Skip to content

bugzilla
bugzilla
Commit 8a966655 authored by gerv%gerv.net's avatar gerv%gerv.net
Browse files
Options

Bug 163114 - Templatise all calls to DisplayError. Patch B. Patch by gerv; r=burnus.

parent 07d9826a
Hide whitespace changes
Inline Side-by-side
Showing with 91 additions and 67 deletions
CGI.pl
View file @ 8a966655
......@@ -270,19 +270,7 @@ sub ValidateBugID {
my $alias = $id;
if (!detaint_natural($id)) {
$id = BugAliasToID($alias);
if (!$id) {
my $html_id = html_quote($_[0]);
my $alias_specific_message = Param("usebugaliases") ?
" (it is neither a bug number nor an alias to a bug number)" : "";
DisplayError(qq|
The bug number <em>$html_id</em> is invalid$alias_specific_message.
If you are trying to use QuickSearch, you need to enable JavaScript
in your browser. To help us fix this limitation, add your comments
to <a href="http://bugzilla.mozilla.org/show_bug.cgi?id=70907">bug
70907</a>.
|);
exit;
}
$id || ThrowUserError("invalid_bug_id_or_alias", {'bug_id' => $id});
}
# Modify the calling code's original variable to contain the trimmed,
......@@ -293,8 +281,7 @@ sub ValidateBugID {
SendSQL("SELECT bug_id FROM bugs WHERE bug_id = $id");
FetchOneColumn()
|| DisplayError("Bug #$id does not exist.")
&& exit;
|| ThrowUserError("invalid_bug_id_non_existent", {'bug_id' => $id});
return if $skip_authorization;
......@@ -305,16 +292,10 @@ sub ValidateBugID {
# The error the user sees depends on whether or not they are logged in
# (i.e. $::userid contains the user's positive integer ID).
if ($::userid) {
DisplayError("You are not authorized to access bug #$id.");
ThrowUserError("bug_access_denied", {'bug_id' => $id});
} else {
DisplayError(
qq|You are not authorized to access bug #$id. To see this bug, you
must first <a href="show_bug.cgi?id=$id&amp;GoAheadAndLogIn=1">log in
to an account</a> with the appropriate permissions.|
);
ThrowUserError("bug_access_query", {'bug_id' => $id});
}
exit;
}
sub ValidateComment {
......@@ -323,8 +304,7 @@ sub ValidateComment {
my ($comment) = @_;
if (defined($comment) && length($comment) > 65535) {
DisplayError("Comments cannot be longer than 65,535 characters.");
exit;
ThrowUserError("comment_too_long");
}
}
......@@ -573,9 +553,7 @@ sub confirm_login {
# Make sure the user exists or throw an error (but do not admit it was a username
# error to make it harder for a cracker to find account names by brute force).
$userid
|| DisplayError("The username or password you entered is not valid.")
&& exit;
$userid || ThrowUserError("invalid_username_or_password");
# If this is a new user, generate a password, insert a record
# into the database, and email their password to them.
......@@ -605,8 +583,7 @@ sub confirm_login {
# Make sure the passwords match or throw an error.
($enteredCryptedPassword eq $realcryptpwd)
|| DisplayError("The username or password you entered is not valid.")
&& exit;
|| ThrowUserError("invalid_username_or_password");
# If the user has successfully logged in, delete any password tokens
# lying around in the system for them.
......
buglist.cgi
View file @ 8a966655
......@@ -75,11 +75,7 @@ my $dotweak = $::FORM{'tweak'} ? 1 : 0;
# Log the user in
if ($dotweak) {
confirm_login();
if (!UserInGroup("editbugs")) {
DisplayError("Sorry, you do not have sufficient privileges to edit
multiple bugs.");
exit;
}
UserInGroup("editbugs") || ThrowUserError("insufficient_perms_for_multi");
GetVersionTable();
}
else {
......@@ -120,12 +116,8 @@ my $order_from_cookie = 0; # True if $order set using $::COOKIE{'LASTORDER'}
