summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKoosha Khajeh Moogahi <koosha.khajeh@gmail.com>2012-08-18 19:06:44 +0200
committerFrédéric Buclin <LpSolit@gmail.com>2012-08-18 19:06:44 +0200
commitc6c54c2e4235783544c44c08e4e55d4057556588 (patch)
tree2014f444a3de707c4aa47ddbd29aa77347c54500
parentca3d59070b8e470c3c82399f62e8b801db043e89 (diff)
downloadbugzilla-c6c54c2e4235783544c44c08e4e55d4057556588.tar.gz
bugzilla-c6c54c2e4235783544c44c08e4e55d4057556588.tar.xz
Bug 187753: Specify a maximum length for quips (512 characters)
r/a=LpSolit
-rw-r--r--Bugzilla/Constants.pm4
-rw-r--r--Bugzilla/DB/Schema.pm2
-rw-r--r--Bugzilla/Install/DB.pm25
-rwxr-xr-xquips.cgi4
-rw-r--r--template/en/default/global/user-error.html.tmpl6
-rw-r--r--template/en/default/list/quips.html.tmpl2
6 files changed, 39 insertions, 4 deletions
diff --git a/Bugzilla/Constants.pm b/Bugzilla/Constants.pm
index 63242ba8a..f1141195c 100644
--- a/Bugzilla/Constants.pm
+++ b/Bugzilla/Constants.pm
@@ -161,6 +161,7 @@ use Memoize;
MAX_BUG_URL_LENGTH
MAX_POSSIBLE_DUPLICATES
MAX_ATTACH_FILENAME_LENGTH
+ MAX_QUIP_LENGTH
PASSWORD_DIGEST_ALGORITHM
PASSWORD_SALT_LENGTH
@@ -556,6 +557,9 @@ use constant MAX_POSSIBLE_DUPLICATES => 25;
# necessary schema changes to store longer names.
use constant MAX_ATTACH_FILENAME_LENGTH => 255;
+# Maximum length of a quip.
+use constant MAX_QUIP_LENGTH => 512;
+
# This is the name of the algorithm used to hash passwords before storing
# them in the database. This can be any string that is valid to pass to
# Perl's "Digest" module. Note that if you change this, it won't take
diff --git a/Bugzilla/DB/Schema.pm b/Bugzilla/DB/Schema.pm
index 728176684..eabee07c3 100644
--- a/Bugzilla/DB/Schema.pm
+++ b/Bugzilla/DB/Schema.pm
@@ -1484,7 +1484,7 @@ use constant ABSTRACT_SCHEMA => {
REFERENCES => {TABLE => 'profiles',
COLUMN => 'userid',
DELETE => 'SET NULL'}},
- quip => {TYPE => 'MEDIUMTEXT', NOTNULL => 1},
+ quip => {TYPE => 'varchar(512)', NOTNULL => 1},
approved => {TYPE => 'BOOLEAN', NOTNULL => 1,
DEFAULT => 'TRUE'},
],
diff --git a/Bugzilla/Install/DB.pm b/Bugzilla/Install/DB.pm
index 5d0f61672..e04766f24 100644
--- a/Bugzilla/Install/DB.pm
+++ b/Bugzilla/Install/DB.pm
@@ -697,6 +697,9 @@ sub update_table_definitions {
# 2012-08-02 dkl@mozilla.com - Bug 756953
_fix_dependencies_dupes();
+ # 2012-08-01 koosha.khajeh@gmail.com - Bug 187753
+ _shorten_long_quips();
+
################################################################
# New --TABLE-- changes should go *** A B O V E *** this point #
################################################################
@@ -3164,8 +3167,6 @@ sub _change_text_types {
{ TYPE => 'TINYTEXT', NOTNULL => 1 });
$dbh->bz_alter_column('groups', 'description',
{ TYPE => 'MEDIUMTEXT', NOTNULL => 1 });
- $dbh->bz_alter_column('quips', 'quip',
- { TYPE => 'MEDIUMTEXT', NOTNULL => 1 });
$dbh->bz_alter_column('namedqueries', 'query',
{ TYPE => 'LONGTEXT', NOTNULL => 1 });
@@ -3753,6 +3754,26 @@ sub _fix_dependencies_dupes {
}
}
+sub _shorten_long_quips {
+ my $dbh = Bugzilla->dbh;
+ my $quips = $dbh->selectall_arrayref("SELECT quipid, quip FROM quips
+ WHERE CHAR_LENGTH(quip) > 512");
+
+ if (@$quips) {
+ print "Shortening quips longer than 512 characters:";
+
+ my $query = $dbh->prepare("UPDATE quips SET quip = ? WHERE quipid = ?");
+
+ foreach my $quip (@$quips) {
+ my ($quipid, $quip_str) = @$quip;
+ $quip_str = substr($quip_str, 0, 509) . "...";
+ print " $quipid";
+ $query->execute($quip_str, $quipid);
+ }
+ }
+ $dbh->bz_alter_column('quips', 'quip', { TYPE => 'varchar(512)', NOTNULL => 1});
+}
+
1;
__END__
diff --git a/quips.cgi b/quips.cgi
index 565056a6e..266ed516f 100755
--- a/quips.cgi
+++ b/quips.cgi
@@ -65,6 +65,10 @@ if ($action eq "add") {
|| $user->in_group('bz_quip_moderators') || 0;
my $comment = $cgi->param("quip");
$comment || ThrowUserError("need_quip");
+
+ ThrowUserError("quip_too_long", { length => length($comment) })
+ if length($comment) > MAX_QUIP_LENGTH;
+
trick_taint($comment); # Used in a placeholder below
$dbh->do("INSERT INTO quips (userid, quip, approved) VALUES (?, ?, ?)",
diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl
index 8f4d7d21c..2d79bf851 100644
--- a/template/en/default/global/user-error.html.tmpl
+++ b/template/en/default/global/user-error.html.tmpl
@@ -1479,6 +1479,12 @@
<a href="page.cgi?id=quicksearch.html#fields">listed here</a>.</p>
[% END %]
+ [% ELSIF error == "quip_too_long" %]
+ [% title = "Quip Too Long" %]
+ You entered a quip with a length of [% length FILTER none %] characters,
+ but the maximum allowed length is [% constants.MAX_QUIP_LENGTH FILTER none %]
+ characters.
+
[% ELSIF error == "reassign_to_empty" %]
[% title = "Illegal Reassignment" %]
To reassign [% terms.abug %], you must provide an address for
diff --git a/template/en/default/list/quips.html.tmpl b/template/en/default/list/quips.html.tmpl
index f38d98221..31e766a9b 100644
--- a/template/en/default/list/quips.html.tmpl
+++ b/template/en/default/list/quips.html.tmpl
@@ -61,7 +61,7 @@
<input type="hidden" name="action" value="add">
<input type="hidden" name="token"
value="[% issue_hash_token(['create-quips']) FILTER html %]">
- <input size="80" name="quip">
+ <input size="80" name="quip" maxlength="512">
<p>
<input type="submit" id="add" value="Add This Quip">
</p>