From 693bf9f492b48a032b036ebb0fed7777b13c1eb3 Mon Sep 17 00:00:00 2001
From: "Kyle J. McKay" Invalid data. Go away, sorcerer.
Invalid data. Go away, sorcerer.
\n"; exit; } diff --git a/cgi/deluser.cgi b/cgi/deluser.cgi index 99d63e5..2fff089 100755 --- a/cgi/deluser.cgi +++ b/cgi/deluser.cgi @@ -42,7 +42,8 @@ sub _auth_form { EOT } -if ($cgi->param('name') && $cgi->param('y0') && $cgi->request_method eq 'POST') { +my $y0 = $cgi->param('y0') || ''; +if ($cgi->param('name') && $y0 && $cgi->request_method eq 'POST') { # submitted, let's see # FIXME: racy, do a lock my $name = $gcgi->wparam('name'); @@ -59,7 +60,7 @@ if ($cgi->param('name') && $cgi->param('y0') && $cgi->request_method eq 'POST') $gcgi->err_check and exit; if (!$cgi->param('auth')) { - if ($cgi->param('y0') ne 'Send authorization code') { + if ($y0 ne 'Send authorization code') { print "Invalid data. Go away, sorcerer.
\n"; exit; } @@ -90,7 +91,7 @@ EOT _auth_form($name, "'Login'"); exit; } else { - if ($cgi->param('y0') ne "'Login'" && $cgi->param('y0') ne "Remove user account") { + if ($y0 ne "'Login'" && $y0 ne "Remove user account") { print "Invalid data. Go away, sorcerer.
\n"; exit; } @@ -109,7 +110,6 @@ EOT exit; } - my $y0 = $gcgi->wparam('y0') || ''; my $conf = $gcgi->wparam('confirm') || ''; if ($y0 ne 'Remove user account' || $conf ne $user->{name}) { my $blurb1 = '.'; diff --git a/cgi/edituser.cgi b/cgi/edituser.cgi index 19c8ecd..5b6d80b 100755 --- a/cgi/edituser.cgi +++ b/cgi/edituser.cgi @@ -43,8 +43,7 @@ $fields EOT } -my $y0 = $cgi->param('y0'); - +my $y0 = $cgi->param('y0') || ''; if ($cgi->param('name') && $y0 && $cgi->request_method eq 'POST') { # submitted, let's see # FIXME: racy, do a lock diff --git a/cgi/pwproj.cgi b/cgi/pwproj.cgi index 01f190d..f46c9f5 100755 --- a/cgi/pwproj.cgi +++ b/cgi/pwproj.cgi @@ -43,7 +43,8 @@ $proj or die "not found project $name, that's really weird!"; my $mail = $proj->{email}; -if ($cgi->param('y0') eq 'Reset Password' && $cgi->request_method eq 'POST') { +my $y0 = $cgi->param('y0') || ''; +if ($y0 eq 'Reset Password' && $cgi->request_method eq 'POST') { # submitted my $newpwd = genpwd(); diff --git a/cgi/regproj.cgi b/cgi/regproj.cgi index b71891a..50d9c7c 100755 --- a/cgi/regproj.cgi +++ b/cgi/regproj.cgi @@ -23,7 +23,8 @@ if ($fork) { $name = "$fork/$name"; } -if ($cgi->param('mode') && $cgi->request_method eq 'POST') { +my $y0 = $cgi->param('y0') || ''; +if ($cgi->param('mode') && $y0 eq 'Register' && $cgi->request_method eq 'POST') { # submitted, let's see # FIXME: racy, do a lock Girocco::Project::valid_name($name) diff --git a/cgi/reguser.cgi b/cgi/reguser.cgi index e9d04d4..488b451 100755 --- a/cgi/reguser.cgi +++ b/cgi/reguser.cgi @@ -24,7 +24,8 @@ if ($cgi->param('mail')) { exit; } -if ($cgi->param('name') && $cgi->param('y0') eq 'Register' && $cgi->request_method eq 'POST') { +my $y0 = $cgi->param('y0') || ''; +if ($cgi->param('name') && $y0 eq 'Register' && $cgi->request_method eq 'POST') { # submitted, let's see # FIXME: racy, do a lock my $name = $gcgi->wparam('name'); -- 2.11.4.GIT