From c2f38f17cfa3aad8a13ee6eb02944b52d9e79037 Mon Sep 17 00:00:00 2001 From: "olav%bkor.dhs.org" <> Date: Fri, 20 Oct 2006 23:56:25 +0000 Subject: Bug 357005: 'cf_' should not be allowed as a custom field name Patch by Olav Vitters r=LpSolit a=myk --- editfields.cgi | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'editfields.cgi') diff --git a/editfields.cgi b/editfields.cgi index a77aafe77..f7a059016 100644 --- a/editfields.cgi +++ b/editfields.cgi @@ -63,8 +63,8 @@ elsif ($action eq 'new') { # Validate these fields. $name || ThrowUserError('customfield_missing_name'); # Don't want to allow a name that might mess up SQL. - $name =~ /^\w+$/ || ThrowUserError('customfield_invalid_name', - { name => $name }); + $name =~ /^\w+$/ && $name ne "cf_" + || ThrowUserError('customfield_invalid_name', { name => $name }); # Prepend cf_ to the custom field name to distinguish it from standard fields. if ($name !~ /^cf_/) { $name = 'cf_' . $name; -- cgit v1.2.3-24-g4f1b