--- loncom/auth/publiccheck.pm	2006/07/17 19:49:14	1.7
+++ loncom/auth/publiccheck.pm	2007/01/24 19:39:22	1.13
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Cookie Based Access Handler
 #
-# $Id: publiccheck.pm,v 1.7 2006/07/17 19:49:14 albertel Exp $
+# $Id: publiccheck.pm,v 1.13 2007/01/24 19:39:22 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -37,15 +37,16 @@ use Apache::lonlocal;
 use CGI::Cookie();
 use Fcntl qw(:flock);
 use Apache::lonacc();
+use LONCAPA();
 
 sub handler {
     my $r = shift;
+
     my $requrl=$r->uri;
     my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
     my $lonid=$cookies{'lonID'};
     if ($lonid) {
-	my $handle=$lonid->value;
-        $handle=~s/\W//g;
+	my $handle=&LONCAPA::clean_handle($lonid->value);
         my $lonidsdir=$r->dir_config('lonIDsDir');
         if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
 	    &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
@@ -57,12 +58,13 @@ sub handler {
     }
     if ($requrl=~m|^/public/|
 	|| $requrl=~m|^/adm/help/.*\.hlp$|
+	|| $requrl=~m|^/adm/[^/]+/[^/]+/aboutme/portfolio$|
 	|| (&Apache::lonnet::metadata($requrl,'copyright') eq 'public')) {
         &process_public($r,$requrl);
         return OK;
-    } elsif (&Apache::lonacc::is_portfolio_url($requrl)) {
+    } elsif (&Apache::lonnet::is_portfolio_url($requrl)) {
 	my (undef,$udom,$unum,$file_name,$group) = 
-	    &Apache::lonacc::parse_portfolio_url($requrl);
+	    &Apache::lonnet::parse_portfolio_url($requrl);
         my $access = &process_portfolio($udom,$unum,$file_name,$group);
         if ($access) {
             &process_public($r,$requrl,$access);
@@ -70,6 +72,10 @@ sub handler {
         } 
     } elsif ($requrl eq '/adm/restrictedaccess') {
         &process_public($r,$requrl);
+	return OK;
+    } elsif ($requrl eq '/adm/blockedaccess') {
+       &process_public($r,$requrl);
+       return OK;
     } 
     return DECLINED;
 }
@@ -81,7 +87,7 @@ sub process_public {
         my $cookie=&Apache::lonauth::success($r,'public','public','public');
         my $lonidsdir=$r->dir_config('lonIDsDir');
         &Apache::lonnet::transfer_profile_to_env($lonidsdir,$cookie);
-	$r->header_out('Set-cookie',"lonID=$cookie; path=/");
+	$r->err_header_out('Set-cookie',"lonID=$cookie; path=/");
     }
     &Apache::lonacc::get_posted_cgi($r);
     $env{'request.state'} = "published";