Skip to content

bugzilla
bugzilla
Commit add73503 authored by lpsolit%gmail.com's avatar lpsolit%gmail.com
Browse files
Options

Bug 289372: Remove %FORM from editflagtypes.cgi - Patch by Teemu Mannermaa…

Bug 289372: Remove %FORM from editflagtypes.cgi - Patch by Teemu Mannermaa <wicked@etlicon.fi> r=LpSolit a=myk
parent 7e045dd0
Hide whitespace changes
Inline Side-by-side
Showing with 116 additions and 107 deletions
editflagtypes.cgi
View file @ add73503
...@@ -50,6 +50,7 @@ UserInGroup("editcomponents") ...@@ -50,6 +50,7 @@ UserInGroup("editcomponents")
# Suppress "used only once" warnings. # Suppress "used only once" warnings.
use vars qw(@legal_product @legal_components %components); use vars qw(@legal_product @legal_components %components);
my $cgi = Bugzilla->cgi;
my $product_id; my $product_id;
my $component_id; my $component_id;
...@@ -62,10 +63,10 @@ my $component_id; ...@@ -62,10 +63,10 @@ my $component_id;
# that variable and runs the appropriate code. # that variable and runs the appropriate code.
# Determine whether to use the action specified by the user or the default. # Determine whether to use the action specified by the user or the default.
my $action = $::FORM{'action'} || 'list'; my $action = $cgi->param('action') || 'list';
my @categoryActions; my @categoryActions;
if (@categoryActions = grep(/^categoryAction-.+/, keys(%::FORM))) { if (@categoryActions = grep(/^categoryAction-.+/, $cgi->param())) {
$categoryActions[0] =~ s/^categoryAction-//; $categoryActions[0] =~ s/^categoryAction-//;
processCategoryChange($categoryActions[0]); processCategoryChange($categoryActions[0]);
exit; exit;
...@@ -94,13 +95,13 @@ sub list { ...@@ -94,13 +95,13 @@ sub list {
# Define the variables and functions that will be passed to the UI template. # Define the variables and functions that will be passed to the UI template.
$vars->{'bug_types'} = $vars->{'bug_types'} =
Bugzilla::FlagType::match({ 'target_type' => 'bug', Bugzilla::FlagType::match({ 'target_type' => 'bug',
'group' => $::FORM{'group'} }, 1); 'group' => scalar $cgi->param('group') }, 1);
$vars->{'attachment_types'} = $vars->{'attachment_types'} =
Bugzilla::FlagType::match({ 'target_type' => 'attachment', Bugzilla::FlagType::match({ 'target_type' => 'attachment',
'group' => $::FORM{'group'} }, 1); 'group' => scalar $cgi->param('group') }, 1);
# Return the appropriate HTTP response headers. # Return the appropriate HTTP response headers.
print Bugzilla->cgi->header(); print $cgi->header();
# Generate and return the UI (HTML page) from the appropriate template. # Generate and return the UI (HTML page) from the appropriate template.
$template->process("admin/flag-type/list.html.tmpl", $vars) $template->process("admin/flag-type/list.html.tmpl", $vars)
...@@ -109,7 +110,7 @@ sub list { ...@@ -109,7 +110,7 @@ sub list {
sub edit { sub edit {
$action eq 'enter' ? validateTargetType() : validateID(); $action eq 'enter' ? validateTargetType() : (my $id = validateID());
# Get this installation's products and components. # Get this installation's products and components.
GetVersionTable(); GetVersionTable();
...@@ -121,8 +122,8 @@ sub edit { ...@@ -121,8 +122,8 @@ sub edit {
$vars->{'components'} = \@::legal_components; $vars->{'components'} = \@::legal_components;
$vars->{'components_by_product'} = \%::components; $vars->{'components_by_product'} = \%::components;
$vars->{'last_action'} = $::FORM{'action'}; $vars->{'last_action'} = $cgi->param('action');
if ($::FORM{'action'} eq 'enter' || $::FORM{'action'} eq 'copy') { if ($cgi->param('action') eq 'enter' || $cgi->param('action') eq 'copy') {
$vars->{'action'} = "insert"; $vars->{'action'} = "insert";
