diff options
Diffstat (limited to 'post_bug.cgi')
| -rwxr-xr-x | post_bug.cgi | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/post_bug.cgi b/post_bug.cgi index 90ca32f52..68842b646 100755 --- a/post_bug.cgi +++ b/post_bug.cgi @@ -207,6 +207,17 @@ $query .= "now(), 0"; foreach my $b (grep(/^bit-\d*$/, keys %::FORM)) { if ($::FORM{$b}) { my $v = substr($b, 4); + $v =~ /^(\d+)$/ + || PuntTryAgain("One of the group bits submitted was invalid."); + if (!GroupIsActive($v)) { + # Prevent the user from adding the bug to an inactive group. + # Should only happen if there is a bug in Bugzilla or the user + # hacked the "enter bug" form since otherwise the UI + # for adding the bug to the group won't appear on that form. + PuntTryAgain("You can't add this bug to the inactive group " . + "identified by the bit '$v'. This shouldn't happen, " . + "so it may indicate a bug in Bugzilla."); + } $query .= " + $v"; # Carefully written so that the math is # done by MySQL, which can handle 64-bit math, # and not by Perl, which I *think* can not. |