diff options
| author | Joe Rayhawk <jrayhawk@cobain.omgwallhack.org> | 2018-09-24 23:09:57 -0700 |
|---|---|---|
| committer | Joe Rayhawk <jrayhawk@cobain.omgwallhack.org> | 2018-09-24 23:09:57 -0700 |
| commit | 9f5b32d7833cce9171bc0035657693c7d73afc84 (patch) | |
| tree | 4424701509951cb1f78d6d078f2d60d020a33148 /pinyweb/cgi-bin/newuser.cgi | |
| parent | 8e3dd1d39eced80d229ef411b193417d10067074 (diff) | |
| download | piny-code-9f5b32d7833cce9171bc0035657693c7d73afc84.tar.gz piny-code-9f5b32d7833cce9171bc0035657693c7d73afc84.zip | |
pinyweb: scalarizing CGI params because perl
Because not everyone wants to Perl Jam.
Diffstat (limited to 'pinyweb/cgi-bin/newuser.cgi')
| -rwxr-xr-x | pinyweb/cgi-bin/newuser.cgi | 30 |
1 files changed, 15 insertions, 15 deletions
diff --git a/pinyweb/cgi-bin/newuser.cgi b/pinyweb/cgi-bin/newuser.cgi index 907b259..9675a5e 100755 --- a/pinyweb/cgi-bin/newuser.cgi +++ b/pinyweb/cgi-bin/newuser.cgi @@ -22,22 +22,22 @@ $q = CGI->new; print( "Content-type: text/plain\n\n" ); -if( $q->param("n") && $q->param("a") && $q->param("p") ) { +if( scalar( $q->param("n") ) && scalar( $q->param("a") ) && scalar( $q->param("p") ) ) { - my $pass = $q->param("p"); + my $pass = scalar( $q->param("p") ); my $code; - if ( $q->param("h") ) { + if ( scalar( $q->param("h") ) ) { $pass = $cipher->decrypt( MIME::Base32::decode( $pass ) ); - $code = $auth->hash( { "n" => $q->param( "n" ), "a" => $q->param( "a" ), "p" => $pass } ); + $code = $auth->hash( { "n" => scalar( $q->param( "n" ) ), "a" => scalar( $q->param( "a" ) ), "p" => $pass } ); } else { - $code = $auth->hash( { "n" => $q->param( "n" ), "a" => $q->param( "a" ), "p" => $pass } ); + $code = $auth->hash( { "n" => scalar( $q->param( "n" ) ), "a" => scalar( $q->param( "a" ) ), "p" => $pass } ); $pass = MIME::Base32::encode( $cipher->encrypt( $pass ) ); }; - if ( $q->param("h") ) { - if ( $q->param("h") eq $code ) { - unless( open2( OUT, IN, "/usr/bin/sudo", "/usr/sbin/newuser", "--batch", $q->param("a"), $q->param("n") ) ) { + if ( scalar( $q->param("h") ) ) { + if ( scalar( $q->param("h") ) eq $code ) { + unless( open2( OUT, IN, "/usr/bin/sudo", "/usr/sbin/newuser", "--batch", scalar( $q->param("a") ), scalar( $q->param("n") ) ) ) { print "could not execute newrepo"; die; }; @@ -55,13 +55,13 @@ if( $q->param("n") && $q->param("a") && $q->param("p") ) { } else { # No hash, they need one sent to their address # CAPTCHA check if ( -f "/etc/recaptcha/private.key" ) { - if ( $q->param('recaptcha_response_field') && $q->param('recaptcha_challenge_field') ) { + if ( scalar( $q->param('recaptcha_response_field') ) && scalar( $q->param('recaptcha_challenge_field') ) ) { open(RECAPTCHA, '/etc/recaptcha/private.key') || ( print "Can't read recaptcha key: [$!]\n" && exit 0 ); my $recaptchakey = <RECAPTCHA>; close (RECAPTCHA); chomp($recaptchakey); my $c = Captcha::reCAPTCHA->new; - my $result = $c->check_answer( $recaptchakey, $ENV{'REMOTE_ADDR'}, $q->param( 'recaptcha_challenge_field' ), $q->param( 'recaptcha_response_field' ) ); + my $result = $c->check_answer( $recaptchakey, $ENV{'REMOTE_ADDR'}, scalar( $q->param( 'recaptcha_challenge_field' ) ), scalar( $q->param( 'recaptcha_response_field' ) ) ); if ( $result->{is_valid} ) { print "Good recaptcha submission.\n" } else { @@ -73,13 +73,13 @@ if( $q->param("n") && $q->param("a") && $q->param("p") ) { exit 0; }; }; - print( "Dispatching email to " . $q->param("a") . "...\n" ); + print( "Dispatching email to " . scalar( $q->param("a") ) . "...\n" ); unless( open( MAIL, "|/usr/lib/sendmail -t" ) ) { print "could not execute sendmail"; die; }; - print( MAIL "To: " . $q->param("a") . "\n" ); - print( MAIL "Subject: Verifying account " . $q->param("n") . "\n" ); + print( MAIL "To: " . scalar( $q->param("a") ) . "\n" ); + print( MAIL "Subject: Verifying account " . scalar( $q->param("n") ) . "\n" ); print( MAIL "Content-Type: text/plain; charset=us-ascii\n\n" ); print( MAIL "http" ); if( $ENV{"HTTPS"} eq "on" ) { @@ -87,8 +87,8 @@ if( $q->param("n") && $q->param("a") && $q->param("p") ) { }; print( MAIL "://" . $ENV{"SERVER_NAME"} . $ENV{"SCRIPT_NAME"} . "?" ); print( MAIL "h=" . CGI::escape( $code ) ); - print( MAIL "&n=" . CGI::escape( $q->param("n") ) ); - print( MAIL "&a=" . CGI::escape( $q->param("a") ) ); + print( MAIL "&n=" . CGI::escape( scalar( $q->param("n") ) ) ); + print( MAIL "&a=" . CGI::escape( scalar( $q->param("a") ) ) ); print( MAIL "&p=" . CGI::escape( $pass ) ); print( MAIL "\n"); close( MAIL ); |