Fix for bug 98146: Untrusted variable in echoed back to user in HTML error if there...

Patch by Gerv and Jake, r= Myk

diff --git a/doeditvotes.cgi b/doeditvotes.cgi
index 94c36b8f43f425acad970791f9b66a6a97e4263f..306cdf46912a6d95cd00ca17a515da091871e95a 100755 (executable)
--- a/doeditvotes.cgi
+++ b/doeditvotes.cgi
@@ -85,8 +85,10 @@ my $who = DBNameToIdAndCheck($::COOKIE{'Bugzilla_login'});
 if ( (! defined $who) || (!$who) ) {
     PutHeader("Bad login.");
     print qq|
-    The login info got confused. Please <a href="query.cgi?GoAheadAndLogIn=1">log 
-    in</a> (again) and try again.\n|;
+    The login info got confused. Please
+    <a href="query.cgi?GoAheadAndLogIn=1">log in</a>
+    (again) and try again.\n
+    |;
     PutFooter();
     exit();
 }
@@ -110,7 +112,7 @@ if (scalar(@buglist)) {
         if ($::FORM{$id} > $max) {
             PutHeader("Don't overstuff!", "Illegal vote");
             print "You may only use at most $max votes for a single bug in the\n";
-            print "<tt>$prod</tt> product, but you are trying to use $::FORM{$id}.\n";
+            print "<tt>$prod</tt> product, but you are using $::FORM{$id}.\n";
             print "<P>Please click <b>Back</b> and try again.<hr>\n";
             PutFooter();
             exit();
@@ -121,7 +123,7 @@ if (scalar(@buglist)) {
         if ($prodcount{$prod} > $::prodmaxvotes{$prod}) {
             PutHeader("Don't overstuff!", "Illegal vote");
             print "You may only use $::prodmaxvotes{$prod} votes for bugs in the\n";
-            print "<tt>$prod</tt> product, but you are trying to use $prodcount{$prod}.\n";
+            print "<tt>$prod</tt> product, but you are using $prodcount{$prod}.\n";
             print "<P>Please click <b>Back</b> and try again.<hr>\n";
             PutFooter();
             exit();