1e3521c5e1b20bf843a22a397e0e4662141dc4de
max
  Mon Oct 12 01:06:04 2015 -0700
trying to make hgLogin work as a non-root htdocs, refs #16187

diff --git src/hg/hgLogin/hgLogin.c src/hg/hgLogin/hgLogin.c
index 8dd8e28..95c3630 100644
--- src/hg/hgLogin/hgLogin.c
+++ src/hg/hgLogin/hgLogin.c
@@ -318,65 +318,67 @@
         if (c == domain || *(c - 1) == '.') return 0;
         count++;
         }
     if (*c <= ' ' || *c >= 127) return 0;
     if (strchr(rfc822_specials, *c)) return 0;
     } while (*++c);
 
 return (count >= 1);
 }
 
 char *getReturnToURL()
 /* get URL passed in with returnto URL */
 {
 char *returnURL = cartUsualString(cart, "returnto", "");
 char *hgLoginHost = wikiLinkHost();
+char *cgiDir = cgiScriptDirUrl();
 char returnTo[2048];
 if (!returnURL || sameString(returnURL,""))
    safef(returnTo, sizeof(returnTo),
-        "http%s://%s/cgi-bin/hgSession?hgS_doMainPage=1", 
-        cgiAppendSForHttps(), hgLoginHost);
+        "http%s://%s%shgSession?hgS_doMainPage=1",
+        cgiAppendSForHttps(), hgLoginHost, cgiDir);
 else
    safecpy(returnTo, sizeof(returnTo), returnURL);
 return cloneString(returnTo);
 }
 
 void returnToURL(int delay)
 /* delay for delay mill-seconds then return to the "returnto" URL */
 {
 char *returnURL = getReturnToURL();
 hPrintf(
     "<script  language=\"JavaScript\">\n"
     "<!-- "
     "\n"
     "window.setTimeout(afterDelay, %d);\n"
     "function afterDelay() {\n"
     "window.location =\"%s\";\n}"
     "\n//-->\n"
     "</script>", delay, returnURL);
 }
 
 static void redirectToLoginPage(char *paramStr)
 /* redirect to hgLogin page with given parameter string */
 {
 char *hgLoginHost = wikiLinkHost();
+char *cgiDir = cgiScriptDirUrl();
 hPrintf("<script  language=\"JavaScript\">\n"
     "<!-- \n"
-    "window.location =\"http%s://%s/cgi-bin/hgLogin?%s\""
+    "window.location =\"http%s://%s%shgLogin?%s\""
     "//-->"
     "\n"
-    "</script>", cgiAppendSForHttps(), hgLoginHost, paramStr);
+    "</script>", cgiAppendSForHttps(), hgLoginHost, cgiDir, paramStr);
 }
     
 void  displayActMailSuccess()
 /* display Activate mail success box */
 {
 char *returnURL = getReturnToURL(); 
 hPrintf(
     "<div id=\"confirmationBox\" class=\"centeredContainer formBox\">"
     "\n"
     "<h2>%s</h2>", brwName);
 hPrintf(
     "<p id=\"confirmationMsg\" class=\"confirmationTxt\">A confirmation email has been sent to you. \n"
     "Please click the confirmation link in the email to activate your account.</p>"
     "\n"
     "<p><a href=\"%s\">Return</a></p>", returnURL);
@@ -447,51 +449,52 @@
 
 hPrintf(
     "<p><a href=\"hgLogin?hgLogin.do.displayLoginPage=1\">Return to Login</a></p>");
 cartRemove(cart, "hgLogin_helpWith");
 cartRemove(cart, "hgLogin_email");
 cartRemove(cart, "hgLogin_userName");
 cartRemove(cart, "hgLogin_sendMailTo");
 cartRemove(cart, "hgLogin_sendMailContain");
 }
 
 void sendMailOut(char *email, char *subject, char *msg)
 /* send mail to email address */
 {
 char *hgLoginHost = wikiLinkHost();
 char *obj = cartUsualString(cart, "hgLogin_helpWith", "");
+char *cgiDir = cgiScriptDirUrl();
 int result;
 result = mailViaPipe(email, subject, msg, returnAddr);
 if (result == -1)
     {
     hPrintf( 
         "<h2>%s</h2>", brwName);
     hPrintf(
         "<p align=\"left\">"
         "</p>"
         "<h3>Error emailing %s to: %s</h3>"
         "Click <a href=hgLogin?hgLogin.do.displayAccHelpPage=1>here</a> to return.<br>", 
         obj, email );
     }
 else
     {
     hPrintf("<script  language=\"JavaScript\">\n"
         "<!-- \n"
-        "window.location =\"http%s://%s/cgi-bin/hgLogin?hgLogin.do.displayMailSuccess=1\""
+        "window.location =\"http%s://%s%shgLogin?hgLogin.do.displayMailSuccess=1\""
         "//-->"
         "\n"
-        "</script>", cgiAppendSForHttps(), hgLoginHost);
+        "</script>", cgiAppendSForHttps(), hgLoginHost, cgiDir);
     }
 }
 
 void mailUsername(char *email, char *users)
 /* send user name list to the email address */
 {
 char subject[256];
 char msg[4096];
 char *remoteAddr=getenv("REMOTE_ADDR");
 
 safef(subject, sizeof(subject),"Your user name at the %s", brwName);
 safef(msg, sizeof(msg), 
     "  Someone (probably you, from IP address %s) has requested user name(s) associated with this email address at the %s: \n\n  %s\n\n%s\n%s", 
    remoteAddr, brwName, users, signature, returnAddr);
 sendMailOut(email, subject, msg);
@@ -513,52 +516,53 @@
     {
     struct gbMembers *m = gbMembersLoad(row);
     if (numUser >= 1)
         safecat(userList, sizeof(userList), ", ");
     safecat(userList, sizeof(userList), m->userName);
     numUser += 1;
     }
 sqlFreeResult(&sr);
 mailUsername(email, userList);
 }
 
