--- loncom/cgi/loncgi.pm	2005/05/25 22:31:51	1.5
+++ loncom/cgi/loncgi.pm	2018/07/04 16:58:26	1.16
@@ -1,7 +1,7 @@
 #
 # LON-CAPA helpers for cgi-bin scripts
 #
-# $Id: loncgi.pm,v 1.5 2005/05/25 22:31:51 albertel Exp $
+# $Id: loncgi.pm,v 1.16 2018/07/04 16:58:26 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -36,8 +36,8 @@ loncgi
 
 =head1 SYNOPSIS
 
-Provides subroutines for checking a LON-CAPA cookie and loading the users
-environment.
+Provides subroutines for checking a LON-CAPA cookie, loading the user's
+environment, and retrieving arguments passed in via a CGI's Query String.
 
 =head1 Subroutines
 
@@ -53,10 +53,15 @@ use strict;
 use warnings FATAL=>'all';
 no warnings 'uninitialized';
 
-use CGI();
+use lib '/home/httpd/lib/perl/';
+use CGI qw(:standard);
 use CGI::Cookie();
+use MIME::Types();
 use Fcntl qw(:flock);
+use LONCAPA;
 use LONCAPA::Configuration();
+use GDBM_File;
+use Apache::lonlocal;
 
 my $lonidsdir;
 
@@ -66,33 +71,32 @@ BEGIN {
     $lonidsdir = $perlvar->{'lonIDsDir'};
 }
 
+
 #############################################
 #############################################
 
 =pod
 
-=item check_cookie_and_load_env
+=item check_cookie_and_load_env()
 
-Inputs: none
+Inputs: 1 ( optional). When called from a handler in mod_perl,
+        pass in the request object.
 
-Returns: 1 if the user has a LON-CAPA cookie 0 if not.
-Loads the users environment into the %env hash if the cookie is correct.
+Returns: 1 if the user has a LON-CAPA cookie, 0 if not.
+Side effect: Loads the user's environment into the %env hash
+             if the cookie is correct.
 
 =cut
 
 #############################################
 #############################################
 sub check_cookie_and_load_env {
-    my %cookies=fetch CGI::Cookie;
-    if (exists($cookies{'lonID'}) && 
-        -e "$lonidsdir/".$cookies{'lonID'}->value.".id") {
-        # cookie found
-        &transfer_profile_to_env($cookies{'lonID'}->value);
-        return 1;
-    } else {
-        # No cookie found
-        return 0;
+    my ($r) = @_;
+    my ($hascookie,$handle) = &check_cookie($r);
+    if (($hascookie) && ($handle)) {
+        &transfer_profile_to_env($handle);
     }
+    return $hascookie;
 }
 
 #############################################
@@ -100,10 +104,15 @@ sub check_cookie_and_load_env {
 
 =pod
 
-=item check_cookie
+=item check_cookie()
 
 Inputs: none
 
+Array context:
+Returns: (1,$handle) if the user has a LON-CAPA cookie;
+(0) if user does not have a LON-CAPA cookie.
+
+Scalar context:
 Returns: 1 if the user has a LON-CAPA cookie and 0 if not.
 
 =cut
@@ -111,13 +120,52 @@ Returns: 1 if the user has a LON-CAPA co
 #############################################
 #############################################
 sub check_cookie {
-    my %cookies=fetch CGI::Cookie;
-    if (exists($cookies{'lonID'}) && 
-        -e "$lonidsdir/".$cookies{'lonID'}->value.".id") {
-        # cookie found
-        return 1;
+    my ($r) = @_;
+    my %cookies;
+    if (ref($r)) {
+        %cookies = CGI::Cookie->fetch($r);
+    } else {
+        %cookies = CGI::Cookie->fetch();
+    }
+    if (keys(%cookies)) {
+        my $name = 'lonID';
+        my $secure = 'lonSID';
+        my $linkname = 'lonLinkID';
+        my $pubname = 'lonPubID';
+        my $lonid;
+        if (exists($cookies{$secure})) {
+            $lonid=$cookies{$secure};
+        } elsif (exists($cookies{$name})) {
+            $lonid=$cookies{$name};
+        } elsif (exists($cookies{$linkname})) {
+            $lonid=$cookies{$linkname};
+        } elsif (exists($cookies{$pubname})) {
+            $lonid=$cookies{$pubname};
+        }
+        if ($lonid) {
+            my $handle=&LONCAPA::clean_handle($lonid->value);
+            if ($handle) {
+                if (-l "$lonidsdir/$handle.id") {
+                    my $link = readlink("$lonidsdir/$handle.id");
+                    if ((-e $link) && ($link =~ m{^\Q$lonidsdir\E/(.+)\.id$})) {
+                        $handle = $1;
+                    }
+                }
+                if (-e "$lonidsdir/".$handle.".id") {
+                    # valid cookie found
+                    if (wantarray) {
+                        return (1,$handle);
+                    } else {
+                        return 1;
+                    }
+                }
+            }
+        }
+    }
+    # No valid cookie found
+    if (wantarray) {
+        return (0);
     } else {
-        # No cookie found
         return 0;
     }
 }
@@ -127,7 +175,7 @@ sub check_cookie {
 
