From 8a9666557189baca9f404da532f17359b419621e Mon Sep 17 00:00:00 2001
From: "gerv%gerv.net" <>
Date: Sun, 29 Sep 2002 04:44:24 +0000
Subject: Bug 163114 - Templatise all calls to DisplayError. Patch B. Patch by
gerv; r=burnus.
---
CGI.pl | 37 +++-----------
buglist.cgi | 42 ++++-----------
template/en/default/global/code-error.html.tmpl | 11 ++++
template/en/default/global/user-error.html.tmpl | 68 ++++++++++++++++++++++---
4 files changed, 91 insertions(+), 67 deletions(-)
diff --git a/CGI.pl b/CGI.pl
index d6c040978..5360d155f 100644
--- a/CGI.pl
+++ b/CGI.pl
@@ -270,19 +270,7 @@ sub ValidateBugID {
my $alias = $id;
if (!detaint_natural($id)) {
$id = BugAliasToID($alias);
- if (!$id) {
- my $html_id = html_quote($_[0]);
- my $alias_specific_message = Param("usebugaliases") ?
- " (it is neither a bug number nor an alias to a bug number)" : "";
- DisplayError(qq|
- The bug number $html_id is invalid$alias_specific_message.
- If you are trying to use QuickSearch, you need to enable JavaScript
- in your browser. To help us fix this limitation, add your comments
- to bug
- 70907.
- |);
- exit;
- }
+ $id || ThrowUserError("invalid_bug_id_or_alias", {'bug_id' => $id});
}
# Modify the calling code's original variable to contain the trimmed,
@@ -293,8 +281,7 @@ sub ValidateBugID {
SendSQL("SELECT bug_id FROM bugs WHERE bug_id = $id");
FetchOneColumn()
- || DisplayError("Bug #$id does not exist.")
- && exit;
+ || ThrowUserError("invalid_bug_id_non_existent", {'bug_id' => $id});
return if $skip_authorization;
@@ -305,16 +292,10 @@ sub ValidateBugID {
# The error the user sees depends on whether or not they are logged in
# (i.e. $::userid contains the user's positive integer ID).
if ($::userid) {
- DisplayError("You are not authorized to access bug #$id.");
+ ThrowUserError("bug_access_denied", {'bug_id' => $id});
} else {
- DisplayError(
- qq|You are not authorized to access bug #$id. To see this bug, you
- must first log in
- to an account with the appropriate permissions.|
- );
+ ThrowUserError("bug_access_query", {'bug_id' => $id});
}
- exit;
-
}
sub ValidateComment {
@@ -323,8 +304,7 @@ sub ValidateComment {
my ($comment) = @_;
if (defined($comment) && length($comment) > 65535) {
- DisplayError("Comments cannot be longer than 65,535 characters.");
- exit;
+ ThrowUserError("comment_too_long");
}
}
@@ -573,9 +553,7 @@ sub confirm_login {
# Make sure the user exists or throw an error (but do not admit it was a username
# error to make it harder for a cracker to find account names by brute force).
- $userid
- || DisplayError("The username or password you entered is not valid.")
- && exit;
+ $userid || ThrowUserError("invalid_username_or_password");
# If this is a new user, generate a password, insert a record
# into the database, and email their password to them.
@@ -605,8 +583,7 @@ sub confirm_login {
# Make sure the passwords match or throw an error.
($enteredCryptedPassword eq $realcryptpwd)
- || DisplayError("The username or password you entered is not valid.")
- && exit;
+ || ThrowUserError("invalid_username_or_password");
# If the user has successfully logged in, delete any password tokens
# lying around in the system for them.
diff --git a/buglist.cgi b/buglist.cgi
index f466780b1..8c8f52008 100755
--- a/buglist.cgi
+++ b/buglist.cgi
@@ -75,11 +75,7 @@ my $dotweak = $::FORM{'tweak'} ? 1 : 0;
# Log the user in
if ($dotweak) {
confirm_login();
- if (!UserInGroup("editbugs")) {
- DisplayError("Sorry, you do not have sufficient privileges to edit
- multiple bugs.");
- exit;
- }
+ UserInGroup("editbugs") || ThrowUserError("insufficient_perms_for_multi");
GetVersionTable();
}
else {
@@ -120,12 +116,8 @@ my $order_from_cookie = 0; # True if $order set using $::COOKIE{'LASTORDER'}
