loncom/lonnet/perl/lonnet.pm - diff

Return to lonnet.pm CVS log

Up to [LON-CAPA] / loncom / lonnet / perl

Diff for /loncom/lonnet/perl/lonnet.pm between versions 1.162 and 1.387

-version 1.162, 2001/10/06 20:57:45
+version 1.387, 2003/07/05 10:07:11
  Line 1
  # The LearningOnline Network
  # TCP networking package
  #
- # Functions for use by content handlers:
+ # $Id$
  #
- # metadata_query(sql-query-string,custom-metadata-regex) :
+ # Copyright Michigan State University Board of Trustees
- #                                    returns file handle of where sql and
+ #
- #                                    regex results will be stored for query
+ # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
- # plaintext(short)   : plain text explanation of short term
+ #
- # fileembstyle(ext)  : embed style in page for file extension
+ # LON-CAPA is free software; you can redistribute it and/or modify
- # filedescription(ext) : descriptor text for file extension
+ # it under the terms of the GNU General Public License as published by
- # allowed(short,url) : returns codes for allowed actions
+ # the Free Software Foundation; either version 2 of the License, or
- #                      F: full access
+ # (at your option) any later version.
- #                      U,I,K: authentication modes (cxx only)
+ #
- #                      '': forbidden
+ # LON-CAPA is distributed in the hope that it will be useful,
- #                      1: user needs to choose course
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
- #                      2: browse allowed
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- # definerole(rolename,sys,dom,cou) : define a custom role rolename
+ # GNU General Public License for more details.
- #                      set privileges in format of lonTabs/roles.tab for
+ #
- #                      system, domain and course level,
+ # You should have received a copy of the GNU General Public License
- # assignrole(udom,uname,url,role,end,start) : give a role to a user for the
+ # along with LON-CAPA; if not, write to the Free Software
- #                      level given by url. Optional start and end dates
+ # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
- #                      (leave empty string or zero for "no date")
+ #
- # assigncustomrole (udom,uname,url,rdom,rnam,rolename,end,start) : give a
+ # /home/httpd/html/adm/gpl.txt
- #                      custom role to a user for the level given by url.
+ #
- #                      Specify name and domain of role author, and role name
+ # http://www.lon-capa.org/
- # revokerole (udom,uname,url,role) : Revoke a role for url
- # revokecustomrole (udom,uname,url,rdom,rnam,rolename) : Revoke a custom role
- # appenv(hash)       : adds hash to session environment
- # delenv(varname)    : deletes all environment entries starting with varname
- # store(hashref,symb,courseid,udom,uname)
- #                    : stores hash permanently for this url
- #                      hashref needs to be given, and should be a \%hashname
- #                      the remaining args aren't required and if they aren't
- #                      passed or are '' they will be derived from the ENV
- # cstore(hashref,symb,courseid,udom,uname)
- #                    : same as store but uses the critical interface to
- #                      guarentee a store
- # restore(symb,courseid,udom,uname)
- #                    : returns hash for this symb, all args are optional
- #                      if they aren't given they will be derived from the
- #                      current enviroment
- #
- #
- # for the next 6 functions udom and uname are optional
- #         if supplied they use udom as the domain and uname
- #         as the username for the function (supply a courseid
- #         for the uname if you want a course database)
- #         if not supplied it uses %ENV and looks at
- #         user. attribute for the values
- #
- # eget(namesp,arrayref,udom,uname)
- #                    : returns hash with keys from array  reference filled
- #                      in from namesp (encrypts the return communication)
- # get(namesp,arrayref,udom,uname)
- #                    : returns hash with keys from array  reference filled
- #                      in from namesp
- # dump(namesp,udom,uname) : dumps the complete namespace into a hash
- # del(namesp,array,udom,uname)  : deletes keys out of array from namesp
- # put(namesp,hash,udom,uname)   : stores hash in namesp
- # cput(namesp,hash,udom,uname)  : critical put
- #
- #
- # ssi(url,hash)      : does a complete request cycle on url to localhost, posts
- #                      hash
- # coursedescription(id) : returns and caches course description for id
- # repcopy(filename)  : replicate file
- # dirlist(url)       : gets a directory listing
- # directcondval(index) : reading condition value of single condition from
- #                        state string
- # condval(index)     : value of condition index based on state
- # EXT(name)          : value of a variable
- # symblist(map,hash) : Updates symbolic storage links
- # symbread([filename]) : returns the data handle (filename optional)
- # rndseed([symb,courseid,domain,uname])
- #                    : returns a random seed, all arguments are optional,
- #                      if they aren't sent it use the environment to derive
- #                      them
- #                      Note: if symb isn't sent and it can't get one from
- #                      &symbread it will use the current time as it's return
- # receipt()          : returns a receipt to be given out to users
- # getfile(filename)  : returns the contents of filename, or a -1 if it can't
- #                      be found, replicates and subscribes to the file
- # filelocation(dir,file) : returns a fairly clean absolute reference to file
- #                          from the directory dir
- # hreflocation(dir,file) : same as filelocation, but for hrefs
- # log(domain,user,home,msg) : write to permanent log for user
- # usection(domain,user,courseid) : output of section name/number or '' for
- #                                  "not in course" and '-1' for "no section"
- # userenvironment(domain,user,what) : puts out any environment parameter
- #                                     for a user
- # idput(domain,hash) : writes IDs for users from hash (name=>id,name=>id)
- # idget(domain,array): returns hash with usernames (id=>name,id=>name) for
- #                      an array of IDs
- # idrget(domain,array): returns hash with IDs for usernames (name=>id,...) for
- #                       an array of names
- # metadata(file,entry): returns the metadata entry for a file. entry='keys'
- #                       returns a comma separated list of keys
  #
  # 6/1/99,6/2,6/10,6/11,6/12,6/14,6/26,6/28,6/29,6/30,
  # 7/1,7/2,7/9,7/10,7/12,7/14,7/15,7/19,
- Line 119
+ Line 47
  # 09/01 Guy Albertelli
  # 09/01,10/01,11/01 Gerd Kortemeyer
  # YEAR=2001
- # 02/27/01 Scott Harrison
  # 3/2 Gerd Kortemeyer
- # 3/15,3/19 Scott Harrison
  # 3/19,3/20 Gerd Kortemeyer
- # 3/22,3/27,4/2,4/16,4/17 Scott Harrison
  # 5/26,5/28 Gerd Kortemeyer
  # 5/30 H. K. Ng
  # 6/1 Gerd Kortemeyer
  # July Guy Albertelli
  # 8/4,8/7,8/8,8/9,8/11,8/16,8/17,8/18,8/20,8/23,9/20,9/21,9/26,
  # 10/2 Gerd Kortemeyer
- # 10/5 Scott Harrison
+ # 11/17,11/20,11/22,11/29 Gerd Kortemeyer
+ # 12/5 Matthew Hall
+ # 12/5 Guy Albertelli
+ # 12/6,12/7,12/12 Gerd Kortemeyer
+ # 12/21,12/22,12/27,12/28 Gerd Kortemeyer
+ # YEAR=2002
+ # 1/4,2/4,2/7 Gerd Kortemeyer
+ #
+ ###
  package Apache::lonnet;
- Line 139  use Apache::File;
+ Line 72  use Apache::File;
  use LWP::UserAgent();
  use HTTP::Headers;
  use vars
- qw(%perlvar %hostname %homecache %hostip %spareid %hostdom %libserv %pr %prp %fe %fd $readit %metacache %packagetab %courselogs);
+ qw(%perlvar %hostname %homecache %badServerCache %hostip %iphost %spareid %hostdom
+    %libserv %pr %prp %metacache %packagetab %titlecache
+    %courselogs %accesshash %userrolehash $processmarker $dumpcount
+    %coursedombuf %coursenumbuf %coursehombuf %coursedescrbuf %courseresdatacache
+    %domaindescription %domain_auth_def %domain_auth_arg_def $tmpdir);
  use IO::Socket;
  use GDBM_File;
  use Apache::Constants qw(:common :http);
- use HTML::TokeParser;
+ use HTML::LCParser;
  use Fcntl qw(:flock);
+ use Apache::loncoursedata;
+ my $readit;
  # --------------------------------------------------------------------- Logging
+ sub logtouch {
+     my $execdir=$perlvar{'lonDaemons'};
+     unless (-e "$execdir/logs/lonnet.log") {
+ 	my $fh=Apache::File->new(">>$execdir/logs/lonnet.log");
+ 	close $fh;
+     }
+     my ($wwwuid,$wwwgid)=(getpwnam('www'))[2,3];
+     chown($wwwuid,$wwwgid,$execdir.'/logs/lonnet.log');
+ }
  sub logthis {
      my $message=shift;
      my $execdir=$perlvar{'lonDaemons'};
- Line 185  sub subreply {
+ Line 135  sub subreply {
  sub reply {
      my ($cmd,$server)=@_;
+     unless (defined($hostname{$server})) { return 'no_such_host'; }
      my $answer=subreply($cmd,$server);
-     if ($answer eq 'con_lost') { $answer=subreply($cmd,$server); }
+     if ($answer eq 'con_lost') {
+         #sleep 5;
+         #$answer=subreply($cmd,$server);
+         #if ($answer eq 'con_lost') {
+ 	#   &logthis("Second attempt con_lost on $server");
+         #   my $peerfile="$perlvar{'lonSockDir'}/$server";
+         #   my $client=IO::Socket::UNIX->new(Peer    =>"$peerfile",
+         #                                    Type    => SOCK_STREAM,
+         #                                    Timeout => 10)
+         #              or return "con_lost";
+         #   &logthis("Killing socket");
+         #   print $client "close_connection_exit\n";
+            #sleep 5;
+         #   $answer=subreply($cmd,$server);
+        #}
+     }
      if (($answer=~/^refused/) || ($answer=~/^rejected/)) {
         &logthis("<font color=blue>WARNING:".
                  " $cmd to $server returned $answer</font>");
- Line 245  sub critical {
+ Line 211  sub critical {
              $middlename=substr($middlename,0,16);
              $middlename=~s/\W//g;
              my $dfilename=
-              "$perlvar{'lonSockDir'}/delayed/$now.$middlename.$server";
+       "$perlvar{'lonSockDir'}/delayed/$now.$dumpcount.$$.$middlename.$server";
+             $dumpcount++;
              {
               my $dfh;
               if ($dfh=Apache::File->new(">$dfilename")) {
- Line 276  sub critical {
+ Line 243  sub critical {
      }
      return $answer;
  }
+ # ------------------------------------------- Transfer profile into environment
+ sub transfer_profile_to_env {
+     my ($lonidsdir,$handle)=@_;
+     my @profile;
+     {
+ 	my $idf=Apache::File->new("$lonidsdir/$handle.id");
+ 	flock($idf,LOCK_SH);
+ 	@profile=<$idf>;
+ 	$idf->close();
+     }
+     my $envi;
+     for ($envi=0;$envi<=$#profile;$envi++) {
+ 	chomp($profile[$envi]);
+ 	my ($envname,$envvalue)=split(/=/,$profile[$envi]);
+ 	$ENV{$envname} = $envvalue;
+     }
+     $ENV{'user.environment'} = "$lonidsdir/$handle.id";
+ }
  # ---------------------------------------------------------- Append Environment
  sub appenv {
      my %newenv=@_;
-     map {
+     foreach (keys %newenv) {
  	if (($newenv{$_}=~/^user\.role/) || ($newenv{$_}=~/^user\.priv/)) {
              &logthis("<font color=blue>WARNING: ".
                  "Attempt to modify environment ".$_." to ".$newenv{$_}
- Line 290  sub appenv {
+ Line 277  sub appenv {
          } else {
              $ENV{$_}=$newenv{$_};
          }
-     } keys %newenv;
+     }
      my $lockfh;
      unless ($lockfh=Apache::File->new("$ENV{'user.environment'}")) {
- Line 372  sub delenv {
+ Line 359  sub delenv {
           $fh->close();
           return 'error: '.$!;
       }
-      map {
+      foreach (@oldenv) {
  	 unless ($_=~/^$delthis/) { print $fh $_; }
-      } @oldenv;
+      }
       $fh->close();
      }
      return 'ok';
  }
+ # ------------------------------------------ Find out current server userload
+ # there is a copy in lond
+ sub userload {
+     my $numusers=0;
+     {
+ 	opendir(LONIDS,$perlvar{'lonIDsDir'});
+ 	my $filename;
+ 	my $curtime=time;
+ 	while ($filename=readdir(LONIDS)) {
+ 	    if ($filename eq '.' || $filename eq '..') {next;}
+ 	    my ($atime)=(stat($perlvar{'lonIDsDir'}.'/'.$filename))[8];
+ 	    if ($curtime-$atime < 3600) { $numusers++; }
+ 	}
+ 	closedir(LONIDS);
+     }
+     my $userloadpercent=0;
+     my $maxuserload=$perlvar{'lonUserLoadLim'};
+     if ($maxuserload) {
+ 	$userloadpercent=100*$numusers/$maxuserload;
+     }
+     $userloadpercent=sprintf("%.2f",$userloadpercent);
+     return $userloadpercent;
+ }
+ # ------------------------------------------ Fight off request when overloaded
+ sub overloaderror {
+     my ($r,$checkserver)=@_;
+     unless ($checkserver) { $checkserver=$perlvar{'lonHostID'}; }
+     my $loadavg;
+     if ($checkserver eq $perlvar{'lonHostID'}) {
+        my $loadfile=Apache::File->new('/proc/loadavg');
+        $loadavg=<$loadfile>;
+        $loadavg =~ s/\s.*//g;
+        $loadavg = 100*$loadavg/$perlvar{'lonLoadLim'};
+     } else {
+        $loadavg=&reply('load',$checkserver);
+     }
+     my $overload=$loadavg-100;
+     if ($overload>0) {
+ 	$r->err_headers_out->{'Retry-After'}=$overload;
+         $r->log_error('Overload of '.$overload.' on '.$checkserver);
+         return 413;
+     }
+     return '';
+ }
  # ------------------------------ Find server with least workload from spare.tab
  sub spareserver {
+     my ($loadpercent,$userloadpercent) = @_;
      my $tryserver;
      my $spareserver='';
-     my $lowestserver=100;
+     if ($userloadpercent !~ /\d/) { $userloadpercent=0; }
+     my $lowestserver=$loadpercent > $userloadpercent?
+ 	             $loadpercent :  $userloadpercent;
      foreach $tryserver (keys %spareid) {
-        my $answer=reply('load',$tryserver);
+        my $loadans=reply('load',$tryserver);
+        my $userloadans=reply('userload',$tryserver);
+        if ($userloadans !~ /\d/) { $userloadans=0; }
+        my $answer=$loadans > $userloadans?
+                   $loadans :  $userloadans;
         if (($answer =~ /\d/) && ($answer<$lowestserver)) {
  	   $spareserver="http://$hostname{$tryserver}";
             $lowestserver=$answer;
         }
      }
      return $spareserver;
  }
+ # --------------------------------------------- Try to change a user's password
+ sub changepass {
+     my ($uname,$udom,$currentpass,$newpass,$server)=@_;
+     $currentpass = &escape($currentpass);
+     $newpass     = &escape($newpass);
+     my $answer = reply("encrypt:passwd:$udom:$uname:$currentpass:$newpass",
+ 		       $server);
+     if (! $answer) {
+ 	&logthis("No reply on password change request to $server ".
+ 		 "by $uname in domain $udom.");
+     } elsif ($answer =~ "^ok") {
+         &logthis("$uname in $udom successfully changed their password ".
+ 		 "on $server.");
+     } elsif ($answer =~ "^pwchange_failure") {
+ 	&logthis("$uname in $udom was unable to change their password ".
+ 		 "on $server.  The action was blocked by either lcpasswd ".
+ 		 "or pwchange");
+     } elsif ($answer =~ "^non_authorized") {
+         &logthis("$uname in $udom did not get their password correct when ".
+ 		 "attempting to change it on $server.");
+     } elsif ($answer =~ "^auth_mode_error") {
+         &logthis("$uname in $udom attempted to change their password despite ".
+ 		 "not being locally or internally authenticated on $server.");
+     } elsif ($answer =~ "^unknown_user") {
+         &logthis("$uname in $udom attempted to change their password ".
+ 		 "on $server but were unable to because $server is not ".
+ 		 "their home server.");
+     } elsif ($answer =~ "^refused") {
+ 	&logthis("$server refused to change $uname in $udom password because ".
+ 		 "it was sent an unencrypted request to change the password.");
+     }
+     return $answer;
+ }
+ # ----------------------- Try to determine user's current authentication scheme
+ sub queryauthenticate {
+     my ($uname,$udom)=@_;
+     if (($perlvar{'lonRole'} eq 'library') &&
+         ($udom eq $perlvar{'lonDefDomain'})) {
+ 	my $answer=reply("encrypt:currentauth:$udom:$uname",
+ 			 $perlvar{'lonHostID'});
+ 	unless ($answer eq 'unknown_user' or $answer eq 'refused') {
+ 	    if (length($answer)) {
+ 		return $answer;
+ 	    }
+ 	    else {
+ 	&logthis("User $uname at $udom lacks an authentication mechanism");
+ 		return 'no_host';
+ 	    }
+ 	}
+     }
+     my $tryserver;
+     foreach $tryserver (keys %libserv) {
+ 	if ($hostdom{$tryserver} eq $udom) {
+            my $answer=reply("encrypt:currentauth:$udom:$uname",$tryserver);
+ 	   unless ($answer eq 'unknown_user' or $answer eq 'refused') {
+ 	       if (length($answer)) {
+ 		   return $answer;
+ 	       }
+ 	       else {
+ 	   &logthis("User $uname at $udom lacks an authentication mechanism");
+ 		   return 'no_host';
+ 	       }
+ 	   }
+        }
+     }
+     &logthis("User $uname at $udom lacks an authentication mechanism");
+     return 'no_host';
+ }
  # --------- Try to authenticate user from domain's lib servers (first this one)
  sub authenticate {
      my ($uname,$upass,$udom)=@_;
      $upass=escape($upass);
+     $uname=~s/\W//g;
      if (($perlvar{'lonRole'} eq 'library') &&
          ($udom eq $perlvar{'lonDefDomain'})) {
      my $answer=reply("encrypt:auth:$udom:$uname:$upass",$perlvar{'lonHostID'});
- Line 439  sub authenticate {
+ Line 554  sub authenticate {
  # ---------------------- Find the homebase for a user from domain's lib servers
  sub homeserver {
-     my ($uname,$udom)=@_;
+     my ($uname,$udom,$ignoreBadCache)=@_;
      my $index="$uname:$udom";
-     if ($homecache{$index}) { return "$homecache{$index}"; }
+     if ($homecache{$index}) {
+         return "$homecache{$index}";
+     }
      my $tryserver;
      foreach $tryserver (keys %libserv) {
+         next if ($ignoreBadCache ne 'true' &&
+ 		 exists($badServerCache{$tryserver}));
  	if ($hostdom{$tryserver} eq $udom) {
             my $answer=reply("home:$udom:$uname",$tryserver);
             if ($answer eq 'found') {
- 	      $homecache{$index}=$tryserver;
+               $homecache{$index}=$tryserver;
                return $tryserver;
- 	   }
+            } elsif ($answer eq 'no_host') {
+ 	       $badServerCache{$tryserver}=1;
+            }
         }
      }
      return 'no_host';
- Line 489  sub idget {
+ Line 608  sub idget {
  sub idrget {
      my ($udom,@unames)=@_;
      my %returnhash=();
-     map {
+     foreach (@unames) {
          $returnhash{$_}=(&userenvironment($udom,$_,'id'))[1];
-     } @unames;
+     }
      return %returnhash;
  }
- Line 500  sub idrget {
+ Line 619  sub idrget {
  sub idput {
      my ($udom,%ids)=@_;
      my %servers=();
-     map {
+     foreach (keys %ids) {
          my $uhom=&homeserver($_,$udom);
          if ($uhom ne 'no_host') {
              my $id=&escape($ids{$_});
- Line 513  sub idput {
+ Line 632  sub idput {
              }
              &critical('put:'.$udom.':'.$unam.':environment:id='.$id,$uhom);
          }
-     } keys %ids;
+     }
-     map {
+     foreach (keys %servers) {
          &critical('idput:'.$udom.':'.$servers{$_},$_);
-     } keys %servers;
+     }
+ }
+ # --------------------------------------------------- Assign a key to a student
+ sub assign_access_key {
+ #
+ # a valid key looks like uname:udom#comments
+ # comments are being appended
+ #
+     my ($ckey,$cdom,$cnum,$udom,$uname,$logentry)=@_;
+     $cdom=
+    $ENV{'course.'.$ENV{'request.course.id'}.'.domain'} unless (defined($cdom));
+     $cnum=
+    $ENV{'course.'.$ENV{'request.course.id'}.'.num'} unless (defined($cnum));
+     $udom=$ENV{'user.name'} unless (defined($udom));
+     $uname=$ENV{'user.domain'} unless (defined($uname));
+     my %existing=&get('accesskeys',[$ckey],$cdom,$cnum);
+     if (($existing{$ckey}=~/^\#(.*)$/) || # - new key
+         ($existing{$ckey}=~/^$uname\:$udom\#(.*)$/)) {
+                                                   # assigned to this person
+                                                   # - this should not happen,
+                                                   # unless something went wrong
+                                                   # the first time around
+ # ready to assign
+         $logentry=$1.'; '.$logentry;
+         if (&put('accesskey',{$ckey=>$uname.':'.$udom.'#'.$logentry},
+                                                  $cdom,$cnum) eq 'ok') {
+ # key now belongs to user
+ 	    my $envkey='key.'.$cdom.'_'.$cnum;
+             if (&put('environment',{$envkey => $ckey}) eq 'ok') {
+                 &appenv('environment.'.$envkey => $ckey);
+                 return 'ok';
+             } else {
+                 return
+   'error: Count not permanently assign key, will need to be re-entered later.';
+ 	    }
+         } else {
+             return 'error: Could not assign key, try again later.';
+         }
+     } elsif (!$existing{$ckey}) {
+ # the key does not exist
+ 	return 'error: The key does not exist';
+     } else {
+ # the key is somebody else's
+ 	return 'error: The key is already in use';
+     }
+ }
+ # ------------------------------------------ put an additional comment on a key
+ sub comment_access_key {
+ #
+ # a valid key looks like uname:udom#comments
+ # comments are being appended
+ #
+     my ($ckey,$cdom,$cnum,$logentry)=@_;
+     $cdom=
+    $ENV{'course.'.$ENV{'request.course.id'}.'.domain'} unless (defined($cdom));
+     $cnum=
+    $ENV{'course.'.$ENV{'request.course.id'}.'.num'} unless (defined($cnum));
+     my %existing=&get('accesskeys',[$ckey],$cdom,$cnum);
+     if ($existing{$ckey}) {
+         $existing{$ckey}.='; '.$logentry;
+ # ready to assign
+         if (&put('accesskeys',{$ckey=>$existing{$ckey}},
+                                                  $cdom,$cnum) eq 'ok') {
+ 	    return 'ok';
+         } else {
+ 	    return 'error: Count not store comment.';
+         }
+     } else {
+ # the key does not exist
+ 	return 'error: The key does not exist';
+     }
+ }
+ # ------------------------------------------------------ Generate a set of keys
+ sub generate_access_keys {
+     my ($number,$cdom,$cnum,$logentry)=@_;
+     $cdom=
+    $ENV{'course.'.$ENV{'request.course.id'}.'.domain'} unless (defined($cdom));
+     $cnum=
+    $ENV{'course.'.$ENV{'request.course.id'}.'.num'} unless (defined($cnum));
+     unless (&allowed('mky',$cdom)) { return 0; }
+     unless (($cdom) && ($cnum)) { return 0; }
+     if ($number>10000) { return 0; }
+     sleep(2); # make sure don't get same seed twice
+     srand(time()^($$+($$<<15))); # from "Programming Perl"
+     my $total=0;
+     for (my $i=1;$i<=$number;$i++) {
+        my $newkey=sprintf("%lx",int(100000*rand)).'-'.
+                   sprintf("%lx",int(100000*rand)).'-'.
+                   sprintf("%lx",int(100000*rand));
+        $newkey=~s/1/g/g; # folks mix up 1 and l
+        $newkey=~s/0/h/g; # and also 0 and O
+        my %existing=&get('accesskeys',[$newkey],$cdom,$cnum);
+        if ($existing{$newkey}) {
+            $i--;
+        } else {
+ 	  if (&put('accesskeys',
+               { $newkey => '# generated '.localtime().
+                            ' by '.$ENV{'user.name'}.'@'.$ENV{'user.domain'}.
+                            '; '.$logentry },
+ 		   $cdom,$cnum) eq 'ok') {
+               $total++;
+ 	  }
+        }
+     }
+     &log($ENV{'user.domain'},$ENV{'user.name'},$ENV{'user.home'},
+          'Generated '.$total.' keys for '.$cnum.' at '.$cdom);
+     return $total;
+ }
+ # ------------------------------------------------------- Validate an accesskey
+ sub validate_access_key {
+     my ($ckey,$cdom,$cnum,$udom,$uname)=@_;
+     $cdom=
+    $ENV{'course.'.$ENV{'request.course.id'}.'.domain'} unless (defined($cdom));
+     $cnum=
+    $ENV{'course.'.$ENV{'request.course.id'}.'.num'} unless (defined($cnum));
+     $udom=$ENV{'user.name'} unless (defined($udom));
+     $uname=$ENV{'user.domain'} unless (defined($uname));
+     my %existing=&get('accesskeys',[$ckey],$cdom,$cnum);
+     return ($existing{$ckey}=~/^$uname\:$udom\#/);
  }
  # ------------------------------------- Find the section of student in a course
+ sub getsection {
+     my ($udom,$unam,$courseid)=@_;
+     $courseid=~s/\_/\//g;
+     $courseid=~s/^(\w)/\/$1/;
+     my %Pending;
+     my %Expired;
+     #
+     # Each role can either have not started yet (pending), be active,
+     #    or have expired.
+     #
+     # If there is an active role, we are done.
+     #
+     # If there is more than one role which has not started yet,
+     #     choose the one which will start sooner
+     # If there is one role which has not started yet, return it.
+     #
+     # If there is more than one expired role, choose the one which ended last.
+     # If there is a role which has expired, return it.
+     #
+     foreach (split(/\&/,&reply('dump:'.$udom.':'.$unam.':roles',
+                         &homeserver($unam,$udom)))) {
+         my ($key,$value)=split(/\=/,$_);
+         $key=&unescape($key);
+         next if ($key !~/^$courseid(?:\/)*(\w+)*\_st$/);
+         my $section=$1;
+         if ($key eq $courseid.'_st') { $section=''; }
+         my ($dummy,$end,$start)=split(/\_/,&unescape($value));
+         my $now=time;
+         if (defined($end) && ($now > $end)) {
+             $Expired{$end}=$section;
+             next;
+         }
+         if (defined($start) && ($now < $start)) {
+             $Pending{$start}=$section;
+             next;
+         }
+         return $section;
+     }
+     #
+     # Presumedly there will be few matching roles from the above
+     # loop and the sorting time will be negligible.
+     if (scalar(keys(%Pending))) {
+         my ($time) = sort {$a <=> $b} keys(%Pending);
+         return $Pending{$time};
+     }
+     if (scalar(keys(%Expired))) {
+         my @sorted = sort {$a <=> $b} keys(%Expired);
+         my $time = pop(@sorted);
+         return $Expired{$time};
+     }
+     return '-1';
+ }
  sub usection {
      my ($udom,$unam,$courseid)=@_;
      $courseid=~s/\_/\//g;
      $courseid=~s/^(\w)/\/$1/;
-     map {
+     foreach (split(/\&/,&reply('dump:'.$udom.':'.$unam.':roles',
+                         &homeserver($unam,$udom)))) {
          my ($key,$value)=split(/\=/,$_);
          $key=&unescape($key);
          if ($key=~/^$courseid(?:\/)*(\w+)*\_st$/) {
- Line 542  sub usection {
+ Line 841  sub usection {
              }
              unless ($notactive) { return $section; }
          }
-     } split(/\&/,&reply('dump:'.$udom.':'.$unam.':roles',
+     }
-                         &homeserver($unam,$udom)));
      return '-1';
  }
- Line 562  sub userenvironment {
+ Line 860  sub userenvironment {
      return %returnhash;
  }
+ # -------------------------------------------------------------------- New chat
+ sub chatsend {
+     my ($newentry,$anon)=@_;
+     my $cnum=$ENV{'course.'.$ENV{'request.course.id'}.'.num'};
+     my $cdom=$ENV{'course.'.$ENV{'request.course.id'}.'.domain'};
+     my $chome=$ENV{'course.'.$ENV{'request.course.id'}.'.home'};
+     &reply('chatsend:'.$cdom.':'.$cnum.':'.
+ 	   &escape($ENV{'user.domain'}.':'.$ENV{'user.name'}.':'.$anon.':'.
+ 		   &escape($newentry)),$chome);
+ }
+ # ------------------------------------------ Find current version of a resource
+ sub getversion {
+     my $fname=&clutter(shift);
+     unless ($fname=~/^\/res\//) { return -1; }
+     return &currentversion(&filelocation('',$fname));
+ }
+ sub currentversion {
+     my $fname=shift;
+     my $author=$fname;
+     $author=~s/\/home\/httpd\/html\/res\/([^\/]*)\/([^\/]*).*/$1\/$2/;
+     my ($udom,$uname)=split(/\//,$author);
+     my $home=homeserver($uname,$udom);
+     if ($home eq 'no_host') {
+         return -1;
+     }
+     my $answer=reply("currentversion:$fname",$home);
+     if (($answer eq 'con_lost') || ($answer eq 'rejected')) {
+ 	return -1;
+     }
+     return $answer;
+ }
  # ----------------------------- Subscribe to a resource, return URL if possible
  sub subscribe {
      my $fname=shift;
+     if ($fname=~/\/(aboutme|syllabus|bulletinboard|smppg)$/) { return ''; }
      my $author=$fname;
      $author=~s/\/home\/httpd\/html\/res\/([^\/]*)\/([^\/]*).*/$1\/$2/;
      my ($udom,$uname)=split(/\//,$author);
      my $home=homeserver($uname,$udom);
-     if (($home eq 'no_host') || ($home eq $perlvar{'lonHostID'})) {
+     if ($home eq 'no_host') {
          return 'not_found';
      }
      my $answer=reply("sub:$fname",$home);
      if (($answer eq 'con_lost') || ($answer eq 'rejected')) {
- Line 585  sub subscribe {
+ Line 920  sub subscribe {
  sub repcopy {
      my $filename=shift;
      $filename=~s/\/+/\//g;
+     if ($filename=~/^\/home\/httpd\/html\/adm\//) { return OK; }
      my $transname="$filename.in.transfer";
      if ((-e $filename) || (-e $transname)) { return OK; }
      my $remoteurl=subscribe($filename);
- Line 600  sub repcopy {
+ Line 936  sub repcopy {
      } elsif ($remoteurl eq 'directory') {
             return OK;
      } else {
+         my $author=$filename;
+         $author=~s/\/home\/httpd\/html\/res\/([^\/]*)\/([^\/]*).*/$1\/$2/;
+         my ($udom,$uname)=split(/\//,$author);
+         my $home=homeserver($uname,$udom);
+         unless ($home eq $perlvar{'lonHostID'}) {
             my @parts=split(/\//,$filename);
             my $path="/$parts[1]/$parts[2]/$parts[3]/$parts[4]";
             if ($path ne "$perlvar{'lonDocRoot'}/res") {
- Line 635  sub repcopy {
+ Line 976  sub repcopy {
                 rename($transname,$filename);
                 return OK;
             }
+        }
      }
  }
+ # ------------------------------------------------ Get server side include body
+ sub ssi_body {
+     my ($filelink,%form)=@_;
+     my $output=($filelink=~/^http\:/?&externalssi($filelink):
+                                      &ssi($filelink,%form));
+     $output=~s/^.*\<body[^\>]*\>//si;
+     $output=~s/\<\/body\s*\>.*$//si;
+     $output=~
+             s/\/\/ BEGIN LON\-CAPA Internal.+\/\/ END LON\-CAPA Internal\s//gs;
+     return $output;
+ }
  # --------------------------------------------------------- Server Side Include
  sub ssi {
- Line 650  sub ssi {
+ Line 1004  sub ssi {
      if (%form) {
        $request=new HTTP::Request('POST',"http://".$ENV{'HTTP_HOST'}.$fn);
-       $request->content(join '&', map { "$_=$form{$_}" } keys %form);
+       $request->content(join('&',map { &escape($_).'='.&escape($form{$_}) } keys %form));
      } else {
        $request=new HTTP::Request('GET',"http://".$ENV{'HTTP_HOST'}.$fn);
      }
- Line 661  sub ssi {
+ Line 1015  sub ssi {
      return $response->content;
  }
+ sub externalssi {
+     my ($url)=@_;
+     my $ua=new LWP::UserAgent;
+     my $request=new HTTP::Request('GET',$url);
+     my $response=$ua->request($request);
+     return $response->content;
+ }
+ # ------- Add a token to a remote URI's query string to vouch for access rights
+ sub tokenwrapper {
+     my $uri=shift;
+     $uri=~s/^http\:\/\/([^\/]+)//;
+     $uri=~s/^\///;
+     $ENV{'user.environment'}=~/\/([^\/]+)\.id/;
+     my $token=$1;
+     if ($uri=~/^uploaded\/([^\/]+)\/([^\/]+)\/([^\/]+)(\?\.*)*$/) {
+ 	&appenv('userfile.'.$1.'/'.$2.'/'.$3 => $ENV{'request.course.id'});
+         return 'http://'.$hostname{ &homeserver($2,$1)}.'/'.$uri.
+                (($uri=~/\?/)?'&':'?').'token='.$token.
+                                '&tokenissued='.$perlvar{'lonHostID'};
+     } else {
+ 	return '/adm/notfound.html';
+     }
+ }
+ # --------------- Take an uploaded file and put it into the userfiles directory
+ # input: name of form element, coursedoc=1 means this is for the course
+ # output: url of file in userspace
+ sub userfileupload {
+     my ($formname,$coursedoc)=@_;
+     my $fname=$ENV{'form.'.$formname.'.filename'};
+ # Replace Windows backslashes by forward slashes
+     $fname=~s/\\/\//g;
+ # Get rid of everything but the actual filename
+     $fname=~s/^.*\/([^\/]+)$/$1/;
+ # Replace spaces by underscores
+     $fname=~s/\s+/\_/g;
+ # Replace all other weird characters by nothing
+     $fname=~s/[^\w\.\-]//g;
+ # See if there is anything left
+     unless ($fname) { return 'error: no uploaded file'; }
+     chop($ENV{'form.'.$formname});
+ # Create the directory if not present
+     my $docuname='';
+     my $docudom='';
+     my $docuhome='';
+     if ($coursedoc) {
+ 	$docuname=$ENV{'course.'.$ENV{'request.course.id'}.'.num'};
+ 	$docudom=$ENV{'course.'.$ENV{'request.course.id'}.'.domain'};
+ 	$docuhome=$ENV{'course.'.$ENV{'request.course.id'}.'.home'};
+     } else {
+         $docuname=$ENV{'user.name'};
+         $docudom=$ENV{'user.domain'};
+         $docuhome=$ENV{'user.home'};
+     }
+     return
+         &finishuserfileupload($docuname,$docudom,$docuhome,$formname,$fname);
+ }
+ sub finishuserfileupload {
+     my ($docuname,$docudom,$docuhome,$formname,$fname)=@_;
+     my $path=$docudom.'/'.$docuname.'/';
+     my $filepath=$perlvar{'lonDocRoot'};
+     my @parts=split(/\//,$filepath.'/userfiles/'.$path);
+     my $count;
+     for ($count=4;$count<=$#parts;$count++) {
+         $filepath.="/$parts[$count]";
+         if ((-e $filepath)!=1) {
+ 	    mkdir($filepath,0777);
+         }
+     }
+ # Save the file
+     {
+        my $fh=Apache::File->new('>'.$filepath.'/'.$fname);
+        print $fh $ENV{'form.'.$formname};
+     }
+ # Notify homeserver to grep it
+ #
+     my $fetchresult=
+  &reply('fetchuserfile:'.$docudom.'/'.$docuname.'/'.$fname,$docuhome);
+     if ($fetchresult eq 'ok') {
+ #
+ # Return the URL to it
+         return '/uploaded/'.$path.$fname;
+     } else {
+         &logthis('Failed to transfer '.$docudom.'/'.$docuname.'/'.$fname.
+          ' to host '.$docuhome.': '.$fetchresult);
+         return '/adm/notfound.html';
+     }
+ }
  # ------------------------------------------------------------------------- Log
  sub log {
- Line 669  sub log {
+ Line 1117  sub log {
  }
  # ------------------------------------------------------------------ Course Log
+ #
+ # This routine flushes several buffers of non-mission-critical nature
+ #
  sub flushcourselogs {
-     &logthis('Flushing course log buffers');
+     &logthis('Flushing log buffers');
-     map {
+ #
+ # course logs
+ # This is a log of all transactions in a course, which can be used
+ # for data mining purposes
+ #
+ # It also collects the courseid database, which lists last transaction
+ # times and course titles for all courseids
+ #
+     my %courseidbuffer=();
+     foreach (keys %courselogs) {
          my $crsid=$_;
-         if (&reply('log:'.$ENV{'course.'.$crsid.'.domain'}.':'.
+         if (&reply('log:'.$coursedombuf{$crsid}.':'.$coursenumbuf{$crsid}.':'.
- 		          $ENV{'course.'.$crsid.'.num'}.':'.
+ 		          &escape($courselogs{$crsid}),
- 		           &escape($courselogs{$crsid}),
+ 		          $coursehombuf{$crsid}) eq 'ok') {
- 		          $ENV{'course.'.$crsid.'.home'}) eq 'ok') {
  	    delete $courselogs{$crsid};
          } else {
              &logthis('Failed to flush log buffer for '.$crsid);
- Line 686  sub flushcourselogs {
+ Line 1145  sub flushcourselogs {
                          " exceeded maximum size, deleting.</font>");
                 delete $courselogs{$crsid};
              }
          }
-     } keys %courselogs;
+         if ($courseidbuffer{$coursehombuf{$crsid}}) {
+            $courseidbuffer{$coursehombuf{$crsid}}.='&'.
+ 			 &escape($crsid).'='.&escape($coursedescrbuf{$crsid});
+         } else {
+            $courseidbuffer{$coursehombuf{$crsid}}=
+ 			 &escape($crsid).'='.&escape($coursedescrbuf{$crsid});
+         }
+     }
+ #
+ # Write course id database (reverse lookup) to homeserver of courses
+ # Is used in pickcourse
+ #
+     foreach (keys %courseidbuffer) {
+         &courseidput($hostdom{$_},$courseidbuffer{$_},$_);
+     }
+ #
+ # File accesses
+ # Writes to the dynamic metadata of resources to get hit counts, etc.
+ #
+     foreach (keys %accesshash) {
+         my $entry=$_;
+         $entry=~/\_\_\_(\w+)\/(\w+)\/(.*)\_\_\_(\w+)$/;
+         my %temphash=($entry => $accesshash{$entry});
+         if (&Apache::lonnet::put('nohist_resevaldata',\%temphash,$1,$2) eq 'ok') {
+ 	    delete $accesshash{$entry};
+         }
+     }
+ #
+ # Roles
+ # Reverse lookup of user roles for course faculty/staff and co-authorship
+ #
+     foreach (keys %userrolehash) {
+         my $entry=$_;
+         my ($role,$uname,$udom,$runame,$rudom,$rsec)=
+ 	    split(/\:/,$entry);
+         if (&Apache::lonnet::put('nohist_userroles',
+              { $role.':'.$uname.':'.$udom.':'.$rsec => $userrolehash{$entry} },
+                 $rudom,$runame) eq 'ok') {
+ 	    delete $userrolehash{$entry};
+         }
+     }
+     $dumpcount++;
  }
  sub courselog {
      my $what=shift;
      $what=time.':'.$what;
      unless ($ENV{'request.course.id'}) { return ''; }
+     $coursedombuf{$ENV{'request.course.id'}}=
+        $ENV{'course.'.$ENV{'request.course.id'}.'.domain'};
+     $coursenumbuf{$ENV{'request.course.id'}}=
+        $ENV{'course.'.$ENV{'request.course.id'}.'.num'};
+     $coursehombuf{$ENV{'request.course.id'}}=
+        $ENV{'course.'.$ENV{'request.course.id'}.'.home'};
+     $coursedescrbuf{$ENV{'request.course.id'}}=
+        $ENV{'course.'.$ENV{'request.course.id'}.'.description'};
      if (defined $courselogs{$ENV{'request.course.id'}}) {
  	$courselogs{$ENV{'request.course.id'}}.='&'.$what;
      } else {
- Line 708  sub courseacclog {
+ Line 1216  sub courseacclog {
      my $fnsymb=shift;
      unless ($ENV{'request.course.id'}) { return ''; }
      my $what=$fnsymb.':'.$ENV{'user.name'}.':'.$ENV{'user.domain'};
-     if ($what=~/(problem|exam|quiz|assess|survey|form)$/) {
+     if ($fnsymb=~/(problem|exam|quiz|assess|survey|form)$/) {
- 	map {
+         $what.=':POST';
+ 	foreach (keys %ENV) {
              if ($_=~/^form\.(.*)/) {
  		$what.=':'.$1.'='.$ENV{$_};
              }
-         } keys %ENV;
+         }
      }
      &courselog($what);
  }
+ sub countacc {
+     my $url=&declutter(shift);
+     unless ($ENV{'request.course.id'}) { return ''; }
+     $accesshash{$ENV{'request.course.id'}.'___'.$url.'___course'}=1;
+     my $key=$$.$processmarker.'_'.$dumpcount.'___'.$url.'___count';
+     if (defined($accesshash{$key})) {
+ 	$accesshash{$key}++;
+     } else {
+         $accesshash{$key}=1;
+     }
+ }
+ sub linklog {
+     my ($from,$to)=@_;
+     $from=&declutter($from);
+     $to=&declutter($to);
+     $accesshash{$from.'___'.$to.'___comefrom'}=1;
+     $accesshash{$to.'___'.$from.'___goto'}=1;
+ }
+ sub userrolelog {
+     my ($trole,$username,$domain,$area,$tstart,$tend)=@_;
+     if (($trole=~/^ca/) || ($trole=~/^in/) ||
+         ($trole=~/^cc/) || ($trole=~/^ep/) ||
+         ($trole=~/^cr/)) {
+        my (undef,$rudom,$runame,$rsec)=split(/\//,$area);
+        $userrolehash
+          {$trole.':'.$username.':'.$domain.':'.$runame.':'.$rudom.':'.$rsec}
+                     =$tend.':'.$tstart;
+    }
+ }
+ sub get_course_adv_roles {
+     my $cid=shift;
+     $cid=$ENV{'request.course.id'} unless (defined($cid));
+     my %coursehash=&coursedescription($cid);
+     my %returnhash=();
+     my %dumphash=
+             &dump('nohist_userroles',$coursehash{'domain'},$coursehash{'num'});
+     my $now=time;
+     foreach (keys %dumphash) {
+ 	my ($tend,$tstart)=split(/\:/,$dumphash{$_});
+         if (($tstart) && ($tstart<0)) { next; }
+         if (($tend) && ($tend<$now)) { next; }
+         if (($tstart) && ($now<$tstart)) { next; }
+         my ($role,$username,$domain,$section)=split(/\:/,$_);
+         my $key=&plaintext($role);
+         if ($section) { $key.=' (Sec/Grp '.$section.')'; }
+         if ($returnhash{$key}) {
+ 	    $returnhash{$key}.=','.$username.':'.$domain;
+         } else {
+             $returnhash{$key}=$username.':'.$domain;
+         }
+      }
+     return %returnhash;
+ }
+ # ---------------------------------------------------------- Course ID routines
+ # Deal with domain's nohist_courseid.db files
+ #
+ sub courseidput {
+     my ($domain,$what,$coursehome)=@_;
+     return &reply('courseidput:'.$domain.':'.$what,$coursehome);
+ }
+ sub courseiddump {
+     my ($domfilter,$descfilter,$sincefilter)=@_;
+     my %returnhash=();
+     unless ($domfilter) { $domfilter=''; }
+     foreach my $tryserver (keys %libserv) {
+ 	if ((!$domfilter) || ($hostdom{$tryserver} eq $domfilter)) {
+ 	    foreach (
+              split(/\&/,&reply('courseiddump:'.$hostdom{$tryserver}.':'.
+ 			       $sincefilter.':'.&escape($descfilter),
+                                $tryserver))) {
+ 		my ($key,$value)=split(/\=/,$_);
+                 if (($key) && ($value)) {
+ 		    $returnhash{&unescape($key)}=&unescape($value);
+                 }
+             }
+         }
+     }
+     return %returnhash;
+ }
+ #
  # ----------------------------------------------------------- Check out an item
  sub checkout {
- Line 725  sub checkout {
+ Line 1322  sub checkout {
      my $now=time;
      my $lonhost=$perlvar{'lonHostID'};
      my $infostr=&escape(
+                  'CHECKOUTTOKEN&'.
