summaryrefslogtreecommitdiff
path: root/pinyweb
diff options
context:
space:
mode:
Diffstat (limited to 'pinyweb')
-rwxr-xr-xpinyweb/cgi-bin/auth/addaccess.cgi2
-rwxr-xr-xpinyweb/cgi-bin/auth/lsaccess.cgi2
-rwxr-xr-xpinyweb/cgi-bin/auth/lsrepo.cgi2
-rwxr-xr-xpinyweb/cgi-bin/auth/newpass.cgi2
-rwxr-xr-xpinyweb/cgi-bin/auth/newrepo.cgi6
-rwxr-xr-xpinyweb/cgi-bin/auth/pinyconfig.cgi4
-rwxr-xr-xpinyweb/cgi-bin/auth/rebuildrepo.cgi2
-rwxr-xr-xpinyweb/cgi-bin/auth/rmaccess.cgi2
-rwxr-xr-xpinyweb/cgi-bin/auth/rmrepo.cgi2
-rwxr-xr-xpinyweb/cgi-bin/checkconstraint.cgi4
-rwxr-xr-xpinyweb/cgi-bin/newuser.cgi30
11 files changed, 29 insertions, 29 deletions
diff --git a/pinyweb/cgi-bin/auth/addaccess.cgi b/pinyweb/cgi-bin/auth/addaccess.cgi
index f86c19e..02b9cb1 100755
--- a/pinyweb/cgi-bin/auth/addaccess.cgi
+++ b/pinyweb/cgi-bin/auth/addaccess.cgi
@@ -14,7 +14,7 @@ $q = CGI->new;
print( "Content-type: text/plain\n\n");
if( defined( $q->param('r') ) && defined( $q->param('n') ) ) {
- unless( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'addaccess', $q->param('r'), $q->param('n') ) == 0 ) {
+ unless( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'addaccess', scalar( $q->param('r') ), scalar( $q->param('n') ) ) == 0 ) {
die( 'Addaccess was unsuccessful.' );
};
} else {
diff --git a/pinyweb/cgi-bin/auth/lsaccess.cgi b/pinyweb/cgi-bin/auth/lsaccess.cgi
index 354ba32..000d794 100755
--- a/pinyweb/cgi-bin/auth/lsaccess.cgi
+++ b/pinyweb/cgi-bin/auth/lsaccess.cgi
@@ -14,7 +14,7 @@ $q = CGI->new;
print( "Content-type: text/plain\n\n");
if( defined( $q->param('r') ) ) {
- unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'lsaccess', $q->param('r') ) == 0 ) {
+ unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'lsaccess', scalar( $q->param('r') ) ) == 0 ) {
die( 'lsaccess was unsuccessful.' );
};
} else {
diff --git a/pinyweb/cgi-bin/auth/lsrepo.cgi b/pinyweb/cgi-bin/auth/lsrepo.cgi
index 599eb80..3513b5f 100755
--- a/pinyweb/cgi-bin/auth/lsrepo.cgi
+++ b/pinyweb/cgi-bin/auth/lsrepo.cgi
@@ -9,7 +9,7 @@ use CGI;
use IPC::Open2;
-$q = CGI->new;
+#$q = CGI->new;
print( "Content-type: text/plain\n\n");
diff --git a/pinyweb/cgi-bin/auth/newpass.cgi b/pinyweb/cgi-bin/auth/newpass.cgi
index 1031820..b367558 100755
--- a/pinyweb/cgi-bin/auth/newpass.cgi
+++ b/pinyweb/cgi-bin/auth/newpass.cgi
@@ -30,7 +30,7 @@ foreach my $n ( 1 .. 16 ) {
$salt .= "\$";
-my $crypt = crypt( $q->param('p'), $salt );
+my $crypt = crypt( scalar( $q->param('p') ), $salt );
unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'newpasshash', $crypt ) == 0 ) {
die( 'newpass was unsuccessful.' );
diff --git a/pinyweb/cgi-bin/auth/newrepo.cgi b/pinyweb/cgi-bin/auth/newrepo.cgi
index 94b25e9..46c5993 100755
--- a/pinyweb/cgi-bin/auth/newrepo.cgi
+++ b/pinyweb/cgi-bin/auth/newrepo.cgi
@@ -18,14 +18,14 @@ print( "Content-type: text/plain\n\n");
if( defined( $q->param('r') ) && defined( $q->param('d') ) ) { # repository, description
@cmd = ( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'newrepo', '--batch', '--enable-ikiwiki', $q->param('r') );
- if( defined( $q->param('i') ) && $q->param('i') eq "0" ) {
+ if( defined( scalar( $q->param('i') ) ) && scalar( $q->param('i') ) eq "0" ) {
push( @cmd, '--disable-ikiwiki' );
- } elsif( defined( $q->param('i') ) && $q->param('i') eq "1" ) {
+ } elsif( defined( scalar( $q->param('i') ) ) && scalar( $q->param('i') ) eq "1" ) {
push( @cmd, '--enable-ikiwiki' );
};
if( defined( $q->param('s') ) ) { # source
- push( @cmd, $q->param('s') );
+ push( @cmd, scalar( $q->param('s') ) );
};
unless( open2( OUT, IN, @cmd ) ) {
