From b113764b0bdf98b7d1d643eb2f55c50988f31deb Mon Sep 17 00:00:00 2001 From: Lukas Fleischer Date: Thu, 3 Jul 2014 10:32:31 +0200 Subject: Sanitize merge base name in pkgreq_file() Move the check introduced in 06b7099 (Validate package base name when filing requests, 2014-07-02) from pkgbase.php to pkgreq_file(). Signed-off-by: Lukas Fleischer --- web/html/pkgbase.php | 7 +------ web/lib/pkgreqfuncs.inc.php | 4 ++++ 2 files changed, 5 insertions(+), 6 deletions(-) (limited to 'web') diff --git a/web/html/pkgbase.php b/web/html/pkgbase.php index 9725db7..cf2b774 100644 --- a/web/html/pkgbase.php +++ b/web/html/pkgbase.php @@ -98,12 +98,7 @@ if (check_token()) { } elseif (current_action("do_ChangeCategory")) { list($ret, $output) = pkgbase_change_category($base_id, $atype); } elseif (current_action("do_FileRequest")) { - if (empty($_POST['merge_into']) || preg_match("/^[a-z0-9][a-z0-9\.+_-]*$/", $_POST['merge_into'])) { - list($ret, $output) = pkgreq_file($ids, $_POST['type'], $_POST['merge_into'], $_POST['comments']); - } else { - $output = __("Invalid name: only lowercase letters are allowed."); - $ret = false; - } + list($ret, $output) = pkgreq_file($ids, $_POST['type'], $_POST['merge_into'], $_POST['comments']); } elseif (current_action("do_CloseRequest")) { list($ret, $output) = pkgreq_close($_POST['reqid'], $_POST['reason'], $_POST['comments']); } diff --git a/web/lib/pkgreqfuncs.inc.php b/web/lib/pkgreqfuncs.inc.php index 53cf328..76780fe 100644 --- a/web/lib/pkgreqfuncs.inc.php +++ b/web/lib/pkgreqfuncs.inc.php @@ -72,6 +72,10 @@ function pkgreq_file($ids, $type, $merge_into, $comments) { global $AUR_LOCATION; global $AUR_REQUEST_ML; + if (!empty($merge_into) && !preg_match("/^[a-z0-9][a-z0-9\.+_-]*$/", $merge_into)) { + return array(false, __("Invalid name: only lowercase letters are allowed.")); + } + if (empty($comments)) { return array(false, __("The comment field must not be empty.")); } -- cgit v1.2.3-54-g00ecf