diff options
| -rwxr-xr-x | chart.cgi | 11 | ||||
| -rw-r--r-- | template/en/default/reports/edit-series.html.tmpl | 4 | ||||
| -rw-r--r-- | template/en/default/search/search-create-series.html.tmpl | 1 |
3 files changed, 13 insertions, 3 deletions
@@ -52,6 +52,7 @@ use Bugzilla::Util; use Bugzilla::Chart; use Bugzilla::Series; use Bugzilla::User; +use Bugzilla::Token; # For most scripts we don't make $cgi and $template global variables. But # when preparing Bugzilla for mod_perl, this script used these @@ -138,7 +139,9 @@ elsif ($action eq "wrap") { } elsif ($action eq "create") { assertCanCreate($cgi); - + my $token = $cgi->param('token'); + check_hash_token($token, ['create-series']); + my $series = new Bugzilla::Series($cgi); if (!$series->existsInDatabase()) { @@ -168,7 +171,11 @@ elsif ($action eq "alter") { detaint_natural($series_id) || ThrowCodeError("invalid_series_id"); assertCanEdit($series_id); - my $series = new Bugzilla::Series($cgi); + # We cannot use the $series object below, as its name may have changed. + my $series = new Bugzilla::Series($series_id); + my $token = $cgi->param('token'); + check_hash_token($token, [$series->{series_id}, $series->{name}]); + $series = new Bugzilla::Series($cgi); # We need to check if there is _another_ series in the database with # our (potentially new) name. So we call existsInDatabase() to see if diff --git a/template/en/default/reports/edit-series.html.tmpl b/template/en/default/reports/edit-series.html.tmpl index 7fbdcbdfd..20db2d667 100644 --- a/template/en/default/reports/edit-series.html.tmpl +++ b/template/en/default/reports/edit-series.html.tmpl @@ -40,7 +40,9 @@ [% PROCESS reports/series.html.tmpl button_name = "Change Data Set" %] <input type="hidden" name="action" value="alter"> - + <input type="hidden" name="token" + value="[% issue_hash_token([default.series_id, default.name]) FILTER html %]"> + [% IF default.series_id %] <input type="hidden" name="series_id" value="[% default.series_id %]"> [% END %] diff --git a/template/en/default/search/search-create-series.html.tmpl b/template/en/default/search/search-create-series.html.tmpl index da1011e10..26010af64 100644 --- a/template/en/default/search/search-create-series.html.tmpl +++ b/template/en/default/search/search-create-series.html.tmpl @@ -52,6 +52,7 @@ [% PROCESS reports/series.html.tmpl button_name = "Create Data Set" %] <input type="hidden" name="action" value="create"> + <input type="hidden" name="token" value="[% issue_hash_token(['create-series']) FILTER html %]"> <script type="text/javascript"> document.chartform.category[0].selected = true; |