diff options
Diffstat (limited to 'web/lib')
-rw-r--r-- | web/lib/acctfuncs.inc.php | 2 | ||||
-rw-r--r-- | web/lib/aur.inc.php | 2 | ||||
-rw-r--r-- | web/lib/credentials.inc.php | 2 | ||||
-rw-r--r-- | web/lib/pkgbasefuncs.inc.php | 2 | ||||
-rw-r--r-- | web/lib/pkgreqfuncs.inc.php | 6 |
5 files changed, 10 insertions, 4 deletions
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php index 254f0e2f..e3ff4949 100644 --- a/web/lib/acctfuncs.inc.php +++ b/web/lib/acctfuncs.inc.php @@ -544,7 +544,7 @@ function valid_username($user) { if (strlen($user) < USERNAME_MIN_LEN || strlen($user) > USERNAME_MAX_LEN) { return false; - } else if (!preg_match("/^[a-z0-9]+[.\-_]?[a-z0-9]+$/i", $user)) { + } else if (!preg_match("/^[a-z0-9]+[.\-_]?[a-z0-9]+$/Di", $user)) { return false; } diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php index 82730bb5..81cbf694 100644 --- a/web/lib/aur.inc.php +++ b/web/lib/aur.inc.php @@ -471,7 +471,7 @@ function save_salt($user_id, $passwd) { $hash = salted_hash($passwd, $salt); $q = "UPDATE Users SET Salt = " . $dbh->quote($salt) . ", "; $q.= "Passwd = " . $dbh->quote($hash) . " WHERE ID = " . $user_id; - $result = $dbh->exec($q); + return $dbh->exec($q); } /** diff --git a/web/lib/credentials.inc.php b/web/lib/credentials.inc.php index efc203d3..0c428f2f 100644 --- a/web/lib/credentials.inc.php +++ b/web/lib/credentials.inc.php @@ -18,6 +18,7 @@ define("CRED_PKGBASE_NOTIFY", 13); define("CRED_PKGBASE_SUBMIT_BLACKLISTED", 14); define("CRED_PKGBASE_UNFLAG", 15); define("CRED_PKGBASE_VOTE", 16); +define("CRED_PKGREQ_FILE", 23); define("CRED_PKGREQ_CLOSE", 17); define("CRED_PKGREQ_LIST", 18); define("CRED_TU_ADD_VOTE", 19); @@ -48,6 +49,7 @@ function has_credential($credential, $approved_users=array()) { case CRED_PKGBASE_FLAG: case CRED_PKGBASE_NOTIFY: case CRED_PKGBASE_VOTE: + case CRED_PKGREQ_FILE: return ($atype == 'User' || $atype == 'Trusted User' || $atype == 'Developer' || $atype == 'Trusted User & Developer'); diff --git a/web/lib/pkgbasefuncs.inc.php b/web/lib/pkgbasefuncs.inc.php index 946209b7..1ac0b470 100644 --- a/web/lib/pkgbasefuncs.inc.php +++ b/web/lib/pkgbasefuncs.inc.php @@ -617,7 +617,7 @@ function pkgbase_adopt ($base_ids, $action=true, $via) { $dbh->exec($q); if ($action) { - pkgbase_notify(account_from_sid($_COOKIE["AURSID"]), $base_ids); + pkgbase_notify($base_ids); return array(true, __("The selected packages have been adopted.")); } else { return array(true, __("The selected packages have been disowned.")); diff --git a/web/lib/pkgreqfuncs.inc.php b/web/lib/pkgreqfuncs.inc.php index 5924959a..92070434 100644 --- a/web/lib/pkgreqfuncs.inc.php +++ b/web/lib/pkgreqfuncs.inc.php @@ -91,7 +91,11 @@ function pkgreq_file($ids, $type, $merge_into, $comments) { global $AUR_REQUEST_ML; global $AUTO_ORPHAN_AGE; - if (!empty($merge_into) && !preg_match("/^[a-z0-9][a-z0-9\.+_-]*$/", $merge_into)) { + if (!has_credential(CRED_PKGREQ_FILE)) { + return array(false, __("You must be logged in to file package requests.")); + } + + if (!empty($merge_into) && !preg_match("/^[a-z0-9][a-z0-9\.+_-]*$/D", $merge_into)) { return array(false, __("Invalid name: only lowercase letters are allowed.")); } |