Second installment of Bug 179260 Unknown table 'map_assigned_to' in order clause...

r=bbaetz
a=justdave

diff --git a/buglist.cgi b/buglist.cgi
index a8f28fbd7f68231be8d8926b527997a6897fd133..50873387ee322a754a8f48e3941b3a4fb8e6cad3 100755 (executable)
--- a/buglist.cgi
+++ b/buglist.cgi
@@ -528,12 +528,6 @@ if ($order) {
                     else {
                         ThrowCodeError("invalid_column_name_form");
                     }
-                } elsif (!grep($fragment =~ /^\Q$_\E(\s+(asc|desc))?$/, @selectnames)) {
-                    # Add order columns to selectnames
-                    # The fragment has already been validated
-                    $fragment =~ s/\s+(asc|desc)$//;
-                    trick_taint($fragment);
-                    push @selectnames, $fragment;
                 }
             }
             # Now that we have checked that all columns in the order are valid,
@@ -560,6 +554,16 @@ if ($order) {
         # DEFAULT
         $order = "bugs.bug_status, bugs.priority, map_assigned_to.login_name, bugs.bug_id";
     }
+    foreach my $fragment (split(/,/, $order)) {
+        $fragment = trim($fragment);
+        if (!grep($fragment =~ /^\Q$_\E(\s+(asc|desc))?$/, @selectnames)) {
+            # Add order columns to selectnames
+            # The fragment has already been validated
+            $fragment =~ s/\s+(asc|desc)$//;
+            $fragment =~ tr/a-zA-Z\.0-9\-_//cd;
+            push @selectnames, $fragment;
+        }
+    }
 
     $db_order = $order;  # Copy $order into $db_order for use with SQL query