X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=web%2FUtil.pm;h=8efabfb517959e15db7ad806cb2831608c5f5886;hb=e472df7a917d3bff825925937652baed188fba6f;hp=371aae9997ab95efd4da3c672533ae4bd25f610e;hpb=ba1408e28f60d08b028911857a1dfbbfee691fd5;p=mirror%2Fuserdir-ldap.git
diff --git a/web/Util.pm b/web/Util.pm
index 371aae9..8efabfb 100644
--- a/web/Util.pm
+++ b/web/Util.pm
@@ -119,7 +119,7 @@ sub ReadPasswordFromFile {
# check to make sure the time is positive, and that the auth token
# has not expired
my $tdiff = (time - $time);
- &HTMLError("Your authentication token has expired. Please relogin") if (($tdiff < 0) || ($tdiff > $config{authexpires}));
+ &HTMLError("Your authentication token has expired. Please relogin") if (($tdiff < 0) || ($tdiff > $config{authexpires}));
return Decrypt($cipher, $passwd);
}
@@ -190,7 +190,7 @@ sub FetchKey {
$fingerprint = "0x".$fingerprint;
$/ = undef; # just suck it up ....
- open(FP, "$config{gpg} --no-options --no-default-keyring $keyringparam --list-sigs --fingerprint $fingerprint|");
+ open(FP, "$config{gpg} --no-options --no-default-keyring $keyringparam --check-sigs --fingerprint $fingerprint|");
$out = ;
close FP;
open(FP, "$config{gpg} --no-options --no-default-keyring $keyringparam --export -a $fingerprint|");
@@ -225,7 +225,7 @@ sub FormatLastSeen {
$lastseen = (($d1 gt $d2) ? $lastseenpgp : $lastseenfrom);
}
- my ($date,$user,$list,$msgid) = ($lastseen =~ /^\[(.+?)\]\s+"(.+?)"\s+"(?:<(.+?)>.+?|\-)"\s+"<(.+?)>"/);
+ my ($date,$user,$list,$msgid) = ($lastseen =~ /^\[(.+?)\]\s+"(.+?)"\s+"(?:<(.+?)>.*?|\-)"\s+"<(.+?)>"/);
$list = "on $list" if ($list);
return "$date $list
Message ID: $msgid";
}
@@ -278,6 +278,38 @@ sub CheckLatLong {
}
}
+sub FixParams {
+ my $query = shift;
+ my $key;
+ my @names = $query->param;
+
+ foreach $key (@names) { # web security is a joke ...
+ $_ = $query->param($key);
+ s/&/&/g;
+ s/[<\x8B]/</g;
+ s/[>\x9B]/>/g;
+
+ $query->param($key, $_);
+ }
+}
+
+
+sub LDAPUpdate {
+ my $ldap = shift;
+ my $dn = shift;
+ my $attr = shift;
+ my $val = shift;
+ my $mesg;
+
+ if (!$val) {
+ $mesg = $ldap->modify($dn, delete => { $attr => [] });
+ } else {
+ $val = [ $val ] if (!ref($val));
+ $mesg = $ldap->modify($dn, replace => { $attr => $val });
+ $mesg->code && &Util::HTMLError("error updating $attr: ".$mesg->error);
+ }
+}
+
###################
# Config file stuff
sub ReadConfigFile {
@@ -301,20 +333,4 @@ sub ReadConfigFile {
return %config;
}
-sub LDAPUpdate {
- my $ldap = shift;
- my $dn = shift;
- my $attr = shift;
- my $val = shift;
- my $mesg;
-
- if (!$val) {
- $mesg = $ldap->modify($dn, delete => { $attr => [] });
- } else {
- $val = [ $val ] if (!ref($val));
- $mesg = $ldap->modify($dn, replace => { $attr => $val });
- $mesg->code && &Util::HTMLError("error updating $attr: ".$mesg->error);
- }
-}
-
1;