From 9a80c1fffa48ef6d9301ba64a9bd02b4d5448dc2 Mon Sep 17 00:00:00 2001
From: Reed Loden <reed@reedloden.com>
Date: Mon, 1 Feb 2010 13:27:08 -0800
Subject: Bug 434801: [SECURITY] .htaccess doesn't prevent reading
 old-params.txt from the web Patch by Reed Loden <reed@reedloden.com> r=mkanat
 a=LpSolit

---
 Bugzilla/Config.pm | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

(limited to 'Bugzilla/Config.pm')

diff --git a/Bugzilla/Config.pm b/Bugzilla/Config.pm
index 0361592bf..a7184866f 100644
--- a/Bugzilla/Config.pm
+++ b/Bugzilla/Config.pm
@@ -221,7 +221,7 @@ sub update_params {
     # --- REMOVE OLD PARAMS ---
 
     my %oldparams;
-    # Remove any old params, put them in old-params.txt
+    # Remove any old params
     foreach my $item (keys %$param) {
         if (!grep($_ eq $item, map ($_->{'name'}, @param_list))) {
             $oldparams{$item} = $param->{$item};
@@ -229,13 +229,16 @@ sub update_params {
         }
     }
 
+    # Write any old parameters to old-params.txt
+    my $datadir = bz_locations()->{'datadir'};
+    my $old_param_file = "$datadir/old-params.txt";
     if (scalar(keys %oldparams)) {
-        my $op_file = new IO::File('old-params.txt', '>>', 0600)
-          || die "old-params.txt: $!";
+        my $op_file = new IO::File($old_param_file, '>>', 0600)
+          || die "Couldn't create $old_param_file: $!";
 
         print "The following parameters are no longer used in Bugzilla,",
               " and so have been\nmoved from your parameters file into",
-              " old-params.txt:\n";
+              " $old_param_file:\n";
 
         local $Data::Dumper::Terse  = 1;
         local $Data::Dumper::Indent = 0;
-- 
cgit v1.2.3-24-g4f1b