# If the user is retrieving the last bug list they looked at, hack the buffer
# storing the query string so that it looks like a query retrieving those bugs.
if ($::FORM{'regetlastlist'}) {
- if (!$::COOKIE{'BUGLIST'}) {
- DisplayError(qq|Sorry, I seem to have lost the cookie that recorded
- the results of your last query. You will have to start
- over at the query page.|);
- exit;
- }
+ $::COOKIE{'BUGLIST'} || ThrowUserError("missing_cookie");
+
$::FORM{'bug_id'} = join(",", split(/:/, $::COOKIE{'BUGLIST'}));
$order = "reuse last sort" unless $order;
$::buffer = "bug_id=$::FORM{'bug_id'}&order=" . url_quote($order);
@@ -186,11 +178,7 @@ sub LookupNamedQuery {
my $qname = SqlQuote($name);
SendSQL("SELECT query FROM namedqueries WHERE userid = $userid AND name = $qname");
my $result = FetchOneColumn();
- if (!$result) {
- my $qname = html_quote($name);
- DisplayError("The query named $qname seems to no longer exist.");
- exit;
- }
+ $result || ThrowUserError("missing_query", {'queryname' => '$name'});
return $result;
}
@@ -305,13 +293,8 @@ elsif ($::FORM{'cmdtype'} eq "doit" && $::FORM{'remember'}) {
my $userid = DBNameToIdAndCheck($::COOKIE{"Bugzilla_login"});
my $name = trim($::FORM{'newqueryname'});
- $name
- || DisplayError("You must enter a name for your query.")
- && exit;
- $name =~ /[<>&]/
- && DisplayError("The name of your query cannot contain any
- of the following characters: <, >, &.")
- && exit;
+ $name || ThrowUserError("query_name_missing");
+ $name !~ /[<>&]/ || ThrowUserError("illegal_query_name");
my $qname = SqlQuote($name);
$::buffer =~ s/[\&\?]cmdtype=[a-z]+//;
@@ -507,18 +490,15 @@ if ($order) {
# Accept an order fragment matching a column name, with
# asc|desc optionally following (to specify the direction)
if (!grep($fragment =~ /^\Q$_\E(\s+(asc|desc))?$/, @columnnames)) {
- my $qfragment = html_quote($fragment);
- my $error = "The custom sort order you specified in your "
- . "form submission contains an invalid column "
- . "name $qfragment.";
+ $vars->{'fragment'} = $fragment;
if ($order_from_cookie) {
my $cookiepath = Param("cookiepath");
print "Set-Cookie: LASTORDER= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT\n";
- $error =~ s/form submission/cookie/;
- $error .= " The cookie has been cleared.";
+ ThrowCodeError("invalid_column_name_cookie");
+ }
+ else {
+ ThrowCodeError("invalid_column_name_form");
}
- DisplayError($error);
- exit;
}
}
# Now that we have checked that all columns in the order are valid,
diff --git a/template/en/default/global/code-error.html.tmpl b/template/en/default/global/code-error.html.tmpl
index 1981364f1..dbe4a1732 100644
--- a/template/en/default/global/code-error.html.tmpl
+++ b/template/en/default/global/code-error.html.tmpl
@@ -73,6 +73,17 @@
The attachment number of one of the attachments you wanted to obsolete,
[% attach_id FILTER html %], is invalid.
+ [% ELSIF error == "invalid_column_name_cookie" %]
+ [% title = "Invalid Column Name" %]
+ The custom sort order specified in your cookie contains an invalid
+ column name [% fragment FILTER html %].
+ The cookie has been cleared.
+
+ [% ELSIF error == "invalid_column_name_form" %]
+ [% title = "Invalid Column Name" %]
+ The custom sort order specified in your form submission contains an
+ invalid column name [% fragment FILTER html %].
+
[% ELSIF error == "mismatched_bug_ids_on_obsolete" %]
Attachment [% attach_id FILTER html %] ([% description FILTER html %])
is attached to bug [% attach_bug_id FILTER html %], but you tried to
diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl
index c9dca30d4..593c8bede 100644
--- a/template/en/default/global/user-error.html.tmpl
+++ b/template/en/default/global/user-error.html.tmpl
@@ -81,7 +81,17 @@
[% ELSIF error == "attachment_access_denied" %]
[% title = "Access Denied" %]
- You are not permitted access to this attachment.
+ You are not authorized to access this attachment.
+
+ [% ELSIF error == "bug_access_denied" %]
+ [% title = "Access Denied" %]
+ You are not authorized to access bug #[% bug_id %].
