summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--libpiny/lib/Piny/Config.pm7
-rwxr-xr-xpinyweb/cgi-bin/newuser.cgi36
2 files changed, 27 insertions, 16 deletions
diff --git a/libpiny/lib/Piny/Config.pm b/libpiny/lib/Piny/Config.pm
index ef18541..c2e5abc 100644
--- a/libpiny/lib/Piny/Config.pm
+++ b/libpiny/lib/Piny/Config.pm
@@ -45,6 +45,12 @@ subtype 'HttpsUrl'
=> message { 'Not a https:// URL.' }
;
+subtype 'RepoPermission'
+ => as 'Str'
+ => where { $_ eq "666" or $_ eq "664" or $_ eq "660" or $_ eq "640" }
+ => message { 'Must be one of 666, 664, 660, or 640.' }
+ ;
+
# Attributes
has 'confpath' =>
@@ -217,6 +223,7 @@ tweakable "piny_ikiwikisrcdir" => "/srv/ikiwiki/", 'PathDir';
tweakable "piny_ikiwikiurl" => "http://piny.be/", 'HttpUrl';
tweakable "piny_ikiwikisecureurl" => "https://secure.piny.be/", 'HttpsUrl';
tweakable "piny_ikiwikisecurepath" => "/srv/www/secure.piny.be/", 'PathDir';
+tweakable "piny_permission" => '660', 'RepoPermission';
tweakable "receive_denynonfastforwards" => "true", 'GitBool';
# User-specific tweakables, in the users' ~/.gitconfig files.
diff --git a/pinyweb/cgi-bin/newuser.cgi b/pinyweb/cgi-bin/newuser.cgi
index 43c9178..e4b955a 100755
--- a/pinyweb/cgi-bin/newuser.cgi
+++ b/pinyweb/cgi-bin/newuser.cgi
@@ -34,18 +34,22 @@ if( $q->param("n") && $q->param("a") && $q->param("p") ) {
$pass = MIME::Base32::encode( $cipher->encrypt( $pass ) );
};
- if ( $q->param("h") && $q->param("h") eq $code ) {
- unless( open2( OUT, IN, "/usr/bin/sudo", "/usr/sbin/newuser", "--batch", $q->param("a"), $q->param("n") ) ) {
- print "could not execute newrepo";
- die;
- };
- # make things flushier
- select((select(IN), $| = 1)[0]);
- select((select(OUT), $| = 1)[0]);
- print( IN $pass . "\n" );
- close( IN );
- while( <OUT> ) {
- print;
+ if ( $q->param("h") ) {
+ if ( $q->param("h") eq $code ) {
+ unless( open2( OUT, IN, "/usr/bin/sudo", "/usr/sbin/newuser", "--batch", $q->param("a"), $q->param("n") ) ) {
+ print "could not execute newrepo";
+ die;
+ };
+ # make things flushier
+ select((select(IN), $| = 1)[0]);
+ select((select(OUT), $| = 1)[0]);
+ print( IN $pass . "\n" );
+ close( IN );
+ while( <OUT> ) {
+ print;
+ };
+ } else { # Invalid hash
+ print( "I'm sorry, the link you followed is invalid.\n" );
};
} else { # No hash, they need one sent to their address
print( "Dispatching email to " . $q->param("a") . "...\n" );
@@ -61,10 +65,10 @@ if( $q->param("n") && $q->param("a") && $q->param("p") ) {
print( MAIL "s" );
};
print( MAIL "://" . $ENV{"SERVER_NAME"} . $ENV{"SCRIPT_NAME"} . "?" );
- print( MAIL "h=" . $code );
- print( MAIL "&n=" . $q->param("n") );
- print( MAIL "&a=" . $q->param("a") );
- print( MAIL "&p=" . $pass );
+ print( MAIL "h=" . CGI::escape( $code ) );
+ print( MAIL "&n=" . CGI::escape( $q->param("n") ) );
+ print( MAIL "&a=" . CGI::escape( $q->param("a") ) );
+ print( MAIL "&p=" . CGI::escape( $pass ) );
print( MAIL "\n");
close( MAIL );
print( "Done!" );