--- loncom/lonenc.pm	2004/11/11 20:05:56	1.5
+++ loncom/lonenc.pm	2006/03/22 19:37:44	1.12
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # URL translation for encrypted filenames
 #
-# $Id: lonenc.pm,v 1.5 2004/11/11 20:05:56 albertel Exp $
+# $Id: lonenc.pm,v 1.12 2006/03/22 19:37:44 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -30,10 +30,11 @@ package Apache::lonenc;
 
 use strict;
 use Apache::Constants qw(:common :remotehost);
-use Apache::lonnet();
+use Apache::lonnet;
 use Apache::File();
 use Apache::loncommon;
 use Crypt::IDEA;
+use Time::HiRes qw(gettimeofday);
 
 sub handler {
     my $r = shift;
@@ -44,14 +45,14 @@ sub handler {
 	my $handle=$lonid->value;
         $handle=~s/\W//g;
         my $lonidsdir=$r->dir_config('lonIDsDir');
-	$ENV{'request.enc'}=1;
+	$env{'request.enc'}=1;
         if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
 # Initialize Environment
             &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
 # Decrypt URL and redirect
-	    &Apache::lonnet::logthis("args ".$r->args);
-	    &Apache::lonnet::logthis("uri ".$r->uri);
-	    $r->internal_redirect(&unencrypted($r->uri).'?'.$r->args);
+	    my $redirect=&unencrypted($r->uri);
+	    if ($r->args) { $redirect.='?'.$r->args; }
+	    $r->internal_redirect($redirect);
 	    return OK;
 	} 
     }
@@ -59,7 +60,7 @@ sub handler {
 }
 
 sub encryptseed {
-    my $seed=$ENV{'course.'.$ENV{'request.course.id'}.'.internal.encseed'};
+    my $seed=$env{'course.'.$env{'request.course.id'}.'.internal.encseed'};
     $seed=~s/[^0-9a-f]/0/g;
     $seed.='0123456789abcdef';
     $seed=substr($seed.$seed,0,32);
@@ -82,22 +83,47 @@ sub unencrypted {
 				  pack("H16",substr($uri,$encidx,16))
 				  );
     }
-    $ENV{'request.enc'}=1;
+    $env{'request.enc'}=1;
+    $decuri=&remove_noise($decuri);
     return substr($decuri,0,$cmdlength);
 }
 
+# add a randomish character after every 4th caharacter
+sub add_noise {
+    my ($uri)=@_;
+    my @noise=split(/(.)/,(&gettimeofday())[1]);
+    my $noisy;
+    my $i;
+    foreach my $chunk (split(/(....)/,$uri)) {
+	$noisy.=$chunk;
+	$noisy.=$noise[($i++)%(scalar@noise)];
+    }
+    return $noisy;
+}
+
+# remove every fifth character
+sub remove_noise {
+    my ($uri)=@_;
+    my $clean;
+    foreach my $chunk (split(/(....)./,$uri)) { $clean.=$chunk; }
+    return $clean;
+}
+
 sub encrypted {
-    my $uri=shift;
-    if ($ENV{'request.role.adv'}) { return($uri); }
+    my ($uri,$force_enc) = @_;
+    if (!$force_enc && $env{'request.role.adv'}) { return($uri); }
     my $seed=&encryptseed();
     unless ($seed) {
 	return $uri;
     }
     my $cmdlength=length($uri);
-    $uri.='00000000';
+    # add noise before enc so that that same url's look different
+    $uri=&add_noise($uri);
+    my $noiselength=length($uri);
+    $uri.=time;
     my $encuri='';
     my $cipher=new IDEA $seed;
-    for (my $encidx=0;$encidx<=$cmdlength;$encidx+=8) {
+    for (my $encidx=0;$encidx<=$noiselength;$encidx+=8) {
 	$encuri.=unpack("H16",
 			$cipher->encrypt(substr($uri,$encidx,8)));
     }
@@ -106,10 +132,40 @@ sub encrypted {
 
 sub check_encrypt {
     my $str=shift;
-    if ($ENV{'request.enc'}) { return &Apache::lonenc::encrypted($str); }
+    if ($env{'request.enc'}) { return &Apache::lonenc::encrypted($str); }
     return $str;
 }
 
+sub check_decrypt {
+    my ($str)=@_;
+    if (ref($str)) {
+	if ($$str=~m|^/enc/|) { $$str=&Apache::lonenc::unencrypted($$str); }
+	return;
+    }
+    if ($str=~m|^/enc/|) { return &Apache::lonenc::unencrypted($str); }
+    return $str;
+}
+
+sub encrypt_ref {
+    my ($token,$elements,$force_enc)=@_;
+    my $html;
+    &Apache::lonnet::logthis("hrrm $force_enc");
+    if ($force_enc || $env{'request.enc'}) {
+	while (my ($name,$value)= each(%{ $elements })) {
+	    if (!$value) { next; }
+	    my $href=&Apache::lonnet::hreflocation($Apache::lonxml::pwd[-1],$value);
+	    if ($href !~ /^http:/) {
+		$href = &Apache::lonenc::encrypted($href,$force_enc);
+	    }
+	    $token->[2]->{$name}=$href;
+	}
+	delete($token->[2]->{'encrypturl'});
+	$html = &Apache::edit::rebuild_tag($token);
+    } else {
+	$html = $token->[4];
+    }
+    return $html;
+}
 1;
 __END__
 
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
<p>Please contact the server administrator at 
 root@localhost to inform them of the time this error occurred,
 and the actions you performed just before this error.</p>
<p>More information about this error may be available
in the server error log.</p>
</body></html>