summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlpsolit%gmail.com <>2009-05-25 18:59:18 +0200
committerlpsolit%gmail.com <>2009-05-25 18:59:18 +0200
commit62097c29203f5e5a5e63168298c3fd1f1b846fb0 (patch)
treef2c67aaef06cbaa0f210f63cb1e5e02ee18b4cf7
parent35626e6efffd5660091d94d1599f12fc3ae83115 (diff)
downloadbugzilla-62097c29203f5e5a5e63168298c3fd1f1b846fb0.tar.gz
bugzilla-62097c29203f5e5a5e63168298c3fd1f1b846fb0.tar.xz
Bug 494369: Do not throw an error if the 'order' parameter contains invalid columns for buglists - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=LpSolit
-rwxr-xr-xbuglist.cgi19
-rw-r--r--template/en/default/global/code-error.html.tmpl11
-rw-r--r--template/en/default/global/messages.html.tmpl5
3 files changed, 12 insertions, 23 deletions
diff --git a/buglist.cgi b/buglist.cgi
index 2cf7a0136..2eee0edd9 100755
--- a/buglist.cgi
+++ b/buglist.cgi
@@ -165,7 +165,6 @@ my $serverpush =
|| $cgi->param('serverpush');
my $order = $cgi->param('order') || "";
-my $order_from_cookie = 0; # True if $order set using the LASTORDER cookie
# The params object to use for the actual query itself
my $params;
@@ -890,8 +889,6 @@ if (!$order || $order =~ /^reuse/i) {
# Cookies from early versions of Specific Search included this text,
# which is now invalid.
$order =~ s/ LIMIT 200//;
-
- $order_from_cookie = 1;
}
else {
$order = ''; # Remove possible "reuse" identifier as unnecessary
@@ -920,7 +917,7 @@ if ($order) {
last ORDER;
};
do {
- my @order;
+ my (@order, @invalid_fragments);
my @columnnames = map($columns->{lc($_)}->{'name'}, keys(%$columns));
# A custom list of columns. Make sure each column is valid.
foreach my $fragment (split(/,/, $order)) {
@@ -933,16 +930,14 @@ if ($order) {
push(@order, $fragment);
}
else {
- my $vars = { fragment => $fragment };
- if ($order_from_cookie) {
- $cgi->remove_cookie('LASTORDER');
- ThrowCodeError("invalid_column_name_cookie", $vars);
- }
- else {
- ThrowCodeError("invalid_column_name_form", $vars);
- }
+ push(@invalid_fragments, $fragment);
}
}
+ if (scalar @invalid_fragments) {
+ $vars->{'message'} = 'invalid_column_name';
+ $vars->{'invalid_fragments'} = \@invalid_fragments;
+ }
+
$order = join(",", @order);
# Now that we have checked that all columns in the order are valid,
# detaint the order string.
diff --git a/template/en/default/global/code-error.html.tmpl b/template/en/default/global/code-error.html.tmpl
index a2863336a..da71da30d 100644
--- a/template/en/default/global/code-error.html.tmpl
+++ b/template/en/default/global/code-error.html.tmpl
@@ -190,17 +190,6 @@
The attachment number of one of the attachments you wanted to obsolete,
[% attach_id FILTER html %], is invalid.
- [% ELSIF error == "invalid_column_name_cookie" %]
- [% title = "Invalid Column Name" %]
- The custom sort order specified in your cookie contains an invalid
- column name <em>[% fragment FILTER html %]</em>.
- The cookie has been cleared.
-
- [% ELSIF error == "invalid_column_name_form" %]
- [% title = "Invalid Column Name" %]
- The custom sort order specified in your form submission contains an
- invalid column name <em>[% fragment FILTER html %]</em>.
-
[% ELSIF error == "invalid_customfield_type" %]
[% title = "Invalid Field Type" %]
The type <em>[% type FILTER html %]</em> is not a valid field type.
diff --git a/template/en/default/global/messages.html.tmpl b/template/en/default/global/messages.html.tmpl
index d2915780c..1bc10daa9 100644
--- a/template/en/default/global/messages.html.tmpl
+++ b/template/en/default/global/messages.html.tmpl
@@ -455,6 +455,11 @@
group.
[% END %]
+ [% ELSIF message_tag == "invalid_column_name" %]
+ The custom sort order specified contains one or more invalid
+ column names: <em>[% invalid_fragments.join(', ') FILTER html %]</em>.
+ They have been removed from the sort list.
+
[% ELSIF message_tag == "job_queue_depth" %]
[% count FILTER html %] jobs in the queue.