projects / webmin.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 81ea174)
Validation for manual alias editing
authorJamie Cameron <jcameron@webmin.com>
Fri, 28 May 2010 20:47:51 +0000 (13:47 -0700)
committerJamie Cameron <jcameron@webmin.com>
Fri, 28 May 2010 20:47:51 +0000 (13:47 -0700)
sendmail/CHANGELOG patch | blob | history
sendmail/edit_file.cgi patch | blob | history
sendmail/lang/en patch | blob | history
sendmail/save_file.cgi patch | blob | history

diff --git a/sendmail/CHANGELOG b/sendmail/CHANGELOG
index 60081e2..cc1d648 100644 (file)
--- a/sendmail/CHANGELOG
+++ b/sendmail/CHANGELOG
@@ -47,3 +47,5 @@ When flushing selected queued quarantined messages, the -qQ flag is added so tha
 ---- Changes since 1.490 ----
 If multiple alias files are defined, one can be selected when adding a new alias.
 Autoreply messages starting with <html> or <body> will now be sent using the text/html MIME type.
+---- Changes since 1.510 ----
+Added validation when manually editing the aliases and other map files.
diff --git a/sendmail/edit_file.cgi b/sendmail/edit_file.cgi
index b7b179a..260b918 100755 (executable)
--- a/sendmail/edit_file.cgi
+++ b/sendmail/edit_file.cgi
@@ -61,16 +61,13 @@ open(FILE, $file);
 @lines = <FILE>;
 close(FILE);
 
-print "<b>",&text('file_desc', "<tt>$file</tt>"),"</b><p>\n";
+print &text('file_desc', "<tt>$file</tt>"),"<p>\n";
 
-print "<form action=save_file.cgi method=post enctype=multipart/form-data>\n";
-print "<input type=hidden name=mode value=\"$in{'mode'}\">\n";
-print "<input type=hidden name=idx value=\"$in{'idx'}\">\n";
-print "<textarea name=text rows=20 cols=80>",
-       join("", @lines),"</textarea><p>\n";
-print "<input type=submit value=\"$text{'save'}\"> ",
-      "<input type=reset value=\"$text{'file_undo'}\">\n";
-print "</form>\n";
+print &ui_form_start("save_file.cgi", "form-data");
+print &ui_hidden("mode", $in{'mode'});
+print &ui_hidden("idx", $in{'idx'});
+print &ui_textarea("text", join("", @lines), 20, 80);
+print &ui_form_end([ [ undef, $text{'save'} ] ]);
 
 &ui_print_footer($return, $rmsg);
 
diff --git a/sendmail/lang/en b/sendmail/lang/en
index bf387c9..ab031ad 100644 (file)
--- a/sendmail/lang/en
+++ b/sendmail/lang/en
@@ -602,6 +602,8 @@ file_eaccess=You are not allowed to edit the spam control file.
 file_ecannot=You are not allowed to edit this file
 file_emode=Unknown mode!
 file_err=Failed to edit file
+file_ealias=Invalid format for aliases file line : $1
+file_etab=Invalid format for map file line : $1
 
 acl_opts=Can edit sendmail options?
 acl_ports=Can edit network ports?
diff --git a/sendmail/save_file.cgi b/sendmail/save_file.cgi
index 6311722..20b9717 100755 (executable)
--- a/sendmail/save_file.cgi
+++ b/sendmail/save_file.cgi
@@ -17,6 +17,7 @@ if ($in{'mode'} eq 'aliases') {
            $access{'amax'} == 0 && $access{'apath'} eq '/' ||
            &error($text{'file_ealiases'});
        $log = "alias";
+       $fmt = "alias";
        }
 elsif ($in{'mode'} eq 'virtusers') {
        require './virtusers-lib.pl';
@@ -28,6 +29,7 @@ elsif ($in{'mode'} eq 'virtusers') {
            $access{'vedit_2'} && $access{'vmax'} == 0 ||
            &error($text{'file_evirtusers'});
        $log = "virtuser";
+       $fmt = "tab";
        }
 elsif ($in{'mode'} eq 'mailers') {
        require './mailers-lib.pl';
@@ -37,6 +39,7 @@ elsif ($in{'mode'} eq 'mailers') {
        $post = "$config{'makemap_path'} $mdbmtype $mdbm <$file";
        $access{'mailers'} || &error($text{'file_emailers'});
        $log = "mailer";
+       $fmt = "tab";
        }
 elsif ($in{'mode'} eq 'generics') {
        require './generics-lib.pl';
@@ -46,6 +49,7 @@ elsif ($in{'mode'} eq 'generics') {
        $post = "$config{'makemap_path'} $gdbmtype $gdbm <$file";
        $access{'omode'} == 1 || &error($text{'file_egenerics'});
        $log = "generic";
+       $fmt = "tab";
        }
 elsif ($in{'mode'} eq 'domains') {
        require './domain-lib.pl';
@@ -55,6 +59,7 @@ elsif ($in{'mode'} eq 'domains') {
        $post = "$config{'makemap_path'} $ddbmtype $ddbm <$file";
        $access{'domains'} || &error($text{'file_edomains'});
        $log = "domain";
+       $fmt = "tab";
        }
 elsif ($in{'mode'} eq 'access') {
        require './access-lib.pl';
@@ -64,10 +69,29 @@ elsif ($in{'mode'} eq 'access') {
        $post = "$config{'makemap_path'} $adbmtype $adbm <$file";
        $access{'access'} || &error($text{'file_eaccess'});
        $log = "access";
+       $fmt = "tab";
        }
 else { &error($text{'file_emode'}); }
 
+# Validate format
 $in{'text'} =~ s/\r//g;
+@lines = split(/\n+/, $in{'text'});
+foreach my $l (@lines) {
+       $l =~ s/#.*$//;
+       next if ($l !~ /\S/);
+       if ($fmt eq "alias") {
+               $l =~ /^\s*(\S+):\s*(\S.*)$/ ||
+                       &error(&text('file_ealias',
+                                    "<tt>".&html_escape($l)."</tt>"));
+               }
+       elsif ($fmt eq "tab") {
+               $l =~ /^\s*(\S+)\s+(\S.*)$/ ||
+                       &error(&text('file_etab',
+                                    "<tt>".&html_escape($l)."</tt>"));
+               }
+       }
+
+# Write out the file
 &open_lock_tempfile(FILE, ">$file");
 &print_tempfile(FILE, $in{'text'});
 &close_tempfile(FILE);
Webmin PERL server management