[LON-CAPA-cvs] cvs: loncom / loncapa_apache.conf /auth lontokacc.pm /interface londocs.pm
www
lon-capa-cvs@mail.lon-capa.org
Wed, 31 Jul 2002 15:23:55 -0000
www Wed Jul 31 11:23:55 2002 EDT
Modified files:
/loncom loncapa_apache.conf
/loncom/auth lontokacc.pm
/loncom/interface londocs.pm
Log:
Token security file upload
Index: loncom/loncapa_apache.conf
diff -u loncom/loncapa_apache.conf:1.10 loncom/loncapa_apache.conf:1.11
--- loncom/loncapa_apache.conf:1.10 Wed Jul 24 16:25:23 2002
+++ loncom/loncapa_apache.conf Wed Jul 31 11:23:55 2002
@@ -1,7 +1,7 @@
##
## loncapa_apache.conf -- Apache HTTP LON-CAPA configuration file
##
-## $Id: loncapa_apache.conf,v 1.10 2002/07/24 20:25:23 www Exp $
+## $Id: loncapa_apache.conf,v 1.11 2002/07/31 15:23:55 www Exp $
##
## 1/11/2002 - Scott Harrison
## 2/19/2002 - Scott Harrison
@@ -49,6 +49,12 @@
ErrorDocument 403 /adm/login
ErrorDocument 404 /adm/notfound.html
ErrorDocument 406 /adm/roles
+ErrorDocument 500 /adm/errorhandler
+</LocationMatch>
+
+<LocationMatch "^/userfiles.*">
+PerlAccessHandler Apache::lontokacc
+ErrorDocument 404 /adm/notfound.html
ErrorDocument 500 /adm/errorhandler
</LocationMatch>
Index: loncom/auth/lontokacc.pm
diff -u loncom/auth/lontokacc.pm:1.2 loncom/auth/lontokacc.pm:1.3
--- loncom/auth/lontokacc.pm:1.2 Sat Jul 27 15:06:41 2002
+++ loncom/auth/lontokacc.pm Wed Jul 31 11:23:55 2002
@@ -2,7 +2,7 @@
# Low security Access Handler for Token-based access
# (clearance given by other loncapa host)
#
-# $Id: lontokacc.pm,v 1.2 2002/07/27 19:06:41 www Exp $
+# $Id: lontokacc.pm,v 1.3 2002/07/31 15:23:55 www Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -36,18 +36,20 @@
sub handler {
my $r = shift;
- &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},
- ['token','server']);
+ my $query=$r->args;
+ &Apache::loncommon::get_unprocessed_cgi($query,['token','server']);
my $tmpinfo='no_token';
if (($ENV{'form.token'}) || ($ENV{'form.server'})) {
$tmpinfo=&Apache::lonnet::unescape(
&Apache::lonnet::reply('tmpget:'.$ENV{'form.token'},
$ENV{'form.server'}));
- if ($tmpinfo eq $r->uri) {
+ chomp($tmpinfo);
+ my $uri=$r->uri;
+ if ($tmpinfo=~/$uri$/) {
return OK;
}
}
- $r->log_reason("Invalid token-based access ".$r->uri.' '.$tmpinfo,
+ $r->log_reason("Invalid token-based access:".$r->uri.' for '.$tmpinfo.'.',
$r->filename);
return FORBIDDEN;
}
Index: loncom/interface/londocs.pm
diff -u loncom/interface/londocs.pm:1.4 loncom/interface/londocs.pm:1.5
--- loncom/interface/londocs.pm:1.4 Wed Jul 31 10:56:36 2002
+++ loncom/interface/londocs.pm Wed Jul 31 11:23:55 2002
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Documents
#
-# $Id: londocs.pm,v 1.4 2002/07/31 14:56:36 www Exp $
+# $Id: londocs.pm,v 1.5 2002/07/31 15:23:55 www Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -90,8 +90,16 @@
foreach (sort keys (%currentdocs)) {
if ($_=~/(\d+)\_(\w+)\_(\w+)\.url/) {
$r->print('<hr>'.localtime($1).' '.$2.' '.$3.'<blockquote>'.
- $currentdocs{$1.'_'.$2.'_'.$3.'.comment'}.
- '</blockquote><a href="'.$currentdocs{$_}.'">View</a>');
+ &Apache::lontexconvert::msgtexconverted(
+ $currentdocs{$1.'_'.$2.'_'.$3.'.comment'}
+ ).
+ '</blockquote><a href="'.
+ &Apache::lonnet::tokenwrapper($currentdocs{$_}).'">View</a>');
+ if (($2 eq $ENV{'user.name'}) && ($3 eq $ENV{'user.domain'})
+ && ($allowed)) {
+ $r->print(' <a href="/adm/coursedocs?remove='.
+ $1.'_'.$2.'_'.$3.'">Remove</a>');
+ }
}
}
# ----------------------------------------------------------------- Upload form