+
+ [% ELSIF error == "bug_access_query" %]
+ [% title = "Access Denied" %]
+ You are not authorized to access bug #[% bug_id %]. To see this bug, you
+ must first log
+ in to an account with the appropriate permissions.
[% ELSIF error == "buglist_parameters_required" %]
[% title = "Parameters Required" %]
@@ -98,6 +108,10 @@
You have to specify a comment on this change.
Please give some words on the reason for your change.
+ [% ELSIF error == "comment_too_long" %]
+ [% title = "Comment Too Long" %]
+ Comments cannot be longer than 65,535 characters.
+
[% ELSIF error == "dependency_loop_multi" %]
[% title = "Dependency Loop Detected" %]
The following bug(s) would appear on both the "depends on"
@@ -192,11 +206,38 @@
[% title = "Your Query Makes No Sense" %]
The only legal values for the Attachment is obsolete field are
0 and 1.
-
+
+ [% ELSIF error == "illegal_query_name" %]
+ [% title = "Illegal Query Name" %]
+ The name of your query cannot contain any of the following characters:
+ <, >, &.
+
+ [% ELSIF error == "insufficient_privs_for_multi" %]
+ [% title = "Insufficient Privileges" %]
+ Sorry, you do not have sufficient privileges to edit multiple bugs.
+
[% ELSIF error == "invalid_attach_id" %]
[% title = "Invalid Attachment ID" %]
The attachment id [% attach_id FILTER html %] is invalid.
+ [% ELSIF error == "invalid_bug_id" %]
+ [% title = "Invalid Bug ID" %]
+ The bug id [% bug_id FILTER html %] is invalid.
+
+ [% ELSIF error == "invalid_bug_id_non_existent" %]
+ [% title = "Invalid Bug ID" %]
+ Bug #[% bug_id %] does not exist.
+
+ [% ELSIF error == "invalid_bug_id_or_alias" %]
+ [% title = "Invalid Bug ID" %]
+ The 'bug number' [% bug_id FILTER html %] is invalid.
+ [% IF Param("usebugaliases") %]
+ It is neither a bug number nor an alias to a bug number.
+ [% END %]
+ If you are trying to use QuickSearch, you need to enable JavaScript
+ in your browser. To help us fix this limitation, add your comments to
+ bug 70907.
+
[% ELSIF error == "invalid_content_type" %]
[% title = "Invalid Content-Type" %]
The content type [% contenttype FILTER html %] is invalid.
@@ -204,10 +245,6 @@
is either application, audio, image, message, model, multipart,
text, or video.
- [% ELSIF error == "invalid_bug_id" %]
- [% title = "Invalid Bug ID" %]
- The bug id [% bug_id FILTER html %] is invalid.
-
[% ELSIF error == "invalid_product_name" %]
[% title = "Invalid Product Name" %]
The product name '[% product FILTER html %]' is invalid or does not exist.
@@ -217,6 +254,10 @@
The name [% name FILTER html %] is not a valid username.
Either you misspelled it, or the person has not
registered for a Bugzilla account.
+
+ [% ELSIF error == "invalid_username_or_password" %]
+ [% title = "Invalid Username Or Password" %]
+ The username or password you entered is not valid.
[% ELSIF error == "milestone_required" %]
[% title = "Milestone Required" %]
@@ -240,11 +281,22 @@
either auto-detect, select from list, or enter
manually.
+ [% ELSIF error == "missing_cookie" %]
+ [% title = "Missing Cookie" %]
+ Sorry, I seem to have lost the cookie that recorded
+ the results of your last search. I'm afraid you will have to start
+ again on the search page.
+
[% ELSIF error == "missing_email_type" %]
[% title = "Your Query Makes No Sense" %]
You must specify one or more fields in which to search for
[% email %].
+ [% ELSIF error == "missing_query" %]
+ [% title = "Missing Query" %]
+ The query named [% queryname FILTER html %] seems to no longer
+ exist.
+
[% ELSIF error == "need_component" %]
[% title = "Component Required" %]
You must specify a component to help determine the new owner of these bugs.
@@ -292,6 +344,10 @@
Patches cannot be more than [% Param('maxpatchsize') %] KB in size.
Try breaking your patch into several pieces.
+ [% ELSIF error == "query_name_missing" %]
+ [% title = "No Query Name Specified" %]
+ You must enter a name for your query.
+
[% ELSIF error == "reassign_to_empty" %]
[% title = "Illegal Reassignment" %]
You cannot reassign to a bug to nobody. Unless you
--
cgit v1.2.3-24-g4f1b