} }
else { else {
...@@ -130,10 +131,10 @@ sub edit { ...@@ -130,10 +131,10 @@ sub edit {
} }
# If copying or editing an existing flag type, retrieve it. # If copying or editing an existing flag type, retrieve it.
if ($::FORM{'action'} eq 'copy' || $::FORM{'action'} eq 'edit') { if ($cgi->param('action') eq 'copy' || $cgi->param('action') eq 'edit') {
$vars->{'type'} = Bugzilla::FlagType::get($::FORM{'id'}); $vars->{'type'} = Bugzilla::FlagType::get($id);
$vars->{'type'}->{'inclusions'} = Bugzilla::FlagType::get_inclusions($::FORM{'id'}); $vars->{'type'}->{'inclusions'} = Bugzilla::FlagType::get_inclusions($id);
$vars->{'type'}->{'exclusions'} = Bugzilla::FlagType::get_exclusions($::FORM{'id'}); $vars->{'type'}->{'exclusions'} = Bugzilla::FlagType::get_exclusions($id);
# Users want to see group names, not IDs # Users want to see group names, not IDs
foreach my $group ("grant_gid", "request_gid") { foreach my $group ("grant_gid", "request_gid") {
my $gid = $vars->{'type'}->{$group}; my $gid = $vars->{'type'}->{$group};
...@@ -146,12 +147,12 @@ sub edit { ...@@ -146,12 +147,12 @@ sub edit {
# that the template needs to know) from the URL parameter and default # that the template needs to know) from the URL parameter and default
# the list of inclusions to all categories. # the list of inclusions to all categories.
else { else {
$vars->{'type'} = { 'target_type' => $::FORM{'target_type'} , $vars->{'type'} = { 'target_type' => scalar $cgi->param('target_type'),
'inclusions' => ["__Any__:__Any__"] }; 'inclusions' => ["__Any__:__Any__"] };
} }
# Return the appropriate HTTP response headers. # Return the appropriate HTTP response headers.
print Bugzilla->cgi->header(); print $cgi->header();
# Generate and return the UI (HTML page) from the appropriate template. # Generate and return the UI (HTML page) from the appropriate template.
$template->process("admin/flag-type/edit.html.tmpl", $vars) $template->process("admin/flag-type/edit.html.tmpl", $vars)
...@@ -165,25 +166,25 @@ sub processCategoryChange { ...@@ -165,25 +166,25 @@ sub processCategoryChange {
validateIsRequesteeble(); validateIsRequesteeble();
validateAllowMultiple(); validateAllowMultiple();
my @inclusions = $::MFORM{'inclusions'} ? @{$::MFORM{'inclusions'}} : (); my @inclusions = $cgi->param('inclusions');
my @exclusions = $::MFORM{'exclusions'} ? @{$::MFORM{'exclusions'}} : (); my @exclusions = $cgi->param('exclusions');
if ($categoryAction eq 'include') { if ($categoryAction eq 'include') {
validateProduct(); validateProduct();
validateComponent(); validateComponent();
my $category = ($::FORM{'product'} || "__Any__") . ":" . ($::FORM{'component'} || "__Any__"); my $category = ($cgi->param('product') || "__Any__") . ":" . ($cgi->param('component') || "__Any__");
push(@inclusions, $category) unless grep($_ eq $category, @inclusions); push(@inclusions, $category) unless grep($_ eq $category, @inclusions);
} }
elsif ($categoryAction eq 'exclude') { elsif ($categoryAction eq 'exclude') {
validateProduct(); validateProduct();
validateComponent(); validateComponent();
my $category = ($::FORM{'product'} || "__Any__") . ":" . ($::FORM{'component'} || "__Any__"); my $category = ($cgi->param('product') || "__Any__") . ":" . ($cgi->param('component') || "__Any__");
push(@exclusions, $category) unless grep($_ eq $category, @exclusions); push(@exclusions, $category) unless grep($_ eq $category, @exclusions);
} }
elsif ($categoryAction eq 'removeInclusion') { elsif ($categoryAction eq 'removeInclusion') {
@inclusions = map(($_ eq $::FORM{'inclusion_to_remove'} ? () : $_), @inclusions); @inclusions = map(($_ eq $cgi->param('inclusion_to_remove') ? () : $_), @inclusions);
} }
elsif ($categoryAction eq 'removeExclusion') { elsif ($categoryAction eq 'removeExclusion') {
@exclusions = map(($_ eq $::FORM{'exclusion_to_remove'} ? () : $_), @exclusions); @exclusions = map(($_ eq $cgi->param('exclusion_to_remove') ? () : $_), @exclusions);
} }
# Get this installation's products and components. # Get this installation's products and components.
...@@ -195,15 +196,15 @@ sub processCategoryChange { ...@@ -195,15 +196,15 @@ sub processCategoryChange {
$vars->{'components'} = \@::legal_components; $vars->{'components'} = \@::legal_components;
$vars->{'components_by_product'} = \%::components; $vars->{'components_by_product'} = \%::components;
$vars->{'action'} = $::FORM{'action'}; $vars->{'action'} = $cgi->param('action');
my $type = {}; my $type = {};
foreach my $key (keys %::FORM) { $type->{$key} = $::FORM{$key} } foreach my $key ($cgi->param()) { $type->{$key} = $cgi->param($key) }
$type->{'inclusions'} = \@inclusions; $type->{'inclusions'} = \@inclusions;
$type->{'exclusions'} = \@exclusions; $type->{'exclusions'} = \@exclusions;
$vars->{'type'} = $type; $vars->{'type'} = $type;
# Return the appropriate HTTP response headers. # Return the appropriate HTTP response headers.
print Bugzilla->cgi->header(); print $cgi->header();
# Generate and return the UI (HTML page) from the appropriate template. # Generate and return the UI (HTML page) from the appropriate template.
$template->process("admin/flag-type/edit.html.tmpl", $vars) $template->process("admin/flag-type/edit.html.tmpl", $vars)
...@@ -224,10 +225,10 @@ sub insert { ...@@ -224,10 +225,10 @@ sub insert {
my $dbh = Bugzilla->dbh; my $dbh = Bugzilla->dbh;
my $name = SqlQuote($::FORM{'name'}); my $name = SqlQuote($cgi->param('name'));
my $description = SqlQuote($::FORM{'description'}); my $description = SqlQuote($cgi->param('description'));
my $cc_list = SqlQuote($::FORM{'cc_list'}); my $cc_list = SqlQuote($cgi->param('cc_list'));
my $target_type = $::FORM{'target_type'} eq "bug" ? "b" : "a"; my $target_type = $cgi->param('target_type') eq "bug" ? "b" : "a";
$dbh->bz_lock_tables('flagtypes WRITE', 'products READ', $dbh->bz_lock_tables('flagtypes WRITE', 'products READ',
'components READ', 'flaginclusions WRITE', 'components READ', 'flaginclusions WRITE',
...@@ -242,15 +243,18 @@ sub insert { ...@@ -242,15 +243,18 @@ sub insert {
target_type, sortkey, is_active, is_requestable, target_type, sortkey, is_active, is_requestable,
is_requesteeble, is_multiplicable, is_requesteeble, is_multiplicable,
grant_group_id, request_group_id) grant_group_id, request_group_id)
VALUES ($id, $name, $description, $cc_list, '$target_type', VALUES ($id, $name, $description, $cc_list, '$target_type', " .
$::FORM{'sortkey'}, $::FORM{'is_active'}, $cgi->param('sortkey') . ", " .
$::FORM{'is_requestable'}, $::FORM{'is_requesteeble'}, $cgi->param('is_active') . ", " .
$::FORM{'is_multiplicable'}, $::FORM{'grant_gid'}, $cgi->param('is_requestable') . ", " .
$::FORM{'request_gid'})"); $cgi->param('is_requesteeble') . ", " .
$cgi->param('is_multiplicable') . ", " .
$cgi->param('grant_gid') . ", " .
$cgi->param('request_gid') . ")");
# Populate the list of inclusions/exclusions for this flag type. # Populate the list of inclusions/exclusions for this flag type.
foreach my $category_type ("inclusions", "exclusions") { foreach my $category_type ("inclusions", "exclusions") {
foreach my $category (@{$::MFORM{$category_type}}) { foreach my $category ($cgi->param($category_type)) {
my ($product, $component) = split(/:/, $category); my ($product, $component) = split(/:/, $category);
my $product_id = get_product_id($product) || "NULL"; my $product_id = get_product_id($product) || "NULL";
my $component_id = my $component_id =
...@@ -262,11 +266,11 @@ sub insert { ...@@ -262,11 +266,11 @@ sub insert {
$dbh->bz_unlock_tables(); $dbh->bz_unlock_tables();
$vars->{'name'} = $::FORM{'name'}; $vars->{'name'} = $cgi->param('name');
$vars->{'message'} = "flag_type_created"; $vars->{'message'} = "flag_type_created";
# Return the appropriate HTTP response headers. # Return the appropriate HTTP response headers.
print Bugzilla->cgi->header(); print $cgi->header();
# Generate and return the UI (HTML page) from the appropriate template. # Generate and return the UI (HTML page) from the appropriate template.
$template->process("global/message.html.tmpl", $vars) $template->process("global/message.html.tmpl", $vars)
...@@ -275,7 +279,7 @@ sub insert { ...@@ -275,7 +279,7 @@ sub insert {
sub update { sub update {
validateID(); my $id = validateID();
validateName(); validateName();
validateDescription(); validateDescription();
validateCCList(); validateCCList();
...@@ -289,9 +293,9 @@ sub update { ...@@ -289,9 +293,9 @@ sub update {
my $dbh = Bugzilla->dbh; my $dbh = Bugzilla->dbh;
my $name = SqlQuote($::FORM{'name'}); my $name = SqlQuote($cgi->param('name'));
my $description = SqlQuote($::FORM{'description'}); my $description = SqlQuote($cgi->param('description'));
my $cc_list = SqlQuote($::FORM{'cc_list'}); my $cc_list = SqlQuote($cgi->param('cc_list'));
$dbh->bz_lock_tables('flagtypes WRITE', 'products READ', $dbh->bz_lock_tables('flagtypes WRITE', 'products READ',
'components READ', 'flaginclusions WRITE', 'components READ', 'flaginclusions WRITE',
...@@ -300,26 +304,25 @@ sub update { ...@@ -300,26 +304,25 @@ sub update {
SET name = $name , SET name = $name ,
description = $description , description = $description ,
cc_list = $cc_list , cc_list = $cc_list ,
sortkey = $::FORM{'sortkey'} , sortkey = " . $cgi->param('sortkey') . ",
is_active = $::FORM{'is_active'} , is_active = " . $cgi->param('is_active') . ",
is_requestable = $::FORM{'is_requestable'} , is_requestable = " . $cgi->param('is_requestable') . ",
is_requesteeble = $::FORM{'is_requesteeble'} , is_requesteeble = " . $cgi->param('is_requesteeble') . ",
is_multiplicable = $::FORM{'is_multiplicable'} , is_multiplicable = " . $cgi->param('is_multiplicable') . ",
grant_group_id = $::FORM{'grant_gid'} , grant_group_id = " . $cgi->param('grant_gid') . ",
request_group_id = $::FORM{'request_gid'} request_group_id = " . $cgi->param('request_gid') . "
WHERE id = $::FORM{'id'}"); WHERE id = $id");
# Update the list of inclusions/exclusions for this flag type. # Update the list of inclusions/exclusions for this flag type.
foreach my $category_type ("inclusions", "exclusions") { foreach my $category_type ("inclusions", "exclusions") {
SendSQL("DELETE FROM flag$category_type WHERE type_id = $::FORM{'id'}"); SendSQL("DELETE FROM flag$category_type WHERE type_id = $id");
foreach my $category (@{$::MFORM{$category_type}}) { foreach my $category ($cgi->param($category_type)) {
my ($product, $component) = split(/:/, $category); my ($product, $component) = split(/:/, $category);
my $product_id = get_product_id($product) || "NULL"; my $product_id = get_product_id($product) || "NULL";
my $component_id = my $component_id =
get_component_id($product_id, $component) || "NULL"; get_component_id($product_id, $component) || "NULL";
SendSQL("INSERT INTO flag$category_type (type_id, product_id, " . SendSQL("INSERT INTO flag$category_type (type_id, product_id, " .