                   $tuname.'&'.
                   $tudom.'&'.
                   $tcrsid.'&'.
- Line 774  sub checkin {
+ Line 1372  sub checkin {
      $lonhost=~tr/A-Z/a-z/;
      my $dtoken=$ta.'_'.$hostip{$lonhost}.'_'.$tb;
      $dtoken=~s/\W/\_/g;
-     my ($tuname,$tudom,$tcrsid,$symb,$chtim,$rmaddr)=
+     my ($dummy,$tuname,$tudom,$tcrsid,$symb,$chtim,$rmaddr)=
                   split(/\&/,&unescape(&reply('tmpget:'.$dtoken,$lonhost)));
      unless (($tuname) && ($tudom)) {
- Line 824  sub expirespread {
+ Line 1422  sub expirespread {
  # ----------------------------------------------------- Devalidate Spreadsheets
  sub devalidate {
-     my $symb=shift;
+     my ($symb,$uname,$udom)=@_;
      my $cid=$ENV{'request.course.id'};
      if ($cid) {
- 	my $key=$ENV{'user.name'}.':'.$ENV{'user.domain'}.':';
+ # delete the stored spreadsheets for
+ # - the student level sheet of this user in course's homespace
+ # - the assessment level sheet for this resource
+ #   for this user in user's homespace
+ 	my $key=$uname.':'.$udom.':';
          my $status=
- 	    &del('nohist_calculatedsheet',
+ 	    &del('nohist_calculatedsheets',
  		 [$key.'studentcalc'],
  		 $ENV{'course.'.$cid.'.domain'},
  		 $ENV{'course.'.$cid.'.num'})
- Line 838  sub devalidate {
+ Line 1440  sub devalidate {
  		 [$key.'assesscalc:'.$symb]);
          unless ($status eq 'ok ok') {
             &logthis('Could not devalidate spreadsheet '.
-                     $ENV{'user.name'}.' at '.$ENV{'user.domain'}.' for '.
+                     $uname.' at '.$udom.' for '.
  		    $symb.': '.$status);
          }
      }
  }
+ sub get_scalar {
+     my ($string,$end) = @_;
+     my $value;
+     if ($$string =~ s/^([^&]*?)($end)/$2/) {
+ 	$value = $1;
+     } elsif ($$string =~ s/^([^&]*?)&//) {
+ 	$value = $1;
+     }
+     return &unescape($value);
+ }
+ sub array2str {
+   my (@array) = @_;
+   my $result=&arrayref2str(\@array);
+   $result=~s/^__ARRAY_REF__//;
+   $result=~s/__END_ARRAY_REF__$//;
+   return $result;
+ }
+ sub arrayref2str {
+   my ($arrayref) = @_;
+   my $result='__ARRAY_REF__';
+   foreach my $elem (@$arrayref) {
+     if(ref($elem) eq 'ARRAY') {
+       $result.=&arrayref2str($elem).'&';
+     } elsif(ref($elem) eq 'HASH') {
+       $result.=&hashref2str($elem).'&';
+     } elsif(ref($elem)) {
+       #print("Got a ref of ".(ref($elem))." skipping.");
+     } else {
+       $result.=&escape($elem).'&';
+     }
+   }
+   $result=~s/\&$//;
+   $result .= '__END_ARRAY_REF__';
+   return $result;
+ }
+ sub hash2str {
+   my (%hash) = @_;
+   my $result=&hashref2str(\%hash);
+   $result=~s/^__HASH_REF__//;
+   $result=~s/__END_HASH_REF__$//;
+   return $result;
+ }
+ sub hashref2str {
+   my ($hashref)=@_;
+   my $result='__HASH_REF__';
+   foreach (keys(%$hashref)) {
+     if (ref($_) eq 'ARRAY') {
+       $result.=&arrayref2str($_).'=';
+     } elsif (ref($_) eq 'HASH') {
+       $result.=&hashref2str($_).'=';
+     } elsif (ref($_)) {
+       $result.='=';
+       #print("Got a ref of ".(ref($_))." skipping.");
+     } else {
+ 	if ($_) {$result.=&escape($_).'=';} else { last; }
+     }
+     if(ref($hashref->{$_}) eq 'ARRAY') {
+       $result.=&arrayref2str($hashref->{$_}).'&';
+     } elsif(ref($hashref->{$_}) eq 'HASH') {
+       $result.=&hashref2str($hashref->{$_}).'&';
+     } elsif(ref($hashref->{$_})) {
+        $result.='&';
+       #print("Got a ref of ".(ref($hashref->{$_}))." skipping.");
+     } else {
+       $result.=&escape($hashref->{$_}).'&';
+     }
+   }
+   $result=~s/\&$//;
+   $result .= '__END_HASH_REF__';
+   return $result;
+ }
+ sub str2hash {
+     my ($string)=@_;
+     my ($hash)=&str2hashref('__HASH_REF__'.$string.'__END_HASH_REF__');
+     return %$hash;
+ }
+ sub str2hashref {
+   my ($string) = @_;
+   my %hash;
+   if($string !~ /^__HASH_REF__/) {
+       if (! ($string eq '' || !defined($string))) {
+ 	  $hash{'error'}='Not hash reference';
+       }
+       return (\%hash, $string);
+   }
+   $string =~ s/^__HASH_REF__//;
+   while($string !~ /^__END_HASH_REF__/) {
+       #key
+       my $key='';
+       if($string =~ /^__HASH_REF__/) {
+           ($key, $string)=&str2hashref($string);
+           if(defined($key->{'error'})) {
+               $hash{'error'}='Bad data';
+               return (\%hash, $string);
+           }
+       } elsif($string =~ /^__ARRAY_REF__/) {
+           ($key, $string)=&str2arrayref($string);
+           if($key->[0] eq 'Array reference error') {
+               $hash{'error'}='Bad data';
+               return (\%hash, $string);
+           }
+       } else {
+           $string =~ s/^(.*?)=//;
+ 	  $key=&unescape($1);
+       }
+       $string =~ s/^=//;
+       #value
+       my $value='';
+       if($string =~ /^__HASH_REF__/) {
+           ($value, $string)=&str2hashref($string);
+           if(defined($value->{'error'})) {
+               $hash{'error'}='Bad data';
+               return (\%hash, $string);
+           }
+       } elsif($string =~ /^__ARRAY_REF__/) {
+           ($value, $string)=&str2arrayref($string);
+           if($value->[0] eq 'Array reference error') {
+               $hash{'error'}='Bad data';
+               return (\%hash, $string);
+           }
+       } else {
+ 	  $value=&get_scalar(\$string,'__END_HASH_REF__');
+       }
+       $string =~ s/^&//;
+       $hash{$key}=$value;
+   }
+   $string =~ s/^__END_HASH_REF__//;
+   return (\%hash, $string);
+ }
+ sub str2array {
+     my ($string)=@_;
+     my ($array)=&str2arrayref('__ARRAY_REF__'.$string.'__END_ARRAY_REF__');
+     return @$array;
+ }
+ sub str2arrayref {
+   my ($string) = @_;
+   my @array;
+   if($string !~ /^__ARRAY_REF__/) {
+       if (! ($string eq '' || !defined($string))) {
+ 	  $array[0]='Array reference error';
+       }
+       return (\@array, $string);
+   }
+   $string =~ s/^__ARRAY_REF__//;
+   while($string !~ /^__END_ARRAY_REF__/) {
+       my $value='';
+       if($string =~ /^__HASH_REF__/) {
+           ($value, $string)=&str2hashref($string);
+           if(defined($value->{'error'})) {
+               $array[0] ='Array reference error';
+               return (\@array, $string);
+           }
+       } elsif($string =~ /^__ARRAY_REF__/) {
+           ($value, $string)=&str2arrayref($string);
+           if($value->[0] eq 'Array reference error') {
+               $array[0] ='Array reference error';
+               return (\@array, $string);
+           }
+       } else {
+ 	  $value=&get_scalar(\$string,'__END_ARRAY_REF__');
+       }
+       $string =~ s/^&//;
+       push(@array, $value);
+   }
+   $string =~ s/^__END_ARRAY_REF__//;
+   return (\@array, $string);
+ }
+ # -------------------------------------------------------------------Temp Store
+ sub tmpreset {
+   my ($symb,$namespace,$domain,$stuname) = @_;
+   if (!$symb) {
+     $symb=&symbread();
+     if (!$symb) { $symb= $ENV{'request.url'}; }
+   }
+   $symb=escape($symb);
+   if (!$namespace) { $namespace=$ENV{'request.state'}; }
+   $namespace=~s/\//\_/g;
+   $namespace=~s/\W//g;
+   #FIXME needs to do something for /pub resources
+   if (!$domain) { $domain=$ENV{'user.domain'}; }
+   if (!$stuname) { $stuname=$ENV{'user.name'}; }
+   my $path=$perlvar{'lonDaemons'}.'/tmp';
+   my %hash;
+   if (tie(%hash,'GDBM_File',
+ 	  $path.'/tmpstore_'.$stuname.'_'.$domain.'_'.$namespace.'.db',
+ 	  &GDBM_WRCREAT(),0640)) {
+     foreach my $key (keys %hash) {
+       if ($key=~ /:$symb/) {
+ 	delete($hash{$key});
+       }
+     }
+   }
+ }
+ sub tmpstore {
+   my ($storehash,$symb,$namespace,$domain,$stuname) = @_;
+   if (!$symb) {
+     $symb=&symbread();
+     if (!$symb) { $symb= $ENV{'request.url'}; }
+   }
+   $symb=escape($symb);
+   if (!$namespace) {
+     # I don't think we would ever want to store this for a course.
+     # it seems this will only be used if we don't have a course.
+     #$namespace=$ENV{'request.course.id'};
+     #if (!$namespace) {
+       $namespace=$ENV{'request.state'};
+     #}
+   }
+   $namespace=~s/\//\_/g;
+   $namespace=~s/\W//g;
+ #FIXME needs to do something for /pub resources
+   if (!$domain) { $domain=$ENV{'user.domain'}; }
+   if (!$stuname) { $stuname=$ENV{'user.name'}; }
+   my $now=time;
+   my %hash;
+   my $path=$perlvar{'lonDaemons'}.'/tmp';
+   if (tie(%hash,'GDBM_File',
+ 	  $path.'/tmpstore_'.$stuname.'_'.$domain.'_'.$namespace.'.db',
+ 	  &GDBM_WRCREAT(),0640)) {
+     $hash{"version:$symb"}++;
+     my $version=$hash{"version:$symb"};
+     my $allkeys='';
+     foreach my $key (keys(%$storehash)) {
+       $allkeys.=$key.':';
+       $hash{"$version:$symb:$key"}=$$storehash{$key};
+     }
+     $hash{"$version:$symb:timestamp"}=$now;
+     $allkeys.='timestamp';
+     $hash{"$version:keys:$symb"}=$allkeys;
+     if (untie(%hash)) {
+       return 'ok';
+     } else {
+       return "error:$!";
+     }
+   } else {
+     return "error:$!";
+   }
+ }
+ # -----------------------------------------------------------------Temp Restore
+ sub tmprestore {
+   my ($symb,$namespace,$domain,$stuname) = @_;
+   if (!$symb) {
+     $symb=&symbread();
+     if (!$symb) { $symb= $ENV{'request.url'}; }
+   }
+   $symb=escape($symb);
+   if (!$namespace) { $namespace=$ENV{'request.state'}; }
+   #FIXME needs to do something for /pub resources
+   if (!$domain) { $domain=$ENV{'user.domain'}; }
+   if (!$stuname) { $stuname=$ENV{'user.name'}; }
+   my %returnhash;
+   $namespace=~s/\//\_/g;
+   $namespace=~s/\W//g;
+   my %hash;
+   my $path=$perlvar{'lonDaemons'}.'/tmp';
+   if (tie(%hash,'GDBM_File',
+ 	  $path.'/tmpstore_'.$stuname.'_'.$domain.'_'.$namespace.'.db',
+ 	  &GDBM_READER(),0640)) {
+     my $version=$hash{"version:$symb"};
+     $returnhash{'version'}=$version;
+     my $scope;
+     for ($scope=1;$scope<=$version;$scope++) {
+       my $vkeys=$hash{"$scope:keys:$symb"};
+       my @keys=split(/:/,$vkeys);
+       my $key;
+       $returnhash{"$scope:keys"}=$vkeys;
+       foreach $key (@keys) {
+ 	$returnhash{"$scope:$key"}=$hash{"$scope:$symb:$key"};
+ 	$returnhash{"$key"}=$hash{"$scope:$symb:$key"};
+       }
+     }
+     if (!(untie(%hash))) {
+       return "error:$!";
+     }
+   } else {
+     return "error:$!";
+   }
+   return %returnhash;
+ }
  # ----------------------------------------------------------------------- Store
  sub store {
      my ($storehash,$symb,$namespace,$domain,$stuname) = @_;
      my $home='';
-     if ($stuname) {
+     if ($stuname) { $home=&homeserver($stuname,$domain); }
- 	$home=&homeserver($stuname,$domain);
-     }
+     $symb=&symbclean($symb);
      if (!$symb) { unless ($symb=&symbread()) { return ''; } }
-     &devalidate($symb);
-     $symb=escape($symb);
-     if (!$namespace) { unless ($namespace=$ENV{'request.course.id'}) { return ''; } }
      if (!$domain) { $domain=$ENV{'user.domain'}; }
      if (!$stuname) { $stuname=$ENV{'user.name'}; }
+     &devalidate($symb,$stuname,$domain);
+     $symb=escape($symb);
+     if (!$namespace) {
+        unless ($namespace=$ENV{'request.course.id'}) {
+           return '';
+        }
+     }
      if (!$home) { $home=$ENV{'user.home'}; }
      my $namevalue='';
-     map {
+     foreach (keys %$storehash) {
          $namevalue.=escape($_).'='.escape($$storehash{$_}).'&';
-     } keys %$storehash;
+     }
      $namevalue=~s/\&$//;
+     &courselog($symb.':'.$stuname.':'.$domain.':STORE:'.$namevalue);
      return reply("store:$domain:$stuname:$namespace:$symb:$namevalue","$home");
  }
- Line 877  sub cstore {
+ Line 1799  sub cstore {
      my ($storehash,$symb,$namespace,$domain,$stuname) = @_;
      my $home='';
-     if ($stuname) {
+     if ($stuname) { $home=&homeserver($stuname,$domain); }
- 	$home=&homeserver($stuname,$domain);
-     }
+     $symb=&symbclean($symb);
      if (!$symb) { unless ($symb=&symbread()) { return ''; } }
-     &devalidate($symb);
-     $symb=escape($symb);
-     if (!$namespace) { unless ($namespace=$ENV{'request.course.id'}) { return ''; } }
      if (!$domain) { $domain=$ENV{'user.domain'}; }
      if (!$stuname) { $stuname=$ENV{'user.name'}; }
+     &devalidate($symb,$stuname,$domain);
+     $symb=escape($symb);
+     if (!$namespace) {
+        unless ($namespace=$ENV{'request.course.id'}) {
+           return '';
+        }
+     }
      if (!$home) { $home=$ENV{'user.home'}; }
      my $namevalue='';
-     map {
+     foreach (keys %$storehash) {
          $namevalue.=escape($_).'='.escape($$storehash{$_}).'&';
-     } keys %$storehash;
+     }
      $namevalue=~s/\&$//;
-     return critical("store:$domain:$stuname:$namespace:$symb:$namevalue","$home");
+     &courselog($symb.':'.$stuname.':'.$domain.':CSTORE:'.$namevalue);
+     return critical
+                 ("store:$domain:$stuname:$namespace:$symb:$namevalue","$home");
  }
  # --------------------------------------------------------------------- Restore
- Line 905  sub restore {
+ Line 1833  sub restore {
      my ($symb,$namespace,$domain,$stuname) = @_;
      my $home='';
-     if ($stuname) {
+     if ($stuname) { $home=&homeserver($stuname,$domain); }
- 	$home=&homeserver($stuname,$domain);
-     }
      if (!$symb) {
        unless ($symb=escape(&symbread())) { return ''; }
      } else {
-       $symb=&escape($symb);
+       $symb=&escape(&symbclean($symb));
+     }
+     if (!$namespace) {
+        unless ($namespace=$ENV{'request.course.id'}) {
+           return '';
+        }
      }
-     if (!$namespace) { unless ($namespace=$ENV{'request.course.id'}) { return ''; } }
      if (!$domain) { $domain=$ENV{'user.domain'}; }
      if (!$stuname) { $stuname=$ENV{'user.name'}; }
      if (!$home) { $home=$ENV{'user.home'}; }
      my $answer=&reply("restore:$domain:$stuname:$namespace:$symb","$home");
      my %returnhash=();
-     map {
+     foreach (split(/\&/,$answer)) {
  	my ($name,$value)=split(/\=/,$_);
          $returnhash{&unescape($name)}=&unescape($value);
-     } split(/\&/,$answer);
+     }
      my $version;
      for ($version=1;$version<=$returnhash{'version'};$version++) {
-        map {
+        foreach (split(/\:/,$returnhash{$version.':keys'})) {
            $returnhash{$_}=$returnhash{$version.':'.$_};
-        } split(/\:/,$returnhash{$version.':keys'});
+        }
      }
      return %returnhash;
  }
- Line 942  sub coursedescription {
+ Line 1872  sub coursedescription {
      $courseid=~s/\_/\//g;
      my ($cdomain,$cnum)=split(/\//,$courseid);
      my $chome=&homeserver($cnum,$cdomain);
+     my $normalid=$cdomain.'_'.$cnum;
+     # need to always cache even if we get errors otherwise we keep
+     # trying and trying and trying to get the course description.
+     my %envhash=();
+     my %returnhash=();
+     $envhash{'course.'.$normalid.'.last_cache'}=time;
      if ($chome ne 'no_host') {
-        my %returnhash=&dump('environment',$cdomain,$cnum);
+        %returnhash=&dump('environment',$cdomain,$cnum);
         if (!exists($returnhash{'con_lost'})) {
-            my $normalid=$cdomain.'_'.$cnum;
-            my %envhash=();
             $returnhash{'home'}= $chome;
  	   $returnhash{'domain'} = $cdomain;
  	   $returnhash{'num'} = $cnum;
             while (my ($name,$value) = each %returnhash) {
                 $envhash{'course.'.$normalid.'.'.$name}=$value;
             }
-            $returnhash{'url'}='/res/'.declutter($returnhash{'url'});
+            $returnhash{'url'}=&clutter($returnhash{'url'});
             $returnhash{'fn'}=$perlvar{'lonDaemons'}.'/tmp/'.
  	       $ENV{'user.name'}.'_'.$cdomain.'_'.$cnum;
-            $envhash{'course.'.$normalid.'.last_cache'}=time;
             $envhash{'course.'.$normalid.'.home'}=$chome;
             $envhash{'course.'.$normalid.'.domain'}=$cdomain;
             $envhash{'course.'.$normalid.'.num'}=$cnum;
-            &appenv(%envhash);
-            return %returnhash;
         }
      }
-     return ();
+     &appenv(%envhash);
+     return %returnhash;
  }
  # -------------------------------------------------------- Get user privileges
- Line 980  sub rolesinit {
+ Line 1912  sub rolesinit {
      my $thesestr;
      if ($rolesdump ne '') {
-         map {
+         foreach (split(/&/,$rolesdump)) {
  	  if ($_!~/^rolesdef\&/) {
              my ($area,$role)=split(/=/,$_);
              $area=~s/\_\w\w$//;
              my ($trole,$tend,$tstart)=split(/_/,$role);
              $userroles.='user.role.'.$trole.'.'.$area.'='.