 void sendPwdMailOut(char *email, char *subject, char *msg, char *username)
 /* send password reset mail to user at registered email address */
 {
 char *hgLoginHost = wikiLinkHost();
+char *cgiDir = cgiScriptDirUrl();
 char *obj = cartUsualString(cart, "hgLogin_helpWith", "");
 int result;
 result = mailViaPipe(email, subject, msg, returnAddr);
 if (result == -1)
     {
     hPrintf(
         "<h2>%s</h2>", brwName);
     hPrintf(
         "<p align=\"left\">"
         "</p>"
         "<h3>Error emailing %s to: %s</h3>"
         "Click <a href=hgLogin?hgLogin.do.displayAccHelpPage=1>here</a> to return.<br>",
         obj, email );
     }
 else
     {
     hPrintf("<script  language=\"JavaScript\">\n"
         "<!-- \n"
-        "window.location =\"http%s://%s/cgi-bin/hgLogin?hgLogin.do.displayMailSuccessPwd=1&user=%s\""
+        "window.location =\"http%s://%s%shgLogin?hgLogin.do.displayMailSuccessPwd=1&user=%s\""
         "//-->"
         "\n"
-        "</script>", cgiAppendSForHttps(), hgLoginHost, username);
+        "</script>", cgiAppendSForHttps(), hgLoginHost, cgiDir, username);
     }
 }
 
 void sendNewPwdMail(char *username, char *email, char *password)
 /* send user new password */
 {
 char subject[256];
 char msg[4096];
 char *remoteAddr=getenv("REMOTE_ADDR");
 
 safef(subject, sizeof(subject),"New temporary password for your account at the %s", brwName);
 safef(msg, sizeof(msg),
     "  Someone (probably you, from IP address %s) requested a new password for the %s (%s). A temporary password for user \"%s\" has been created and was set to \"%s\". If this was your intent, you will need to log in and choose a new password now. Your temporary password will expire in 7 days.\n\n  If someone else made this request, or if you have remembered your password, and you no longer wish to change it, you may ignore this message and continue using your old password.\n\n%s\n%s",
     remoteAddr, brwName, brwAddr, username, password, signature, returnAddr);
 sendPwdMailOut(email, subject, msg, username);
@@ -662,34 +666,35 @@
 sqlSafef(query,sizeof(query), "UPDATE gbMembers SET lastUse=NOW(),newPassword='', newPasswordExpire='', passwordChangeRequired='N' WHERE userName='%s'",
     username);
 sqlUpdate(conn, query);
 cartRemove(cart, "hgLogin_changeRequired");
 return;
 }
 
 void sendActivateMail(char *email, char *username, char *encToken)
 /* Send activation mail with token to user*/
 {
 char subject[256];
 char msg[4096];
 char activateURL[256];
 char *hgLoginHost = wikiLinkHost();
 char *remoteAddr=getenv("REMOTE_ADDR");
+char *cgiDir = cgiScriptDirUrl();
 
 safef(activateURL, sizeof(activateURL),
-    "http%s://%s/cgi-bin/hgLogin?hgLogin.do.activateAccount=1&user=%s&token=%s\n",
-    cgiAppendSForHttps(), hgLoginHost,
+    "http%s://%s%shgLogin?hgLogin.do.activateAccount=1&user=%s&token=%s\n",
+    cgiAppendSForHttps(), hgLoginHost, cgiDir,
     cgiEncode(username),
     cgiEncode(encToken));
 safef(subject, sizeof(subject),"%s account e-mail address confirmation", brwName);
 safef(msg, sizeof(msg),
     "  Someone (probably you, from IP address %s) has requested an account %s with this e-mail address on the %s.\nTo confirm that this account really does belong to you on the %s, open this link in your browser:\n\n%s\n\nIf this is *not* you, do not follow the link. This confirmation code will expire in 7 days.\n\n%s\n%s", 
      remoteAddr, username, brwName, brwName, activateURL, signature, returnAddr);
 sendActMailOut(email, subject, msg);
 }
 
 void setupNewAccount(struct sqlConnection *conn, char *email, char *username)
 /* Set up  new user account and send activation mail to user */
 {
 char query[256];
 char *token = generateRandomPassword();
 char *tokenMD5 = generateTokenMD5(token);
@@ -1376,24 +1381,24 @@
 {
 errAbort(
   "hgLogin - Stand alone CGI to handle Genome Browser login.\n"
   "usage:\n"
   "    hgLogin <various CGI settings>\n"
   );
 }
 
 int main(int argc, char *argv[])
 /* Process command line. */
 {
 long enteredMainTime = clock1000();
 pushCarefulMemHandler(100000000);
 setUdcCacheDir();
 cgiSpoof(&argc, argv);
-htmlSetStyleSheet("/style/userAccounts.css");
+htmlSetStyleSheet("../style/userAccounts.css");
 htmlSetStyle(htmlStyleUndecoratedLink);
 htmlSetBgColor(HG_CL_OUTSIDE);
 htmlSetFormClass("accountScreen");
 oldCart = hashNew(10);
 cartHtmlShell("Login - UCSC Genome Browser", doMiddle, hUserCookie(), excludeVars, oldCart);
 cgiExitTime("hgLogin", enteredMainTime);
 return 0;
 }