Ignore:
Timestamp:
Sep 26, 2011, 6:05:01 PM (10 years ago)
Author:
Kris Deugau
Message:

/branches/htmlform

Checkpoint, clearing out references to printError()
All ACL checks that generate error pages should now be converted
to use the new aclerror template. See #15.
Fix a minor bug in CustIDCK.pm - calls to custid_check are being
treated as an object call for some reason.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/htmlform/cgi-bin/main.cgi

    r497 r503  
    8282
    8383#main()
     84my $aclerr;
    8485
    8586if(!defined($webvar{action})) {
     
    9899} elsif ($webvar{action} eq 'addmaster') {
    99100  if ($IPDBacl{$authuser} !~ /a/) {
    100     printError("You shouldn't have been able to get here.  Access denied.");
     101    $aclerr = 'addmaster';
    101102  }
    102103} elsif ($webvar{action} eq 'newmaster') {
    103104
    104105  if ($IPDBacl{$authuser} !~ /a/) {
    105     printError("You shouldn't have been able to get here.  Access denied.");
     106    $aclerr = 'addmaster';
    106107  } else {
    107108    my $cidr = new NetAddr::IP $webvar{cidr};
     
    191192
    192193
     194# Switch to a different template if we've tripped on an ACL error.
     195# Note that this should only be exercised in development, when
     196# deeplinked, or when being attacked;  normal ACL handling should
     197# remove the links a user is not allowed to click on.
     198if ($aclerr) {
     199  $page = HTML::Template->new(filename => "aclerror.tmpl");
     200  $page->param(ipdbfunc => $aclmsg{$aclerr});
     201}
     202
    193203
    194204# Clean up IPDB globals, DB handle, etc.
     
    502512
    503513  if ($IPDBacl{$authuser} !~ /a/) {
    504     printError("You shouldn't have been able to get here.  Access denied.");
     514    $aclerr = 'addblock';
    505515    return;
    506516  }
     
    605615sub confirmAssign {
    606616  if ($IPDBacl{$authuser} !~ /a/) {
    607     printError("You shouldn't have been able to get here.  Access denied.");
     617    $aclerr = 'addblock';
    608618    return;
    609619  }
     
    777787sub insertAssign {
    778788  if ($IPDBacl{$authuser} !~ /a/) {
    779     printError("You shouldn't have been able to get here.  Access denied.");
     789    $aclerr = 'addblock';
    780790    return;
    781791  }
     
    10211031sub update {
    10221032  if ($IPDBacl{$authuser} !~ /c/) {
    1023     printError("You shouldn't have been able to get here.  Access denied.");
     1033    $aclerr = 'updateblock';
    10241034    return;
    10251035  }
     
    11251135sub remove {
    11261136  if ($IPDBacl{$authuser} !~ /d/) {
    1127     printError("You shouldn't have been able to get here.  Access denied.");
     1137    $aclerr = 'delblock';
    11281138    return;
    11291139  }
     
    12101220sub finalDelete {
    12111221  if ($IPDBacl{$authuser} !~ /d/) {
    1212     $page->param(aclerr => 1);
     1222    $aclerr = 'delblock';
    12131223    return;
    12141224  }
Note: See TracChangeset for help on using the changeset viewer.