cgi_post
-user="$(echo -E "$_POST[\"user\"]" |sed -rn '1{/^[a-zA-Z0-9_+@.-]+$/p}')"
-pass="$_POST[\"pass\"]"
-userfile="$_DATA/auth/user$(echo -E "$user" |sha1sum |cut -c1-40)"
+user="$(printf %s\\n "${_POST[user]}" |sed -rn '1{/^[a-zA-Z0-9_+@.-]+$/p}')"
+pass="${_POST[pass]}"
+userfile="$_DATA/auth/user$(printf %s\\n "$user" |sha1sum |cut -c1-40)"
if [ -r "$userfile" ]; then
salt=$(sed -nr 's:^salt=(.+)$:\1:p' "$userfile")
ssum=$(sed -nr 's:^auth=(.+)$:\1:p' "$userfile")
- rsum=$(echo -E "$salt$pass" |sha1sum |cut -c1-40)
+ rsum=$(printf %s\\n "$salt$pass" |sha1sum |cut -c1-40)
fi
if [ -n "$ssum" -a "$ssum" = "$rsum" ]; then
sid="$(apg -n1 -a1 -m32 -x32 -M CLN)"
sessionfile="$_DATA/auth/session$sid"
- echo -E "$user $(($(date +%s) + 1800))" >"$sessionfile"
- echo -E "Location: $HTTP_REFERER"
- echo -E "Set-Cookie: session=$sid; HttpOnly"
+ printf %s\\n "$user $(($(date +%s) + 1800))" >"$sessionfile"
+ printf %s\\n "Location: $HTTP_REFERER"
+ printf %s\\n "Set-Cookie: session=$sid; HttpOnly"
else
- echo -E "Location: $HTTP_REFERER"
+ printf %s\\n "Location: $HTTP_REFERER"
fi
echo ''