summaryrefslogtreecommitdiffstats
path: root/editproducts.cgi
diff options
context:
space:
mode:
authorbugreport%peshkin.net <>2004-07-06 10:12:29 +0200
committerbugreport%peshkin.net <>2004-07-06 10:12:29 +0200
commit73fd49ff3bbff6244802ba548bb22c2be39014e1 (patch)
treef7b78fde82e5557d604de9282d19c235dfc3dea1 /editproducts.cgi
parent4ab7a75f97285207ceb8c4830406701b11819cbc (diff)
downloadbugzilla-73fd49ff3bbff6244802ba548bb22c2be39014e1.tar.gz
bugzilla-73fd49ff3bbff6244802ba548bb22c2be39014e1.tar.xz
Bug 243463 Use a param to protect new charts from leaking information
r=justdave a=justdave
Diffstat (limited to 'editproducts.cgi')
-rwxr-xr-xeditproducts.cgi59
1 files changed, 32 insertions, 27 deletions
diff --git a/editproducts.cgi b/editproducts.cgi
index 8cf9a309d..6d33c8080 100755
--- a/editproducts.cgi
+++ b/editproducts.cgi
@@ -271,6 +271,10 @@ if ($action eq 'add') {
print "</TR><TR>\n";
print " <TH ALIGN=\"right\">Version:</TH>\n";
print " <TD><INPUT SIZE=64 MAXLENGTH=255 NAME=\"version\" VALUE=\"unspecified\"></TD>\n";
+ print "</TR><TR>\n";
+ print " <TH ALIGN=\"right\">Create chart datasets for this product:</TH>\n";
+ print " <TD><INPUT TYPE=CHECKBOX NAME=\"createseries\" VALUE=1></TD>";
+ print "</TR>\n";
print "</TABLE>\n<HR>\n";
print "<INPUT TYPE=SUBMIT VALUE=\"Add\">\n";
@@ -389,36 +393,37 @@ if ($action eq 'new') {
CONTROLMAPNA . ", 0)");
}
- # Insert default charting queries for this product.
- # If they aren't using charting, this won't do any harm.
- GetVersionTable();
-
- my @series;
-
- # We do every status, every resolution, and an "opened" one as well.
- foreach my $bug_status (@::legal_bug_status) {
- push(@series, [$bug_status, "bug_status=$bug_status"]);
- }
+ if ($::FORM{createseries}) {
+ # Insert default charting queries for this product.
+ # If they aren't using charting, this won't do any harm.
+ GetVersionTable();
+
+ my @series;
+
+ # We do every status, every resolution, and an "opened" one as well.
+ foreach my $bug_status (@::legal_bug_status) {
+ push(@series, [$bug_status, "bug_status=$bug_status"]);
+ }
- foreach my $resolution (@::legal_resolution) {
- next if !$resolution;
- push(@series, [$resolution, "resolution=$resolution"]);
- }
+ foreach my $resolution (@::legal_resolution) {
+ next if !$resolution;
+ push(@series, [$resolution, "resolution=$resolution"]);
+ }
- # For localisation reasons, we get the name of the "global" subcategory
- # and the title of the "open" query from the submitted form.
- my @openedstatuses = ("UNCONFIRMED", "NEW", "ASSIGNED", "REOPENED");
- my $query = join("&", map { "bug_status=$_" } @openedstatuses);
- push(@series, [$::FORM{'open_name'}, $query]);
-
- foreach my $sdata (@series) {
- my $series = new Bugzilla::Series(undef, $product,
- $::FORM{'subcategory'},
- $sdata->[0], $::userid, 1,
- $sdata->[1] . "&product=$product", 1);
- $series->writeToDatabase();
+ # For localisation reasons, we get the name of the "global" subcategory
+ # and the title of the "open" query from the submitted form.
+ my @openedstatuses = ("UNCONFIRMED", "NEW", "ASSIGNED", "REOPENED");
+ my $query = join("&", map { "bug_status=$_" } @openedstatuses);
+ push(@series, [$::FORM{'open_name'}, $query]);
+
+ foreach my $sdata (@series) {
+ my $series = new Bugzilla::Series(undef, $product,
+ $::FORM{'subcategory'},
+ $sdata->[0], $::userid, 1,
+ $sdata->[1] . "&product=$product", 1);
+ $series->writeToDatabase();
+ }
}
-
# Make versioncache flush
unlink "$datadir/versioncache";