From 46c9fb479d36e0a0b3fcbc447d7483ec09666d43 Mon Sep 17 00:00:00 2001
From: "myk%mozilla.org" <>
Date: Thu, 4 Jul 2002 06:07:09 +0000
Subject: Fix for bug 99203: Implements bug aliases feature. r=bbaetz,jouni
---
CGI.pl | 55 +++++++++++++++++++++++++++++++++++++++++++++----------
1 file changed, 45 insertions(+), 10 deletions(-)
(limited to 'CGI.pl')
diff --git a/CGI.pl b/CGI.pl
index 0b9935602..8e8da5871 100644
--- a/CGI.pl
+++ b/CGI.pl
@@ -248,22 +248,55 @@ sub CheckFormFieldDefined (\%$) {
}
}
+sub BugAliasToID {
+ # Queries the database for the bug with a given alias, and returns
+ # the ID of the bug if it exists or the undefined value if it doesn't.
+
+ my ($alias) = @_;
+
+ return undef unless Param("usebugaliases");
+
+ PushGlobalSQLState();
+ SendSQL("SELECT bug_id FROM bugs WHERE alias = " . SqlQuote($alias));
+ my $id = FetchOneColumn();
+ PopGlobalSQLState();
+
+ return $id;
+}
+
sub ValidateBugID {
# Validates and verifies a bug ID, making sure the number is a
# positive integer, that it represents an existing bug in the
# database, and that the user is authorized to access that bug.
# We detaint the number here, too
- $_[0] = trim($_[0]); # Allow whitespace arround the number
- detaint_natural($_[0])
- || DisplayError("The bug number is invalid. If you are trying to use " .
- "QuickSearch, you need to enable JavaScript in your " .
- "browser. To help us fix this limitation, look " .
- "here.")
- && exit;
-
- my ($id) = @_;
-
+ my ($id, $skip_authorization) = @_;
+
+ # Get rid of white-space around the ID.
+ $id = trim($id);
+
+ # If the ID isn't a number, it might be an alias, so try to convert it.
+ if ($id !~ /^[1-9][0-9]*$/) {
+ $id = BugAliasToID($id);
+ if (!$id) {
+ my $html_id = html_quote($_[0]);
+ my $alias_specific_message = Param("usebugaliases") ?
+ " (it is neither a bug number nor an alias to a bug number)" : "";
+ DisplayError(qq|
+ The bug number $html_id is invalid$alias_specific_message.
+ If you are trying to use QuickSearch, you need to enable JavaScript
+ in your browser. To help us fix this limitation, add your comments
+ to bug
+ 70907.
+ |);
+ exit;
+ }
+ }
+
+ # Modify the calling code's original variable to contain the trimmed,
+ # converted-from-alias ID.
+ $_[0] = $id;
+
# Get the values of the usergroupset and userid global variables
# and write them to local variables for use within this function,
# setting those local variables to the default value of zero if
@@ -276,6 +309,8 @@ sub ValidateBugID {
|| DisplayError("Bug #$id does not exist.")
&& exit;
+ return if $skip_authorization;
+
return if CanSeeBug($id, $::userid, $::usergroupset);
# The user did not pass any of the authorization tests, which means they
--
cgit v1.2.3-24-g4f1b