aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Bugzilla/Auth/CGI.pm21
-rw-r--r--Bugzilla/CGI.pm89
-rw-r--r--Bugzilla/Constants.pm13
-rw-r--r--Bugzilla/Error.pm3
-rw-r--r--Bugzilla/Flag.pm2
-rw-r--r--Bugzilla/User.pm2
-rw-r--r--CGI.pl4
-rwxr-xr-xattachment.cgi27
-rwxr-xr-xbuglist.cgi66
-rwxr-xr-xchecksetup.pl20
-rwxr-xr-xcolchange.cgi21
-rwxr-xr-xcreateaccount.cgi11
-rwxr-xr-xdescribecomponents.cgi8
-rwxr-xr-xdescribekeywords.cgi6
-rwxr-xr-xdoeditparams.cgi5
-rwxr-xr-xduplicates.cgi11
-rwxr-xr-xeditcomponents.cgi2
-rwxr-xr-xeditflagtypes.cgi17
-rwxr-xr-xeditgroups.cgi2
-rwxr-xr-xeditkeywords.cgi2
-rwxr-xr-xeditmilestones.cgi2
-rwxr-xr-xeditparams.cgi2
-rwxr-xr-xeditproducts.cgi2
-rwxr-xr-xeditusers.cgi2
-rwxr-xr-xeditversions.cgi2
-rwxr-xr-xenter_bug.cgi7
-rw-r--r--globals.pl3
-rwxr-xr-ximportxml.pl4
-rwxr-xr-xindex.cgi4
-rwxr-xr-xlong_list.cgi7
-rwxr-xr-xmove.pl9
-rwxr-xr-xpage.cgi9
-rwxr-xr-xpost_bug.cgi14
-rwxr-xr-xprocess_bug.cgi7
-rwxr-xr-xquery.cgi11
-rwxr-xr-xqueryhelp.cgi2
-rwxr-xr-xquips.cgi4
-rwxr-xr-xrelogin.cgi14
-rwxr-xr-xreport.cgi16
-rwxr-xr-xreports.cgi9
-rwxr-xr-xrequest.cgi2
-rwxr-xr-xshow_activity.cgi2
-rwxr-xr-xshow_bug.cgi11
-rwxr-xr-xshowattachment.cgi18
-rwxr-xr-xshowdependencygraph.cgi5
-rwxr-xr-xshowdependencytree.cgi4
-rwxr-xr-xsidebar.cgi7
-rw-r--r--template/en/default/global/code-error.html.tmpl5
-rwxr-xr-xtoken.cgi16
-rwxr-xr-xuserprefs.cgi6
-rwxr-xr-xvotes.cgi19
51 files changed, 352 insertions, 205 deletions
diff --git a/Bugzilla/Auth/CGI.pm b/Bugzilla/Auth/CGI.pm
index 034013bda..3588b7037 100644
--- a/Bugzilla/Auth/CGI.pm
+++ b/Bugzilla/Auth/CGI.pm
@@ -70,9 +70,13 @@ sub login {
undef,
$userid, $ipaddr);
my $logincookie = $dbh->selectrow_array("SELECT LAST_INSERT_ID()");
- my $cookiepath = Param("cookiepath");
- print "Set-Cookie: Bugzilla_login=$userid ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
- print "Set-Cookie: Bugzilla_logincookie=$logincookie ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
+
+ $cgi->send_cookie(-name => 'Bugzilla_login',
+ -value => $userid,
+ -expires => 'Fri, 01-Jan-2038 00:00:00 GMT');
+ $cgi->send_cookie(-name => 'Bugzilla_logincookie',
+ -value => $logincookie,
+ -expires => 'Fri, 01-Jan-2038 00:00:00 GMT');
# compat code. The cookie value is used for logouts, and that
# isn't generic yet.
@@ -120,7 +124,7 @@ sub login {
if ($authres == AUTH_NODATA && $type == LOGIN_REQUIRED) {
# Throw up the login page
- print "Content-Type: text/html\n\n";
+ print Bugzilla->cgi->header();
my $template = Bugzilla->template;
$template->process("account/auth/login.html.tmpl",
@@ -152,9 +156,12 @@ sub login {
# The account may be disabled
if ($authres == AUTH_DISABLED) {
# Clear the cookie
- my $cookiepath = Param("cookiepath");
- print "Set-Cookie: Bugzilla_login= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT\n";
- print "Set-Cookie: Bugzilla_logincookie= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT\n";
+
+ $cgi->send_cookie(-name => 'Bugzilla_login',
+ -expires => "Tue, 15-Sep-1998 21:49:00 GMT");
+ $cgi->send_cookie(-name => 'Bugzilla_logincookie',
+ -expires => "Tue, 15-Sep-1998 21:49:00 GMT");
+
# and throw a user error
&::ThrowUserError("account_disabled",
{'disabled_reason' => $extra});
diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm
index 3c00ed347..e87c89a5e 100644
--- a/Bugzilla/CGI.pm
+++ b/Bugzilla/CGI.pm
@@ -23,11 +23,12 @@ use strict;
package Bugzilla::CGI;
-use CGI qw(-no_xhtml -oldstyle_urls :private_tempfiles);
+use CGI qw(-no_xhtml -oldstyle_urls :private_tempfiles :unique_headers);
use base qw(CGI);
use Bugzilla::Util;
+use Bugzilla::Config;
# We need to disable output buffering - see bug 179174
$| = 1;
@@ -44,6 +45,9 @@ sub new {
my $self = $class->SUPER::new(@args);
+ # Make sure that we don't send any charset headers
+ $self->charset('');
+
# Check for errors
# All of the Bugzilla code wants to do this, so do it here instead of
# in each script
@@ -62,20 +66,18 @@ sub new {
# multipart requests, and so should never happen unless there is a
# browser bug.
- # Using CGI.pm to do this means that ThrowCodeError prints the
- # content-type again...
- #print $self->header(-status => $err);
- print "Status: $err\n";
-
- my $vars = {};
- if ($err =~ m/(\d{3})\s(.*)/) {
- $vars->{http_error_code} = $1;
- $vars->{http_error_string} = $2;
- } else {
- $vars->{http_error_string} = $err;
- }
-
- &::ThrowCodeError("cgi_error", $vars);
+ print $self->header(-status => $err);
+
+ # ThrowCodeError wants to print the header, so it grabs Bugzilla->cgi
+ # which creates a new Bugzilla::CGI object, which fails again, which
+ # ends up here, and calls ThrowCodeError, and then recurses forever.
+ # So don't use it.
+ # In fact, we can't use templates at all, because we need a CGI object
+ # to determine the template lang as well as the current url (from the
+ # template)
+ # Since this is an internal error which indicates a severe browser bug,
+ # just die.
+ die "CGI parsing error: $err";
}
return $self;
@@ -105,6 +107,46 @@ sub canonicalise_query {
return join("&", @parameters);
}
+# CGI.pm makes this nph, but apache doesn't like that
+sub multipart_init {
+ my $self = shift;
+
+ unshift(@_, '-nph' => undef);
+
+ return $self->SUPER::multipart_init(@_);
+}
+
+sub cookie {
+ my $self = shift;
+
+ # Add the default path in, but only if we're fetching stuff
+ # (This test fails for |$cgi->cookie(-name=>'x')| which _is_ meant to
+ # fetch, but thats an ugly notation for the fetch case which we shouldn't
+ # be using)
+ unshift(@_, '-path' => Param('cookiepath')) if scalar(@_)>1;
+
+ return $self->SUPER::cookie(@_);
+}
+
+# The various parts of Bugzilla which create cookies don't want to have to
+# pass them arround to all of the callers. Instead, store them locally here,
+# and then output as required from |headers|.
