$vars->{'oldemailaddress'} = $old_email . &::Param('emailsuffix');
$vars->{'newemailaddress'} = $new_email . &::Param('emailsuffix');
- $vars->{'token'} = &::url_quote($token);
+ $vars->{'token'} = $token;
$vars->{'emailaddress'} = $old_email . &::Param('emailsuffix');
my $message;
print SENDMAIL $message;
close SENDMAIL;
- $vars->{'token'} = &::url_quote($newtoken);
+ $vars->{'token'} = $newtoken;
$vars->{'emailaddress'} = $new_email . &::Param('emailsuffix');
$message = "";
$vars->{'emailaddress'} = $username;
$vars->{'maintainer'} = $maintainer;
$vars->{'remoteaddress'} = $::ENV{'REMOTE_ADDR'};
- $vars->{'token'} = &::url_quote($token);
+ $vars->{'token'} = $token;
$vars->{'tokentype'} = $tokentype;
$vars->{'issuedate'} = $issuedate;
$vars->{'eventdata'} = $eventdata;
$vars->{'oldemailaddress'} = $old_email . &::Param('emailsuffix');
$vars->{'newemailaddress'} = $new_email . &::Param('emailsuffix');
- $vars->{'token'} = &::url_quote($token);
+ $vars->{'token'} = $token;
$vars->{'emailaddress'} = $old_email . &::Param('emailsuffix');
my $message;
print SENDMAIL $message;
close SENDMAIL;
- $vars->{'token'} = &::url_quote($newtoken);
+ $vars->{'token'} = $newtoken;
$vars->{'emailaddress'} = $new_email . &::Param('emailsuffix');
$message = "";
$vars->{'emailaddress'} = $username;
$vars->{'maintainer'} = $maintainer;
$vars->{'remoteaddress'} = $::ENV{'REMOTE_ADDR'};
- $vars->{'token'} = &::url_quote($token);
+ $vars->{'token'} = $token;
$vars->{'tokentype'} = $tokentype;
$vars->{'issuedate'} = $issuedate;
$vars->{'eventdata'} = $eventdata;
} ,
html => \&html_quote ,
+
+ # This subroutine in CGI.pl escapes characters in a variable
+ # or value string for use in a query string. It escapes all
+ # characters NOT in the regex set: [a-zA-Z0-9_\-.]. The 'uri'
+ # filter should be used for a full URL that may have
+ # characters that need encoding.
+ url_quote => \&url_quote ,
} ,
}
) || DisplayError("Template creation failed: " . Template->error())
# actually have to function in this test, just be defined.
FILTERS =>
{
- strike => sub { return $_ } ,
- js => sub { return $_ }
+ js => sub { return $_ } ,
+ strike => sub { return $_ } ,
+ url_quote => sub { return $_ } ,
},
}
);
To confirm the change, visit the following link:
-[% Param('urlbase') %]token.cgi?a=cfmem&t=[% token FILTER html %]
+[% Param('urlbase') %]token.cgi?a=cfmem&t=[% token FILTER url_quote %]
If you are not the person who made this request, or you wish to cancel
this request, visit the following link:
-[% Param('urlbase') %]token.cgi?a=cxlem&t=[% token FILTER html %]
+[% Param('urlbase') %]token.cgi?a=cxlem&t=[% token FILTER url_quote %]
If you are not the person who made this request, or you wish to cancel
this request, visit the following link:
-[% Param('urlbase') %]token.cgi?a=cxlem&t=[% token FILTER html %]
+[% Param('urlbase') %]token.cgi?a=cxlem&t=[% token FILTER url_quote %]
<td align="right" valign="top">
<strong>
- <a href="describecomponents.cgi?product=[% product FILTER uri %]">
+ <a href="describecomponents.cgi?product=[% product FILTER url_quote %]">
Component:</a>
</strong>
</td>
<tr>
<td align="right">
<b>
- <a href="describecomponents.cgi?product=[% bug.product FILTER uri %]">
+ <a href="describecomponents.cgi?product=[% bug.product FILTER url_quote %]">
Component</a>:
</b>
</td>
[% FOREACH p = proddesc.keys.sort %]
<tr>
<th align="right" valign="top">
- <a href="[% target %]?product=[% p FILTER uri %]">
+ <a href="[% target %]?product=[% p FILTER url_quote %]">
[% p FILTER html %]</a>:
</th>
[% DEFAULT title = "Bug List" %]
[% style_url = "css/buglist.css" %]
+[% qorder = order FILTER url_quote IF order %]
[%############################################################################%]
[% IF bugs.size > 1 && caneditbugs && !dotweak %]
<a href="buglist.cgi?[% urlquerypart %]
- [%- "&order=$order" FILTER uri html IF order %]&tweak=1">Change Several
+ [%- "&order=$qorder" FILTER html IF order %]&tweak=1">Change Several
Bugs at Once</a>
[% END %]
}
%]
+[% qorder = order FILTER url_quote IF order %]
+
[%############################################################################%]
[%# Table Header #%]
[%############################################################################%]
[% BLOCK columnheader %]
<th colspan="[% splitheader ? 2 : 1 %]">
<a href="buglist.cgi?[% urlquerypart %]&order=
- [% column.name FILTER uri html %]
- [% ",$order" FILTER uri html IF order %]">
+ [% column.name FILTER url_quote FILTER html %]
+ [% ",$qorder" FILTER html IF order %]">
[%- abbrev.$id.title || column.title -%]</a>
</th>
[% END %]
<td>[% keyword.description %]</td>
<td align="right">
[% IF keyword.bugcount > 0 %]
- <A HREF="buglist.cgi?keywords=[% keyword.name FILTER uri %]">
+ <a href="buglist.cgi?keywords=[% keyword.name FILTER url_quote %]">
[% keyword.bugcount %]</a>
[% ELSE %]
none
[%- END %]
[%- FOREACH name = namedqueries %]
- <text class="text-link" onclick="load_relative_url('buglist.cgi?cmdtype=runnamed&namedcmd=[% name FILTER uri %]')" value="[% name FILTER html %]"/>
+ <text class="text-link" onclick="load_relative_url('buglist.cgi?cmdtype=runnamed&namedcmd=[% name FILTER url_quote %]')" value="[% name FILTER html %]"/>
[% END %]
[% ELSE %]
projects / thirdparty / bugzilla.git / commitdiff
