diff options
author | Dylan William Hardison <dylan@mozilla.com> | 2014-12-15 03:09:41 +0100 |
---|---|---|
committer | Byron Jones <glob@mozilla.com> | 2014-12-15 03:09:58 +0100 |
commit | 9addfeb1a4e9d68e19620e3c60ab4f9af7380c38 (patch) | |
tree | 54b3a1df1336e7f6f1b48c6036420a6ec8602f57 /extensions | |
parent | 0cd42fd71007724425c07acf2f7af6c410d7dc47 (diff) | |
download | bugzilla-9addfeb1a4e9d68e19620e3c60ab4f9af7380c38.tar.gz bugzilla-9addfeb1a4e9d68e19620e3c60ab4f9af7380c38.tar.xz |
Bug 1105585: Fix bug bounty form to validate its input more and relax the restriction on the paid field to include -+? suffix
Diffstat (limited to 'extensions')
-rw-r--r-- | extensions/BMO/Extension.pm | 10 | ||||
-rw-r--r-- | extensions/BMO/template/en/default/pages/attachment_bounty_form.html.tmpl | 40 |
2 files changed, 43 insertions, 7 deletions
diff --git a/extensions/BMO/Extension.pm b/extensions/BMO/Extension.pm index 321cdb29e..e776b320b 100644 --- a/extensions/BMO/Extension.pm +++ b/extensions/BMO/Extension.pm @@ -274,11 +274,11 @@ sub parse_bounty_attachment_description { my $date = qr/\d{4}-\d{2}-\d{2}/; $desc =~ m! ^ - (?<reporter_email> [^,]+) \s*,\s* - (?<amount_paid> [0-9]+) ? \s*,\s* - (?<reported_date> $date) ? \s*,\s* - (?<fixed_date> $date) ? \s*,\s* - (?<awarded_date> $date) ? \s*,\s* + (?<reporter_email> [^,]+) \s*,\s* + (?<amount_paid> [0-9]+[-+?]?) ? \s*,\s* + (?<reported_date> $date) ? \s*,\s* + (?<fixed_date> $date) ? \s*,\s* + (?<awarded_date> $date) ? \s*,\s* (?<publish> (?i: true | false )) ? (?: \s*,\s* (?<credits>.*) ) ? $ diff --git a/extensions/BMO/template/en/default/pages/attachment_bounty_form.html.tmpl b/extensions/BMO/template/en/default/pages/attachment_bounty_form.html.tmpl index 31a73b017..230fab3d9 100644 --- a/extensions/BMO/template/en/default/pages/attachment_bounty_form.html.tmpl +++ b/extensions/BMO/template/en/default/pages/attachment_bounty_form.html.tmpl @@ -48,10 +48,25 @@ [% END %] [% inline_javascript = BLOCK %] +var validateDate = /^(\d{4}-\d{2}-\d{2}|)$/; +var validators = { + reporter_email: /^[^,]+$/, + amount_paid: /^[0-9]*[-+?]?$/, + reported_date: validateDate, + fixed_date: validateDate, + awarded_date: validateDate, + publish: /^(0|1)$/, + credit_1: /^([^,]+|)$/, + credit_2: /^([^,]+|)$/, + credit_3: /^([^,]+|)$/ +}; + function validateAndSubmit() { 'use strict'; var alert_text = ''; var requiredLabels = YAHOO.util.Selector.query('label.required'); + var skip = {}; + if (requiredLabels) { requiredLabels.forEach(function (label) { var name = label.getAttribute('for'); @@ -62,15 +77,36 @@ function validateAndSubmit() { }); if (ids && ids[0]) { - if (!isFilledOut(ids[0])) { - var desc = label.textContent || name; + var id = ids[0]; + var desc = label.textContent || name; + if (!isFilledOut(id)) { alert_text += "Please enter a value for " + desc.replace(/[\r\n]+/, "").replace(/\s+/g, " ") + "\n"; + skip[id] = true; } } }); + for (var id in validators) { + if (skip[id]) continue; + var el = document.getElementById(id); + if (validators[id] && !validators[id].test( el.value )) { + var labels = YAHOO.util.Selector.query('label[for="' + id + '"]'); + var desc; + if (labels && labels[0]) { + desc = labels[0].textContent; + } + else { + desc = id; + } + alert_text += + "Invalid value for " + + desc.replace(/[\r\n]+/, "").replace(/\s+/g, " ") + + "\n"; + } + } + } if (alert_text != '') { |