+# This is done instead of just printing the result from the script, because
+# we need to use |$r->header_out| under mod_perl (which is what CGI.pm
+# does, and we need to match, plus if we don't |print| anything, we can turn
+# off mod_perl/Apache's header parsing for a small perf gain)
+sub send_cookie {
+ my $self = shift;
+
+ my $cookie = $self->cookie(@_);
+
+ # XXX - mod_perl
+ print "Set-Cookie: $cookie\r\n";
+
+ return;
+}
+
+
1;
__END__
@@ -149,4 +191,21 @@ I<Bugzilla::CGI> also includes additional functions.
This returns a sorted string of the parameters, suitable for use in a url.
Values in C<@exclude> are not included in the result.
+=item C<cookie>
+
+Identical to the CGI.pm C<cookie> routine, except that the cookie path is
+automatically added.
+
+=item C<send_cookie>
+
+This routine is identical to CGI.pm's C<cookie> routine, except that the cookie
+is sent to the browser, rather than returned. This should be used by all
+Bugzilla code (instead of C<cookie> or the C<-cookie> argument to C<header>),
+so that under mod_perl the headers can be sent correctly, using C<print> or
+the mod_perl APIs as appropriate.
+
=back
+
+=head1 SEE ALSO
+
+L<CGI|CGI>, L<CGI::Cookie|CGI::Cookie>
diff --git a/Bugzilla/Constants.pm b/Bugzilla/Constants.pm
index 5e6b5365d..a1bf74ba0 100644
--- a/Bugzilla/Constants.pm
+++ b/Bugzilla/Constants.pm
@@ -47,7 +47,8 @@ use base qw(Exporter);
LOGIN_NORMAL
LOGIN_REQUIRED
);
-
+
+@Bugzilla::Constants::EXPORT_OK = qw(contenttypes);
# CONSTANTS
#
@@ -94,4 +95,14 @@ use constant LOGIN_OPTIONAL => 0;
use constant LOGIN_NORMAL => 1;
use constant LOGIN_REQUIRED => 2;
+use constant contenttypes =>
+ {
+ "html" => "text/html" ,
+ "rdf" => "application/xml" ,
+ "xml" => "text/xml" ,
+ "js" => "application/x-javascript" ,
+ "csv" => "text/plain" ,
+ "png" => "image/png" ,
+ };
+
1;
diff --git a/Bugzilla/Error.pm b/Bugzilla/Error.pm
index 64314121a..485646274 100644
--- a/Bugzilla/Error.pm
+++ b/Bugzilla/Error.pm
@@ -39,8 +39,7 @@ sub ThrowUserError {
Bugzilla->dbh->do("UNLOCK TABLES") if $unlock_tables;
- # XXX - mod_perl
- print "Content-type: text/html\n\n" if !$::vars->{'header_done'};
+ print Bugzilla->cgi->header();
my $template = Bugzilla->template;
$template->process("global/user-error.html.tmpl", $vars)
diff --git a/Bugzilla/Flag.pm b/Bugzilla/Flag.pm
index a327f2922..f8eb8a4a4 100644
--- a/Bugzilla/Flag.pm
+++ b/Bugzilla/Flag.pm
@@ -587,7 +587,7 @@ sub notify {
my $rv =
$::template->process($template_file, $::vars, \$message);
if (!$rv) {
- print "Content-Type: text/html\n\n" unless $::vars->{'header_done'};
+ Bugzilla->cgi->header();
&::ThrowTemplateError($::template->error());
}
diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm
index 46f520b77..fde9d336b 100644
--- a/Bugzilla/User.pm
+++ b/Bugzilla/User.pm
@@ -366,7 +366,7 @@ sub match_field {
$vars->{'matches'} = $matches; # matches that were made
$vars->{'matchsuccess'} = $matchsuccess; # continue or fail
- print "Content-type: text/html\n\n";
+ print Bugzilla->cgi->header();
$::template->process("global/confirm-user-match.html.tmpl", $vars)
|| &::ThrowTemplateError($::template->error());
diff --git a/CGI.pl b/CGI.pl
index 74b81c9da..1a6d7c93a 100644
--- a/CGI.pl
+++ b/CGI.pl
@@ -59,7 +59,7 @@ if (Param("shutdownhtml") && $0 !~ m:[\\/](do)?editparams.cgi$:) {
$::vars->{'message'} = "shutdown";
# Return the appropriate HTTP response headers.
- print "Content-Type: text/html\n\n";
+ print Bugzilla->cgi->header();
# Generate and return an HTML message about the downtime.
$::template->process("global/message.html.tmpl", $::vars)
@@ -320,7 +320,7 @@ sub ThrowCodeError {
$vars->{'variables'} = $extra_vars;
}
- print "Content-type: text/html\n\n" if !$vars->{'header_done'};
+ print Bugzilla->cgi->header();
$template->process("global/code-error.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
diff --git a/attachment.cgi b/attachment.cgi
index 621477ed5..26892181f 100755
--- a/attachment.cgi
+++ b/attachment.cgi
@@ -33,7 +33,6 @@ use strict;
use lib qw(.);
use vars qw(
- $cgi
$template
$vars
);
@@ -63,6 +62,8 @@ quietly_check_login();
# to just above validateID().
my $bugid;
+my $cgi = Bugzilla->cgi;
+
################################################################################
# Main Body Execution
################################################################################
@@ -399,11 +400,12 @@ sub view
# Return the appropriate HTTP response headers.
$filename =~ s/^.*[\/\\]//;
my $filesize = length($thedata);
- print qq{Content-Type: $contenttype; name="$filename"\n};
- print qq{Content-Disposition: inline; filename=$filename\n};
- print qq{Content-Length: $filesize\n};
- print qq{\n$thedata};
+ print Bugzilla->cgi->header(-type=>"$contenttype; name=\"$filename\"",
+ -content_disposition=> "inline; filename=$filename\n",
+ -content_length => $filesize);
+
+ print $thedata;
}
@@ -450,8 +452,7 @@ sub viewall
$vars->{'bugsummary'} = $bugsummary;
$vars->{'GetBugLink'} = \&GetBugLink;
- # Return the appropriate HTTP response headers.
- print "Content-Type: text/html\n\n";
+ print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("attachment/show-multiple.html.tmpl", $vars)
@@ -495,8 +496,7 @@ sub enter
$vars->{'bugsummary'} = $bugsummary;
$vars->{'GetBugLink'} = \&GetBugLink;
- # Return the appropriate HTTP response headers.
- print "Content-Type: text/html\n\n";
+ print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("attachment/create.html.tmpl", $vars)
@@ -604,8 +604,7 @@ sub insert
$vars->{'contenttypemethod'} = $::FORM{'contenttypemethod'};
$vars->{'contenttype'} = $::FORM{'contenttype'};
- # Return the appropriate HTTP response headers.
- print "Content-Type: text/html\n\n";
+ print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("attachment/created.html.tmpl", $vars)
@@ -667,8 +666,7 @@ sub edit
$vars->{'attachments'} = \@bugattachments;
$vars->{'GetBugLink'} = \&GetBugLink;
- # Return the appropriate HTTP response headers.
- print "Content-Type: text/html\n\n";
+ print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("attachment/edit.html.tmpl", $vars)
@@ -815,8 +813,7 @@ sub update
$vars->{'attachid'} = $::FORM{'id'};
$vars->{'bugid'} = $bugid;
- # Return the appropriate HTTP response headers.
