Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Patch for bug 234879: remove %FORM from editkeywords.cgi; r=kiko, a=justdave.

Browse Source 
git-svn-id: svn://10.0.0.236/trunk@153615 18797224-902f-48f8-a5cc-f745e15eee43
This commit is contained in:
jocuri%softhome.net 2004-03-06 09:04:33 +00:00
parent 0a7d69eb4d
commit 6d77a5b9f2
1 changed files with 16 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
mozilla/webtools/bugzilla/editkeywords.cgi
View File

@ -27,6 +27,8 @@ require "CGI.pl";
use Bugzilla::Config qw(:DEFAULT $datadir);
my $cgi = Bugzilla->cgi;
use vars qw($template $vars);
@ -62,11 +64,9 @@ unless (UserInGroup("editkeywords")) {
}
my $action = trim($::FORM{action} || '');
my $action = trim($cgi->param('action') || '');
$vars->{'action'} = $action;
detaint_natural($::FORM{id});
if ($action eq "") {
my @keywords;
@ -115,8 +115,8 @@ if ($action eq 'add') {
if ($action eq 'new') {
# Cleanups and valididy checks
my $name = trim($::FORM{name} || '');
my $description = trim($::FORM{description} || '');
my $name = trim($cgi->param('name') || '');
my $description = trim($cgi->param('description') || '');
Validate($name, $description);
@ -173,7 +173,9 @@ if ($action eq 'new') {
#
if ($action eq 'edit') {
my $id = trim($::FORM{id} || 0);
my $id = trim(cgi->param('id'));
detaint_natural($id);
# get data of keyword
SendSQL("SELECT name,description
FROM keyworddefs
@ -211,9 +213,11 @@ if ($action eq 'edit') {
#
if ($action eq 'update') {
my $id = $::FORM{id};
my $name = trim($::FORM{name} || '');
my $description = trim($::FORM{description} || '');
my $id = $cgi->param('id');
detaint_natural($id);
my $name = trim($cgi->param('name') || '');
my $description = trim($cgi->param('description') || '');
Validate($name, $description);
@ -246,12 +250,13 @@ if ($action eq 'update') {
if ($action eq 'delete') {
my $id = $::FORM{id};
my $id = $cgi->param('id');
detaint_natural($id);
SendSQL("SELECT name FROM keyworddefs WHERE id=$id");
my $name = FetchOneColumn();
if (!$::FORM{reallydelete}) {
if (!$cgi->param('reallydelete')) {
SendSQL("SELECT count(*)
FROM keywords
WHERE keywordid = $id");