Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
bugzilla
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
etersoft
bugzilla
Commits
6a51c4c3
Commit
6a51c4c3
authored
Jul 07, 2009
by
mkanat%bugzilla.org
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Bug 502641: Fix various problems that would occur when you would log in from buglist.cgi
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
parent
23ac1fef
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
26 additions
and
12 deletions
+26
-12
CGI.pm
Bugzilla/CGI.pm
+15
-1
buglist.cgi
buglist.cgi
+11
-11
No files found.
Bugzilla/CGI.pm
View file @
6a51c4c3
...
...
@@ -141,7 +141,7 @@ sub canonicalise_query {
sub
clean_search_url
{
my
$self
=
shift
;
# Delete any empty URL parameter
# Delete any empty URL parameter
.
my
@cgi_params
=
$self
->
param
;
foreach
my
$param
(
@cgi_params
)
{
...
...
@@ -161,6 +161,9 @@ sub clean_search_url {
# Delete certain parameters if the associated parameter is empty.
$self
->
delete
(
'bugidtype'
)
if
!
$self
->
param
(
'bug_id'
);
# Delete leftovers from the login form
$self
->
delete
(
'Bugzilla_remember'
,
'GoAheadAndLogIn'
);
foreach
my
$num
(
1
,
2
)
{
# If there's no value in the email field, delete the related fields.
if
(
!
$self
->
param
(
"email$num"
))
{
...
...
@@ -299,6 +302,17 @@ sub param {
return
wantarray
?
@result
:
$result
[
0
];
}
# And for various other functions in CGI.pm, we need to correctly
# return the URL parameters in addition to the POST parameters when
# asked for the list of parameters.
elsif
(
!
scalar
(
@_
)
&&
$self
->
request_method
&&
$self
->
request_method
eq
'POST'
)
{
my
@post_params
=
$self
->
SUPER::
param
;
my
@url_params
=
$self
->
url_param
;
my
%
params
=
map
{
$_
=>
1
}
(
@post_params
,
@url_params
);
return
keys
%
params
;
}
return
$self
->
SUPER::
param
(
@_
);
}
...
...
buglist.cgi
View file @
6a51c4c3
...
...
@@ -407,14 +407,14 @@ sub _close_standby_message {
# Command Execution
################################################################################
$cgi
->
param
(
'cmdtype'
,
""
)
if
!
defined
$cgi
->
param
(
'cmdtype'
)
;
$cgi
->
param
(
'remaction'
,
""
)
if
!
defined
$cgi
->
param
(
'remaction'
)
;
my
$cmdtype
=
$cgi
->
param
(
'cmdtype'
)
||
''
;
my
$remaction
=
$cgi
->
param
(
'remaction'
)
||
''
;
# Backwards-compatibility - the old interface had cmdtype="runnamed" to run
# a named command, and we can't break this because it's in bookmarks.
if
(
$c
gi
->
param
(
'cmdtype'
)
eq
"runnamed"
)
{
$c
gi
->
param
(
'cmdtype'
,
"dorem"
)
;
$
cgi
->
param
(
'remaction'
,
"run"
)
;
if
(
$c
mdtype
eq
"runnamed"
)
{
$c
mdtype
=
"dorem"
;
$
remaction
=
"run"
;
}
# Now we're going to be running, so ensure that the params object is set up,
...
...
@@ -432,7 +432,7 @@ $params ||= new Bugzilla::CGI($cgi);
my
@time
=
localtime
(
time
());
my
$date
=
sprintf
"%04d-%02d-%02d"
,
1900
+
$time
[
5
],
$time
[
4
]
+
1
,
$time
[
3
];
my
$filename
=
"bugs-$date.$format->{extension}"
;
if
(
$c
gi
->
param
(
'cmdtype'
)
eq
"dorem"
&&
$cgi
->
param
(
'remaction'
)
=~
/^run/
)
{
if
(
$c
mdtype
eq
"dorem"
&&
$remaction
=~
/^run/
)
{
$filename
=
$cgi
->
param
(
'namedcmd'
)
.
"-$date.$format->{extension}"
;
# Remove white-space from the filename so the user cannot tamper
# with the HTTP headers.
...
...
@@ -442,8 +442,8 @@ $filename =~ s/\\/\\\\/g; # escape backslashes
$filename
=~
s/"/\\"/g
;
# escape quotes
# Take appropriate action based on user's request.
if
(
$c
gi
->
param
(
'cmdtype'
)
eq
"dorem"
)
{
if
(
$
cgi
->
param
(
'remaction'
)
eq
"run"
)
{
if
(
$c
mdtype
eq
"dorem"
)
{
if
(
$
remaction
eq
"run"
)
{
my
$query_id
;
(
$buffer
,
$query_id
)
=
LookupNamedQuery
(
scalar
$cgi
->
param
(
"namedcmd"
),
scalar
$cgi
->
param
(
'sharer_id'
));
...
...
@@ -459,14 +459,14 @@ if ($cgi->param('cmdtype') eq "dorem") {
$order
=
$params
->
param
(
'order'
)
||
$order
;
}
elsif
(
$
cgi
->
param
(
'remaction'
)
eq
"runseries"
)
{
elsif
(
$
remaction
eq
"runseries"
)
{
$buffer
=
LookupSeries
(
scalar
$cgi
->
param
(
"series_id"
));
$vars
->
{
'searchname'
}
=
$cgi
->
param
(
'namedcmd'
);
$vars
->
{
'searchtype'
}
=
"series"
;
$params
=
new
Bugzilla::
CGI
(
$buffer
);
$order
=
$params
->
param
(
'order'
)
||
$order
;
}
elsif
(
$
cgi
->
param
(
'remaction'
)
eq
"forget"
)
{
elsif
(
$
remaction
eq
"forget"
)
{
my
$user
=
Bugzilla
->
login
(
LOGIN_REQUIRED
);
# Copy the name into a variable, so that we can trick_taint it for
# the DB. We know it's safe, because we're using placeholders in
...
...
@@ -530,7 +530,7 @@ if ($cgi->param('cmdtype') eq "dorem") {
exit
;
}
}
elsif
((
$c
gi
->
param
(
'cmdtype'
)
eq
"doit"
)
&&
defined
$cgi
->
param
(
'remtype'
))
{
elsif
((
$c
mdtype
eq
"doit"
)
&&
defined
$cgi
->
param
(
'remtype'
))
{
if
(
$cgi
->
param
(
'remtype'
)
eq
"asdefault"
)
{
my
$user
=
Bugzilla
->
login
(
LOGIN_REQUIRED
);
InsertNamedQuery
(
DEFAULT_QUERY_NAME
,
$buffer
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment