From 3d5f407ad35f94899c59f38552a9ccd48cbbefe2 Mon Sep 17 00:00:00 2001
From: io <>
Date: Fri, 21 Jan 2005 03:16:17 +0000
Subject: [PATCH] ezmlm-web.cgi: check for permission before creating a new
 list

---
 ezmlm-web-ng/ezmlm-web-2.1-ng/ezmlm-web.cgi | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ezmlm-web-ng/ezmlm-web-2.1-ng/ezmlm-web.cgi b/ezmlm-web-ng/ezmlm-web-2.1-ng/ezmlm-web.cgi
index 9c6dfbb..a41e71f 100755
--- a/ezmlm-web-ng/ezmlm-web-2.1-ng/ezmlm-web.cgi
+++ b/ezmlm-web-ng/ezmlm-web-2.1-ng/ezmlm-web.cgi
@@ -432,7 +432,7 @@ sub untaint {
    } 
    $q->import_names('Q');
 
-   webauth($Q::list) == 0 || die 'Error: you are not allowed to do this!';
+   &webauth($Q::list) == 0 || die 'Error: you are not allowed to do this!';
 
 }
 
@@ -635,6 +635,8 @@ sub allow_create_list {
 
 sub create_list {
    # Create a list acording to user selections ...
+
+   &webauth_create_allowed == 0 || die 'ERROR: you are not allowed to create a new list!';
    
    # Check the list directory exists and create if necessary ...
    if(!-e $LIST_DIR) {