item =~ /\.meta$/) \|\| ($item =~ /\.\d+\.\w+$/)) {
	$filehashref->{$relpath}{$item} = 1;
	}
	}
	}
	}
	}
	}
	return;
	}

# -------------------------------------------------------- Value of a Condition	# -------------------------------------------------------- Value of a Condition

# gets the value of a specific preevaluated condition	# gets the value of a specific preevaluated condition
Line 9796 sub get_userresdata {	Line 11580 sub get_userresdata {
}	}
#error 2 occurs when the .db doesn't exist	#error 2 occurs when the .db doesn't exist
if ($tmp!~/error: 2 /) {	if ($tmp!~/error: 2 /) {
&logthis("<font color=\"blue\">WARNING:".	if ((!defined($cached)) \|\| ($tmp ne 'con_lost')) {
" Trying to get resource data for ".	&logthis("<font color=\"blue\">WARNING:".
$uname." at ".$udom.": ".	" Trying to get resource data for ".
$tmp."</font>");	$uname." at ".$udom.": ".
	$tmp."</font>");
	}
} elsif ($tmp=~/error: 2 /) {	} elsif ($tmp=~/error: 2 /) {
#&EXT_cache_set($udom,$uname);	#&EXT_cache_set($udom,$uname);
&do_cache_new('userres',$hashid,undef,600);	&do_cache_new('userres',$hashid,undef,600);
Line 9813 sub get_userresdata {	Line 11599 sub get_userresdata {
# Parameters:	# Parameters:
# $name - Course/user name.	# $name - Course/user name.
# $domain - Name of the domain the user/course is registered on.	# $domain - Name of the domain the user/course is registered on.
# $type - Type of thing $name is (must be 'course' or 'user'	# $type - Type of thing $name is (must be 'course' or 'user')
	# $mapp - decluttered URL of enclosing map
	# $recursed - Ref to scalar -- set to 1, if nested maps have been recursed.
	# $recurseup - Ref to array of map URLs, starting with map containing
	# $mapp up through hierarchy of nested maps to top level map.
	# $courseid - CourseID (first part of param identifier).
	# $modifier - Middle part of param identifier.
	# $what - Last part of param identifier.
# @which - Array of names of resources desired.	# @which - Array of names of resources desired.
# Returns:	# Returns:
# The value of the first reasource in @which that is found in the	# The value of the first reasource in @which that is found in the
Line 9823 sub get_userresdata {	Line 11616 sub get_userresdata {
# 'user', an undefined reference is returned.	# 'user', an undefined reference is returned.
# If none of the resources are found, an undef is returned	# If none of the resources are found, an undef is returned
sub resdata {	sub resdata {
my ($name,$domain,$type,@which)=@_;	my ($name,$domain,$type,$mapp,$recursed,$recurseup,$courseid,
	$modifier,$what,@which)=@_;
my $result;	my $result;
if ($type eq 'course') {	if ($type eq 'course') {
$result=&get_courseresdata($name,$domain);	$result=&get_courseresdata($name,$domain);
Line 9832 sub resdata {	Line 11626 sub resdata {
}	}
if (!ref($result)) { return $result; }	if (!ref($result)) { return $result; }
foreach my $item (@which) {	foreach my $item (@which) {
if (defined($result->{$item->[0]})) {	if ($item->[1] eq 'course') {
	if ((ref($recurseup) eq 'ARRAY') && (ref($recursed) eq 'SCALAR')) {
	unless ($$recursed) {
	@{$recurseup} = &get_map_hierarchy($mapp,$courseid);
	$$recursed = 1;
	}
	foreach my $item (@${recurseup}) {
	my $norecursechk=$courseid.$modifier.$item.'___(all).'.$what;
	last if (defined($result->{$norecursechk}));
	my $recursechk=$courseid.$modifier.$item.'___(rec).'.$what;
	if (defined($result->{$recursechk})) { return [$result->{$recursechk},'map']; }
	}
	}
	}
	if (defined($result->{$item->[0]})) {
return [$result->{$item->[0]},$item->[1]];	return [$result->{$item->[0]},$item->[1]];
}	}
}	}
return undef;	return undef;
}	}

	sub get_domain_lti {
	my ($cdom,$context) = @_;
	my ($name,%lti);
	if ($context eq 'consumer') {
	$name = 'ltitools';
	} elsif ($context eq 'provider') {
	$name = 'lti';
	} else {
	return %lti;
	}
	my ($result,$cached)=&is_cached_new($name,$cdom);
	if (defined($cached)) {
	if (ref($result) eq 'HASH') {
	%lti = %{$result};
	}
	} else {
	my %domconfig = &get_dom('configuration',[$name],$cdom);
	if (ref($domconfig{$name}) eq 'HASH') {
	%lti = %{$domconfig{$name}};
	my %encdomconfig = &get_dom('encconfig',[$name],$cdom);
	if (ref($encdomconfig{$name}) eq 'HASH') {
	foreach my $id (keys(%lti)) {
	if (ref($encdomconfig{$name}{$id}) eq 'HASH') {
	foreach my $item ('key','secret') {
	$lti{$id}{$item} = $encdomconfig{$name}{$id}{$item};
	}
	}
	}
	}
	}
	my $cachetime = 246060;
	&do_cache_new($name,$cdom,\%lti,$cachetime);
	}
	return %lti;
	}

sub get_numsuppfiles {	sub get_numsuppfiles {
my ($cnum,$cdom,$ignorecache)=@_;	my ($cnum,$cdom,$ignorecache)=@_;
my $hashid=$cnum.':'.$cdom;	my $hashid=$cnum.':'.$cdom;
Line 9849 sub get_numsuppfiles {	Line 11693 sub get_numsuppfiles {
unless (defined($cached)) {	unless (defined($cached)) {
my $chome=&homeserver($cnum,$cdom);	my $chome=&homeserver($cnum,$cdom);
unless ($chome eq 'no_host') {	unless ($chome eq 'no_host') {
($suppcount,my $errors) = (0,0);	($suppcount,my $supptools,my $errors) = (0,0,0);
my $suppmap = 'supplemental.sequence';	my $suppmap = 'supplemental.sequence';
($suppcount,$errors) =	($suppcount,$supptools,$errors) =
&Apache::loncommon::recurse_supplemental($cnum,$cdom,$suppmap,$suppcount,$errors);	&Apache::loncommon::recurse_supplemental($cnum,$cdom,$suppmap,$suppcount,
	$supptools,$errors);
}	}
&do_cache_new('suppcount',$hashid,$suppcount,600);	&do_cache_new('suppcount',$hashid,$suppcount,600);
}	}
Line 9863 sub get_numsuppfiles {	Line 11708 sub get_numsuppfiles {
# EXT resource caching routines	# EXT resource caching routines
#	#

	{
	# Cache (5 seconds) of map hierarchy for speedup of navmaps display
	#
	# The course for which we cache
	my $cachedmapkey='';
	# The cached recursive maps for this course
	my %cachedmaps=();
	# When this was last done
	my $cachedmaptime='';

sub clear_EXT_cache_status {	sub clear_EXT_cache_status {
&delenv('cache.EXT.');	&delenv('cache.EXT.');
}	}
Line 10040 sub EXT {	Line 11895 sub EXT {
}	}
}	}

my ($section, $group, @groups);	my ($section, $group, @groups, @recurseup, $recursed);
my ($courselevelm,$courselevel);	my ($courselevelm,$courseleveli,$courselevel,$mapp);
if (($courseid eq '') && ($cid)) {	if (($courseid eq '') && ($cid)) {
$courseid = $cid;	$courseid = $cid;
}	}
if (($symbparm && $courseid) &&	if (($symbparm && $courseid) &&
(($courseid eq $env{'request.course.id'}) \|\| ($courseid eq $cid))) {	(($courseid eq $env{'request.course.id'}) \|\| ($courseid eq $cid))) {

#print '<br>'.$space.' - '.$qualifier.' - '.$spacequalifierrest;	#print '<br>'.$space.' - '.$qualifier.' - '.$spacequalifierrest;

# ----------------------------------------------------- Cascading lookup scheme	# ----------------------------------------------------- Cascading lookup scheme
my $symbp=$symbparm;	my $symbp=$symbparm;
my $mapp=&deversion((&decode_symb($symbp))[0]);	$mapp=&deversion((&decode_symb($symbp))[0]);

my $symbparm=$symbp.'.'.$spacequalifierrest;	my $symbparm=$symbp.'.'.$spacequalifierrest;
	my $recurseparm=$mapp.'___(rec).'.$spacequalifierrest;
my $mapparm=$mapp.'___(all).'.$spacequalifierrest;	my $mapparm=$mapp.'___(all).'.$spacequalifierrest;

if (($env{'user.name'} eq $uname) &&	if (($env{'user.name'} eq $uname) &&
($env{'user.domain'} eq $udom)) {	($env{'user.domain'} eq $udom)) {
$section=$env{'request.course.sec'};	$section=$env{'request.course.sec'};
Line 10073 sub EXT {	Line 11927 sub EXT {

my $seclevel=$courseid.'.['.$section.'].'.$spacequalifierrest;	my $seclevel=$courseid.'.['.$section.'].'.$spacequalifierrest;
my $seclevelr=$courseid.'.['.$section.'].'.$symbparm;	my $seclevelr=$courseid.'.['.$section.'].'.$symbparm;
	my $secleveli=$courseid.'.['.$section.'].'.$recurseparm;
my $seclevelm=$courseid.'.['.$section.'].'.$mapparm;	my $seclevelm=$courseid.'.['.$section.'].'.$mapparm;

$courselevel=$courseid.'.'.$spacequalifierrest;	$courselevel=$courseid.'.'.$spacequalifierrest;
my $courselevelr=$courseid.'.'.$symbparm;	my $courselevelr=$courseid.'.'.$symbparm;
	$courseleveli=$courseid.'.'.$recurseparm;
$courselevelm=$courseid.'.'.$mapparm;	$courselevelm=$courseid.'.'.$mapparm;

# ----------------------------------------------------------- first, check user	# ----------------------------------------------------------- first, check user

my $userreply=&resdata($uname,$udom,'user',	my $userreply=&resdata($uname,$udom,'user',$mapp,\$recursed,
	\@recurseup,$courseid,'.',$spacequalifierrest,
([$courselevelr,'resource'],	([$courselevelr,'resource'],
[$courselevelm,'map' ],	[$courselevelm,'map' ],
	[$courseleveli,'map' ],
[$courselevel, 'course' ]));	[$courselevel, 'course' ]));
if (defined($userreply)) { return &get_reply($userreply); }	if (defined($userreply)) { return &get_reply($userreply); }

Line 10091 sub EXT {	Line 11949 sub EXT {
my $coursereply;	my $coursereply;
if (@groups > 0) {	if (@groups > 0) {
$coursereply = &check_group_parms($courseid,\@groups,$symbparm,	$coursereply = &check_group_parms($courseid,\@groups,$symbparm,
$mapparm,$spacequalifierrest);	$recurseparm,$mapparm,$spacequalifierrest,
if (defined($coursereply)) { return &get_reply($coursereply); }	$mapp,\$recursed,\@recurseup);
	if (defined($coursereply)) { return &get_reply($coursereply); }
}	}

$coursereply=&resdata($env{'course.'.$courseid.'.num'},	$coursereply=&resdata($env{'course.'.$courseid.'.num'},
$env{'course.'.$courseid.'.domain'},	$env{'course.'.$courseid.'.domain'},
'course',	'course',$mapp,\$recursed,\@recurseup,
	$courseid,'.['.$section.'].',$spacequalifierrest,
([$seclevelr, 'resource'],	([$seclevelr, 'resource'],
[$seclevelm, 'map' ],	[$seclevelm, 'map' ],
	[$secleveli, 'map' ],
[$seclevel, 'course' ],	[$seclevel, 'course' ],
[$courselevelr,'resource']));	[$courselevelr,'resource']));
if (defined($coursereply)) { return &get_reply($coursereply); }	if (defined($coursereply)) { return &get_reply($coursereply); }
Line 10116 sub EXT {	Line 11977 sub EXT {
if ($thisparm) { return &get_reply([$thisparm,'resource']); }	if ($thisparm) { return &get_reply([$thisparm,'resource']); }
}	}
# ------------------------------------------ fourth, look in resource metadata	# ------------------------------------------ fourth, look in resource metadata

$spacequalifierrest=~s/\./\_/;	my $what = $spacequalifierrest;
	$what=~s/\./\_/;
my $filename;	my $filename;
if (!$symbparm) { $symbparm=&symbread(); }	if (!$symbparm) { $symbparm=&symbread(); }
if ($symbparm) {	if ($symbparm) {
Line 10125 sub EXT {	Line 11987 sub EXT {
} else {	} else {
$filename=$env{'request.filename'};	$filename=$env{'request.filename'};
}	}
my $metadata=&metadata($filename,$spacequalifierrest);	my $toolsymb;
	if (($filename =~ /ext\.tool$/) && ($what ne '0_gradable')) {
	$toolsymb = $symbparm;
	}
	my $metadata=&metadata($filename,$what,$toolsymb);
if (defined($metadata)) { return &get_reply([$metadata,'resource']); }	if (defined($metadata)) { return &get_reply([$metadata,'resource']); }
$metadata=&metadata($filename,'parameter_'.$spacequalifierrest);	$metadata=&metadata($filename,'parameter_'.$what,$toolsymb);
if (defined($metadata)) { return &get_reply([$metadata,'resource']); }	if (defined($metadata)) { return &get_reply([$metadata,'resource']); }

# ---------------------------------------------- fourth, look in rest of course	# ----------------------------------------------- fifth, look in rest of course
if ($symbparm && defined($courseid) &&	if ($symbparm && defined($courseid) &&
$courseid eq $env{'request.course.id'}) {	$courseid eq $env{'request.course.id'}) {
my $coursereply=&resdata($env{'course.'.$courseid.'.num'},	my $coursereply=&resdata($env{'course.'.$courseid.'.num'},
$env{'course.'.$courseid.'.domain'},	$env{'course.'.$courseid.'.domain'},
'course',	'course',$mapp,\$recursed,\@recurseup,
	$courseid,'.',$spacequalifierrest,
([$courselevelm,'map' ],	([$courselevelm,'map' ],
	[$courseleveli,'map' ],
[$courselevel, 'course']));	[$courselevel, 'course']));
if (defined($coursereply)) { return &get_reply($coursereply); }	if (defined($coursereply)) { return &get_reply($coursereply); }
}	}
Line 10151 sub EXT {	Line 12019 sub EXT {
if (defined($partgeneral[0])) { return &get_reply(\@partgeneral); }	if (defined($partgeneral[0])) { return &get_reply(\@partgeneral); }
}	}
if ($recurse) { return undef; }	if ($recurse) { return undef; }
my $pack_def=&packages_tab_default($filename,$varname);	my $pack_def=&packages_tab_default($filename,$varname,$toolsymb);
if (defined($pack_def)) { return &get_reply([$pack_def,'resource']); }	if (defined($pack_def)) { return &get_reply([$pack_def,'resource']); }
# ---------------------------------------------------- Any other user namespace	# ---------------------------------------------------- Any other user namespace
} elsif ($realm eq 'environment') {	} elsif ($realm eq 'environment') {
Line 10193 sub get_reply {	Line 12061 sub get_reply {
}	}

sub check_group_parms {	sub check_group_parms {
my ($courseid,$groups,$symbparm,$mapparm,$what) = @_;	my ($courseid,$groups,$symbparm,$recurseparm,$mapparm,$what,$mapp,
my @groupitems = ();	$recursed,$recurseupref) = @_;
my $resultitem;	my @levels = ([$symbparm,'resource'],[$mapparm,'map'],[$recurseparm,'map'],
my @levels = ([$symbparm,'resource'],[$mapparm,'map'],[$what,'course']);	[$what,'course']);
	my $coursereply;
foreach my $group (@{$groups}) {	foreach my $group (@{$groups}) {
	my @groupitems = ();
foreach my $level (@levels) {	foreach my $level (@levels) {
my $item = $courseid.'.['.$group.'].'.$level->[0];	my $item = $courseid.'.['.$group.'].'.$level->[0];
push(@groupitems,[$item,$level->[1]]);	push(@groupitems,[$item,$level->[1]]);
}	}
	my $coursereply = &resdata($env{'course.'.$courseid.'.num'},
	$env{'course.'.$courseid.'.domain'},
	'course',$mapp,$recursed,$recurseupref,
	$courseid,'.['.$group.'].',$what,
	@groupitems);
	last if (defined($coursereply));
}	}
my $coursereply = &resdata($env{'course.'.$courseid.'.num'},
$env{'course.'.$courseid.'.domain'},
'course',@groupitems);
return $coursereply;	return $coursereply;
}	}

	sub get_map_hierarchy {
	my ($mapname,$courseid) = @_;
	my @recurseup = ();
	if ($mapname) {
	if (($cachedmapkey eq $courseid) &&
	(abs($cachedmaptime-time)<5)) {
	if (ref($cachedmaps{$mapname}) eq 'ARRAY') {
	return @{$cachedmaps{$mapname}};
	}
	}
	my $navmap = Apache::lonnavmaps::navmap->new();
	if (ref($navmap)) {
	@recurseup = $navmap->recurseup_maps($mapname);
	undef($navmap);
	$cachedmaps{$mapname} = \@recurseup;
	$cachedmaptime=time;
	$cachedmapkey=$courseid;
	}
	}
	return @recurseup;
	}

	}

sub sort_course_groups { # Sort groups based on defined rankings. Default is sort().	sub sort_course_groups { # Sort groups based on defined rankings. Default is sort().
my ($courseid,@groups) = @_;	my ($courseid,@groups) = @_;
@groups = sort(@groups);	@groups = sort(@groups);
Line 10216 sub sort_course_groups { # Sort groups b	Line 12113 sub sort_course_groups { # Sort groups b
}	}

sub packages_tab_default {	sub packages_tab_default {
my ($uri,$varname)=@_;	my ($uri,$varname,$toolsymb)=@_;
my (undef,$part,$name)=split(/\./,$varname);	my (undef,$part,$name)=split(/\./,$varname);

my (@extension,@specifics,$do_default);	my (@extension,@specifics,$do_default);
foreach my $package (split(/,/,&metadata($uri,'packages'))) {	foreach my $package (split(/,/,&metadata($uri,'packages',$toolsymb))) {
my ($pack_type,$pack_part)=split(/_/,$package,2);	my ($pack_type,$pack_part)=split(/_/,$package,2);
if ($pack_type eq 'default') {	if ($pack_type eq 'default') {
$do_default=1;	$do_default=1;
Line 10287 sub add_prefix_and_part {	Line 12184 sub add_prefix_and_part {

my %metaentry;	my %metaentry;
my %importedpartids;	my %importedpartids;
	my %importedrespids;
sub metadata {	sub metadata {
my ($uri,$what,$liburi,$prefix,$depthcount)=@_;	my ($uri,$what,$toolsymb,$liburi,$prefix,$depthcount)=@_;
$uri=&declutter($uri);	$uri=&declutter($uri);
# if it is a non metadata possible uri return quickly	# if it is a non metadata possible uri return quickly
if (($uri eq '') \|\|	if (($uri eq '') \|\|
(($uri =~ m\|^/*adm/\|) &&	(($uri =~ m\|^/*adm/\|) &&
($uri !~ m\|^adm/includes\|) && ($uri !~ m{/(smppg\|bulletinboard)$})) \|\|	($uri !~ m\|^adm/includes\|) && ($uri !~ m{/(smppg\|bulletinboard\|ext\.tool)$})) \|\|
($uri =~ m\|/$\|) \|\| ($uri =~ m\|/.meta$\|) \|\| ($uri =~ m{^/*uploaded/.+\.sequence$})) {	($uri =~ m\|/$\|) \|\| ($uri =~ m\|/.meta$\|) \|\| ($uri =~ m{^/*uploaded/.+\.sequence$})) {
return undef;	return undef;
}	}
Line 10312 sub metadata {	Line 12210 sub metadata {
my ($result,$cached)=&is_cached_new('meta',$uri);	my ($result,$cached)=&is_cached_new('meta',$uri);
if (defined($cached)) { return $result->{':'.$what}; }	if (defined($cached)) { return $result->{':'.$what}; }
}	}

	#
	# If the uri is for an external tool the file from
	# which metadata should be retrieved depends on whether
	# the tool had been configured to be gradable (set in the Course
	# Editor or Resource Editor).
	#
	# If a valid symb has been included as the third arg in the call
	# to &metadata() that can be used to retrieve the value of
	# parameter_0_gradable set for the resource, and included in the
	# uploaded map containing the tool. The value is retrieved via
	# &EXT(), if a valid symb is available. Otherwise the value of
	# gradable in the exttool_$marker.db file for the tool instance
	# is retrieved via &get().
	#
	# When lonuserstate::traceroute() calls lonnet::EXT() for
	# hiddenresource and encrypturl (during course initialization)
	# the map-level parameter for resource.0.gradable included in the
	# uploaded map containing the tool will not yet have been stored
	# in the user_course_parms.db file for the user's session, so in
	# this case fall back to retrieving gradable status from the
	# exttool_$marker.db file.
	#
	# In order to avoid an infinite loop, &metadata() will return
	# before a call to &EXT(), if the uri is for an external tool
	# and the $what for which metadata is being requested is
	# parameter_0_gradable or 0_gradable.
	#

	if ($uri =~ /ext\.tool$/) {
	if (($what eq 'parameter_0_gradable') \|\| ($what eq '0_gradable')) {
	return;
	} else {
	my ($checked,$use_passback);
	if ($toolsymb ne '') {
	(undef,undef,my $tooluri) = &decode_symb($toolsymb);
	if (($tooluri eq $uri) && (&EXT('resource.0.gradable',$toolsymb))) {
	$checked = 1;
	if (&EXT('resource.0.gradable',$toolsymb) =~ /^yes$/i) {
	$use_passback = 1;
	}
	}
	}
	unless ($checked) {
	my ($ignore,$cdom,$cnum,$marker) = split(m{/},$uri);
	$marker=~s/\D//g;
	if ($marker) {
	my %toolsettings=&get('exttool_'.$marker,['gradable'],$cdom,$cnum);
	$use_passback = $toolsettings{'gradable'};
	}
	}
	if ($use_passback) {
	$filename = '/home/httpd/html/res/lib/templates/LTIpassback.tool';
	} else {
	$filename = '/home/httpd/html/res/lib/templates/LTIstandard.tool';
	}
	}
	}

{	{
# Imported parts would go here	# Imported parts would go here
my %importedids=();	my @origfiletagids=();
my @origfileimportpartids=();
my $importedparts=0;	my $importedparts=0;

	# Imported responseids would go here
	my $importedresponses=0;
#	#
# Is this a recursive call for a library?	# Is this a recursive call for a library?
#	#
Line 10411 sub metadata {	Line 12370 sub metadata {
my $dir=$filename;	my $dir=$filename;
$dir=~s\|[^/]*$\|\|;	$dir=~s\|[^/]*$\|\|;
$location=&filelocation($dir,$location);	$location=&filelocation($dir,$location);

	my $importid=$token->[2]->{'id'};
my $importmode=$token->[2]->{'importmode'};	my $importmode=$token->[2]->{'importmode'};
if ($importmode eq 'problem') {	#
# Import as problem/response	# Check metadata for imported file to
$unikey=&add_prefix_and_part($prefix,$token->[2]->{'part'});	# see if it contained response items
} elsif ($importmode eq 'part') {	#
	my ($origfile,@libfilekeys);
	my %currmetaentry = %metaentry;
	@libfilekeys = split(/,/,&metadata($location,'keys',undef,undef,undef,
	$depthcount+1));
	if (grep(/^responseorder$/,@libfilekeys)) {
	my $libresponseorder = &metadata($location,'responseorder',undef,undef,
	undef,$depthcount+1);
	if ($libresponseorder ne '') {
	if ($#origfiletagids<0) {
	undef(%importedrespids);
	undef(%importedpartids);
	}
	my @respids = split(/\s,\s/,$libresponseorder);
	if (@respids) {
	$importedrespids{$importid} = join(',',map { $importid.'_'.$_ } @respids);
	}
	if ($importedrespids{$importid} ne '') {
	$importedresponses = 1;
	# We need to get the original file and the imported file to get the response order correct
	# Load and inspect original file
	if ($#origfiletagids<0) {
	my $origfilelocation=$perlvar{'lonDocRoot'}.&clutter($uri);
	$origfile=&getfile($origfilelocation);
	@origfiletagids=($origfile=~/<((?:\w+)response\|import\|part)[^>]id\s=\s[\"\']([^\"\']+)[\"\'][^>]>/gs);
	}
	}
	}
	}
	# Do not overwrite contents of %metaentry hash for resource itself with
	# hash populated for imported library file
	%metaentry = %currmetaentry;
	undef(%currmetaentry);
	if ($importmode eq 'part') {
# Import as part(s)	# Import as part(s)
$importedparts=1;	$importedparts=1;
# We need to get the original file and the imported file to get the part order correct	# We need to get the original file and the imported file to get the part order correct
# Good news: we do not need to worry about nested libraries, since parts cannot be nested	# Good news: we do not need to worry about nested libraries, since parts cannot be nested
# Load and inspect original file	# Load and inspect original file if we didn't do that already
if ($#origfileimportpartids<0) {	if ($#origfiletagids<0) {
undef(%importedpartids);	undef(%importedrespids);
my $origfilelocation=$perlvar{'lonDocRoot'}.&clutter($uri);	undef(%importedpartids);
my $origfile=&getfile($origfilelocation);	if ($origfile eq '') {
@origfileimportpartids=($origfile=~/<(part\|import)[^>]id\s=\s[\"\']([^\"\']+)[\"\'][^>]>/gs);	my $origfilelocation=$perlvar{'lonDocRoot'}.&clutter($uri);
	$origfile=&getfile($origfilelocation);
	@origfiletagids=($origfile=~/<(part\|import)[^>]id\s=\s[\"\']([^\"\']+)[\"\'][^>]>/gs);
	}
	}
	my @impfilepartids;
	# If <partorder> tag is included in metadata for the imported file
	# get the parts in the imported file from that.
	if (grep(/^partorder$/,@libfilekeys)) {
	%currmetaentry = %metaentry;
	my $libpartorder = &metadata($location,'partorder',undef,undef,undef,
	$depthcount+1);
	%metaentry = %currmetaentry;
	undef(%currmetaentry);
	if ($libpartorder ne '') {
	@impfilepartids=split(/\s,\s/,$libpartorder);
	}
	} else {
	# If no <partorder> tag available, load and inspect imported file
	my $impfile=&getfile($location);
	@impfilepartids=($impfile=~/<part[^>]id\s=\s[\"\']([^\"\']+)[\"\'][^>]>/gs);
}	}

# Load and inspect imported file
my $impfile=&getfile($location);
my @impfilepartids=($impfile=~/<part[^>]id\s=\s[\"\']([^\"\']+)[\"\'][^>]>/gs);
if ($#impfilepartids>=0) {	if ($#impfilepartids>=0) {
# This problem had parts	# This problem had parts
$importedpartids{$token->[2]->{'id'}}=join(',',@impfilepartids);	$importedpartids{$token->[2]->{'id'}}=join(',',@impfilepartids);
Line 10442 sub metadata {	Line 12451 sub metadata {
$importedpartids{$token->[2]->{'id'}}=$token->[2]->{'id'};	$importedpartids{$token->[2]->{'id'}}=$token->[2]->{'id'};
}	}
} else {	} else {
	# Import as problem or as normal import
	$unikey=&add_prefix_and_part($prefix,$token->[2]->{'part'});
	unless ($importmode eq 'problem') {
# Normal import	# Normal import
$unikey=&add_prefix_and_part($prefix,$token->[2]->{'part'});	if (defined($token->[2]->{'id'})) {
if (defined($token->[2]->{'id'})) {	$unikey.='_'.$token->[2]->{'id'};
$unikey.='_'.$token->[2]->{'id'};	}
}	}
	# Check metadata for imported file to
	# see if it contained parts
	if (grep(/^partorder$/,@libfilekeys)) {
	%currmetaentry = %metaentry;
	my $libpartorder = &metadata($location,'partorder',undef,undef,undef,
	$depthcount+1);
	%metaentry = %currmetaentry;
	undef(%currmetaentry);
	if ($libpartorder ne '') {
	$importedparts = 1;
	$importedpartids{$token->[2]->{'id'}}=$libpartorder;
	}
	}
}	}

if ($depthcount<20) {	if ($depthcount<20) {
my $metadata =	my $metadata =
&metadata($uri,'keys', $location,$unikey,	&metadata($uri,'keys',$toolsymb,$location,$unikey,
$depthcount+1);	$depthcount+1);
foreach my $meta (split(',',$metadata)) {	foreach my $meta (split(',',$metadata)) {
$metaentry{':'.$meta}=$metaentry{':'.$meta};	$metaentry{':'.$meta}=$metaentry{':'.$meta};
$metathesekeys{$meta}=1;	$metathesekeys{$meta}=1;
}	}

}	}
} else {	} else {
#	#
Line 10526 sub metadata {	Line 12549 sub metadata {
$dir=~s\|[^/]*$\|\|;	$dir=~s\|[^/]*$\|\|;
$location=&filelocation($dir,$location);	$location=&filelocation($dir,$location);
my $rights_metadata =	my $rights_metadata =
&metadata($uri,'keys',$location,'_rights',	&metadata($uri,'keys',$toolsymb,$location,'_rights',
$depthcount+1);	$depthcount+1);
foreach my $rights (split(',',$rights_metadata)) {	foreach my $rights (split(',',$rights_metadata)) {
#$metaentry{':'.$rights}=$metacache{$uri}->{':'.$rights};	#$metaentry{':'.$rights}=$metacache{$uri}->{':'.$rights};
Line 10540 sub metadata {	Line 12563 sub metadata {
grep { ! $seen{$_} ++ } (split(',',$metaentry{':packages'}));	grep { ! $seen{$_} ++ } (split(',',$metaentry{':packages'}));
$metaentry{':packages'} = join(',',@uniq_packages);	$metaentry{':packages'} = join(',',@uniq_packages);

if ($importedparts) {	if (($importedresponses) \|\| ($importedparts)) {
	if ($importedparts) {
# We had imported parts and need to rebuild partorder	# We had imported parts and need to rebuild partorder
$metaentry{':partorder'}='';	$metaentry{':partorder'}='';
$metathesekeys{'partorder'}=1;	$metathesekeys{'partorder'}=1;
for (my $index=0;$index<$#origfileimportpartids;$index+=2) {	}
if ($origfileimportpartids[$index] eq 'part') {	if ($importedresponses) {
# original part, part of the problem	# We had imported responses and need to rebuil responseorder
$metaentry{':partorder'}.=','.$origfileimportpartids[$index+1];	$metaentry{':responseorder'}='';
} else {	$metathesekeys{'responseorder'}=1;
# we have imported parts at this position	}
$metaentry{':partorder'}.=','.$importedpartids{$origfileimportpartids[$index+1]};	for (my $index=0;$index<$#origfiletagids;$index+=2) {
}	my $origid = $origfiletagids[$index+1];
}	if ($origfiletagids[$index] eq 'part') {
$metaentry{':partorder'}=~s/^\,//;	# Original part, part of the problem
	if ($importedparts) {
	$metaentry{':partorder'}.=','.$origid;
	}
	} elsif ($origfiletagids[$index] eq 'import') {
	if ($importedparts) {
	# We have imported parts at this position
	if ($importedpartids{$origid} ne '') {
	$metaentry{':partorder'}.=','.$importedpartids{$origid};
	}
	}
	if ($importedresponses) {
	# We have imported responses at this position
	if ($importedrespids{$origid} ne '') {
	$metaentry{':responseorder'}.=','.$importedrespids{$origid};
	}
	}
	} else {
	# Original response item, part of the problem
	if ($importedresponses) {
	$metaentry{':responseorder'}.=','.$origid;
	}
	}
	}
	if ($importedparts) {
	$metaentry{':partorder'}=~s/^\,//;
	}
	if ($importedresponses) {
	$metaentry{':responseorder'}=~s/^\,//;
	}
}	}

