Landing Adam Spiers' contributions for security and small functional issues

e70b77bb · tara%tequilarista.org · 4e1c57ce · e70b77bb · e70b77bb
Commit e70b77bb authored Jul 26, 2000 by tara%tequilarista.org
Hide whitespace changes
Inline Side-by-side

Showing with 29 additions and 19 deletions

editusers.cgi editusers.cgi +1 -0

sanitycheck.cgi sanitycheck.cgi +28 -19

No files found.
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -276,6 +276,7 @@ List users with login name matching:
 </SELECT>
 <BR>
 <INPUT TYPE=SUBMIT VALUE="Submit">
+</FORM>
 };
    PutTrailer();
    exit;

--- a/sanitycheck.cgi
+++ b/sanitycheck.cgi
@@ -66,18 +66,27 @@ sub CrossCheck {
    }
    while (@_) {
        my $ref = shift @_;
-        my $t2 = shift @$ref;
-        my $f2 = shift @$ref;
-        my %exceptions;
-        foreach my $v (@$ref) {
-            $exceptions{$v} = 1;
-        }
+        my ($t2, $f2, $key2, $exceptions) = @$ref;
+
+        $exceptions ||= [];
+        my %exceptions = map { $_ => 1 } @$exceptions;
+
        Status("... from $t2.$f2");
-        SendSQL("SELECT DISTINCT $f2 FROM $t2");
+        
+        SendSQL("SELECT DISTINCT $f2" . ($key2 ? ", $key2" : '') ." FROM $t2");
        while (MoreSQLData()) {
-            my $value = FetchOneColumn();
+            my ($value, $key) = FetchSQLData();
            if (!$valid{$value} && !$exceptions{$value}) {
-                Alert("Bad value $value found in $t2.$f2");
+                my $alert = "Bad value $value found in $t2.$f2";
+                if ($key2) {
+                    if ($key2 eq 'bug_id') {
+                        $alert .= qq{ (<a href="show_bug.cgi?id=$key">bug $key</a>)};
+                    }
+                    else {
+                        $alert .= " ($key2 == '$key')";
+                    }
+                    Alert($alert);
+                }
            }
        }
    }
@@ -128,14 +137,14 @@ CrossCheck("bugs", "bug_id",
           ["keywords", "bug_id"]);

 CrossCheck("profiles", "userid",
-           ["bugs", "reporter"],
-           ["bugs", "assigned_to"],
-           ["bugs", "qa_contact", 0],
-           ["attachments", "submitter_id"],
-           ["bugs_activity", "who"],
-           ["cc", "who"],
-           ["votes", "who"],
-           ["longdescs", "who"],
+           ["bugs", "reporter", "bug_id"],
+           ["bugs", "assigned_to", "bug_id"],
+           ["bugs", "qa_contact", "bug_id", ["0"]],
+           ["attachments", "submitter_id", "bug_id"],
+           ["bugs_activity", "who", "bug_id"],
+           ["cc", "who", "bug_id"],
+           ["votes", "who", "bug_id"],
+           ["longdescs", "who", "bug_id"],
           ["namedqueries", "userid"]);


@@ -237,9 +246,9 @@ foreach my $ref (@checklist) {
 Status("Checking profile logins");

 my $emailregexp = Param("emailregexp");
-
+$emailregexp =~ s/'/\\'/g;
 SendSQL("SELECT userid, login_name FROM profiles " .
-        "WHERE login_name NOT REGEXP " . SqlQuote($emailregexp));
+        "WHERE login_name NOT REGEXP '" . $emailregexp . "'");


 while (my ($id,$email) = (FetchSQLData())) {