- print "Content-Type: text/html\n\n";
+ print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("attachment/updated.html.tmpl", $vars)
diff --git a/buglist.cgi b/buglist.cgi
index 4acd5d55e..06c00db93 100755
--- a/buglist.cgi
+++ b/buglist.cgi
@@ -33,7 +33,7 @@ use strict;
use lib qw(.);
-use vars qw($cgi $template $vars);
+use vars qw($template $vars);
use Bugzilla;
use Bugzilla::Search;
@@ -56,10 +56,12 @@ use vars qw($db_name
$userid
@versions);
+my $cgi = Bugzilla->cgi;
+
if (length($::buffer) == 0) {
- print "Refresh: 10; URL=query.cgi\n";
+ print $cgi->header(-refresh=> '10; URL=query.cgi');
ThrowUserError("buglist_parameters_required");
-}
+}
ConnectToDatabase();
@@ -131,8 +133,7 @@ if ($::FORM{'regetlastlist'}) {
if ($::buffer =~ /&cmd-/) {
my $url = "query.cgi?$::buffer#chart";
- print "Refresh: 0; URL=$url\n";
- print "Content-Type: text/html\n\n";
+ print $cgi->redirect(-location => $url);
# Generate and return the UI (HTML page) from the appropriate template.
$vars->{'message'} = "buglist_adding_field";
$vars->{'url'} = $url;
@@ -257,8 +258,7 @@ if ($::FORM{'cmdtype'} eq "dorem") {
}
elsif ($::FORM{'remaction'} eq "load") {
my $url = "query.cgi?" . LookupNamedQuery($::FORM{"namedcmd"});
- print "Refresh: 0; URL=$url\n";
- print "Content-Type: text/html\n\n";
+ print $cgi->redirect(-location=>$url);
# Generate and return the UI (HTML page) from the appropriate template.
$vars->{'message'} = "buglist_load_named_query";
$vars->{'namedcmd'} = $::FORM{'namedcmd'};
@@ -282,7 +282,7 @@ if ($::FORM{'cmdtype'} eq "dorem") {
$count++;
}
- print "Content-Type: text/html\n\n";
+ print $cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$vars->{'message'} = "buglist_query_gone";
$vars->{'namedcmd'} = $::FORM{'namedcmd'};
@@ -535,8 +535,8 @@ if ($order) {
if (!grep($fragment =~ /^\Q$_\E(\s+(asc|desc))?$/, @columnnames)) {
$vars->{'fragment'} = $fragment;
if ($order_from_cookie) {
- my $cookiepath = Param("cookiepath");
- print "Set-Cookie: LASTORDER= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT\n";
+ $cgi->send_cookie(-name => 'LASTORDER',
+ -expires => 'Tue, 15-Sep-1998 21:49:00 GMT');
ThrowCodeError("invalid_column_name_cookie");
}
else {
@@ -618,15 +618,15 @@ $query .= " ORDER BY $db_order " if ($order);
# Time to use server push to display an interim message to the user until
# the query completes and we can display the bug list.
if ($serverpush) {
- # Generate HTTP headers.
- print "Content-Disposition: inline; filename=$filename\n";
- print "Content-Type: multipart/x-mixed-replace;boundary=thisrandomstring\n\n";
- print "--thisrandomstring\n";
- print "Content-Type: text/html\n\n";
+ print $cgi->multipart_init(-content_disposition => "inline; filename=$filename");
+
+ print $cgi->multipart_start();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("list/server-push.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
+
+ print $cgi->multipart_end();
}
# Connect to the shadow database if this installation is using one to improve
@@ -800,39 +800,47 @@ if ($dotweak) {
# HTTP Header Generation
################################################################################
-# If we are doing server push, output a separator string.
-print "\n--thisrandomstring\n" if $serverpush;
-
# Generate HTTP headers
-# Suggest a name for the bug list if the user wants to save it as a file.
-# If we are doing server push, then we did this already in the HTTP headers
-# that started the server push, so we don't have to do it again here.
-print "Content-Disposition: inline; filename=$filename\n" unless $serverpush;
+my $contenttype;
if ($format->{'extension'} eq "html") {
my $cookiepath = Param("cookiepath");
- print "Content-Type: text/html\n";
if ($order) {
my $qorder = url_quote($order);
- print "Set-Cookie: LASTORDER=$qorder ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
+ $cgi->send_cookie(-name => 'LASTORDER',
+ -value => $qorder,
+ -expires => 'Fri, 01-Jan-2038 00:00:00 GMT');
}
my $bugids = join(":", @bugidlist);
# See also Bug 111999
if (length($bugids) < 4000) {
- print "Set-Cookie: BUGLIST=$bugids ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
+ $cgi->send_cookie(-name => 'BUGLIST',
+ -value => $bugids,
+ -expires => 'Fri, 01-Jan-2038 00:00:00 GMT');
}
else {
- print "Set-Cookie: BUGLIST= ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
+ $cgi->send_cookie(-name => 'BUGLIST',
+ -expires => 'Tue, 15-Sep-1998 21:49:00 GMT');
$vars->{'toolong'} = 1;
}
+
+ $contenttype = "text/html";
}
else {
- print "Content-Type: $format->{'ctype'}\n";
+ $contenttype = $format->{'ctype'};
}
-print "\n"; # end HTTP headers
+if ($serverpush) {
+ print $cgi->multipart_start(-type=>$contenttype);
+} else {
+ # Suggest a name for the bug list if the user wants to save it as a file.
+ # If we are doing server push, then we did this already in the HTTP headers
+ # that started the server push, so we don't have to do it again here.
+ print $cgi->header(-type => $contenttype,
+ -content_disposition => "inline; filename=$filename");
+}
################################################################################
@@ -848,4 +856,4 @@ $template->process($format->{'template'}, $vars)
# Script Conclusion
################################################################################
-print "\n--thisrandomstring--\n" if $serverpush;
+print $cgi->multipart_final() if $serverpush;
diff --git a/checksetup.pl b/checksetup.pl
index 4173c67d8..451078863 100755
--- a/checksetup.pl
+++ b/checksetup.pl
@@ -211,7 +211,7 @@ my $modules = [
},
{
name => 'CGI',
- version => '2.88'
+ version => '2.93'
},
{
name => 'Data::Dumper',
@@ -587,24 +587,6 @@ LocalVar('platforms', '
);
');
-
-
-LocalVar('contenttypes', '
-#
-# The types of content that template files can generate, indexed by file extension.
