diff options
author | cyeh%bluemartini.com <> | 2000-08-31 06:32:43 +0200 |
---|---|---|
committer | cyeh%bluemartini.com <> | 2000-08-31 06:32:43 +0200 |
commit | 6fc3ee113391a6a76aa28248b9d75ac6439fe3e6 (patch) | |
tree | 7e531a796dade0c1ae22e316e400ded09b47ed54 | |
parent | 321412db634033f99afb9459f18a0e1b2f244d73 (diff) | |
download | bugzilla-6fc3ee113391a6a76aa28248b9d75ac6439fe3e6.tar.gz bugzilla-6fc3ee113391a6a76aa28248b9d75ac6439fe3e6.tar.xz |
fix for 37684 and 42609: trying to deal with malformed url's in the URL field
during bug entry. instead of trying to be really intelligent over what a valid
url field is, or doing any kind of complicated regexping and forcing http://
on everyone, what we do instead is pre-seed enter_bug.cgi bug_file_loc with http://
in the text field. if that is all there is in the field when we are in post_bug.cgi,
then the value gets set to null (no URL entered into the new bug form). this allows
for you to enter in any valid url that you want, but also make it obvious that
http:// should be there for http:// urls at bug entry time
-rwxr-xr-x | enter_bug.cgi | 2 | ||||
-rwxr-xr-x | post_bug.cgi | 16 |
2 files changed, 16 insertions, 2 deletions
diff --git a/enter_bug.cgi b/enter_bug.cgi index 8df634fd2..cd68bfdea 100755 --- a/enter_bug.cgi +++ b/enter_bug.cgi @@ -384,7 +384,7 @@ print " <TR> <TD ALIGN=RIGHT><B>URL:</B> <TD COLSPAN=5> - <INPUT NAME=bug_file_loc SIZE=60 value=\"" . + <INPUT NAME=bug_file_loc SIZE=60 value=\"http://" . value_quote(formvalue('bug_file_loc')) . "\"></TD> </TR> diff --git a/post_bug.cgi b/post_bug.cgi index 3f933e2d2..a9878ba6a 100755 --- a/post_bug.cgi +++ b/post_bug.cgi @@ -178,7 +178,21 @@ VALUES ( "; foreach my $field (@used_fields) { - $query .= SqlQuote($::FORM{$field}) . ",\n"; +# fix for 42609. if there is a http:// only in bug_file_loc, strip +# it out and send an empty value. + if ($field eq 'bug_file_loc') { + if ($::FORM{$field} eq 'http://') { + $::FORM{$field} = ""; + $query .= SqlQuote($::FORM{$field}) . ",\n"; + next; + } + else { + $query .= SqlQuote($::FORM{$field}) . ",\n"; + } + } + else { + $query .= SqlQuote($::FORM{$field}) . ",\n"; + } } my $comment = $::FORM{'comment'}; |