body<= " unless $u; return BML::redirect("$LJ::SITEROOT/agecheck/?s=1") if $u->underage; return $LJ::MSG_READONLY_USER if $u->readonly; my $check_key = sub { my $key = shift; # make sure it is a public key, not a private or a signature, # before we bother with other checks my $kt = $1 if $key =~ /-{5}BEGIN PGP (\w+) /; return 0 unless $kt eq 'PUBLIC'; # pull key data, return if suspicious my $ks = "$kt KEY BLOCK"; my $data = $1 if $key =~ /$ks-{5}(.+?)-{5}.+?$ks(?:-)+/s; foreach ($data =~ /^(\w+):/mg) { return 0 unless $1 =~ /(Version|Hash|Comment|MessageID|Charset)/i; } $data =~ s/^(\s|\w+:).*//mg; $data =~ s/(?:\r)?\n//sg; return 0 if $data =~ tr/[ \t]// || length $data < 500; return 1; }; # Update settings my $error; if ($POST{userid} == $u->{userid}) { my @errors; my $key = $POST{key}; push(@errors, $ML{'.error.invalidkey'}) if ! $check_key->($key) && length $key != 0; $error = LJ::error_list(@errors) if @errors; unless (@errors) { $key = LJ::trim($key); LJ::set_userprop($u, 'public_key', $key); # This page shows them their key saved # eventually add a confirmation bar on it return BML::redirect('/pubkey.bml'); } } # Initial page LJ::load_user_props($u, qw(public_key)); my $ret; $ret .= " "href='/userinfo.bml'", aoptshelp => "href='emailpost.bml?mode=help&type=advanced\#pgp'", }); $ret .= " p?>"; $ret .= " "href='http://www.pgp.com/'", aoptsgpg => "href='http://www.gnupg.org/'", }); $ret .= " p?>"; $ret .= " h1?>"; $ret .= "

\n"; $ret .= $error if $error; $ret .= "\n"; $ret .= LJ::html_hidden(userid => $u->{userid}); my $val = LJ::did_post() ? $POST{'key'} : $u->{'public_key'}; $ret .= LJ::html_textarea({name=>'key', value=>$val, rows=>20, cols=>70 }); $ret .= "

"; $ret .= "

"; return $ret; } _code?> <=body page?>