From: justdave%syndicomm.com <>
Date: Mon, 26 Nov 2001 12:53:28 +0000 (+0000)
Subject: Fix for bug 98146: Untrusted variable in echoed back to user in HTML error if there...
X-Git-Tag: bugzilla-2.14.2~15
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ee35238a336b79ad323aa53c5458bc3e2de0fe35;p=thirdparty%2Fbugzilla.git
Fix for bug 98146: Untrusted variable in echoed back to user in HTML error if there was a login error while editing votes
Patch by Gerv and Jake, r= Myk
---
diff --git a/doeditvotes.cgi b/doeditvotes.cgi
index 94c36b8f43..306cdf4691 100755
--- a/doeditvotes.cgi
+++ b/doeditvotes.cgi
@@ -85,8 +85,10 @@ my $who = DBNameToIdAndCheck($::COOKIE{'Bugzilla_login'});
if ( (! defined $who) || (!$who) ) {
PutHeader("Bad login.");
print qq|
- The login info got confused. Please log
- in (again) and try again.\n|;
+ The login info got confused. Please
+ log in
+ (again) and try again.\n
+ |;
PutFooter();
exit();
}
@@ -110,7 +112,7 @@ if (scalar(@buglist)) {
if ($::FORM{$id} > $max) {
PutHeader("Don't overstuff!", "Illegal vote");
print "You may only use at most $max votes for a single bug in the\n";
- print "$prod product, but you are trying to use $::FORM{$id}.\n";
+ print "$prod product, but you are using $::FORM{$id}.\n";
print "Please click Back and try again.
\n";
PutFooter();
exit();
@@ -121,7 +123,7 @@ if (scalar(@buglist)) {
if ($prodcount{$prod} > $::prodmaxvotes{$prod}) {
PutHeader("Don't overstuff!", "Illegal vote");
print "You may only use $::prodmaxvotes{$prod} votes for bugs in the\n";
- print "$prod product, but you are trying to use $prodcount{$prod}.\n";
+ print "$prod product, but you are using $prodcount{$prod}.\n";
print "Please click Back and try again.
\n";
PutFooter();
exit();