Closed Bug 76157 Opened 23 years ago Closed 21 years ago

Give proper error message on non-numeric sortkey.

Categories

(Bugzilla :: Administration, task, P2)

Product:
Bugzilla
Component:
Administration
Version:
2.11
Type:
task

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Bugzilla 2.18

People

(Reporter: CodeMachine, Assigned: goobix)

Details

Attachments

(1 file, 1 obsolete file)

Moving code as kiko suggested.
789 bytes, patch
kiko
: review+
Details | Diff | Splinter Review 
If I try to add or edit a milestone such that the sortkey is not a number, I get
an error like:

INSERT INTO milestones ( value, product, sortkey ) VALUES ( 'A','TestProduct',
K): Unknown column 'K' in 'field list' at
globals.pl line 173. 

This should check the sortkey is a number and give a reasonable error message if
not.

This might be a security problem but I can't figure out how to might make it
one.
Target Milestone: --- → Bugzilla 2.16
Priority: -- → P2
-> Bugzilla product, Administration component, reassigning.
Assignee: tara → justdave
Component: Bugzilla → Administration
Product: Webtools → Bugzilla
Version: Bugzilla 2.11 → 2.11
I'll take this one.
Assignee: justdave → matty
Status: NEW → ASSIGNED
QA Contact: matty → jake
We are currently trying to wrap up Bugzilla 2.16.  We are now close enough to
release time that anything that wasn't already ranked at P1 isn't going to make
the cut.  Thus this is being retargetted at 2.18.  If you strongly disagree with
this retargetting, please comment, however, be aware that we only have about 2
weeks left to review and test anything at this point, and we intend to devote
this time to the remaining bugs that were designated as release blockers.
Target Milestone: Bugzilla 2.16 → Bugzilla 2.18
Attached patch Checks for a valid sortkey. (obsolete) — Splinter Review 

    
  

        Attachment #131330 -
        Flags: review?(kiko)

    
    

    
  
Comment on attachment 131330 [details] [diff] [review]
Checks for a valid sortkey.

If you move your check to before the TestMilestone() clause there, r=kiko.

Reason is, this is a relatively simple check, and there's no reason to check it
against $product if it's got invalid characters in it.

(BTW: welcome back, I was wondering when you'd show up ;-)

        Attachment #131330 -
        Flags: review?(kiko) → review+

    
    

    
  


  
I was mostly around but I have been quiet lately. :)

    
  

        Attachment #131330 -
        Attachment is obsolete: true

    
    

    
  
<-- me (patch writer)
Assignee: mattyt-bugzilla → jocuri
Status: ASSIGNED → NEW

    
  
Status: NEW → ASSIGNED

    
    

    
  
Comment on attachment 131420 [details] [diff] [review]
Moving code as kiko suggested.

Not sure if I can carry over your r+ on this new version.

        Attachment #131420 -
        Flags: review?(kiko)

    
    

    
  
Comment on attachment 131420 [details] [diff] [review]
Moving code as kiko suggested.

Looks fine, r=kiko

        Attachment #131420 -
        Flags: review?(kiko) → review+

    
    

    
  
It'd be nice if we could ThrowUserError, but seeing as how the whole thing
hasn't been templatized yet, I assume we'll pick that up when we templatize it.

a=justdave
Flags: approval+

    
    

    
  
Checking in editmilestones.cgi;
/cvsroot/mozilla/webtools/bugzilla/editmilestones.cgi,v  <--  editmilestones.cgi
new revision: 1.17; previous revision: 1.16
done

Status: ASSIGNED → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
QA Contact: jake → default-qa

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: