aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'attachment.cgi')
-rwxr-xr-xattachment.cgi8
1 files changed, 5 insertions, 3 deletions
diff --git a/attachment.cgi b/attachment.cgi
index e5c3f52fe..5996aa86d 100755
--- a/attachment.cgi
+++ b/attachment.cgi
@@ -1,4 +1,4 @@
-#!/usr/bonsaitools/bin/perl -w
+#!/usr/bonsaitools/bin/perl -wT
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
@@ -29,6 +29,8 @@
use diagnostics;
use strict;
+use lib qw(.);
+
# Include the Bugzilla CGI and general utility library.
require "CGI.pl";
@@ -139,10 +141,10 @@ exit;
sub validateID
{
- # Validate the value of the "id" form field, which must contain a positive
+ # Validate the value of the "id" form field, which must contain an
# integer that is the ID of an existing attachment.
- $::FORM{'id'} =~ /^[1-9][0-9]*$/
+ detaint_natural($::FORM{'id'})
|| DisplayError("You did not enter a valid attachment number.")
&& exit;