summaryrefslogtreecommitdiffstats
path: root/extensions
diff options
context:
space:
mode:
authorDylan William Hardison <dylan@mozilla.com>2014-12-15 03:09:41 +0100
committerByron Jones <glob@mozilla.com>2014-12-15 03:09:58 +0100
commit9addfeb1a4e9d68e19620e3c60ab4f9af7380c38 (patch)
tree54b3a1df1336e7f6f1b48c6036420a6ec8602f57 /extensions
parent0cd42fd71007724425c07acf2f7af6c410d7dc47 (diff)
downloadbugzilla-9addfeb1a4e9d68e19620e3c60ab4f9af7380c38.tar.gz
bugzilla-9addfeb1a4e9d68e19620e3c60ab4f9af7380c38.tar.xz
Bug 1105585: Fix bug bounty form to validate its input more and relax the restriction on the paid field to include -+? suffix
Diffstat (limited to 'extensions')
-rw-r--r--extensions/BMO/Extension.pm10
-rw-r--r--extensions/BMO/template/en/default/pages/attachment_bounty_form.html.tmpl40
2 files changed, 43 insertions, 7 deletions
diff --git a/extensions/BMO/Extension.pm b/extensions/BMO/Extension.pm
index 321cdb29e..e776b320b 100644
--- a/extensions/BMO/Extension.pm
+++ b/extensions/BMO/Extension.pm
@@ -274,11 +274,11 @@ sub parse_bounty_attachment_description {
my $date = qr/\d{4}-\d{2}-\d{2}/;
$desc =~ m!
^
- (?<reporter_email> [^,]+) \s*,\s*
- (?<amount_paid> [0-9]+) ? \s*,\s*
- (?<reported_date> $date) ? \s*,\s*
- (?<fixed_date> $date) ? \s*,\s*
- (?<awarded_date> $date) ? \s*,\s*
+ (?<reporter_email> [^,]+) \s*,\s*
+ (?<amount_paid> [0-9]+[-+?]?) ? \s*,\s*
+ (?<reported_date> $date) ? \s*,\s*
+ (?<fixed_date> $date) ? \s*,\s*
+ (?<awarded_date> $date) ? \s*,\s*
(?<publish> (?i: true | false )) ?
(?: \s*,\s* (?<credits>.*) ) ?
$
diff --git a/extensions/BMO/template/en/default/pages/attachment_bounty_form.html.tmpl b/extensions/BMO/template/en/default/pages/attachment_bounty_form.html.tmpl
index 31a73b017..230fab3d9 100644
--- a/extensions/BMO/template/en/default/pages/attachment_bounty_form.html.tmpl
+++ b/extensions/BMO/template/en/default/pages/attachment_bounty_form.html.tmpl
@@ -48,10 +48,25 @@
[% END %]
[% inline_javascript = BLOCK %]
+var validateDate = /^(\d{4}-\d{2}-\d{2}|)$/;
+var validators = {
+ reporter_email: /^[^,]+$/,
+ amount_paid: /^[0-9]*[-+?]?$/,
+ reported_date: validateDate,
+ fixed_date: validateDate,
+ awarded_date: validateDate,
+ publish: /^(0|1)$/,
+ credit_1: /^([^,]+|)$/,
+ credit_2: /^([^,]+|)$/,
+ credit_3: /^([^,]+|)$/
+};
+
function validateAndSubmit() {
'use strict';
var alert_text = '';
var requiredLabels = YAHOO.util.Selector.query('label.required');
+ var skip = {};
+
if (requiredLabels) {
requiredLabels.forEach(function (label) {
var name = label.getAttribute('for');
@@ -62,15 +77,36 @@ function validateAndSubmit() {
});
if (ids && ids[0]) {
- if (!isFilledOut(ids[0])) {
- var desc = label.textContent || name;
+ var id = ids[0];
+ var desc = label.textContent || name;
+ if (!isFilledOut(id)) {
alert_text +=
"Please enter a value for " +
desc.replace(/[\r\n]+/, "").replace(/\s+/g, " ") +
"\n";
+ skip[id] = true;
}
}
});
+ for (var id in validators) {
+ if (skip[id]) continue;
+ var el = document.getElementById(id);
+ if (validators[id] && !validators[id].test( el.value )) {
+ var labels = YAHOO.util.Selector.query('label[for="' + id + '"]');
+ var desc;
+ if (labels && labels[0]) {
+ desc = labels[0].textContent;
+ }
+ else {
+ desc = id;
+ }
+ alert_text +=
+ "Invalid value for " +
+ desc.replace(/[\r\n]+/, "").replace(/\s+/g, " ") +
+ "\n";
+ }
+ }
+
}
if (alert_text != '') {