diff options
Diffstat (limited to 'Bugzilla')
| -rw-r--r-- | Bugzilla/Search.pm | 8 | ||||
| -rw-r--r-- | Bugzilla/User.pm | 2 | ||||
| -rw-r--r-- | Bugzilla/Util.pm | 38 |
3 files changed, 28 insertions, 20 deletions
diff --git a/Bugzilla/Search.pm b/Bugzilla/Search.pm index 0b1ac94ba..6255ede5d 100644 --- a/Bugzilla/Search.pm +++ b/Bugzilla/Search.pm @@ -350,14 +350,18 @@ sub init { if ($params->param('deadlinefrom')){ $deadlinefrom = $params->param('deadlinefrom'); - Bugzilla::Util::ValidateDate($deadlinefrom, 'deadlinefrom'); + validate_date($deadlinefrom) + || ThrowUserError('illegal_date', {date => $deadlinefrom, + format => 'YYYY-MM-DD'}); $sql_deadlinefrom = &::SqlQuote($deadlinefrom); push(@wherepart, "bugs.deadline >= $sql_deadlinefrom"); } if ($params->param('deadlineto')){ $deadlineto = $params->param('deadlineto'); - Bugzilla::Util::ValidateDate($deadlineto, 'deadlineto'); + validate_date($deadlineto) + || ThrowUserError('illegal_date', {date => $deadlineto, + format => 'YYYY-MM-DD'}); $sql_deadlineto = &::SqlQuote($deadlineto); push(@wherepart, "bugs.deadline <= $sql_deadlineto"); } diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm index ad0430449..ab70f06fa 100644 --- a/Bugzilla/User.pm +++ b/Bugzilla/User.pm @@ -1184,7 +1184,7 @@ sub insert_new_user { $password ||= &::GenerateRandomPassword(); my $cryptpassword = bz_crypt($password); - # XXX - These should be moved into is_available_username or check_email_syntax + # XXX - These should be moved into is_available_username or validate_email_syntax # At the least, they shouldn't be here. They're safe for now, though. trick_taint($username); trick_taint($realname); diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index d70bc13dd..694f6f1c4 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -37,13 +37,13 @@ use base qw(Exporter); lsearch max min diff_arrays diff_strings trim wrap_comment find_wrap_point - format_time format_time_decimal + format_time format_time_decimal validate_date file_mod_time is_7bit_clean - bz_crypt check_email_syntax); + bz_crypt validate_email_syntax); use Bugzilla::Config; -use Bugzilla::Error; use Bugzilla::Constants; + use Date::Parse; use Date::Format; use Text::Wrap; @@ -349,16 +349,15 @@ sub bz_crypt { return $cryptedpassword; } -sub check_email_syntax { - my ($addr) = (@_); +sub validate_email_syntax { + my ($addr) = @_; my $match = Param('emailregexp'); - if ($addr !~ /$match/ || $addr =~ /[\\\(\)<>&,;:"\[\] \t\r\n]/) { - ThrowUserError("illegal_email_address", { addr => $addr }); - } + my $ret = ($addr =~ /$match/ && $addr !~ /[\\\(\)<>&,;:"\[\] \t\r\n]/); + return $ret ? 1 : 0; } -sub ValidateDate { - my ($date, $format) = @_; +sub validate_date { + my ($date) = @_; my $date2; # $ts is undefined if the parser fails. @@ -369,9 +368,8 @@ sub ValidateDate { $date =~ s/(\d+)-0*(\d+?)-0*(\d+?)/$1-$2-$3/; $date2 =~ s/(\d+)-0*(\d+?)-0*(\d+?)/$1-$2-$3/; } - if (!$ts || $date ne $date2) { - ThrowUserError('illegal_date', {date => $date, format => $format}); - } + my $ret = ($ts && $date eq $date2); + return $ret ? 1 : 0; } sub is_7bit_clean { @@ -431,7 +429,8 @@ Bugzilla::Util - Generic utility functions for bugzilla $crypted_password = bz_crypt($password); # Validation Functions - check_email_syntax($email); + validate_email_syntax($email); + validate_date($date); =head1 DESCRIPTION @@ -670,9 +669,14 @@ characters of the password to anyone who views the encrypted version. =over 4 -=item C<check_email_syntax($email)> +=item C<validate_email_syntax($email)> + +Do a syntax checking for a legal email address and returns 1 if +the check is successful, else returns 0. + +=item C<validate_date($date)> -Do a syntax checking for a legal email address. An error is thrown -if the validation fails. +Make sure the date has the correct format and returns 1 if +the check is successful, else returns 0. =back |