diff options
author | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-03-21 07:11:56 +0000 |
---|---|---|
committer | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-03-21 07:11:56 +0000 |
commit | 5fab4f483b8958c26cde2f2b0837a858ee94c4a3 (patch) | |
tree | 5377d51cf9ff98d1e597ea05bff3958630e80221 | |
parent | f2d530bd76f53cf3b2a8a583aaa1862deda4fcca (diff) |
Fixed emailing
git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/branches/1.2@975 4979c152-3d1c-0410-bac9-87ea11338e46
-rwxr-xr-x | LedgerSMB/Form.pm | 12 | ||||
-rwxr-xr-x | LedgerSMB/Session/DB.pm | 1 |
2 files changed, 6 insertions, 7 deletions
diff --git a/LedgerSMB/Form.pm b/LedgerSMB/Form.pm index 43fa3b00..bc693ea9 100755 --- a/LedgerSMB/Form.pm +++ b/LedgerSMB/Form.pm @@ -38,6 +38,7 @@ use LedgerSMB::Sysconfig; use List::Util qw(first); use LedgerSMB::Mailer; use Time::Local; +use Cwd; package Form; @@ -86,16 +87,13 @@ sub new { if ($self->{path} ne 'bin/lynx'){ $self->{path} = 'bin/mozilla';} - if (($self->{script} =~ m#(..|\\|/)#)){ - $self->error("Access Denied"); - } - if (($self->{script}) and not first {$_ eq $self->{script}} + if (($self->{script}) and not List::Util::first {$_ eq $self->{script}} @{LedgerSMB::Sysconfig::scripts}){ - $self->error('Access Denied'); + $self->error('Access Denied', __line__, __file__); } if (($self->{action} =~ /:/) || ($self->{nextsub} =~ /:/)){ - $self->error("Access Denied"); + $self->error("Access Denied", __line__, __file__); } for (keys %$self){ $self->{$_} =~ s/\000//g } @@ -592,6 +590,8 @@ sub parse_template { my ($self, $myconfig) = @_; + $self->{cwd} = Cwd::getcwd(); + my ($chars_per_line, $lines_on_first_page, $lines_on_second_page) = (0, 0, 0); my ($current_page, $current_line) = (1, 1); my $pagebreak = ""; diff --git a/LedgerSMB/Session/DB.pm b/LedgerSMB/Session/DB.pm index eb550c62..d10932aa 100755 --- a/LedgerSMB/Session/DB.pm +++ b/LedgerSMB/Session/DB.pm @@ -227,7 +227,6 @@ sub password_check { $fetchPassword->execute($username) || $form->dberror(__FILE__.':'.__LINE__.': Fetching password : '); my ($dbusername, $md5Password, $cryptPassword) = $fetchPassword->fetchrow_array; - if ($dbusername ne $username) { # User data retrieved from db not for the requested user return 0; |