diff options
author | gerv%gerv.net <> | 2002-10-02 07:41:03 +0200 |
---|---|---|
committer | gerv%gerv.net <> | 2002-10-02 07:41:03 +0200 |
commit | 60b331bc2a1d89296f5c57df34171db3b3eca409 (patch) | |
tree | 241d081fab876eb42f3784ba67819e65662b0467 /quips.cgi | |
parent | 8d6671f06bf7d6864cffcaccf4ef4b7e09b80675 (diff) | |
download | bugzilla-60b331bc2a1d89296f5c57df34171db3b3eca409.tar.gz bugzilla-60b331bc2a1d89296f5c57df34171db3b3eca409.tar.xz |
Bug 163114 - Templatise all calls to DisplayError. Patch C. Patch by gerv; r=burnus.
Diffstat (limited to 'quips.cgi')
-rwxr-xr-x | quips.cgi | 20 |
1 files changed, 4 insertions, 16 deletions
@@ -55,24 +55,12 @@ if ($action eq "show") { } if ($action eq "add") { + (Param('enablequips') eq "on") || ThrowUserError("no_new_quips"); + # Add the quip my $comment = $::FORM{"quip"}; - if (!$comment) { - DisplayError("Please enter a quip in the text field."); - exit(); - } - - if (Param('enablequips') ne "on") { - ThrowUserError("no_new_quips"); - exit(); - } - - - if ($comment =~ m/</) { - DisplayError("Sorry - for security reasons, support for HTML tags has - been turned off in quips."); - exit(); - } + $comment || ThrowUserError("need_quip"); + $comment !~ m/</ || ThrowUserError("no_html_in_quips"); SendSQL("INSERT INTO quips (userid, quip) VALUES (". $userid . ", " . SqlQuote($comment) . ")"); |