 =pod
 
-=item transfer_profile_to_env
+=item transfer_profile_to_env()
 
 Load the users environment into the %env hash.
 
@@ -141,17 +189,10 @@ Returns: undef
 #############################################
 sub transfer_profile_to_env {
     my ($handle)=@_;
-    my @profile;
-    {
-        open(IDFILE, "<$lonidsdir/$handle.id");
-        flock(IDFILE,LOCK_SH);
-        @profile=<IDFILE>;
-        close(IDFILE);
-    }
-    foreach my $envrow (@profile) {
-        chomp($envrow);
-        my ($envname,$envvalue)=split(/=/,$envrow);
-        $Apache::lonnet::env{$envname} = $envvalue;
+    if (tie(my %disk_env,'GDBM_File',"$lonidsdir/$handle.id",&GDBM_READER(),
+	    0640)) {
+	%Apache::lonnet::env = %disk_env;
+	untie(%disk_env);
     }
     $Apache::lonnet::env{'user.environment'} = "$lonidsdir/$handle.id";
     return undef;
@@ -162,6 +203,105 @@ sub transfer_profile_to_env {
 
 =pod
 
+=item missing_cookie_msg()
+
+Inputs: none
+Returns: HTML for a page indicating cookie information absent. 
+
+=cut
+
+#############################################
+#############################################
+sub missing_cookie_msg {
+    my %lt = &Apache::lonlocal::texthash (
+                        cook => 'Bad Cookie',
+                        your => 'Your cookie information is incorrect.',
+             );
+    return <<END;
+<html>
+<head><title>$lt{'cook'}</title></head>
+<body>
+$lt{'your'}
+</body>
+</html>
+END
+
+}
+
+#############################################
+#############################################
+
+=pod
+
+=cgi_getitems()
+
+Inputs: $query - the CGI query string (required)
+        $getitems - reference to a hash (required)
+        $possname - permitted names of keys (optional)
+
+Returns: nothing
+
+Side Effects: populates $getitems hash ref with key => value
+              where each key is the name of the form item in the query string
+              and value is an array of corresponding values. 
+
+=cut
+
+#############################################
+#############################################
+sub cgi_getitems {
+    my ($query,$getitems,$possnames)= @_;
+    foreach (split(/&/,$query)) {
+        my ($name, $value) = split(/=/,$_);
+        $name = &unescape($name);
+        if (ref($possnames) eq 'ARRAY') {
+            next unless (grep(/^\Q$name\E$/,@{$possnames}));
+        }
+        $value =~ tr/+/ /;
+        $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
+        push(@{$$getitems{$name}},$value);
+    }
+    return;
+}
+
+#############################################
+#############################################
+
+=pod
+
+=cgi_header()
+
+Inputs: $contenttype - Content Type (e.g., text/html or text/plain)
+        $nocache     - Boolean 1 = nocache
+Returns: HTTP Response headers constructed using CGI.pm
+
+=cut
+
+#############################################
+#############################################
+sub cgi_header {
+    my ($contenttype,$nocache) = @_;
+    my $mimetypes = MIME::Types->new;
+    my %headers;
+    if ($contenttype ne '') {
+        if ($mimetypes->type($contenttype) ne '') {
+            $headers{'-type'} = $contenttype;
+            if ($contenttype =~ m{^text/}) {
+                $headers{'-charset'} = 'utf-8';
+            }
+        }
+    }
+    if ($nocache) {
+       $headers{'-expires'} = 'now';
+    }
+    if (%headers) {
+        return CGI::header(%headers);
+    }
+    return;
+}
+
+=pod
+
 =back
 
 =cut