X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=Util.pm;h=374a592a80c0382bacc0ce86d9650c5928431aa2;hb=98b9991d9b8fb5bdf608f4be2a62d57c7fd66904;hp=e97a9e9ea133379222c7709a034dfad2ea5c6daa;hpb=7e3253a8e182b7f49f222a760af741dbd27f8367;p=mirror%2Fuserdir-ldap-cgi.git

diff --git a/Util.pm b/Util.pm
index e97a9e9..374a592 100644
--- a/Util.pm
+++ b/Util.pm
@@ -228,16 +228,21 @@ sub FormatLastSeen {
   my ($d1, $d2, $lastseen);
 
   return "<b>No activity detected</b>" if (!$lastseenpgp && !$lastseenfrom);
+  $lastseen = $lastseenpgp;
   $lastseen = $lastseenfrom if (!$lastseenpgp);
 
   if ($lastseenfrom && $lastseenpgp) {
-    ($d1) = ($lastseenpgp =~ /^\[(.+?)\]/); $d1 = ParseDate($d1);  
+    ($d1) = ($lastseenpgp =~ /^\[(.+?)\]/); $d1 = ParseDate($d1);
     ($d2) = ($lastseenfrom =~ /^\[(.+?)\]/); $d2 = ParseDate($d2);
     $lastseen = (($d1 gt $d2) ? $lastseenpgp : $lastseenfrom);
   }
 
-  my ($date,$user,$list,$msgid) = ($lastseen =~ /^\[(.+?)\]\s+"(.+?)"\s+"(?:<(.+?)>.*?|\-)"\s+"<(.+?)>"/);
+  my ($date,$user,$list,$msgid) = ($lastseen =~ /^\[(.+?)\]\s+"(.+?)"\s+"(?:<(.+?)>.*?|\-)"\s+"(<.+?>)"/);
   $list = "on $list" if ($list);
+  $date = CGI::escapeHTML($date);
+  $user = CGI::escapeHTML($user);
+  $list = CGI::escapeHTML($list);
+  $msgid = CGI::escapeHTML($msgid);
   return "$date $list<br>&nbsp;Message ID: $msgid";
 }
 
@@ -349,7 +354,7 @@ sub UpgradeConnection($) {
   my ($ldap) = @_;
   my $mesg = $ldap->start_tls(
                           verify => 'require',
-                          capath => '/etc/ssl/certs/'
+                          cafile => '/etc/ssl/certs/spi-cacert-2008.pem'
                           );
   $mesg->sync;
   if ($mesg->code != LDAP_SUCCESS) {