                          $tstart.'.'.$tend."\n";
+ # log the associated role with the area
+             &userrolelog($trole,$username,$domain,$area,$tstart,$tend);
              if ($tend!=0) {
  	        if ($tend<$now) {
  	            $trole='';
- Line 998  sub rolesinit {
+ Line 1932  sub rolesinit {
                  }
              }
              if (($area ne '') && ($trole ne '')) {
- 	       my $spec=$trole.'.'.$area;
+ 		my $spec=$trole.'.'.$area;
-                my ($tdummy,$tdomain,$trest)=split(/\//,$area);
+ 		my ($tdummy,$tdomain,$trest)=split(/\//,$area);
-                if ($trole =~ /^cr\//) {
+ 		if ($trole =~ /^cr\//) {
- 		   my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$trole);
+ 		    my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$trole);
-                    my $homsvr=homeserver($rauthor,$rdomain);
+ 		    my $homsvr=homeserver($rauthor,$rdomain);
-                    if ($hostname{$homsvr} ne '') {
+ 		    if ($hostname{$homsvr} ne '') {
-                       my $roledef=
+ 			my $roledef=
- 			  reply("get:$rdomain:$rauthor:roles:rolesdef_$rrole",
+ 			    reply("get:$rdomain:$rauthor:roles:rolesdef_$rrole",
-                                 $homsvr);
+ 				  $homsvr);
-                       if (($roledef ne 'con_lost') && ($roledef ne '')) {
+ 			if (($roledef ne 'con_lost') && ($roledef ne '')) {
-                          my ($syspriv,$dompriv,$coursepriv)=
+ 			    my ($syspriv,$dompriv,$coursepriv)=
- 			     split(/\_/,unescape($roledef));
+ 				split(/\_/,unescape($roledef));
-  	                 $allroles{'cm./'}.=':'.$syspriv;
+ 			    if (defined($syspriv)) {
-                          $allroles{$spec.'./'}.=':'.$syspriv;
+ 				$allroles{'cm./'}.=':'.$syspriv;
-                          if ($tdomain ne '') {
+ 				$allroles{$spec.'./'}.=':'.$syspriv;
-                              $allroles{'cm./'.$tdomain.'/'}.=':'.$dompriv;
+ 			    }
-                              $allroles{$spec.'./'.$tdomain.'/'}.=':'.$dompriv;
+ 			    if ($tdomain ne '') {
-                              if ($trest ne '') {
+ 				if (defined($dompriv)) {
- 		                $allroles{'cm.'.$area}.=':'.$coursepriv;
+ 				    $allroles{'cm./'.$tdomain.'/'}.=':'.$dompriv;
- 		                $allroles{$spec.'.'.$area}.=':'.$coursepriv;
+ 				    $allroles{$spec.'./'.$tdomain.'/'}.=':'.$dompriv;
-                              }
+ 				}
- 	                 }
+ 				if ($trest ne '') {
-                       }
+ 				    if (defined($coursepriv)) {
-                    }
+ 					$allroles{'cm.'.$area}.=':'.$coursepriv;
-                } else {
+ 					$allroles{$spec.'.'.$area}.=':'.$coursepriv;
- 	           $allroles{'cm./'}.=':'.$pr{$trole.':s'};
+ 				    }
- 	           $allroles{$spec.'./'}.=':'.$pr{$trole.':s'};
+ 				}
-                    if ($tdomain ne '') {
+ 			    }
-                      $allroles{'cm./'.$tdomain.'/'}.=':'.$pr{$trole.':d'};
+ 			}
-                      $allroles{$spec.'./'.$tdomain.'/'}.=':'.$pr{$trole.':d'};
+ 		    }
-                       if ($trest ne '') {
+ 		} else {
- 		          $allroles{'cm.'.$area}.=':'.$pr{$trole.':c'};
+ 		    if (defined($pr{$trole.':s'})) {
- 		          $allroles{$spec.'.'.$area}.=':'.$pr{$trole.':c'};
+ 			$allroles{'cm./'}.=':'.$pr{$trole.':s'};
-                       }
+ 			$allroles{$spec.'./'}.=':'.$pr{$trole.':s'};
- 	           }
+ 		    }
- 	       }
+ 		    if ($tdomain ne '') {
+ 			if (defined($pr{$trole.':d'})) {
+ 			    $allroles{'cm./'.$tdomain.'/'}.=':'.$pr{$trole.':d'};
+ 			    $allroles{$spec.'./'.$tdomain.'/'}.=':'.$pr{$trole.':d'};
+ 			}
+ 			if ($trest ne '') {
+ 			    if (defined($pr{$trole.':c'})) {
+ 				$allroles{'cm.'.$area}.=':'.$pr{$trole.':c'};
+ 				$allroles{$spec.'.'.$area}.=':'.$pr{$trole.':c'};
+ 			    }
+ 			}
+ 		    }
+ 		}
              }
            }
-         } split(/&/,$rolesdump);
+         }
          my $adv=0;
          my $author=0;
-         map {
+         foreach (keys %allroles) {
              %thesepriv=();
              if (($_!~/^st/) && ($_!~/^ta/) && ($_!~/^cm/)) { $adv=1; }
              if (($_=~/^au/) || ($_=~/^ca/)) { $author=1; }
-             map {
+             foreach (split(/:/,$allroles{$_})) {
                  if ($_ ne '') {
  		    my ($privilege,$restrictions)=split(/&/,$_);
                      if ($restrictions eq '') {
- Line 1054  sub rolesinit {
+ Line 2000  sub rolesinit {
                          }
                      }
                  }
-             } split(/:/,$allroles{$_});
+             }
              $thesestr='';
-             map { $thesestr.=':'.$_.'&'.$thesepriv{$_}; } keys %thesepriv;
+             foreach (keys %thesepriv) { $thesestr.=':'.$_.'&'.$thesepriv{$_}; }
              $userroles.='user.priv.'.$_.'='.$thesestr."\n";
-         } keys %allroles;
+         }
          $userroles.='user.adv='.$adv."\n".
  	            'user.author='.$author."\n";
          $ENV{'user.adv'}=$adv;
- Line 1071  sub rolesinit {
+ Line 2017  sub rolesinit {
  sub get {
     my ($namespace,$storearr,$udomain,$uname)=@_;
     my $items='';
-    map {
+    foreach (@$storearr) {
         $items.=escape($_).'&';
-    } @$storearr;
+    }
     $items=~s/\&$//;
     if (!$udomain) { $udomain=$ENV{'user.domain'}; }
     if (!$uname) { $uname=$ENV{'user.name'}; }
- Line 1081  sub get {
+ Line 2027  sub get {
     my $rep=&reply("get:$udomain:$uname:$namespace:$items",$uhome);
     my @pairs=split(/\&/,$rep);
+    if ( $#pairs==0 && $pairs[0] =~ /^(con_lost|error|no_such_host)/i) {
+      return @pairs;
+    }
     my %returnhash=();
     my $i=0;
-    map {
+    foreach (@$storearr) {
        $returnhash{$_}=unescape($pairs[$i]);
        $i++;
-    } @$storearr;
+    }
     return %returnhash;
  }
- Line 1095  sub get {
+ Line 2044  sub get {
  sub del {
     my ($namespace,$storearr,$udomain,$uname)=@_;
     my $items='';
-    map {
+    foreach (@$storearr) {
         $items.=escape($_).'&';
-    } @$storearr;
+    }
     $items=~s/\&$//;
     if (!$udomain) { $udomain=$ENV{'user.domain'}; }
     if (!$uname) { $uname=$ENV{'user.name'}; }
- Line 1109  sub del {
+ Line 2058  sub del {
  # -------------------------------------------------------------- dump interface
  sub dump {
-    my ($namespace,$udomain,$uname)=@_;
+    my ($namespace,$udomain,$uname,$regexp)=@_;
     if (!$udomain) { $udomain=$ENV{'user.domain'}; }
     if (!$uname) { $uname=$ENV{'user.name'}; }
     my $uhome=&homeserver($uname,$udomain);
-    my $rep=reply("dump:$udomain:$uname:$namespace",$uhome);
+    if ($regexp) {
+        $regexp=&escape($regexp);
+    } else {
+        $regexp='.';
+    }
+    my $rep=reply("dump:$udomain:$uname:$namespace:$regexp",$uhome);
     my @pairs=split(/\&/,$rep);
     my %returnhash=();
-    map {
+    foreach (@pairs) {
        my ($key,$value)=split(/=/,$_);
        $returnhash{unescape($key)}=unescape($value);
-    } @pairs;
+    }
+    return %returnhash;
+ }
+ # --------------------------------------------------------------- currentdump
+ sub currentdump {
+    my ($courseid,$sdom,$sname)=@_;
+    $courseid = $ENV{'request.course.id'} if (! defined($courseid));
+    $sdom     = $ENV{'user.domain'}       if (! defined($sdom));
+    $sname    = $ENV{'user.name'}         if (! defined($sname));
+    my $uhome = &homeserver($sname,$sdom);
+    my $rep=reply('currentdump:'.$sdom.':'.$sname.':'.$courseid,$uhome);
+    return if ($rep =~ /^(error:|no_such_host)/);
+    #
+    my %returnhash=();
+    #
+    if ($rep eq "unknown_cmd") {
+        # an old lond will not know currentdump
+        # Do a dump and make it look like a currentdump
+        my @tmp = &dump($courseid,$sdom,$sname,'.');
+        return if ($tmp[0] =~ /^(error:|no_such_host)/);
+        my %hash = @tmp;
+        @tmp=();
+        # Code ripped from lond, essentially.  The only difference
+        # here is the unescaping done by lonnet::dump().  Conceivably
+        # we might run in to problems with parameter names =~ /^v\./
+        while (my ($key,$value) = each(%hash)) {
+            my ($v,$symb,$param) = split(/:/,$key);
+            next if ($v eq 'version' || $symb eq 'keys');
+            next if (exists($returnhash{$symb}) &&
+                     exists($returnhash{$symb}->{$param}) &&
+                     $returnhash{$symb}->{'v.'.$param} > $v);
+            $returnhash{$symb}->{$param}=$value;
+            $returnhash{$symb}->{'v.'.$param}=$v;
+        }
+        #
+        # Remove all of the keys in the hashes which keep track of
+        # the version of the parameter.
+        while (my ($symb,$param_hash) = each(%returnhash)) {
+            # use a foreach because we are going to delete from the hash.
+            foreach my $key (keys(%$param_hash)) {
+                delete($param_hash->{$key}) if ($key =~ /^v\./);
+            }
+        }
+    } else {
+        my @pairs=split(/\&/,$rep);
+        foreach (@pairs) {
+            my ($key,$value)=split(/=/,$_);
+            my ($symb,$param) = split(/:/,$key);
+            $returnhash{&unescape($symb)}->{&unescape($param)} =
+                                                           &unescape($value);
+        }
+    }
     return %returnhash;
  }
- Line 1131  sub put {
+ Line 2137  sub put {
     if (!$uname) { $uname=$ENV{'user.name'}; }
     my $uhome=&homeserver($uname,$udomain);
     my $items='';
-    map {
+    foreach (keys %$storehash) {
         $items.=&escape($_).'='.&escape($$storehash{$_}).'&';
-    } keys %$storehash;
+    }
     $items=~s/\&$//;
     return &reply("put:$udomain:$uname:$namespace:$items",$uhome);
  }
- Line 1146  sub cput {
+ Line 2152  sub cput {
     if (!$uname) { $uname=$ENV{'user.name'}; }
     my $uhome=&homeserver($uname,$udomain);
     my $items='';
-    map {
+    foreach (keys %$storehash) {
         $items.=escape($_).'='.escape($$storehash{$_}).'&';
-    } keys %$storehash;
+    }
     $items=~s/\&$//;
     return &critical("put:$udomain:$uname:$namespace:$items",$uhome);
  }
- Line 1158  sub cput {
+ Line 2164  sub cput {
  sub eget {
     my ($namespace,$storearr,$udomain,$uname)=@_;
     my $items='';
-    map {
+    foreach (@$storearr) {
         $items.=escape($_).'&';
-    } @$storearr;
+    }
     $items=~s/\&$//;
     if (!$udomain) { $udomain=$ENV{'user.domain'}; }
     if (!$uname) { $uname=$ENV{'user.name'}; }
- Line 1169  sub eget {
+ Line 2175  sub eget {
     my @pairs=split(/\&/,$rep);
     my %returnhash=();
     my $i=0;
-    map {
+    foreach (@$storearr) {
        $returnhash{$_}=unescape($pairs[$i]);
        $i++;
-    } @$storearr;
+    }
     return %returnhash;
  }
+ # ---------------------------------------------- Custom access rule evaluation
+ sub customaccess {
+     my ($priv,$uri)=@_;
+     my ($urole,$urealm)=split(/\./,$ENV{'request.role'});
+     $urealm=~s/^\W//;
+     my ($udom,$ucrs,$usec)=split(/\//,$urealm);
+     my $access=0;
+     foreach (split(/\s*\,\s*/,&metadata($uri,'rule_rights'))) {
+ 	my ($effect,$realm,$role)=split(/\:/,$_);
+         if ($role) {
+ 	   if ($role ne $urole) { next; }
+         }
+         foreach (split(/\s*\,\s*/,$realm)) {
+             my ($tdom,$tcrs,$tsec)=split(/\_/,$_);
+             if ($tdom) {
+ 		if ($tdom ne $udom) { next; }
+             }
+             if ($tcrs) {
+ 		if ($tcrs ne $ucrs) { next; }
+             }
+             if ($tsec) {
+ 		if ($tsec ne $usec) { next; }
+             }
+             $access=($effect eq 'allow');
+             last;
+         }
+     }
+     return $access;
+ }
  # ------------------------------------------------- Check for a user privilege
  sub allowed {
- Line 1193  sub allowed {
+ Line 2230  sub allowed {
  # Free bre to public access
      if ($priv eq 'bre') {
- 	if (&metadata($uri,'copyright') eq 'public') { return 'F'; }
+         my $copyright=&metadata($uri,'copyright');
+ 	if (($copyright eq 'public') && (!$ENV{'request.course.id'})) {
+            return 'F';
+         }
+         if ($copyright eq 'priv') {
+             $uri=~/([^\/]+)\/([^\/]+)\//;
+ 	    unless (($ENV{'user.name'} eq $2) && ($ENV{'user.domain'} eq $1)) {
+ 		return '';
+             }
+         }
+         if ($copyright eq 'domain') {
+             $uri=~/([^\/]+)\/([^\/]+)\//;
+ 	    unless (($ENV{'user.domain'} eq $1) ||
+                  ($ENV{'course.'.$ENV{'request.course.id'}.'.domain'} eq $1)) {
+ 		return '';
+             }
+         }
+         if ($ENV{'request.role'}=~ /li\.\//) {
+             # Library role, so allow browsing of resources in this domain.
+             return 'F';
+         }
+         if ($copyright eq 'custom') {
+ 	    unless (&customaccess($priv,$uri)) { return ''; }
+         }
+     }
+     # Domain coordinator is trying to create a course
+     if (($priv eq 'ccc') && ($ENV{'request.role'} =~ /^dc\./)) {
+         # uri is the requested domain in this case.
+         # comparison to 'request.role.domain' shows if the user has selected
+         # a role of dc for the domain in question.
+         return 'F' if ($uri eq $ENV{'request.role.domain'});
      }
      my $thisallowed='';
- Line 1223  sub allowed {
+ Line 2290  sub allowed {
         $thisallowed.=$1;
      }
+ # URI is an uploaded document for this course
+     if (($priv eq 'bre') &&
+         ($uri=~/^uploaded\/$ENV{'course.'.$ENV{'request.course.id'}.'.domain'}\/$ENV{'course.'.$ENV{'request.course.id'}.'.num'}/)) {
+         return 'F';
+     }
  # Full access at system, domain or course-wide level? Exit.
      if ($thisallowed=~/F/) {
- Line 1231  sub allowed {
+ Line 2304  sub allowed {
  # If this is generating or modifying users, exit with special codes
-     if (':csu:cdc:ccc:cin:cta:cep:ccr:cst:cad:cli:cau:cdg:'=~/\:$priv\:/) {
+     if (':csu:cdc:ccc:cin:cta:cep:ccr:cst:cad:cli:cau:cdg:cca:'=~/\:$priv\:/) {
  	return $thisallowed;
      }
  #
- Line 1241  sub allowed {
+ Line 2314  sub allowed {
  # the course
      if ($ENV{'request.course.id'}) {
         $courseprivid=$ENV{'request.course.id'};
         if ($ENV{'request.course.sec'}) {
            $courseprivid.='/'.$ENV{'request.course.sec'};
         }
         $courseprivid=~s/\_/\//;
         my $checkreferer=1;
-        my @uriparts=split(/\//,$uri);
+        my ($match,$cond)=&is_on_map($uri);
-        my $filename=$uriparts[$#uriparts];
+        if ($match) {
-        my $pathname=$uri;
+            $statecond=$cond;
-        $pathname=~s/\/$filename$//;
-        if ($ENV{'acc.res.'.$ENV{'request.course.id'}.'.'.$pathname}=~
-            /\&$filename\:([\d\|]+)\&/) {
-            $statecond=$1;
             if ($ENV{'user.priv.'.$ENV{'request.role'}.'./'.$courseprivid}
                 =~/$priv\&([^\:]*)/) {
                 $thisallowed.=$1;
- Line 1263  sub allowed {
+ Line 2333  sub allowed {
         if ($checkreferer) {
  	  my $refuri=$ENV{'httpref.'.$orguri};
              unless ($refuri) {
-                 map {
+                 foreach (keys %ENV) {
  		    if ($_=~/^httpref\..*\*/) {
  			my $pattern=$_;
                          $pattern=~s/^httpref\.\/res\///;
- Line 1275  sub allowed {
+ Line 2344  sub allowed {
  			    $refuri=$ENV{$_};
                          }
                      }
-                 } keys %ENV;
+                 }
              }
           if ($refuri) {
  	  $refuri=&declutter($refuri);
-           my @uriparts=split(/\//,$refuri);
+           my ($match,$cond)=&is_on_map($refuri);
-           my $filename=$uriparts[$#uriparts];
+             if ($match) {
-           my $pathname=$refuri;
+               my $refstatecond=$cond;
-           $pathname=~s/\/$filename$//;
-             if ($ENV{'acc.res.'.$ENV{'request.course.id'}.'.'.$pathname}=~
-               /\&$filename\:([\d\|]+)\&/) {
-               my $refstatecond=$1;
                if ($ENV{'user.priv.'.$ENV{'request.role'}.'./'.$courseprivid}
                    =~/$priv\&([^\:]*)/) {
                    $thisallowed.=$1;
- Line 1344  sub allowed {
+ Line 2410  sub allowed {
                  || ($ENV{$prefix.'res.'.$uri.'.lock.sections'} eq 'all')) {
  		   if ($ENV{$prefix.'res.'.$uri.'.lock.expire'}>time) {
                         &log($ENV{'user.domain'},$ENV{'user.name'},
-                             $ENV{'user.host'},
+                             $ENV{'user.home'},
                              'Locked by res: '.$priv.' for '.$uri.' due to '.
                              $cdom.'/'.$cnum.'/'.$csec.' expire '.
                              $ENV{$prefix.'priv.'.$priv.'.lock.expire'});
- Line 1355  sub allowed {
+ Line 2421  sub allowed {
                  || ($ENV{$prefix.'priv.'.$priv.'.lock.sections'} eq 'all')) {
  		   if ($ENV{'priv.'.$priv.'.lock.expire'}>time) {
                         &log($ENV{'user.domain'},$ENV{'user.name'},
-                             $ENV{'user.host'},
+                             $ENV{'user.home'},
                              'Locked by priv: '.$priv.' for '.$uri.' due to '.
                              $cdom.'/'.$cnum.'/'.$csec.' expire '.
                              $ENV{$prefix.'priv.'.$priv.'.lock.expire'});
- Line 1383  sub allowed {
+ Line 2449  sub allowed {
     if ($thisallowed=~/C/) {
         my $rolecode=(split(/\./,$ENV{'request.role'}))[0];
+        my $unamedom=$ENV{'user.name'}.':'.$ENV{'user.domain'};
         if ($ENV{'course.'.$ENV{'request.course.id'}.'.'.$priv.'.roles.denied'}
- 	   =~/\,$rolecode\,/) {
+ 	   =~/$rolecode/) {
             &log($ENV{'user.domain'},$ENV{'user.name'},$ENV{'user.host'},
                  'Denied by role: '.$priv.' for '.$uri.' as '.$rolecode.' in '.
                  $ENV{'request.course.id'});
             return '';
         }
+        if ($ENV{'course.'.$ENV{'request.course.id'}.'.'.$priv.'.users.denied'}
+ 	   =~/$unamedom/) {
+            &log($ENV{'user.domain'},$ENV{'user.name'},$ENV{'user.host'},
+                 'Denied by user: '.$priv.' for '.$uri.' as '.$unamedom.' in '.
+                 $ENV{'request.course.id'});
+            return '';
+        }
     }
  # Resource preferences
     if ($thisallowed=~/R/) {
         my $rolecode=(split(/\./,$ENV{'request.role'}))[0];
-        my $filename=$perlvar{'lonDocRoot'}.'/res/'.$uri.'.meta';
+        if (&metadata($uri,'roledeny')=~/$rolecode/) {
-        if (-e $filename) {
+ 	  &log($ENV{'user.domain'},$ENV{'user.name'},$ENV{'user.host'},
-            my @content;
-            {
- 	     my $fh=Apache::File->new($filename);
-              @content=<$fh>;
- 	   }
-            if (join('',@content)=~
-                     /\<roledeny[^\>]*\>[^\<]*$rolecode[^\<]*\<\/roledeny\>/) {
- 	       &log($ENV{'user.domain'},$ENV{'user.name'},$ENV{'user.host'},
                      'Denied by role: '.$priv.' for '.$uri.' as '.$rolecode);
-            return '';
+           return '';
-            }
         }
     }
- # Restricted by state?
+ # Restricted by state or randomout?
     if ($thisallowed=~/X/) {
+       if ($ENV{'acc.randomout'}) {
+          my $symb=&symbread($uri,1);
+          if (($symb) && ($ENV{'acc.randomout'}=~/\&$symb\&/)) {
+             return '';
+          }
+       }
        if (&condval($statecond)) {
  	 return '2';
        } else {
- Line 1426  sub allowed {
+ Line 2497  sub allowed {
     return 'F';
  }
+ # --------------------------------------------------- Is a resource on the map?
+ sub is_on_map {
+     my $uri=&declutter(shift);
+     my @uriparts=split(/\//,$uri);
+     my $filename=$uriparts[$#uriparts];
+     my $pathname=$uri;
+     $pathname=~s|/\Q$filename\E$||;
+     $pathname=~s/^adm\/wrapper\///;
+     #Trying to find the conditional for the file
+     my $match=($ENV{'acc.res.'.$ENV{'request.course.id'}.'.'.$pathname}=~
+ 	       /\&\Q$filename\E\:([\d\|]+)\&/);
+     if ($match) {
+ 	return (1,$1);
+     } else {
+ 	return (0,0);
+     }
+ }
  # ----------------------------------------------------------------- Define Role
  sub definerole {
    if (allowed('mcr','/')) {
      my ($rolename,$sysrole,$domrole,$courole)=@_;
-     map {
+     foreach (split('/',$sysrole)) {
  	my ($crole,$cqual)=split(/\&/,$_);
          if ($pr{'cr:s'}!~/$crole/) { return "refused:s:$crole"; }
          if ($pr{'cr:s'}=~/$crole\&/) {
- Line 1439  sub definerole {
+ Line 2529  sub definerole {
                 return "refused:s:$crole&$cqual";
              }
          }
-     } split('/',$sysrole);
+     }
-     map {
+     foreach (split('/',$domrole)) {
  	my ($crole,$cqual)=split(/\&/,$_);
          if ($pr{'cr:d'}!~/$crole/) { return "refused:d:$crole"; }
          if ($pr{'cr:d'}=~/$crole\&/) {
- Line 1448  sub definerole {
+ Line 2538  sub definerole {
                 return "refused:d:$crole&$cqual";
              }
          }
-     } split('/',$domrole);
+     }
-     map {
+     foreach (split('/',$courole)) {
  	my ($crole,$cqual)=split(/\&/,$_);
          if ($pr{'cr:c'}!~/$crole/) { return "refused:c:$crole"; }
          if ($pr{'cr:c'}=~/$crole\&/) {
- Line 1457  sub definerole {
+ Line 2547  sub definerole {
                 return "refused:c:$crole&$cqual";
              }
          }
-     } split('/',$courole);
+     }
      my $command="encrypt:rolesput:$ENV{'user.domain'}:$ENV{'user.name'}:".
                  "$ENV{'user.domain'}:$ENV{'user.name'}:".
  	        "rolesdef_$rolename=".
- Line 1471  sub definerole {
+ Line 2561  sub definerole {
  # ---------------- Make a metadata query against the network of library servers
  sub metadata_query {
-     my ($query,$custom,$customshow)=@_;
+     my ($query,$custom,$customshow,$server_array)=@_;
-     # need to put in a library server loop here and return a hash
      my %rhash;
-     for my $server (keys %libserv) {
+     my @server_list = (defined($server_array) ? @$server_array
+                                               : keys(%libserv) );
+     for my $server (@server_list) {
  	unless ($custom or $customshow) {
  	    my $reply=&reply("querysend:".&escape($query),$server);
  	    $rhash{$server}=$reply;
- Line 1489  sub metadata_query {
+ Line 2580  sub metadata_query {
      return \%rhash;
  }
- # ------------------------------------------------------------------ Plain Text
+ # ----------------------------------------- Send log queries and wait for reply
- sub plaintext {
+ sub log_query {
-     my $short=shift;
+     my ($uname,$udom,$query,%filters)=@_;
-     return $prp{$short};
+     my $uhome=&homeserver($uname,$udom);
+     if ($uhome eq 'no_host') { return 'error: no_host'; }
+     my $uhost=$hostname{$uhome};
+     my $command=&escape(join(':',map{$_.'='.$filters{$_}} keys %filters));
+     my $queryid=&reply("querysend:".$query.':'.$udom.':'.$uname.':'.$command,
+                        $uhome);
+     unless ($queryid=~/^$uhost\_/) { return 'error: '.$queryid; }
+     return get_query_reply($queryid);
+ }
+ sub get_query_reply {
+     my $queryid=shift;
+     my $replyfile=$perlvar{'lonDaemons'}.'/tmp/'.$queryid;
+     my $reply='';
+     for (1..100) {
+ 	sleep 2;
+         if (-e $replyfile.'.end') {
+ 	    if (my $fh=Apache::File->new($replyfile)) {
+                $reply.=<$fh>;
+                $fh->close;
+ 	   } else { return 'error: reply_file_error'; }
+            return &unescape($reply);
+ 	}
+     }
+     return 'timeout:'.$queryid;
  }
- # ------------------------------------------------------------------ Plain Text
+ sub courselog_query {
+ #
+ # possible filters:
+ # url: url or symb
+ # username
+ # domain
+ # action: view, submit, grade
+ # start: timestamp
+ # end: timestamp
+ #
+     my (%filters)=@_;
+     unless ($ENV{'request.course.id'}) { return 'no_course'; }
+     if ($filters{'url'}) {
+ 	$filters{'url'}=&symbclean(&declutter($filters{'url'}));
+         $filters{'url'}=~s/\.(\w+)$/(\\.\\d+)*\\.$1/;
+         $filters{'url'}=~s/\.(\w+)\_\_\_/(\\.\\d+)*\\.$1/;
+     }
+     my $cname=$ENV{'course.'.$ENV{'request.course.id'}.'.num'};
+     my $cdom=$ENV{'course.'.$ENV{'request.course.id'}.'.domain'};
+     return &log_query($cname,$cdom,'courselog',%filters);
+ }
- sub fileembstyle {
+ sub userlog_query {
-     my $ending=shift;
+     my ($uname,$udom,%filters)=@_;
-     return $fe{$ending};
+     return &log_query($uname,$udom,'userlog',%filters);
  }
- # ------------------------------------------------------------ Description Text
+ # ------------------------------------------------------------------ Plain Text
- sub filedescription {
+ sub plaintext {
-     my $ending=shift;
+     my $short=shift;
-     return $fd{$ending};
+     return $prp{$short};
  }
  # ----------------------------------------------------------------- Assign Role
  sub assignrole {
-     my ($udom,$uname,$url,$role,$end,$start)=@_;
+     my ($udom,$uname,$url,$role,$end,$start,$deleteflag)=@_;
      my $mrole;
      if ($role =~ /^cr\//) {
  	unless (&allowed('ccr',$url)) {
- Line 1526  sub assignrole {
+ Line 2661  sub assignrole {
      } else {
          my $cwosec=$url;
          $cwosec=~s/^\/(\w+)\/(\w+)\/.*/$1\/$2/;
-         unless (&allowed('c'.$role,$cwosec)) {
+         unless ((&allowed('c'.$role,$cwosec)) || &allowed('c'.$role,$udom)) {
             &logthis('Refused assignrole: '.
               $udom.' '.$uname.' '.$url.' '.$role.' '.$end.' '.$start.' by '.
  		    $ENV{'user.name'}.' at '.$ENV{'user.domain'});
- Line 1544  sub assignrole {
+ Line 2679  sub assignrole {
             $command.='_0_'.$start;
          }
      }
-     return &reply($command,&homeserver($uname,$udom));
+ # actually delete
+     if ($deleteflag) {
+ 	if ((&allowed('dro',$udom)) || (&allowed('dro',$url))) {
+ # modify command to delete the role
+            $command="encrypt:rolesdel:$ENV{'user.domain'}:$ENV{'user.name'}:".
+                 "$udom:$uname:$url".'_'."$mrole";
+ 	   &logthis("$ENV{'user.name'} at $ENV{'user.domain'} deletes $mrole in $url for $uname at $udom");
+ # set start and finish to negative values for userrolelog
+            $start=-1;
+            $end=-1;
+         }
+     }
+ # send command
+     my $answer=&reply($command,&homeserver($uname,$udom));
+ # log new user role if status is ok
+     if ($answer eq 'ok') {
+ 	&userrolelog($mrole,$uname,$udom,$url,$start,$end);
+     }
+     return $answer;
  }
- # --------------------------------------------------------------- Modify a user
+ # -------------------------------------------------- Modify user authentication
+ # Overrides without validation
+ sub modifyuserauth {
+     my ($udom,$uname,$umode,$upass)=@_;
+     my $uhome=&homeserver($uname,$udom);
+     unless (&allowed('mau',$udom)) { return 'refused'; }
+     &logthis('Call to modify user authentication '.$udom.', '.$uname.', '.
+              $umode.' by '.$ENV{'user.name'}.' at '.$ENV{'user.domain'}.
+              ' in domain '.$ENV{'request.role.domain'});
+     my $reply=&reply('encrypt:changeuserauth:'.$udom.':'.$uname.':'.$umode.':'.
+ 		     &escape($upass),$uhome);
+     &log($ENV{'user.domain'},$ENV{'user.name'},$ENV{'user.home'},
+         'Authentication changed for '.$udom.', '.$uname.', '.$umode.
+          '(Remote '.$ENV{'REMOTE_ADDR'}.'): '.$reply);
+     &log($udom,,$uname,$uhome,
+         'Authentication changed by '.$ENV{'user.domain'}.', '.
+                                      $ENV{'user.name'}.', '.$umode.
+          '(Remote '.$ENV{'REMOTE_ADDR'}.'): '.$reply);
+     unless ($reply eq 'ok') {
+         &logthis('Authentication mode error: '.$reply);
+ 	return 'error: '.$reply;
+     }
+     return 'ok';
+ }
+ # --------------------------------------------------------------- Modify a user
  sub modifyuser {
-     my ($udom,$uname,$uid,$umode,$upass,$first,$middle,$last,$gene)=@_;
+     my ($udom,    $uname, $uid,
+         $umode,   $upass, $first,
+         $middle,  $last,  $gene,
+         $forceid, $desiredhome, $email)=@_;
+     $udom=~s/\W//g;
+     $uname=~s/\W//g;
      &logthis('Call to modify user '.$udom.', '.$uname.', '.$uid.', '.
               $umode.', '.$first.', '.$middle.', '.
- 	     $last.', '.$gene.' by '.
+ 	     $last.', '.$gene.'(forceid: '.$forceid.')'.
-              $ENV{'user.name'}.' at '.$ENV{'user.domain'});
+              (defined($desiredhome) ? ' desiredhome = '.$desiredhome :
-     my $uhome=&homeserver($uname,$udom);
+                                      ' desiredhome not specified').
+              ' by '.$ENV{'user.name'}.' at '.$ENV{'user.domain'}.
+              ' in domain '.$ENV{'request.role.domain'});
+     my $uhome=&homeserver($uname,$udom,'true');
  # ----------------------------------------------------------------- Create User
      if (($uhome eq 'no_host') && ($umode) && ($upass)) {
          my $unhome='';
- 	if ($ENV{'course.'.$ENV{'request.course.id'}.'.domain'} eq $udom) {
+         if (defined($desiredhome) && $hostdom{$desiredhome} eq $udom) {
+             $unhome = $desiredhome;
+ 	} elsif($ENV{'course.'.$ENV{'request.course.id'}.'.domain'} eq $udom) {
  	    $unhome=$ENV{'course.'.$ENV{'request.course.id'}.'.home'};
-         } else {
+         } else { # load balancing routine for determining $unhome
              my $tryserver;
              my $loadm=10000000;
              foreach $tryserver (keys %libserv) {
- Line 1576  sub modifyuser {
+ Line 2764  sub modifyuser {
  	    }
          }
          if (($unhome eq '') || ($unhome eq 'no_host')) {
- 	    return 'error: find home';
+ 	    return 'error: unable to find a home server for '.$uname.
+                    ' in domain '.$udom;
          }
          my $reply=&reply('encrypt:makeuser:'.$udom.':'.$uname.':'.$umode.':'.
                           &escape($upass),$unhome);
  	unless ($reply eq 'ok') {
              return 'error: '.$reply;
          }
-         $uhome=&homeserver($uname,$udom);
+         $uhome=&homeserver($uname,$udom,'true');
          if (($uhome eq '') || ($uhome eq 'no_host') || ($uhome ne $unhome)) {
- 	    return 'error: verify home';
+ 	    return 'error: unable verify users home machine.';
          }
-     }
+     }   # End of creation of new user
  # ---------------------------------------------------------------------- Add ID
      if ($uid) {
         $uid=~tr/A-Z/a-z/;
         my %uidhash=&idrget($udom,$uname);
-        if (($uidhash{$uname}) && ($uidhash{$uname}!~/error\:/)) {
+        if (($uidhash{$uname}) && ($uidhash{$uname}!~/error\:/)
+          && (!$forceid)) {
  	  unless ($uid eq $uidhash{$uname}) {
- 	      return 'error: mismatch '.$uidhash{$uname}.' versus '.$uid;
+ 	      return 'error: user id "'.$uid.'" does not match '.
+                   'current user id "'.$uidhash{$uname}.'".';
            }
         } else {
  	  &idput($udom,($uname => $uid));
         }
      }
  # -------------------------------------------------------------- Add names, etc
-     my %names=&get('environment',
+     my @tmp=&get('environment',
  		   ['firstname','middlename','lastname','generation'],
  		   $udom,$uname);
-     if ($first)  { $names{'firstname'}  = $first; }
+     my %names;
-     if ($middle) { $names{'middlename'} = $middle; }
+     if ($tmp[0] =~ m/^error:.*/) {
-     if ($last)   { $names{'lastname'}   = $last; }
+         %names=();
-     if ($gene)   { $names{'generation'} = $gene; }
+     } else {
+         %names = @tmp;
+     }
+     if (defined($first))  { $names{'firstname'}  = $first; }
+     if (defined($middle)) { $names{'middlename'} = $middle; }
+     if (defined($last))   { $names{'lastname'}   = $last; }
+     if (defined($gene))   { $names{'generation'} = $gene; }
+     if (defined($email))  { $names{'notification'} = $email;
+                             $names{'critnotification'} = $email; }
      my $reply = &put('environment', \%names, $udom,$uname);
      if ($reply ne 'ok') { return 'error: '.$reply; }
      &logthis('Success modifying user '.$udom.', '.$uname.', '.$uid.', '.
- Line 1621  sub modifyuser {
+ Line 2822  sub modifyuser {
  sub modifystudent {
      my ($udom,$uname,$uid,$umode,$upass,$first,$middle,$last,$gene,$usec,
-         $end,$start)=@_;
+         $end,$start,$forceid,$desiredhome,$email)=@_;
      my $cid='';
      unless ($cid=$ENV{'request.course.id'}) {
  	return 'not_in_class';
      }
  # --------------------------------------------------------------- Make the user
      my $reply=&modifyuser
- 	($udom,$uname,$uid,$umode,$upass,$first,$middle,$last,$gene);
+ 	($udom,$uname,$uid,$umode,$upass,$first,$middle,$last,$gene,$forceid,
+          $desiredhome,$email);
      unless ($reply eq 'ok') { return $reply; }
+     # This will cause &modify_student_enrollment to get the uid from the
+     # students environment
+     $uid = undef if (!$forceid);
+     $reply = &modify_student_enrollment($udom,$uname,$uid,$first,$middle,
+                                         $last,$gene,$usec,$end,$start);
+     return $reply;
+ }
+ sub modify_student_enrollment {
+     my ($udom,$uname,$uid,$first,$middle,$last,$gene,$usec,$end,$start) = @_;
+     # Get the course id from the environment
+     my $cid='';
+     unless ($cid=$ENV{'request.course.id'}) {
+ 	return 'not_in_class';
+     }
+     # Make sure the user exists
      my $uhome=&homeserver($uname,$udom);
      if (($uhome eq '') || ($uhome eq 'no_host')) {
  	return 'error: no such user';
      }
- # -------------------------------------------------- Add student to course list
+     #
-     $reply=critical('put:'.$ENV{'course.'.$cid.'.domain'}.':'.
+     # Get student data if we were not given enough information
+     if (!defined($first)  || $first  eq '' ||
+         !defined($last)   || $last   eq '' ||
+         !defined($uid)    || $uid    eq '' ||
+         !defined($middle) || $middle eq '' ||
+         !defined($gene)   || $gene   eq '') {
+         # They did not supply us with enough data to enroll the student, so
+         # we need to pick up more information.
+         my %tmp = &get('environment',
+                        ['firstname','middlename','lastname', 'generation','id']
+                        ,$udom,$uname);
+         foreach (keys(%tmp)) {
+             &logthis("key $_ = ".$tmp{$_});
+         }
+         $first  = $tmp{'firstname'}  if (!defined($first)  || $first  eq '');
+         $middle = $tmp{'middlename'} if (!defined($middle) || $middle eq '');
+         $last   = $tmp{'lastname'}   if (!defined($last)   || $last eq '');
+         $gene   = $tmp{'generation'} if (!defined($gene)   || $gene eq '');
+         $uid    = $tmp{'id'}         if (!defined($uid)    || $uid  eq '');
+     }
+     my $fullname = &Apache::loncoursedata::ProcessFullName($last,$gene,
+                                                            $first,$middle);
+     my $reply=critical('put:'.$ENV{'course.'.$cid.'.domain'}.':'.
  	              $ENV{'course.'.$cid.'.num'}.':classlist:'.
                        &escape($uname.':'.$udom).'='.
-                       &escape($end.':'.$start),
+                       &escape(join(':',$end,$start,$uid,$usec,$fullname)),
  	              $ENV{'course.'.$cid.'.home'});
      unless (($reply eq 'ok') || ($reply eq 'delayed')) {
  	return 'error: '.$reply;
      }
- # ---------------------------------------------------- Add student role to user
+     # Add student role to user
      my $uurl='/'.$cid;
      $uurl=~s/\_/\//g;
      if ($usec) {
- Line 1664  sub writecoursepref {
+ Line 2905  sub writecoursepref {
  	return 'error: no such course';
      }
      my $cstring='';
-     map {
+     foreach (keys %prefs) {
  	$cstring.=escape($_).'='.escape($prefs{$_}).'&';
-     } keys %prefs;
+     }
      $cstring=~s/\&$//;
      return reply('put:'.$cdomain.':'.$cnum.':environment:'.$cstring,$chome);
  }
- Line 1674  sub writecoursepref {
+ Line 2915  sub writecoursepref {
  # ---------------------------------------------------------- Make/modify course
  sub createcourse {
-     my ($udom,$description,$url)=@_;
+     my ($udom,$description,$url,$course_server,$nonstandard)=@_;
      $url=&declutter($url);
      my $cid='';
-     unless (&allowed('ccc',$ENV{'user.domain'})) {
+     unless (&allowed('ccc',$udom)) {
-         return 'refused';
-     }
-     unless ($udom eq $ENV{'user.domain'}) {
          return 'refused';
      }
  # ------------------------------------------------------------------- Create ID
     my $uname=substr($$.time,0,5).unpack("H8",pack("I32",time)).
         unpack("H2",pack("I32",int(rand(255)))).$perlvar{'lonHostID'};
  # ----------------------------------------------- Make sure that does not exist
-    my $uhome=&homeserver($uname,$udom);
+    my $uhome=&homeserver($uname,$udom,'true');
     unless (($uhome eq '') || ($uhome eq 'no_host')) {
         $uname=substr($$.time,0,5).unpack("H8",pack("I32",time)).
          unpack("H2",pack("I32",int(rand(255)))).$perlvar{'lonHostID'};
-        $uhome=&homeserver($uname,$udom);
+        $uhome=&homeserver($uname,$udom,'true');
         unless (($uhome eq '') || ($uhome eq 'no_host')) {
             return 'error: unable to generate unique course-ID';
         }
     }
+ # ------------------------------------------------ Check supplied server name
+     $course_server = $ENV{'user.homeserver'} if (! defined($course_server));
+     if (! exists($libserv{$course_server})) {
+         return 'error:bad server name '.$course_server;
+     }
  # ------------------------------------------------------------- Make the course
      my $reply=&reply('encrypt:makeuser:'.$udom.':'.$uname.':none::',
-                       $ENV{'user.home'});
+                       $course_server);
      unless ($reply eq 'ok') { return 'error: '.$reply; }
-     $uhome=&homeserver($uname,$udom);
+     $uhome=&homeserver($uname,$udom,'true');
      if (($uhome eq '') || ($uhome eq 'no_host')) {
  	return 'error: no such course';
      }
+ # ----------------------------------------------------------------- Course made
+ # log existance
+     &courseidput($udom,&escape($udom.'_'.$uname).'='.&escape($description),
+                  $uhome);
+     &flushcourselogs();
+ # set toplevel url
+     my $topurl=$url;
+     unless ($nonstandard) {
+ # ------------------------------------------ For standard courses, make top url
+         my $mapurl=&clutter($url);
+         if ($mapurl eq '/res/') { $mapurl=''; }
+         $ENV{'form.initmap'}=(<<ENDINITMAP);
+ <map>
+ <resource id="1" type="start"></resource>
+ <resource id="2" src="$mapurl"></resource>
+ <resource id="3" type="finish"></resource>
+ <link index="1" from="1" to="2"></link>
+ <link index="2" from="2" to="3"></link>
+ </map>
+ ENDINITMAP
+         $topurl=&declutter(
+         &finishuserfileupload($uname,$udom,$uhome,'initmap','default.sequence')
+                           );
+     }
+ # ----------------------------------------------------------- Write preferences
      &writecoursepref($udom.'_'.$uname,
                       ('description' => $description,
-                       'url'         => $url));
+                       'url'         => $topurl));
      return '/'.$udom.'/'.$uname;
  }
  # ---------------------------------------------------------- Assign Custom Role
  sub assigncustomrole {
-     my ($udom,$uname,$url,$rdom,$rnam,$rolename,$end,$start)=@_;
+     my ($udom,$uname,$url,$rdom,$rnam,$rolename,$end,$start,$deleteflag)=@_;
      return &assignrole($udom,$uname,$url,'cr/'.$rdom.'/'.$rnam.'/'.$rolename,
-                        $end,$start);
+                        $end,$start,$deleteflag);
  }
  # ----------------------------------------------------------------- Revoke Role
  sub revokerole {
-     my ($udom,$uname,$url,$role)=@_;
+     my ($udom,$uname,$url,$role,$deleteflag)=@_;
      my $now=time;
-     return &assignrole($udom,$uname,$url,$role,$now);
+     return &assignrole($udom,$uname,$url,$role,$now,$deleteflag);
  }
  # ---------------------------------------------------------- Revoke Custom Role
  sub revokecustomrole {
-     my ($udom,$uname,$url,$rdom,$rnam,$rolename)=@_;
+     my ($udom,$uname,$url,$rdom,$rnam,$rolename,$deleteflag)=@_;
      my $now=time;
-     return &assigncustomrole($udom,$uname,$url,$rdom,$rnam,$rolename,$now);
+     return &assigncustomrole($udom,$uname,$url,$rdom,$rnam,$rolename,$now,
+            $deleteflag);
  }
  # ------------------------------------------------------------ Directory lister
  sub dirlist {
-     my $uri=shift;
+     my ($uri,$userdomain,$username,$alternateDirectoryRoot)=@_;
      $uri=~s/^\///;
      $uri=~s/\/$//;
-     my ($res,$udom,$uname,@rest)=split(/\//,$uri);
+     my ($udom, $uname);
-     if ($udom) {
+     (undef,$udom,$uname)=split(/\//,$uri);
-      if ($uname) {
+     if(defined($userdomain)) {
-        my $listing=reply('ls:'.$perlvar{'lonDocRoot'}.'/'.$uri,
+         $udom = $userdomain;
-                       homeserver($uname,$udom));
+     }
-        return split(/:/,$listing);
+     if(defined($username)) {
-      } else {
+         $uname = $username;
-        my $tryserver;
+     }
-        my %allusers=();
-        foreach $tryserver (keys %libserv) {
+     my $dirRoot = $perlvar{'lonDocRoot'};
- 	  if ($hostdom{$tryserver} eq $udom) {
+     if(defined($alternateDirectoryRoot)) {
-              my $listing=reply('ls:'.$perlvar{'lonDocRoot'}.'/res/'.$udom,
+         $dirRoot = $alternateDirectoryRoot;
- 			       $tryserver);
+         $dirRoot =~ s/\/$//;
-              if (($listing ne 'no_such_dir') && ($listing ne 'empty')
+     }
-               && ($listing ne 'con_lost')) {
-                 map {
+     if($udom) {
-                   my ($entry,@stat)=split(/&/,$_);
+         if($uname) {
-                   $allusers{$entry}=1;
+             my $listing=reply('ls:'.$dirRoot.'/'.$uri,
-                 } split(/:/,$listing);
+                               homeserver($uname,$udom));
-              }
+             return split(/:/,$listing);
- 	  }
+         } elsif(!defined($alternateDirectoryRoot)) {
-        }
+             my $tryserver;
-        my $alluserstr='';
+             my %allusers=();
-        map {
+             foreach $tryserver (keys %libserv) {
-            $alluserstr.=$_.'&user:';
+                 if($hostdom{$tryserver} eq $udom) {
-        } sort keys %allusers;
+                     my $listing=reply('ls:'.$perlvar{'lonDocRoot'}.'/res/'.
