#
#========================================================================
#
-# Version 3.0.0alpha, released 23 Jan 2006.
+# Version 3.0.0beta2, released 11 Nov 2006.
#
# See http://backuppc.sourceforge.net.
#
#
$MyURL = $ENV{SCRIPT_NAME};
$User = $ENV{REMOTE_USER};
+
#
- # Handle LDAP uid=user when using mod_authz_ldap
+ # Handle LDAP uid=user when using mod_authz_ldap and otherwise untaint
#
- $User = $1 if ( $User =~ /uid=([^,]+)/i );
+ $User = $1 if ( $User =~ /uid=([^,]+)/i || $User =~ /(.*)/ );
#
# Clean up %ENV for taint checking
|| $host ne "" && !defined($Hosts->{$host}) );
if ( $Conf{CgiAdminUserGroup} ne "" ) {
my($n,$p,$gid,$mem) = getgrnam($Conf{CgiAdminUserGroup});
- $Privileged ||= ($mem =~ /\b$User\b/);
+ $Privileged ||= ($mem =~ /\b\Q$User\E\b/);
}
if ( $Conf{CgiAdminUsers} ne "" ) {
- $Privileged ||= ($Conf{CgiAdminUsers} =~ /\b$User\b/);
+ $Privileged ||= ($Conf{CgiAdminUsers} =~ /\b\Q$User\E\b/);
$Privileged ||= $Conf{CgiAdminUsers} eq "*";
}
$PrivAdmin = $Privileged;
my($title, $content, $noBrowse, $contentSub, $contentPost) = @_;
my @adminLinks = (
{ link => "", name => $Lang->{Status}},
- { link => "?action=adminOpts", name => $Lang->{Admin_Options},
- priv => 1},
+ { link => "?action=summary", name => $Lang->{PC_Summary}},
{ link => "?action=editConfig", name => $Lang->{CfgEdit_Edit_Config},
priv => 1},
{ link => "?action=editConfig&newMenu=hosts",
name => $Lang->{CfgEdit_Edit_Hosts},
priv => 1},
- { link => "?action=summary", name => $Lang->{PC_Summary}},
+ { link => "?action=adminOpts", name => $Lang->{Admin_Options},
+ priv => 1},
{ link => "?action=view&type=LOG", name => $Lang->{LOG_file},
priv => 1},
{ link => "?action=LOGlist", name => $Lang->{Old_LOGs},
);
my $host = $In{host};
+ binmode(STDOUT, ":utf8");
print $Cgi->header(-charset => "utf-8");
print <<EOF;
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
EOF
my $hostSelectbox = "<option value=\"#\">$Lang->{Select_a_host}</option>";
my @hosts = GetUserHosts($Conf{CgiNavBarAdminAllHosts});
+ NavSectionTitle($Lang->{Hosts});
if ( defined($Hosts) && %$Hosts > 0 && @hosts ) {
- NavSectionTitle($Lang->{Hosts});
foreach my $host ( @hosts ) {
NavLink("?host=${EscURI($host)}", $host)
if ( @hosts < $Conf{CgiNavBarAdminAllHosts} );