Tatsuki SUGIURA
sugi****@users*****
2006年 7月 12日 (水) 20:41:41 JST
Index: slashjp/Slash/Utility/Access/Access.pm diff -u slashjp/Slash/Utility/Access/Access.pm:1.3 slashjp/Slash/Utility/Access/Access.pm:1.4 --- slashjp/Slash/Utility/Access/Access.pm:1.3 Fri Dec 31 21:35:47 2004 +++ slashjp/Slash/Utility/Access/Access.pm Wed Jul 12 20:41:40 2006 @@ -1,7 +1,7 @@ # This code is a part of Slash, and is released under the GPL. -# Copyright 1997-2004 by Open Source Development Network. See README +# Copyright 1997-2005 by Open Source Technology Group. See README # and COPYING for more information, or see http://slashcode.com/. -# $Id: Access.pm,v 1.3 2004/12/31 12:35:47 oliver Exp $ +# $Id: Access.pm,v 1.4 2006/07/12 11:41:40 sugi Exp $ package Slash::Utility::Access; @@ -30,12 +30,12 @@ use Slash::Utility::Data; use Slash::Utility::Environment; use Slash::Utility::System; -use Slash::Constants qw(:web :people); +use Slash::Constants qw(:web :people :messages); use base 'Exporter'; use vars qw($VERSION @EXPORT); -($VERSION) = ' $Revision: 1.3 $ ' =~ /\$Revision:\s+([^\s]+)/; +($VERSION) = ' $Revision: 1.4 $ ' =~ /\$Revision:\s+([^\s]+)/; @EXPORT = qw( checkFormPost formkeyError @@ -393,11 +393,13 @@ if ($slashdb->checkTimesPosted($formname, $max, $id, $formkey_earliest)) { undef $formkey unless $formkey =~ /^\w{10}$/; - unless ($formkey && $slashdb->checkFormkey($formkey_earliest, $formname, $id, $formkey)) { - $slashdb->createAbuse("invalid form key", $formname, $ENV{QUERY_STRING}); - $$err_message = Slash::getData('invalidformkey', '', ''); - return; - } +# wtf? no method checkFormkey exists ... +# of course, checkFormPost is never even called ... +# unless ($formkey && $slashdb->checkFormkey($formkey_earliest, $formname, $id, $formkey)) { +# $slashdb->createAbuse("invalid form key", $formname, $ENV{QUERY_STRING}); +# $$err_message = Slash::getData('invalidformkey', '', ''); +# return; +# } if (submittedAlready($formkey, $formname, $err_message)) { $slashdb->createAbuse("form already submitted", $formname, $ENV{QUERY_STRING}); @@ -520,6 +522,12 @@ my($formname, $field, $content, $wsfactor) = @_; $wsfactor ||= 1; + # If no content (or I suppose the single char '0') is passed in, + # just report that it passes the test. Hopefully the caller is + # performing other checks to make sure that boundary condition + # is addresses. + return 1 if !$content; + my $slashdb = getCurrentDB(); my $constants = getCurrentStatic(); my $user = getCurrentUser(); @@ -732,8 +740,7 @@ my $reg_subj = Slash::getData('rereg_email_subject', '', ''); - # Send the message (message code == -2) - doEmail($uid, $reg_subj, $reg_msg, -2); + doEmail($uid, $reg_subj, $reg_msg, MSG_CODE_REGISTRATION); } else { # We only need to clear these. $slashdb->setUser($uid, { @@ -811,4 +818,4 @@ =head1 VERSION -$Id: Access.pm,v 1.3 2004/12/31 12:35:47 oliver Exp $ +$Id: Access.pm,v 1.4 2006/07/12 11:41:40 sugi Exp $
SRAD