===================================================================
RCS file: /cvs/palm/Palm-Keyring/examples/cgi/bin/keyring.cgi,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- palm/Palm-Keyring/examples/cgi/bin/keyring.cgi	2009/06/11 21:40:45	1.1
+++ palm/Palm-Keyring/examples/cgi/bin/keyring.cgi	2009/06/15 18:45:46	1.2
@@ -1,5 +1,5 @@
 #!/usr/bin/perl
-# $RedRiver$
+# $RedRiver: keyring.cgi,v 1.1 2009/06/11 20:40:45 andrew Exp $
 ########################################################################
 # keyring.cgi *** Update and modify keyring files
 #
@@ -25,14 +25,12 @@
 use Palm::Keyring;
 use Template;
 
-my $base_path = '/keyring';
-my $keyring_path = catdir($base_path, 'rings');
-my $dir       = $ENV{'PATH_INFO'} || '/';
+my $base_path = '/users';
+my $dir = $ENV{'PATH_INFO'} || '/';
 
 my $query = CGI->new();
-my $tt
-    = Template->new( { INCLUDE_PATH => catdir( $base_path, 'templates' ) } );
-my $pjx = new CGI::Ajax(
+my $tt    = Template->new( { INCLUDE_PATH => catdir('../templates') } );
+my $pjx   = new CGI::Ajax(
     changeFile     => \&change_file,
     changeCategory => \&change_category,
     changeRecord   => \&change_record,
@@ -51,28 +49,34 @@
 }
 
 $file = canonpath($file) if $file;
+$dir  = canonpath($dir)  if $dir;
 
-if ( $file =~ /^ \Q$keyring_path\E /xms ) {
+if ( $dir =~ m{/\.\.//}xms ) {
+    error('Invalid Dir [$dir]');
+    $dir = '';
+}
+
+if ( $file =~ /^ \Q$base_path\E /xms ) {
     $dir = dirname($file);
 }
 else {
-    $dir = catdir( $keyring_path, $dir );
+    $dir = catdir( $base_path, $dir, 'rings' );
+}
 
-    files() if !$file;
+files() if !$file;
 
-    if ( !$file ) {
-        error("no file in [$dir]!");
-    }
+if ( !$file ) {
+    error("No Keyrings in [$dir]!");
+}
 
-    if ( $dir && $file ) {
-        if ( !-d $dir ) {
-            error("Path [$dir] does not exist!");
-        }
-        $file = catfile( $dir, basename($file) );
-    }
+if ( $dir && $file ) {
+    $file = catfile( $dir, basename($file) );
+    error("Dir [$dir] does not exist!")   if !-d $dir;
+    error("File [$file] does not exist!") if !-e $file;
 }
 
 print $pjx->build_html( $query, \&Show_HTML );
+
 #print $query->header(), Show_HTML();
 
 sub Show_HTML {