diff options
author | lpsolit%gmail.com <> | 2005-10-28 19:33:18 +0200 |
---|---|---|
committer | lpsolit%gmail.com <> | 2005-10-28 19:33:18 +0200 |
commit | cf3aa532ea51a41b02c8ea73db254d01c03280ba (patch) | |
tree | 52f60354f60ea59baf6a244edea719b32ef50e17 | |
parent | e942748a69920c86a7eaba517c9a74223da52edb (diff) | |
download | bugzilla-cf3aa532ea51a41b02c8ea73db254d01c03280ba.tar.gz bugzilla-cf3aa532ea51a41b02c8ea73db254d01c03280ba.tar.xz |
Bug 314088: Several Bugzilla::Foo->new crash when passing a string instead of a valid ID as a param - Patch by Frédéric Buclin <LpSolit@gmail.com> r=kiko a=justdave
-rw-r--r-- | Bugzilla/Classification.pm | 5 | ||||
-rw-r--r-- | Bugzilla/Component.pm | 5 | ||||
-rw-r--r-- | Bugzilla/Group.pm | 5 | ||||
-rw-r--r-- | Bugzilla/Product.pm | 5 | ||||
-rw-r--r-- | template/en/default/global/code-error.html.tmpl | 5 |
5 files changed, 21 insertions, 4 deletions
diff --git a/Bugzilla/Classification.pm b/Bugzilla/Classification.pm index e87852ba2..63a826dc3 100644 --- a/Bugzilla/Classification.pm +++ b/Bugzilla/Classification.pm @@ -55,7 +55,10 @@ sub _init { my $id = $param unless (ref $param eq 'HASH'); my $classification; - if (defined $id && detaint_natural($id)) { + if (defined $id) { + detaint_natural($id) + || ThrowCodeError('param_must_be_numeric', + {function => 'Bugzilla::Classification::_init'}); $classification = $dbh->selectrow_hashref(qq{ SELECT $columns FROM classifications diff --git a/Bugzilla/Component.pm b/Bugzilla/Component.pm index 74ea60d1b..20df65550 100644 --- a/Bugzilla/Component.pm +++ b/Bugzilla/Component.pm @@ -58,7 +58,10 @@ sub _init { my $id = $param unless (ref $param eq 'HASH'); my $component; - if (defined $id && detaint_natural($id)) { + if (defined $id) { + detaint_natural($id) + || ThrowCodeError('param_must_be_numeric', + {function => 'Bugzilla::Component::_init'}); $component = $dbh->selectrow_hashref(qq{ SELECT $columns FROM components diff --git a/Bugzilla/Group.pm b/Bugzilla/Group.pm index cc57fca69..32c4696db 100644 --- a/Bugzilla/Group.pm +++ b/Bugzilla/Group.pm @@ -61,7 +61,10 @@ sub _init { my $id = $param unless (ref $param eq 'HASH'); my $group; - if (defined $id && detaint_natural($id)) { + if (defined $id) { + detaint_natural($id) + || ThrowCodeError('param_must_be_numeric', + {function => 'Bugzilla::Group::_init'}); $group = $dbh->selectrow_hashref(qq{ SELECT $columns FROM groups diff --git a/Bugzilla/Product.pm b/Bugzilla/Product.pm index 2bc9da52d..5405b1651 100644 --- a/Bugzilla/Product.pm +++ b/Bugzilla/Product.pm @@ -63,7 +63,10 @@ sub _init { my $id = $param unless (ref $param eq 'HASH'); my $product; - if (defined $id && detaint_natural($id)) { + if (defined $id) { + detaint_natural($id) + || ThrowCodeError('param_must_be_numeric', + {function => 'Bugzilla::Product::_init'}); $product = $dbh->selectrow_hashref(qq{ SELECT $columns FROM products diff --git a/template/en/default/global/code-error.html.tmpl b/template/en/default/global/code-error.html.tmpl index 440cc19bf..0fe946cb5 100644 --- a/template/en/default/global/code-error.html.tmpl +++ b/template/en/default/global/code-error.html.tmpl @@ -243,6 +243,11 @@ [% ELSIF error == "need_quipid" %] A valid quipid is needed. + [% ELSIF error == "param_must_be_numeric" %] + [% title = "Invalid Parameter" %] + Invalid parameter passed to [% function FILTER html %]. + It must be numeric. + [% ELSIF error == "unknown_comparison_type" %] Specified comparison type is not supported. |