Patch for bug 250259: Fix taint error on disallownew field in editproducts.cgi; patch...

author jocuri%softhome.net <>

Thu, 8 Jul 2004 06:49:41 +0000 (06:49 +0000)

committer jocuri%softhome.net <>

Thu, 8 Jul 2004 06:49:41 +0000 (06:49 +0000)
author jocuri%softhome.net <>
Thu, 8 Jul 2004 06:49:41 +0000 (06:49 +0000)
committer jocuri%softhome.net <>
Thu, 8 Jul 2004 06:49:41 +0000 (06:49 +0000)
diff --git a/editproducts.cgi b/editproducts.cgi

index 6d33c80804d86a16b52a1c9865795549e4caceee..b0e6279e0f082024d053e28534f997f5f8337c6e 100755 (executable)
--- a/editproducts.cgi
+++ b/editproducts.cgi
@@ -1092,7 +1092,7 @@ if ($action eq 'update') {
                           milestones READ");
  
      if ($disallownew ne $disallownewold) {
-        $disallownew ||= 0;
+        $disallownew = $disallownew ? 1 : 0;
          SendSQL("UPDATE products
                   SET disallownew=$disallownew
                   WHERE id=$product_id");
author	jocuri%softhome.net <>
	Thu, 8 Jul 2004 06:49:41 +0000 (06:49 +0000)
committer	jocuri%softhome.net <>
	Thu, 8 Jul 2004 06:49:41 +0000 (06:49 +0000)