diff options
Diffstat (limited to 'attachment.cgi')
-rwxr-xr-x | attachment.cgi | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/attachment.cgi b/attachment.cgi index e5c3f52fe..5996aa86d 100755 --- a/attachment.cgi +++ b/attachment.cgi @@ -1,4 +1,4 @@ -#!/usr/bonsaitools/bin/perl -w +#!/usr/bonsaitools/bin/perl -wT # -*- Mode: perl; indent-tabs-mode: nil -*- # # The contents of this file are subject to the Mozilla Public @@ -29,6 +29,8 @@ use diagnostics; use strict; +use lib qw(.); + # Include the Bugzilla CGI and general utility library. require "CGI.pl"; @@ -139,10 +141,10 @@ exit; sub validateID { - # Validate the value of the "id" form field, which must contain a positive + # Validate the value of the "id" form field, which must contain an # integer that is the ID of an existing attachment. - $::FORM{'id'} =~ /^[1-9][0-9]*$/ + detaint_natural($::FORM{'id'}) || DisplayError("You did not enter a valid attachment number.") && exit; |