version 1.19, 2006/12/24 21:22:33
|
version 1.25, 2011/09/30 15:58:05
|
Line 34 use Crypt::IDEA;
|
Line 34 use Crypt::IDEA;
|
use Time::HiRes qw(gettimeofday); |
use Time::HiRes qw(gettimeofday); |
use LONCAPA; |
use LONCAPA; |
|
|
|
|
|
# |
|
# If a module makes multiple SSI calls and some of the ssi calls result in a |
|
# resource for an encoded URL, and this can be done in an unprivileged role, |
|
# there must be a mechanism t oreset the 'request.enc' environment variable. |
|
# This sub centralizes that mechanism: |
|
# |
|
sub reset_enc { |
|
$env{'request.enc'} = 0; |
|
} |
|
|
sub encryptseed { |
sub encryptseed { |
my ($cid) = @_; |
my ($cid) = @_; |
if (!defined($cid)) { |
if (!defined($cid)) { |
Line 47 sub encryptseed {
|
Line 58 sub encryptseed {
|
my %descargs = ( 'one_time' => 1); |
my %descargs = ( 'one_time' => 1); |
my %course = |
my %course = |
&Apache::lonnet::coursedescription($cid,\%descargs); |
&Apache::lonnet::coursedescription($cid,\%descargs); |
my %seedhash = |
$seed = $course{'internal.encseed'}; |
&Apache::lonnet::get('environment',['internal.encseed'], |
|
$course{'domain'},$course{'num'}); |
|
$seed = $seedhash{'internal.encseed'}; |
|
} |
} |
} |
} |
if (defined($seed)) { |
if (defined($seed)) { |
Line 59 sub encryptseed {
|
Line 67 sub encryptseed {
|
$seed=substr($seed.$seed,0,32); |
$seed=substr($seed.$seed,0,32); |
return pack("H32",$seed); |
return pack("H32",$seed); |
} else { |
} else { |
return; |
return pack("H32",1); |
} |
} |
} |
} |
|
|
Line 154 sub encrypt_ref {
|
Line 162 sub encrypt_ref {
|
my $html; |
my $html; |
if ($force_enc || $env{'request.enc'}) { |
if ($force_enc || $env{'request.enc'}) { |
while (my ($name,$value)= each(%{ $elements })) { |
while (my ($name,$value)= each(%{ $elements })) { |
if (!$value) { next; } |
next if (!$value); |
|
next if ($value =~ /^\w+:/); # explict javascript: or http: link |
my $href=&Apache::lonnet::hreflocation($Apache::lonxml::pwd[-1],$value); |
my $href=&Apache::lonnet::hreflocation($Apache::lonxml::pwd[-1],$value); |
if ($href !~ /^http:/) { |
if ($href !~ /^https?\:/) { |
# IE really wants an extension |
# IE really wants an extension |
my ($extension) = ($href =~ m/(\.[^.]*)$/); |
my ($extension) = ($href =~ m/(\.[^.]*)$/); |
$href = &Apache::lonenc::encrypted($href,$force_enc); |
my $newhref = &Apache::lonenc::encrypted($href,$force_enc); |
$href .= $extension; |
unless ($newhref eq $href) { |
|
$href = $newhref.$extension; |
|
} |
} |
} |
$token->[2]->{$name}=$href; |
$token->[2]->{$name}=$href; |
} |
} |