diff options
| author | jocuri%softhome.net <> | 2004-03-06 18:04:33 +0100 |
|---|---|---|
| committer | jocuri%softhome.net <> | 2004-03-06 18:04:33 +0100 |
| commit | d0050300d371b559e7da0e3200c967bd08c7e8c4 (patch) | |
| tree | 2ebff858e86522f87a5cafe351ec8df80f0b483d /editkeywords.cgi | |
| parent | 11891792a7e07d0f3ed362784c9da455e25dcd31 (diff) | |
| download | bugzilla-d0050300d371b559e7da0e3200c967bd08c7e8c4.tar.gz bugzilla-d0050300d371b559e7da0e3200c967bd08c7e8c4.tar.xz | |
Patch for bug 234879: remove %FORM from editkeywords.cgi; r=kiko, a=justdave.
Diffstat (limited to 'editkeywords.cgi')
| -rwxr-xr-x | editkeywords.cgi | 27 |
1 files changed, 16 insertions, 11 deletions
diff --git a/editkeywords.cgi b/editkeywords.cgi index cf20d7a07..0069886cd 100755 --- a/editkeywords.cgi +++ b/editkeywords.cgi @@ -27,6 +27,8 @@ require "CGI.pl"; use Bugzilla::Config qw(:DEFAULT $datadir); +my $cgi = Bugzilla->cgi; + use vars qw($template $vars); @@ -62,11 +64,9 @@ unless (UserInGroup("editkeywords")) { } -my $action = trim($::FORM{action} || ''); +my $action = trim($cgi->param('action') || ''); $vars->{'action'} = $action; -detaint_natural($::FORM{id}); - if ($action eq "") { my @keywords; @@ -115,8 +115,8 @@ if ($action eq 'add') { if ($action eq 'new') { # Cleanups and valididy checks - my $name = trim($::FORM{name} || ''); - my $description = trim($::FORM{description} || ''); + my $name = trim($cgi->param('name') || ''); + my $description = trim($cgi->param('description') || ''); Validate($name, $description); @@ -173,7 +173,9 @@ if ($action eq 'new') { # if ($action eq 'edit') { - my $id = trim($::FORM{id} || 0); + my $id = trim(cgi->param('id')); + detaint_natural($id); + # get data of keyword SendSQL("SELECT name,description FROM keyworddefs @@ -211,9 +213,11 @@ if ($action eq 'edit') { # if ($action eq 'update') { - my $id = $::FORM{id}; - my $name = trim($::FORM{name} || ''); - my $description = trim($::FORM{description} || ''); + my $id = $cgi->param('id'); + detaint_natural($id); + + my $name = trim($cgi->param('name') || ''); + my $description = trim($cgi->param('description') || ''); Validate($name, $description); @@ -246,12 +250,13 @@ if ($action eq 'update') { if ($action eq 'delete') { - my $id = $::FORM{id}; + my $id = $cgi->param('id'); + detaint_natural($id); SendSQL("SELECT name FROM keyworddefs WHERE id=$id"); my $name = FetchOneColumn(); - if (!$::FORM{reallydelete}) { + if (!$cgi->param('reallydelete')) { SendSQL("SELECT count(*) FROM keywords WHERE keywordid = $id"); |