Different workaround for mysterious taint issues under perl 5.20
parent
a72643daeb
commit
9267e2537a
|
@ -39,7 +39,7 @@ use constant NAME_FIELD => 'name';
|
|||
|
||||
use constant LIST_ORDER => 'product_id, name';
|
||||
|
||||
use constant DB_COLUMNS => qw(
|
||||
sub DB_COLUMNS() { qw(
|
||||
id
|
||||
name
|
||||
product_id
|
||||
|
@ -48,7 +48,7 @@ use constant DB_COLUMNS => qw(
|
|||
description
|
||||
wiki_url
|
||||
isactive
|
||||
);
|
||||
) }
|
||||
|
||||
use constant REQUIRED_CREATE_FIELDS => qw(
|
||||
name
|
||||
|
|
|
@ -47,7 +47,10 @@ use constant FIELD_NAME => 'product';
|
|||
use constant NAME_FIELD => 'name';
|
||||
use constant LIST_ORDER => 'name';
|
||||
|
||||
use constant DB_COLUMNS => qw(
|
||||
# Workaround mysterious taint issue:
|
||||
# join('', DB_COLUMNS) will be tainted if defined as 'use constant'
|
||||
# (although none of the columns themselves will be tainted in that case)
|
||||
sub DB_COLUMNS() { qw(
|
||||
id
|
||||
name
|
||||
wiki_url
|
||||
|
@ -62,7 +65,7 @@ use constant DB_COLUMNS => qw(
|
|||
allows_unconfirmed
|
||||
cc_group
|
||||
entryheaderhtml
|
||||
);
|
||||
) }
|
||||
|
||||
use constant REQUIRED_CREATE_FIELDS => qw(
|
||||
name
|
||||
|
|
|
@ -376,6 +376,7 @@ if ($action eq 'updategroupcontrols')
|
|||
{
|
||||
my $count_id = $1;
|
||||
my $id = $ARGS->{$f};
|
||||
next if !$id;
|
||||
trick_taint($id);
|
||||
if ($ARGS->{"membercontrol_$count_id"} == CONTROLMAPNA)
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue