diff options
Diffstat (limited to 'web/html')
-rw-r--r-- | web/html/pkgreq.php | 8 | ||||
-rw-r--r-- | web/html/pkgsubmit.php | 6 |
2 files changed, 11 insertions, 3 deletions
diff --git a/web/html/pkgreq.php b/web/html/pkgreq.php index 03b31b8..ccb0acd 100644 --- a/web/html/pkgreq.php +++ b/web/html/pkgreq.php @@ -9,9 +9,17 @@ set_lang(); check_sid(); if (isset($base_id)) { + if (!has_credential(CRED_PKGREQ_FILE)) { + header('Location: /'); + exit(); + } html_header(__("File Request")); include('pkgreq_form.php'); } elseif (isset($pkgreq_id)) { + if (!has_credential(CRED_PKGREQ_CLOSE)) { + header('Location: /'); + exit(); + } html_header(__("Close Request")); $pkgbase_name = pkgreq_get_pkgbase_name($pkgreq_id); include('pkgreq_close_form.php'); diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php index eac95a3..e1963de 100644 --- a/web/html/pkgsubmit.php +++ b/web/html/pkgsubmit.php @@ -202,7 +202,7 @@ if ($uid): /* Validate package base name. */ if (!$error) { $pkgbase_name = $pkgbase_info['pkgbase']; - if (!preg_match("/^[a-z0-9][a-z0-9\.+_-]*$/", $pkgbase_name)) { + if (!preg_match("/^[a-z0-9][a-z0-9\.+_-]*$/D", $pkgbase_name)) { $error = __("Invalid name: only lowercase letters are allowed."); } @@ -218,7 +218,7 @@ if ($uid): /* Validate package names. */ $pkg_name = $pi['pkgname']; - if (!preg_match("/^[a-z0-9][a-z0-9\.+_-]*$/", $pkg_name)) { + if (!preg_match("/^[a-z0-9][a-z0-9\.+_-]*$/D", $pkg_name)) { $error = __("Invalid name: only lowercase letters are allowed."); break; } @@ -393,7 +393,7 @@ if ($uid): * notification list. */ if ($was_orphan) { - pkgbase_notify(account_from_sid($_COOKIE["AURSID"]), array($base_id), true); + pkgbase_notify(array($base_id), true); } end_atomic_commit(); |