diff --git a/pinyweb/cgi-bin/auth/pinyconfig.cgi b/pinyweb/cgi-bin/auth/pinyconfig.cgi
index 4fd8e89..f660032 100755
--- a/pinyweb/cgi-bin/auth/pinyconfig.cgi
+++ b/pinyweb/cgi-bin/auth/pinyconfig.cgi
@@ -14,11 +14,11 @@ $q = CGI->new;
print( "Content-type: text/plain\n\n");
if( defined( $q->param('r') ) && defined( $q->param('n') ) && defined( $q->param('v') ) ) {
- unless( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'pinyconfig', $q->param('r'), $q->param('n'), $q->param('v') ) == 0 ) {
+ unless( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'pinyconfig', scalar( $q->param('r') ), scalar( $q->param('n') ), scalar( $q->param('v') ) ) == 0 ) {
die( 'pinyconfig was unsuccessful.' );
};
} elsif( defined( $q->param('r') ) ) {
- unless( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'pinyconfig', $q->param('r') ) == 0 ) {
+ unless( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'pinyconfig', scalar( $q->param('r') ) ) == 0 ) {
die( 'pinyconfig was unsuccessful.' );
};
} else {
diff --git a/pinyweb/cgi-bin/auth/rebuildrepo.cgi b/pinyweb/cgi-bin/auth/rebuildrepo.cgi
index 912e004..1452573 100755
--- a/pinyweb/cgi-bin/auth/rebuildrepo.cgi
+++ b/pinyweb/cgi-bin/auth/rebuildrepo.cgi
@@ -14,7 +14,7 @@ $q = CGI->new;
print( "Content-type: text/plain\n\n");
if( defined( $q->param('r') ) ) {
- unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'rebuildrepo', $q->param('r') ) == 0 ) {
+ unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'rebuildrepo', scalar( $q->param('r') ) ) == 0 ) {
die( 'rebuildrepo was unsuccessful.' );
};
} else {
diff --git a/pinyweb/cgi-bin/auth/rmaccess.cgi b/pinyweb/cgi-bin/auth/rmaccess.cgi
index 35736ab..24147ba 100755
--- a/pinyweb/cgi-bin/auth/rmaccess.cgi
+++ b/pinyweb/cgi-bin/auth/rmaccess.cgi
@@ -14,7 +14,7 @@ $q = CGI->new;
print( "Content-type: text/plain\n\n");
if( defined( $q->param('r') ) && defined( $q->param('n') ) ) {
- unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'rmaccess', $q->param('r'), $q->param('n') ) == 0 ) {
+ unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'rmaccess', scalar( $q->param('r') ), scalar( $q->param('n') ) ) == 0 ) {
die( 'rmaccess was unsuccessful.' );
};
} else {
diff --git a/pinyweb/cgi-bin/auth/rmrepo.cgi b/pinyweb/cgi-bin/auth/rmrepo.cgi
index f57170a..54f1a09 100755
--- a/pinyweb/cgi-bin/auth/rmrepo.cgi
+++ b/pinyweb/cgi-bin/auth/rmrepo.cgi
@@ -14,7 +14,7 @@ $q = CGI->new;
print( "Content-type: text/plain\n\n");
if( defined( $q->param('r') ) ) {
- unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'rmrepo', $q->param('r') ) == 0 ) {
+ unless ( system( '/usr/sbin/piny-suid', $ENV{'REMOTE_USER'}, 'rmrepo', scalar( $q->param('r') ) ) == 0 ) {
die( 'rmrepo was unsuccessful.' );
};
} else {
diff --git a/pinyweb/cgi-bin/checkconstraint.cgi b/pinyweb/cgi-bin/checkconstraint.cgi
index e0a59c3..8a36569 100755
--- a/pinyweb/cgi-bin/checkconstraint.cgi
+++ b/pinyweb/cgi-bin/checkconstraint.cgi
@@ -15,8 +15,8 @@ if ( $q->request_method( ) eq "OPTIONS" ) {
print "Status: 200 OK\nAccess-Control-Allow-Headers: *\nAccess-Control-Allow-Methods: GET, OPTIONS, POST\nAccess-Control-Allow-Origin: *\nAccess-Control-Max-Age: 3600\nContent-Type: text/plain\n\n";
} else {
- my $type = $q->param( 't' );
- my $value = $q->param( 'v' );
+ my $type = scalar( $q->param('t') );
+ my $value = scalar( $q->param('v') );
if ( not defined $type or not defined $value ) {
print "Status: 200 OK\nContent-type: application/json\n\n";
diff --git a/pinyweb/cgi-bin/newuser.cgi b/pinyweb/cgi-bin/newuser.cgi
index 907b259..9675a5e 100755
--- a/pinyweb/cgi-bin/newuser.cgi
