summaryrefslogtreecommitdiffstats
path: root/web/html
diff options
context:
space:
mode:
Diffstat (limited to 'web/html')
-rw-r--r--web/html/pkgreq.php8
-rw-r--r--web/html/pkgsubmit.php6
2 files changed, 11 insertions, 3 deletions
diff --git a/web/html/pkgreq.php b/web/html/pkgreq.php
index 03b31b8..ccb0acd 100644
--- a/web/html/pkgreq.php
+++ b/web/html/pkgreq.php
@@ -9,9 +9,17 @@ set_lang();
check_sid();
if (isset($base_id)) {
+ if (!has_credential(CRED_PKGREQ_FILE)) {
+ header('Location: /');
+ exit();
+ }
html_header(__("File Request"));
include('pkgreq_form.php');
} elseif (isset($pkgreq_id)) {
+ if (!has_credential(CRED_PKGREQ_CLOSE)) {
+ header('Location: /');
+ exit();
+ }
html_header(__("Close Request"));
$pkgbase_name = pkgreq_get_pkgbase_name($pkgreq_id);
include('pkgreq_close_form.php');
diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php
index eac95a3..e1963de 100644
--- a/web/html/pkgsubmit.php
+++ b/web/html/pkgsubmit.php
@@ -202,7 +202,7 @@ if ($uid):
/* Validate package base name. */
if (!$error) {
$pkgbase_name = $pkgbase_info['pkgbase'];
- if (!preg_match("/^[a-z0-9][a-z0-9\.+_-]*$/", $pkgbase_name)) {
+ if (!preg_match("/^[a-z0-9][a-z0-9\.+_-]*$/D", $pkgbase_name)) {
$error = __("Invalid name: only lowercase letters are allowed.");
}
@@ -218,7 +218,7 @@ if ($uid):
/* Validate package names. */
$pkg_name = $pi['pkgname'];
- if (!preg_match("/^[a-z0-9][a-z0-9\.+_-]*$/", $pkg_name)) {
+ if (!preg_match("/^[a-z0-9][a-z0-9\.+_-]*$/D", $pkg_name)) {
$error = __("Invalid name: only lowercase letters are allowed.");
break;
}
@@ -393,7 +393,7 @@ if ($uid):
* notification list.
*/
if ($was_orphan) {
- pkgbase_notify(account_from_sid($_COOKIE["AURSID"]), array($base_id), true);
+ pkgbase_notify(array($base_id), true);
}
end_atomic_commit();