From 93815fc7619567cc962e053280c5ed0b19492feb Mon Sep 17 00:00:00 2001
From: "lpsolit%gmail.com" <>
Date: Sun, 15 Oct 2006 05:02:09 +0000
Subject: Bug 281181: [SECURITY] It's way too easy to delete
 versions/components/milestones etc... - Patch by Frédéric Buclin
 <LpSolit@gmail.com> r=mkanat a=myk
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 editfields.cgi | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

(limited to 'editfields.cgi')

diff --git a/editfields.cgi b/editfields.cgi
index 67b72e98d..a77aafe77 100644
--- a/editfields.cgi
+++ b/editfields.cgi
@@ -23,6 +23,7 @@ use Bugzilla::Constants;
 use Bugzilla::Error;
 use Bugzilla::Util;
 use Bugzilla::Field;
+use Bugzilla::Token;
 
 my $cgi = Bugzilla->cgi;
 my $template = Bugzilla->template;
@@ -36,6 +37,7 @@ $user->in_group('admin')
                                      object => 'custom_fields'});
 
 my $action = trim($cgi->param('action') || '');
+my $token  = $cgi->param('token');
 
 print $cgi->header();
 
@@ -46,10 +48,13 @@ if (!$action) {
 }
 # Interface to add a new custom field.
 elsif ($action eq 'add') {
+    $vars->{'token'} = issue_session_token('add_field');
+
     $template->process('admin/custom_fields/create.html.tmpl', $vars)
         || ThrowTemplateError($template->error());
 }
 elsif ($action eq 'new') {
+    check_token_data($token, 'add_field');
     my $name = clean_text($cgi->param('name') || '');
     my $desc = clean_text($cgi->param('desc') || '');
     my $type = trim($cgi->param('type') || FIELD_TYPE_FREETEXT);
@@ -93,6 +98,7 @@ elsif ($action eq 'new') {
     $vars->{'is_obsolete'} = $cgi->param('obsolete') ? 1 : 0;
 
     Bugzilla::Field::create_or_update($vars);
+    delete_token($token);
 
     $vars->{'message'} = 'custom_field_created';
 
@@ -109,11 +115,13 @@ elsif ($action eq 'edit') {
     $field || ThrowUserError('customfield_nonexistent', {'name' => $name});
 
     $vars->{'field'} = $field;
+    $vars->{'token'} = issue_session_token('edit_field');
 
     $template->process('admin/custom_fields/edit.html.tmpl', $vars)
         || ThrowTemplateError($template->error());
 }
 elsif ($action eq 'update') {
+    check_token_data($token, 'edit_field');
     my $name = $cgi->param('name');
     my $desc = clean_text($cgi->param('desc') || '');
     my $sortkey = $cgi->param('sortkey') || 0;
@@ -144,18 +152,13 @@ elsif ($action eq 'update') {
     $vars->{'is_obsolete'} = $cgi->param('obsolete') ? 1 : 0;
 
     Bugzilla::Field::create_or_update($vars);
+    delete_token($token);
 
     $vars->{'message'} = 'custom_field_updated';
 
     $template->process('admin/custom_fields/list.html.tmpl', $vars)
         || ThrowTemplateError($template->error());
 }
-elsif ($action eq 'del') {
-    die "not yet implemented...\n";
-}
-elsif ($action eq 'delete') {
-    die "not yet implemented...\n";
-}
 else {
     ThrowUserError('no_valid_action', {'field' => 'custom_field'});
 }
-- 
cgit v1.2.3-24-g4f1b