--- loncom/auth/switchserver.pm	2007/09/29 04:03:46	1.17
+++ loncom/auth/switchserver.pm	2010/07/20 02:42:33	1.27
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Switch Servers Handler
 #
-# $Id: switchserver.pm,v 1.17 2007/09/29 04:03:46 albertel Exp $
+# $Id: switchserver.pm,v 1.27 2010/07/20 02:42:33 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -42,18 +42,11 @@ sub init_env {
 	return  $env{'user.environment'};
     }
     my $requrl=$r->uri;
-    my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
-    my $lonid=$cookies{'lonID'};
-    my $cookie;
-    if (!$lonid) { return undef; }
-
-    my $handle=&LONCAPA::clean_handle($lonid->value);
-    my $lonidsdir=$r->dir_config('lonIDsDir');
-    if ((!-e "$lonidsdir/$handle.id") || ($handle eq '')) {
-	$r->log_reason("Cookie $handle not valid", $r->filename); 
+    my $handle= &Apache::lonnet::check_for_valid_session($r);
+    if ($handle ne '') {
 	return undef;
     }
-
+    my $lonidsdir=$r->dir_config('lonIDsDir');
     &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
     
     return $r->dir_config('lonIDsDir')."/$handle.id";
@@ -65,7 +58,6 @@ sub do_redirect {
     my $start_page = 
 	&Apache::loncommon::start_page('Switching Server ...',undef,
 				       {'redirect'       => [0.5,$url],
-                                        'no_inline_link' => 1,
 					'only_body'      => $only_body,});
     my $end_page   = &Apache::loncommon::end_page();
     $r->print($start_page.$extra_text.$end_page);
@@ -80,7 +72,7 @@ sub handler {
     if (!defined($handle)) { return FORBIDDEN; }
 
     &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},
-					    ['otherserver','role']);
+				['otherserver','role','origurl','symb']);
 
     my $switch_to=&Apache::lonnet::hostname($env{'form.otherserver'});
     if (! $env{'form.otherserver'}) {
@@ -91,7 +83,7 @@ sub handler {
 	    $env{'form.otherserver'} = 
 		&Apache::lonnet::spareserver(30000,undef,1);
 	}
-
+        
 	$switch_to=&Apache::lonnet::hostname($env{'form.otherserver'});
     }
 
@@ -99,10 +91,30 @@ sub handler {
 
     if ($env{'user.name'} eq 'public'
 	&& $env{'user.domain'} eq 'public') {
-	my $url = 'http://'.$switch_to.'/'.$r->uri;
+	my $url = 'http://'.$switch_to.$r->uri;
 	return &do_redirect($r,$url,1)
     }
 
+    my $canhost = 1;
+    my $uprimary_id = &Apache::lonnet::domain($env{'user.domain'},'primary');
+    my $uint_dom = &Apache::lonnet::internet_dom($uprimary_id);
+    my @intdoms = &Apache::lonnet::get_internet_names($env{'form.otherserver'});
+    unless ($uint_dom ne '' && grep(/^\Q$uint_dom\E$/,@intdoms)) {
+        my $serverhomeID = &Apache::lonnet::get_server_homeID($switch_to);
+        my $serverhomedom = &Apache::lonnet::host_domain($serverhomeID);
+        my %defdomdefaults = &Apache::lonnet::get_domain_defaults($serverhomedom);
+        my %udomdefaults = &Apache::lonnet::get_domain_defaults($env{'user.domain'});
+        my $remoterev = &Apache::lonnet::get_server_loncaparev($env{'user.domain'},$env{'form.otherserver'});
+        $canhost = 
+            &Apache::lonnet::can_host_session($env{'user.domain'},
+                                              $env{'form.otherserver'},
+                                              $remoterev,
+                                              $udomdefaults{'remotesessions'},
+                                              $defdomdefaults{'hostedsessions'});
+    }
+
+    unless ($canhost) { return FORBIDDEN; }
+
     if ($env{'form.role'} && 
 	!exists($env{'user.role.'.$env{'form.role'}})) { return FORBIDDEN; }
 
@@ -122,13 +134,13 @@ sub handler {
 			    -value   => '',
 			    -expires => '-10y',);
     $r->header_out('Set-cookie' => $c);
-    $r->send_http_header;
-    return OK if $r->header_only;
+
+    if ($r->header_only) {
+	$r->send_http_header;
+	return OK;
+    }
 # -------------------------------------------------------- Menu script and info
 	   
-    my $windowinfo=
-	&Apache::lonmenu::close().
-	&Apache::lonnavmaps::close();
 # ---------------------------------------------------------------- Get handover
 
     my %info=('ip'       => $ENV{'REMOTE_ADDR'},
@@ -136,6 +148,12 @@ sub handler {
 	      'username' => $env{'user.name'},
 	      'role'     => $env{'form.role'},
 	      'server'   => $r->dir_config('lonHostID'));
+    if ($env{'form.origurl'}) {
+        $info{'origurl'} = $env{'form.origurl'};
+    }
+    if ($env{'form.symb'}) {
+        $info{'symb'} = $env{'form.symb'};
+    }
     if ($env{'request.sso.login'}) {
 	$info{'sso.login'} = $env{'request.sso.login'};
     }
@@ -145,11 +163,11 @@ sub handler {
     my $token = &Apache::lonnet::tmpput(\%info,$env{'form.otherserver'});
     my $url ='http://'.$switch_to.'/adm/login?'.
 	'domain='.$env{'user.domain'}.
-	'&username='.$env{'user.name'}.
-	'&token='.$token;
+	'&amp;username='.$env{'user.name'}.
+	'&amp;token='.$token;
 # --------------------------------------------------------------- Screen Output
     &Apache::lonnet::flushcourselogs();
-    return &do_redirect($r,$url,0,$windowinfo);
+    return &do_redirect($r, $url, 0);
 }
 
 1;