diff options
author | kcwu <kcwu@63ad8ddf-47c3-0310-b6dd-a9e9d9715204> | 2006-03-27 00:57:05 +0800 |
---|---|---|
committer | kcwu <kcwu@63ad8ddf-47c3-0310-b6dd-a9e9d9715204> | 2006-03-27 00:57:05 +0800 |
commit | 55367b29e2e0b49e96a9c75f259d60554b45c704 (patch) | |
tree | a27baa60682fa12b4a7d1f5a97e3a5cb5ed098e2 /mbbsd/stuff.c | |
parent | dd19aa6ea6f949485cd6df72e525d5e334d73337 (diff) | |
download | pttbbs-55367b29e2e0b49e96a9c75f259d60554b45c704.tar pttbbs-55367b29e2e0b49e96a9c75f259d60554b45c704.tar.gz pttbbs-55367b29e2e0b49e96a9c75f259d60554b45c704.tar.bz2 pttbbs-55367b29e2e0b49e96a9c75f259d60554b45c704.tar.lz pttbbs-55367b29e2e0b49e96a9c75f259d60554b45c704.tar.xz pttbbs-55367b29e2e0b49e96a9c75f259d60554b45c704.tar.zst pttbbs-55367b29e2e0b49e96a9c75f259d60554b45c704.zip |
verify userid when sethome path.
git-svn-id: http://opensvn.csie.org/pttbbs/trunk/pttbbs@3308 63ad8ddf-47c3-0310-b6dd-a9e9d9715204
Diffstat (limited to 'mbbsd/stuff.c')
-rw-r--r-- | mbbsd/stuff.c | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/mbbsd/stuff.c b/mbbsd/stuff.c index eff6d399..37a8ebb1 100644 --- a/mbbsd/stuff.c +++ b/mbbsd/stuff.c @@ -18,18 +18,21 @@ static const char * const str_dotdir = STR_DOTDIR; void sethomepath(char *buf, const char *userid) { + assert(is_validuserid(userid)); snprintf(buf, PATHLEN, "home/%c/%s", userid[0], userid); } void sethomedir(char *buf, const char *userid) { + assert(is_validuserid(userid)); snprintf(buf, PATHLEN, str_home_file, userid[0], userid, str_dotdir); } void sethomeman(char *buf, const char *userid) { + assert(is_validuserid(userid)); snprintf(buf, PATHLEN, str_home_file, userid[0], userid, "man"); } @@ -37,12 +40,14 @@ sethomeman(char *buf, const char *userid) void sethomefile(char *buf, const char *userid, const char *fname) { + assert(is_validuserid(userid)); snprintf(buf, PATHLEN, str_home_file, userid[0], userid, fname); } void setuserfile(char *buf, const char *fname) { + assert(is_validuserid(cuser.userid)); snprintf(buf, PATHLEN, str_home_file, cuser.userid[0], cuser.userid, fname); } @@ -199,6 +204,24 @@ invalid_pname(const char *str) return 0; } +int is_validuserid(const char *id) +{ + int len, i; + if(id==NULL) + return 0; + len = strlen(id); + + if (len < 2 || len>IDLEN) + return 0; + + if (not_alpha(id[0])) + return 0; + for (i = 1; i < len; i++) + if (not_alnum(id[i])) + return 0; + return 1; +} + int is_uBM(const char *list, const char *id) { @@ -652,7 +675,8 @@ vmsg(const char *msg) do { if( (i = igetch()) == Ctrl('T') ) - capture_screen(); + if(cuser.userid[0]) // if already login + capture_screen(); } while( i == 0 ); move(b_lines, 0); |