X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=Util.pm;h=9acd5d11bcd416b5d5bb534c4d2cddb6665bced6;hb=f1af5002f6710b37cf3d2b3903ef3103a34424a6;hp=371aae9997ab95efd4da3c672533ae4bd25f610e;hpb=b62107bcdbc4fb5311f981999d838de38243e46f;p=mirror%2Fuserdir-ldap-cgi.git
diff --git a/Util.pm b/Util.pm
index 371aae9..9acd5d1 100644
--- a/Util.pm
+++ b/Util.pm
@@ -119,7 +119,7 @@ sub ReadPasswordFromFile {
# check to make sure the time is positive, and that the auth token
# has not expired
my $tdiff = (time - $time);
- &HTMLError("Your authentication token has expired. Please relogin") if (($tdiff < 0) || ($tdiff > $config{authexpires}));
+ &HTMLError("Your authentication token has expired. Please relogin") if (($tdiff < 0) || ($tdiff > $config{authexpires}));
return Decrypt($cipher, $passwd);
}
@@ -171,7 +171,7 @@ sub FormatFingerPrint {
$out .= " " if ($_ == 7);
}
} else {
- foreach (0..int(length($in)/2)) {
+ foreach (0..int(length($in)/4)) {
$out .= substr($in, $_*4, 4)." ";
}
}
@@ -180,6 +180,7 @@ sub FormatFingerPrint {
sub FetchKey {
my $fingerprint = shift;
+ my $signatures = shift;
my ($out, $keyringparam) = undef;
foreach (split(/:/, $config{keyrings})) {
@@ -189,10 +190,13 @@ sub FetchKey {
$fingerprint =~ s/\s//g;
$fingerprint = "0x".$fingerprint;
+ local $ENV{PATH} = '';
$/ = undef; # just suck it up ....
- open(FP, "$config{gpg} --no-options --no-default-keyring $keyringparam --list-sigs --fingerprint $fingerprint|");
- $out = ;
- close FP;
+ if ($signatures) {
+ open(FP, "$config{gpg} --no-options --no-default-keyring $keyringparam --list-sigs --fingerprint $fingerprint|");
+ $out = ;
+ close FP;
+ }
open(FP, "$config{gpg} --no-options --no-default-keyring $keyringparam --export -a $fingerprint|");
$out .= ;
close FP;
@@ -225,7 +229,7 @@ sub FormatLastSeen {
$lastseen = (($d1 gt $d2) ? $lastseenpgp : $lastseenfrom);
}
- my ($date,$user,$list,$msgid) = ($lastseen =~ /^\[(.+?)\]\s+"(.+?)"\s+"(?:<(.+?)>.+?|\-)"\s+"<(.+?)>"/);
+ my ($date,$user,$list,$msgid) = ($lastseen =~ /^\[(.+?)\]\s+"(.+?)"\s+"(?:<(.+?)>.*?|\-)"\s+"<(.+?)>"/);
$list = "on $list" if ($list);
return "$date $list
Message ID: $msgid";
}
@@ -252,7 +256,7 @@ sub LookupCountry {
my $htmlhdrsent = 0;
sub HTMLSendHeader {
- print "Content-type: text/html\n\n" if (!$htmlhdrsent);
+ print "Content-type: text/html; charset=utf-8\n\n" if (!$htmlhdrsent);
$htmlhdrsent = 1;
}
@@ -278,6 +282,38 @@ sub CheckLatLong {
}
}
+sub FixParams {
+ my $query = shift;
+ my $key;
+ my @names = $query->param;
+
+ foreach $key (@names) { # web security is a joke ...
+ $_ = $query->param($key);
+ s/&/&/g;
+ s/[<\x8B]/</g;
+ s/[>\x9B]/>/g;
+
+ $query->param($key, $_);
+ }
+}
+
+
+sub LDAPUpdate {
+ my $ldap = shift;
+ my $dn = shift;
+ my $attr = shift;
+ my $val = shift;
+ my $mesg;
+
+ if (!$val) {
+ $mesg = $ldap->modify($dn, delete => { $attr => [] });
+ } else {
+ $val = [ $val ] if (!ref($val));
+ $mesg = $ldap->modify($dn, replace => { $attr => $val });
+ $mesg->code && &Util::HTMLError("error updating $attr: ".$mesg->error);
+ }
+}
+
###################
# Config file stuff
sub ReadConfigFile {
@@ -289,7 +325,8 @@ sub ReadConfigFile {
if ((!/^\s*#/) && ($_ ne "")) {
# Chop off any trailing comments
s/#.*//;
- ($attr, $setting) = split(/=/, $_, 2);
+ /([^=]+)=(.*)/;
+ ($attr, $setting) = ($1, $2);
$setting =~ s/"//g; #"
$setting =~ s/;$//;
$attr =~ s/^\s+//; $attr =~ s/\s+$//;
@@ -301,20 +338,4 @@ sub ReadConfigFile {
return %config;
}
-sub LDAPUpdate {
- my $ldap = shift;
- my $dn = shift;
- my $attr = shift;
- my $val = shift;
- my $mesg;
-
- if (!$val) {
- $mesg = $ldap->modify($dn, delete => { $attr => [] });
- } else {
- $val = [ $val ] if (!ref($val));
- $mesg = $ldap->modify($dn, replace => { $attr => $val });
- $mesg->code && &Util::HTMLError("error updating $attr: ".$mesg->error);
- }
-}
-
1;