-#
-$contenttypes = {
- "html" => "text/html" ,
- "rdf" => "application/xml" ,
- "xml" => "text/xml" ,
- "js" => "application/x-javascript" ,
- "csv" => "text/plain" ,
- "png" => "image/png" ,
-};
-');
-
-
-
if ($newstuff ne "") {
print "\nThis version of Bugzilla contains some variables that you may want\n",
"to change and adapt to your local settings. Please edit the file\n",
diff --git a/colchange.cgi b/colchange.cgi
index 5e28a4622..2ff2f3fee 100755
--- a/colchange.cgi
+++ b/colchange.cgi
@@ -32,6 +32,8 @@ use vars qw(
$vars
);
+use Bugzilla;
+
require "CGI.pl";
ConnectToDatabase();
@@ -39,6 +41,8 @@ quietly_check_login();
GetVersionTable();
+my $cgi = Bugzilla->cgi;
+
# The master list not only says what fields are possible, but what order
# they get displayed in.
my @masterlist = ("opendate", "changeddate", "bug_severity", "priority",
@@ -87,12 +91,15 @@ if (defined $::FORM{'rememberedquery'}) {
}
my $list = join(" ", @collist);
my $urlbase = Param("urlbase");
- my $cookiepath = Param("cookiepath");
-
- print "Set-Cookie: COLUMNLIST=$list ; path=$cookiepath ; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
- print "Set-Cookie: SPLITHEADER=$::FORM{'splitheader'} ; path=$cookiepath ; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
- print "Refresh: 0; URL=buglist.cgi?$::FORM{'rememberedquery'}\n";
- print "Content-type: text/html\n\n";
+
+ $cgi->send_cookie(-name => 'COLUMNLIST',
+ -value => $list,
+ -expires => 'Fri, 01-Jan-2038 00:00:00 GMT');
+ $cgi->send_cookie(-name => 'SPLITHEADER',
+ -value => $::FORM{'splitheader'},
+ -expires => 'Fri, 01-Jan-2038 00:00:00 GMT');
+
+ print $cgi->redirect("buglist.cgi?$::FORM{'rememberedquery'}");
$vars->{'message'} = "change_columns";
$template->process("global/message.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
@@ -111,6 +118,6 @@ $vars->{'splitheader'} = $::COOKIE{'SPLITHEADER'} ? 1 : 0;
$vars->{'buffer'} = $::buffer;
# Generate and return the UI (HTML page) from the appropriate template.
-print "Content-type: text/html\n\n";
+print $cgi->header();
$template->process("list/change-columns.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
diff --git a/createaccount.cgi b/createaccount.cgi
index dec8e716c..cce598ac9 100755
--- a/createaccount.cgi
+++ b/createaccount.cgi
@@ -47,13 +47,16 @@ unless (Bugzilla::Auth->can_edit) {
ThrowUserError("auth_cant_create_account");
}
+my $cgi = Bugzilla->cgi;
+
# Clear out the login cookies. Make people log in again if they create an
# account; otherwise, they'll probably get confused.
-my $cookiepath = Param("cookiepath");
-print "Set-Cookie: Bugzilla_login= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT
-Set-Cookie: Bugzilla_logincookie= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT\n";
+$cgi->send_cookie(-name => 'Bugzilla_login',
+ -expires => 'Tue, 15-Sep-1998 21:49:00 GMT');
+$cgi->send_cookie(-name => 'Bugzilla_logincookie',
+ -expires => 'Tue, 15-Sep-1998 21:49:00 GMT');
-print "Content-Type: text/html\n\n";
+print $cgi->header();
my $login = $::FORM{'login'};
diff --git a/describecomponents.cgi b/describecomponents.cgi
index bdb824b82..ff7f46ac8 100755
--- a/describecomponents.cgi
+++ b/describecomponents.cgi
@@ -31,6 +31,8 @@ use strict;
use lib qw(.);
+use Bugzilla;
+
require "CGI.pl";
ConnectToDatabase();
@@ -38,6 +40,8 @@ quietly_check_login();
GetVersionTable();
+my $cgi = Bugzilla->cgi;
+
if (!defined $::FORM{'product'}) {
# Reference to a subset of %::proddesc, which the user is allowed to see
my %products;
@@ -63,7 +67,7 @@ if (!defined $::FORM{'product'}) {
$::vars->{'proddesc'} = \%products;
$::vars->{'target'} = "describecomponents.cgi";
- print "Content-type: text/html\n\n";
+ print $cgi->header();
$::template->process("global/choose-product.html.tmpl", $::vars)
|| ThrowTemplateError($::template->error());
exit;
@@ -118,7 +122,7 @@ while (MoreSQLData()) {
$::vars->{'product'} = $product;
$::vars->{'components'} = \@components;
-print "Content-type: text/html\n\n";
+print $cgi->header();
$::template->process("reports/components.html.tmpl", $::vars)
|| ThrowTemplateError($::template->error());
diff --git a/describekeywords.cgi b/describekeywords.cgi
index 0ff538b63..60c5a9fd8 100755
--- a/describekeywords.cgi
+++ b/describekeywords.cgi
@@ -24,6 +24,8 @@
use strict;
use lib ".";
+use Bugzilla;
+
require "CGI.pl";
# Use the global template variables.
@@ -33,6 +35,8 @@ ConnectToDatabase();
quietly_check_login();
+my $cgi = Bugzilla->cgi;
+
SendSQL("SELECT keyworddefs.name, keyworddefs.description,
COUNT(keywords.bug_id)
FROM keyworddefs LEFT JOIN keywords ON keyworddefs.id=keywords.keywordid
@@ -52,6 +56,6 @@ while (MoreSQLData()) {
$vars->{'keywords'} = \@keywords;
$vars->{'caneditkeywords'} = UserInGroup("editkeywords");
-print "Content-type: text/html\n\n";
+print Bugzilla->cgi->header();
$template->process("reports/keywords.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
diff --git a/doeditparams.cgi b/doeditparams.cgi
index 48c39bc7a..cba06dd29 100755
--- a/doeditparams.cgi
+++ b/doeditparams.cgi
@@ -25,6 +25,7 @@ use strict;
use lib qw(.);
+use Bugzilla;
use Bugzilla::Config qw(:DEFAULT :admin);
require "CGI.pl";
@@ -34,7 +35,9 @@ use vars %::MFORM;
ConnectToDatabase();
confirm_login();
-print "Content-type: text/html\n\n";
+my $cgi = Bugzilla->cgi;
+
+print $cgi->header();
if (!UserInGroup("tweakparams")) {
print "<H1>Sorry, you aren't a member of the 'tweakparams' group.</H1>\n";
diff --git a/duplicates.cgi b/duplicates.cgi
index dc65ef502..27333cbab 100755
--- a/duplicates.cgi
+++ b/duplicates.cgi
@@ -36,15 +36,18 @@ use vars qw($buffer);
use Bugzilla;
use Bugzilla::Search;
-use Bugzilla::CGI;
+
+my $cgi = Bugzilla->cgi;
# Go directly to the XUL version of the duplicates report (duplicates.xul)
# if the user specified ctype=xul. Adds params if they exist, and directs
# the user to a signed copy of the script in duplicates.jar if it exists.
if ($::FORM{'ctype'} && $::FORM{'ctype'} eq "xul") {
my $params = CanonicaliseParams($::buffer, ["format", "ctype"]);
- print "Location: " . (-e "duplicates.jar" ? "duplicates.jar!/" : "") .
+ my $url = (-e "duplicates.jar" ? "duplicates.jar!/" : "") .
