diff options
| author | kiko%async.com.br <> | 2004-04-12 06:31:44 +0200 |
|---|---|---|
| committer | kiko%async.com.br <> | 2004-04-12 06:31:44 +0200 |
| commit | fcf2c1a1a5900f51a6e20c6b2391677bf6fb729c (patch) | |
| tree | cf7053f9d72de657ec11a909632a65a96b0d7ab6 /page.cgi | |
| parent | 4d1ced8f750508a70c938a932c09a0cd56103c28 (diff) | |
| download | bugzilla-fcf2c1a1a5900f51a6e20c6b2391677bf6fb729c.tar.gz bugzilla-fcf2c1a1a5900f51a6e20c6b2391677bf6fb729c.tar.xz | |
Fix for bug 238865-v1: remove %FORM from page.cgi. Does so, fixing the
linked page template and adding a code error for the "bad id provided"
case. r=vladd, a=myk.
Diffstat (limited to 'page.cgi')
| -rwxr-xr-x | page.cgi | 13 |
1 files changed, 9 insertions, 4 deletions
@@ -42,14 +42,19 @@ Bugzilla->login(); my $cgi = Bugzilla->cgi; -if ($::FORM{'id'}) { +my $id = $cgi->param('id'); +if ($id) { # Remove all dodgy chars, and split into name and ctype. - $::FORM{'id'} =~ s/[^\w\-\.]//g; - $::FORM{'id'} =~ /(.*)\.(.*)/; + $id =~ s/[^\w\-\.]//g; + $id =~ /(.*)\.(.*)/; + if (!$2) { + # if this regexp fails to match completely, something bad came in + ThrowCodeError("bad_page_cgi_id", { "page_id" => $id }); + } my $format = GetFormat("pages/$1", undef, $2); - $vars->{'form'} = \%::FORM; + $cgi->param('id', $id); print $cgi->header($format->{'ctype'}); |