Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2025-01-24 13:52:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 319089: editkeywords.cgi throws an error when action="edit" or "delete" and the "id" parameter is invalid - Patch by Fr�d�ric Buclin <LpSolit@gmail.com> r=wicked a=justdave

Browse Source
This commit is contained in:
lpsolit%gmail.com 2005-12-12 02:38:40 +00:00
parent 8abc710a7b
commit ef9727cf6d
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
webtools/bugzilla/editkeywords.cgi
View File

@ -53,6 +53,14 @@ sub Validate {
$_[1] = $description;
}
sub ValidateKeyID {
my $id = shift;
$id = trim($id || 0);
detaint_natural($id) || ThrowCodeError('invalid_keyword_id');
return $id;
}
#
# Preliminary checks:
@ -165,8 +173,7 @@ if ($action eq 'new') {
#
if ($action eq 'edit') {
my $id = trim($cgi->param('id'));
detaint_natural($id);
my $id = ValidateKeyID(scalar $cgi->param('id'));
# get data of keyword
my ($name, $description) =
@ -201,8 +208,7 @@ if ($action eq 'edit') {
#
if ($action eq 'update') {
my $id = $cgi->param('id');
detaint_natural($id);
my $id = ValidateKeyID(scalar $cgi->param('id'));
my $name = trim($cgi->param('name') || '');
my $description = trim($cgi->param('description') || '');
@ -234,8 +240,7 @@ if ($action eq 'update') {
if ($action eq 'delete') {
my $id = $cgi->param('id');
detaint_natural($id);
my $id = ValidateKeyID(scalar $cgi->param('id'));
my $name = $dbh->selectrow_array('SELECT name FROM keyworddefs
WHERE id= ?', undef, $id);