]> git.ipfire.org Git - thirdparty/bugzilla.git/commitdiff
projects / thirdparty / bugzilla.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9a161bb)
Bug 314198: Fix leaking list of product names in query.cgi
authorbugreport%peshkin.net <>
Tue, 1 Nov 2005 02:48:59 +0000 (02:48 +0000)
committerbugreport%peshkin.net <>
Tue, 1 Nov 2005 02:48:59 +0000 (02:48 +0000)
Patch by Joel Peshkin <bugreport@peshkin.net>
r=lpsolit, a=justdave

template/en/default/search/search-specific.html.tmpl patch | blob | blame | history

diff --git a/template/en/default/search/search-specific.html.tmpl b/template/en/default/search/search-specific.html.tmpl
index 1ff6f17acdfc2f42b9583cd5047b1cd33cd79a8c..dcc87130e19db3fafda66084691993f378dd7383 100644 (file)
--- a/template/en/default/search/search-specific.html.tmpl
+++ b/template/en/default/search/search-specific.html.tmpl
@@ -74,10 +74,12 @@ for "crash secure SSL flash".
           [% FOREACH c = classification %]
             <optgroup label="[% c.name FILTER html %]">
             [% FOREACH p = c.products %]
-              <option value="[% p.name FILTER html %]"
-                [% " selected" IF lsearch(default.product, p.name) != -1 %]>
-                [% p.name FILTER html %]
-              </option>
+              [% IF user.can_see_product(p.name) %]
+                <option value="[% p.name FILTER html %]"
+                  [% " selected" IF lsearch(default.product, p.name) != -1 %]>
+                  [% p.name FILTER html %]
+                </option>
+              [% END %]
             [% END %]
             </optgroup>
           [% END %]
Mirror of https://github.com/bugzilla/bugzilla.git