Bug 238865: removing %::FORM from page.cgi in favor of $cgi->param

page.cgi

@@ -42,14 +42,19 @@ Bugzilla->login();
 
 my $cgi = Bugzilla->cgi;
 
-if ($::FORM{'id'}) {
+my $id = $cgi->param('id');
+if ($id) {
     # Remove all dodgy chars, and split into name and ctype.
-    $::FORM{'id'} =~ s/[^\w\-\.]//g;
-    $::FORM{'id'} =~ /(.*)\.(.*)/;
+    $id =~ s/[^\w\-\.]//g;
+    $id =~ /(.*)\.(.*)/;
+    if (!$2) {
+        # if this regexp fails to match completely, something bad came in
+        ThrowCodeError("bad_page_cgi_id", { "page_id" => $id });
+    }
 
     my $format = GetFormat("pages/$1", undef, $2);
     
-    $vars->{'form'} = \%::FORM; 
+    $cgi->param('id', $id);
 
     print $cgi->header($format->{'ctype'});
 

template/en/default/global/code-error.html.tmpl

@@ -56,6 +56,11 @@
   [% ELSIF error == "authres_unhandled" %]
     An authorization handler return value was not handled by the login code.
 
+  [% ELSIF error == "bad_page_cgi_id" %]
+    [% title = "Invalid Page ID" %]
+    The ID <code>[% page_id FILTER html %]</code> is not a
+    valid page identifier.
+
   [% ELSIF error == "bug_error" %]
     Trying to retrieve [% terms.bug %] [%+ bug.bug_id FILTER html %] returned 
     the error [% bug.error FILTER html %].

template/en/default/pages/linked.html.tmpl

@@ -21,6 +21,8 @@
   #%]
 
 [% INCLUDE global/header.html.tmpl title = "Your Linkified Text" %]
+[% USE Bugzilla %]
+[% cgi = Bugzilla.cgi %]
 
 <p>
   Copy and paste the text below:
@@ -30,7 +32,7 @@
 
 <p>
 <pre>
-[%- form.text FILTER quoteUrls FILTER html -%]
+[%- cgi.param("text") FILTER quoteUrls FILTER html -%]
 </pre>
 </p>
 
@@ -45,7 +47,7 @@
 
 <p>
 <pre>
-[%- form.text FILTER quoteUrls -%]
+[%- cgi.param("text") FILTER quoteUrls -%]
 </pre>
 </p>