From f88a49f83513b788b799aa67e852ec6291167d76 Mon Sep 17 00:00:00 2001
From: Matthias Andreas Benkard <code@mail.matthias.benkard.de>
Date: Wed, 3 Oct 2012 19:48:52 +0200
Subject: Fix session user matching.

---
 www/logged_in_p.pl | 2 +-
 www/login.pl       | 2 +-
 www/sign.pl        | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

(limited to 'www')

diff --git a/www/logged_in_p.pl b/www/logged_in_p.pl
index cbbb936..2e648fc 100755
--- a/www/logged_in_p.pl
+++ b/www/logged_in_p.pl
@@ -35,7 +35,7 @@ while (my $cgi = new CGI::Fast) {
 
   my $email        = $cgi->param('email')    or die "No email address supplied";
   my $session_user = $session->param('user');
-  if ($session_user ~~ email_users($email)) {
+  if ($session_user ~~ [email_users($email)]) {
     say encode_json({logged_in_p => 1});
   } else {
     say encode_json({logged_in_p => 0});
diff --git a/www/login.pl b/www/login.pl
index 9e0467e..852f57c 100755
--- a/www/login.pl
+++ b/www/login.pl
@@ -61,7 +61,7 @@ while (my $cgi = new CGI::Fast) {
   my $email    = $cgi->param('email')    or die "No email address provided";
   my $password = $cgi->param('password') or die "Empty password";
 
-  for my $user (email_users($email)) {
+  for my $user ([email_users($email)]) {
     #say STDERR "Trying user: $user";
     if (check_password($user, $password)) {
       $session->param('user', $user);
diff --git a/www/sign.pl b/www/sign.pl
index 53d7015..a0fd11f 100755
--- a/www/sign.pl
+++ b/www/sign.pl
@@ -86,7 +86,7 @@ while (my $cgi = new CGI::Fast) {
   if ($email =~ /^(.*?)@(.*)/) { $domain = $2; }
 
   die "User is not authorized to use this email address"
-    unless ($session_user ~~ email_users($email));
+    unless ($session_user ~~ [email_users($email)]);
 
   my $sig = sign $key, decode_json($user_pubkey), $email, $duration, $domain;
   say encode_json({signature => $sig});
-- 
cgit v1.2.3