-        $alluserstr=~s/:$//;
+                                       $udom, $tryserver);
-        return split(/:/,$alluserstr);
+                     if (($listing ne 'no_such_dir') && ($listing ne 'empty')
-      }
+                         && ($listing ne 'con_lost')) {
-    } else {
+                         foreach (split(/:/,$listing)) {
-        my $tryserver;
+                             my ($entry,@stat)=split(/&/,$_);
-        my %alldom=();
+                             $allusers{$entry}=1;
-        foreach $tryserver (keys %libserv) {
+                         }
- 	   $alldom{$hostdom{$tryserver}}=1;
+                     }
-        }
+                 }
-        my $alldomstr='';
+             }
-        map {
+             my $alluserstr='';
-           $alldomstr.=$perlvar{'lonDocRoot'}.'/res/'.$_.'&domain:';
+             foreach (sort keys %allusers) {
-        } sort keys %alldom;
+                 $alluserstr.=$_.'&user:';
-        $alldomstr=~s/:$//;
+             }
-        return split(/:/,$alldomstr);
+             $alluserstr=~s/:$//;
-    }
+             return split(/:/,$alluserstr);
+         } else {
+             my @emptyResults = ();
+             push(@emptyResults, 'missing user name');
+             return split(':',@emptyResults);
+         }
+     } elsif(!defined($alternateDirectoryRoot)) {
+         my $tryserver;
+         my %alldom=();
+         foreach $tryserver (keys %libserv) {
+             $alldom{$hostdom{$tryserver}}=1;
+         }
+         my $alldomstr='';
+         foreach (sort keys %alldom) {
+             $alldomstr.=$perlvar{'lonDocRoot'}.'/res/'.$_.'&domain:';
+         }
+         $alldomstr=~s/:$//;
+         return split(/:/,$alldomstr);
+     } else {
+         my @emptyResults = ();
+         push(@emptyResults, 'missing domain');
+         return split(':',@emptyResults);
+     }
+ }
+ # --------------------------------------------- GetFileTimestamp
+ # This function utilizes dirlist and returns the date stamp for
+ # when it was last modified.  It will also return an error of -1
+ # if an error occurs
+ sub GetFileTimestamp {
+     my ($studentDomain,$studentName,$filename,$root)=@_;
+     $studentDomain=~s/\W//g;
+     $studentName=~s/\W//g;
+     my $subdir=$studentName.'__';
+     $subdir =~ s/(.)(.)(.).*/$1\/$2\/$3/;
+     my $proname="$studentDomain/$subdir/$studentName";
+     $proname .= '/'.$filename;
+     my ($fileStat) = &Apache::lonnet::dirlist($proname, $studentDomain,
+                                               $studentName, $root);
+     my @stats = split('&', $fileStat);
+     if($stats[0] ne 'empty' && $stats[0] ne 'no_such_dir') {
+         # @stats contains first the filename, then the stat output
+         return $stats[10]; # so this is 10 instead of 9.
+     } else {
+         return -1;
+     }
  }
  # -------------------------------------------------------- Value of a Condition
- Line 1799  sub condval {
+ Line 3115  sub condval {
      my $condidx=shift;
      my $result=0;
      my $allpathcond='';
-     map {
+     foreach (split(/\|/,$condidx)) {
         if (defined($ENV{'acc.cond.'.$ENV{'request.course.id'}.'.'.$_})) {
  	   $allpathcond.=
                 '('.$ENV{'acc.cond.'.$ENV{'request.course.id'}.'.'.$_}.')|';
         }
-     } split(/\|/,$condidx);
+     }
      $allpathcond=~s/\|$//;
      if ($ENV{'request.course.id'}) {
         if ($allpathcond) {
            my $operand='|';
  	  my @stack;
-           map {
+            foreach ($allpathcond=~/(\d+|\(|\)|\&|\|)/g) {
                if ($_ eq '(') {
                   push @stack,($operand,$result)
                } elsif ($_ eq ')') {
- Line 1828  sub condval {
+ Line 3144  sub condval {
                       $result=$result>$new?$new:$result;
                    } else {
                       $result=$result>$new?$result:$new;
                    }
                }
-           } ($allpathcond=~/(\d+|\(|\)|\&|\|)/g);
+           }
         }
      }
      return $result;
  }
- # --------------------------------------------------------- Value of a Variable
+ # ---------------------------------------------------- Devalidate courseresdata
+ sub devalidatecourseresdata {
+     my ($coursenum,$coursedomain)=@_;
+     my $hashid=$coursenum.':'.$coursedomain;
+     delete $courseresdatacache{$hashid.'.time'};
+ }
+ # --------------------------------------------------- Course Resourcedata Query
+ sub courseresdata {
+     my ($coursenum,$coursedomain,@which)=@_;
+     my $coursehom=&homeserver($coursenum,$coursedomain);
+     my $hashid=$coursenum.':'.$coursedomain;
+     my $dodump=0;
+     if (!defined($courseresdatacache{$hashid.'.time'})) {
+ 	$dodump=1;
+     } else {
+ 	if (time-$courseresdatacache{$hashid.'.time'}>300) { $dodump=1; }
+     }
+     if ($dodump) {
+ 	my %dumpreply=&dump('resourcedata',$coursedomain,$coursenum);
+ 	my ($tmp) = keys(%dumpreply);
+ 	if ($tmp !~ /^(con_lost|error|no_such_host)/i) {
+ 	    $courseresdatacache{$hashid.'.time'}=time;
+ 	    $courseresdatacache{$hashid}=\%dumpreply;
+ 	} elsif ($tmp =~ /^(con_lost|no_such_host)/) {
+ 	    return $tmp;
+ 	}
+     }
+     foreach my $item (@which) {
+ 	if (defined($courseresdatacache{$hashid}->{$item})) {
+ 	    return $courseresdatacache{$hashid}->{$item};
+ 	}
+     }
+     return undef;
+ }
+ #
+ # EXT resource caching routines
+ #
+ sub clear_EXT_cache_status {
+     &delenv('cache.EXT.');
+ }
+ sub EXT_cache_status {
+     my ($target_domain,$target_user) = @_;
+     my $cachename = 'cache.EXT.'.$target_user.'.'.$target_domain;
+     if (exists($ENV{$cachename}) && ($ENV{$cachename}+1800) > time) {
+         # We know already the user has no data
+         return 1;
+     } else {
+         return 0;
+     }
+ }
+ sub EXT_cache_set {
+     my ($target_domain,$target_user) = @_;
+     my $cachename = 'cache.EXT.'.$target_user.'.'.$target_domain;
+     &appenv($cachename => time);
+ }
+ # --------------------------------------------------------- Value of a Variable
  sub EXT {
-     my ($varname,$symbparm)=@_;
+     my ($varname,$symbparm,$udom,$uname,$usection)=@_;
      unless ($varname) { return ''; }
+     #get real user name/domain, courseid and symb
+     my $courseid;
+     my $publicuser;
+     if (!($uname && $udom)) {
+       (my $cursymb,$courseid,$udom,$uname,$publicuser)=
+ 	  &Apache::lonxml::whichuser($symbparm);
+       if (!$symbparm) {	$symbparm=$cursymb; }
+     } else {
+ 	$courseid=$ENV{'request.course.id'};
+     }
      my ($realm,$space,$qualifier,@therest)=split(/\./,$varname);
      my $rest;
-     if ($therest[0]) {
+     if (defined($therest[0])) {
         $rest=join('.',@therest);
      } else {
         $rest='';
      }
      my $qualifierrest=$qualifier;
      if ($rest) { $qualifierrest.='.'.$rest; }
      my $spacequalifierrest=$space;
- Line 1855  sub EXT {
+ Line 3245  sub EXT {
      if ($realm eq 'user') {
  # --------------------------------------------------------------- user.resource
  	if ($space eq 'resource') {
- 	    my %restored=&restore();
+ 	    if (defined($Apache::lonhomework::parsing_a_problem)) {
-             return $restored{$qualifierrest};
+ 		return $Apache::lonhomework::history{$qualifierrest};
+ 	    } else {
+ 		my %restored;
+ 		if ($publicuser || $ENV{'request.state'} eq 'construct') {
+ 		    %restored=&tmprestore($symbparm,$courseid,$udom,$uname);
+ 		} else {
+ 		    %restored=&restore($symbparm,$courseid,$udom,$uname);
+ 		}
+ 		return $restored{$qualifierrest};
+ 	    }
  # ----------------------------------------------------------------- user.access
          } elsif ($space eq 'access') {
+ 	    # FIXME - not supporting calls for a specific user
              return &allowed($qualifier,$rest);
  # ------------------------------------------ user.preferences, user.environment
          } elsif (($space eq 'preferences') || ($space eq 'environment')) {
-             return $ENV{join('.',('environment',$qualifierrest))};
+ 	    if (($uname eq $ENV{'user.name'}) &&
+ 		($udom eq $ENV{'user.domain'})) {
+ 		return $ENV{join('.',('environment',$qualifierrest))};
+ 	    } else {
+ 		my %returnhash;
+ 		if (!$publicuser) {
+ 		    %returnhash=&userenvironment($udom,$uname,
+ 						 $qualifierrest);
+ 		}
+ 		return $returnhash{$qualifierrest};
+ 	    }
  # ----------------------------------------------------------------- user.course
          } elsif ($space eq 'course') {
+ 	    # FIXME - not supporting calls for a specific user
              return $ENV{join('.',('request.course',$qualifier))};
  # ------------------------------------------------------------------- user.role
          } elsif ($space eq 'role') {
+ 	    # FIXME - not supporting calls for a specific user
              my ($role,$where)=split(/\./,$ENV{'request.role'});
              if ($qualifier eq 'value') {
  		return $role;
- Line 1876  sub EXT {
+ Line 3288  sub EXT {
              }
  # ----------------------------------------------------------------- user.domain
          } elsif ($space eq 'domain') {
-             return $ENV{'user.domain'};
+             return $udom;
  # ------------------------------------------------------------------- user.name
          } elsif ($space eq 'name') {
-             return $ENV{'user.name'};
+             return $uname;
  # ---------------------------------------------------- Any other user namespace
          } else {
-             my $item=($rest)?$qualifier.'.'.$rest:$qualifier;
+ 	    my %reply;
-             my %reply=&get($space,[$item]);
+ 	    if (!$publicuser) {
-             return $reply{$item};
+ 		%reply=&get($space,[$qualifierrest],$udom,$uname);
+ 	    }
+ 	    return $reply{$qualifierrest};
          }
-     } elsif ($realm eq 'request') {
+     } elsif ($realm eq 'query') {
+ # ---------------------------------------------- pull stuff out of query string
+         &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},
+ 						[$spacequalifierrest]);
+ 	return $ENV{'form.'.$spacequalifierrest};
+    } elsif ($realm eq 'request') {
  # ------------------------------------------------------------- request.browser
          if ($space eq 'browser') {
  	    return $ENV{'browser.'.$qualifier};
- Line 1896  sub EXT {
+ Line 3315  sub EXT {
          }
      } elsif ($realm eq 'course') {
  # ---------------------------------------------------------- course.description
-         return $ENV{'course.'.$ENV{'request.course.id'}.'.'.
+         return $ENV{'course.'.$courseid.'.'.$spacequalifierrest};
-                               $spacequalifierrest};
      } elsif ($realm eq 'resource') {
-        if ($ENV{'request.course.id'}) {
- #	   print '<br>'.$space.' - '.$qualifier.' - '.$spacequalifierrest;
+ 	if (defined($courseid) && $courseid eq $ENV{'request.course.id'}) {
+ 	    #print '<br>'.$space.' - '.$qualifier.' - '.$spacequalifierrest;
  # ----------------------------------------------------- Cascading lookup scheme
-          my $symbp;
+ 	    if (!$symbparm) { $symbparm=&symbread(); }
-          if ($symbparm) {
+ 	    my $symbp=$symbparm;
-             $symbp=$symbparm;
+ 	    my $mapp=(split(/\_\_\_/,$symbp))[0];
- 	 } else {
-             $symbp=&symbread();
+ 	    my $symbparm=$symbp.'.'.$spacequalifierrest;
-          }
+ 	    my $mapparm=$mapp.'___(all).'.$spacequalifierrest;
-          my $mapp=(split(/\_\_\_/,$symbp))[0];
+ 	    my $section;
-          my $symbparm=$symbp.'.'.$spacequalifierrest;
+ 	    if (($ENV{'user.name'} eq $uname) &&
-          my $mapparm=$mapp.'___(all).'.$spacequalifierrest;
+ 		($ENV{'user.domain'} eq $udom)) {
+ 		$section=$ENV{'request.course.sec'};
-          my $seclevel=
+ 	    } else {
-             $ENV{'request.course.id'}.'.['.
+                 if (! defined($usection)) {
- 		$ENV{'request.course.sec'}.'].'.$spacequalifierrest;
+                     $section=&usection($udom,$uname,$courseid);
-          my $seclevelr=
+                 } else {
-             $ENV{'request.course.id'}.'.['.
+                     $section = $usection;
- 		$ENV{'request.course.sec'}.'].'.$symbparm;
+                 }
-          my $seclevelm=
+ 	    }
-             $ENV{'request.course.id'}.'.['.
- 		$ENV{'request.course.sec'}.'].'.$mapparm;
-          my $courselevel=
-             $ENV{'request.course.id'}.'.'.$spacequalifierrest;
-          my $courselevelr=
-             $ENV{'request.course.id'}.'.'.$symbparm;
-          my $courselevelm=
-             $ENV{'request.course.id'}.'.'.$mapparm;
- # ----------------------------------------------------------- first, check user
+ 	    my $seclevel=$courseid.'.['.$section.'].'.$spacequalifierrest;
-          my %resourcedata=get('resourcedata',
+ 	    my $seclevelr=$courseid.'.['.$section.'].'.$symbparm;
-                            [$courselevelr,$courselevelm,$courselevel]);
+ 	    my $seclevelm=$courseid.'.['.$section.'].'.$mapparm;
-          if (($resourcedata{$courselevelr}!~/^error\:/) &&
-              ($resourcedata{$courselevelr}!~/^con_lost/)) {
+ 	    my $courselevel=$courseid.'.'.$spacequalifierrest;
+ 	    my $courselevelr=$courseid.'.'.$symbparm;
-          if ($resourcedata{$courselevelr}) {
+ 	    my $courselevelm=$courseid.'.'.$mapparm;
-             return $resourcedata{$courselevelr}; }
-          if ($resourcedata{$courselevelm}) {
-             return $resourcedata{$courselevelm}; }
-          if ($resourcedata{$courselevel}) { return $resourcedata{$courselevel}; }
-       } else {
+ # ----------------------------------------------------------- first, check user
- 	  if ($resourcedata{$courselevelr}!~/No such file/) {
+ 	    #most student don\'t have any data set, check if there is some data
- 	    &logthis("<font color=blue>WARNING:".
+             #every thirty minutes
- 		   " Trying to get resource data for ".$ENV{'user.name'}." at "
+ 	    if (! &EXT_cache_status($udom,$uname)) {
-                    .$ENV{'user.domain'}.": ".$resourcedata{$courselevelr}.
+ 		my %resourcedata=&get('resourcedata',
-                  "</font>");
+ 				      [$courselevelr,$courselevelm,$courselevel],
- 	  }
+ 				      $udom,$uname);
-       }
+ 		my ($tmp)=keys(%resourcedata);
+ 		if (($tmp!~/^error\:/) && ($tmp!~/^con_lost/)) {
+ 		    if ($resourcedata{$courselevelr}) {
+ 			return $resourcedata{$courselevelr}; }
+ 		    if ($resourcedata{$courselevelm}) {
+ 			return $resourcedata{$courselevelm}; }
+ 		    if ($resourcedata{$courselevel}) {
+ 			return $resourcedata{$courselevel}; }
+ 		} else {
+ 		    if ($tmp!~/No such file/) {
+ 			&logthis("<font color=blue>WARNING:".
+ 				 " Trying to get resource data for ".
+ 				 $uname." at ".$udom.": ".
+ 				 $tmp."</font>");
+ 		    } elsif ($tmp=~/error:No such file/) {
+                         &EXT_cache_set($udom,$uname);
+ 		    } elsif ($tmp =~ /^(con_lost|no_such_host)/) {
+ 			return $tmp;
+ 		    }
+ 		}
+ 	    }
  # -------------------------------------------------------- second, check course
-         my $reply=&reply('get:'.
+ 	    my $coursereply=&courseresdata($ENV{'course.'.$courseid.'.num'},
-               $ENV{'course.'.$ENV{'request.course.id'}.'.domain'}.':'.
+ 					  $ENV{'course.'.$courseid.'.domain'},
-               $ENV{'course.'.$ENV{'request.course.id'}.'.num'}.
+ 					  ($seclevelr,$seclevelm,$seclevel,
- 	      ':resourcedata:'.
+ 					   $courselevelr,$courselevelm,
-    &escape($seclevelr).'&'.&escape($seclevelm).'&'.&escape($seclevel).'&'.
+ 					   $courselevel));
-    &escape($courselevelr).'&'.&escape($courselevelm).'&'.&escape($courselevel),
+ 	    if (defined($coursereply)) { return $coursereply; }
- 		   $ENV{'course.'.$ENV{'request.course.id'}.'.home'});
-       if ($reply!~/^error\:/) {
- 	  map {
- 	      if ($_) { return &unescape($_); }
-           } split(/\&/,$reply);
-       }
-       if (($reply=~/^con_lost/) || ($reply=~/^error\:/)) {
- 	  &logthis("<font color=blue>WARNING:".
-                 " Getting ".$reply." asking for ".$varname." for ".
-                 $ENV{'course.'.$ENV{'request.course.id'}.'.num'}.
-                 ' at '.
-                 $ENV{'course.'.$ENV{'request.course.id'}.'.domain'}.
-                 ' from '.
-                 $ENV{'course.'.$ENV{'request.course.id'}.'.home'}.
-                  "</font>");
-       }
  # ------------------------------------------------------ third, check map parms
-        my %parmhash=();
+ 	    my %parmhash=();
-        my $thisparm='';
+ 	    my $thisparm='';
-        if (tie(%parmhash,'GDBM_File',
+ 	    if (tie(%parmhash,'GDBM_File',
-           $ENV{'request.course.fn'}.'_parms.db',&GDBM_READER,0640)) {
+ 		    $ENV{'request.course.fn'}.'_parms.db',
-            $thisparm=$parmhash{$symbparm};
+ 		    &GDBM_READER(),0640)) {
- 	   untie(%parmhash);
+ 		$thisparm=$parmhash{$symbparm};
-        }
+ 		untie(%parmhash);
-        if ($thisparm) { return $thisparm; }
+ 	    }
-      }
+ 	    if ($thisparm) { return $thisparm; }
+ 	}
  # --------------------------------------------- last, look in resource metadata
-       $spacequalifierrest=~s/\./\_/;
+ 	$spacequalifierrest=~s/\./\_/;
-       my $metadata=&metadata($ENV{'request.filename'},$spacequalifierrest);
+ 	my $filename;
-       if ($metadata) { return $metadata; }
+ 	if (!$symbparm) { $symbparm=&symbread(); }
-       $metadata=&metadata($ENV{'request.filename'},
+ 	if ($symbparm) {
-                                          'parameter_'.$spacequalifierrest);
+ 	    $filename=(split(/\_\_\_/,$symbparm))[2];
-       if ($metadata) { return $metadata; }
+ 	} else {
+ 	    $filename=$ENV{'request.filename'};
+ 	}
+ 	my $metadata=&metadata($filename,$spacequalifierrest);
+ 	if (defined($metadata)) { return $metadata; }
+ 	$metadata=&metadata($filename,'parameter_'.$spacequalifierrest);
+ 	if (defined($metadata)) { return $metadata; }
  # ------------------------------------------------------------------ Cascade up
+ 	unless ($space eq '0') {
-       unless ($space eq '0') {
+ 	    my @parts=split(/_/,$space);
-           my ($part,$id)=split(/\_/,$space);
+ 	    my $id=pop(@parts);
-           if ($id) {
+ 	    my $part=join('_',@parts);
- 	      my $partgeneral=&EXT('resource.'.$part.'.'.$qualifierrest,
+ 	    if ($part eq '') { $part='0'; }
-                                    $symbparm);
+ 	    my $partgeneral=&EXT('resource.'.$part.'.'.$qualifierrest,
-               if ($partgeneral) { return $partgeneral; }
+ 				 $symbparm,$udom,$uname);
-           } else {
+ 	    if (defined($partgeneral)) { return $partgeneral; }
-               my $resourcegeneral=&EXT('resource.0.'.$qualifierrest,
+ 	}
-                                        $symbparm);
-               if ($resourcegeneral) { return $resourcegeneral; }
-           }
-       }
  # ---------------------------------------------------- Any other user namespace
      } elsif ($realm eq 'environment') {
  # ----------------------------------------------------------------- environment
-         return $ENV{'environment.'.$spacequalifierrest};
+ 	if (($uname eq $ENV{'user.name'})&&($udom eq $ENV{'user.domain'})) {
+ 	    return $ENV{'environment.'.$spacequalifierrest};
+ 	} else {
+ 	    my %returnhash=&userenvironment($udom,$uname,
+ 					    $spacequalifierrest);
+ 	    return $returnhash{$spacequalifierrest};
+ 	}
      } elsif ($realm eq 'system') {
  # ----------------------------------------------------------------- system.time
  	if ($space eq 'time') {
- Line 2026  sub EXT {
+ Line 3444  sub EXT {
      return '';
  }
+ sub add_prefix_and_part {
+     my ($prefix,$part)=@_;
+     my $keyroot;
+     if (defined($prefix) && $prefix !~ /^__/) {
+ 	# prefix that has a part already
+ 	$keyroot=$prefix;
+     } elsif (defined($prefix)) {
+ 	# prefix that is missing a part
+ 	if (defined($part)) { $keyroot='_'.$part.substr($prefix,1); }
+     } else {
+ 	# no prefix at all
+ 	if (defined($part)) { $keyroot='_'.$part; }
+     }
+     return $keyroot;
+ }
  # ---------------------------------------------------------------- Get metadata
  sub metadata {
-     my ($uri,$what)=@_;
+     my ($uri,$what,$liburi,$prefix,$depthcount)=@_;
      $uri=&declutter($uri);
+     # if it is a non metadata possible uri return quickly
+     if (($uri eq '') || (($uri =~ m|^/*adm/|) && ($uri !~ m|^adm/includes|)) ||
+         ($uri =~ m|/$|) || ($uri =~ m|/.meta$|)) {
+ 	return '';
+     }
      my $filename=$uri;
      $uri=~s/\.meta$//;
-     unless ($metacache{$uri.':keys'}) {
+ #
+ # Is the metadata already cached?
+ # Look at timestamp of caching
+ # Everything is cached by the main uri, libraries are never directly cached
+ #
+     unless (abs($metacache{$uri.':cachedtimestamp'}-time)<600 && !defined($liburi)) {
+ #
+ # Is this a recursive call for a library?
