From 37dc5c7799eb5a6d7385f6fda76bb96747979a09 Mon Sep 17 00:00:00 2001
From: "gerv%gerv.net" <>
Date: Fri, 27 Sep 2002 06:25:11 +0000
Subject: Bug 170986 - General Summary reports don't work with taint checking.
 Also fixes Throw*Error's $extra_vars parameter. Patch by gerv; r=bbaetz.

---
 CGI.pl     | 12 ++++++++----
 globals.pl |  2 ++
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/CGI.pl b/CGI.pl
index b9504983b..d6c040978 100644
--- a/CGI.pl
+++ b/CGI.pl
@@ -854,8 +854,10 @@ sub ThrowCodeError {
   SendSQL("UNLOCK TABLES") if $unlock_tables;
   
   # Copy the extra_vars into the vars hash 
-  @::vars{keys %$extra_vars} = values %$extra_vars;
-
+  foreach my $var (keys %$extra_vars) {
+      $vars->{$var} = $extra_vars->{$var};
+  }
+  
   # We may one day log something to file here also.
   $vars->{'variables'} = $extra_vars;
   
@@ -873,8 +875,10 @@ sub ThrowUserError {
   SendSQL("UNLOCK TABLES") if $unlock_tables;
  
   # Copy the extra_vars into the vars hash 
-  @::vars{keys %$extra_vars} = values %$extra_vars;
-
+  foreach my $var (keys %$extra_vars) {
+      $vars->{$var} = $extra_vars->{$var};
+  }
+  
   print "Content-type: text/html\n\n" if !$vars->{'header_done'};
   $template->process("global/user-error.html.tmpl", $vars)
     || ThrowTemplateError($template->error());
diff --git a/globals.pl b/globals.pl
index 64031bc85..a6a751562 100644
--- a/globals.pl
+++ b/globals.pl
@@ -1637,6 +1637,8 @@ sub GetFormat {
     # Security - allow letters and a hyphen only
     $ctype =~ s/[^a-zA-Z\-]//g;
     $format =~ s/[^a-zA-Z\-]//g;
+    trick_taint($ctype);
+    trick_taint($format);
     
     $template .= ($format ? "-$format" : "");
     $template .= ".$ctype.tmpl";
-- 
cgit v1.2.3-24-g4f1b