# If the user is retrieving the last bug list they looked at, hack the buffer
# storing the query string so that it looks like a query retrieving those bugs.
if ($::FORM{'regetlastlist'}) {
if (!$::COOKIE{'BUGLIST'}) {
DisplayError(qq|Sorry, I seem to have lost the cookie that recorded
the results of your last query. You will have to start
over at the <a href="query.cgi">query page</a>.|);
exit;
}
$::COOKIE{'BUGLIST'} || ThrowUserError("missing_cookie");
$::FORM{'bug_id'} = join(",", split(/:/, $::COOKIE{'BUGLIST'}));
$order = "reuse last sort" unless $order;
$::buffer = "bug_id=$::FORM{'bug_id'}&order=" . url_quote($order);
......@@ -186,11 +178,7 @@ sub LookupNamedQuery {
my $qname = SqlQuote($name);
SendSQL("SELECT query FROM namedqueries WHERE userid = $userid AND name = $qname");
my $result = FetchOneColumn();
if (!$result) {
my $qname = html_quote($name);
DisplayError("The query named <em>$qname</em> seems to no longer exist.");
exit;
}
$result || ThrowUserError("missing_query", {'queryname' => '$name'});
return $result;
}
......@@ -305,13 +293,8 @@ elsif ($::FORM{'cmdtype'} eq "doit" && $::FORM{'remember'}) {
my $userid = DBNameToIdAndCheck($::COOKIE{"Bugzilla_login"});
my $name = trim($::FORM{'newqueryname'});
$name
|| DisplayError("You must enter a name for your query.")
&& exit;
$name =~ /[<>&]/
&& DisplayError("The name of your query cannot contain any
of the following characters: &lt;, &gt;, &amp;.")
&& exit;
$name || ThrowUserError("query_name_missing");
$name !~ /[<>&]/ || ThrowUserError("illegal_query_name");
my $qname = SqlQuote($name);
$::buffer =~ s/[\&\?]cmdtype=[a-z]+//;
......@@ -507,18 +490,15 @@ if ($order) {
# Accept an order fragment matching a column name, with
# asc|desc optionally following (to specify the direction)
if (!grep($fragment =~ /^\Q$_\E(\s+(asc|desc))?$/, @columnnames)) {
my $qfragment = html_quote($fragment);
my $error = "The custom sort order you specified in your "
. "form submission contains an invalid column "
. "name <em>$qfragment</em>.";
$vars->{'fragment'} = $fragment;
if ($order_from_cookie) {
my $cookiepath = Param("cookiepath");
print "Set-Cookie: LASTORDER= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT\n";
$error =~ s/form submission/cookie/;
$error .= " The cookie has been cleared.";
ThrowCodeError("invalid_column_name_cookie");
}
else {
ThrowCodeError("invalid_column_name_form");
}
DisplayError($error);
exit;
}
}
# Now that we have checked that all columns in the order are valid,
......
template/en/default/global/code-error.html.tmpl
View file @ 8a966655
......@@ -73,6 +73,17 @@
The attachment number of one of the attachments you wanted to obsolete,
[% attach_id FILTER html %], is invalid.
[% ELSIF error == "invalid_column_name_cookie" %]
[% title = "Invalid Column Name" %]
The custom sort order specified in your cookie contains an invalid
column name <em>[% fragment FILTER html %]</em>.
The cookie has been cleared.
[% ELSIF error == "invalid_column_name_form" %]
[% title = "Invalid Column Name" %]
The custom sort order specified in your form submission contains an
invalid column name <em>[% fragment FILTER html %]</em>.
[% ELSIF error == "mismatched_bug_ids_on_obsolete" %]
Attachment [% attach_id FILTER html %] ([% description FILTER html %])
is attached to bug [% attach_bug_id FILTER html %], but you tried to
......
template/en/default/global/user-error.html.tmpl
View file @ 8a966655
......@@ -81,7 +81,17 @@
[% ELSIF error == "attachment_access_denied" %]
[% title = "Access Denied" %]
You are not permitted access to this attachment.
You are not authorized to access this attachment.
[% ELSIF error == "bug_access_denied" %]
[% title = "Access Denied" %]
You are not authorized to access bug #[% bug_id %].
[% ELSIF error == "bug_access_query" %]
[% title = "Access Denied" %]
You are not authorized to access bug #[% bug_id %]. To see this bug, you
must first <a href="show_bug.cgi?id=[% bug_id %]&amp;GoAheadAndLogIn=1">log
in to an account</a> with the appropriate permissions.
[% ELSIF error == "buglist_parameters_required" %]
[% title = "Parameters Required" %]
......@@ -98,6 +108,10 @@
You have to specify a <b>comment</b> on this change.
Please give some words on the reason for your change.
[% ELSIF error == "comment_too_long" %]
[% title = "Comment Too Long" %]
Comments cannot be longer than 65,535 characters.
[% ELSIF error == "dependency_loop_multi" %]
[% title = "Dependency Loop Detected" %]
The following bug(s) would appear on both the "depends on"
......@@ -192,11 +206,38 @@
[% title = "Your Query Makes No Sense" %]
The only legal values for the <em>Attachment is obsolete</em> field are
0 and 1.
[% ELSIF error == "illegal_query_name" %]
[% title = "Illegal Query Name" %]
The name of your query cannot contain any of the following characters:
&lt;, &gt;, &amp;.
[% ELSIF error == "insufficient_privs_for_multi" %]
[% title = "Insufficient Privileges" %]
Sorry, you do not have sufficient privileges to edit multiple bugs.
[% ELSIF error == "invalid_attach_id" %]
[% title = "Invalid Attachment ID" %]
The attachment id [% attach_id FILTER html %] is invalid.
[% ELSIF error == "invalid_bug_id" %]
[% title = "Invalid Bug ID" %]
The bug id [% bug_id FILTER html %] is invalid.
[% ELSIF error == "invalid_bug_id_non_existent" %]
[% title = "Invalid Bug ID" %]
Bug #[% bug_id %] does not exist.
[% ELSIF error == "invalid_bug_id_or_alias" %]
[% title = "Invalid Bug ID" %]
The 'bug number' <em>[% bug_id FILTER html %]</em> is invalid.
[% IF Param("usebugaliases") %]
It is neither a bug number nor an alias to a bug number.
[% END %]
If you are trying to use QuickSearch, you need to enable JavaScript
in your browser. To help us fix this limitation, add your comments to
<a href="http://bugzilla.mozilla.org/show_bug.cgi?id=70907">bug 70907</a>.
[% ELSIF error == "invalid_content_type" %]
[% title = "Invalid Content-Type" %]
The content type <em>[% contenttype FILTER html %]</em> is invalid.
......@@ -204,10 +245,6 @@
is either <em>application, audio, image, message, model, multipart,
text,</em> or <em>video</em>.
[% ELSIF error == "invalid_bug_id" %]
[% title = "Invalid Bug ID" %]
The bug id [% bug_id FILTER html %] is invalid.
[% ELSIF error == "invalid_product_name" %]
[% title = "Invalid Product Name" %]
The product name '[% product FILTER html %]' is invalid or does not exist.
......@@ -217,6 +254,10 @@
The name <tt>[% name FILTER html %]</tt> is not a valid username.
Either you misspelled it, or the person has not
registered for a Bugzilla account.
[% ELSIF error == "invalid_username_or_password" %]
[% title = "Invalid Username Or Password" %]
The username or password you entered is not valid.
[% ELSIF error == "milestone_required" %]
[% title = "Milestone Required" %]
......@@ -240,11 +281,22 @@
either <em>auto-detect</em>, <em>select from list</em>, or <em>enter
manually</em>.
[% ELSIF error == "missing_cookie" %]
[% title = "Missing Cookie" %]
Sorry, I seem to have lost the cookie that recorded
the results of your last search. I'm afraid you will have to start
again on the <a href="query.cgi">search page</a>.
[% ELSIF error == "missing_email_type" %]
[% title = "Your Query Makes No Sense" %]
You must specify one or more fields in which to search for
<tt>[% email %]</tt>.
[% ELSIF error == "missing_query" %]
[% title = "Missing Query" %]
The query named <em>[% queryname FILTER html %]</em> seems to no longer
exist.
[% ELSIF error == "need_component" %]
[% title = "Component Required" %]
You must specify a component to help determine the new owner of these bugs.
......@@ -292,6 +344,10 @@
Patches cannot be more than [% Param('maxpatchsize') %] KB in size.
Try breaking your patch into several pieces.
[% ELSIF error == "query_name_missing" %]
[% title = "No Query Name Specified" %]
You must enter a name for your query.
[% ELSIF error == "reassign_to_empty" %]
[% title = "Illegal Reassignment" %]
You cannot reassign to a bug to nobody. Unless you
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment