X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Fclub%2Fwpia%2Fgigi%2Fpages%2Fadmin%2Fsupport%2FSupportEnterTicketForm.java;h=918df15d156806e17cfc3f8c6916a0f551da1ebd;hb=87bf6551ebd440eeb363437f0a71345cd9d81192;hp=0a98dfd124a58c2791fa75b303b7074b85ded05f;hpb=bccd4cc0dba0f89aa045b113bac46eb8cc1dab4e;p=gigi.git

diff --git a/src/club/wpia/gigi/pages/admin/support/SupportEnterTicketForm.java b/src/club/wpia/gigi/pages/admin/support/SupportEnterTicketForm.java
index 0a98dfd1..918df15d 100644
--- a/src/club/wpia/gigi/pages/admin/support/SupportEnterTicketForm.java
+++ b/src/club/wpia/gigi/pages/admin/support/SupportEnterTicketForm.java
@@ -12,11 +12,14 @@ import club.wpia.gigi.output.template.Form;
 import club.wpia.gigi.output.template.Template;
 import club.wpia.gigi.pages.LoginPage;
 import club.wpia.gigi.util.AuthorizationContext;
+import club.wpia.gigi.util.CalendarUtil;
 
 public class SupportEnterTicketForm extends Form {
 
     private static final Template t = new Template(SupportEnterTicketForm.class.getResource("SupportEnterTicketForm.templ"));
 
+    public static final String TICKET_PREFIX = "acdhi";
+
     public SupportEnterTicketForm(HttpServletRequest hsr) {
         super(hsr);
     }
@@ -24,9 +27,9 @@ public class SupportEnterTicketForm extends Form {
     @Override
     public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
         if (req.getParameter("setTicket") != null) {
-            // [asdmASDM]\d{8}\.\d+
-            String ticket = req.getParameter("ticketno");
-            if (ticket.matches("[asdmASDM]\\d{8}\\.\\d+")) {
+            // [acdhi]\d{8}\.\d+ according to numbering scheme
+            String ticket = req.getParameter("ticketno").toLowerCase();
+            if (ticket.matches("[" + TICKET_PREFIX + "]\\d{8}\\.\\d+") && CalendarUtil.isDateValid(ticket.substring(1, 9))) {
                 AuthorizationContext ac = LoginPage.getAuthorizationContext(req);
                 req.getSession().setAttribute(Gigi.AUTH_CONTEXT, new AuthorizationContext(ac.getActor(), ticket));
                 return new RedirectResult(SupportEnterTicketPage.PATH);
@@ -34,7 +37,7 @@ public class SupportEnterTicketForm extends Form {
             throw new GigiApiException("Ticket format malformed");
         } else if (req.getParameter("deleteTicket") != null) {
             AuthorizationContext ac = LoginPage.getAuthorizationContext(req);
-            req.getSession().setAttribute(Gigi.AUTH_CONTEXT, new AuthorizationContext(ac.getActor(), ac.getActor()));
+            req.getSession().setAttribute(Gigi.AUTH_CONTEXT, new AuthorizationContext(ac.getActor(), ac.getActor(), ac.isStronglyAuthenticated()));
             return new RedirectResult(SupportEnterTicketPage.PATH);
         }
         throw new GigiApiException("No valid action given.");