my ($d1, $d2, $lastseen);
return "<b>No activity detected</b>" if (!$lastseenpgp && !$lastseenfrom);
+ $lastseen = $lastseenpgp;
$lastseen = $lastseenfrom if (!$lastseenpgp);
if ($lastseenfrom && $lastseenpgp) {
- ($d1) = ($lastseenpgp =~ /^\[(.+?)\]/); $d1 = ParseDate($d1);
+ ($d1) = ($lastseenpgp =~ /^\[(.+?)\]/); $d1 = ParseDate($d1);
($d2) = ($lastseenfrom =~ /^\[(.+?)\]/); $d2 = ParseDate($d2);
$lastseen = (($d1 gt $d2) ? $lastseenpgp : $lastseenfrom);
}
- my ($date,$user,$list,$msgid) = ($lastseen =~ /^\[(.+?)\]\s+"(.+?)"\s+"(?:<(.+?)>.*?|\-)"\s+"<(.+?)>"/);
+ my ($date,$user,$list,$msgid) = ($lastseen =~ /^\[(.+?)\]\s+"(.+?)"\s+"(?:<(.+?)>.*?|\-)"\s+"(<.+?>)"/);
$list = "on $list" if ($list);
+ $date = CGI::escapeHTML($date);
+ $user = CGI::escapeHTML($user);
+ $list = CGI::escapeHTML($list);
+ $msgid = CGI::escapeHTML($msgid);
return "$date $list<br> Message ID: $msgid";
}
+userdir-ldap-cgi (0.3.27) unstable; urgency=low
+
+ * Fix showing echelon information. It needs unescaped input.
+
+ -- Peter Palfrader <weasel@debian.org> Wed, 13 May 2009 00:11:34 +0200
+
userdir-ldap-cgi (0.3.26) unstable; urgency=low
* In machines.cgi: do not skip [[- purposes. "[[-<hostname>]]" gets
# Format the output....
foreach $dn (sort {$entries->{$a}->{sn}->[0] <=> $entries->{$b}->{sn}->[0]} keys(%$entries)) {
my $ok = 0;
+ # These are local variables.. i have enough global vars as it is... <sigh>
+ my ($ufdn, $login, $name, $icquin, $jabberjid, $email, $fingerprint,
+ $address, $latlong, $vacation, $created, $modified, $lastseen, $gender) = undef;
+
+ # Last seen information (Echelon)
+ $lastseen = &Util::FormatLastSeen($entries->{$dn}->{"activity-pgp"}->[0],
+ $entries->{$dn}->{"activity-from"}->[0]);
+
$data = $entries->{$dn};
for my $key (keys %{$data}) {
@{$data->{$key}} = map { CGI::escapeHTML($_); } @{$data->{$key}};
}
-
- # These are local variables.. i have enough global vars as it is... <sigh>
- my ($ufdn, $login, $name, $icquin, $jabberjid, $email, $fingerprint,
- $address, $latlong, $vacation, $created, $modified, $lastseen, $gender) = undef;
$ufdn = $dn; # Net::LDAP does not have a dn2ufn function, but this is close enough :)
$modified = &Util::FormatTimestamp($data->{modifytimestamp}->[0]);
$created = &Util::FormatTimestamp($data->{createtimestamp}->[0]);
- # Last seen information (Echelon)
- $lastseen = &Util::FormatLastSeen($data->{"activity-pgp"}->[0],
- $data->{"activity-from"}->[0]);
-
# Link in the debian login id
$login = $data->{uid}->[0];
$login = "$login";