# The user asked us to auto-detect the content type, so use the type
# specified in the HTTP request headers.
$content_type =
- $cgi->uploadInfo($cgi->param('data'))->{'Content-Type'};
+ $cgi->uploadInfo(scalar $cgi->param('data'))->{'Content-Type'};
$content_type || ThrowUserError("missing_content_type");
# Internet Explorer sends image/x-png for PNG images,
use Bugzilla::Util;
use Bugzilla::Hook;
use Bugzilla::Search::Recent;
+use Bugzilla::Install::Util qw(i_am_persistent);
use File::Basename;
# We don't precompile any functions here, that's done specially in
# mod_perl code.
- $invocant->_setup_symbols(qw(:no_xhtml :oldstyle_urls :private_tempfiles
- :unique_headers));
+ $invocant->_setup_symbols(qw(:no_xhtml :oldstyle_urls :unique_headers :utf8));
}
BEGIN { __PACKAGE__->_init_bz_cgi_globals() if i_am_cgi(); }
my ($invocant, @args) = @_;
my $class = ref($invocant) || $invocant;
- # Under mod_perl, CGI's global variables get reset on each request,
- # so we need to set them up again every time.
- $class->_init_bz_cgi_globals() if $ENV{MOD_PERL};
+ $class->_init_bz_cgi_globals() if i_am_persistent();
my $self = $class->SUPER::new(@args);
# Path-Info is of no use for Bugzilla and interacts badly with IIS.
# Moreover, it causes unexpected behaviors, such as totally breaking
# the rendering of pages.
- if (my $path_info = $self->path_info) {
+ if ($self->script_name && $self->path_info) {
my @whitelist = ("rest.cgi");
Bugzilla::Hook::process('path_info_whitelist', { whitelist => \@whitelist });
if (!grep($_ eq $script, @whitelist)) {
- # IIS includes the full path to the script in PATH_INFO,
- # so we have to extract the real PATH_INFO from it,
- # else we will be redirected outside Bugzilla.
- my $script_name = $self->script_name;
- $path_info =~ s/^\Q$script_name\E//;
- if ($script_name && $path_info) {
- print $self->redirect($self->url(-path => 0, -query => 1));
- }
+ print $self->redirect($self->url(-path => 0, -query => 1));
}
}
# Reconstruct the URL by concatenating the sorted param=value pairs
my @parameters;
- foreach my $key (sort($self->param())) {
+ foreach my $key (sort($self->multi_param())) {
# Leave this key out if it's in the exclude list
next if grep { $_ eq $key } @exclude;
my $esc_key = url_quote($key);
- foreach my $value ($self->param($key)) {
+ foreach my $value ($self->multi_param($key)) {
# Omit params with an empty value
if (defined($value) && $value ne '') {
my $esc_value = url_quote($value);
sub clean_search_url {
my $self = shift;
# Delete any empty URL parameter.
- my @cgi_params = $self->param;
+ my @cgi_params = $self->multi_param();
foreach my $param (@cgi_params) {
if (defined $self->param($param) && $self->param($param) eq '') {
# Have to add the cookies in.
sub multipart_start {
my $self = shift;
-
- my %args = @_;
-
- # CGI.pm::multipart_start doesn't honour its own charset information, so
- # we do it ourselves here
- if (defined $self->charset() && defined $args{-type}) {
- # Remove any existing charset specifier
- $args{-type} =~ s/;.*$//;
- # and add the specified one
- $args{-type} .= '; charset=' . $self->charset();
- }
-
- my $headers = $self->SUPER::multipart_start(%args);
+ # We have to explicitly pass the charset.
+ my $headers = $self->SUPER::multipart_start(@_, -charset => $self->charset());
# Eliminate the one extra CRLF at the end.
$headers =~ s/$CGI::CRLF$//;
# Add the cookies. We have to do it this way instead of
- # passing them to multpart_start, because CGI.pm's multipart_start
+ # passing them to multipart_start, because CGI.pm's multipart_start
# doesn't understand a '-cookie' argument pointing to an arrayref.
foreach my $cookie (@{$self->{Bugzilla_cookie_list}}) {
$headers .= "Set-Cookie: ${cookie}${CGI::CRLF}";
sub param {
my $self = shift;
- local $CGI::LIST_CONTEXT_WARN = 0;
+
+ my @caller = caller(0);
+ if (wantarray && $caller[0] ne 'CGI') {
+ warn 'Illegal call to $cgi->param in list context from ' . $caller[0];
+ }
# When we are just requesting the value of a parameter...
if (scalar(@_) == 1) {
- my @result = $self->SUPER::param(@_);
+ my @result = $self->SUPER::multi_param(@_);
# Also look at the URL parameters, after we look at the POST
# parameters. This is to allow things like login-form submissions
@result = $self->url_param(@_);
}
- # Fix UTF-8-ness of input parameters.
- @result = map { _fix_utf8($_) } @result;
-
return wantarray ? @result : $result[0];
}
# And for various other functions in CGI.pm, we need to correctly
elsif (!scalar(@_) && $self->request_method
&& $self->request_method eq 'POST')
{
- my @post_params = $self->SUPER::param;
+ my @post_params = $self->SUPER::multi_param();
my @url_params = $self->url_param;
my %params = map { $_ => 1 } (@post_params, @url_params);
return keys %params;
}
- return $self->SUPER::param(@_);
+ return $self->SUPER::multi_param(@_);
}
sub url_param {
return $self->SUPER::url_param(@_);
}
-sub _fix_utf8 {
- my $input = shift;
- # The is_utf8 is here in case CGI gets smart about utf8 someday.
- utf8::decode($input) if defined $input && !ref $input && !utf8::is_utf8($input);
- return $input;
-}
-
sub should_set {
my ($self, $param) = @_;
my $set = (defined $self->param($param)
sub FETCH {
my ($self, $param) = @_;
return $self if $param eq 'CGI'; # CGI.pm did this, so we do too.
- my @result = $self->param($param);
+ my @result = $self->multi_param($param);
return undef if !scalar(@result);
return $result[0] if scalar(@result) == 1;
return \@result;
}
-# For the Vars TIEHASH interface: the normal CGI.pm DELETE doesn't return
-# the value deleted, but Perl's "delete" expects that value.
-sub DELETE {
- my ($self, $param) = @_;
- my $value = $self->FETCH($param);
- $self->delete($param);
- return $value;
-}
-
1;
__END__
# &select0=1&select3=1...
# &cumulate=1&datefrom=2002-02-03&dateto=2002-04-04&ctype=html...
# >=1&labelgt=Grand+Total
- foreach my $param ($cgi->param()) {
+ foreach my $param ($cgi->multi_param()) {
# Store all the lines
if ($param =~ /^line(\d+)$/a) {
- foreach my $series_id ($cgi->param($param)) {
+ foreach my $series_id ($cgi->multi_param($param)) {
detaint_natural($series_id)
|| ThrowCodeError("invalid_series_id");
my $series = new Bugzilla::Series($series_id);
}
# Extract a list of flag type IDs from field names.
- my @flagtype_ids = map(/^flag_type-(\d+)$/a ? $1 : (), $cgi->param());
+ my @flagtype_ids = map { /^flag_type-(\d+)$/a ? $1 : () } $cgi->multi_param();
@flagtype_ids = grep($cgi->param("flag_type-$_") ne 'X', @flagtype_ids);
# Extract a list of existing flag IDs.
- my @flag_ids = map(/^flag-(\d+)$/a ? $1 : (), $cgi->param());
+ my @flag_ids = map { /^flag-(\d+)$/a ? $1 : () } $cgi->multi_param();
return ([], []) unless (scalar(@flagtype_ids) || scalar(@flag_ids));
# (i.e. they want more than one person to set the flag) we can reuse
# the existing flag for the first person (who may well be the existing
# requestee), but we have to create new flags for each additional requestee.
- my @requestees = $cgi->param("requestee-$flag_id");
+ my @requestees = $cgi->multi_param("requestee-$flag_id");
my $requestee_email;
if ($status eq "?"
&& scalar(@requestees) > 1
my $status = $cgi->param("flag_type-$type_id");
trick_taint($status);
- my @logins = $cgi->param("requestee_type-$type_id");
+ my @logins = $cgi->multi_param("requestee_type-$type_id");
if ($status eq "?" && scalar(@logins)) {
foreach my $login (@logins) {
push (@new_flags, { type_id => $type_id,
}
# Extract a list of flag type IDs from field names.
- my @flagtype_ids = map(/^flag_type-(\d+)$/a ? $1 : (), $cgi->param());
+ my @flagtype_ids = map { /^flag_type-(\d+)$/a ? $1 : () } $cgi->multi_param();
my (@new_flags, @flags);
my $status = $cgi->param("flag_type-$type_id");
trick_taint($status);
- my @logins = $cgi->param("requestee_type-$type_id");
+ my @logins = $cgi->multi_param("requestee_type-$type_id");
if ($status eq "?" && scalar(@logins)) {
foreach my $login (@logins) {
if ($update) {
}
# Make sure we have some query terms left
- scalar($cgi->param())>0 || ThrowUserError("buglist_parameters_required");
+ scalar $cgi->multi_param() or ThrowUserError("buglist_parameters_required");
}
# List of quicksearch-specific CGI parameters to get rid of.
my ($self) = @_;
return $self->{edit_link} if defined $self->{edit_link};
my $cgi = new Bugzilla::CGI($self->url);
- if (!$cgi->param('query_type')
- || !IsValidQueryType($cgi->param('query_type')))
+ if (!$cgi->param('query_format')
+ || !IsValidQueryType(scalar $cgi->param('query_format')))
{
- $cgi->param('query_type', 'advanced');
+ $cgi->param('query_format', 'advanced');
}
$self->{edit_link} = $cgi->canonicalise_query;
return $self->{edit_link};
# If an sudo session is in progress, this is the user we're faking
'user' => sub { return Bugzilla->user; },
+ # TT directives are evaluated in list context, conflicting
+ # with CGI checks about using $cgi->param() in list context.
+ 'cgi_param' => sub { return scalar Bugzilla->cgi->param($_[0]) },
+
# Currenly active language
'current_language' => sub { return Bugzilla->current_language; },
# PREREQ_PM
my %requires = (
- 'CGI' => '3.51',
+ 'CGI' => '4.09',
'DBI' => '1.614',
'Date::Format' => '2.23',
'DateTime' => '0.75',
# Bug 111522: allow overriding content-type manually in the posted form
# params.
- if (defined $cgi->param('content_type')) {
- $contenttype = $attachment->_check_content_type($cgi->param('content_type'));
+ if (my $content_type = $cgi->param('content_type')) {
+ $contenttype = $attachment->_check_content_type($content_type);
}
# Return the appropriate HTTP response headers.
my ($timestamp) = $dbh->selectrow_array("SELECT NOW()");
# Detect if the user already used the same form to submit an attachment
- my $token = trim($cgi->param('token'));
+ my $token = trim(scalar $cgi->param('token'));
check_token_data($token, 'create_attachment', 'index.cgi');
# Check attachments the user tries to mark as obsolete.
my @obsolete_attachments;
if ($cgi->param('obsolete')) {
- my @obsolete = $cgi->param('obsolete');
+ my @obsolete = $cgi->multi_param('obsolete');
@obsolete_attachments = Bugzilla::Attachment->validate_obsolete($bug, \@obsolete);
}
$attachment->datasize || ThrowUserError('attachment_removed');
# We don't want to let a malicious URL accidentally delete an attachment.
- my $token = trim($cgi->param('token'));
+ my $token = trim(scalar $cgi->param('token'));
if ($token) {
my ($creator_id, $date, $event) = Bugzilla::Token::GetTokenData($token);
unless ($creator_id
# and order by, since relevance only exists when doing a fulltext search.
my $fulltext = 0;
if ($cgi->param('content')) { $fulltext = 1 }
-my @charts = map(/^field(\d-\d-\d)$/ ? $1 : (), $cgi->param());
+my @charts = map { /^field(\d-\d-\d)$/ ? $1 : () } $cgi->multi_param();
foreach my $chart (@charts) {
if ($cgi->param("field$chart") eq 'content' && $cgi->param("value$chart")) {
$fulltext = 1;
$one_product = Bugzilla::Product->new({ name => $products[0], cache => 1 });
}
# This is used in the "Zarroo Boogs" case.
-elsif (my @product_input = $cgi->param('product')) {
+elsif (my @product_input = $cgi->multi_param('product')) {
if (scalar(@product_input) == 1 and $product_input[0] ne '') {
$one_product = Bugzilla::Product->new({ name => $product_input[0], cache => 1 });
}
$vars->{one_component} = $components[0];
}
# This is used in the "Zarroo Boogs" case.
-elsif (my @component_input = $cgi->param('component')) {
+elsif (my @component_input = $cgi->multi_param('component')) {
if (scalar(@component_input) == 1 and $component_input[0] ne '') {
$vars->{one_component}= $cgi->param('component');
}
$template->process($format->{'template'}, $vars)
|| ThrowTemplateError($template->error());
-
################################################################################
# Script Conclusion
################################################################################
}
# Go back to query.cgi if we are adding a boolean chart parameter.
-if (grep(/^cmd-/, $cgi->param())) {
+if (grep(/^cmd-/, $cgi->multi_param())) {
my $params = $cgi->canonicalise_query("format", "ctype", "action");
print $cgi->redirect("query.cgi?format=" . $cgi->param('query_format') .
($params ? "&$params" : ""));
# of the action param, because that value is localization-dependent. So, we
# encode it in the name, as "action-<action>". Some params even contain the
# series_id they apply to (e.g. subscribe, unsubscribe).
-my @actions = grep(/^action-/, $cgi->param());
+my @actions = grep(/^action-/, $cgi->multi_param());
if ($actions[0] && $actions[0] =~ /^action-([^\d]+)(\d*)$/) {
$action = $1;
$series_id = $2 if $2;
# Find any selected series and return either the first or all of them.
sub getAndValidateSeriesIDs {
- my @series_ids = grep(/^\d+$/, $cgi->param("name"));
+ my @series_ids = grep(/^\d+$/, $cgi->multi_param("name"));
return wantarray ? @series_ids : $series_ids[0];
}
# Return a list of IDs of all the lines selected in the UI.
sub getSelectedLines {
- my @ids = map { /^select(\d+)$/a ? $1 : () } $cgi->param();
+ my @ids = map { /^select(\d+)$/a ? $1 : () } $cgi->multi_param();
return @ids;
}
$vars->{'columns'} = $columns;
my @collist;
-if (defined $cgi->param('rememberedquery')) {
+if (my $rememberedquery = $cgi->param('rememberedquery')) {
my $search;
- if (defined $cgi->param('saved_search')) {
- $search = new Bugzilla::Search::Saved($cgi->param('saved_search'));
+ if (my $saved_search = $cgi->param('saved_search')) {
+ $search = new Bugzilla::Search::Saved($saved_search);
}
my $token = $cgi->param('token');
} else {
if (defined $cgi->param("selected_columns")) {
@collist = grep { exists $columns->{$_} }
- $cgi->param("selected_columns");
+ $cgi->multi_param("selected_columns");
}
if (defined $cgi->param('splitheader')) {
$splitheader = $cgi->param('splitheader')? 1: 0;
$search->update();
}
- my $params = new Bugzilla::CGI($cgi->param('rememberedquery'));
+ utf8::decode($rememberedquery);
+ my $params = new Bugzilla::CGI($rememberedquery);
$params->param('columnlist', join(",", @collist));
$vars->{'redirect_url'} = "buglist.cgi?".$params->query_string();
# Include a list of product objects.
if ($cgi->param('product')) {
- my @products = $cgi->param('product');
+ my @products = $cgi->multi_param('product');
foreach my $product_name (@products) {
# We don't use check() because config.cgi outputs mostly
# in XML and JS and we don't want to display an HTML error
$reverse = 0;
}
}
-my @query_products = $cgi->param('product');
+my @query_products = $cgi->multi_param('product');
my $sortvisible = formvalue("sortvisible");
my @bugs;
if ($sortvisible) {
if (defined $cgi->param('add_products')) {
check_token_data($token, 'reclassify_classifications');
if (defined $cgi->param('prodlist')) {
- foreach my $prod ($cgi->param("prodlist")) {
+ foreach my $prod ($cgi->multi_param("prodlist")) {
trick_taint($prod);
$sth->execute($classification->id, $prod);
push @names, $prod;
} elsif (defined $cgi->param('remove_products')) {
check_token_data($token, 'reclassify_classifications');
if (defined $cgi->param('myprodlist')) {
- foreach my $prod ($cgi->param("myprodlist")) {
+ foreach my $prod ($cgi->multi_param('myprodlist')) {
trick_taint($prod);
$sth->execute(1, $prod);
push @names, $prod;
my $default_assignee = trim($cgi->param('initialowner') || '');
my $default_qa_contact = trim($cgi->param('initialqacontact') || '');
my $description = trim($cgi->param('description') || '');
- my @initial_cc = $cgi->param('initialcc');
+ my @initial_cc = $cgi->multi_param('initialcc');
my $isactive = $cgi->param('isactive');
my $component = Bugzilla::Component->create({
my $default_assignee = trim($cgi->param('initialowner') || '');
my $default_qa_contact = trim($cgi->param('initialqacontact') || '');
my $description = trim($cgi->param('description') || '');
- my @initial_cc = $cgi->param('initialcc');
+ my @initial_cc = $cgi->multi_param('initialcc');
my $isactive = $cgi->param('isactive');
my $component =
custom => 1,
buglist => 1,
visibility_field_id => scalar $cgi->param('visibility_field_id'),
- visibility_values => [ $cgi->param('visibility_values') ],
+ visibility_values => [ $cgi->multi_param('visibility_values') ],
value_field_id => scalar $cgi->param('value_field_id'),
reverse_desc => scalar $cgi->param('reverse_desc'),
is_mandatory => scalar $cgi->param('is_mandatory'),
my $field = new Bugzilla::Field({'name' => $name});
$field || ThrowUserError('customfield_nonexistent', {'name' => $name});
- $field->set_description($cgi->param('desc'));
- $field->set_long_desc($cgi->param('long_desc'));
- $field->set_sortkey($cgi->param('sortkey'));
- $field->set_in_new_bugmail($cgi->param('new_bugmail'));
- $field->set_enter_bug($cgi->param('enter_bug'));
- $field->set_obsolete($cgi->param('obsolete'));
- $field->set_is_mandatory($cgi->param('is_mandatory'));
- $field->set_visibility_field($cgi->param('visibility_field_id'));
- $field->set_visibility_values([ $cgi->param('visibility_values') ]);
- $field->set_value_field($cgi->param('value_field_id'));
- $field->set_reverse_desc($cgi->param('reverse_desc'));
+ $field->set_description(scalar $cgi->param('desc'));
+ $field->set_long_desc(scalar $cgi->param('long_desc'));
+ $field->set_sortkey(scalar $cgi->param('sortkey'));
+ $field->set_in_new_bugmail(scalar $cgi->param('new_bugmail'));
+ $field->set_enter_bug(scalar $cgi->param('enter_bug'));
+ $field->set_obsolete(scalar $cgi->param('obsolete'));
+ $field->set_is_mandatory(scalar $cgi->param('is_mandatory'));
+ $field->set_visibility_field(scalar $cgi->param('visibility_field_id'));
+ $field->set_visibility_values([ $cgi->multi_param('visibility_values') ]);
+ $field->set_value_field(scalar $cgi->param('value_field_id'));
+ $field->set_reverse_desc(scalar $cgi->param('reverse_desc'));
$field->update();
delete_token($token);
}
# If 'categoryAction' is set, it has priority over 'action'.
-if (my ($category_action) = grep { $_ =~ /^categoryAction-(?:\w+)$/ } $cgi->param()) {
+if (my ($category_action) = grep { $_ =~ /^categoryAction-(?:\w+)$/ } $cgi->multi_param()) {
$category_action =~ s/^categoryAction-//;
- my @inclusions = $cgi->param('inclusions');
- my @exclusions = $cgi->param('exclusions');
+ my @inclusions = $cgi->multi_param('inclusions');
+ my @exclusions = $cgi->multi_param('exclusions');
my @categories;
if ($category_action =~ /^(in|ex)clude$/) {
if (!$user->in_group('editcomponents') && !$product) {
}
}
elsif ($category_action eq 'removeInclusion') {
- my @inclusion_to_remove = $cgi->param('inclusion_to_remove');
+ my @inclusion_to_remove = $cgi->multi_param('inclusion_to_remove');
foreach my $remove (@inclusion_to_remove) {
@inclusions = grep { $_ ne $remove } @inclusions;
}
}
elsif ($category_action eq 'removeExclusion') {
- my @exclusion_to_remove = $cgi->param('exclusion_to_remove');
+ my @exclusion_to_remove = $cgi->multi_param('exclusion_to_remove');
foreach my $remove (@exclusion_to_remove) {
@exclusions = grep { $_ ne $remove } @exclusions;
}
my $is_multiplicable = $cgi->param('is_multiplicable');
my $grant_group = $cgi->param('grant_group');
my $request_group = $cgi->param('request_group');
- my @inclusions = $cgi->param('inclusions');
- my @exclusions = $cgi->param('exclusions');
+ my @inclusions = $cgi->multi_param('inclusions');
+ my @exclusions = $cgi->multi_param('exclusions');
# Filter inclusion and exclusion lists to products the user can see.
unless ($user->in_group('editcomponents')) {
my $is_multiplicable = $cgi->param('is_multiplicable');
my $grant_group = $cgi->param('grant_group');
my $request_group = $cgi->param('request_group');
- my @inclusions = $cgi->param('inclusions');
- my @exclusions = $cgi->param('exclusions');
+ my @inclusions = $cgi->multi_param('inclusions');
+ my @exclusions = $cgi->multi_param('exclusions');
my ($flagtype, $can_fully_edit) = $user->check_can_admin_flagtype($flag_id);
if ($cgi->param('check_clusions') && !$user->in_group('editcomponents')) {
if ($action eq 'changeform') {
# Check that an existing group ID is given
- my $group_id = CheckGroupID($cgi->param('group'));
+ my $group_id = CheckGroupID(scalar $cgi->param('group'));
my $group = new Bugzilla::Group($group_id);
get_current_and_available($group, $vars);
my $changes = doGroupChanges();
delete_token($token);
- my $group = new Bugzilla::Group($cgi->param('group_id'));
+ my $group = new Bugzilla::Group(scalar $cgi->param('group_id'));
get_current_and_available($group, $vars);
$vars->{'message'} = 'group_updated';
$vars->{'group'} = $group;
}
if ($action eq 'confirm_remove') {
- my $group = new Bugzilla::Group(CheckGroupID($cgi->param('group_id')));
+ my $group = new Bugzilla::Group(CheckGroupID(scalar $cgi->param('group_id')));
$vars->{'group'} = $group;
- $vars->{'regexp'} = CheckGroupRegexp($cgi->param('regexp'));
+ $vars->{'regexp'} = CheckGroupRegexp(scalar $cgi->param('regexp'));
$vars->{'token'} = issue_session_token('remove_group_members');
$template->process('admin/groups/confirm-remove.html.tmpl', $vars)
# gid = $cgi->param('group') that match the regular expression
# stored in the DB for that group or all of them period
- my $group = new Bugzilla::Group(CheckGroupID($cgi->param('group_id')));
- my $regexp = CheckGroupRegexp($cgi->param('regexp'));
+ my $group = new Bugzilla::Group(CheckGroupID(scalar $cgi->param('group_id')));
+ my $regexp = CheckGroupRegexp(scalar $cgi->param('regexp'));
$dbh->bz_start_transaction();
$dbh->bz_start_transaction();
# Check that the given group ID is valid and make a Group.
- my $group = new Bugzilla::Group(CheckGroupID($cgi->param('group_id')));
+ my $group = new Bugzilla::Group(CheckGroupID(scalar $cgi->param('group_id')));
if (defined $cgi->param('regexp')) {
- $group->set_user_regexp($cgi->param('regexp'));
+ $group->set_user_regexp(scalar $cgi->param('regexp'));
}
if ($group->is_bug_group) {
if (defined $cgi->param('name')) {
- $group->set_name($cgi->param('name'));
+ $group->set_name(scalar $cgi->param('name'));
}
if (defined $cgi->param('desc')) {
- $group->set_description($cgi->param('desc'));
+ $group->set_description(scalar $cgi->param('desc'));
}
# Only set isactive if we came from the right form.
if (defined $cgi->param('regexp')) {
- $group->set_is_active($cgi->param('isactive'));
+ $group->set_is_active(scalar $cgi->param('isactive'));
}
}
if (defined $cgi->param('icon_url')) {
- $group->set_icon_url($cgi->param('icon_url'));
+ $group->set_icon_url(scalar $cgi->param('icon_url'));
}
my $changes = $group->update();
$current = $group->grant_direct($type);
}
- my $add_items = Bugzilla::Group->new_from_list([$cgi->param($field)]);
+ my $add_items = Bugzilla::Group->new_from_list([$cgi->multi_param($field)]);
foreach my $add (@$add_items) {
next if grep($_->id == $add->id, @$current);
sub _do_remove {
my ($group, $changes, $sth_delete, $field, $type, $reverse) = @_;
my $cgi = Bugzilla->cgi;
- my $remove_items = Bugzilla::Group->new_from_list([$cgi->param($field)]);
+ my $remove_items = Bugzilla::Group->new_from_list([$cgi->multi_param($field)]);
foreach my $remove (@$remove_items) {
my @ids = ($remove->id, $group->id);
$dbh->bz_start_transaction();
my $product = Bugzilla::Product->create(\%product_create_params);
- my @initial_cc = $cgi->param('initialcc');
+ my @initial_cc = $cgi->multi_param('initialcc');
my %component_create_params = (
product => $product,
name => trim($cgi->param('component') || ''),
my @now_na = ();
my @now_mandatory = ();
- foreach my $f ($cgi->param()) {
+ foreach my $f ($cgi->multi_param()) {
if ($f =~ /^membercontrol_(\d+)$/a) {
my $id = $1;
if ($cgi->param($f) == CONTROLMAPNA) {
###########################################################################
} elsif ($action eq 'list') {
my $matchvalue = $cgi->param('matchvalue') || '';
- my $matchstr = trim($cgi->param('matchstr'));
+ my $matchstr = trim(scalar $cgi->param('matchstr'));
my $matchtype = $cgi->param('matchtype');
my $grouprestrict = $cgi->param('grouprestrict') || '0';
# 0 = disabled only, 1 = enabled only, 2 = everyone
# is not authorized.
my $changes = {};
if ($editusers) {
- $otherUser->set_login($cgi->param('login'));
- $otherUser->set_name($cgi->param('name'));
- $otherUser->set_password($cgi->param('password'))
+ $otherUser->set_login(scalar $cgi->param('login'));
+ $otherUser->set_name(scalar $cgi->param('name'));
+ $otherUser->set_password(scalar $cgi->param('password'))
if $cgi->param('password');
- $otherUser->set_disabledtext($cgi->param('disabledtext'));
- $otherUser->set_disable_mail($cgi->param('disable_mail'));
- $otherUser->set_extern_id($cgi->param('extern_id'))
- if defined($cgi->param('extern_id'));
+ $otherUser->set_disabledtext(scalar $cgi->param('disabledtext'));
+ $otherUser->set_disable_mail(scalar $cgi->param('disable_mail'));
+ $otherUser->set_extern_id(scalar $cgi->param('extern_id'))
+ if defined $cgi->param('extern_id');
# Update bless groups
my @bless_ids = grep { s/bless_// } keys %{ Bugzilla->cgi->Vars };
}
# At this point, the field must be defined.
-my $field = Bugzilla::Field->check($cgi->param('field'));
+my $field = Bugzilla::Field->check(scalar $cgi->param('field'));
if (!$field->is_select || $field->is_abnormal) {
ThrowUserError('fieldname_invalid', { field => $field });
}
}
# After this, we always have a value
-my $value = Bugzilla::Field::Choice->type($field)->check($cgi->param('value'));
+my $value = Bugzilla::Field::Choice->type($field)->check(scalar $cgi->param('value'));
$vars->{'value'} = $value;
#
}
else {
# check the subject, body and mailifnobugs for changes
- my $subject = ($cgi->param("event_${eventid}_subject") or '');
- my $body = ($cgi->param("event_${eventid}_body") or '');
+ my $subject = $cgi->param("event_${eventid}_subject") // '';
+ my $body = $cgi->param("event_${eventid}_body") // '';
my $mailifnobugs = $cgi->param("event_${eventid}_mailifnobugs") ? 1 : 0;
trick_taint($subject) if $subject;
my $cf_value = $cgi->param($cf_name);
if (defined $cf_value) {
if ($field->type == FIELD_TYPE_MULTI_SELECT) {
- $cf_value = [$cgi->param($cf_name)];
+ $cf_value = [$cgi->multi_param($cf_name)];
}
$default{$cf_name} = $vars->{$cf_name} = $cf_value;
}
$vars->{'estimated_time'} = formvalue('estimated_time');
$vars->{'see_also'} = formvalue('see_also');
- $vars->{'cc'} = join(', ', $cgi->param('cc'));
+ $vars->{'cc'} = join(', ', $cgi->multi_param('cc'));
$vars->{'comment'} = formvalue('comment');
$vars->{'comment_is_private'} = formvalue('comment_is_private');
$default{'bug_status'} = Bugzilla::Bug->default_bug_status(@statuses);
}
-my @groups = $cgi->param('groups');
+my @groups = $cgi->multi_param('groups');
if ($cloned_bug) {
my @clone_groups = map { $_->name } @{ $cloned_bug->groups_in };
# It doesn't matter if there are duplicate names, since all we check
}
# Detect if the user already used the same form to submit a bug
-my $token = trim($cgi->param('token'));
+my $token = trim(scalar $cgi->param('token'));
check_token_data($token, 'create_bug', 'index.cgi');
# do a match on the fields if applicable
}
foreach my $field (qw(cc groups)) {
next if !$cgi->should_set($field);
- $bug_params{$field} = [$cgi->param($field)];
+ $bug_params{$field} = [$cgi->multi_param($field)];
}
$bug_params{'comment'} = $comment;
$bug_params{'is_markdown'} = $cgi->param('use_markdown');
foreach my $field (@multi_selects) {
next if !$cgi->should_set($field->name);
- $bug_params{$field->name} = [$cgi->param($field->name)];
+ $bug_params{$field->name} = [$cgi->multi_param($field->name)];
}
my $attach_text = $cgi->param('attach_text');
if ($data_fh || $attach_text) {
- $cgi->param('isprivate', $cgi->param('comment_is_private'));
+ $cgi->param('isprivate', scalar $cgi->param('comment_is_private'));
# Must be called before create() as it may alter $cgi->param('ispatch').
my $content_type = Bugzilla::Attachment::get_content_type();
$cgi->param('id', $bug->id);
push(@bug_objects, $bug);
} else {
- foreach my $i ($cgi->param()) {
+ foreach my $i ($cgi->multi_param()) {
if ($i =~ /^id_([1-9][0-9]*)/) {
my $id = $1;
push(@bug_objects, Bugzilla::Bug->check_for_edit($id));
# Delete any parameter set to 'dontchange'.
if (defined $cgi->param('dontchange')) {
- foreach my $name ($cgi->param) {
+ foreach my $name ($cgi->multi_param()) {
next if $name eq 'dontchange'; # But don't delete dontchange itself!
# Skip ones we've already deleted (such as "defined_$name").
next if !defined $cgi->param($name);
[split(/[\s]+/, $cgi->param('see_also'))];
}
if (should_set('remove_see_also')) {
- $set_all_fields{'see_also'}->{remove} = [$cgi->param('remove_see_also')];
+ $set_all_fields{'see_also'}->{remove} = [$cgi->multi_param('remove_see_also')];
}
foreach my $dep_field (qw(dependson blocked)) {
if (should_set($dep_field)) {
# remove cc's... otherwise, we came from show_bug and may need to do both.
if (defined $cgi->param('masscc')) {
if ($cgi->param('ccaction') eq 'add') {
- @cc_add = $cgi->param('masscc');
+ @cc_add = $cgi->multi_param('masscc');
} elsif ($cgi->param('ccaction') eq 'remove') {
- @cc_remove = $cgi->param('masscc');
+ @cc_remove = $cgi->multi_param('masscc');
}
} else {
- @cc_add = $cgi->param('newcc');
+ @cc_add = $cgi->multi_param('newcc');
push(@cc_add, $user) if $cgi->param('addselfcc');
# We came from show_bug which uses a select box to determine what cc's
# need to be removed...
if ($cgi->param('removecc') && $cgi->param('cc')) {
- @cc_remove = $cgi->param('cc');
+ @cc_remove = $cgi->multi_param('cc');
}
}
# aliases need to be removed...
my @alias_remove = ();
if ($cgi->param('removealias') && $cgi->param('alias')) {
- @alias_remove = $cgi->param('alias');
+ @alias_remove = $cgi->multi_param('alias');
}
$set_all_fields{alias} = { add => \@alias_add, remove => \@alias_remove };
}
my %is_private;
-foreach my $field (grep(/^defined_isprivate/, $cgi->param())) {
+foreach my $field (grep(/^defined_isprivate/, $cgi->multi_param())) {
if ($field =~ /(\d+)$/a) {
my $comment_id = $1;
$is_private{$comment_id} = $cgi->param("isprivate_$comment_id");
}
$set_all_fields{comment_is_private} = \%is_private;
-my @check_groups = $cgi->param('defined_groups');
-my @set_groups = $cgi->param('groups');
+my @check_groups = $cgi->multi_param('defined_groups');
+my @set_groups = $cgi->multi_param('groups');
my ($removed_groups) = diff_arrays(\@check_groups, \@set_groups);
$set_all_fields{groups} = { add => \@set_groups, remove => $removed_groups };
foreach my $field (@custom_fields) {
my $fname = $field->name;
if (should_set($fname, 1)) {
- $set_all_fields{$fname} = [$cgi->param($fname)];
+ $set_all_fields{$fname} = [$cgi->multi_param($fname)];
}
}
# search or from an old link on the web somewhere) then convert them
# to the new "custom search" format so that the form is populated
# properly.
- my $any_boolean_charts = grep { /^field-?\d+/ } $buf->param();
+ my $any_boolean_charts = grep { /^field-?\d+/ } $buf->multi_param();
if ($any_boolean_charts) {
my $search = new Bugzilla::Search(params => scalar $buf->Vars);
$search->boolean_charts_to_custom_search($buf);
my @skip = qw(format query_format list_id columnlist);
# Iterate over the URL parameters
- foreach my $name ($buf->param()) {
+ foreach my $name ($buf->multi_param()) {
next if grep { $_ eq $name } @skip;
$foundone = 1;
- my @values = $buf->param($name);
+ my @values = $buf->multi_param($name);
# If the name is a single letter followed by numbers, it's part
# of Custom Search. We store these as an array of hashes.
# Did the user actually go trough the 'sudo-prepare' action? Do some
# checks on the token the action should have left.
+ my $token = $cgi->param('token');
my ($token_user, $token_timestamp, $token_data) =
- Bugzilla::Token::GetTokenData($cgi->param('token'));
+ Bugzilla::Token::GetTokenData($token);
unless (defined($token_user)
&& defined($token_data)
&& ($token_user == $user->id)
ThrowUserError('sudo_preparation_required',
{ target_login => $target_login, reason => $reason });
}
- delete_token($cgi->param('token'));
+ delete_token($token);
# Calculate the session expiry time (T + 6 hours)
my $time_string = time2str('%a, %d-%b-%Y %T %Z', time + MAX_SUDO_TOKEN_AGE, 'GMT');
# For future sessions, store the unique ID of the target user
- my $token = Bugzilla::Token::_create_token($user->id, 'sudo', $target_user->id);
+ $token = Bugzilla::Token::_create_token($user->id, 'sudo', $target_user->id);
my %args;
if (Bugzilla->params->{ssl_redirect}) {
my $vars = {};
# Go straight back to query.cgi if we are adding a boolean chart.
-if (grep(/^cmd-/, $cgi->param())) {
+if (grep(/^cmd-/, $cgi->multi_param())) {
my $params = $cgi->canonicalise_query("format", "ctype");
my $location = "query.cgi?format=" . $cgi->param('query_format') .
($params ? "&$params" : "");
my $user = Bugzilla->login(LOGIN_REQUIRED);
check_hash_token($token, ['save_report']);
- my $name = clean_text($cgi->param('name'));
+ my $name = clean_text(scalar $cgi->param('name'));
my $query = $cgi->param('query');
if (my ($report) = grep{ lc($_->name) eq lc($name) } @{$user->reports}) {
my $field = shift;
my $cgi = Bugzilla->cgi;
- return join('&', map {url_quote($field) . '=' . url_quote($_)} $cgi->param($field));
+ return join('&', map {url_quote($field) . '=' . url_quote($_)} $cgi->multi_param($field));
}
}
# Make sure there is something to plot.
- my @datasets = $cgi->param('datasets');
+ my @datasets = $cgi->multi_param('datasets');
scalar(@datasets) || ThrowUserError('missing_datasets');
if (grep { $_ !~ /^[A-Za-z0-9:_-]+$/ } @datasets) {
my $userid = $user->id;
my $vars = {};
- my $status = validateStatus($cgi->param('status'));
- my $form_group = validateGroup($cgi->param('group'));
+ my $status = validateStatus(scalar $cgi->param('status'));
+ my $form_group = validateGroup(scalar $cgi->param('group'));
my $query =
# Select columns describing each flag, the bug/attachment on which
my $do_union = $cgi->param('do_union');
# Filter results by exact email address of requester or requestee.
- if (defined $cgi->param('requester') && $cgi->param('requester') ne "") {
- my $requester = $dbh->quote($cgi->param('requester'));
+ if (my $requester = $cgi->param('requester')) {
+ $requester = $dbh->quote($requester);
trick_taint($requester); # Quoted above
push(@criteria, $dbh->sql_istrcmp('requesters.login_name', $requester));
push(@excluded_columns, 'requester') unless $do_union;
}
- if (defined $cgi->param('requestee') && $cgi->param('requestee') ne "") {
- if ($cgi->param('requestee') ne "-") {
- my $requestee = $dbh->quote($cgi->param('requestee'));
+ if (my $requestee = $cgi->param('requestee')) {
+ if ($requestee ne '-') {
+ $requestee = $dbh->quote($requestee);
trick_taint($requestee); # Quoted above
push(@criteria, $dbh->sql_istrcmp('requestees.login_name', $requestee));
}
# web browser and a parameter is passed to the script.
# XXX - Maybe these two parameters should be deleted once logged in?
$cgi->delete('GoAheadAndLogIn', 'Bugzilla_restrictlogin');
- if (scalar($cgi->param())) {
+ if (scalar $cgi->multi_param()) {
my $token = $cgi->param('token');
check_hash_token($token, ['sanitycheck']);
}
}
}
} else {
- foreach my $id ($cgi->param('id')) {
+ foreach my $id ($cgi->multi_param('id')) {
# Be kind enough and accept URLs of the form: id=1,2,3.
my @ids = split(/,/, $id);
my @check_bugs;
my %displayfields;
if ($cgi->param("field")) {
- @fieldlist = $cgi->param("field");
+ @fieldlist = $cgi->multi_param("field");
}
unless ($user->is_timetracker) {
$displayfields{$_} = 1;
}
-foreach ($cgi->param("excludefield")) {
- $displayfields{$_} = undef;
+foreach ($cgi->multi_param("excludefield")) {
+ $displayfields{$_} = undef;
}
$vars->{'displayfields'} = \%displayfields;
my $do_report = $cgi->param('do_report');
my $inactive = $cgi->param('inactive');
my $do_depends = $cgi->param('do_depends');
-my $ctype = scalar($cgi->param("ctype"));
+my $ctype = $cgi->param('ctype');
my ($start_date, $end_date);
if ($do_report) {
@bugs = @{ $user->visible_bugs(\@bugs) };
}
- $start_date = trim $cgi->param('start_date');
- $end_date = trim $cgi->param('end_date');
+ $start_date = trim(scalar $cgi->param('start_date'));
+ $end_date = trim(scalar $cgi->param('end_date'));
foreach my $date ($start_date, $end_date) {
next unless $date;
use File::Spec;
use Template;
-use Test::More tests => ( scalar(@referenced_files) + 2 * $num_actual_files );
+use Test::More tests => ( scalar(@referenced_files) + 3 * $num_actual_files );
# Capture the TESTOUT from Test::More or Test::Builder for printing errors.
# This will handle verbosity for us automatically.
else {
ok(1, "$path contains no blacklisted constructs");
}
+
+ # Forbid cgi.param(). cgi_param() must be used instead.
+ if ($data =~ /cgi\.param/) {
+ ok(0, "$path calls cgi.param() instead of cgi_param()");
+ }
+ else {
+ ok(1, "$path correctly calls CGI parameters");
+ }
}
}
</h2>
<form id="login_form" name="login" action="[% urlbase FILTER html %][% target FILTER html %]"
- method="POST" [% IF Bugzilla.cgi.param("data") %] enctype="multipart/form-data"[% END %]>
+ method="POST" [% IF cgi_param("data") %] enctype="multipart/form-data"[% END %]>
<table>
<tr>
<th>
# attachment: object; the attachment being changed.
#%]
-[%# The global Bugzilla->cgi object is used to obtain form variable values. %]
-[% USE Bugzilla %]
-[% cgi = Bugzilla.cgi %]
-
[% PROCESS global/header.html.tmpl title = "Mid-air collision!" %]
<h1>Mid-air collision detected!</h1>
[% PROCESS "bug/activity/table.html.tmpl" incomplete_data=0 %]
</p>
-[% IF cgi.param("comment") %]
+[% IF cgi_param("comment") %]
<p>
Your comment was:<br>
<blockquote><pre class="bz_comment_text">
- [% cgi.param("comment") FILTER html %]
+ [% cgi_param("comment") FILTER html %]
</pre></blockquote>
</p>
[% END %]
[% USE Bugzilla %]
[% cgi = Bugzilla.cgi %]
User-Agent: [%+ cgi.user_agent() %]
-Build Identifier: [%+ cgi.param("buildid") %]
+Build Identifier: [%+ cgi_param("buildid") %]
-[%+ cgi.param("comment") IF cgi.param("comment") %]
+[%+ cgi_param("comment") IF cgi_param("comment") %]
-[%+ IF cgi.param("reproducible") != "Choose one..." -%]
-Reproducible: [%+ cgi.param("reproducible") %]
+[%+ IF cgi_param("reproducible") != "Choose one..." -%]
+Reproducible: [%+ cgi_param("reproducible") %]
[% END %]
-[% IF !(cgi.param("reproduce_steps").match('^1\.\s*2\.\s*3\.\s*$') || cgi.param("reproduce_steps").match('^\s*$')) %]
+[% IF !(cgi_param("reproduce_steps").match('^1\.\s*2\.\s*3\.\s*$') || cgi_param("reproduce_steps").match('^\s*$')) %]
Steps to Reproduce:
-[%+ cgi.param("reproduce_steps") %]
+[%+ cgi_param("reproduce_steps") %]
[% END %]
-[% IF cgi.param("actual_results") -%]
+[% IF cgi_param("actual_results") -%]
Actual Results:
-[%+ cgi.param("actual_results") %]
+[%+ cgi_param("actual_results") %]
[% END %]
-[% IF cgi.param("expected_results") %]
+[% IF cgi_param("expected_results") %]
Expected Results:
-[%+ cgi.param("expected_results") %]
+[%+ cgi_param("expected_results") %]
[% END %]
-[%+ cgi.param("additional_info") %]
+[%+ cgi_param("additional_info") %]
# This Source Code Form is "Incompatible With Secondary Licenses", as
# defined by the Mozilla Public License, v. 2.0.
#%]
-[% USE Bugzilla %]
-[% Hook.process("form") %]
+[% Hook.process("form") %]
-[% Bugzilla.cgi.param("comment") %]
+[% cgi_param("comment") %]
# This template has the same interface as create.html.tmpl
#%]
-[% USE Bugzilla %]
-[% cgi = Bugzilla.cgi %]
-
[% PROCESS global/header.html.tmpl
title = "Enter $terms.ABug"
onload = "PutDescription()"
</tr>
[%# Accept URL parameter build ID for non-browser products %]
- [% IF cgi.param("buildid") %]
- [% buildid = cgi.param("buildid") %]
+ [% IF cgi_param("buildid") %]
+ [% buildid = cgi_param("buildid") %]
[% END %]
<tr class="guided_form_field">
# As global/header.html.tmpl.
#%]
-[% USE Bugzilla %]
-
[% PROCESS "bug/show-header.html.tmpl" %]
-[% IF title_tag == "bug_processed" %]
+[% IF title_tag == "bug_processed" %]
[% title = BLOCK %]
- [% IF Bugzilla.cgi.param('id') %]
+ [% IF cgi_param('id') %]
[%+ id FILTER html %]
[% ELSE %]
[% terms.Bugs %]
# bug: Bugzilla::Bug; the bug being changed.
#%]
-[%# The global Bugzilla->cgi object is used to obtain form variable values. %]
-[% USE Bugzilla %]
-[% cgi = Bugzilla.cgi %]
-
[% UNLESS header_done %]
[% PROCESS bug/process/header.html.tmpl %]
[% END %]
</p>
[% END %]
-[% IF cgi.param("comment") %]
+[% IF cgi_param("comment") %]
<p>
Your comment was:<br>
<blockquote><pre class="bz_comment_text">
- [% cgi.param("comment") FILTER html %]
+ [% cgi_param("comment") FILTER html %]
</pre></blockquote>
</p>
[% END %]
[% ", except for the added comment(s)" IF comments.size %].
</form>
</li>
- [% IF cgi.param("comment") %]
+ [% IF cgi_param("comment") %]
<li>
<form method="post" action="process_bug.cgi">
- <input type="hidden" name="id" value="[% cgi.param("id") FILTER html %]">
+ <input type="hidden" name="id" value="[% cgi_param("id") FILTER html %]">
<input type="hidden" name="delta_ts" value="[% bug.delta_ts FILTER html %]">
- <input type="hidden" name="comment" value="[% cgi.param("comment") FILTER html %]">
- <input type="hidden" name="use_markdown" value="[% cgi.param("use_markdown") FILTER html %]">
+ <input type="hidden" name="comment" value="[% cgi_param("comment") FILTER html %]">
+ <input type="hidden" name="use_markdown" value="[% cgi_param("use_markdown") FILTER html %]">
<input type="hidden" name="comment_is_private"
- value="[% cgi.param("comment_is_private") FILTER html %]">
- <input type="hidden" name="token" value="[% cgi.param("token") FILTER html %]">
+ value="[% cgi_param("comment_is_private") FILTER html %]">
+ <input type="hidden" name="token" value="[% cgi_param("token") FILTER html %]">
<input type="submit" id="process_comment" value="Submit only my new comment">
</form>
</li>
# verify_bug_groups: If groups need to be confirmed in addition to fields.
#%]
+[% USE Bugzilla %]
+[% cgi = Bugzilla.cgi %]
+
[% PROCESS global/header.html.tmpl
title = 'Verify New Product Details...'
style_urls = ['skins/standard/buglist.css']
<input type="checkbox" name="defined_groups"
id="defined_group_[% group.group.id FILTER html %]"
value="[% group.group.name FILTER html %]"
- [% IF cgi.param("defined_groups").contains(group.group.name) %] checked="checked"[% END %]
+ [% IF cgi.multi_param("defined_groups").contains(group.group.name) %] checked="checked"[% END %]
onchange="turn_off(this, 'group_[% group.group.id FILTER html %]')">
</td>
<td class="center">
<input type="checkbox" name="groups"
id="group_[% group.group.id FILTER html %]"
value="[% group.group.name FILTER html %]"
- [% IF cgi.param("groups").contains(group.group.name) %] checked="checked"[% END %]
+ [% IF cgi.multi_param("groups").contains(group.group.name) %] checked="checked"[% END %]
onchange="turn_off(this, 'defined_group_[% group.group.id FILTER html %]')">
</td>
<td>
name="groups"
[% ' checked="checked"' IF ((group.membercontrol == constants.CONTROLMAPDEFAULT && user.in_group(group.group.name))
|| (group.othercontrol == constants.CONTROLMAPDEFAULT && !user.in_group(group.group.name))
- || cgi.param("groups").contains(group.group.name)) %]
+ || cgi.multi_param("groups").contains(group.group.name)) %]
value="[% group.group.name FILTER html %]">
<label for="group_[% group.group.id FILTER html %]">
[% group.group.name FILTER html %]: [% group.group.description FILTER html %]
[%# If 'id' is defined, then we are editing a single bug.
# Else we are editing several bugs at once. %]
-[% IF cgi.param('id') AND cgi.param('id').match('^\d+$') %]
- [% id = cgi.param('id') %]
+[% IF cgi_param('id') AND cgi_param('id').match('^\d+$') %]
+ [% id = cgi_param('id') %]
Cancel and Return to [% "$terms.bug $id" FILTER bug_link(id) FILTER none %]
[% ELSE %]
Cancel and Return to <a href="buglist.cgi?regetlastlist=1">the last search results</a>
# defined by the Mozilla Public License, v. 2.0.
#%]
[% PROCESS bug/time.html.tmpl %]
-[% USE Bugzilla %]
-[% cgi = Bugzilla.cgi %]
+
<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
-<!DOCTYPE bugzilla [% IF cgi.param('dtd') %][[% PROCESS pages/bugzilla.dtd.tmpl %]][% ELSE %]SYSTEM "[% urlbase FILTER xml %]page.cgi?id=bugzilla.dtd"[% END %]>
+<!DOCTYPE bugzilla [% IF cgi_param('dtd') %][[% PROCESS pages/bugzilla.dtd.tmpl %]][% ELSE %]SYSTEM "[% urlbase FILTER xml %]page.cgi?id=bugzilla.dtd"[% END %]>
<bugzilla version="[% constants.BUGZILLA_VERSION %]"
urlbase="[% urlbase FILTER xml %]"
[% IF matchsuccess == 1 %]
[% PROCESS global/header.html.tmpl title="Confirm Match" %]
- [% USE Bugzilla %]
-
<form method="post"
[% IF script -%]
action="[% script %]"
[%- END -%]
- [% IF Bugzilla.cgi.param("data") %]
+ [% IF cgi_param("data") %]
enctype="multipart/form-data"
[% END %]
>
[% SET exclude_these = ['Bugzilla_login', 'Bugzilla_password'] %]
[% FOREACH key IN matches.keys %]
- [% exclude_these.push(key) IF Bugzilla.cgi.param(key) == '' %]
+ [% exclude_these.push(key) IF cgi_param(key) == '' %]
[% END %]
[% SET exclude = '^' _ exclude_these.join('|') _ '$' %]
[% PROCESS "global/hidden-fields.html.tmpl" exclude = exclude %]
[% cgi = Bugzilla.cgi %]
[%# Generate hidden form fields for non-excluded fields. %]
-[% FOREACH field = cgi.param() %]
+[% FOREACH field = cgi.multi_param() %]
[% NEXT IF exclude && field.search(exclude) %]
- [%# The '.slice(0)' bit is here to force the 'param(field)' to be evaluated
- in a list context, so we can avoid extra code checking for single valued or
- empty fields %]
- [% IF field == "data" && cgi.param("data") %]
+ [% IF field == "data" && cgi_param("data") %]
<div class="box">
<p>
We were unable to store the file you uploaded because of incomplete information
remaining missing information above.
</p>
<p>
- Please re-attach the file <b>[% cgi.param(field) FILTER html %]</b> in
+ Please re-attach the file <b>[% cgi_param(field) FILTER html %]</b> in
the field below:
</p>
<p>
</p>
</div>
[% ELSE %]
- [% FOREACH mvalue = cgi.param(field).slice(0) %]
+ [% FOREACH mvalue = cgi.multi_param(field) %]
<input type="hidden" name="[% field FILTER html %]"
value="[% mvalue FILTER html_linebreak %]">
[% END %]
<optgroup label="[% c FILTER html %]">
[% FOREACH p = classifications.$c %]
<option value="[% p.$valueattribute FILTER html %]"
- [% " selected" IF (cgi.param(name) == p.name) || (value.contains(p.name)) %]>
+ [% " selected" IF cgi_param(name) == p.name || value.contains(p.name) %]>
[% p.name FILTER html %]
</option>
[% END %]
[% END %]
[% FOREACH p = products %]
<option value="[% p.$valueattribute FILTER html %]"
- [% " selected" IF (cgi.param(name) == p.name) || (value.contains(p.name)) %]>
+ [% " selected" IF cgi_param(name) == p.name || value.contains(p.name) %]>
[% p.name FILTER html %]
</option>
[% END %]
Please press <b>Back</b> and try again.
</p>
-[%# If a saved search fails, people want the ability to edit or delete it.
+[%# If a saved search fails, people want the ability to edit or delete it.
# This is the best way of getting information about that possible saved
# search from any error call location. %]
-[% namedcmd = Bugzilla.cgi.param("namedcmd") %]
-[% sharer_id = Bugzilla.cgi.param("sharer_id") %]
+[% namedcmd = cgi_param("namedcmd") %]
[% IF namedcmd AND error != "missing_query"
AND error != "saved_search_used_by_whines"
- AND !sharer_id %]
- <p>
- Alternatively, you can
+ AND !cgi_param("sharer_id") %]
+ <p>
+ Alternatively, you can
<a href="buglist.cgi?cmdtype=dorem&remaction=forget&namedcmd=
[% namedcmd FILTER uri %]">forget</a>
-
+
[% FOREACH q = Bugzilla.user.queries %]
[% IF q.name == namedcmd %]
or <a href="query.cgi?[% q.url FILTER html %]">edit</a>
[% END %]
[% END %]
-
+
the saved search '[% namedcmd FILTER html %]'.
</p>
-[% END %]
+[% END %]
[% PROCESS global/footer.html.tmpl %]
[% IF quicksearch %]
[% new_param = BLOCK ~%]
quicksearch=[% quicksearch FILTER uri %]
- [%~ IF cgi.param('list_id') ~%]
- &list_id=[% cgi.param('list_id') FILTER uri %]
+ [%~ IF cgi_param('list_id') ~%]
+ &list_id=[% cgi_param('list_id') FILTER uri %]
[%~ END %]
[% END %]
- [% ELSIF cgi.param('token') != '' %]
+ [% ELSIF cgi_param('token') != '' %]
[% new_param = cgi.canonicalise_query('token', 'cmdtype', 'remtype') %]
[% ELSE %]
[% new_param = cgi.canonicalise_query %]
#%]
[% INCLUDE global/header.html.tmpl title = "Your Linkified Text" %]
-[% USE Bugzilla %]
-[% cgi = Bugzilla.cgi %]
<p>
Copy and paste the text below:
<p>
<pre class="bz_comment_text">
-[%- cgi.param("text") FILTER markdown FILTER html -%]
+[%- cgi_param("text") FILTER markdown FILTER html -%]
</pre>
</p>
<p>
<pre class="bz_comment_text">
-[%- cgi.param("text") FILTER markdown -%]
+[%- cgi_param("text") FILTER markdown -%]
</pre>
</p>
title = "$terms.Bugzilla Keyword Descriptions"
style_urls = ['skins/standard/admin.css']
%]
-[% cgi = Bugzilla.cgi %]
-[% show_inactive_keywords = cgi.param("show_inactive_keywords") %]
+
+[% show_inactive_keywords = cgi_param("show_inactive_keywords") %]
<script>
$(document).ready(function () {
# defined by the Mozilla Public License, v. 2.0.
#%]
-[% USE Bugzilla %]
-[% cgi = Bugzilla.cgi %]
-
[% PROCESS "global/js-products.html.tmpl" %]
[% PROCESS global/header.html.tmpl
[% INCLUDE global/userselect.html.tmpl
id => "requester"
name => "requester"
- value => cgi.param('requester')
+ value => cgi_param('requester')
size => 20
emptyok => 1
field_title => "Requester's email address"
[% PROCESS "global/select-menu.html.tmpl"
name="type"
options=types
- default=cgi.param('type') %]
+ default=cgi_param('type') %]
</td>
[%# We could let people see a "queue" of non-pending requests. %]
[%# PROCESS "global/select-menu.html.tmpl"
name="status"
options=["all", "?", "+-", "+", "-"]
- default=cgi.param('status') %]
+ default=cgi_param('status') %]
</td>
-->
[% INCLUDE global/userselect.html.tmpl
id => "requestee"
name => "requestee"
- value => cgi.param('requestee')
+ value => cgi_param('requestee')
size => 20
emptyok => 1
hyphenok => 1
<select name="component">
<option value="">Any</option>
[% FOREACH comp = components %]
- <option value="[% comp FILTER html %]" [% "selected" IF cgi.param('component') == comp %]>
+ <option value="[% comp FILTER html %]" [% "selected" IF cgi_param('component') == comp %]>
[% comp FILTER html %]</option>
[% END %]
</select>
"Flag" => 'type' ,
"Product/Component" => 'category'
} %]
- [% PROCESS "global/select-menu.html.tmpl" name="group" options=groups default=cgi.param('group') %]
+ [% PROCESS "global/select-menu.html.tmpl"
+ name = "group", options = groups, default = cgi_param('group') %]
</td>
</tr>
<tr>
<td>
<select id="do_union" name="do_union">
<option value="0">Match the requester AND requestee</option>
- <option value="1" [% 'selected="selected"' IF cgi.param('do_union') %]>
+ <option value="1" [% 'selected="selected"' IF cgi_param('do_union') %]>
Match the requester OR requestee</option>
</select>
</td>
my $verified_password;
my $pwd1 = $cgi->param('new_password1');
my $pwd2 = $cgi->param('new_password2');
- my $new_login_name = trim($cgi->param('new_login_name'));
+ my $new_login_name = trim(scalar $cgi->param('new_login_name'));
if ($user->authorizer->can_change_password
&& ($pwd1 ne "" || $pwd2 ne ""))
}
}
- $user->set_name($cgi->param('realname'));
+ $user->set_name(scalar $cgi->param('realname'));
$user->update({ keep_session => 1, keep_tokens => 1 });
$dbh->bz_commit_transaction;
}
}
if (defined $cgi->param('remove_watched_users')) {
- my @removed = $cgi->param('watched_by_you');
+ my @removed = $cgi->multi_param('watched_by_you');
# Remove people who were removed.
my $delete_sth = $dbh->prepare('DELETE FROM watch WHERE watched = ?'
. ' AND watcher = ?');
map { $ignored_bugs{$_} = 1 } @add_ignored;
# Remove any bug ids the user no longer wants to ignore
- foreach my $key (grep(/^remove_ignored_bug_/, $cgi->param)) {
+ foreach my $key (grep(/^remove_ignored_bug_/, $cgi->multi_param())) {
my ($bug_id) = $key =~ /(\d+)$/a;
delete $ignored_bugs{$bug_id};
}
print $cgi->header;
# Needed to make sure he can access and edit bugs.
- my $user = Bugzilla::User->check($cgi->param('sender'));
+ my $user = Bugzilla::User->check(scalar $cgi->param('sender'));
Bugzilla->set_user($user);
my ($output, $tmpl_file);
elsif ($action =~ /^update(_with_headers)?$/) {
my $f = $1 || '';
$tmpl_file = "qa/update_bug$f.txt.tmpl";
- my $bug = Bugzilla::Bug->check($cgi->param('bug_id'));
+ my $bug = Bugzilla::Bug->check(scalar $cgi->param('bug_id'));
$vars->{bug_id} = $bug->id;
}
else {
projects / thirdparty / bugzilla.git / commitdiff
