Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
bugzilla
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
etersoft
bugzilla
Commits
fd32a1a3
Commit
fd32a1a3
authored
Jan 03, 2014
by
Frédéric Buclin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Bug 543432: [PostgreSQL] Crash when typing a string in combination with a numeric field
r=dkl a=sgreen
parent
fc5aae40
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
34 additions
and
23 deletions
+34
-23
CGI.pm
Bugzilla/CGI.pm
+23
-2
Error.pm
Bugzilla/Error.pm
+3
-1
Search.pm
Bugzilla/Search.pm
+7
-0
buglist.cgi
buglist.cgi
+1
-20
No files found.
Bugzilla/CGI.pm
View file @
fd32a1a3
...
@@ -269,9 +269,23 @@ sub multipart_start {
...
@@ -269,9 +269,23 @@ sub multipart_start {
$headers
.=
"Set-Cookie: ${cookie}${CGI::CRLF}"
;
$headers
.=
"Set-Cookie: ${cookie}${CGI::CRLF}"
;
}
}
$headers
.=
$
CGI::
CRLF
;
$headers
.=
$
CGI::
CRLF
;
$self
->
{
_multipart_in_progress
}
=
1
;
return
$headers
;
return
$headers
;
}
}
sub
close_standby_message
{
my
(
$self
,
$contenttype
,
$disp
,
$disp_prefix
,
$extension
)
=
@_
;
$self
->
set_dated_content_disp
(
$disp
,
$disp_prefix
,
$extension
);
if
(
$self
->
{
_multipart_in_progress
})
{
print
$self
->
multipart_end
();
print
$self
->
multipart_start
(
-
type
=>
$contenttype
);
}
else
{
print
$self
->
header
(
$contenttype
);
}
}
# Override header so we can add the cookies in
# Override header so we can add the cookies in
sub
header
{
sub
header
{
my
$self
=
shift
;
my
$self
=
shift
;
...
@@ -665,6 +679,15 @@ instead of calling this directly.
...
@@ -665,6 +679,15 @@ instead of calling this directly.
Redirects from the current URL to one prefixed by the urlbase parameter.
Redirects from the current URL to one prefixed by the urlbase parameter.
=item C<multipart_start>
Starts a new part of the multipart document using the specified MIME type.
If not specified, text/html is assumed.
=item C<close_standby_message>
Ends a part of the multipart document, and starts another part.
=item C<set_dated_content_disp>
=item C<set_dated_content_disp>
Sets an appropriate date-dependent value for the Content Disposition header
Sets an appropriate date-dependent value for the Content Disposition header
...
@@ -688,8 +711,6 @@ L<CGI|CGI>, L<CGI::Cookie|CGI::Cookie>
...
@@ -688,8 +711,6 @@ L<CGI|CGI>, L<CGI::Cookie|CGI::Cookie>
=item should_set
=item should_set
=item multipart_start
=item redirect_search_url
=item redirect_search_url
=item param
=item param
...
...
Bugzilla/Error.pm
View file @
fd32a1a3
...
@@ -94,8 +94,10 @@ sub _throw_error {
...
@@ -94,8 +94,10 @@ sub _throw_error {
message
=>
\
$message
});
message
=>
\
$message
});
if
(
Bugzilla
->
error_mode
==
ERROR_MODE_WEBPAGE
)
{
if
(
Bugzilla
->
error_mode
==
ERROR_MODE_WEBPAGE
)
{
print
Bugzilla
->
cgi
->
header
();
my
$cgi
=
Bugzilla
->
cgi
;
$cgi
->
close_standby_message
(
'text/html'
,
'inline'
,
'error'
,
'html'
);
print
$message
;
print
$message
;
print
$cgi
->
multipart_final
()
if
$cgi
->
{
_multipart_in_progress
};
}
}
elsif
(
Bugzilla
->
error_mode
==
ERROR_MODE_TEST
)
{
elsif
(
Bugzilla
->
error_mode
==
ERROR_MODE_TEST
)
{
die
Dumper
(
$vars
);
die
Dumper
(
$vars
);
...
...
Bugzilla/Search.pm
View file @
fd32a1a3
...
@@ -1997,11 +1997,18 @@ sub _quote_unless_numeric {
...