+ #
+         if ($liburi) {
+ 	    $liburi=&declutter($liburi);
+             $filename=$liburi;
+         }
          my %metathesekeys=();
          unless ($filename=~/\.meta$/) { $filename.='.meta'; }
- 	my $metastring=&getfile($perlvar{'lonDocRoot'}.'/res/'.$filename);
+ 	my $metastring=&getfile(&filelocation('',&clutter($filename)));
-         my $parser=HTML::TokeParser->new(\$metastring);
+         my $parser=HTML::LCParser->new(\$metastring);
          my $token;
          undef %metathesekeys;
+ 	delete($metacache{$uri.':packages'});
          while ($token=$parser->get_token) {
-            if ($token->[0] eq 'S') {
+ 	    if ($token->[0] eq 'S') {
- 	     if (defined($token->[2]->{'package'})) {
+ 		if (defined($token->[2]->{'package'})) {
- 	      my $package=$token->[2]->{'package'};
+ #
- 	      my $keyroot='';
+ # This is a package - get package info
-               if (defined($token->[2]->{'part'})) {
+ #
-                  $keyroot.='_'.$token->[2]->{'part'};
+ 		    my $package=$token->[2]->{'package'};
- 	      }
+ 		    my $keyroot=&add_prefix_and_part($prefix,$token->[2]->{'part'});
-               if (defined($token->[2]->{'id'})) {
+ 		    if (defined($token->[2]->{'id'})) {
-                  $keyroot.='_'.$token->[2]->{'id'};
+ 			$keyroot.='_'.$token->[2]->{'id'};
- 	      }
+ 		    }
-               if ($metacache{$uri.':packages'}) {
+ 		    if ($metacache{$uri.':packages'}) {
-                  $metacache{$uri.':packages'}.=','.$package.$keyroot;
+ 			$metacache{$uri.':packages'}.=','.$package.$keyroot;
-               } else {
+ 		    } else {
-                  $metacache{$uri.':packages'}=$package.$keyroot;
+ 			$metacache{$uri.':packages'}=$package.$keyroot;
- 	      }
+ 		    }
-               map {
+ 		    foreach (keys %packagetab) {
- 		  if ($_=~/^$package\&/) {
+ 			if ($_=~/^$package\&/) {
- 		      my ($pack,$name,$subp)=split(/\&/,$_);
+ 			    my ($pack,$name,$subp)=split(/\&/,$_);
-                       my $value=$packagetab{$_};
+ 			    my $value=$packagetab{$_};
- 		      my $part=$keyroot;
+ 			    my $part=$keyroot;
-                       $part=~s/^\_//;
+ 			    $part=~s/^\_//;
-                       if ($subp eq 'display') {
+ 			    if ($subp eq 'display') {
- 			  $value.=' [Part: '.$part.']';
+ 				$value.=' [Part: '.$part.']';
-                       }
+ 			    }
-                       my $unikey='parameter'.$keyroot.'_'.$name;
+ 			    my $unikey='parameter'.$keyroot.'_'.$name;
-                       $metathesekeys{$unikey}=1;
+ 			    if ($subp eq 'default') {
-                       $metacache{$uri.':'.$unikey.'.part'}=$part;
+ 				$unikey='parameter_0_'.$name;
-                       unless
+ 				$metacache{$uri.':'.$unikey.'.part'}='0';
-                        (defined($metacache{$uri.':'.$unikey.'.'.$subp})) {
+ 			    } else {
-                          $metacache{$uri.':'.$unikey.'.'.$subp}=$value;
+ 				$metacache{$uri.':'.$unikey.'.part'}=$part;
- 		      }
+ 				$metathesekeys{$unikey}=1;
-                   }
+ 			    }
-               } keys %packagetab;
+ 			    unless (defined($metacache{$uri.':'.$unikey.'.'.$subp})) {
-              } else {
+ 				$metacache{$uri.':'.$unikey.'.'.$subp}=$value;
- 	      my $entry=$token->[1];
+ 			    }
-               my $unikey=$entry;
+ 			    if (defined($metacache{$uri.':'.$unikey.'.default'})) {
-               if (defined($token->[2]->{'part'})) {
+ 				$metacache{$uri.':'.$unikey}=
-                  $unikey.='_'.$token->[2]->{'part'};
+ 				    $metacache{$uri.':'.$unikey.'.default'};
- 	      }
+ 			    }
-               if (defined($token->[2]->{'id'})) {
+ 			}
-                  $unikey.='_'.$token->[2]->{'id'};
+ 		    }
- 	      }
+ 		} else {
-               if (defined($token->[2]->{'name'})) {
+ #
-                  $unikey.='_'.$token->[2]->{'name'};
+ # This is not a package - some other kind of start tag
- 	      }
+ #
-               $metathesekeys{$unikey}=1;
+ 		    my $entry=$token->[1];
-               map {
+ 		    my $unikey;
- 		  $metacache{$uri.':'.$unikey.'.'.$_}=$token->[2]->{$_};
+ 		    if ($entry eq 'import') {
-               } @{$token->[3]};
+ 			$unikey='';
-               unless (
+ 		    } else {
-                  $metacache{$uri.':'.$unikey}=$parser->get_text('/'.$entry)
+ 			$unikey=$entry;
- 		      ) { $metacache{$uri.':'.$unikey}=
+ 		    }
- 			      $metacache{$uri.':'.$unikey.'.default'};
+ 		    $unikey.=&add_prefix_and_part($prefix,$token->[2]->{'part'});
- 		      }
+ 		    if (defined($token->[2]->{'id'})) {
+ 			$unikey.='_'.$token->[2]->{'id'};
+ 		    }
+ 		    if ($entry eq 'import') {
+ #
+ # Importing a library here
+ #
+ 			if ($depthcount<20) {
+ 			    my $location=$parser->get_text('/import');
+ 			    my $dir=$filename;
+ 			    $dir=~s|[^/]*$||;
+ 			    $location=&filelocation($dir,$location);
+ 			    foreach (sort(split(/\,/,&metadata($uri,'keys',
+ 							       $location,$unikey,
+ 							       $depthcount+1)))) {
+ 				$metathesekeys{$_}=1;
+ 			    }
+ 			}
+ 		    } else {
+ 			if (defined($token->[2]->{'name'})) {
+ 			    $unikey.='_'.$token->[2]->{'name'};
+ 			}
+ 			$metathesekeys{$unikey}=1;
+ 			foreach (@{$token->[3]}) {
+ 			    $metacache{$uri.':'.$unikey.'.'.$_}=$token->[2]->{$_};
+ 			}
+ 			my $internaltext=&HTML::Entities::decode($parser->get_text('/'.$entry));
+ 			my $default=$metacache{$uri.':'.$unikey.'.default'};
+ 			if ( $internaltext =~ /^\s*$/ && $default !~ /^\s*$/) {
+ 		 # only ws inside the tag, and not in default, so use default
+ 		 # as value
+ 			    $metacache{$uri.':'.$unikey}=$default;
+ 			} else {
+ 		  # either something interesting inside the tag or default
+                   # uninteresting
+ 			    $metacache{$uri.':'.$unikey}=$internaltext;
+ 			}
+ # end of not-a-package not-a-library import
+ 		    }
+ # end of not-a-package start tag
+ 		}
+ # the next is the end of "start tag"
  	    }
- 	 }
+ 	}
-        }
+ # are there custom rights to evaluate
-        $metacache{$uri.':keys'}=join(',',keys %metathesekeys);
+ 	if ($metacache{$uri.':copyright'} eq 'custom') {
+     #
+     # Importing a rights file here
+     #
+ 	    unless ($depthcount) {
+ 		my $location=$metacache{$uri.':customdistributionfile'};
+ 		my $dir=$filename;
+ 		$dir=~s|[^/]*$||;
+ 		$location=&filelocation($dir,$location);
+ 		foreach (sort(split(/\,/,&metadata($uri,'keys',
+ 						   $location,'_rights',
+ 						   $depthcount+1)))) {
+ 		    $metathesekeys{$_}=1;
+ 		}
+ 	    }
+ 	}
+ 	$metacache{$uri.':keys'}=join(',',keys %metathesekeys);
+ 	&metadata_generate_part0(\%metathesekeys,\%metacache,$uri);
+ 	$metacache{$uri.':allpossiblekeys'}=join(',',keys %metathesekeys);
+ 	$metacache{$uri.':cachedtimestamp'}=time;
+ # this is the end of "was not already recently cached
      }
      return $metacache{$uri.':'.$what};
  }
+ sub metadata_generate_part0 {
+     my ($metadata,$metacache,$uri) = @_;
+     my %allnames;
+     foreach my $metakey (sort keys %$metadata) {
+ 	if ($metakey=~/^parameter\_(.*)/) {
+ 	  my $part=$$metacache{$uri.':'.$metakey.'.part'};
+ 	  my $name=$$metacache{$uri.':'.$metakey.'.name'};
+ 	  if (! exists($$metadata{'parameter_0_'.$name.'.name'})) {
+ 	    $allnames{$name}=$part;
+ 	  }
+ 	}
+     }
+     foreach my $name (keys(%allnames)) {
+       $$metadata{"parameter_0_$name"}=1;
+       my $key="$uri:parameter_0_$name";
+       $$metacache{"$key.part"}='0';
+       $$metacache{"$key.name"}=$name;
+       $$metacache{"$key.type"}=$$metacache{$uri.':parameter_'.
+ 					   $allnames{$name}.'_'.$name.
+ 					   '.type'};
+       my $olddis=$$metacache{$uri.':parameter_'.$allnames{$name}.'_'.$name.
+ 			     '.display'};
+       my $expr='\\[Part: '.$allnames{$name}.'\\]';
+       $olddis=~s/$expr/\[Part: 0\]/;
+       $$metacache{"$key.display"}=$olddis;
+     }
+ }
+ # ------------------------------------------------- Get the title of a resource
+ sub gettitle {
+     my $urlsymb=shift;
+     my $symb=&symbread($urlsymb);
+     unless ($symb) {
+ 	unless ($urlsymb) { $urlsymb=$ENV{'request.filename'}; }
+         return &metadata($urlsymb,'title');
+     }
+     if ($titlecache{$symb}) {
+ 	if (time < ($titlecache{$symb}[1] + 600)) {
+ 	    return $titlecache{$symb}[0];
+ 	} else {
+ 	    delete($titlecache{$symb});
+ 	}
+     }
+     my ($map,$resid,$url)=split(/\_\_\_/,$symb);
+     my $title='';
+     my %bighash;
+     if (tie(%bighash,'GDBM_File',$ENV{'request.course.fn'}.'.db',
+                             &GDBM_READER(),0640)) {
+         my $mapid=$bighash{'map_pc_'.&clutter($map)};
+         $title=$bighash{'title_'.$mapid.'.'.$resid};
+         untie %bighash;
+     }
+     $title=~s/\&colon\;/\:/gs;
+     if ($title) {
+         $titlecache{$symb}=[$title,time];
+         return $title;
+     } else {
+ 	return &metadata($urlsymb,'title');
+     }
+ }
  # ------------------------------------------------- Update symbolic store links
  sub symblist {
- Line 2112  sub symblist {
+ Line 3691  sub symblist {
      my %hash;
      if (($ENV{'request.course.fn'}) && (%newhash)) {
          if (tie(%hash,'GDBM_File',$ENV{'request.course.fn'}.'_symb.db',
-                       &GDBM_WRCREAT,0640)) {
+                       &GDBM_WRCREAT(),0640)) {
- 	    map {
+ 	    foreach (keys %newhash) {
                  $hash{declutter($_)}=$mapname.'___'.$newhash{$_};
-             } keys %newhash;
+             }
              if (untie(%hash)) {
  		return 'ok';
              }
- Line 2124  sub symblist {
+ Line 3703  sub symblist {
      return 'error';
  }
+ # --------------------------------------------------------------- Verify a symb
+ sub symbverify {
+     my ($symb,$thisfn)=@_;
+     $thisfn=&declutter($thisfn);
+ # direct jump to resource in page or to a sequence - will construct own symbs
+     if ($thisfn=~/\.(page|sequence)$/) { return 1; }
+ # check URL part
+     my ($map,$resid,$url)=split(/\_\_\_/,$symb);
+     unless (&symbclean($url) eq &symbclean($thisfn)) { return 0; }
+     $symb=&symbclean($symb);
+     my %bighash;
+     my $okay=0;
+     if (tie(%bighash,'GDBM_File',$ENV{'request.course.fn'}.'.db',
+                             &GDBM_READER(),0640)) {
+         my $ids=$bighash{'ids_'.&clutter($thisfn)};
+         unless ($ids) {
+            $ids=$bighash{'ids_/'.$thisfn};
+         }
+         if ($ids) {
+ # ------------------------------------------------------------------- Has ID(s)
+ 	    foreach (split(/\,/,$ids)) {
+                my ($mapid,$resid)=split(/\./,$_);
+                if (
+   &symbclean(&declutter($bighash{'map_id_'.$mapid}).'___'.$resid.'___'.$thisfn)
+    eq $symb) {
+                   $okay=1;
+                }
+ 	   }
+         }
+ 	untie(%bighash);
+     }
+     return $okay;
+ }
+ # --------------------------------------------------------------- Clean-up symb
+ sub symbclean {
+     my $symb=shift;
+ # remove version from map
+     $symb=~s/\.(\d+)\.(\w+)\_\_\_/\.$2\_\_\_/;
+ # remove version from URL
+     $symb=~s/\.(\d+)\.(\w+)$/\.$2/;
+     return $symb;
+ }
  # ------------------------------------------------------ Return symb list entry
  sub symbread {
-     my $thisfn=shift;
+     my ($thisfn,$donotrecurse)=@_;
+ # no filename provided? try from environment
      unless ($thisfn) {
+         if ($ENV{'request.symb'}) { return &symbclean($ENV{'request.symb'}); }
  	$thisfn=$ENV{'request.filename'};
      }
+ # is that filename actually a symb? Verify, clean, and return
+     if ($thisfn=~/\_\_\_\d+\_\_\_(.*)$/) {
+ 	if (&symbverify($thisfn,$1)) { return &symbclean($thisfn); }
+     }
      $thisfn=declutter($thisfn);
      my %hash;
      my %bighash;
      my $syval='';
      if (($ENV{'request.course.fn'}) && ($thisfn)) {
          if (tie(%hash,'GDBM_File',$ENV{'request.course.fn'}.'_symb.db',
-                       &GDBM_READER,0640)) {
+                       &GDBM_READER(),0640)) {
  	    $syval=$hash{$thisfn};
              untie(%hash);
          }
- Line 2153  sub symbread {
+ Line 3789  sub symbread {
          } else {
  # ------------------------------------------------------- Was not in symb table
             if (tie(%bighash,'GDBM_File',$ENV{'request.course.fn'}.'.db',
-                             &GDBM_READER,0640)) {
+                             &GDBM_READER(),0640)) {
  # ---------------------------------------------- Get ID(s) for current resource
-               my $ids=$bighash{'ids_/res/'.$thisfn};
+               my $ids=$bighash{'ids_'.&clutter($thisfn)};
                unless ($ids) {
                   $ids=$bighash{'ids_/'.$thisfn};
                }
+               unless ($ids) {
+ # alias?
+ 		  $ids=$bighash{'mapalias_'.$thisfn};
+               }
                if ($ids) {
  # ------------------------------------------------------------------- Has ID(s)
                   my @possibilities=split(/\,/,$ids);
- Line 2166  sub symbread {
+ Line 3806  sub symbread {
  # ----------------------------------------------- There is only one possibility
  		     my ($mapid,$resid)=split(/\./,$ids);
                       $syval=declutter($bighash{'map_id_'.$mapid}).'___'.$resid;
-                  } else {
+                  } elsif (!$donotrecurse) {
  # ------------------------------------------ There is more than one possibility
                       my $realpossible=0;
-                      map {
+                      foreach (@possibilities) {
  			 my $file=$bighash{'src_'.$_};
                           if (&allowed('bre',$file)) {
           		    my ($mapid,$resid)=split(/\./,$_);
- Line 2179  sub symbread {
+ Line 3819  sub symbread {
                                         '___'.$resid;
                              }
  			 }
-                      } @possibilities;
+                      }
  		     if ($realpossible!=1) { $syval=''; }
+                  } else {
+                      $syval='';
                   }
  	      }
                untie(%bighash)
             }
          }
          if ($syval) {
-            return $syval.'___'.$thisfn;
+            return &symbclean($syval.'___'.$thisfn);
          }
      }
      &appenv('request.ambiguous' => $thisfn);
- Line 2206  sub numval {
+ Line 3848  sub numval {
      $txt=~tr/u-z/0-5/;
      $txt=~s/\D//g;
      return int($txt);
  }
+ sub latest_rnd_algorithm_id {
+     return '64bit';
+ }
  sub rndseed {
      my ($symb,$courseid,$domain,$username)=@_;
+     my ($wsymb,$wcourseid,$wdomain,$wusername)=&Apache::lonxml::whichuser();
      if (!$symb) {
-       unless ($symb=&symbread()) { return time; }
+ 	unless ($symb=$wsymb) { return time; }
+     }
+     if (!$courseid) { $courseid=$wcourseid; }
+     if (!$domain) { $domain=$wdomain; }
+     if (!$username) { $username=$wusername }
+     my $which=$ENV{"course.$courseid.rndseed"};
+     my $CODE=$ENV{'scantron.CODE'};
+     if (defined($CODE)) {
+ 	&rndseed_CODE_64bit($symb,$courseid,$domain,$username);
+     } elsif ($which eq '64bit') {
+ 	return &rndseed_64bit($symb,$courseid,$domain,$username);
+     }
+     return &rndseed_32bit($symb,$courseid,$domain,$username);
+ }
+ sub rndseed_32bit {
+     my ($symb,$courseid,$domain,$username)=@_;
+     {
+ 	use integer;
+ 	my $symbchck=unpack("%32C*",$symb) << 27;
+ 	my $symbseed=numval($symb) << 22;
+ 	my $namechck=unpack("%32C*",$username) << 17;
+ 	my $nameseed=numval($username) << 12;
+ 	my $domainseed=unpack("%32C*",$domain) << 7;
+ 	my $courseseed=unpack("%32C*",$courseid);
+ 	my $num=$symbseed+$nameseed+$domainseed+$courseseed+$namechck+$symbchck;
+ 	#&Apache::lonxml::debug("$symbseed:$nameseed;$domainseed|$courseseed;$namechck:$symbchck");
+ 	#&Apache::lonxml::debug("rndseed :$num:$symb");
+ 	return $num;
+     }
+ }
+ sub rndseed_64bit {
+     my ($symb,$courseid,$domain,$username)=@_;
+     {
+ 	use integer;
+ 	my $symbchck=unpack("%32S*",$symb) << 21;
+ 	my $symbseed=numval($symb) << 10;
+ 	my $namechck=unpack("%32S*",$username);
+ 	my $nameseed=numval($username) << 21;
+ 	my $domainseed=unpack("%32S*",$domain) << 10;
+ 	my $courseseed=unpack("%32S*",$courseid);
+ 	my $num1=$symbchck+$symbseed+$namechck;
+ 	my $num2=$nameseed+$domainseed+$courseseed;
+ 	#&Apache::lonxml::debug("$symbseed:$nameseed;$domainseed|$courseseed;$namechck:$symbchck");
+ 	#&Apache::lonxml::debug("rndseed :$num:$symb");
+ 	return "$num1,$num2";
      }
-     if (!$courseid) { $courseid=$ENV{'request.course.id'};}
+ }
-     if (!$domain) {$domain=$ENV{'user.domain'};}
-     if (!$username) {$username=$ENV{'user.name'};}
+ sub rndseed_CODE_64bit {
+     my ($symb,$courseid,$domain,$username)=@_;
      {
-       use integer;
+ 	use integer;
-       my $symbchck=unpack("%32C*",$symb) << 27;
+ 	my $symbchck=unpack("%32S*",$symb) << 16;
-       my $symbseed=numval($symb) << 22;
+ 	my $symbseed=numval($symb);
-       my $namechck=unpack("%32C*",$username) << 17;
+ 	my $CODEseed=numval($ENV{'scantron.CODE'}) << 16;
-       my $nameseed=numval($username) << 12;
+ 	my $courseseed=unpack("%32S*",$courseid);
-       my $domainseed=unpack("%32C*",$domain) << 7;
+ 	my $num1=$symbseed+$CODEseed;
-       my $courseseed=unpack("%32C*",$courseid);
+ 	my $num2=$courseseed+$symbchck;
-       my $num=$symbseed+$nameseed+$domainseed+$courseseed+$namechck+$symbchck;
+ 	#&Apache::lonxml::debug("$symbseed:$CODEseed|$courseseed:$symbchck");
-       #uncommenting these lines can break things!
