diff options
Diffstat (limited to 'editfields.cgi')
-rw-r--r-- | editfields.cgi | 84 |
1 files changed, 21 insertions, 63 deletions
diff --git a/editfields.cgi b/editfields.cgi index f7a059016..e57e1952c 100644 --- a/editfields.cgi +++ b/editfields.cgi @@ -55,49 +55,18 @@ elsif ($action eq 'add') { } elsif ($action eq 'new') { check_token_data($token, 'add_field'); - my $name = clean_text($cgi->param('name') || ''); - my $desc = clean_text($cgi->param('desc') || ''); - my $type = trim($cgi->param('type') || FIELD_TYPE_FREETEXT); - my $sortkey = $cgi->param('sortkey') || 0; - - # Validate these fields. - $name || ThrowUserError('customfield_missing_name'); - # Don't want to allow a name that might mess up SQL. - $name =~ /^\w+$/ && $name ne "cf_" - || ThrowUserError('customfield_invalid_name', { name => $name }); - # Prepend cf_ to the custom field name to distinguish it from standard fields. - if ($name !~ /^cf_/) { - $name = 'cf_' . $name; - } - my $field = new Bugzilla::Field({'name' => $name}); - ThrowUserError('customfield_already_exists', {'field' => $field }) if $field; - - $desc || ThrowUserError('customfield_missing_description', {'name' => $name}); - - # We hardcode valid values for $type. This doesn't matter. - my $typ = $type; - (detaint_natural($type) && $type < 3) - || ThrowCodeError('invalid_customfield_type', {'type' => $typ}); - - my $skey = $sortkey; - detaint_natural($sortkey) - || ThrowUserError('customfield_invalid_sortkey', {'name' => $name, - 'sortkey' => $skey}); - - # All fields have been validated. We can create this new custom field. - trick_taint($name); - trick_taint($desc); - - $vars->{'name'} = $name; - $vars->{'desc'} = $desc; - $vars->{'sortkey'} = $sortkey; - $vars->{'type'} = $type; - $vars->{'custom'} = 1; - $vars->{'in_new_bugmail'} = $cgi->param('new_bugmail') ? 1 : 0; - $vars->{'editable_on_enter_bug'} = $cgi->param('enter_bug') ? 1 : 0; - $vars->{'is_obsolete'} = $cgi->param('obsolete') ? 1 : 0; - - Bugzilla::Field::create_or_update($vars); + + $vars->{'field'} = Bugzilla::Field->create({ + name => scalar $cgi->param('name'), + description => scalar $cgi->param('desc'), + type => scalar $cgi->param('type'), + sortkey => scalar $cgi->param('sortkey'), + mailhead => scalar $cgi->param('new_bugmail'), + enter_bug => scalar $cgi->param('enter_bug'), + obsolete => scalar $cgi->param('obsolete'), + custom => 1, + }); + delete_token($token); $vars->{'message'} = 'custom_field_created'; @@ -106,7 +75,7 @@ elsif ($action eq 'new') { || ThrowTemplateError($template->error()); } elsif ($action eq 'edit') { - my $name = $cgi->param('name') || ThrowUserError('customfield_missing_name'); + my $name = $cgi->param('name') || ThrowUserError('field_missing_name'); # Custom field names must start with "cf_". if ($name !~ /^cf_/) { $name = 'cf_' . $name; @@ -123,11 +92,9 @@ elsif ($action eq 'edit') { elsif ($action eq 'update') { check_token_data($token, 'edit_field'); my $name = $cgi->param('name'); - my $desc = clean_text($cgi->param('desc') || ''); - my $sortkey = $cgi->param('sortkey') || 0; # Validate fields. - $name || ThrowUserError('customfield_missing_name'); + $name || ThrowUserError('field_missing_name'); # Custom field names must start with "cf_". if ($name !~ /^cf_/) { $name = 'cf_' . $name; @@ -135,25 +102,16 @@ elsif ($action eq 'update') { my $field = new Bugzilla::Field({'name' => $name}); $field || ThrowUserError('customfield_nonexistent', {'name' => $name}); - $desc || ThrowUserError('customfield_missing_description', {'name' => $name}); - trick_taint($desc); - - my $skey = $sortkey; - detaint_natural($sortkey) - || ThrowUserError('customfield_invalid_sortkey', {'name' => $name, - 'sortkey' => $skey}); - - $vars->{'name'} = $field->name; - $vars->{'desc'} = $desc; - $vars->{'sortkey'} = $sortkey; - $vars->{'custom'} = 1; - $vars->{'in_new_bugmail'} = $cgi->param('new_bugmail') ? 1 : 0; - $vars->{'editable_on_enter_bug'} = $cgi->param('enter_bug') ? 1 : 0; - $vars->{'is_obsolete'} = $cgi->param('obsolete') ? 1 : 0; + $field->set_description($cgi->param('desc')); + $field->set_sortkey($cgi->param('sortkey')); + $field->set_in_new_bugmail($cgi->param('new_bugmail')); + $field->set_enter_bug($cgi->param('enter_bug')); + $field->set_obsolete($cgi->param('obsolete')); + $field->update(); - Bugzilla::Field::create_or_update($vars); delete_token($token); + $vars->{'field'} = $field; $vars->{'message'} = 'custom_field_updated'; $template->process('admin/custom_fields/list.html.tmpl', $vars) |