diff options
author | gerv%gerv.net <> | 2004-08-30 06:29:34 +0200 |
---|---|---|
committer | gerv%gerv.net <> | 2004-08-30 06:29:34 +0200 |
commit | f9214d522c9dabc0096573e553b946c492a65230 (patch) | |
tree | 161441bcdcc65abb52852673fda5079ab62555bb /editcomponents.cgi | |
parent | e78dc329d8f354a3fe37def1ec3fb8d75492d8ca (diff) | |
download | bugzilla-f9214d522c9dabc0096573e553b946c492a65230.tar.gz bugzilla-f9214d522c9dabc0096573e553b946c492a65230.tar.xz |
Bug 225687 - add group controls to charts, along with various other cleanups. Patch by gerv; r=joel, a=justdave.
Diffstat (limited to 'editcomponents.cgi')
-rwxr-xr-x | editcomponents.cgi | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/editcomponents.cgi b/editcomponents.cgi index 28f5b9daf..e2e471f34 100755 --- a/editcomponents.cgi +++ b/editcomponents.cgi @@ -34,6 +34,7 @@ require "globals.pl"; use Bugzilla::Constants; use Bugzilla::Config qw(:DEFAULT $datadir); use Bugzilla::Series; +use Bugzilla::Util; use vars qw($template $vars); @@ -328,15 +329,19 @@ if ($action eq 'new') { my @series; - my $prodcomp = "&product=$product&component=$component"; + my $prodcomp = "&product=" . url_quote($product) . + "&component=" . url_quote($component); # For localisation reasons, we get the title of the queries from the # submitted form. my $open_name = $cgi->param('open_name'); my $closed_name = $cgi->param('closed_name'); my @openedstatuses = OpenStates(); - my $statuses = join("&", map { "bug_status=$_" } @openedstatuses) . $prodcomp; - my $resolved = "field0-0-0=resolution&type0-0-0=notequals&value0-0-0=---" . $prodcomp; + my $statuses = + join("&", map { "bug_status=" . url_quote($_) } @openedstatuses) . + $prodcomp; + my $resolved = "field0-0-0=resolution&type0-0-0=notequals&value0-0-0=---" . + $prodcomp; # trick_taint is ok here, as these variables aren't used as a command # or in SQL unquoted |