"duplicates.xul" . ($params ? "?$params" : "") . "\n\n";
+
+ print $cgi->redirect($url);
exit;
}
@@ -261,8 +264,8 @@ $vars->{'products'} = \@::legal_product;
my $format =
GetFormat("reports/duplicates", $::FORM{'format'}, $::FORM{'ctype'});
-
-print "Content-Type: $format->{'ctype'}\n\n";
+
+print $cgi->header($format->{'ctype'});
# Generate and return the UI (HTML page) from the appropriate template.
$template->process($format->{'template'}, $vars)
diff --git a/editcomponents.cgi b/editcomponents.cgi
index 35c6426b2..74e0debe8 100755
--- a/editcomponents.cgi
+++ b/editcomponents.cgi
@@ -191,7 +191,7 @@ sub PutTrailer (@)
ConnectToDatabase();
confirm_login();
-print "Content-type: text/html\n\n";
+print Bugzilla->cgi->header();
unless (UserInGroup("editcomponents")) {
PutHeader("Not allowed");
diff --git a/editflagtypes.cgi b/editflagtypes.cgi
index d7794ff93..711828b6a 100755
--- a/editflagtypes.cgi
+++ b/editflagtypes.cgi
@@ -35,6 +35,7 @@ require "CGI.pl";
ConnectToDatabase();
# Use Bugzilla's flag modules for handling flag types.
+use Bugzilla;
use Bugzilla::Flag;
use Bugzilla::FlagType;
@@ -94,7 +95,7 @@ sub list {
Bugzilla::FlagType::match({ 'target_type' => 'attachment' }, 1);
# Return the appropriate HTTP response headers.
- print "Content-type: text/html\n\n";
+ print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("admin/flag-type/list.html.tmpl", $vars)
@@ -138,7 +139,7 @@ sub edit {
}
# Return the appropriate HTTP response headers.
- print "Content-type: text/html\n\n";
+ print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("admin/flag-type/edit.html.tmpl", $vars)
@@ -189,7 +190,7 @@ sub processCategoryChange {
$vars->{'type'} = $type;
# Return the appropriate HTTP response headers.
- print "Content-type: text/html\n\n";
+ print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("admin/flag-type/edit.html.tmpl", $vars)
@@ -246,7 +247,7 @@ sub insert {
$vars->{'message'} = "flag_type_created";
# Return the appropriate HTTP response headers.
- print "Content-type: text/html\n\n";
+ print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("global/message.html.tmpl", $vars)
@@ -328,7 +329,7 @@ sub update {
$vars->{'message'} = "flag_type_changes_saved";
# Return the appropriate HTTP response headers.
- print "Content-type: text/html\n\n";
+ print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("global/message.html.tmpl", $vars)
@@ -348,7 +349,7 @@ sub confirmDelete
$vars->{'flag_count'} = scalar($count);
# Return the appropriate HTTP response headers.
- print "Content-type: text/html\n\n";
+ print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("admin/flag-type/confirm-delete.html.tmpl", $vars)
@@ -380,7 +381,7 @@ sub delete {
$vars->{'message'} = "flag_type_deleted";
# Return the appropriate HTTP response headers.
- print "Content-type: text/html\n\n";
+ print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("global/message.html.tmpl", $vars)
@@ -400,7 +401,7 @@ sub deactivate {
$vars->{'flag_type'} = Bugzilla::FlagType::get($::FORM{'id'});
# Return the appropriate HTTP response headers.
- print "Content-type: text/html\n\n";
+ print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("global/message.html.tmpl", $vars)
diff --git a/editgroups.cgi b/editgroups.cgi
index ca653b77a..a283d0501 100755
--- a/editgroups.cgi
+++ b/editgroups.cgi
@@ -33,7 +33,7 @@ require "CGI.pl";
ConnectToDatabase();
confirm_login();
-print "Content-type: text/html\n\n";
+print Bugzilla->cgi->header();
if (!UserInGroup("creategroups")) {
PutHeader("Not Authorized","Edit Groups","","Not Authorized for this function!");
diff --git a/editkeywords.cgi b/editkeywords.cgi
index 4d11a4aae..8ef11aee0 100755
--- a/editkeywords.cgi
+++ b/editkeywords.cgi
@@ -110,7 +110,7 @@ sub Validate ($$) {
ConnectToDatabase();
confirm_login();
-print "Content-type: text/html\n\n";
+print Bugzilla->cgi->header();
unless (UserInGroup("editkeywords")) {
PutHeader("Not allowed");
diff --git a/editmilestones.cgi b/editmilestones.cgi
index 1fd600900..504a36e7c 100755
--- a/editmilestones.cgi
+++ b/editmilestones.cgi
@@ -148,7 +148,7 @@ sub PutTrailer (@)
ConnectToDatabase();
confirm_login();
-print "Content-type: text/html\n\n";
+print Bugzilla->cgi->header();
unless (UserInGroup("editcomponents")) {
PutHeader("Not allowed");
diff --git a/editparams.cgi b/editparams.cgi
index 89099823f..dd61e9543 100755
--- a/editparams.cgi
+++ b/editparams.cgi
@@ -32,7 +32,7 @@ require "CGI.pl";
ConnectToDatabase();
confirm_login();
-print "Content-type: text/html\n\n";
+print Bugzilla->cgi->header();
if (!UserInGroup("tweakparams")) {
print "<H1>Sorry, you aren't a member of the 'tweakparams' group.</H1>\n";
diff --git a/editproducts.cgi b/editproducts.cgi
index 147fbbc38..423f028fe 100755
--- a/editproducts.cgi
+++ b/editproducts.cgi
@@ -178,7 +178,7 @@ sub PutTrailer (@)
ConnectToDatabase();
confirm_login();
-print "Content-type: text/html\n\n";
+print Bugzilla->cgi->header();
unless (UserInGroup("editcomponents")) {
PutHeader("Not allowed");
diff --git a/editusers.cgi b/editusers.cgi
index 143e87442..b0e6d621c 100755
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -236,7 +236,7 @@ sub PutTrailer (@)
ConnectToDatabase();
confirm_login();
-print "Content-type: text/html\n\n";
+print Bugzilla->cgi->header();
$editall = UserInGroup("editusers");
diff --git a/editversions.cgi b/editversions.cgi
index a1bd3e4e4..d47ec5d76 100755
--- a/editversions.cgi
+++ b/editversions.cgi
@@ -157,7 +157,7 @@ sub PutTrailer (@)
ConnectToDatabase();
confirm_login();
-print "Content-type: text/html\n\n";
+print Bugzilla->cgi->header();
unless (UserInGroup("editcomponents")) {
PutHeader("Not allowed");
diff --git a/enter_bug.cgi b/enter_bug.cgi
index 8f736ff03..6a859264b 100755
--- a/enter_bug.cgi
+++ b/enter_bug.cgi
@@ -36,6 +36,7 @@ use strict;
use lib qw(.);
+use Bugzilla;
use Bugzilla::Constants;
require "CGI.pl";
@@ -65,6 +66,8 @@ ConnectToDatabase();
# user is right from the start.
confirm_login() if AnyEntryGroups();
+my $cgi = Bugzilla->cgi;
+
if (!defined $::FORM{'product'}) {
GetVersionTable();
quietly_check_login();
@@ -88,7 +91,7 @@ if (!defined $::FORM{'product'}) {
$vars->{'target'} = "enter_bug.cgi";
$vars->{'format'} = $::FORM{'format'};
- print "Content-type: text/html\n\n";
+ print $cgi->header();
$template->process("global/choose-product.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
exit;
@@ -364,7 +367,7 @@ $vars->{'use_keywords'} = 1 if (@::legal_keywords);
my $format =
GetFormat("bug/create/create", $::FORM{'format'}, $::FORM{'ctype'});
-print "Content-type: $format->{'ctype'}\n\n";
+print $cgi->header($format->{'ctype'});
$template->process($format->{'template'}, $vars)
|| ThrowTemplateError($template->error());
diff --git a/globals.pl b/globals.pl
index 88c8720e8..1c1ee075a 100644
--- a/globals.pl
+++ b/globals.pl
@@ -40,7 +40,6 @@ use Bugzilla::Config qw(:DEFAULT ChmodDataFile);
sub globals_pl_sillyness {
my $zz;
$zz = @main::SqlStateStack;
- $zz = $main::contenttypes;
$zz = @main::default_column_list;
$zz = $main::defaultqueryname;
$zz = @main::enterable_products;
@@ -1536,7 +1535,7 @@ sub GetFormat {
{
'template' => $template ,
'extension' => $ctype ,
- 'ctype' => $::contenttypes->{$ctype} ,
+ 'ctype' => Bugzilla::Constants::contenttypes->{$ctype} ,
};
}
diff --git a/importxml.pl b/importxml.pl
index 40182c954..afc02faa9 100755
--- a/importxml.pl
+++ b/importxml.pl
@@ -59,6 +59,8 @@ BEGIN {
chdir $::path;
use lib ($::path);
+use Bugzilla;
+
use XML::Parser;
use Data::Dumper;
$Data::Dumper::Useqq = 1;
@@ -136,7 +138,7 @@ sub Lock {
open(LOCKFID, ">>data/maillock") || die "Can't open data/maillock: $!";
my $val = flock(LOCKFID,2);
if (!$val) { # '2' is magic 'exclusive lock' const.
- print "Content-type: text/html\n\n";
+ print Bugzilla->cgi->header();
print "Lock failed: $val\n";
}
chmod 0666, "data/maillock";
diff --git a/index.cgi b/index.cgi
index 1bdaa5351..f617965d3 100755
--- a/index.cgi
+++ b/index.cgi
@@ -51,10 +51,12 @@ quietly_check_login('permit_anonymous');
# Main Body Execution
###############################################################################
+my $cgi = Bugzilla->cgi;
+
$vars->{'username'} = $::COOKIE{'Bugzilla_login'} || '';
# Return the appropriate HTTP response headers.
-print "Content-Type: text/html\n\n";
+print $cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("index.html.tmpl", $vars)
diff --git a/long_list.cgi b/long_list.cgi
index 4c787a34e..08bc6679f 100755
--- a/long_list.cgi
+++ b/long_list.cgi
@@ -24,6 +24,8 @@
use strict;
use lib qw(.);
+use Bugzilla;
+
require "CGI.pl";
use vars qw($userid @legal_keywords %FORM);
@@ -37,6 +39,8 @@ quietly_check_login();
GetVersionTable();
+my $cgi = Bugzilla->cgi;
+
my $generic_query = "
SELECT
bugs.bug_id,
@@ -116,8 +120,7 @@ my @time = localtime(time());
my $date = sprintf "%04d-%02d-%02d", 1900+$time[5],$time[4]+1,$time[3];
my $filename = "bugs-$date.html";
-print "Content-Type: text/html\n";
-print "Content-Disposition: inline; filename=$filename\n\n";
+print $cgi->header(-content_disposition => "inline; filename=$filename");
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("bug/show-multiple.html.tmpl", $vars)
diff --git a/move.pl b/move.pl
index fa34e758d..34c06f720 100755
--- a/move.pl
+++ b/move.pl
@@ -31,6 +31,7 @@ require "CGI.pl";
use vars qw($template $userid %COOKIE);
use Bug;
+use Bugzilla;
use Bugzilla::BugMail;
$::lockcount = 0;
@@ -44,6 +45,8 @@ unless ( Param("move-enabled") ) {
ConnectToDatabase();
confirm_login();
+my $cgi = Bugzilla->cgi;
+
sub Log {
my ($str) = (@_);
Lock();
@@ -59,7 +62,7 @@ sub Lock {
open(LOCKFID, ">>data/maillock") || die "Can't open data/maillock: $!";
my $val = flock(LOCKFID,2);
if (!$val) { # '2' is magic 'exclusive lock' const.
- print "Content-type: text/html\n\n";
+ print $cgi->header();
print "Lock failed: $val\n";
}
chmod 0666, "data/maillock";
@@ -76,7 +79,7 @@ sub Unlock {
}
if ( !defined $::FORM{'buglist'} ) {
- print "Content-type: text/html\n\n";
+ print $cgi->header();
PutHeader("Move Bugs");
print "Move bugs either from the bug display page or perform a ";
print "<A HREF=\"query.cgi\">query</A> and change several bugs at once.\n";
@@ -91,7 +94,7 @@ my $movers = Param("movers");
$movers =~ s/\s?,\s?/|/g;
$movers =~ s/@/\@/g;
unless ($exporter =~ /($movers)/) {
- print "Content-type: text/html\n\n";
+ print $cgi->header();
PutHeader("Move Bugs");
print "<P>You do not have permission to move bugs<P>\n";
PutFooter();
diff --git a/page.cgi b/page.cgi
index 48fafb380..2b229e0b6 100755
--- a/page.cgi
+++ b/page.cgi
@@ -31,6 +31,9 @@
use strict;
use lib ".";
+
+use Bugzilla;
+
require "CGI.pl";
use vars qw($template $vars);
@@ -39,6 +42,8 @@ ConnectToDatabase();
quietly_check_login();
+my $cgi = Bugzilla->cgi;
+
if ($::FORM{'id'}) {
# Remove all dodgy chars, and split into name and ctype.
$::FORM{'id'} =~ s/[^\w\-\.]//g;
@@ -47,8 +52,8 @@ if ($::FORM{'id'}) {
my $format = GetFormat($1, undef, $2);
$vars->{'form'} = \%::FORM;
-
- print "Content-Type: $format->{'ctype'}\n\n";
+
+ print $cgi->header($format->{'ctype'});
$template->process("pages/$format->{'template'}", $vars)
|| ThrowTemplateError($template->error());
diff --git a/post_bug.cgi b/post_bug.cgi
index 37a43afb4..76d86fe58 100755
--- a/post_bug.cgi
+++ b/post_bug.cgi
@@ -26,6 +26,7 @@
use strict;
use lib qw(.);
+use Bugzilla;
use Bugzilla::Constants;
require "CGI.pl";
@@ -55,6 +56,8 @@ use vars qw($vars $template);
ConnectToDatabase();
my $whoid = confirm_login();
+my $cgi = Bugzilla->cgi;
+
# do a match on the fields if applicable
&Bugzilla::User::match_field ({
@@ -85,16 +88,17 @@ if (!$product_id) {
# Set cookies
my $cookiepath = Param("cookiepath");
if (exists $::FORM{'product'}) {
- if (exists $::FORM{'version'}) {
- print "Set-Cookie: VERSION-$product=$::FORM{'version'} ; " .
- "path=$cookiepath ; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
+ if (exists $::FORM{'version'}) {
+ $cgi->send_cookie(-name => "VERSION-$product",
+ -value => $cgi->param('version'),
+ -expires => "Fri, 01-Jan-2038 00:00:00 GMT");
}
}
if (defined $::FORM{'maketemplate'}) {
$vars->{'url'} = $::buffer;
- print "Content-type: text/html\n\n";
+ print $cgi->header();
$template->process("bug/create/make-template.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
exit;
@@ -491,7 +495,7 @@ if ($::COOKIE{"BUGLIST"}) {
}
$vars->{'bug_list'} = \@bug_list;
-print "Content-type: text/html\n\n";
+print $cgi->header();
$template->process("bug/create/created.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
diff --git a/process_bug.cgi b/process_bug.cgi
index 83d601d33..b9414d534 100755
--- a/process_bug.cgi
+++ b/process_bug.cgi
@@ -31,6 +31,7 @@ my $UserInCanConfirmGroupSet = -1;
use lib qw(.);
+use Bugzilla;
use Bugzilla::Constants;
require "CGI.pl";
@@ -58,6 +59,8 @@ use vars qw(%versions
ConnectToDatabase();
my $whoid = confirm_login();
+my $cgi = Bugzilla->cgi;
+
my $requiremilestone = 0;
use vars qw($template $vars);
@@ -143,7 +146,7 @@ foreach my $field ("dependson", "blocked") {
# End Data/Security Validation
######################################################################
-print "Content-type: text/html\n\n";
+print $cgi->header();
$vars->{'title_tag'} = "bug_processed";
