[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gforge-commits] gforge/www/frs/include frs_utils.php,1.3,1.4
From: |
mpeltier |
Subject: |
[Gforge-commits] gforge/www/frs/include frs_utils.php,1.3,1.4 |
Date: |
Sat, 11 Dec 2004 18:08:12 -0600 |
Update of /cvsroot/gforge/gforge/www/frs/include
In directory db.perdue.net:/tmp/cvs-serv12916/www/frs/include
Modified Files:
frs_utils.php
Log Message:
Fixed hopefully security pb introduced by my last commit (reported by Tim):
check that the new package and release id are ok and belong to the
same project before doing the update.
Index: frs_utils.php
===================================================================
RCS file: /cvsroot/gforge/gforge/www/frs/include/frs_utils.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- frs_utils.php 8 Oct 2004 20:33:18 -0000 1.3
+++ frs_utils.php 12 Dec 2004 00:08:09 -0000 1.4
@@ -113,7 +113,7 @@
*/
-function frs_show_status_popup ($name='status_id', $checked_val="xzxz") {
+function frs_show_status_popup ($name='status_id', $checked_val='xzxz') {
/*
return a pop-up select box of statuses
*/
@@ -130,7 +130,7 @@
*/
-function frs_show_filetype_popup ($name='type_id', $checked_val="xzxz") {
+function frs_show_filetype_popup ($name='type_id', $checked_val='xzxz') {
/*
return a pop-up select box of the available filetypes
*/
@@ -147,7 +147,7 @@
*/
-function frs_show_processor_popup ($name='processor_id', $checked_val="xzxz") {
+function frs_show_processor_popup ($name='processor_id', $checked_val='xzxz') {
/*
return a pop-up select box of the available processors
*/
@@ -165,7 +165,7 @@
*/
-function frs_show_release_popup ($group_id, $name='release_id',
$checked_val="xzxz") {
+function frs_show_release_popup ($group_id, $name='package_release_ids',
$checked_val='xzxz') {
/*
return a pop-up select box of releases for the project
*/
@@ -174,7 +174,7 @@
return 'ERROR - GROUP ID REQUIRED';
} else {
if (!isset($FRS_RELEASE_RES)) {
- $FRS_RELEASE_RES=db_query("SELECT
frs_release.release_id,(frs_package.name || ' : ' || frs_release.name) ".
+ $FRS_RELEASE_RES=db_query("SELECT
frs_package.package_id || ':' || frs_release.release_id,(frs_package.name || '
: ' || frs_release.name) ".
"FROM frs_release,frs_package ".
"WHERE frs_package.group_id='$group_id' ".
"AND
frs_release.package_id=frs_package.package_id");
@@ -190,7 +190,7 @@
*/
-function frs_show_package_popup ($group_id, $name='package_id',
$checked_val="xzxz") {
+function frs_show_package_popup ($group_id, $name='package_id',
$checked_val='xzxz') {
/*
return a pop-up select box of packages for this project
*/
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Gforge-commits] gforge/www/frs/include frs_utils.php,1.3,1.4,
mpeltier <=
- Prev by Date:
[Gforge-commits] gforge-plugin-scmcvs/include/languages Base.tab, 1.1, 1.2 Basque.tab, 1.1, 1.2 Dutch.tab, 1.1, 1.2 French.tab, 1.1, 1.2 Italian.tab, 1.1, 1.2 Korean.tab, 1.1, 1.2 Spanish.tab, 1.1, 1.2 Swedish.tab, 1.1, 1.2
- Next by Date:
[Gforge-commits] gforge/www/frs index.php,1.5,1.6
- Previous by thread:
[Gforge-commits] gforge-plugin-scmcvs/include/languages Base.tab, 1.1, 1.2 Basque.tab, 1.1, 1.2 Dutch.tab, 1.1, 1.2 French.tab, 1.1, 1.2 Italian.tab, 1.1, 1.2 Korean.tab, 1.1, 1.2 Spanish.tab, 1.1, 1.2 Swedish.tab, 1.1, 1.2
- Next by thread:
[Gforge-commits] gforge/www/frs index.php,1.5,1.6
- Index(es):