X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=Util.pm;h=374a592a80c0382bacc0ce86d9650c5928431aa2;hb=98b9991d9b8fb5bdf608f4be2a62d57c7fd66904;hp=e97a9e9ea133379222c7709a034dfad2ea5c6daa;hpb=7e3253a8e182b7f49f222a760af741dbd27f8367;p=mirror%2Fuserdir-ldap-cgi.git
diff --git a/Util.pm b/Util.pm
index e97a9e9..374a592 100644
--- a/Util.pm
+++ b/Util.pm
@@ -228,16 +228,21 @@ sub FormatLastSeen {
my ($d1, $d2, $lastseen);
return "No activity detected" if (!$lastseenpgp && !$lastseenfrom);
+ $lastseen = $lastseenpgp;
$lastseen = $lastseenfrom if (!$lastseenpgp);
if ($lastseenfrom && $lastseenpgp) {
- ($d1) = ($lastseenpgp =~ /^\[(.+?)\]/); $d1 = ParseDate($d1);
+ ($d1) = ($lastseenpgp =~ /^\[(.+?)\]/); $d1 = ParseDate($d1);
($d2) = ($lastseenfrom =~ /^\[(.+?)\]/); $d2 = ParseDate($d2);
$lastseen = (($d1 gt $d2) ? $lastseenpgp : $lastseenfrom);
}
- my ($date,$user,$list,$msgid) = ($lastseen =~ /^\[(.+?)\]\s+"(.+?)"\s+"(?:<(.+?)>.*?|\-)"\s+"<(.+?)>"/);
+ my ($date,$user,$list,$msgid) = ($lastseen =~ /^\[(.+?)\]\s+"(.+?)"\s+"(?:<(.+?)>.*?|\-)"\s+"(<.+?>)"/);
$list = "on $list" if ($list);
+ $date = CGI::escapeHTML($date);
+ $user = CGI::escapeHTML($user);
+ $list = CGI::escapeHTML($list);
+ $msgid = CGI::escapeHTML($msgid);
return "$date $list
Message ID: $msgid";
}
@@ -349,7 +354,7 @@ sub UpgradeConnection($) {
my ($ldap) = @_;
my $mesg = $ldap->start_tls(
verify => 'require',
- capath => '/etc/ssl/certs/'
+ cafile => '/etc/ssl/certs/spi-cacert-2008.pem'
);
$mesg->sync;
if ($mesg->code != LDAP_SUCCESS) {