--- loncom/auth/loncacc.pm	2007/02/01 07:13:04	1.44
+++ loncom/auth/loncacc.pm	2007/10/02 01:09:59	1.46
@@ -2,7 +2,7 @@
 # Cookie Based Access Handler for Construction Area
 # (lonacc: 5/21/99,5/22,5/29,5/31 Gerd Kortemeyer)
 #
-# $Id: loncacc.pm,v 1.44 2007/02/01 07:13:04 albertel Exp $
+# $Id: loncacc.pm,v 1.46 2007/10/02 01:09:59 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -31,15 +31,15 @@ package Apache::loncacc;
 
 use strict;
 use Apache::Constants qw(:common :http :methods REDIRECT);
-use CGI::Cookie();
+use Fcntl qw(:flock);
 use Apache::lonlocal;
 use Apache::lonnet;
-use Apache::lonacc();
+use Apache::lonacc;
 use LONCAPA qw(:DEFAULT :match);
 
 sub constructaccess {
     my ($url,$ownerdomain)=@_;
-    my ($ownername)=($url=~m{/(?:\~|priv/|home/)($match_username)/});
+    my ($ownername)=($url=~/\/(?:\~|priv\/|home\/)($match_username)\//);
     unless (($ownername) && ($ownerdomain)) { return ''; }
     # We do not allow editing of previous versions of files.
     if ($url=~/\.(\d+)\.(\w+)$/) { return ''; }
@@ -47,61 +47,53 @@ sub constructaccess {
     if ($ownername eq $env{'user.name'}) {
 	foreach my $domain (@possibledomains) {
 	    if ($domain eq $env{'user.domain'}) {
-    &Apache::lonnet::logthis("good1!");
 		return ($ownername,$domain);
 	    }
 	}
     }
+    
     foreach my $domain (@possibledomains) {
 	if (exists($env{'user.priv.ca./'.$domain.'/'.$ownername.'./'}) ||
 	    exists($env{'user.priv.aa./'.$domain.'/'.$ownername.'./'}) ) {
-    &Apache::lonnet::logthis("good2!");
 	    return ($ownername,$domain);
 	}
     }
-    &Apache::lonnet::logthis("boo! hiss!");
     return '';
 }
 
 sub handler {
     my $r = shift;
-
     my $requrl=$r->uri;
     $env{'request.editurl'}=$requrl;
-    my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
-    my $lonid=$cookies{'lonID'};
-    my $cookie;
-    if ($lonid) {
-      	my $handle=&LONCAPA::clean_handle($lonid->value);
-        my $lonidsdir=$r->dir_config('lonIDsDir');
-        if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
 
-# ------------------------------------------------------ Initialize Environment
+    my $handle =  &Apache::lonnet::check_for_valid_session($r);
+    if ($handle ne '') {
 
-            &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
+# ------------------------------------------------------ Initialize Environment
+        my $lonidsdir=$r->dir_config('lonIDsDir');
+	&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
 
 # --------------------------------------------------------- Initialize Language
  
- 	    &Apache::lonlocal::get_language_handle($r);
+	&Apache::lonlocal::get_language_handle($r);
 
 # -------------------------------------------------------------- Resource State
 
-            $env{'request.state'}    = "construct";
-            $env{'request.filename'} = $r->filename;
+	$env{'request.state'}    = "construct";
+	$env{'request.filename'} = $r->filename;
 
-            unless (&constructaccess($requrl,$r->dir_config('lonDefDomain'))) {
-                $r->log_reason("Unauthorized $requrl", $r->filename); 
-	        return HTTP_NOT_ACCEPTABLE;
-            }
+	unless (&constructaccess($requrl,$r->dir_config('lonDefDomain'))) {
+	    $r->log_reason("Unauthorized $requrl", $r->filename); 
+	    return HTTP_NOT_ACCEPTABLE;
+	}
 
 # -------------------------------------------------------- Load POST parameters
 
-	    &Apache::lonacc::get_posted_cgi($r);
+	&Apache::lonacc::get_posted_cgi($r);
 
-            return OK; 
-        } else { 
-            $r->log_reason("Cookie $handle not valid", $r->filename) 
-        };
+	return OK; 
+    } else { 
+	$r->log_reason("Cookie $handle not valid", $r->filename) 
     }
 
 # ----------------------------------------------- Store where they wanted to go