projects
/
freeside.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
fix dir check
[freeside.git]
/
FS
/
FS
/
svc_acct.pm
diff --git
a/FS/FS/svc_acct.pm
b/FS/FS/svc_acct.pm
index
e46b4e5
..
8e29cb7
100644
(file)
--- a/
FS/FS/svc_acct.pm
+++ b/
FS/FS/svc_acct.pm
@@
-676,7
+676,7
@@
sub check {
my $ulen = $usernamemax || $self->dbdef_table->column('username')->length;
if ( $username_uppercase ) {
my $ulen = $usernamemax || $self->dbdef_table->column('username')->length;
if ( $username_uppercase ) {
- $recref->{username} =~ /^([a-z0-9_\-\.]{$usernamemin,$ulen})$/
+ $recref->{username} =~ /^([a-z0-9_\-\.]{$usernamemin,$ulen})$/
i
or return "Illegal username: ". $recref->{username};
$recref->{username} = $1;
} else {
or return "Illegal username: ". $recref->{username};
$recref->{username} = $1;
} else {
@@
-716,13
+716,14
@@
sub check {
# $error = $self->ut_textn('finger');
# return $error if $error;
$self->getfield('finger') =~
# $error = $self->ut_textn('finger');
# return $error if $error;
$self->getfield('finger') =~
- /^([\w \t\!\@\#\$\%\&\(\)\-\+\;\:\'\"\,\.\?\/\*]*)$/
+ /^([\w \t\!\@\#\$\%\&\(\)\-\+\;\:\'\"\,\.\?\/\*
\<\>
]*)$/
or return "Illegal finger: ". $self->getfield('finger');
$self->setfield('finger', $1);
or return "Illegal finger: ". $self->getfield('finger');
$self->setfield('finger', $1);
- $recref->{dir} =~ /^([\/\w\-]*)$/
+ $recref->{dir} =~ /^([\/\w\-
\.
]*)$/
or return "Illegal directory";
$recref->{dir} = $1;
or return "Illegal directory";
$recref->{dir} = $1;
+ return "Illegal directory" if $recref->{dir} =~ /\.\./; #no ..
unless ( $recref->{dir} ) {
$recref->{dir} = $dir_prefix . '/';
if ( $dirhash > 0 ) {
unless ( $recref->{dir} ) {
$recref->{dir} = $dir_prefix . '/';
if ( $dirhash > 0 ) {
@@
-920,7
+921,7
@@
sub ssh {
=head1 VERSION
=head1 VERSION
-$Id: svc_acct.pm,v 1.
48 2001-09-30 22:19:34
ivan Exp $
+$Id: svc_acct.pm,v 1.
51 2001-10-22 14:48:28
ivan Exp $
=head1 BUGS
=head1 BUGS