+ 	#&Apache::lonxml::debug("rndseed :$num1:$num2:$symb");
-       #&Apache::lonxml::debug("$symbseed:$nameseed;$domainseed|$courseseed;$namechck:$symbchck");
+ 	return "$num1,$num2";
-       #&Apache::lonxml::debug("rndseed :$num:$symb");
+     }
-       return $num;
+ }
+ sub setup_random_from_rndseed {
+     my ($rndseed)=@_;
+     if ($rndseed =~/,/) {
+ 	my ($num1,$num2)=split(/,/,$rndseed);
+ 	&Math::Random::random_set_seed(abs($num1),abs($num2));
+     } else {
+ 	&Math::Random::random_set_seed_from_phrase($rndseed);
      }
  }
- Line 2249  sub ireceipt {
+ Line 3954  sub ireceipt {
  }
  sub receipt {
-     return &ireceipt($ENV{'user.name'},$ENV{'user.domain'},
+   my ($symb,$courseid,$domain,$name) = &Apache::lonxml::whichuser();
-                      $ENV{'request.course.id'},&symbread());
+   return &ireceipt($name,$domain,$courseid,$symb);
  }
  # ------------------------------------------------------------ Serves up a file
  # returns either the contents of the file or a -1
  sub getfile {
-   my $file=shift;
+  my $file=shift;
+  if ($file=~/^\/*uploaded\//) { # user file
+     my $ua=new LWP::UserAgent;
+     my $request=new HTTP::Request('GET',&tokenwrapper($file));
+     my $response=$ua->request($request);
+     if ($response->is_success()) {
+        return $response->content;
+     } else {
+        return -1;
+     }
+  } else { # normal file from res space
    &repcopy($file);
    if (! -e $file ) { return -1; };
    my $fh=Apache::File->new($file);
    my $a='';
    while (<$fh>) { $a .=$_; }
-   return $a
+   return $a;
+  }
  }
  sub filelocation {
- Line 2272  sub filelocation {
+ Line 3988  sub filelocation {
    if ($file=~m:^/~:) { # is a contruction space reference
      $location = $file;
      $location =~ s:/~(.*?)/(.*):/home/$1/public_html/$2:;
+   } elsif ($file=~/^\/*uploaded/) { # is an uploaded file
+     $location=$file;
    } else {
      $file=~s/^$perlvar{'lonDocRoot'}//;
      $file=~s:^/*res::;
- Line 2288  sub filelocation {
+ Line 4006  sub filelocation {
  sub hreflocation {
      my ($dir,$file)=@_;
-     unless (($_=~/^http:\/\//i) || ($_=~/^\//)) {
+     unless (($file=~/^http:\/\//i) || ($file=~/^\//)) {
         my $finalpath=filelocation($dir,$file);
         $finalpath=~s/^\/home\/httpd\/html//;
+        $finalpath=~s-/home/(\w+)/public_html/-/~$1/-;
         return $finalpath;
      } else {
         return $file;
- Line 2304  sub declutter {
+ Line 4023  sub declutter {
      $thisfn=~s/^$perlvar{'lonDocRoot'}//;
      $thisfn=~s/^\///;
      $thisfn=~s/^res\///;
+     $thisfn=~s/\?.+$//;
+     return $thisfn;
+ }
+ # ------------------------------------------------------------- Clutter up URLs
+ sub clutter {
+     my $thisfn='/'.&declutter(shift);
+     unless ($thisfn=~/^\/(uploaded|adm|userfiles|ext|raw|priv)\//) {
+        $thisfn='/res'.$thisfn;
+     }
      return $thisfn;
  }
- Line 2325  sub unescape {
+ Line 4055  sub unescape {
  # ================================================================ Main Program
- sub BEGIN {
+ sub goodbye {
- unless ($readit) {
+    &logthis("Starting Shut down");
- # ------------------------------------------------------------ Read access.conf
+    &flushcourselogs();
+    &logthis("Shutting down");
+    return DONE;
+ }
+ BEGIN {
+ # ----------------------------------- Read loncapa.conf and loncapa_apache.conf
+     unless ($readit) {
+ {
+     my $config=Apache::File->new("/etc/httpd/conf/loncapa.conf");
+     while (my $configline=<$config>) {
+         if ($configline =~ /^[^\#]*PerlSetVar/) {
+ 	   my ($dummy,$varname,$varvalue)=split(/\s+/,$configline);
+            chomp($varvalue);
+            $perlvar{$varname}=$varvalue;
+         }
+     }
+ }
  {
-     my $config=Apache::File->new("/etc/httpd/conf/access.conf");
+     my $config=Apache::File->new("/etc/httpd/conf/loncapa_apache.conf");
      while (my $configline=<$config>) {
-         if ($configline =~ /PerlSetVar/) {
+         if ($configline =~ /^[^\#]*PerlSetVar/) {
  	   my ($dummy,$varname,$varvalue)=split(/\s+/,$configline);
             chomp($varvalue);
             $perlvar{$varname}=$varvalue;
- Line 2340  unless ($readit) {
+ Line 4088  unless ($readit) {
      }
  }
+ # ------------------------------------------------------------ Read domain file
+ {
+     my $fh=Apache::File->new($Apache::lonnet::perlvar{'lonTabDir'}.
+                             '/domain.tab');
+     %domaindescription = ();
+     %domain_auth_def = ();
+     %domain_auth_arg_def = ();
+     if ($fh) {
+        while (<$fh>) {
+            next if /^\#/;
+            chomp;
+            my ($domain, $domain_description, $def_auth, $def_auth_arg)
+                = split(/:/,$_,4);
+            $domain_auth_def{$domain}=$def_auth;
+            $domain_auth_arg_def{$domain}=$def_auth_arg;
+            $domaindescription{$domain}=$domain_description;
+ #          &logthis("Domain.tab: $domain, $domain_auth_def{$domain}, $domain_auth_arg_def{$domain},$domaindescription{$domain}");
+ #          &logthis("Domain.tab: $domain ".$domaindescription{$domain} );
+        }
+     }
+ }
  # ------------------------------------------------------------- Read hosts file
  {
      my $config=Apache::File->new("$perlvar{'lonTabDir'}/hosts.tab");
      while (my $configline=<$config>) {
+        next if ($configline =~ /^(\#|\s*$)/);
         chomp($configline);
-        my ($id,$domain,$role,$name,$ip)=split(/:/,$configline);
+        my ($id,$domain,$role,$name,$ip,$domdescr)=split(/:/,$configline);
-        $hostname{$id}=$name;
+        if ($id && $domain && $role && $name && $ip) {
-        $hostdom{$id}=$domain;
+ 	 $hostname{$id}=$name;
-        $hostip{$id}=$ip;
+ 	 $hostdom{$id}=$domain;
-        if ($role eq 'library') { $libserv{$id}=$name; }
+ 	 $hostip{$id}=$ip;
+ 	 $iphost{$ip}=$id;
+ 	 if ($role eq 'library') { $libserv{$id}=$name; }
+        } else {
+ 	 if ($configline) {
+ 	   &logthis("Skipping hosts.tab line -$configline-");
+ 	 }
+        }
      }
  }
- Line 2360  unless ($readit) {
+ Line 4139  unless ($readit) {
      while (my $configline=<$config>) {
         chomp($configline);
-        if (($configline) && ($configline ne $perlvar{'lonHostID'})) {
+        if ($configline) {
            $spareid{$configline}=1;
         }
      }
- Line 2406  unless ($readit) {
+ Line 4185  unless ($readit) {
      }
  }
- # ------------------------------------------------------------- Read file types
+ # ------------- set up temporary directory
  {
-     my $config=Apache::File->new("$perlvar{'lonTabDir'}/filetypes.tab");
+     $tmpdir = $perlvar{'lonDaemons'}.'/tmp/';
-     while (my $configline=<$config>) {
-        chomp($configline);
-        my ($ending,$emb,@descr)=split(/\s+/,$configline);
-        if ($descr[0] ne '') {
-          $fe{$ending}=$emb;
-          $fd{$ending}=join(' ',@descr);
-        }
-     }
  }
  %metacache=();
- $readit='done';
+ $processmarker='_'.time.'_'.$perlvar{'lonHostID'};
+ $dumpcount=0;
+ &logtouch();
  &logthis('<font color=yellow>INFO: Read configuration</font>');
+ $readit=1;
  }
  }
 ;
+ __END__
+ =pod
+ =head1 NAME
+ Apache::lonnet - Subroutines to ask questions about things in the network.
+ =head1 SYNOPSIS
+ Invoked by other LON-CAPA modules, when they need to talk to or about objects in the network.
+  &Apache::lonnet::SUBROUTINENAME(ARGUMENTS);
+ Common parameters:
+ =over 4
+ =item *
+ $uname : an internal username (if $cname expecting a course Id specifically)
+ =item *
+ $udom : a domain (if $cdom expecting a course's domain specifically)
+ =item *
+ $symb : a resource instance identifier
+ =item *
+ $namespace : the name of a .db file that contains the data needed or
+ being set.
+ =back
+ =head1 INTRODUCTION
+ This module provides subroutines which interact with the
+ lonc/lond (TCP) network layer of LON-CAPA. And Can be used to ask about
+ - classes
+ - users
+ - resources
+ For many of these objects you can also use this to store data about
+ them or modify them in various ways.
+ This is part of the LearningOnline Network with CAPA project
+ described at http://www.lon-capa.org.
+ =head1 RETURN MESSAGES
+ =over 4
+ =item *
+ con_lost : unable to contact remote host
+ =item *
+ con_delayed : unable to contact remote host, message will be delivered
+ when the connection is brought back up
+ =item *
+ con_failed : unable to contact remote host and unable to save message
+ for later delivery
+ =item *
+ error: : an error a occured, a description of the error follows the :
+ =item *
+ no_such_host : unable to fund a host associated with the user/domain
+ that was requested
+ =back
+ =head1 PUBLIC SUBROUTINES
+ =head2 Session Environment Functions
+ =over 4
+ =item *
+ appenv(%hash) : the value of %hash is written to the user envirnoment
+ file, and will be restored for each access this user makes during this
+ session, also modifies the %ENV for the current process
+ =item *
+ delenv($regexp) : removes all items from the session environment file that matches the regular expression in $regexp. The values are also delted from the current processes %ENV.
+ =back
+ =head2 User Information
+ =over 4
+ =item *
+ queryauthenticate($uname,$udom) : try to determine user's current
+ authentication scheme
+ =item *
+ authenticate($uname,$upass,$udom) : try to authenticate user from domain's lib
+ servers (first use the current one), $upass should be the users password
+ =item *
+ homeserver($uname,$udom) : find the server which has the user's
+ directory and files (there must be only one), this caches the answer,
+ and also caches if there is a borken connection.
+ =item *
+ idget($udom,@ids) : find the usernames behind a list of IDs (IDs are a
+ unique resource in a domain, there must be only 1 ID per username, and
+ only 1 username per ID in a specific domain) (returns hash:
+ id=>name,id=>name)
+ =item *
+ idrget($udom,@unames) : find the IDs behind a list of usernames (returns hash:
+ name=>id,name=>id)
+ =item *
+ idput($udom,%ids) : store away a list of names and associated IDs
+ =item *
+ rolesinit($udom,$username,$authhost) : get user privileges
+ =item *
+ usection($udom,$uname,$cname) : finds the section of student in the
+ course $cname, return section name/number or '' for "not in course"
+ and '-1' for "no section"
+ =item *
+ userenvironment($udom,$uname,@what) : gets the values of the keys
+ passed in @what from the requested user's environment, returns a hash
+ =back
+ =head2 User Roles
+ =over 4
+ =item *
+ allowed($priv,$uri) : check for a user privilege; returns codes for allowed
+ actions
+  F: full access
+  U,I,K: authentication modes (cxx only)
+  '': forbidden
+: user needs to choose course
+: browse allowed
+ =item *
+ definerole($rolename,$sysrole,$domrole,$courole) : define role; define a custom
+ role rolename set privileges in format of lonTabs/roles.tab for system, domain,
+ and course level
+ =item *
+ plaintext($short) : return value in %prp hash (rolesplain.tab); plain text
+ explanation of a user role term
+ =back
+ =head2 User Modification
+ =over 4
+ =item *
+ assignrole($udom,$uname,$url,$role,$end,$start) : assign role; give a role to a
+ user for the level given by URL.  Optional start and end dates (leave empty
+ string or zero for "no date")
+ =item *
+ changepass($uname,$udom,$currentpass,$newpass,$server) : attempts to
+ change a users, password, possible return values are: ok,
+ pwchange_failure, non_authorized, auth_mode_error, unknown_user,
+ refused
+ =item *
+ modifyuserauth($udom,$uname,$umode,$upass) : modify user authentication
+ =item *
+ modifyuser($udom,$uname,$uid,$umode,$upass,$first,$middle,$last,$gene) :
+ modify user
+ =item *
+ modifystudent
+ modify a students enrollment and identification information.
+ The course id is resolved based on the current users environment.
+ This means the envoking user must be a course coordinator or otherwise
+ associated with a course.
+ This call is essentially a wrapper for lonnet::modifyuser and
+ lonnet::modify_student_enrollment
+ Inputs:
+ =over 4
+ =item B<$udom> Students loncapa domain
+ =item B<$uname> Students loncapa login name
+ =item B<$uid> Students id/student number
+ =item B<$umode> Students authentication mode
+ =item B<$upass> Students password
+ =item B<$first> Students first name
+ =item B<$middle> Students middle name
+ =item B<$last> Students last name
+ =item B<$gene> Students generation
+ =item B<$usec> Students section in course
+ =item B<$end> Unix time of the roles expiration
+ =item B<$start> Unix time of the roles start date
+ =item B<$forceid> If defined, allow $uid to be changed
+ =item B<$desiredhome> server to use as home server for student
+ =back
+ =item *
+ modify_student_enrollment
+ Change a students enrollment status in a class.  The environment variable
+ 'role.request.course' must be defined for this function to proceed.
+ Inputs:
+ =over 4
+ =item $udom, students domain
+ =item $uname, students name
+ =item $uid, students user id
+ =item $first, students first name
+ =item $middle
+ =item $last
+ =item $gene
+ =item $usec
+ =item $end
+ =item $start
+ =back
+ =item *
+ assigncustomrole($udom,$uname,$url,$rdom,$rnam,$rolename,$end,$start) : assign
+ custom role; give a custom role to a user for the level given by URL.  Specify
+ name and domain of role author, and role name
+ =item *
+ revokerole($udom,$uname,$url,$role) : revoke a role for url
+ =item *
+ revokecustomrole($udom,$uname,$url,$role) : revoke a custom role
+ =back
+ =head2 Course Infomation
+ =over 4
+ =item *
+ coursedescription($courseid) : course description
+ =item *
+ courseresdata($coursenum,$coursedomain,@which) : request for current
+ parameter setting for a specific course, @what should be a list of
+ parameters to ask about. This routine caches answers for 5 minutes.
+ =back
+ =head2 Course Modification
+ =over 4
+ =item *
+ writecoursepref($courseid,%prefs) : write preferences (environment
+ database) for a course
+ =item *
+ createcourse($udom,$description,$url) : make/modify course
+ =back
+ =head2 Resource Subroutines
+ =over 4
+ =item *
+ subscribe($fname) : subscribe to a resource, returns URL if possible (probably should use repcopy instead)
+ =item *
+ repcopy($filename) : subscribes to the requested file, and attempts to
+ replicate from the owning library server, Might return
+ HTTP_SERVICE_UNAVAILABLE, HTTP_NOT_FOUND, FORBIDDEN, OK, or
+ HTTP_BAD_REQUEST, also attempts to grab the metadata for the
+ resource. Expects the local filesystem pathname
+ (/home/httpd/html/res/....)
+ =back
+ =head2 Resource Information
+ =over 4
+ =item *
+ EXT($varname,$symb,$udom,$uname) : evaluates and returns the value of
+ a vairety of different possible values, $varname should be a request
+ string, and the other parameters can be used to specify who and what
+ one is asking about.
+ Possible values for $varname are environment.lastname (or other item
+ from the envirnment hash), user.name (or someother aspect about the
+ user), resource.0.maxtries (or some other part and parameter of a
+ resource)
+ =item *
+ directcondval($number) : get current value of a condition; reads from a state
+ string
+ =item *
+ condval($condidx) : value of condition index based on state
+ =item *
+ metadata($uri,$what,$liburi,$prefix,$depthcount) : request a
+ resource's metadata, $what should be either a specific key, or either
+ 'keys' (to get a list of possible keys) or 'packages' to get a list of
+ packages that this resource currently uses, the last 3 arguments are only used internally for recursive metadata.
+ this function automatically caches all requests
+ =item *
+ metadata_query($query,$custom,$customshow) : make a metadata query against the
+ network of library servers; returns file handle of where SQL and regex results
+ will be stored for query
+ =item *
+ symbread($filename) : return symbolic list entry (filename argument optional);
+ returns the data handle
+ =item *
+ symbverify($symb,$thisfn) : verifies that $symb actually exists and is
+ a possible symb for the URL in $thisfn, returns a 1 on success, 0 on
+ failure, user must be in a course, as it assumes the existance of the
+ course initi hash, and uses $ENV('request.course.id'}
+ =item *
+ symbclean($symb) : removes versions numbers from a symb, returns the
+ cleaned symb
+ =item *
+ is_on_map($uri) : checks if the $uri is somewhere on the current
+ course map, user must be in a course for it to work.
+ =item *
+ numval($salt) : return random seed value (addend for rndseed)
+ =item *
+ rndseed($symb,$courseid,$udom,$uname) : create a random sum; returns
+ a random seed, all arguments are optional, if they aren't sent it uses the
+ environment to derive them. Note: if symb isn't sent and it can't get one
+ from &symbread it will use the current time as its return value
+ =item *
+ ireceipt($funame,$fudom,$fucourseid,$fusymb) : return unique,
+ unfakeable, receipt
+ =item *
+ receipt() : API to ireceipt working off of ENV values; given out to users
+ =item *
+ countacc($url) : count the number of accesses to a given URL
+ =item *
+ checkout($symb,$tuname,$tudom,$tcrsid) :  creates a record of a user having looked at an item, most likely printed out or otherwise using a resource
+ =item *
+ checkin($token) : updates that a resource has beeen returned (a hard copy version for instance) and returns the data that $token was Checkout with ($symb, $tuname, $tudom, and $tcrsid)
+ =item *
+ expirespread($uname,$udom,$stype,$usymb) : set expire date for spreadsheet
+ =item *
+ devalidate($symb) : devalidate temporary spreadsheet calculations,
+ forcing spreadsheet to reevaluate the resource scores next time.
+ =back
+ =head2 Storing/Retreiving Data
+ =over 4
+ =item *
+ store($storehash,$symb,$namespace,$udom,$uname) : stores hash permanently
+ for this url; hashref needs to be given and should be a \%hashname; the
+ remaining args aren't required and if they aren't passed or are '' they will
+ be derived from the ENV
+ =item *
+ cstore($storehash,$symb,$namespace,$udom,$uname) : same as store but
+ uses critical subroutine
+ =item *
+ restore($symb,$namespace,$udom,$uname) : returns hash for this symb;
+ all args are optional
+ =item *
+ tmpstore($storehash,$symb,$namespace,$udom,$uname) : storage that
+ works very similar to store/cstore, but all data is stored in a
+ temporary location and can be reset using tmpreset, $storehash should
+ be a hash reference, returns nothing on success
+ =item *
+ tmprestore($symb,$namespace,$udom,$uname) : storage that works very
+ similar to restore, but all data is stored in a temporary location and
+ can be reset using tmpreset. Returns a hash of values on success,
+ error string otherwise.
+ =item *
+ tmpreset($symb,$namespace,$udom,$uname) : temporary storage reset,
+ deltes all keys for $symb form the temporary storage hash.
+ =item *
+ get($namespace,$storearr,$udom,$uname) : returns hash with keys from array
+ reference filled in from namesp ($udom and $uname are optional)
+ =item *
+ del($namespace,$storearr,$udom,$uname) : deletes keys out of array from
+ namesp ($udom and $uname are optional)
+ =item *
+ dump($namespace,$udom,$uname,$regexp) :
+ dumps the complete (or key matching regexp) namespace into a hash
+ ($udom, $uname and $regexp are optional)
+ =item *
+ put($namespace,$storehash,$udom,$uname) : stores hash in namesp
+ ($udom and $uname are optional)
+ =item *
+ cput($namespace,$storehash,$udom,$uname) : critical put
+ ($udom and $uname are optional)
+ =item *
+ eget($namespace,$storearr,$udom,$uname) : returns hash with keys from array
+ reference filled in from namesp (encrypts the return communication)
+ ($udom and $uname are optional)
+ =item *
+ log($udom,$name,$home,$message) : write to permanent log for user; use
+ critical subroutine
+ =back
+ =head2 Network Status Functions
+ =over 4
+ =item *
+ dirlist($uri) : return directory list based on URI
+ =item *
+ spareserver() : find server with least workload from spare.tab
+ =back
+ =head2 Apache Request
+ =over 4
+ =item *
+ ssi($url,%hash) : server side include, does a complete request cycle on url to
+ localhost, posts hash
+ =back
+ =head2 Data to String to Data
+ =over 4
+ =item *
+ hash2str(%hash) : convert a hash into a string complete with escaping and '='
+ and '&' separators, supports elements that are arrayrefs and hashrefs
+ =item *
+ hashref2str($hashref) : convert a hashref into a string complete with
+ escaping and '=' and '&' separators, supports elements that are
+ arrayrefs and hashrefs
+ =item *
+ arrayref2str($arrayref) : convert an arrayref into a string complete
+ with escaping and '&' separators, supports elements that are arrayrefs
+ and hashrefs
+ =item *
+ str2hash($string) : convert string to hash using unescaping and
+ splitting on '=' and '&', supports elements that are arrayrefs and
+ hashrefs
+ =item *
+ str2array($string) : convert string to hash using unescaping and
+ splitting on '&', supports elements that are arrayrefs and hashrefs
+ =back
+ =head2 Logging Routines
+ =over 4
+ These routines allow one to make log messages in the lonnet.log and
+ lonnet.perm logfiles.
+ =item *
+ logtouch() : make sure the logfile, lonnet.log, exists
+ =item *
+ logthis() : append message to the normal lonnet.log file, it gets
+ preiodically rolled over and deleted.
+ =item *
+ logperm() : append a permanent message to lonnet.perm.log, this log
+ file never gets deleted by any automated portion of the system, only
+ messages of critical importance should go in here.
+ =back
+ =head2 General File Helper Routines
+ =over 4
+ =item *
+ getfile($file) : returns the entire contents of a file or -1; it
+ properly subscribes to and replicates the file if neccessary.
+ =item *
+ filelocation($dir,$file) : returns file system location of a file
+ based on URI; meant to be "fairly clean" absolute reference, $dir is a
+ directory that relative $file lookups are to looked in ($dir of /a/dir
+ and a file of ../bob will become /a/bob)
+ =item *
+ hreflocation($dir,$file) : returns file system location or a URL; same as
+ filelocation except for hrefs
+ =item *
+ declutter() : declutters URLs (remove docroot, beginning slashes, 'res' etc)
+ =back
+ =head2 HTTP Helper Routines
+ =over 4
+ =item *
+ escape() : unpack non-word characters into CGI-compatible hex codes
+ =item *
+ unescape() : pack CGI-compatible hex codes into actual non-word ASCII character
+ =back
+ =head1 PRIVATE SUBROUTINES
+ =head2 Underlying communication routines (Shouldn't call)
+ =over 4
+ =item *
+ subreply() : tries to pass a message to lonc, returns con_lost if incapable
+ =item *
+ reply() : uses subreply to send a message to remote machine, logs all failures
+ =item *
+ critical() : passes a critical message to another server; if cannot
+ get through then place message in connection buffer directory and
+ returns con_delayed, if incapable of saving message, returns
+ con_failed
+ =item *
+ reconlonc() : tries to reconnect lonc client processes.
+ =back
+ =head2 Resource Access Logging
+ =over 4
+ =item *
+ flushcourselogs() : flush (save) buffer logs and access logs
+ =item *
+ courselog($what) : save message for course in hash
+ =item *
+ courseacclog($what) : save message for course using &courselog().  Perform
+ special processing for specific resource types (problems, exams, quizzes, etc).
+ =item *
+ goodbye() : flush course logs and log shutting down; it is called in srm.conf
+ as a PerlChildExitHandler
+ =back
+ =head2 Other
+ =over 4
+ =item *
+ symblist($mapname,%newhash) : update symbolic storage links
+ =back
+ =cut

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.162
changed lines
	Added in v.1.387