@@ -1997,11 +1997,18 @@ sub _quote_unless_numeric {
my
$numeric_field
=
$self
->
_chart_fields
->
{
$field
}
->
is_numeric
;
my
$numeric_field
=
$self
->
_chart_fields
->
{
$field
}
->
is_numeric
;
my
$numeric_value
=
(
$value
=~
NUMBER_REGEX
)
?
1
:
0
;
my
$numeric_value
=
(
$value
=~
NUMBER_REGEX
)
?
1
:
0
;
my
$is_numeric
=
$numeric_operator
&&
$numeric_field
&&
$numeric_value
;
my
$is_numeric
=
$numeric_operator
&&
$numeric_field
&&
$numeric_value
;
# These operators are really numeric operators with numeric fields.
$numeric_operator
=
grep
{
$_
eq
$operator
}
keys
SIMPLE_OPERATORS
;
if
(
$is_numeric
)
{
if
(
$is_numeric
)
{
my
$quoted
=
$value
;
my
$quoted
=
$value
;
trick_taint
(
$quoted
);
trick_taint
(
$quoted
);
return
$quoted
;
return
$quoted
;
}
}
elsif
(
$numeric_field
&&
!
$numeric_value
&&
$numeric_operator
)
{
ThrowUserError
(
'number_not_numeric'
,
{
field
=>
$field
,
num
=>
$value
});
}
return
Bugzilla
->
dbh
->
quote
(
$value
);
return
Bugzilla
->
dbh
->
quote
(
$value
);
}
}
...
...
buglist.cgi
View file @
fd32a1a3
...
@@ -279,22 +279,6 @@ sub GetGroups {
...
@@ -279,22 +279,6 @@ sub GetGroups {
return
[
values
%
legal_groups
];
return
[
values
%
legal_groups
];
}
}
sub
_close_standby_message
{
my
(
$contenttype
,
$disp
,
$disp_prefix
,
$extension
,
$serverpush
)
=
@_
;
my
$cgi
=
Bugzilla
->
cgi
;
$cgi
->
set_dated_content_disp
(
$disp
,
$disp_prefix
,
$extension
);
# Close the "please wait" page, then open the buglist page
if
(
$serverpush
)
{
print
$cgi
->
multipart_end
();
print
$cgi
->
multipart_start
(
-
type
=>
$contenttype
);
}
else
{
print
$cgi
->
header
(
$contenttype
);
}
}
################################################################################
################################################################################
# Command Execution
# Command Execution
################################################################################
################################################################################
...
@@ -949,8 +933,6 @@ elsif (my @component_input = $cgi->param('component')) {
...
@@ -949,8 +933,6 @@ elsif (my @component_input = $cgi->param('component')) {
# The following variables are used when the user is making changes to multiple bugs.
# The following variables are used when the user is making changes to multiple bugs.
if
(
$dotweak
&&
scalar
@bugs
)
{
if
(
$dotweak
&&
scalar
@bugs
)
{
if
(
!
$vars
->
{
'caneditbugs'
})
{
if
(
!
$vars
->
{
'caneditbugs'
})
{
_close_standby_message
(
'text/html'
,
'inline'
,
"error"
,
"html"
,
$serverpush
);
ThrowUserError
(
'auth_failure'
,
{
group
=>
'editbugs'
,
ThrowUserError
(
'auth_failure'
,
{
group
=>
'editbugs'
,
action
=>
'modify'
,
action
=>
'modify'
,
object
=>
'multiple_bugs'
});
object
=>
'multiple_bugs'
});
...
@@ -1057,8 +1039,7 @@ if ($format->{'extension'} eq "csv") {
...
@@ -1057,8 +1039,7 @@ if ($format->{'extension'} eq "csv") {
$vars
->
{
'human'
}
=
$cgi
->
param
(
'human'
);
$vars
->
{
'human'
}
=
$cgi
->
param
(
'human'
);
}
}
_close_standby_message
(
$contenttype
,
$disposition
,
$disp_prefix
,
$cgi
->
close_standby_message
(
$contenttype
,
$disposition
,
$disp_prefix
,
$format
->
{
'extension'
});
$format
->
{
'extension'
},
$serverpush
);
################################################################################
################################################################################
# Content Generation
# Content Generation
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment