summaryrefslogtreecommitdiffstats
path: root/quips.cgi
diff options
context:
space:
mode:
authorKoosha Khajeh Moogahi <koosha.khajeh@gmail.com>2012-08-18 19:06:44 +0200
committerFrédéric Buclin <LpSolit@gmail.com>2012-08-18 19:06:44 +0200
commitc6c54c2e4235783544c44c08e4e55d4057556588 (patch)
tree2014f444a3de707c4aa47ddbd29aa77347c54500 /quips.cgi
parentca3d59070b8e470c3c82399f62e8b801db043e89 (diff)
downloadbugzilla-c6c54c2e4235783544c44c08e4e55d4057556588.tar.gz
bugzilla-c6c54c2e4235783544c44c08e4e55d4057556588.tar.xz
Bug 187753: Specify a maximum length for quips (512 characters)
r/a=LpSolit
Diffstat (limited to 'quips.cgi')
-rwxr-xr-xquips.cgi4
1 files changed, 4 insertions, 0 deletions
diff --git a/quips.cgi b/quips.cgi
index 565056a6e..266ed516f 100755
--- a/quips.cgi
+++ b/quips.cgi
@@ -65,6 +65,10 @@ if ($action eq "add") {
|| $user->in_group('bz_quip_moderators') || 0;
my $comment = $cgi->param("quip");
$comment || ThrowUserError("need_quip");
+
+ ThrowUserError("quip_too_long", { length => length($comment) })
+ if length($comment) > MAX_QUIP_LENGTH;
+
trick_taint($comment); # Used in a placeholder below
$dbh->do("INSERT INTO quips (userid, quip, approved) VALUES (?, ?, ?)",