"component_id) VALUES ($::FORM{'id'}, $product_id, " . "component_id) VALUES ($id, $product_id, $component_id)");
"$component_id)");
} }
} }
...@@ -336,7 +339,7 @@ sub update { ...@@ -336,7 +339,7 @@ sub update {
ON (flags.type_id = i.type_id ON (flags.type_id = i.type_id
AND (bugs.product_id = i.product_id OR i.product_id IS NULL) AND (bugs.product_id = i.product_id OR i.product_id IS NULL)
AND (bugs.component_id = i.component_id OR i.component_id IS NULL)) AND (bugs.component_id = i.component_id OR i.component_id IS NULL))
WHERE flags.type_id = $::FORM{'id'} WHERE flags.type_id = $id
AND flags.is_active = 1 AND flags.is_active = 1
AND i.type_id IS NULL AND i.type_id IS NULL
"); ");
...@@ -349,18 +352,18 @@ sub update { ...@@ -349,18 +352,18 @@ sub update {
ON flags.bug_id = bugs.bug_id ON flags.bug_id = bugs.bug_id
INNER JOIN flagexclusions AS e INNER JOIN flagexclusions AS e
ON flags.type_id = e.type_id ON flags.type_id = e.type_id
WHERE flags.type_id = $::FORM{'id'} WHERE flags.type_id = $id
AND flags.is_active = 1 AND flags.is_active = 1
AND (bugs.product_id = e.product_id OR e.product_id IS NULL) AND (bugs.product_id = e.product_id OR e.product_id IS NULL)
AND (bugs.component_id = e.component_id OR e.component_id IS NULL) AND (bugs.component_id = e.component_id OR e.component_id IS NULL)
"); ");
Bugzilla::Flag::clear(FetchOneColumn()) while MoreSQLData(); Bugzilla::Flag::clear(FetchOneColumn()) while MoreSQLData();
$vars->{'name'} = $::FORM{'name'}; $vars->{'name'} = $cgi->param('name');
$vars->{'message'} = "flag_type_changes_saved"; $vars->{'message'} = "flag_type_changes_saved";
# Return the appropriate HTTP response headers. # Return the appropriate HTTP response headers.
print Bugzilla->cgi->header(); print $cgi->header();
# Generate and return the UI (HTML page) from the appropriate template. # Generate and return the UI (HTML page) from the appropriate template.
$template->process("global/message.html.tmpl", $vars) $template->process("global/message.html.tmpl", $vars)
...@@ -370,18 +373,19 @@ sub update { ...@@ -370,18 +373,19 @@ sub update {
sub confirmDelete sub confirmDelete
{ {
validateID(); my $id = validateID();
# check if we need confirmation to delete: # check if we need confirmation to delete:
my $count = Bugzilla::Flag::count({ 'type_id' => $::FORM{'id'}, my $count = Bugzilla::Flag::count({ 'type_id' => $id,
'is_active' => 1 }); 'is_active' => 1 });
if ($count > 0) { if ($count > 0) {
$vars->{'flag_type'} = Bugzilla::FlagType::get($::FORM{'id'}); $vars->{'flag_type'} = Bugzilla::FlagType::get($id);
$vars->{'flag_count'} = scalar($count); $vars->{'flag_count'} = scalar($count);
# Return the appropriate HTTP response headers. # Return the appropriate HTTP response headers.
print Bugzilla->cgi->header(); print $cgi->header();
# Generate and return the UI (HTML page) from the appropriate template. # Generate and return the UI (HTML page) from the appropriate template.
$template->process("admin/flag-type/confirm-delete.html.tmpl", $vars) $template->process("admin/flag-type/confirm-delete.html.tmpl", $vars)
...@@ -394,8 +398,7 @@ sub confirmDelete ...@@ -394,8 +398,7 @@ sub confirmDelete
sub deleteType { sub deleteType {
validateID(); my $id = validateID();
my $dbh = Bugzilla->dbh; my $dbh = Bugzilla->dbh;
$dbh->bz_lock_tables('flagtypes WRITE', 'flags WRITE', $dbh->bz_lock_tables('flagtypes WRITE', 'flags WRITE',
...@@ -403,19 +406,19 @@ sub deleteType { ...@@ -403,19 +406,19 @@ sub deleteType {
# Get the name of the flag type so we can tell users # Get the name of the flag type so we can tell users
# what was deleted. # what was deleted.
SendSQL("SELECT name FROM flagtypes WHERE id = $::FORM{'id'}"); SendSQL("SELECT name FROM flagtypes WHERE id = $id");
$vars->{'name'} = FetchOneColumn(); $vars->{'name'} = FetchOneColumn();
SendSQL("DELETE FROM flags WHERE type_id = $::FORM{'id'}"); SendSQL("DELETE FROM flags WHERE type_id = $id");
SendSQL("DELETE FROM flaginclusions WHERE type_id = $::FORM{'id'}"); SendSQL("DELETE FROM flaginclusions WHERE type_id = $id");
SendSQL("DELETE FROM flagexclusions WHERE type_id = $::FORM{'id'}"); SendSQL("DELETE FROM flagexclusions WHERE type_id = $id");
SendSQL("DELETE FROM flagtypes WHERE id = $::FORM{'id'}"); SendSQL("DELETE FROM flagtypes WHERE id = $id");
$dbh->bz_unlock_tables(); $dbh->bz_unlock_tables();
$vars->{'message'} = "flag_type_deleted"; $vars->{'message'} = "flag_type_deleted";
# Return the appropriate HTTP response headers. # Return the appropriate HTTP response headers.
print Bugzilla->cgi->header(); print $cgi->header();
# Generate and return the UI (HTML page) from the appropriate template. # Generate and return the UI (HTML page) from the appropriate template.