$metaentry{':keys'} = join(',',keys(%metathesekeys));	$metaentry{':keys'} = join(',',keys(%metathesekeys));
&metadata_generate_part0(\%metathesekeys,\%metaentry,$uri);	&metadata_generate_part0(\%metathesekeys,\%metaentry,$uri);
$metaentry{':allpossiblekeys'}=join(',',keys %metathesekeys);	$metaentry{':allpossiblekeys'}=join(',',keys(%metathesekeys));
&do_cache_new('meta',$uri,\%metaentry,$cachetime);	unless ($liburi) {
	&do_cache_new('meta',$uri,\%metaentry,$cachetime);
	}
# this is the end of "was not already recently cached	# this is the end of "was not already recently cached
}	}
return $metaentry{':'.$what};	return $metaentry{':'.$what};
Line 10834 sub symbverify {	Line 12888 sub symbverify {
$ids=$bighash{'ids_'.&clutter($thisurl)};	$ids=$bighash{'ids_'.&clutter($thisurl)};
}	}
unless ($ids) {	unless ($ids) {
my $idkey = 'ids_'.($thisurl =~ m{^/}? '' : '/').$thisurl;	my $idkey = 'ids_'.($thisurl =~ m{^/}? '' : '/').$thisurl;
$ids=$bighash{$idkey};	$ids=$bighash{$idkey};
}	}
if ($ids) {	if ($ids) {
Line 10850 sub symbverify {	Line 12904 sub symbverify {
if (ref($encstate)) {	if (ref($encstate)) {
$$encstate = $bighash{'encrypted_'.$id};	$$encstate = $bighash{'encrypted_'.$id};
}	}
if (($env{'request.role.adv'}) \|\|	if (($env{'request.role.adv'}) \|\|
($bighash{'encrypted_'.$id} eq $env{'request.enc'}) \|\|	($bighash{'encrypted_'.$id} eq $env{'request.enc'}) \|\|
($thisurl eq '/adm/navmaps')) {	($thisurl eq '/adm/navmaps')) {
$okay=1;	$okay=1;
last;	last;
}	}
}	}
}	}
}	}
untie(%bighash);	untie(%bighash);
}	}
Line 10929 sub deversion {	Line 12983 sub deversion {
# ------------------------------------------------------ Return symb list entry	# ------------------------------------------------------ Return symb list entry

sub symbread {	sub symbread {
my ($thisfn,$donotrecurse)=@_;	my ($thisfn,$donotrecurse,$ignorecachednull,$checkforblock,$possibles)=@_;
my $cache_str;	my $cache_str='request.symbread.cached.'.$thisfn;
if ($thisfn ne '') {	if (defined($env{$cache_str})) {
$cache_str='request.symbread.cached.'.$thisfn;	if ($ignorecachednull) {
if ($env{$cache_str} ne '') {	return $env{$cache_str} unless ($env{$cache_str} eq '');
	} else {
return $env{$cache_str};	return $env{$cache_str};
}	}
} else {	}
# no filename provided? try from environment	# no filename provided? try from environment
	unless ($thisfn) {
if ($env{'request.symb'}) {	if ($env{'request.symb'}) {
return $env{$cache_str}=&symbclean($env{'request.symb'});	return $env{$cache_str}=&symbclean($env{'request.symb'});
}	}
$thisfn=$env{'request.filename'};	$thisfn=$env{'request.filename'};
}	}
if ($thisfn=~m\|^/enc/\|) { $thisfn=&Apache::lonenc::unencrypted($thisfn); }	if ($thisfn=~m\|^/enc/\|) { $thisfn=&Apache::lonenc::unencrypted($thisfn); }
# is that filename actually a symb? Verify, clean, and return	# is that filename actually a symb? Verify, clean, and return
Line 10997 sub symbread {	Line 13053 sub symbread {
my ($mapid,$resid)=split(/\./,$ids);	my ($mapid,$resid)=split(/\./,$ids);
$syval=&encode_symb($bighash{'map_id_'.$mapid},	$syval=&encode_symb($bighash{'map_id_'.$mapid},
$resid,$thisfn);	$resid,$thisfn);
} elsif (!$donotrecurse) {	if (ref($possibles) eq 'HASH') {
	$possibles->{$syval} = 1;
	}
	if ($checkforblock) {
	my @blockers = &has_comm_blocking('bre',$syval,$bighash{'src_'.$ids});
	if (@blockers) {
	$syval = '';
	return;
	}
	}
	} elsif ((!$donotrecurse) \|\| ($checkforblock) \|\| (ref($possibles) eq 'HASH')) {
# ------------------------------------------ There is more than one possibility	# ------------------------------------------ There is more than one possibility
my $realpossible=0;	my $realpossible=0;
foreach my $id (@possibilities) {	foreach my $id (@possibilities) {
my $file=$bighash{'src_'.$id};	my $file=$bighash{'src_'.$id};
if (&allowed('bre',$file)) {	my $canaccess;
my ($mapid,$resid)=split(/\./,$id);	if (($donotrecurse) \|\| ($checkforblock) \|\| (ref($possibles) eq 'HASH')) {
if ($bighash{'map_type_'.$mapid} ne 'page') {	$canaccess = 1;
$realpossible++;	} else {
$syval=&encode_symb($bighash{'map_id_'.$mapid},	$canaccess = &allowed('bre',$file);
$resid,$thisfn);	}
}	if ($canaccess) {
	my ($mapid,$resid)=split(/\./,$id);
	if ($bighash{'map_type_'.$mapid} ne 'page') {
	my $poss_syval=&encode_symb($bighash{'map_id_'.$mapid},
	$resid,$thisfn);
	if (ref($possibles) eq 'HASH') {
	$possibles->{$syval} = 1;
	}
	if ($checkforblock) {
	my @blockers = &has_comm_blocking('bre',$poss_syval,$file);
	unless (@blockers > 0) {
	$syval = $poss_syval;
	$realpossible++;
	}
	} else {
	$syval = $poss_syval;
	$realpossible++;
	}
	}
}	}
}	}
if ($realpossible!=1) { $syval=''; }	if ($realpossible!=1) { $syval=''; }
Line 11016 sub symbread {	Line 13100 sub symbread {
$syval='';	$syval='';
}	}
}	}
untie(%bighash)	untie(%bighash);
}	}
}	}
if ($syval) {	if ($syval) {
Line 11169 sub rndseed {	Line 13253 sub rndseed {
$which =&get_rand_alg($courseid);	$which =&get_rand_alg($courseid);
}	}
if (defined(&getCODE())) {	if (defined(&getCODE())) {

if ($which eq '64bit5') {	if ($which eq '64bit5') {
return &rndseed_CODE_64bit5($symb,$courseid,$domain,$username);	return &rndseed_CODE_64bit5($symb,$courseid,$domain,$username);
} elsif ($which eq '64bit4') {	} elsif ($which eq '64bit4') {
Line 11354 sub rndseed_CODE_64bit5 {	Line 13439 sub rndseed_CODE_64bit5 {
sub setup_random_from_rndseed {	sub setup_random_from_rndseed {
my ($rndseed)=@_;	my ($rndseed)=@_;
if ($rndseed =~/([,:])/) {	if ($rndseed =~/([,:])/) {
my ($num1,$num2) = map { abs($_); } (split(/[,:]/,$rndseed));	my ($num1,$num2) = map { abs($_); } (split(/[,:]/,$rndseed));
if ((!$num1) \|\| (!$num2) \|\| ($num1 > 2147483562) \|\| ($num2 > 2147483398)) {	if ((!$num1) \|\| (!$num2) \|\| ($num1 > 2147483562) \|\| ($num2 > 2147483398)) {
&Math::Random::random_set_seed_from_phrase($rndseed);	&Math::Random::random_set_seed_from_phrase($rndseed);
} else {	} else {
Line 11538 sub repcopy_userfile {	Line 13623 sub repcopy_userfile {
}	}
# now the path exists for sure	# now the path exists for sure
# get a user agent	# get a user agent
my $ua=new LWP::UserAgent;
my $transferfile=$file.'.in.transfer';	my $transferfile=$file.'.in.transfer';
# FIXME: this should flock	# FIXME: this should flock
if (-e $transferfile) { return 'ok'; }	if (-e $transferfile) { return 'ok'; }
my $request;	my $request;
$uri=~s/^\///;	$uri=~s/^\///;
my $homeserver = &homeserver($cnum,$cdom);	my $homeserver = &homeserver($cnum,$cdom);
	my $hostname = &hostname($homeserver);
my $protocol = $protocol{$homeserver};	my $protocol = $protocol{$homeserver};
$protocol = 'http' if ($protocol ne 'https');	$protocol = 'http' if ($protocol ne 'https');
$request=new HTTP::Request('GET',$protocol.'://'.&hostname($homeserver).'/raw/'.$uri);	$request=new HTTP::Request('GET',$protocol.'://'.$hostname.'/raw/'.$uri);
my $response=$ua->request($request,$transferfile);	my $response = &LONCAPA::LWPReq::makerequest($homeserver,$request,$transferfile,\%perlvar,'',0,1);
# did it work?	# did it work?
if ($response->is_error()) {	if ($response->is_error()) {
unlink($transferfile);	unlink($transferfile);
Line 11571 sub tokenwrapper {	Line 13656 sub tokenwrapper {
$file=~s\|(\?\.)$\|\|;	$file=~s\|(\?\.)$\|\|;
&appenv({"userfile.$udom/$uname/$file" => $env{'request.course.id'}});	&appenv({"userfile.$udom/$uname/$file" => $env{'request.course.id'}});
my $homeserver = &homeserver($uname,$udom);	my $homeserver = &homeserver($uname,$udom);
	my $hostname = &hostname($homeserver);
my $protocol = $protocol{$homeserver};	my $protocol = $protocol{$homeserver};
$protocol = 'http' if ($protocol ne 'https');	$protocol = 'http' if ($protocol ne 'https');
return $protocol.'://'.&hostname($homeserver).'/'.$uri.	return $protocol.'://'.$hostname.'/'.$uri.
(($uri=~/\?/)?'&':'?').'token='.$token.	(($uri=~/\?/)?'&':'?').'token='.$token.
'&tokenissued='.$perlvar{'lonHostID'};	'&tokenissued='.$perlvar{'lonHostID'};
} else {	} else {
Line 11589 sub getuploaded {	Line 13675 sub getuploaded {
my ($reqtype,$uri,$cdom,$cnum,$info,$rtncode) = @_;	my ($reqtype,$uri,$cdom,$cnum,$info,$rtncode) = @_;
$uri=~s/^\///;	$uri=~s/^\///;
my $homeserver = &homeserver($cnum,$cdom);	my $homeserver = &homeserver($cnum,$cdom);
	my $hostname = &hostname($homeserver);
my $protocol = $protocol{$homeserver};	my $protocol = $protocol{$homeserver};
$protocol = 'http' if ($protocol ne 'https');	$protocol = 'http' if ($protocol ne 'https');
$uri = $protocol.'://'.&hostname($homeserver).'/raw/'.$uri;	$uri = $protocol.'://'.$hostname.'/raw/'.$uri;
my $ua=new LWP::UserAgent;
my $request=new HTTP::Request($reqtype,$uri);	my $request=new HTTP::Request($reqtype,$uri);
my $response=$ua->request($request);	my $response=&LONCAPA::LWPReq::makerequest($homeserver,$request,'',\%perlvar,'',0,1);
$$rtncode = $response->code;	$$rtncode = $response->code;
if (! $response->is_success()) {	if (! $response->is_success()) {
return 'failed';	return 'failed';
Line 11611 sub readfile {	Line 13697 sub readfile {
my $file = shift;	my $file = shift;
if ( (! -e $file ) \|\| ($file eq '') ) { return -1; };	if ( (! -e $file ) \|\| ($file eq '') ) { return -1; };
my $fh;	my $fh;
open($fh,"<$file");	open($fh,"<",$file);
my $a='';	my $a='';
while (my $line = <$fh>) { $a .= $line; }	while (my $line = <$fh>) { $a .= $line; }
return $a;	return $a;
Line 11724 sub machine_ids {	Line 13810 sub machine_ids {

sub additional_machine_domains {	sub additional_machine_domains {
my @domains;	my @domains;
open(my $fh,"<$perlvar{'lonTabDir'}/expected_domains.tab");	open(my $fh,"<","$perlvar{'lonTabDir'}/expected_domains.tab");
while( my $line = <$fh>) {	while( my $line = <$fh>) {
$line =~ s/\s//g;	$line =~ s/\s//g;
push(@domains,$line);	push(@domains,$line);
Line 11745 sub default_login_domain {	Line 13831 sub default_login_domain {
return $domain;	return $domain;
}	}

	sub uses_sts {
	my ($ignore_cache) = @_;
	my $lonhost = $perlvar{'lonHostID'};
	my $hostname = &hostname($lonhost);
	my $sts_on;
	if ($protocol{$lonhost} eq 'https') {
	my $cachetime = 12*3600;
	if (!$ignore_cache) {
	($sts_on,my $cached)=&is_cached_new('stspolicy',$lonhost);
	if (defined($cached)) {
	return $sts_on;
	}
	}
	my $url = $protocol{$lonhost}.'://'.$hostname.'/index.html';
	my $request=new HTTP::Request('HEAD',$url);
	my $response=&LONCAPA::LWPReq::makerequest($lonhost,$request,'',\%perlvar,'','','',1);
	if ($response->is_success) {
	my $has_sts = $response->header('Strict-Transport-Security');
	if ($has_sts eq '') {
	$sts_on = 0;
	} else {
	if ($has_sts =~ /\Qmax-age=\E(\d+)/) {
	my $maxage = $1;
	if ($maxage) {
	$sts_on = 1;
	} else {
	$sts_on = 0;
	}
	} else {
	$sts_on = 0;
	}
	}
	return &do_cache_new('stspolicy',$lonhost,$sts_on,$cachetime);
	}
	}
	return;
	}

# ------------------------------------------------------------- Declutters URLs	# ------------------------------------------------------------- Declutters URLs

sub declutter {	sub declutter {
Line 11795 sub clutter {	Line 13919 sub clutter {
# &logthis("Got a blank emb style");	# &logthis("Got a blank emb style");
}	}
}	}
	} elsif ($thisfn =~ m{^/adm/$match_domain/$match_courseid/\d+/ext\.tool$}) {
	$thisfn='/adm/wrapper'.$thisfn;
}	}
return $thisfn;	return $thisfn;
}	}
Line 11868 sub get_dns {	Line 13994 sub get_dns {
}	}

my %alldns;	my %alldns;
open(my $config,"<$perlvar{'lonTabDir'}/hosts.tab");	if (open(my $config,"<","$perlvar{'lonTabDir'}/hosts.tab")) {
foreach my $dns (<$config>) {	foreach my $dns (<$config>) {
next if ($dns !~ /^\^(\S*)/x);	next if ($dns !~ /^\^(\S*)/x);
my $line = $1;	my $line = $1;
my ($host,$protocol) = split(/:/,$line);	my ($host,$protocol) = split(/:/,$line);
if ($protocol ne 'https') {	if ($protocol ne 'https') {
$protocol = 'http';	$protocol = 'http';
	}
	$alldns{$host} = $protocol;
}	}
$alldns{$host} = $protocol;	close($config);
}	}
while (%alldns) {	while (%alldns) {
my ($dns) = sort { $b cmp $a } keys(%alldns);	my ($dns) = sort { $b cmp $a } keys(%alldns);
my $ua=new LWP::UserAgent;
$ua->timeout(30);
my $request=new HTTP::Request('GET',"$alldns{$dns}://$dns$url");	my $request=new HTTP::Request('GET',"$alldns{$dns}://$dns$url");
my $response=$ua->request($request);	my $response = &LONCAPA::LWPReq::makerequest('',$request,'',\%perlvar,30,0);
delete($alldns{$dns});	delete($alldns{$dns});
next if ($response->is_error());	next if ($response->is_error());
my @content = split("\n",$response->content);	if ($url eq '/adm/dns/loncapaCRL') {
unless ($nocache) {	return &$func($response);
&do_cache_new('dns',$url,\@content,302460*60);	} else {
	my @content = split("\n",$response->content);
	unless ($nocache) {
	&do_cache_new('dns',$url,\@content,302460*60);
	}
	&$func(\@content,$hashref);
	return;
	}
	}
	my $which = (split('/',$url,4))[3];
	if ($which eq 'loncapaCRL') {
	my $diskfile = "$perlvar{'lonCertificateDirectory'}/$perlvar{'lonnetCertRevocationList'}";
	if (-e $diskfile) {
	&logthis("unable to contact DNS, on disk file $diskfile not updated");
	} else {
	&logthis("unable to contact DNS, no on disk file $diskfile available");
	}
	} else {
	&logthis("unable to contact DNS defaulting to on disk file dns_$which.tab\n");
	if (open(my $config,"<","$perlvar{'lonTabDir'}/dns_$which.tab")) {
	my @content = <$config>;
	close($config);
	&$func(\@content,$hashref);
}	}
&$func(\@content,$hashref);
return;
}	}
close($config);
my $which = (split('/',$url))[3];
&logthis("unable to contact DNS defaulting to on disk file dns_$which.tab\n");
open($config,"<$perlvar{'lonTabDir'}/dns_$which.tab");
my @content = <$config>;
&$func(\@content,$hashref);
return;	return;
}	}

# ------------------------------------------------------Get DNS checksums file	# ------------------------------------------------------Get DNS checksums file
sub parse_dns_checksums_tab {	sub parse_dns_checksums_tab {
my ($lines,$hashref) = @_;	my ($lines,$hashref) = @_;
my $machine_dom = &Apache::lonnet::host_domain($perlvar{'lonHostID'});	my $lonhost = $perlvar{'lonHostID'};
	my $machine_dom = &Apache::lonnet::host_domain($lonhost);
my $loncaparev = &get_server_loncaparev($machine_dom);	my $loncaparev = &get_server_loncaparev($machine_dom);
	my $distro = (split(/\:/,&get_server_distarch($lonhost)))[0];
	my $webconfdir = '/etc/httpd/conf';
	if ($distro =~ /^(ubuntu\|debian)(\d+)$/) {
	$webconfdir = '/etc/apache2';
	} elsif ($distro =~ /^sles(\d+)$/) {
	if ($1 >= 10) {
	$webconfdir = '/etc/apache2';
	}
	} elsif ($distro =~ /^suse(\d+\.\d+)$/) {
	if ($1 >= 10.0) {
	$webconfdir = '/etc/apache2';
	}
	}
my ($release,$timestamp) = split(/\-/,$loncaparev);	my ($release,$timestamp) = split(/\-/,$loncaparev);
my (%chksum,%revnum);	my (%chksum,%revnum);
if (ref($lines) eq 'ARRAY') {	if (ref($lines) eq 'ARRAY') {
chomp(@{$lines});	chomp(@{$lines});
my $version = shift(@{$lines});	my $version = shift(@{$lines});
if ($version eq $release) {	if ($version eq $release) {
foreach my $line (@{$lines}) {	foreach my $line (@{$lines}) {
my ($file,$version,$shasum) = split(/,/,$line);	my ($file,$version,$shasum) = split(/,/,$line);
	if ($file =~ m{^/etc/httpd/conf}) {
	if ($webconfdir eq '/etc/apache2') {
	$file =~ s{^\Q/etc/httpd/conf/\E}{$webconfdir/};
	}
	}
$chksum{$file} = $shasum;	$chksum{$file} = $shasum;
$revnum{$file} = $version;	$revnum{$file} = $version;
}	}
Line 11939 sub fetch_dns_checksums {	Line 14098 sub fetch_dns_checksums {
return \%checksums;	return \%checksums;
}	}

	sub fetch_crl_pemfile {
	return &get_dns("/adm/dns/loncapaCRL",\&save_crl_pem,1,1);
	}

	sub save_crl_pem {
	my ($response) = @_;
	my ($msg,$hadchanges);
	if (ref($response)) {
	my $now = time;
	my $lonca = $perlvar{'lonCertificateDirectory'}.'/'.$perlvar{'lonnetCertificateAuthority'};
	my $tmpcrl = $tmpdir.'/'.$perlvar{'lonnetCertRevocationList'}.'_'.$now.'.'.$$.'.tmp';
	if (open(my $fh,'>',"$tmpcrl")) {
	print $fh $response->content;
	close($fh);
	if (-e $lonca) {
	if (open(PIPE,"openssl crl -in $tmpcrl -inform pem -CAfile $lonca -noout 2>&1 \|")) {
	my $check = <PIPE>;
	close(PIPE);
	chomp($check);
	if ($check eq 'verify OK') {
	my $dest = "$perlvar{'lonCertificateDirectory'}/$perlvar{'lonnetCertRevocationList'}";
	my $backup;
	if (-e $dest) {
	if (&File::Copy::move($dest,"$dest.bak")) {
	$backup = 'ok';
	}
	}
	if (&File::Copy::move($tmpcrl,$dest)) {
	$msg = 'ok';
	if ($backup) {
	my (%oldnums,%newnums);
	if (open(PIPE, "openssl crl -inform PEM -text -noout -in $dest.bak \|grep 'Serial Number' \|")) {
	while (<PIPE>) {
	$oldnums{(split(/:/))[1]} = 1;
	}
	close(PIPE);
	}
	if (open(PIPE, "openssl crl -inform PEM -text -noout -in $dest \|grep 'Serial Number' \|")) {
	while(<PIPE>) {
	$newnums{(split(/:/))[1]} = 1;
	}
	close(PIPE);
	}
	foreach my $key (sort {$b <=> $a } (keys(%newnums))) {
	unless (exists($oldnums{$key})) {
	$hadchanges = 1;
	last;
	}
	}
	unless ($hadchanges) {
	foreach my $key (sort {$b <=> $a } (keys(%oldnums))) {
	unless (exists($newnums{$key})) {
	$hadchanges = 1;
	last;
	}
	}
	}
	}
	}
	} else {
	unlink($tmpcrl);
	}
	} else {
	unlink($tmpcrl);
	}
	} else {
	unlink($tmpcrl);
	}
	}
	}
	return ($msg,$hadchanges);
	}

# ------------------------------------------------------------ Read domain file	# ------------------------------------------------------------ Read domain file
{	{
my $loaded;	my $loaded;
Line 11967 sub fetch_dns_checksums {	Line 14199 sub fetch_dns_checksums {
}	}

sub load_domain_tab {	sub load_domain_tab {
my ($ignore_cache) = @_;	my ($ignore_cache,$nocache) = @_;
&get_dns('/adm/dns/domain',\&parse_domain_tab,$ignore_cache);	&get_dns('/adm/dns/domain',\&parse_domain_tab,$ignore_cache,$nocache);
my $fh;	my $fh;
if (open($fh,"<".$perlvar{'lonTabDir'}.'/domain.tab')) {	if (open($fh,"<",$perlvar{'lonTabDir'}.'/domain.tab')) {
my @lines = <$fh>;	my @lines = <$fh>;
&parse_domain_tab(\@lines);	&parse_domain_tab(\@lines);
}	}
Line 12022 sub fetch_dns_checksums {	Line 14254 sub fetch_dns_checksums {
my ($id,$domain,$role,$name,$protocol,$intdom)=split(/:/,$configline);	my ($id,$domain,$role,$name,$protocol,$intdom)=split(/:/,$configline);
$name=~s/\s//g;	$name=~s/\s//g;
if ($id && $domain && $role && $name) {	if ($id && $domain && $role && $name) {
	if ((exists($hostname{$id})) && ($hostname{$id} ne '')) {
	my $curr = $hostname{$id};
	my $skip;
	if (ref($name_to_host{$curr}) eq 'ARRAY') {
	if (($curr eq $name) && (@{$name_to_host{$curr}} == 1)) {
	$skip = 1;
	} else {
	@{$name_to_host{$curr}} = grep { $_ ne $id } @{$name_to_host{$curr}};
	}
	}
	unless ($skip) {
	push(@{$name_to_host{$name}},$id);
	}
	} else {
	push(@{$name_to_host{$name}},$id);
	}
$hostname{$id}=$name;	$hostname{$id}=$name;
push(@{$name_to_host{$name}}, $id);
$hostdom{$id}=$domain;	$hostdom{$id}=$domain;
if ($role eq 'library') { $libserv{$id}=$name; }	if ($role eq 'library') { $libserv{$id}=$name; }
if (defined($protocol)) {	if (defined($protocol)) {
Line 12046 sub fetch_dns_checksums {	Line 14293 sub fetch_dns_checksums {
&purge_remembered();	&purge_remembered();
&reset_domain_info();	&reset_domain_info();
&reset_hosts_ip_info();	&reset_hosts_ip_info();
	undef(%internetdom);
undef(%name_to_host);	undef(%name_to_host);
undef(%hostname);	undef(%hostname);
undef(%hostdom);	undef(%hostdom);
Line 12054 sub fetch_dns_checksums {	Line 14302 sub fetch_dns_checksums {
}	}

sub load_hosts_tab {	sub load_hosts_tab {
my ($ignore_cache) = @_;	my ($ignore_cache,$nocache) = @_;
&get_dns('/adm/dns/hosts',\&parse_hosts_tab,$ignore_cache);	&get_dns('/adm/dns/hosts',\&parse_hosts_tab,$ignore_cache,$nocache);
open(my $config,"<$perlvar{'lonTabDir'}/hosts.tab");	open(my $config,"<","$perlvar{'lonTabDir'}/hosts.tab");
my @config = <$config>;	my @config = <$config>;
&parse_hosts_tab(\@config);	&parse_hosts_tab(\@config);
close($config);	close($config);
Line 12077 sub fetch_dns_checksums {	Line 14325 sub fetch_dns_checksums {
}	}

sub all_names {	sub all_names {
&load_hosts_tab() if (!$loaded);	my ($ignore_cache,$nocache) = @_;
	&load_hosts_tab($ignore_cache,$nocache) if (!$loaded);

return %name_to_host;	return %name_to_host;
}	}
Line 12087 sub fetch_dns_checksums {	Line 14336 sub fetch_dns_checksums {
return %hostdom;	return %hostdom;
}	}

	sub all_host_intdom {
	&load_hosts_tab() if (!$loaded);
	return %internetdom;
	}

sub is_library {	sub is_library {
&load_hosts_tab() if (!$loaded);	&load_hosts_tab() if (!$loaded);

Line 12199 sub fetch_dns_checksums {	Line 14453 sub fetch_dns_checksums {
}	}

sub get_iphost {	sub get_iphost {
my ($ignore_cache) = @_;	my ($ignore_cache,$nocache) = @_;

if (!$ignore_cache) {	if (!$ignore_cache) {
if (%iphost) {	if (%iphost) {
Line 12223 sub fetch_dns_checksums {	Line 14477 sub fetch_dns_checksums {
%old_name_to_ip = %{$ip_info->[1]};	%old_name_to_ip = %{$ip_info->[1]};
}	}

my %name_to_host = &all_names();	my %name_to_host = &all_names($ignore_cache,$nocache);
foreach my $name (keys(%name_to_host)) {	foreach my $name (keys(%name_to_host)) {
my $ip;	my $ip;
if (!exists($name_to_ip{$name})) {	if (!exists($name_to_ip{$name})) {
Line 12248 sub fetch_dns_checksums {	Line 14502 sub fetch_dns_checksums {
}	}
push(@{$iphost{$ip}},@{$name_to_host{$name}});	push(@{$iphost{$ip}},@{$name_to_host{$name}});
}	}
&do_cache_new('iphost','iphost',	unless ($nocache) {
[\%iphost,\%name_to_ip,\%lonid_to_ip],	&do_cache_new('iphost','iphost',
486060);	[\%iphost,\%name_to_ip,\%lonid_to_ip],
	486060);
	}

return %iphost;	return %iphost;
}	}
Line 12315 sub all_loncaparevs {	Line 14571 sub all_loncaparevs {
return qw(1.1 1.2 1.3 2.0 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 2.10 2.11);	return qw(1.1 1.2 1.3 2.0 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 2.10 2.11);
}	}

# ------------------------------------------------------- Read loncaparev table	# ---------------------------------------------------------- Read loncaparev table
{	{
sub load_loncaparevs {	sub load_loncaparevs {
if (-e "$perlvar{'lonTabDir'}/loncaparevs.tab") {	if (-e "$perlvar{'lonTabDir'}/loncaparevs.tab") {
if (open(my $config,"<$perlvar{'lonTabDir'}/loncaparevs.tab")) {	if (open(my $config,"<","$perlvar{'lonTabDir'}/loncaparevs.tab")) {
while (my $configline=<$config>) {	while (my $configline=<$config>) {
chomp($configline);	chomp($configline);
my ($hostid,$loncaparev)=split(/:/,$configline);	my ($hostid,$loncaparev)=split(/:/,$configline);
Line 12331 sub all_loncaparevs {	Line 14587 sub all_loncaparevs {
}	}
}	}

# ----------------------------------------------------- Read serverhostID table	# ---------------------------------------------------------- Read serverhostID table
{	{
sub load_serverhomeIDs {	sub load_serverhomeIDs {
if (-e "$perlvar{'lonTabDir'}/serverhomeIDs.tab") {	if (-e "$perlvar{'lonTabDir'}/serverhomeIDs.tab") {
if (open(my $config,"<$perlvar{'lonTabDir'}/serverhomeIDs.tab")) {	if (open(my $config,"<","$perlvar{'lonTabDir'}/serverhomeIDs.tab")) {
while (my $configline=<$config>) {	while (my $configline=<$config>) {
chomp($configline);	chomp($configline);
my ($name,$id)=split(/:/,$configline);	my ($name,$id)=split(/:/,$configline);
Line 12360 BEGIN {	Line 14616 BEGIN {

# ------------------------------------------------------ Read spare server file	# ------------------------------------------------------ Read spare server file
{	{
open(my $config,"<$perlvar{'lonTabDir'}/spare.tab");	open(my $config,"<","$perlvar{'lonTabDir'}/spare.tab");

while (my $configline=<$config>) {	while (my $configline=<$config>) {
chomp($configline);	chomp($configline);
Line 12374 BEGIN {	Line 14630 BEGIN {
}	}
# ------------------------------------------------------------ Read permissions	# ------------------------------------------------------------ Read permissions
{	{
open(my $config,"<$perlvar{'lonTabDir'}/roles.tab");	open(my $config,"<","$perlvar{'lonTabDir'}/roles.tab");

while (my $configline=<$config>) {	while (my $configline=<$config>) {
chomp($configline);	chomp($configline);
Line 12388 BEGIN {	Line 14644 BEGIN {

# -------------------------------------------- Read plain texts for permissions	# -------------------------------------------- Read plain texts for permissions
{	{
open(my $config,"<$perlvar{'lonTabDir'}/rolesplain.tab");	open(my $config,"<","$perlvar{'lonTabDir'}/rolesplain.tab");

while (my $configline=<$config>) {	while (my $configline=<$config>) {
chomp($configline);	chomp($configline);
Line 12408 BEGIN {	Line 14664 BEGIN {

# ---------------------------------------------------------- Read package table	# ---------------------------------------------------------- Read package table
{	{
open(my $config,"<$perlvar{'lonTabDir'}/packages.tab");	open(my $config,"<","$perlvar{'lonTabDir'}/packages.tab");

while (my $configline=<$config>) {	while (my $configline=<$config>) {
if ($configline !~ /\S/ \|\| $configline=~/^#/) { next; }	if ($configline !~ /\S/ \|\| $configline=~/^#/) { next; }
Line 12423 BEGIN {	Line 14679 BEGIN {
close($config);	close($config);
}	}

# --------------------------------------------------------- Read loncaparev table	# ---------------------------------------------------------- Read loncaparev table

&load_loncaparevs();	&load_loncaparevs();

# ------------------------------------------------------- Read serverhostID table	# ---------------------------------------------------------- Read serverhostID table

&load_serverhomeIDs();	&load_serverhomeIDs();

Line 12441 BEGIN {	Line 14697 BEGIN {
my $item = $token->[1];	my $item = $token->[1];
my $name = $token->[2]{'name'};	my $name = $token->[2]{'name'};
my $value = $token->[2]{'value'};	my $value = $token->[2]{'value'};
if ($item ne '' && $name ne '' && $value ne '') {	my $valuematch = $token->[2]{'valuematch'};
	my $namematch = $token->[2]{'namematch'};
	if ($item eq 'parameter') {
	if (($namematch ne '') \|\| (($name ne '') && ($value ne '' \|\| $valuematch ne ''))) {
	my $release = $parser->get_text();
	$release =~ s/(^\s\|\s$ )//gx;
	$needsrelease{$item.':'.$name.':'.$value.':'.$valuematch.':'.$namematch} = $release;
	}
	} elsif ($item ne '' && $name ne '') {
my $release = $parser->get_text();	my $release = $parser->get_text();
$release =~ s/(^\s\|\s$ )//gx;	$release =~ s/(^\s\|\s$ )//gx;
$needsrelease{$item.':'.$name.':'.$value} = $release;	$needsrelease{$item.':'.$name.':'.$value} = $release;
Line 12454 BEGIN {	Line 14718 BEGIN {
# ---------------------------------------------------------- Read managers table	# ---------------------------------------------------------- Read managers table
{	{
if (-e "$perlvar{'lonTabDir'}/managers.tab") {	if (-e "$perlvar{'lonTabDir'}/managers.tab") {
if (open(my $config,"<$perlvar{'lonTabDir'}/managers.tab")) {	if (open(my $config,"<","$perlvar{'lonTabDir'}/managers.tab")) {
while (my $configline=<$config>) {	while (my $configline=<$config>) {
chomp($configline);	chomp($configline);
next if ($configline =~ /^\#/);	next if ($configline =~ /^\#/);
Line 12631 were new keys. I.E. 1:foo will become 1:	Line 14895 were new keys. I.E. 1:foo will become 1:
Calling convention:	Calling convention:

my %record=&Apache::lonnet::restore($symb,$courseid,$domain,$uname);	my %record=&Apache::lonnet::restore($symb,$courseid,$domain,$uname);
&Apache::lonnet::cstore(\%newrecord,$symb,$courseid,$domain,$uname);	&Apache::lonnet::cstore(\%newrecord,$symb,$courseid,$domain,$uname,$laststore);

For more detailed information, see lonnet specific documentation.	For more detailed information, see lonnet specific documentation.

Line 12714 the answer, and also caches if there is	Line 14978 the answer, and also caches if there is

=item *	=item *
X<idget()>	X<idget()>
B<idget($udom,@ids)>: find the usernames behind a list of IDs	B<idget($udom,$idsref,$namespace)>: find the usernames behind either
(IDs are a unique resource in a domain, there must be only 1 ID per	a list of student/employee IDs or clicker IDs
username, and only 1 username per ID in a specific domain) (returns	(student/employee IDs are a unique resource in a domain, there must be
hash: id=>name,id=>name)	only 1 ID per username, and only 1 username per ID in a specific domain).
	clickerIDs are not necessarily unique, as students might share clickers.
	(returns hash: id=>name,id=>name)

=item *	=item *
X<idrget()>	X<idrget()>
Line 12726 usernames (returns hash: name=>id,name=>	Line 14992 usernames (returns hash: name=>id,name=>

=item *	=item *
X<idput()>	X<idput()>
B<idput($udom,%ids)>: store away a list of names and associated IDs	B<idput($udom,$idsref,$uhome,$namespace)>: store away a list of
	names and associated student/employee IDs or clicker IDs.

	=item *
	X<iddel()>
	B<iddel($udom,$idshashref,$uhome,$namespace)>: delete unwanted
	student/employee ID or clicker ID username look-ups from domain.
	The homeserver ($uhome) and namespace ($namespace) are optional.
	If no $uhome is provided, it will be determined usig &homeserver()
	for each user. If no $namespace is provided, the default is ids.

	=item *
	X<updateclickers()>
	B<updateclickers($udom,$action,$idshashref,$uhome,$critical)>: update
	clicker ID-to-username look-ups in clickers.db on library server.
	Permitted actions are add or del (i.e., add or delete). The
	clickers.db contains clickerID as keys (escaped), and each corresponding
	value is an escaped comma-separated list of usernames (for whom the
	library server is the homeserver), who registered that particular ID.
	If $critical is true, the update will be sent via &critical, otherwise
	&reply() will be used.

=item *	=item *
X<rolesinit()>	X<rolesinit()>
Line 12767 escaped strings of the action recorded i	Line 15053 escaped strings of the action recorded i

=item *	=item *

allowed($priv,$uri,$symb,$role) : check for a user privilege; returns codes for allowed actions	allowed($priv,$uri,$symb,$role,$clientip,$noblockcheck) : check for a user privilege;
	returns codes for allowed actions.

	The first argument is required, all others are optional.

	$priv is the privilege being checked.
	$uri contains additional information about what is being checked for access (e.g.,
	URL, course ID etc.).
	$symb is the unique resource instance identifier in a course; if needed,
	but not provided, it will be retrieved via a call to &symbread().
	$role is the role for which a priv is being checked (only used if priv is evb).
	$clientip is the user's IP address (only used when checking for access to portfolio
	files).
	$noblockcheck, if true, skips calls to &has_comm_blocking() for the bre priv. This
	prevents recursive calls to &allowed.

F: full access	F: full access
U,I,K: authentication modes (cxx only)	U,I,K: authentication modes (cxx only)
'': forbidden	'': forbidden
1: user needs to choose course	1: user needs to choose course
2: browse allowed	2: browse allowed
A: passphrase authentication needed	A: passphrase authentication needed
	B: access temporarily blocked because of a blocking event in a course.
	D: access blocked because access is required via session initiated via deep-link

=item *	=item *

Line 12792 in which case the null string is returne	Line 15095 in which case the null string is returne

=item *	=item *

definerole($rolename,$sysrole,$domrole,$courole) : define role; define a custom	definerole($rolename,$sysrole,$domrole,$courole,$uname,$udom) : define role;
role rolename set privileges in format of lonTabs/roles.tab for system, domain,	define a custom role rolename set privileges in format of lonTabs/roles.tab
and course level	for system, domain, and course level. $uname and $udom are optional (current
	user's username and domain will be used when either of $uname or $udom are absent.

=item *	=item *

Line 12825 provided for types, will default to retu	Line 15129 provided for types, will default to retu
=item *	=item *

in_course($udom,$uname,$cdom,$cnum,$type,$hideprivileged) : determine if	in_course($udom,$uname,$cdom,$cnum,$type,$hideprivileged) : determine if
user: $uname:$udom has a role in the course: $cdom_$cnum.	user: $uname:$udom has a role in the course: $cdom_$cnum.

Additional optional arguments are: $type (if role checking is to be restricted	Additional optional arguments are: $type (if role checking is to be restricted
to certain user status types -- previous (expired roles), active (currently	to certain user status types -- previous (expired roles), active (currently
available roles) or future (roles available in the future), and	available roles) or future (roles available in the future), and
$hideprivileged -- if true will not report course roles for users who	$hideprivileged -- if true will not report course roles for users who
Line 12998 Inputs:	Line 15302 Inputs:

=item $credits, number of credits student will earn from this class	=item $credits, number of credits student will earn from this class

	=item $instsec, institutional course section code for student

=back	=back


Line 13064 values that are the resource value. I b	Line 15370 values that are the resource value. I b
versions are also returned.	versions are also returned.

get_numsuppfiles($cnum,$cdom) : retrieve number of files in a course's	get_numsuppfiles($cnum,$cdom) : retrieve number of files in a course's
supplemental content area. This routine caches the number of files for	supplemental content area. This routine caches the number of files for
10 minutes.	10 minutes.

=back	=back
Line 13101 Returns:	Line 15407 Returns:

=back	=back

	=head2 Bubblesheet Configuration

	=over 4

	=item *

	get_scantron_config($which)

	$which - the name of the configuration to parse from the file.

	Parses and returns the bubblesheet configuration line selected as a
	hash of configuration file fields.


	Returns:
	If the named configuration is not in the file, an empty
	hash is returned.

	a hash with the fields
	name - internal name for the this configuration setup
	description - text to display to operator that describes this config
	CODElocation - if 0 or the string 'none'
	- no CODE exists for this config
	if -1 \|\| the string 'letter'
	- a CODE exists for this config and is
	a string of letters
	Unsupported value (but planned for future support)
	if a positive integer
	- The CODE exists as the first n items from
	the question section of the form
	if the string 'number'
	- The CODE exists for this config and is
	a string of numbers
	CODEstart - (only matter if a CODE exists) column in the line where
	the CODE starts
	CODElength - length of the CODE
	IDstart - column where the student/employee ID starts
	IDlength - length of the student/employee ID info
	Qstart - column where the information from the bubbled
	'questions' start
	Qlength - number of columns comprising a single bubble line from
	the sheet. (usually either 1 or 10)
	Qon - either a single character representing the character used
	to signal a bubble was chosen in the positional setup, or
	the string 'letter' if the letter of the chosen bubble is
	in the final, or 'number' if a number representing the
	chosen bubble is in the file (1->A 0->J)
	Qoff - the character used to represent that a bubble was
	left blank
	PaperID - if the scanning process generates a unique number for each
	sheet scanned the column that this ID number starts in
	PaperIDlength - number of columns that comprise the unique ID number
	for the sheet of paper
	FirstName - column that the first name starts in
	FirstNameLength - number of columns that the first name spans

	LastName - column that the last name starts in
	LastNameLength - number of columns that the last name spans
	BubblesPerRow - number of bubbles available in each row used to
	bubble an answer. (If not specified, 10 assumed).


	=item *

	get_scantronformat_file($cdom)

	$cdom - the course's domain (optional); if not supplied, uses
	domain for current $env{'request.course.id'}.

	Returns an array containing lines from the scantron format file for
	the domain of the course.

	If a url for a custom.tab file is listed in domain's configuration.db,
	lines are from this file.

	Otherwise, if a default.tab has been published in RES space by the
	domainconfig user, lines are from this file.

	Otherwise, fall back to getting lines from the legacy file on the
	local server: /home/httpd/lonTabs/default_scantronformat.tab

	=back

=head2 Resource Subroutines	=head2 Resource Subroutines

=over 4	=over 4
Line 13152 condval($condidx) : value of condition i	Line 15541 condval($condidx) : value of condition i

=item *	=item *

metadata($uri,$what,$liburi,$prefix,$depthcount) : request a	metadata($uri,$what,$toolsymb,$liburi,$prefix,$depthcount) : request a
resource's metadata, $what should be either a specific key, or either	resource's metadata, $what should be either a specific key, or either
'keys' (to get a list of possible keys) or 'packages' to get a list of	'keys' (to get a list of possible keys) or 'packages' to get a list of
packages that this resource currently uses, the last 3 arguments are only used internally for recursive metadata.	packages that this resource currently uses, the last 3 arguments are
	only used internally for recursive metadata.

	the toolsymb is only used where the uri is for an external tool (for which
	the uri as well as the symb are guaranteed to be unique).

this function automatically caches all requests	this function automatically caches all requests except any made recursively
	to retrieve a list of metadata keys for an imported library file ($liburi is
	defined).