# Set the title if we can see a mid-air coming. This test may have false
@@ -493,7 +496,7 @@ sub DuplicateUserConfirm {
# Confirm whether or not to add the reporter to the cc: list
# of the original bug (the one this bug is being duped against).
- print "Content-type: text/html\n\n";
+ print Bugzilla->cgi->header();
$template->process("bug/process/confirm-duplicate.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
exit;
diff --git a/query.cgi b/query.cgi
index 470e3dfbd..b9fb9f794 100755
--- a/query.cgi
+++ b/query.cgi
@@ -50,6 +50,9 @@ use vars qw(
);
ConnectToDatabase();
+
+my $cgi = Bugzilla->cgi;
+
my $userid = 0;
if (defined $::FORM{"GoAheadAndLogIn"}) {
# We got here from a login page, probably from relogin.cgi. We better
@@ -87,8 +90,8 @@ if ($userid) {
"($userid, $qname, " . SqlQuote($value) . ")");
}
}
- print "Set-Cookie: $cookiename= ; path=" . Param("cookiepath") .
- "; expires=Sun, 30-Jun-1980 00:00:00 GMT\n";
+ $cgi->send_cookie(-name => $cookiename,
+ -expires => "Fri, 01-Jan-2038 00:00:00 GMT");
}
}
}
@@ -398,6 +401,8 @@ $vars->{'format'} = $::FORM{'format'};
my $format = GetFormat("search/search",
$::FORM{'query_format'} || $::FORM{'format'},
$::FORM{'ctype'});
-print "Content-Type: $format->{'ctype'}\n\n";
+
+print $cgi->header($format->{'ctype'});
+
$template->process($format->{'template'}, $vars)
|| ThrowTemplateError($template->error());
diff --git a/queryhelp.cgi b/queryhelp.cgi
index 175605d9a..a4aff1d07 100755
--- a/queryhelp.cgi
+++ b/queryhelp.cgi
@@ -35,7 +35,7 @@ quietly_check_login();
GetVersionTable();
-print "Content-type: text/html\n\n";
+print Bugzilla->cgi->header();
my $product = $::FORM{'product'};
diff --git a/quips.cgi b/quips.cgi
index 02109fcda..4559e7b91 100755
--- a/quips.cgi
+++ b/quips.cgi
@@ -39,6 +39,8 @@ require "CGI.pl";
ConnectToDatabase();
confirm_login();
+my $cgi = Bugzilla->cgi;
+
if (Param('enablequips') eq "off") {
ThrowUserError("quips_disabled");
}
@@ -129,6 +131,6 @@ if ($action eq "delete") {
SendSQL("DELETE FROM quips WHERE quipid = $quipid");
}
-print "Content-type: text/html\n\n";
+print $cgi->header();
$template->process("list/quips.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
diff --git a/relogin.cgi b/relogin.cgi
index c0182de49..d2ce053a5 100755
--- a/relogin.cgi
+++ b/relogin.cgi
@@ -37,6 +37,8 @@ require "CGI.pl";
ConnectToDatabase();
quietly_check_login();
+my $cgi = Bugzilla->cgi;
+
if ($::userid) {
# Even though we know the userid must match, we still check it in the
# SQL as a sanity check, since there is no locking here, and if
@@ -49,17 +51,17 @@ if ($::userid) {
"AND userid = $::userid");
}
-my $cookiepath = Param("cookiepath");
-print "Set-Cookie: Bugzilla_login= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT
-Set-Cookie: Bugzilla_logincookie= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT
-";
+$cgi->send_cookie(-name => "Bugzilla_login",
+ -expires => "Tue, 15-Sep-1998 21:49:00 GMT");
+$cgi->send_cookie(-name => "Bugzilla_logincookie",
+ -expires => "Tue, 15-Sep-1998 21:49:00 GMT");
delete $::COOKIE{"Bugzilla_login"};
-$vars->{'message'} = "logged_out";
+$vars->{'message'} = "logged_out";
$vars->{'user'} = {};
-print "Content-Type: text/html\n\n";
+print $cgi->header();
$template->process("global/message.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
diff --git a/report.cgi b/report.cgi
index d3cde688d..de659ab25 100755
--- a/report.cgi
+++ b/report.cgi
@@ -26,15 +26,19 @@ use lib ".";
require "CGI.pl";
-use vars qw($cgi $template $vars);
+use vars qw($template $vars);
use Bugzilla;
+my $cgi = Bugzilla->cgi;
+
# Go straight back to query.cgi if we are adding a boolean chart.
if (grep(/^cmd-/, $cgi->param())) {
my $params = $cgi->canonicalise_query("format", "ctype");
- print "Location: query.cgi?format=" . $cgi->param('query_format') .
- ($params ? "&$params" : "") . "\n\n";
+ my $location = "query.cgi?format=" . $cgi->param('query_format') .
+ ($params ? "&$params" : "") . "\n\n";
+
+ print $cgi->redirect($location);
exit;
}
@@ -52,7 +56,7 @@ my $action = $cgi->param('action') || 'menu';
if ($action eq "menu") {
# No need to do any searching in this case, so bail out early.
- print "Content-Type: text/html\n\n";
+ print $cgi->header();
$template->process("reports/menu.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
exit;
@@ -276,8 +280,8 @@ $format->{'ctype'} = "text/html" if $::FORM{'debug'};
my @time = localtime(time());
my $date = sprintf "%04d-%02d-%02d", 1900+$time[5],$time[4]+1,$time[3];
my $filename = "report-$date.$format->{extension}";
-print "Content-Disposition: inline; filename=$filename\n";
-print "Content-Type: $format->{'ctype'}\n\n";
+print $cgi->header(-type => $format->{'ctype'},
+ -content_disposition => "inline; filename=$filename");
# Problems with this CGI are often due to malformed data. Setting debug=1
# prints out both data structures.
diff --git a/reports.cgi b/reports.cgi
index d3b1d9431..71ecf6c31 100755
--- a/reports.cgi
+++ b/reports.cgi
@@ -62,6 +62,8 @@ GetVersionTable();
Bugzilla->switch_to_shadow_db();
+my $cgi = Bugzilla->cgi;
+
# We only want those products that the user has permissions for.
my @myproducts;
push( @myproducts, "-All-");
@@ -69,7 +71,7 @@ push( @myproducts, GetSelectableProducts());
if (! defined $FORM{'product'}) {
- print "Content-type: text/html\n\n";
+ print $cgi->header();
PutHeader("Bug Charts");
choose_product(@myproducts);
PutFooter();
@@ -93,10 +95,7 @@ if (! defined $FORM{'product'}) {
# This means that is OK to detaint
trick_taint($FORM{'product'});
- # Output appropriate HTTP response headers
- print "Content-type: text/html\n";
- # Changing attachment to inline to resolve 46897 - zach@zachlipton.com
- print "Content-disposition: inline; filename=bugzilla_report.html\n\n";
+ print $cgi->header(-Content_Disposition=>'inline; filename=bugzilla_report.html');
PutHeader("Bug Charts");
diff --git a/request.cgi b/request.cgi
index 790916359..ae137959d 100755
--- a/request.cgi
+++ b/request.cgi
@@ -266,7 +266,7 @@ sub queue {
$vars->{'types'} = \@types;
