[LON-CAPA-cvs] cvs: loncom /auth lonauth.pm lonlogin.pm lonroles.pm

raeburn raeburn@source.lon-capa.org
Wed, 22 Jul 2009 21:51:03 -0000 

raeburn		Wed Jul 22 21:51:03 2009 EDT

  Modified files:              
    /loncom/auth	lonauth.pm lonlogin.pm lonroles.pm 
  Log:
  - Bug 3987.
  - Destination URL and Symb supplied in query string to log-in page, used to load page after appropriate role selection.
  
  
Index: loncom/auth/lonauth.pm
diff -u loncom/auth/lonauth.pm:1.100 loncom/auth/lonauth.pm:1.101
--- loncom/auth/lonauth.pm:1.100	Wed Jul 22 20:24:07 2009
+++ loncom/auth/lonauth.pm	Wed Jul 22 21:51:03 2009
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # User Authentication Module
 #
-# $Id: lonauth.pm,v 1.100 2009/07/22 20:24:07 raeburn Exp $
+# $Id: lonauth.pm,v 1.101 2009/07/22 21:51:03 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -40,6 +40,7 @@
 use Apache::createaccount;
 use Fcntl qw(:flock);
 use Apache::lonlocal;
+use HTML::Entities;
  
 # ------------------------------------------------------------ Successful login
 sub success {
@@ -85,29 +86,30 @@
             &Apache::lonnet::role_status($envkey,$then,$refresh,$now,\$role,\$where,
                                          \$trolecode,\$tstatus,\$tstart,\$tend);
             if ($tstatus eq 'is') {
-                if ($destination =~ /\?/) {
-                    $destination .= '&';
-                } else {
-                    $destination .= '?';
-                }
-                $destination .= 'selectrole=1&'.$form->{role}.'=1';
-                if (defined($form->{symb})) {
-                    my $destsymb = $form->{symb};
-                    if ($destsymb =~ /___/) {
-                        # FIXME Need to deal with encrypted symbs and urls as needed.
-                        my ($map,$resid,$desturl)=split(/___/,$destsymb);
-                        unless ($desturl=~/^(adm|uploaded|editupload|public)/) {
-                            $desturl = &Apache::lonnet::clutter($desturl);
-                        }
-                        $destination .= '&destinationurl='.$desturl.
-                                        '&destsymb='.$destsymb;
-                    } else {
-                        $destination .= '&destinationurl='.$destsymb;
-                    }
-                }
+                $destination  .= ($destination =~ /\?/) ? '&' : '?';
+                my $newrole = &HTML::Entities::encode($form->{role},'"<>&');
+                $destination .= 'selectrole=1&'.$newrole.'=1';
             }
         }
     }
+    if (defined($form->{symb})) {
+        my $destsymb = $form->{symb};
+        $destination  .= ($destination =~ /\?/) ? '&' : '?';
+        if ($destsymb =~ /___/) {
+            # FIXME Need to deal with encrypted symbs and urls as needed.
+            my ($map,$resid,$desturl)=split(/___/,$destsymb);
+            unless ($desturl=~/^(adm|uploaded|editupload|public)/) {
+                $desturl = &Apache::lonnet::clutter($desturl);
+            }
+            $desturl = &HTML::Entities::encode($desturl,'"<>&');
+            $destsymb = &HTML::Entities::encode($destsymb,'"<>&');
+            $destination .= '&destinationurl='.$desturl.
+                            '&destsymb='.$destsymb;
+        } else {
+            $destsymb = &HTML::Entities::encode($destsymb,'"<>&');
+            $destination .= '&destinationurl='.$destsymb;
+        }
+    }
 
     my $windowinfo=&Apache::lonmenu::open($env{'browser.os'});
     my $startupremote=&Apache::lonmenu::startupremote($destination);
Index: loncom/auth/lonlogin.pm
diff -u loncom/auth/lonlogin.pm:1.123 loncom/auth/lonlogin.pm:1.124
--- loncom/auth/lonlogin.pm:1.123	Wed Jul 22 20:24:07 2009
+++ loncom/auth/lonlogin.pm	Wed Jul 22 21:51:03 2009
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Login Screen
 #
-# $Id: lonlogin.pm,v 1.123 2009/07/22 20:24:07 raeburn Exp $
+# $Id: lonlogin.pm,v 1.124 2009/07/22 21:51:03 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -175,6 +175,9 @@
         $tokenextras = '&role='.&escape($env{'form.role'});
     }
     if ($env{'form.symb'}) {
+        if (!$tokenextras) {
+            $tokenextras = '&';
+        }
         $tokenextras .= '&symb='.&escape($env{'form.symb'});
     }
     my $logtoken=Apache::lonnet::reply(
Index: loncom/auth/lonroles.pm
diff -u loncom/auth/lonroles.pm:1.228 loncom/auth/lonroles.pm:1.229
--- loncom/auth/lonroles.pm:1.228	Mon Jun 29 12:43:45 2009
+++ loncom/auth/lonroles.pm	Wed Jul 22 21:51:03 2009
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # User Roles Screen
 #
-# $Id: lonroles.pm,v 1.228 2009/06/29 12:43:45 bisitz Exp $
+# $Id: lonroles.pm,v 1.229 2009/07/22 21:51:03 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -757,6 +757,14 @@
     unless ((!&Apache::loncommon::show_course()) || ($nochoose) || ($countactive==1)) {
 	$r->print("<h2>".&mt('Select a Course to Enter')."</h2>\n");
     }
+    if ($env{'form.destinationurl'}) {
+        $r->print('<input type="hidden" name="destinationurl" value="'.
+                  $env{'form.destinationurl'}.'" />');
+        if ($env{'form.destsymb'} ne '') {
+            $r->print('<input type="hidden" name="destsymb" value="'.
+                      $env{'form.destsymb'}.'" />');
+        }
+    }
     my $doheaders = &roletable_headers($r,\%roleclass,\%sortrole,$nochoose);
     if ($env{'environment.recentroles'}) {
         my %recent_roles =