summaryrefslogtreecommitdiffstats
path: root/web/lib
diff options
context:
space:
mode:
Diffstat (limited to 'web/lib')
-rw-r--r--web/lib/acctfuncs.inc.php2
-rw-r--r--web/lib/aur.inc.php2
-rw-r--r--web/lib/credentials.inc.php2
-rw-r--r--web/lib/pkgbasefuncs.inc.php2
-rw-r--r--web/lib/pkgreqfuncs.inc.php6
5 files changed, 10 insertions, 4 deletions
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php
index 254f0e2f..e3ff4949 100644
--- a/web/lib/acctfuncs.inc.php
+++ b/web/lib/acctfuncs.inc.php
@@ -544,7 +544,7 @@ function valid_username($user) {
if (strlen($user) < USERNAME_MIN_LEN ||
strlen($user) > USERNAME_MAX_LEN) {
return false;
- } else if (!preg_match("/^[a-z0-9]+[.\-_]?[a-z0-9]+$/i", $user)) {
+ } else if (!preg_match("/^[a-z0-9]+[.\-_]?[a-z0-9]+$/Di", $user)) {
return false;
}
diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php
index 82730bb5..81cbf694 100644
--- a/web/lib/aur.inc.php
+++ b/web/lib/aur.inc.php
@@ -471,7 +471,7 @@ function save_salt($user_id, $passwd) {
$hash = salted_hash($passwd, $salt);
$q = "UPDATE Users SET Salt = " . $dbh->quote($salt) . ", ";
$q.= "Passwd = " . $dbh->quote($hash) . " WHERE ID = " . $user_id;
- $result = $dbh->exec($q);
+ return $dbh->exec($q);
}
/**
diff --git a/web/lib/credentials.inc.php b/web/lib/credentials.inc.php
index efc203d3..0c428f2f 100644
--- a/web/lib/credentials.inc.php
+++ b/web/lib/credentials.inc.php
@@ -18,6 +18,7 @@ define("CRED_PKGBASE_NOTIFY", 13);
define("CRED_PKGBASE_SUBMIT_BLACKLISTED", 14);
define("CRED_PKGBASE_UNFLAG", 15);
define("CRED_PKGBASE_VOTE", 16);
+define("CRED_PKGREQ_FILE", 23);
define("CRED_PKGREQ_CLOSE", 17);
define("CRED_PKGREQ_LIST", 18);
define("CRED_TU_ADD_VOTE", 19);
@@ -48,6 +49,7 @@ function has_credential($credential, $approved_users=array()) {
case CRED_PKGBASE_FLAG:
case CRED_PKGBASE_NOTIFY:
case CRED_PKGBASE_VOTE:
+ case CRED_PKGREQ_FILE:
return ($atype == 'User' || $atype == 'Trusted User' ||
$atype == 'Developer' ||
$atype == 'Trusted User & Developer');
diff --git a/web/lib/pkgbasefuncs.inc.php b/web/lib/pkgbasefuncs.inc.php
index 946209b7..1ac0b470 100644
--- a/web/lib/pkgbasefuncs.inc.php
+++ b/web/lib/pkgbasefuncs.inc.php
@@ -617,7 +617,7 @@ function pkgbase_adopt ($base_ids, $action=true, $via) {
$dbh->exec($q);
if ($action) {
- pkgbase_notify(account_from_sid($_COOKIE["AURSID"]), $base_ids);
+ pkgbase_notify($base_ids);
return array(true, __("The selected packages have been adopted."));
} else {
return array(true, __("The selected packages have been disowned."));
diff --git a/web/lib/pkgreqfuncs.inc.php b/web/lib/pkgreqfuncs.inc.php
index 5924959a..92070434 100644
--- a/web/lib/pkgreqfuncs.inc.php
+++ b/web/lib/pkgreqfuncs.inc.php
@@ -91,7 +91,11 @@ function pkgreq_file($ids, $type, $merge_into, $comments) {
global $AUR_REQUEST_ML;
global $AUTO_ORPHAN_AGE;
- if (!empty($merge_into) && !preg_match("/^[a-z0-9][a-z0-9\.+_-]*$/", $merge_into)) {
+ if (!has_credential(CRED_PKGREQ_FILE)) {
+ return array(false, __("You must be logged in to file package requests."));
+ }
+
+ if (!empty($merge_into) && !preg_match("/^[a-z0-9][a-z0-9\.+_-]*$/D", $merge_into)) {
return array(false, __("Invalid name: only lowercase letters are allowed."));
}