X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=FS%2FFS%2FUID.pm;h=d34d28e06d65f530f843cb5484004148e169f96b;hb=9554f2be960fdb511a4c9d8b519261614319f0aa;hp=890e2988a1618bc11d23243fd47a30014a065a99;hpb=bcb172a6ea2b9f3e645eed81896f960151267bf5;p=freeside.git

diff --git a/FS/FS/UID.pm b/FS/FS/UID.pm
index 890e2988a..d34d28e06 100644
--- a/FS/FS/UID.pm
+++ b/FS/FS/UID.pm
@@ -73,6 +73,9 @@ sub forksuidsetup {
   $user = shift;
   croak "fatal: adminsuidsetup called without arguements" unless $user;
 
+  $user =~ /^([\w\-\.]+)$/ or croak "fatal: illegal user $user";
+  $user = $1;
+
   $ENV{'PATH'} ='/usr/local/bin:/usr/bin:/usr/ucb:/bin';
   $ENV{'SHELL'} = '/bin/sh';
   $ENV{'IFS'} = " \t\n";
@@ -188,7 +191,7 @@ sub cgisetotaker {
     $user = lc ( $cgi->connection->user );
   } else {
     die "fatal: Can't get REMOTE_USER! for cgi $cgi - you need to setup ".
-        "Apache user authentication as documented in httemplate/docs/config.html";
+        "Apache user authentication as documented in httemplate/docs/install.html";
   }
   $user;
 }
@@ -227,7 +230,7 @@ sub getsecrets {
   die "No user!" unless $user;
   my($conf) = new FS::Conf $conf_dir;
   my($line) = grep /^\s*$user\s/, $conf->config('mapsecrets');
-  die "User not found in mapsecrets!" unless $line;
+  die "User $user not found in mapsecrets!" unless $line;
   $line =~ /^\s*$user\s+(.*)$/;
   $secrets = $1;
   die "Illegal mapsecrets line for user?!" unless $secrets;
@@ -252,7 +255,7 @@ coderef into the hash %FS::UID::callback :
 
 =head1 VERSION
 
-$Id: UID.pm,v 1.11 2001-11-06 17:58:08 ivan Exp $
+$Id: UID.pm,v 1.14 2002-02-23 07:00:21 ivan Exp $
 
 =head1 BUGS