From: janw Date: Fri, 10 Jun 2005 11:11:13 +0000 (+0000) Subject: Added some checks to certificate handling X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=19d23c368b09da74829355867cabfdbda4076291;p=gosa.git Added some checks to certificate handling git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@663 594d385d-05f5-0310-b6e9-bd551577e9d8 --- diff --git a/plugins/personal/generic/class_user.inc b/plugins/personal/generic/class_user.inc index 2639f9585..b4ae7f07b 100644 --- a/plugins/personal/generic/class_user.inc +++ b/plugins/personal/generic/class_user.inc @@ -341,9 +341,10 @@ class user extends plugin /* for all certificates do */ foreach (array ("userCertificate", "userSMIMECertificate", "userPKCS12") as $val){ - + /* Check for clean upload */ - if ($_FILES[$val."_file"]['name'] != "" && + if (defined($val) && $val != '' && + preg_match('/\s+/', $_FILES[$val."_file"]['name']) && is_uploaded_file($_FILES[$val."_file"]['tmp_name'])) { $this->set_cert("$val", $_FILES[$val."_file"]['tmp_name']); @@ -930,12 +931,12 @@ class user extends plugin /* Check for reserved characers */ if (preg_match ('/[,+"<>;]/', $this->givenName)){ $message[]= _("The field 'Given name' contains invalid characters."); - } - if (preg_match ('/[,+"<>;]/', $this->sn)){ - $message[]= _("The field 'Name' contains invalid characters."); - } + } + if (preg_match ('/[,+"<>;]/', $this->sn)){ + $message[]= _("The field 'Name' contains invalid characters."); + } - return $message; + return $message; } @@ -1043,10 +1044,13 @@ class user extends plugin /* Load certificate from file to object */ function set_cert($cert, $filename) { - $fd = fopen ($filename, "rb"); - $this->$cert= fread ($fd, filesize ($filename)); - fclose ($fd); - $this->is_modified= TRUE; + if($fd = fopen ($filename, "rb")) { + $this->$cert= fread ($fd, filesize ($filename)); + fclose ($fd); + $this->is_modified= TRUE; + } else { + print_red(_("Cannot open the specified file!")); + } } /* Adapt from given 'dn' */