diff options
author | jake%acutex.net <> | 2001-06-01 22:38:01 +0200 |
---|---|---|
committer | jake%acutex.net <> | 2001-06-01 22:38:01 +0200 |
commit | 8e1f344a2b52856dde0ac23b05244d3a3e7bf66e (patch) | |
tree | fded7aef212c4219e223315865ae5c159349f19d /show_activity.cgi | |
parent | 6496a7165061d8552f3cc1bc3aa1454b24f45470 (diff) | |
download | bugzilla-8e1f344a2b52856dde0ac23b05244d3a3e7bf66e.tar.gz bugzilla-8e1f344a2b52856dde0ac23b05244d3a3e7bf66e.tar.xz |
More leak pluggin. This one fixes bug 39526.
Patch by Myk Melez <myk@mozilla.org>
r= jake@acutex.net
Diffstat (limited to 'show_activity.cgi')
-rwxr-xr-x | show_activity.cgi | 25 |
1 files changed, 22 insertions, 3 deletions
diff --git a/show_activity.cgi b/show_activity.cgi index d6e388afc..fccc21cd4 100755 --- a/show_activity.cgi +++ b/show_activity.cgi @@ -19,21 +19,40 @@ # Rights Reserved. # # Contributor(s): Terry Weissman <terry@mozilla.org> +# Myk Melez <myk@mozilla.org> use diagnostics; use strict; require "CGI.pl"; +ConnectToDatabase(); + +###################################################################### +# Begin Data/Security Validation +###################################################################### + +# Check whether or not the user is currently logged in. This function +# sets the value of $::usergroupset, the binary number that records +# the set of groups to which the user belongs and which we can use +# to determine whether or not the user is authorized to access this bug. +quietly_check_login(); + +# Make sure the bug ID is a positive integer representing an existing +# bug that the user is authorized to access. +ValidateBugID($::FORM{'id'}); + +###################################################################### +# End Data/Security Validation +###################################################################### + print "Content-type: text/html\n\n"; PutHeader("Changes made to bug $::FORM{'id'}", "Activity log", "Bug $::FORM{'id'}"); -ConnectToDatabase(); - DumpBugActivity($::FORM{'id'}); -print "<hr><a href=show_bug.cgi?id=$::FORM{'id'}>Back to bug $::FORM{'id'}</a>\n"; +print qq|<hr><a href="show_bug.cgi?id=$::FORM{'id'}">Back to bug $::FORM{'id'}</a>\n|; PutFooter(); |