&Header::openpage($Lang::tr{'pakfire configuration'}, 1);
&Header::openbigbox('100%', 'left', '', $errormessage);
+
if ($cgiparams{'ACTION'} eq 'install'){
$cgiparams{'INSPAKS'} =~ s/\|/\ /g;
if ("$cgiparams{'FORCE'}" eq "on") {
- my $command = "/usr/local/bin/pakfire install --non-interactive --no-colors $cgiparams{'INSPAKS'} &>/dev/null &";
- system("$command");
- system("/bin/sleep 1");
+ # Check for invalid package names.
+ if (&check_input($cgiparams{'INSPAKS'})) {
+ # Assign error message.
+ $errormessage = "$Lang::tr{'pakfire invalid characters in package list'}";
+ } else {
+ my $command = "/usr/local/bin/pakfire install --non-interactive --no-colors $cgiparams{'INSPAKS'} &>/dev/null &";
+ system("$command");
+ system("/bin/sleep 1");
+ }
} else {
&Header::openbox("100%", "center", $Lang::tr{'request'});
my @output = `/usr/local/bin/pakfire resolvedeps --no-colors $cgiparams{'INSPAKS'}`;
exit;
}
} elsif ($cgiparams{'ACTION'} eq 'remove') {
-
$cgiparams{'DELPAKS'} =~ s/\|/\ /g;
if ("$cgiparams{'FORCE'}" eq "on") {
- my $command = "/usr/local/bin/pakfire remove --non-interactive --no-colors $cgiparams{'DELPAKS'} &>/dev/null &";
- system("$command");
- system("/bin/sleep 1");
+ # Check for invalid package names.
+ if (&check_input($cgiparams{'DELPAKS'})) {
+ # Assign error message.
+ $errormessage = "$Lang::tr{'pakfire invalid characters in package list'}";
+ } else {
+ my $command = "/usr/local/bin/pakfire remove --non-interactive --no-colors $cgiparams{'DELPAKS'} &>/dev/null &";
+ system("$command");
+ system("/bin/sleep 1");
+ }
} else {
&Header::openbox("100%", "center", $Lang::tr{'request'});
my @output = `/usr/local/bin/pakfire resolvedeps --no-colors $cgiparams{'DELPAKS'}`;
&Header::closebox();
&Header::closebigbox();
&Header::closepage();
+
+#
+## Function to check a given package list for invalid characters.
+#
+## Valid characters are a-z, A-Z, - and and the underscrore.
+## In case an invalid character will be detected, the function will return true.
+#
+sub check_input (@) {
+ my (@packages) = @_;
+
+ # Loop through the array of given pakages.
+ foreach my $name (@packages) {
+ # Check if it contains any unallowed charackters.
+ unless ($name =~ /^[\w-]+$/) {
+ # An unallowed character has been detected. Return "1" - True.
+ return 1;
+ }
+ }
+}
'pakfire install description' => 'Wählen Sie ein oder mehrere Pakete zur Installation aus und drücken Sie auf das plus-Symbol.',
'pakfire install package' => 'Sie möchten folgende Pakete installieren: ',
'pakfire installed addons' => 'Installierte Addons:',
+'pakfire invalid characters in package list' => 'Die Paketliste beinhaltet ungültige Zeichen',
'pakfire invalid tree' => '',
'pakfire last core list update' => 'Letztes Corelisten Update ist',
'pakfire last package update' => 'Letztes Paketlisten Update ist',
'pakfire install description' => 'Please choose one or more items from the list below and click the plus to install.',
'pakfire install package' => 'You want to install the following packages: ',
'pakfire installed addons' => 'Installed Addons:',
+'pakfire invalid characters in package list' => 'The package list contains invalid characters',
'pakfire invalid tree' => 'Invalid repository selected',
'pakfire last core list update' => 'Last core list update made',
'pakfire last package update' => 'Last packages list update made',