--- loncom/auth/lonauth.pm 2003/07/16 20:42:31 1.53
+++ loncom/auth/lonauth.pm 2003/10/30 00:54:57 1.58
@@ -1,7 +1,7 @@
# The LearningOnline Network
# User Authentication Module
#
-# $Id: lonauth.pm,v 1.53 2003/07/16 20:42:31 www Exp $
+# $Id: lonauth.pm,v 1.58 2003/10/30 00:54:57 www Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -46,6 +46,7 @@ use Apache::loncommon();
use Apache::lonnet();
use Apache::lonmenu();
use Fcntl qw(:flock);
+use Apache::lonlocal;
my %FORM;
@@ -107,6 +108,12 @@ sub success {
$FORM{'interface'}=$userenv{'interface'};
}
$ENV{'environment.remote'}=$userenv{'remote'};
+# --------------- Do not trust query string to be put directly into environment
+ foreach ('imagesuppress','appletsuppress',
+ 'embedsuppress','fontenhance','blackwhite',
+ 'interface','localpath','localres') {
+ $FORM{$_}=~s/[\n\r\=]//gs;
+ }
# --------------------------------------------------------- Write first profile
{
@@ -184,6 +191,12 @@ Content-type: text/html
Set-cookie: $cookie
ENDHEADER
+ my %lt=&Apache::lonlocal::texthash(
+ 'wel' => 'Welcome',
+ 'mes' => 'Welcome to the LearningOnline Network with CAPA. Please wait while your session is being set up',
+ 'pro' => 'Problems',
+ 'log' => 'loginproblems.html',
+ );
$r->print(<
@@ -193,11 +206,9 @@ $startupremote
$bodytag
$setflags
$windowinfo
-Welcome!
-Welcome to the LearningOnline Network with CAPA.
-Please wait while your session
-is being set up.
-Problems?
+$lt{'wel'}
+$lt{'mes'}.
+$lt{'pro'}?
$maincall