Closed Bug 258630 Opened 21 years ago Closed 20 years ago

when updating user receive error stating invalid e-mail address

Categories

(Bugzilla :: Administration, task)

Product:
Bugzilla
Component:
Administration
Platform:
x86
Linux
Type:
task
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 252190

People

(Reporter: deb, Assigned: justdave)

Details

User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7) Gecko/20040806 Firefox/0.9.3 Build Identifier: A user who has permission to "turn this bit on for other users" in the Group Access tried to grant permission to a different user to access a paticular group, and received the following error: The user name entered must be a valid e-mail address. Please press *Back* and try again This particular user did not have Editusers priveleges. When a different user with Editusers priveleges tried to make the same edit, the error did not appear. With further investigation I discovered that problem occured in the editusers.cgi file at line 776 (the if($action eq 'update' section), which was defined as follows: unless ($user =~ m/$emailregexp/) { print "The user name entered must be a valid e-mail address.\n"; print "Please press <b>Back</b> and try again.\n"; PutTrailer($localtrailer); exit; } The $user variable is not defined in this section. Instead, the user name is using $userold (defined on line 742 as my $userold = trim($::FORM{userold} || '');). To fix the problem, I updated line 776 to use the $userold variable as follows: unless ($userold =~ m/$emailregexp/) { Reproducible: Always Steps to Reproduce: 1. 2. 3.
This was fixed in Bugzilla 2.16.8, probably also in the other versions (2.18.x, 2.20.x). We has this problem too with bugzilla.gnome.org (http://bugzilla.gnome.org/show_bug.cgi?id=150996). It is caused by bug 252190, marking duplicate. Explanation: editusers.cgi will always set the global variable $user from the $FORM{user} variable. In EmitFormElements EmitElement is used to emit the user. EmitElement for users with editusers inserts an input box (allows a editusers person to change the email address of someone). When you do not have editusers, Bugzilla < 2.16.8 didn't even put a hidden field in to set 'user'. No $FORM{user} means editusers.cgi sets $user to ''. This fails the added emailregexp check, causing this bug. *** This bug has been marked as a duplicate of 252190 ***
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.