=item *	=item *

Line 13167 will be stored for query	Line 15562 will be stored for query

=item *	=item *

symbread($filename) : return symbolic list entry (filename argument optional);	symbread($filename,$donotrecurse,$ignorecachednull,$checkforblock,$possibles) :
	return symbolic list entry (all arguments optional).

	Args: filename is the filename (including path) for the file for which a symb
	is required; donotrecurse, if true will prevent calls to allowed() being made
	to check access status if more than one resource was found in the bighash
	(see rev. 1.249) to avoid an infinite loop if an ambiguous resource is part of
	a randompick); ignorecachednull, if true will prevent a symb of '' being
	returned if $env{$cache_str} is defined as ''; checkforblock if true will
	cause possible symbs to be checked to determine if they are subject to content
	blocking, if so they will not be included as possible symbs; possibles is a
	ref to a hash, which, as a side effect, will be populated with all possible
	symbs (content blocking not tested).

returns the data handle	returns the data handle

=item *	=item *
Line 13177 and is a possible symb for the URL in $t	Line 15585 and is a possible symb for the URL in $t
resource that the user accessed using /enc/ returns a 1 on success, 0	resource that the user accessed using /enc/ returns a 1 on success, 0
on failure, user must be in a course, as it assumes the existence of	on failure, user must be in a course, as it assumes the existence of
the course initial hash, and uses $env('request.course.id'}. The third	the course initial hash, and uses $env('request.course.id'}. The third
arg is an optional reference to a scalar. If this arg is passed in the	arg is an optional reference to a scalar. If this arg is passed in the
call to symbverify, it will be set to 1 if the symb has been set to be	call to symbverify, it will be set to 1 if the symb has been set to be
encrypted; otherwise it will be null.	encrypted; otherwise it will be null.

=item *	=item *

Line 13232 expirespread($uname,$udom,$stype,$usymb)	Line 15640 expirespread($uname,$udom,$stype,$usymb)
devalidate($symb) : devalidate temporary spreadsheet calculations,	devalidate($symb) : devalidate temporary spreadsheet calculations,
forcing spreadsheet to reevaluate the resource scores next time.	forcing spreadsheet to reevaluate the resource scores next time.

=item *	=item *

can_edit_resource($file,$cnum,$cdom,$resurl,$symb,$group) : determine if current user can edit a particular resource,	can_edit_resource($file,$cnum,$cdom,$resurl,$symb,$group) : determine if current user can edit a particular resource,
when viewing in course context.	when viewing in course context.

input: six args -- filename (decluttered), course number, course domain,	input: six args -- filename (decluttered), course number, course domain,
url, symb (if registered) and group (if this is a	url, symb (if registered) and group (if this is a
group item -- e.g., bulletin board, group page etc.).	group item -- e.g., bulletin board, group page etc.).

output: array of five scalars --	output: array of five scalars --
Line 13246 when viewing in course context.	Line 15654 when viewing in course context.
$home -- homeserver of resource (i.e., for author if published,	$home -- homeserver of resource (i.e., for author if published,
or course if uploaded.).	or course if uploaded.).
$switchserver -- 1 if server switch will be needed.	$switchserver -- 1 if server switch will be needed.
$forceedit -- 1 if icon/link should be to go to edit mode	$forceedit -- 1 if icon/link should be to go to edit mode
$forceview -- 1 if icon/link should be to go to view mode	$forceview -- 1 if icon/link should be to go to view mode

=item *	=item *

is_course_upload($file,$cnum,$cdom)	is_course_upload($file,$cnum,$cdom)

Used in course context to determine if current file was uploaded to	Used in course context to determine if current file was uploaded to
the course (i.e., would be found in /userfiles/docs on the course's	the course (i.e., would be found in /userfiles/docs on the course's
homeserver.	homeserver.

input: 3 args -- filename (decluttered), course number and course domain.	input: 3 args -- filename (decluttered), course number and course domain.
Line 13268 homeserver.	Line 15676 homeserver.

=item *	=item *

store($storehash,$symb,$namespace,$udom,$uname) : stores hash permanently	store($storehash,$symb,$namespace,$udom,$uname,$laststore) : stores hash
for this url; hashref needs to be given and should be a \%hashname; the	permanently for this url; hashref needs to be given and should be a \%hashname;
remaining args aren't required and if they aren't passed or are '' they will	the remaining args aren't required and if they aren't passed or are '' they will
be derived from the env	be derived from the env (with the exception of $laststore, which is an
	optional arg used when a user's submission is stored in grading).
	$laststore is $version=$timestamp, where $version is the most recent version
	number retrieved for the corresponding $symb in the $namespace db file, and
	$timestamp is the timestamp for that transaction (UNIX time).
	$laststore is currently only passed when cstore() is called by
	structuretags::finalize_storage().

=item *	=item *

cstore($storehash,$symb,$namespace,$udom,$uname) : same as store but	cstore($storehash,$symb,$namespace,$udom,$uname,$laststore) : same as store
uses critical subroutine	but uses critical subroutine

=item *	=item *

Line 13299 $range should be either an integer '100'	Line 15713 $range should be either an integer '100'

=item *	=item *

putstore($namespace,$symb,$version,$storehash,$udomain,$uname) :	putstore($namespace,$symb,$version,$storehash,$udomain,$uname,$tolog) :
replaces a &store() version of data with a replacement set of data	replaces a &store() version of data with a replacement set of data
for a particular resource in a namespace passed in the $storehash hash	for a particular resource in a namespace passed in the $storehash hash
reference	reference. If $tolog is true, the transaction is logged in the courselog
	with an action=PUTSTORE.

=item *	=item *

Line 13412 server ($udom and $uhome are optional)	Line 15827 server ($udom and $uhome are optional)

=item *	=item *

get_domain_defaults($target_domain,$ignore_cache) : returns hash with defaults	get_domain_defaults($target_domain,$ignore_cache) : returns hash with defaults
for: authentication, language, quotas, timezone, date locale, and portal URL in	for: authentication, language, quotas, timezone, date locale, and portal URL in
the target domain.	the target domain.

Line 13446 requestcourses: ability to request cours	Line 15861 requestcourses: ability to request cours
=over	=over

=item	=item
official, unofficial, community, textbook	official, unofficial, community, textbook, placement

=back	=back

Line 13467 for course's uploaded content.	Line 15882 for course's uploaded content.
=over	=over

=item	=item
canuse_pdfforms, officialcredits, unofficialcredits, textbookcredits, officialquota, unofficialquota, communityquota, textbookquota	canuse_pdfforms, officialcredits, unofficialcredits, textbookcredits, officialquota, unofficialquota,
	communityquota, textbookquota, placementquota

=back	=back

Line 13477 on your servers.	Line 15893 on your servers.

=over	=over

=item	=item
remotesessions, hostedsessions	remotesessions, hostedsessions

=back	=back
Line 13485 remotesessions, hostedsessions	Line 15901 remotesessions, hostedsessions
=back	=back

In cases where a domain coordinator has never used the "Set Domain Configuration"	In cases where a domain coordinator has never used the "Set Domain Configuration"
utility to create a configuration.db file on a domain's primary library server	utility to create a configuration.db file on a domain's primary library server
only the following domain defaults: auth_def, auth_arg_def, lang_def	only the following domain defaults: auth_def, auth_arg_def, lang_def
-- corresponding values are authentication type (internal, krb4, krb5,	-- corresponding values are authentication type (internal, krb4, krb5,
or localauth), initial password or a kerberos realm, language (e.g., en-us) --	or localauth), initial password or a kerberos realm, language (e.g., en-us) --
will be available. Values are retrieved from cache (if current), unless the	will be available. Values are retrieved from cache (if current), unless the
optional $ignore_cache arg is true, or from domain's configuration.db (if available),	optional $ignore_cache arg is true, or from domain's configuration.db (if available),
or lastly from values in lonTabs/dns_domain,tab, or lonTabs/domain.tab.	or lastly from values in lonTabs/dns_domain,tab, or lonTabs/domain.tab.
Line 13771 userspace, probably shouldn't be called	Line 16187 userspace, probably shouldn't be called
formname: same as for userfileupload()	formname: same as for userfileupload()
fname: filename (including subdirectories) for the file	fname: filename (including subdirectories) for the file
parser: if 'parse', will parse (html) file to extract references to objects, links etc.	parser: if 'parse', will parse (html) file to extract references to objects, links etc.
	if hashref, and context is scantron, will convert csv format to standard format
allfiles: reference to hash used to store objects found by parser	allfiles: reference to hash used to store objects found by parser
codebase: reference to hash used for codebases of java objects found by parser	codebase: reference to hash used for codebases of java objects found by parser
thumbwidth: width (pixels) of thumbnail to be created for uploaded image	thumbwidth: width (pixels) of thumbnail to be created for uploaded image
Line 13916 Returns:	Line 16333 Returns:

get_timebased_id():	get_timebased_id():

Attempts to get a unique timestamp-based suffix for use with items added to a	Attempts to get a unique timestamp-based suffix for use with items added to a
course via the Course Editor (e.g., folders, composite pages,	course via the Course Editor (e.g., folders, composite pages,
group bulletin boards).	group bulletin boards).

Args: (first three required; six others optional)	Args: (first three required; six others optional)
Line 13928 Args: (first three required; six others	Line 16345 Args: (first three required; six others
2. keyid (alphanumeric): name of temporary locking key in hash,	2. keyid (alphanumeric): name of temporary locking key in hash,
e.g., num, boardids	e.g., num, boardids

3. namespace: name of gdbm file used to store suffixes already assigned;	3. namespace: name of gdbm file used to store suffixes already assigned;
file will be named nohist_namespace.db	file will be named nohist_namespace.db

4. cdom: domain of course; default is current course domain from %env	4. cdom: domain of course; default is current course domain from %env

5. cnum: course number; default is current course number from %env	5. cnum: course number; default is current course number from %env

6. idtype: set to concat if an additional digit is to be appended to the	6. idtype: set to concat if an additional digit is to be appended to the
unix timestamp to form the suffix, if the plain timestamp is already	unix timestamp to form the suffix, if the plain timestamp is already
in use. Default is to not do this, but simply increment the unix	in use. Default is to not do this, but simply increment the unix
timestamp by 1 until a unique key is obtained.	timestamp by 1 until a unique key is obtained.

7. who: holder of locking key; defaults to user:domain for user.	7. who: holder of locking key; defaults to user:domain for user.

8. locktries: number of attempts to obtain a lock (sleep of 1s before	8. locktries: number of attempts to obtain a lock (sleep of 1s before
retrying); default is 3.	retrying); default is 3.

9. maxtries: number of attempts to obtain a unique suffix; default is 20.	9. maxtries: number of attempts to obtain a unique suffix; default is 20.

Returns:	Returns:

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.1172.2.52
changed lines
	Added in v.1.1402