summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Bugzilla/Object.pm13
-rw-r--r--Bugzilla/Util.pm9
2 files changed, 13 insertions, 9 deletions
diff --git a/Bugzilla/Object.pm b/Bugzilla/Object.pm
index 456888b38..b04593f89 100644
--- a/Bugzilla/Object.pm
+++ b/Bugzilla/Object.pm
@@ -117,10 +117,17 @@ sub check {
if (!ref $param) {
$param = { name => $param };
}
+
# Don't allow empty names or ids.
- my $check_param = exists $param->{id} ? $param->{id} : $param->{name};
- $check_param = trim($check_param);
- $check_param || ThrowUserError('object_not_specified', { class => $class });
+ my $check_param = exists $param->{id} ? 'id' : 'name';
+ $param->{$check_param} = trim($param->{$check_param});
+ # If somebody passes us "0", we want to throw an error like
+ # "there is no X with the name 0". This is true even for ids. So here,
+ # we only check if the parameter is undefined or empty.
+ if (!defined $param->{$check_param} or $param->{$check_param} eq '') {
+ ThrowUserError('object_not_specified', { class => $class });
+ }
+
my $obj = $class->new($param);
if (!$obj) {
# We don't want to override the normal template "user" object if
diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm
index 513e02857..21588417c 100644
--- a/Bugzilla/Util.pm
+++ b/Bugzilla/Util.pm
@@ -68,17 +68,14 @@ sub trick_taint {
sub detaint_natural {
my $match = $_[0] =~ /^(\d+)$/;
- $_[0] = $match ? $1 : undef;
+ $_[0] = $match ? int($1) : undef;
return (defined($_[0]));
}
sub detaint_signed {
my $match = $_[0] =~ /^([-+]?\d+)$/;
- $_[0] = $match ? $1 : undef;
- # Remove any leading plus sign.
- if (defined($_[0]) && $_[0] =~ /^\+(\d+)$/) {
- $_[0] = $1;
- }
+ # The "int()" call removes any leading plus sign.
+ $_[0] = $match ? int($1) : undef;
return (defined($_[0]));
}