Closed
Bug 234879
Opened 21 years ago
Closed 21 years ago
Remove %FORM from editkeywords.cgi
Categories
(Bugzilla :: Bugzilla-General, defect)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.18
People
(Reporter: goobix, Assigned: goobix)
References
Details
Attachments
(1 file, 1 obsolete file)
|
2.04 KB,
patch
|
kiko
:
review+
|
Details | Diff | Splinter Review |
Use $cgi->param in editkeywords.cgi.
|
Assignee | |
Comment 1•21 years ago
|
||
|
|
Assignee | |
Updated•21 years ago
|
Status: NEW → ASSIGNED
Target Milestone: --- → Bugzilla 2.18
|
|
Assignee | |
Updated•21 years ago
|
Attachment #141739 -
Flags: review?(kiko)
|
||
Comment 2•21 years ago
|
||
Comment on attachment 141739 [details] [diff] [review]
Version 1
>Index: >@@ -173,7 +173,10 @@
> #
>
> if ($action eq 'edit') {
>- my $id = trim($::FORM{id} || 0);
>+ my $id = cgi->param('id');
>+ detaint_natural($id);
>+ $id = trim($id || 0);
Make sure you still need the trim after detaint_natural; I'm not sure myself.
Is zero used for anything special here? If so, it would be nice to add a
comment...
Attachment #141739 -
Flags: review?(kiko) → review+
|
||
Comment 3•21 years ago
|
||
Comment on attachment 141739 [details] [diff] [review]
Version 1
>@@ -173,7 +173,10 @@
>- my $id = trim($::FORM{id} || 0);
>+ my $id = cgi->param('id');
>+ detaint_natural($id);
>+ $id = trim($id || 0);
kiko's got a point... this won't work. If the value had spaces around it and
thus needs to be trimmed, it's going to fail the detaint_natural. Need to trim
it first before calling detaint_natural on it.
Attachment #141739 -
Flags: review-
|
|
Assignee | |
Comment 4•21 years ago
|
||
It used to get trimmed after detaining it in the old code. But good point,
*nods*.
|
|
Assignee | |
Comment 5•21 years ago
|
||
0 is not a special case, so I removed that as well.
Attachment #141739 -
Attachment is obsolete: true
|
|
Assignee | |
Updated•21 years ago
|
Attachment #142619 -
Flags: review?(kiko)
|
|
||
Updated•21 years ago
|
Attachment #142619 -
Flags: review?(kiko) → review+
|
|
Assignee | |
Updated•21 years ago
|
Flags: approval?
|
|
||
Updated•21 years ago
|
Flags: approval? → approval+
|
|
Assignee | |
Comment 6•21 years ago
|
||
Checking in editkeywords.cgi;
/cvsroot/mozilla/webtools/bugzilla/editkeywords.cgi,v <-- editkeywords.cgi
new revision: 1.20; previous revision: 1.19
done
|
|
Assignee | |
Updated•21 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
|
||
Updated•13 years ago
|
QA Contact: matty_is_a_geek → default-qa
You need to log in
before you can comment on or make changes to this bug.
Description
•