+++ b/pinyweb/cgi-bin/newuser.cgi
@@ -22,22 +22,22 @@ $q = CGI->new;
print( "Content-type: text/plain\n\n" );
-if( $q->param("n") && $q->param("a") && $q->param("p") ) {
+if( scalar( $q->param("n") ) && scalar( $q->param("a") ) && scalar( $q->param("p") ) ) {
- my $pass = $q->param("p");
+ my $pass = scalar( $q->param("p") );
my $code;
- if ( $q->param("h") ) {
+ if ( scalar( $q->param("h") ) ) {
$pass = $cipher->decrypt( MIME::Base32::decode( $pass ) );
- $code = $auth->hash( { "n" => $q->param( "n" ), "a" => $q->param( "a" ), "p" => $pass } );
+ $code = $auth->hash( { "n" => scalar( $q->param( "n" ) ), "a" => scalar( $q->param( "a" ) ), "p" => $pass } );
} else {
- $code = $auth->hash( { "n" => $q->param( "n" ), "a" => $q->param( "a" ), "p" => $pass } );
+ $code = $auth->hash( { "n" => scalar( $q->param( "n" ) ), "a" => scalar( $q->param( "a" ) ), "p" => $pass } );
$pass = MIME::Base32::encode( $cipher->encrypt( $pass ) );
};
- if ( $q->param("h") ) {
- if ( $q->param("h") eq $code ) {
- unless( open2( OUT, IN, "/usr/bin/sudo", "/usr/sbin/newuser", "--batch", $q->param("a"), $q->param("n") ) ) {
+ if ( scalar( $q->param("h") ) ) {
+ if ( scalar( $q->param("h") ) eq $code ) {
+ unless( open2( OUT, IN, "/usr/bin/sudo", "/usr/sbin/newuser", "--batch", scalar( $q->param("a") ), scalar( $q->param("n") ) ) ) {
print "could not execute newrepo";
die;
};
@@ -55,13 +55,13 @@ if( $q->param("n") && $q->param("a") && $q->param("p") ) {
} else { # No hash, they need one sent to their address
# CAPTCHA check
if ( -f "/etc/recaptcha/private.key" ) {
- if ( $q->param('recaptcha_response_field') && $q->param('recaptcha_challenge_field') ) {
+ if ( scalar( $q->param('recaptcha_response_field') ) && scalar( $q->param('recaptcha_challenge_field') ) ) {
open(RECAPTCHA, '/etc/recaptcha/private.key') || ( print "Can't read recaptcha key: [$!]\n" && exit 0 );
my $recaptchakey = <RECAPTCHA>;
close (RECAPTCHA);
chomp($recaptchakey);
my $c = Captcha::reCAPTCHA->new;
- my $result = $c->check_answer( $recaptchakey, $ENV{'REMOTE_ADDR'}, $q->param( 'recaptcha_challenge_field' ), $q->param( 'recaptcha_response_field' ) );
+ my $result = $c->check_answer( $recaptchakey, $ENV{'REMOTE_ADDR'}, scalar( $q->param( 'recaptcha_challenge_field' ) ), scalar( $q->param( 'recaptcha_response_field' ) ) );
if ( $result->{is_valid} ) {
print "Good recaptcha submission.\n"
} else {
@@ -73,13 +73,13 @@ if( $q->param("n") && $q->param("a") && $q->param("p") ) {
exit 0;
};
};
- print( "Dispatching email to " . $q->param("a") . "...\n" );
+ print( "Dispatching email to " . scalar( $q->param("a") ) . "...\n" );
unless( open( MAIL, "|/usr/lib/sendmail -t" ) ) {
print "could not execute sendmail";
die;
};
- print( MAIL "To: " . $q->param("a") . "\n" );
- print( MAIL "Subject: Verifying account " . $q->param("n") . "\n" );
+ print( MAIL "To: " . scalar( $q->param("a") ) . "\n" );
+ print( MAIL "Subject: Verifying account " . scalar( $q->param("n") ) . "\n" );
print( MAIL "Content-Type: text/plain; charset=us-ascii\n\n" );
print( MAIL "http" );
if( $ENV{"HTTPS"} eq "on" ) {
@@ -87,8 +87,8 @@ if( $q->param("n") && $q->param("a") && $q->param("p") ) {
};
print( MAIL "://" . $ENV{"SERVER_NAME"} . $ENV{"SCRIPT_NAME"} . "?" );
print( MAIL "h=" . CGI::escape( $code ) );
- print( MAIL "&n=" . CGI::escape( $q->param("n") ) );
- print( MAIL "&a=" . CGI::escape( $q->param("a") ) );
+ print( MAIL "&n=" . CGI::escape( scalar( $q->param("n") ) ) );
+ print( MAIL "&a=" . CGI::escape( scalar( $q->param("a") ) ) );
print( MAIL "&p=" . CGI::escape( $pass ) );
print( MAIL "\n");
close( MAIL );