diff options
author | lpsolit%gmail.com <> | 2005-05-04 02:41:22 +0000 |
---|---|---|
committer | lpsolit%gmail.com <> | 2005-05-04 02:41:22 +0000 |
commit | 91225228cd8b8f132a496c2d078c14ffb8ecbab3 (patch) | |
tree | 1db6dbb76ed32bbcce300b087054c733b9378a0b /Bugzilla/Util.pm | |
parent | Bug 248386: Add support for Alias to post_bug.cgi - Patch by Albert Ting <alt... (diff) | |
download | bugzilla-91225228cd8b8f132a496c2d078c14ffb8ecbab3.tar.gz bugzilla-91225228cd8b8f132a496c2d078c14ffb8ecbab3.tar.bz2 bugzilla-91225228cd8b8f132a496c2d078c14ffb8ecbab3.zip |
Bug 279303: Negative numbers are rejected as invalid sortkeys for milestones - Patch by Peter D. Stout <pds@edgedynamics.com> r=LpSolit a=justdave
Diffstat (limited to 'Bugzilla/Util.pm')
-rw-r--r-- | Bugzilla/Util.pm | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index 2c45e077f..70b4c6845 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -30,6 +30,7 @@ use strict; use base qw(Exporter); @Bugzilla::Util::EXPORT = qw(is_tainted trick_taint detaint_natural + detaint_signed html_quote url_quote value_quote xml_quote css_class_quote lsearch max min @@ -69,6 +70,16 @@ sub detaint_natural { return (defined($_[0])); } +sub detaint_signed { + $_[0] =~ /^([-+]?\d+)$/; + $_[0] = $1; + # Remove any leading plus sign. + if (defined($_[0]) && $_[0] =~ /^\+(\d+)$/) { + $_[0] = $1; + } + return (defined($_[0])); +} + sub html_quote { my ($var) = (@_); $var =~ s/\&/\&/g; @@ -325,6 +336,7 @@ Bugzilla::Util - Generic utility functions for bugzilla $rv = is_tainted($var); trick_taint($var); detaint_natural($var); + detaint_signed($var); # Functions for quoting html_quote($var); @@ -393,6 +405,12 @@ This routine detaints a natural number. It returns a true value if the value passed in was a valid natural number, else it returns false. You B<MUST> check the result of this routine to avoid security holes. +=item C<detaint_signed($num)> + +This routine detaints a signed integer. It returns a true value if the +value passed in was a valid signed integer, else it returns false. You +B<MUST> check the result of this routine to avoid security holes. + =back =head2 Quoting |