$template->process("global/message.html.tmpl", $vars) $template->process("global/message.html.tmpl", $vars)
...@@ -424,20 +427,20 @@ sub deleteType { ...@@ -424,20 +427,20 @@ sub deleteType {
sub deactivate { sub deactivate {
validateID(); my $id = validateID();
validateIsActive(); validateIsActive();
my $dbh = Bugzilla->dbh; my $dbh = Bugzilla->dbh;
$dbh->bz_lock_tables('flagtypes WRITE'); $dbh->bz_lock_tables('flagtypes WRITE');
SendSQL("UPDATE flagtypes SET is_active = 0 WHERE id = $::FORM{'id'}"); SendSQL("UPDATE flagtypes SET is_active = 0 WHERE id = $id");
$dbh->bz_unlock_tables(); $dbh->bz_unlock_tables();
$vars->{'message'} = "flag_type_deactivated"; $vars->{'message'} = "flag_type_deactivated";
$vars->{'flag_type'} = Bugzilla::FlagType::get($::FORM{'id'}); $vars->{'flag_type'} = Bugzilla::FlagType::get($id);
# Return the appropriate HTTP response headers. # Return the appropriate HTTP response headers.
print Bugzilla->cgi->header(); print $cgi->header();
# Generate and return the UI (HTML page) from the appropriate template. # Generate and return the UI (HTML page) from the appropriate template.
$template->process("global/message.html.tmpl", $vars) $template->process("global/message.html.tmpl", $vars)
...@@ -450,102 +453,108 @@ sub deactivate { ...@@ -450,102 +453,108 @@ sub deactivate {
################################################################################ ################################################################################
sub validateID { sub validateID {
# $::FORM{'id'} is destroyed if detaint_natural fails. # $flagtype_id is destroyed if detaint_natural fails.
my $flagtype_id = $::FORM{'id'}; my $flagtype_id = $cgi->param('id');
detaint_natural($::FORM{'id'}) detaint_natural($flagtype_id)
|| ThrowCodeError("flag_type_id_invalid", { id => $flagtype_id }); || ThrowCodeError("flag_type_id_invalid",
{ id => scalar $cgi->param('id') });
SendSQL("SELECT 1 FROM flagtypes WHERE id = $::FORM{'id'}"); SendSQL("SELECT 1 FROM flagtypes WHERE id = $flagtype_id");
FetchOneColumn() FetchOneColumn()
|| ThrowCodeError("flag_type_nonexistent", { id => $::FORM{'id'} }); || ThrowCodeError("flag_type_nonexistent", { id => $flagtype_id });
return $flagtype_id;
} }
sub validateName { sub validateName {
$::FORM{'name'} $cgi->param('name')
&& $::FORM{'name'} !~ /[ ,]/ && $cgi->param('name') !~ /[ ,]/
&& length($::FORM{'name'}) <= 50 && length($cgi->param('name')) <= 50
|| ThrowUserError("flag_type_name_invalid", { name => $::FORM{'name'} }); || ThrowUserError("flag_type_name_invalid",
{ name => scalar $cgi->param('name') });
} }
sub validateDescription { sub validateDescription {
length($::FORM{'description'}) < 2**16-1 length($cgi->param('description')) < 2**16-1
|| ThrowUserError("flag_type_description_invalid"); || ThrowUserError("flag_type_description_invalid");
} }
sub validateCCList { sub validateCCList {
length($::FORM{'cc_list'}) <= 200 length($cgi->param('cc_list')) <= 200
|| ThrowUserError("flag_type_cc_list_invalid", || ThrowUserError("flag_type_cc_list_invalid",
{ cc_list => $::FORM{'cc_list'} }); { cc_list => $cgi->param('cc_list') });
my @addresses = split(/[, ]+/, $::FORM{'cc_list'}); my @addresses = split(/[, ]+/, $cgi->param('cc_list'));
foreach my $address (@addresses) { CheckEmailSyntax($address) } foreach my $address (@addresses) { CheckEmailSyntax($address) }
} }
sub validateProduct { sub validateProduct {
return if !$::FORM{'product'}; return if !$cgi->param('product');
$product_id = get_product_id($::FORM{'product'}); $product_id = get_product_id($cgi->param('product'));
defined($product_id) defined($product_id)
|| ThrowCodeError("flag_type_product_nonexistent", || ThrowCodeError("flag_type_product_nonexistent",
{ product => $::FORM{'product'} }); { product => $cgi->param('product') });
} }
sub validateComponent { sub validateComponent {
return if !$::FORM{'component'}; return if !$cgi->param('component');
$product_id $product_id
|| ThrowCodeError("flag_type_component_without_product"); || ThrowCodeError("flag_type_component_without_product");
$component_id = get_component_id($product_id, $::FORM{'component'}); $component_id = get_component_id($product_id, $cgi->param('component'));
defined($component_id) defined($component_id)
|| ThrowCodeError("flag_type_component_nonexistent", || ThrowCodeError("flag_type_component_nonexistent",
{ product => $::FORM{'product'}, { product => $cgi->param('product'),
name => $::FORM{'component'} }); name => $cgi->param('component') });
} }
sub validateSortKey { sub validateSortKey {
# $::FORM{'sortkey'} is destroyed if detaint_natural fails. # $sortkey is destroyed if detaint_natural fails.
my $sortkey = $::FORM{'sortkey'}; my $sortkey = $cgi->param('sortkey');
detaint_natural($::FORM{'sortkey'}) detaint_natural($sortkey)
&& $::FORM{'sortkey'} < 32768 && $sortkey < 32768
|| ThrowUserError("flag_type_sortkey_invalid", || ThrowUserError("flag_type_sortkey_invalid",
{ sortkey => $sortkey }); { sortkey => scalar $cgi->param('sortkey') });
$cgi->param('sortkey', $sortkey);
} }
sub validateTargetType { sub validateTargetType {
grep($::FORM{'target_type'} eq $_, ("bug", "attachment")) grep($cgi->param('target_type') eq $_, ("bug", "attachment"))
|| ThrowCodeError("flag_type_target_type_invalid", || ThrowCodeError("flag_type_target_type_invalid",
{ target_type => $::FORM{'target_type'} }); { target_type => scalar $cgi->param('target_type') });
} }
sub validateIsActive { sub validateIsActive {
$::FORM{'is_active'} = $::FORM{'is_active'} ? 1 : 0; $cgi->param('is_active', $cgi->param('is_active') ? 1 : 0);
} }
sub validateIsRequestable { sub validateIsRequestable {
$::FORM{'is_requestable'} = $::FORM{'is_requestable'} ? 1 : 0; $cgi->param('is_requestable', $cgi->param('is_requestable') ? 1 : 0);
} }
sub validateIsRequesteeble { sub validateIsRequesteeble {
$::FORM{'is_requesteeble'} = $::FORM{'is_requesteeble'} ? 1 : 0; $cgi->param('is_requesteeble', $cgi->param('is_requesteeble') ? 1 : 0);
} }
sub validateAllowMultiple { sub validateAllowMultiple {
$::FORM{'is_multiplicable'} = $::FORM{'is_multiplicable'} ? 1 : 0; $cgi->param('is_multiplicable', $cgi->param('is_multiplicable') ? 1 : 0);
} }
sub validateGroups { sub validateGroups {
# Convert group names to group IDs # Convert group names to group IDs
foreach my $col ("grant_gid", "request_gid") { foreach my $col ("grant_gid", "request_gid") {
my $name = $::FORM{$col}; my $name = $cgi->param($col);
$::FORM{$col} ||= "NULL"; $cgi->param($col, "NULL") unless $name;
next if (!$name); next if (!$name);
SendSQL("SELECT id FROM groups WHERE name = " . SqlQuote($name)); SendSQL("SELECT id FROM groups WHERE name = " . SqlQuote($name));
$::FORM{$col} = FetchOneColumn(); my $gid = FetchOneColumn();
if (!$::FORM{$col}) { if (!$gid) {
ThrowUserError("group_unknown", { name => $name }); ThrowUserError("group_unknown", { name => $name });
} }
$cgi->param($col, $gid);
} }
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment