if ($params->param('deadlinefrom')){
$deadlinefrom = $params->param('deadlinefrom');
- Bugzilla::Util::ValidateDate($deadlinefrom, 'deadlinefrom');
+ validate_date($deadlinefrom)
+ || ThrowUserError('illegal_date', {date => $deadlinefrom,
+ format => 'YYYY-MM-DD'});
$sql_deadlinefrom = &::SqlQuote($deadlinefrom);
push(@wherepart, "bugs.deadline >= $sql_deadlinefrom");
}
if ($params->param('deadlineto')){
$deadlineto = $params->param('deadlineto');
- Bugzilla::Util::ValidateDate($deadlineto, 'deadlineto');
+ validate_date($deadlineto)
+ || ThrowUserError('illegal_date', {date => $deadlineto,
+ format => 'YYYY-MM-DD'});
$sql_deadlineto = &::SqlQuote($deadlineto);
push(@wherepart, "bugs.deadline <= $sql_deadlineto");
}
$password ||= &::GenerateRandomPassword();
my $cryptpassword = bz_crypt($password);
- # XXX - These should be moved into is_available_username or check_email_syntax
+ # XXX - These should be moved into is_available_username or validate_email_syntax
# At the least, they shouldn't be here. They're safe for now, though.
trick_taint($username);
trick_taint($realname);
lsearch max min
diff_arrays diff_strings
trim wrap_comment find_wrap_point
- format_time format_time_decimal
+ format_time format_time_decimal validate_date
file_mod_time is_7bit_clean
- bz_crypt check_email_syntax);
+ bz_crypt validate_email_syntax);
use Bugzilla::Config;
-use Bugzilla::Error;
use Bugzilla::Constants;
+
use Date::Parse;
use Date::Format;
use Text::Wrap;
return $cryptedpassword;
}
-sub check_email_syntax {
- my ($addr) = (@_);
+sub validate_email_syntax {
+ my ($addr) = @_;
my $match = Param('emailregexp');
- if ($addr !~ /$match/ || $addr =~ /[\\\(\)<>&,;:"\[\] \t\r\n]/) {
- ThrowUserError("illegal_email_address", { addr => $addr });
- }
+ my $ret = ($addr =~ /$match/ && $addr !~ /[\\\(\)<>&,;:"\[\] \t\r\n]/);
+ return $ret ? 1 : 0;
}
-sub ValidateDate {
- my ($date, $format) = @_;
+sub validate_date {
+ my ($date) = @_;
my $date2;
# $ts is undefined if the parser fails.
$date =~ s/(\d+)-0*(\d+?)-0*(\d+?)/$1-$2-$3/;
$date2 =~ s/(\d+)-0*(\d+?)-0*(\d+?)/$1-$2-$3/;
}
- if (!$ts || $date ne $date2) {
- ThrowUserError('illegal_date', {date => $date, format => $format});
- }
+ my $ret = ($ts && $date eq $date2);
+ return $ret ? 1 : 0;
}
sub is_7bit_clean {
$crypted_password = bz_crypt($password);
# Validation Functions
- check_email_syntax($email);
+ validate_email_syntax($email);
+ validate_date($date);
=head1 DESCRIPTION
=over 4
-=item C<check_email_syntax($email)>
+=item C<validate_email_syntax($email)>
+
+Do a syntax checking for a legal email address and returns 1 if
+the check is successful, else returns 0.
+
+=item C<validate_date($date)>
-Do a syntax checking for a legal email address. An error is thrown
-if the validation fails.
+Make sure the date has the correct format and returns 1 if
+the check is successful, else returns 0.
=back
if (defined($login)) {
# We've been asked to create an account.
my $realname = trim($cgi->param('realname'));
- check_email_syntax($login);
+
+ validate_email_syntax($login)
+ || ThrowUserError('illegal_email_address', {addr => $login});
+
$vars->{'login'} = $login;
$dbh->bz_lock_tables('profiles WRITE', 'email_setting WRITE', 'tokens READ');
{ cc_list => $cgi->param('cc_list') });
my @addresses = split(/[, ]+/, $cgi->param('cc_list'));
- foreach my $address (@addresses) { check_email_syntax($address) }
+ foreach my $address (@addresses) {
+ validate_email_syntax($address)
+ || ThrowUserError('illegal_email_address', {addr => $address});
+ }
}
sub validateProduct {
# Validity checks
$login || ThrowUserError('user_login_required');
- check_email_syntax($login);
- is_available_username($login) || ThrowUserError('account_exists',
- {'email' => $login});
+ validate_email_syntax($login)
+ || ThrowUserError('illegal_email_address', {addr => $login});
+ is_available_username($login)
+ || ThrowUserError('account_exists', {email => $login});
ValidatePassword($password);
# Login and password are validated now, and realname and disabledtext
if ($login ne $loginold) {
# Validate, then trick_taint.
$login || ThrowUserError('user_login_required');
- check_email_syntax($login);
- is_available_username($login) || ThrowUserError('account_exists',
- {'email' => $login});
+ validate_email_syntax($login)
+ || ThrowUserError('illegal_email_address', {addr => $login});
+ is_available_username($login)
+ || ThrowUserError('account_exists', {email => $login});
+
trick_taint($login);
push(@changedFields, 'login_name');
push(@values, $login);
require "globals.pl";
use Bugzilla;
use Bugzilla::Constants;
+use Bugzilla::Util;
use Bugzilla::Bug;
use Bugzilla::User;
use Bugzilla::Field;
}
if ((UserInGroup(Param("timetrackinggroup"))) && ($cgi->param('deadline'))) {
- Bugzilla::Util::ValidateDate($cgi->param('deadline'), 'YYYY-MM-DD');
+ validate_date($cgi->param('deadline'))
+ || ThrowUserError('illegal_date', {date => $cgi->param('deadline'),
+ format => 'YYYY-MM-DD'});
$sql .= SqlQuote($cgi->param('deadline'));
} else {
$sql .= "NULL";
DoComma();
$::query .= "deadline = ";
if ($cgi->param('deadline')) {
- Bugzilla::Util::ValidateDate($cgi->param('deadline'), 'YYYY-MM-DD');
+ validate_date($cgi->param('deadline'))
+ || ThrowUserError('illegal_date', {date => $cgi->param('deadline'),
+ format => 'YYYY-MM-DD'});
$::query .= SqlQuote($cgi->param('deadline'));
} else {
$::query .= "NULL" ;
ThrowUserError("password_change_requests_not_allowed");
}
- # Make sure the login name looks like an email address. This function
- # displays its own error and stops execution if the login name looks wrong.
- check_email_syntax($cgi->param('loginname'));
+ # Make sure the login name looks like an email address.
+ validate_email_syntax($cgi->param('loginname'))
+ || ThrowUserError('illegal_email_address',
+ {addr => $cgi->param('loginname')});
my $quotedloginname = SqlQuote($cgi->param('loginname'));
SendSQL("SELECT userid FROM profiles WHERE " .
}
# Before changing an email address, confirm one does not exist.
- check_email_syntax($new_login_name);
+ validate_email_syntax($new_login_name)
+ || ThrowUserError('illegal_email_address', {addr => $new_login_name});
trick_taint($new_login_name);
is_available_username($new_login_name)
|| ThrowUserError("account_exists", {email => $new_login_name});
projects / thirdparty / bugzilla.git / commitdiff
