From 8a9666557189baca9f404da532f17359b419621e Mon Sep 17 00:00:00 2001
From: "gerv%gerv.net" <>
Date: Sun, 29 Sep 2002 04:44:24 +0000
Subject: Bug 163114 - Templatise all calls to DisplayError. Patch B. Patch by
gerv; r=burnus.
---
CGI.pl | 37 +++++++------------------------------
1 file changed, 7 insertions(+), 30 deletions(-)
(limited to 'CGI.pl')
diff --git a/CGI.pl b/CGI.pl
index d6c040978..5360d155f 100644
--- a/CGI.pl
+++ b/CGI.pl
@@ -270,19 +270,7 @@ sub ValidateBugID {
my $alias = $id;
if (!detaint_natural($id)) {
$id = BugAliasToID($alias);
- if (!$id) {
- my $html_id = html_quote($_[0]);
- my $alias_specific_message = Param("usebugaliases") ?
- " (it is neither a bug number nor an alias to a bug number)" : "";
- DisplayError(qq|
- The bug number $html_id is invalid$alias_specific_message.
- If you are trying to use QuickSearch, you need to enable JavaScript
- in your browser. To help us fix this limitation, add your comments
- to bug
- 70907.
- |);
- exit;
- }
+ $id || ThrowUserError("invalid_bug_id_or_alias", {'bug_id' => $id});
}
# Modify the calling code's original variable to contain the trimmed,
@@ -293,8 +281,7 @@ sub ValidateBugID {
SendSQL("SELECT bug_id FROM bugs WHERE bug_id = $id");
FetchOneColumn()
- || DisplayError("Bug #$id does not exist.")
- && exit;
+ || ThrowUserError("invalid_bug_id_non_existent", {'bug_id' => $id});
return if $skip_authorization;
@@ -305,16 +292,10 @@ sub ValidateBugID {
# The error the user sees depends on whether or not they are logged in
# (i.e. $::userid contains the user's positive integer ID).
if ($::userid) {
- DisplayError("You are not authorized to access bug #$id.");
+ ThrowUserError("bug_access_denied", {'bug_id' => $id});
} else {
- DisplayError(
- qq|You are not authorized to access bug #$id. To see this bug, you
- must first log in
- to an account with the appropriate permissions.|
- );
+ ThrowUserError("bug_access_query", {'bug_id' => $id});
}
- exit;
-
}
sub ValidateComment {
@@ -323,8 +304,7 @@ sub ValidateComment {
my ($comment) = @_;
if (defined($comment) && length($comment) > 65535) {
- DisplayError("Comments cannot be longer than 65,535 characters.");
- exit;
+ ThrowUserError("comment_too_long");
}
}
@@ -573,9 +553,7 @@ sub confirm_login {
# Make sure the user exists or throw an error (but do not admit it was a username
# error to make it harder for a cracker to find account names by brute force).
- $userid
- || DisplayError("The username or password you entered is not valid.")
- && exit;
+ $userid || ThrowUserError("invalid_username_or_password");
# If this is a new user, generate a password, insert a record
# into the database, and email their password to them.
@@ -605,8 +583,7 @@ sub confirm_login {
# Make sure the passwords match or throw an error.
($enteredCryptedPassword eq $realcryptpwd)
- || DisplayError("The username or password you entered is not valid.")
- && exit;
+ || ThrowUserError("invalid_username_or_password");
# If the user has successfully logged in, delete any password tokens
# lying around in the system for them.
--
cgit v1.2.3-24-g4f1b