diff options
Diffstat (limited to 'pinyweb/cgi-bin')
| -rwxr-xr-x | pinyweb/cgi-bin/auth/addaccess.cgi | 2 | ||||
| -rwxr-xr-x | pinyweb/cgi-bin/auth/lsaccess.cgi | 2 | ||||
| -rwxr-xr-x | pinyweb/cgi-bin/auth/lsrepo.cgi | 2 | ||||
| -rwxr-xr-x | pinyweb/cgi-bin/auth/newpass.cgi | 2 | ||||
| -rwxr-xr-x | pinyweb/cgi-bin/auth/newrepo.cgi | 6 | ||||
| -rwxr-xr-x | pinyweb/cgi-bin/auth/pinyconfig.cgi | 4 | ||||
| -rwxr-xr-x | pinyweb/cgi-bin/auth/rebuildrepo.cgi | 2 | ||||
| -rwxr-xr-x | pinyweb/cgi-bin/auth/rmaccess.cgi | 2 | ||||
| -rwxr-xr-x | pinyweb/cgi-bin/auth/rmrepo.cgi | 2 | ||||
| -rwxr-xr-x | pinyweb/cgi-bin/checkconstraint.cgi | 4 | ||||
| -rwxr-xr-x | pinyweb/cgi-bin/newuser.cgi | 30 |
11 files changed, 29 insertions, 29 deletions
diff --git a/pinyweb/cgi-bin/auth/addaccess.cgi b/pinyweb/cgi-bin/auth/addaccess.cgi index f86c19e..02b9cb1 100755 --- a/pinyweb/cgi-bin/auth/addaccess.cgi +++ b/pinyweb/cgi-bin/auth/addaccess.cgi @@ -14,7 +14,7 @@ $q = CGI->new; print( "Content-type: text/plain\n\n"); if( defined( $q->param('r') ) && defined( $q->param('n') ) ) { - unless( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'addaccess', $q->param('r'), $q->param('n') ) == 0 ) { + unless( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'addaccess', scalar( $q->param('r') ), scalar( $q->param('n') ) ) == 0 ) { die( 'Addaccess was unsuccessful.' ); }; } else { diff --git a/pinyweb/cgi-bin/auth/lsaccess.cgi b/pinyweb/cgi-bin/auth/lsaccess.cgi index 354ba32..000d794 100755 --- a/pinyweb/cgi-bin/auth/lsaccess.cgi +++ b/pinyweb/cgi-bin/auth/lsaccess.cgi @@ -14,7 +14,7 @@ $q = CGI->new; print( "Content-type: text/plain\n\n"); if( defined( $q->param('r') ) ) { - unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'lsaccess', $q->param('r') ) == 0 ) { + unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'lsaccess', scalar( $q->param('r') ) ) == 0 ) { die( 'lsaccess was unsuccessful.' ); }; } else { diff --git a/pinyweb/cgi-bin/auth/lsrepo.cgi b/pinyweb/cgi-bin/auth/lsrepo.cgi index 599eb80..3513b5f 100755 --- a/pinyweb/cgi-bin/auth/lsrepo.cgi +++ b/pinyweb/cgi-bin/auth/lsrepo.cgi @@ -9,7 +9,7 @@ use CGI; use IPC::Open2; -$q = CGI->new; +#$q = CGI->new; print( "Content-type: text/plain\n\n"); diff --git a/pinyweb/cgi-bin/auth/newpass.cgi b/pinyweb/cgi-bin/auth/newpass.cgi index 1031820..b367558 100755 --- a/pinyweb/cgi-bin/auth/newpass.cgi +++ b/pinyweb/cgi-bin/auth/newpass.cgi @@ -30,7 +30,7 @@ foreach my $n ( 1 .. 16 ) { $salt .= "\$"; -my $crypt = crypt( $q->param('p'), $salt ); +my $crypt = crypt( scalar( $q->param('p') ), $salt ); unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'newpasshash', $crypt ) == 0 ) { die( 'newpass was unsuccessful.' ); diff --git a/pinyweb/cgi-bin/auth/newrepo.cgi b/pinyweb/cgi-bin/auth/newrepo.cgi index 94b25e9..46c5993 100755 --- a/pinyweb/cgi-bin/auth/newrepo.cgi +++ b/pinyweb/cgi-bin/auth/newrepo.cgi @@ -18,14 +18,14 @@ print( "Content-type: text/plain\n\n"); if( defined( $q->param('r') ) && defined( $q->param('d') ) ) { # repository, description @cmd = ( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'newrepo', '--batch', '--enable-ikiwiki', $q->param('r') ); - if( defined( $q->param('i') ) && $q->param('i') eq "0" ) { + if( defined( scalar( $q->param('i') ) ) && scalar( $q->param('i') ) eq "0" ) { push( @cmd, '--disable-ikiwiki' ); - } elsif( defined( $q->param('i') ) && $q->param('i') eq "1" ) { + } elsif( defined( scalar( $q->param('i') ) ) && scalar( $q->param('i') ) eq "1" ) { push( @cmd, '--enable-ikiwiki' ); }; if( defined( $q->param('s') ) ) { # source - push( @cmd, $q->param('s') ); + push( @cmd, scalar( $q->param('s') ) ); }; unless( open2( OUT, IN, @cmd ) ) { diff --git a/pinyweb/cgi-bin/auth/pinyconfig.cgi b/pinyweb/cgi-bin/auth/pinyconfig.cgi index 4fd8e89..f660032 100755 --- a/pinyweb/cgi-bin/auth/pinyconfig.cgi +++ b/pinyweb/cgi-bin/auth/pinyconfig.cgi @@ -14,11 +14,11 @@ $q = CGI->new; print( "Content-type: text/plain\n\n"); if( defined( $q->param('r') ) && defined( $q->param('n') ) && defined( $q->param('v') ) ) { - unless( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'pinyconfig', $q->param('r'), $q->param('n'), $q->param('v') ) == 0 ) { + unless( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'pinyconfig', scalar( $q->param('r') ), scalar( $q->param('n') ), scalar( $q->param('v') ) ) == 0 ) { die( 'pinyconfig was unsuccessful.' ); }; } elsif( defined( $q->param('r') ) ) { - unless( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'pinyconfig', $q->param('r') ) == 0 ) { + unless( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'pinyconfig', scalar( $q->param('r') ) ) == 0 ) { die( 'pinyconfig was unsuccessful.' ); }; } else { diff --git a/pinyweb/cgi-bin/auth/rebuildrepo.cgi b/pinyweb/cgi-bin/auth/rebuildrepo.cgi index 912e004..1452573 100755 --- a/pinyweb/cgi-bin/auth/rebuildrepo.cgi +++ b/pinyweb/cgi-bin/auth/rebuildrepo.cgi @@ -14,7 +14,7 @@ $q = CGI->new; print( "Content-type: text/plain\n\n"); if( defined( $q->param('r') ) ) { - unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'rebuildrepo', $q->param('r') ) == 0 ) { + unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'rebuildrepo', scalar( $q->param('r') ) ) == 0 ) { die( 'rebuildrepo was unsuccessful.' ); }; } else { diff --git a/pinyweb/cgi-bin/auth/rmaccess.cgi b/pinyweb/cgi-bin/auth/rmaccess.cgi index 35736ab..24147ba 100755 --- a/pinyweb/cgi-bin/auth/rmaccess.cgi +++ b/pinyweb/cgi-bin/auth/rmaccess.cgi @@ -14,7 +14,7 @@ $q = CGI->new; print( "Content-type: text/plain\n\n"); if( defined( $q->param('r') ) && defined( $q->param('n') ) ) { - unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'rmaccess', $q->param('r'), $q->param('n') ) == 0 ) { + unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'rmaccess', scalar( $q->param('r') ), scalar( $q->param('n') ) ) == 0 ) { die( 'rmaccess was unsuccessful.' ); }; } else { diff --git a/pinyweb/cgi-bin/auth/rmrepo.cgi b/pinyweb/cgi-bin/auth/rmrepo.cgi index f57170a..54f1a09 100755 --- a/pinyweb/cgi-bin/auth/rmrepo.cgi +++ b/pinyweb/cgi-bin/auth/rmrepo.cgi @@ -14,7 +14,7 @@ $q = CGI->new; print( "Content-type: text/plain\n\n"); if( defined( $q->param('r') ) ) { - unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'rmrepo', $q->param('r') ) == 0 ) { + unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'rmrepo', scalar( $q->param('r') ) ) == 0 ) { die( 'rmrepo was unsuccessful.' ); }; } else { diff --git a/pinyweb/cgi-bin/checkconstraint.cgi b/pinyweb/cgi-bin/checkconstraint.cgi index e0a59c3..8a36569 100755 --- a/pinyweb/cgi-bin/checkconstraint.cgi +++ b/pinyweb/cgi-bin/checkconstraint.cgi @@ -15,8 +15,8 @@ if ( $q->request_method( ) eq "OPTIONS" ) { print "Status: 200 OK\nAccess-Control-Allow-Headers: *\nAccess-Control-Allow-Methods: GET, OPTIONS, POST\nAccess-Control-Allow-Origin: *\nAccess-Control-Max-Age: 3600\nContent-Type: text/plain\n\n"; } else { - my $type = $q->param( 't' ); - my $value = $q->param( 'v' ); + my $type = scalar( $q->param('t') ); + my $value = scalar( $q->param('v') ); if ( not defined $type or not defined $value ) { print "Status: 200 OK\nContent-type: application/json\n\n"; diff --git a/pinyweb/cgi-bin/newuser.cgi b/pinyweb/cgi-bin/newuser.cgi index 907b259..9675a5e 100755 --- a/pinyweb/cgi-bin/newuser.cgi +++ b/pinyweb/cgi-bin/newuser.cgi @@ -22,22 +22,22 @@ $q = CGI->new; print( "Content-type: text/plain\n\n" ); -if( $q->param("n") && $q->param("a") && $q->param("p") ) { +if( scalar( $q->param("n") ) && scalar( $q->param("a") ) && scalar( $q->param("p") ) ) { - my $pass = $q->param("p"); + my $pass = scalar( $q->param("p") ); my $code; - if ( $q->param("h") ) { + if ( scalar( $q->param("h") ) ) { $pass = $cipher->decrypt( MIME::Base32::decode( $pass ) ); - $code = $auth->hash( { "n" => $q->param( "n" ), "a" => $q->param( "a" ), "p" => $pass } ); + $code = $auth->hash( { "n" => scalar( $q->param( "n" ) ), "a" => scalar( $q->param( "a" ) ), "p" => $pass } ); } else { - $code = $auth->hash( { "n" => $q->param( "n" ), "a" => $q->param( "a" ), "p" => $pass } ); + $code = $auth->hash( { "n" => scalar( $q->param( "n" ) ), "a" => scalar( $q->param( "a" ) ), "p" => $pass } ); $pass = MIME::Base32::encode( $cipher->encrypt( $pass ) ); }; - if ( $q->param("h") ) { - if ( $q->param("h") eq $code ) { - unless( open2( OUT, IN, "/usr/bin/sudo", "/usr/sbin/newuser", "--batch", $q->param("a"), $q->param("n") ) ) { + if ( scalar( $q->param("h") ) ) { + if ( scalar( $q->param("h") ) eq $code ) { + unless( open2( OUT, IN, "/usr/bin/sudo", "/usr/sbin/newuser", "--batch", scalar( $q->param("a") ), scalar( $q->param("n") ) ) ) { print "could not execute newrepo"; die; }; @@ -55,13 +55,13 @@ if( $q->param("n") && $q->param("a") && $q->param("p") ) { } else { # No hash, they need one sent to their address # CAPTCHA check if ( -f "/etc/recaptcha/private.key" ) { - if ( $q->param('recaptcha_response_field') && $q->param('recaptcha_challenge_field') ) { + if ( scalar( $q->param('recaptcha_response_field') ) && scalar( $q->param('recaptcha_challenge_field') ) ) { open(RECAPTCHA, '/etc/recaptcha/private.key') || ( print "Can't read recaptcha key: [$!]\n" && exit 0 ); my $recaptchakey = <RECAPTCHA>; close (RECAPTCHA); chomp($recaptchakey); my $c = Captcha::reCAPTCHA->new; - my $result = $c->check_answer( $recaptchakey, $ENV{'REMOTE_ADDR'}, $q->param( 'recaptcha_challenge_field' ), $q->param( 'recaptcha_response_field' ) ); + my $result = $c->check_answer( $recaptchakey, $ENV{'REMOTE_ADDR'}, scalar( $q->param( 'recaptcha_challenge_field' ) ), scalar( $q->param( 'recaptcha_response_field' ) ) ); if ( $result->{is_valid} ) { print "Good recaptcha submission.\n" } else { @@ -73,13 +73,13 @@ if( $q->param("n") && $q->param("a") && $q->param("p") ) { exit 0; }; }; - print( "Dispatching email to " . $q->param("a") . "...\n" ); + print( "Dispatching email to " . scalar( $q->param("a") ) . "...\n" ); unless( open( MAIL, "|/usr/lib/sendmail -t" ) ) { print "could not execute sendmail"; die; }; - print( MAIL "To: " . $q->param("a") . "\n" ); - print( MAIL "Subject: Verifying account " . $q->param("n") . "\n" ); + print( MAIL "To: " . scalar( $q->param("a") ) . "\n" ); + print( MAIL "Subject: Verifying account " . scalar( $q->param("n") ) . "\n" ); print( MAIL "Content-Type: text/plain; charset=us-ascii\n\n" ); print( MAIL "http" ); if( $ENV{"HTTPS"} eq "on" ) { @@ -87,8 +87,8 @@ if( $q->param("n") && $q->param("a") && $q->param("p") ) { }; print( MAIL "://" . $ENV{"SERVER_NAME"} . $ENV{"SCRIPT_NAME"} . "?" ); print( MAIL "h=" . CGI::escape( $code ) ); - print( MAIL "&n=" . CGI::escape( $q->param("n") ) ); - print( MAIL "&a=" . CGI::escape( $q->param("a") ) ); + print( MAIL "&n=" . CGI::escape( scalar( $q->param("n") ) ) ); + print( MAIL "&a=" . CGI::escape( scalar( $q->param("a") ) ) ); print( MAIL "&p=" . CGI::escape( $pass ) ); print( MAIL "\n"); close( MAIL ); |