[LON-CAPA-cvs] cvs: loncom /interface lonwizard.pm

[bowersj2]

bowersj2		Fri Mar 21 13:36:40 2003 EDT

  Modified files:              
    /loncom/interface	lonwizard.pm 
  Log:
  Accidentally committed this code with lonnavmaps. This is a minor change
  so I can document the lonwizard's last commit.
  
  lonwizard now stores data in the temp directory on the server side, except
  for a couple of small pieces of information in the user-received HTML. 
  
  It is stored as if were a query-string dumped into a file. It may not scale to
  more then a couple hundred kilobytes very well, but that should do.
  
  A randomly-constructed string based on the user, the domain, the date and
  a random number is turned into an MD5 string, and that token is visibly sent
  back to the user. The actual filename is the MD5 hash of the MD5 hash, so
  we are not directly revealing a filename on the server to the user. Not likely
  to matter, but a small layer of security-through-obscurity on top of
  existing webserver security can't hurt any.
  
  Not well-tested but seems to be working, and I don't think 
  
  
  
Index: loncom/interface/lonwizard.pm
diff -u loncom/interface/lonwizard.pm:1.18 loncom/interface/lonwizard.pm:1.19
--- loncom/interface/lonwizard.pm:1.18	Thu Mar 20 13:03:14 2003
+++ loncom/interface/lonwizard.pm	Fri Mar 21 13:36:40 2003
@@ -19,8 +19,6 @@
 
 =cut
 
-# To prevent runaway file counts, this file has lonwizard,
-# lonwizstate, and other wizard classes.
 use strict;
 
 use HTML::Entities;
@@ -945,7 +943,8 @@
     my $date;
     
     # Default date: Now
-    $date = localtime($wizvars->{$var});
+    $date = localtime();
+    $date->min = 0;
 
     if (defined $self->{ERROR_MSG}) {
         $result .= '<font color="#FF0000">' . $self->{ERROR_MSG} . '</font><br /><br />';