# Return the appropriate HTTP response headers.
- print "Content-type: text/html\n\n";
+ print Bugzilla->cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
$template->process("request/queue.html.tmpl", $vars)
diff --git a/show_activity.cgi b/show_activity.cgi
index c748c3df7..8c636ea0b 100755
--- a/show_activity.cgi
+++ b/show_activity.cgi
@@ -51,7 +51,7 @@ ValidateBugID($::FORM{'id'});
$vars->{'bug_id'} = $::FORM{'id'};
-print "Content-type: text/html\n\n";
+print Bugzilla->cgi->header();
$template->process("bug/activity/show.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
diff --git a/show_bug.cgi b/show_bug.cgi
index c4c05f42c..711b7201b 100755
--- a/show_bug.cgi
+++ b/show_bug.cgi
@@ -24,14 +24,18 @@ use strict;
use lib qw(.);
+use Bugzilla;
+
require "CGI.pl";
ConnectToDatabase();
-use vars qw($cgi $template $vars $userid);
+use vars qw($template $vars $userid);
use Bug;
+my $cgi = Bugzilla->cgi;
+
if ($::FORM{'GoAheadAndLogIn'}) {
confirm_login();
} else {
@@ -44,7 +48,7 @@ my $single = !$cgi->param('format')
# If we don't have an ID, _AND_ we're only doing a single bug, then prompt
if (!defined $cgi->param('id') && $single) {
- print "Content-type: text/html\n\n";
+ print Bugzilla->cgi->header();
$template->process("bug/choose.html.tmpl", $vars) ||
ThrowTemplateError($template->error());
exit;
@@ -100,6 +104,7 @@ foreach ($cgi->param("excludefield")) {
$vars->{'displayfields'} = \%displayfields;
-print "Content-type: $format->{'ctype'}\n\n";
+print $cgi->header($format->{'ctype'});
+
$template->process("$format->{'template'}", $vars)
|| ThrowTemplateError($template->error());
diff --git a/showattachment.cgi b/showattachment.cgi
index bfe9ef988..82fc1ba9a 100755
--- a/showattachment.cgi
+++ b/showattachment.cgi
@@ -25,12 +25,16 @@ use strict;
use lib qw(.);
-require "CGI.pl";
+use Bugzilla;
+use Bugzilla::Util;
+
+my $cgi = Bugzilla->cgi;
+
+my $id = $cgi->param('attach_id');
+detaint_natural($id) if defined $id;
+$id ||= "";
+
+print $cgi->redirect(-location=>"attachment.cgi?id=$id&action=view",
+ -status=>'301 Permanent Redirect');
-# Redirect to the new interface for displaying attachments.
-detaint_natural($::FORM{'attach_id'}) if defined($::FORM{'attach_id'});
-my $id = $::FORM{'attach_id'} || "";
-print "Status: 301 Permanent Redirect\n";
-print "Location: attachment.cgi?id=$id&action=view\n\n";
exit;
-
diff --git a/showdependencygraph.cgi b/showdependencygraph.cgi
index 61278b5f3..b035abad4 100755
--- a/showdependencygraph.cgi
+++ b/showdependencygraph.cgi
@@ -26,6 +26,7 @@ use strict;
use lib qw(.);
use File::Temp;
+use Bugzilla;
require "CGI.pl";
@@ -33,6 +34,8 @@ ConnectToDatabase();
quietly_check_login();
+my $cgi = Bugzilla->cgi;
+
# Connect to the shadow database if this installation is using one to improve
# performance.
Bugzilla->switch_to_shadow_db();
@@ -228,6 +231,6 @@ $vars->{'rankdir'} = $::FORM{'rankdir'};
$vars->{'showsummary'} = $::FORM{'showsummary'};
# Generate and return the UI (HTML page) from the appropriate template.
-print "Content-type: text/html\n\n";
+print $cgi->header();
$template->process("bug/dependency-graph.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
diff --git a/showdependencytree.cgi b/showdependencytree.cgi
index 9149296b7..d9f642a3e 100755
--- a/showdependencytree.cgi
+++ b/showdependencytree.cgi
@@ -37,6 +37,8 @@ ConnectToDatabase();
quietly_check_login();
+my $cgi = Bugzilla->cgi;
+
# Connect to the shadow database if this installation is using one to improve
# performance.
Bugzilla->switch_to_shadow_db();
@@ -95,7 +97,7 @@ $vars->{'maxdepth'} = $maxdepth;
$vars->{'hide_resolved'} = $hide_resolved;
$vars->{'canedit'} = UserInGroup("editbugs");
-print "Content-Type: text/html\n\n";
+print $cgi->header();
$template->process("bug/dependency-tree.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
diff --git a/sidebar.cgi b/sidebar.cgi
index 7a054abc2..83c89c29c 100755
--- a/sidebar.cgi
+++ b/sidebar.cgi
@@ -29,6 +29,8 @@ use vars qw(
ConnectToDatabase();
quietly_check_login();
+my $cgi = Bugzilla->cgi;
+
###############################################################################
# Main Body Execution
###############################################################################
@@ -63,13 +65,10 @@ if (defined $::COOKIE{'Bugzilla_login'}) {
my $useragent = $ENV{HTTP_USER_AGENT};
if ($useragent =~ m:Mozilla/([1-9][0-9]*):i && $1 >= 5 && $useragent !~ m/compatible/i) {
- print "Content-type: application/vnd.mozilla.xul+xml\n\n";
+ print $cgi->header("application/vnd.mozilla.xul+xml");
# Generate and return the XUL from the appropriate template.
$template->process("sidebar.xul.tmpl", $vars)
|| ThrowTemplateError($template->error());
} else {
ThrowUserError("sidebar_supports_mozilla_only");
}
-
-
-
diff --git a/template/en/default/global/code-error.html.tmpl b/template/en/default/global/code-error.html.tmpl
index 92836f4db..68f046091 100644
--- a/template/en/default/global/code-error.html.tmpl
+++ b/template/en/default/global/code-error.html.tmpl
@@ -61,11 +61,6 @@
[% ELSIF error == "bug_error" %]
Trying to retrieve bug [% bug.bug_id %] returned the error
[% bug.error FILTER html %]
-
- [% ELSIF error == "cgi_error" %]
- [% title = "CGI Error" %]
- Bugzilla has had trouble interpreting your CGI request;
- [%+ Param('browserbugmessage') %]
[% ELSIF error == "chart_data_not_generated" %]
The tool which gathers bug counts has not been run yet.
diff --git a/token.cgi b/token.cgi
index afe6d0361..7f7299a57 100755
--- a/token.cgi
+++ b/token.cgi
@@ -31,6 +31,8 @@ use lib qw(.);
use vars qw($template $vars);
+use Bugzilla;
+
# Include the Bugzilla CGI and general utility library.
require "CGI.pl";
@@ -156,7 +158,7 @@ sub requestChangePassword {
$vars->{'message'} = "password_change_request";
- print "Content-Type: text/html\n\n";
+ print Bugzilla->cgi->header();
$template->process("global/message.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
}
@@ -164,7 +166,7 @@ sub requestChangePassword {
sub confirmChangePassword {
$vars->{'token'} = $::token;
- print "Content-Type: text/html\n\n";
+ print Bugzilla->cgi->header();
$template->process("account/password/set-forgotten-password.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
}
@@ -173,7 +175,7 @@ sub cancelChangePassword {
$vars->{'message'} = "password_change_canceled";
Token::Cancel($::token, $vars->{'message'});
- print "Content-Type: text/html\n\n";
+ print Bugzilla->cgi->header();
$template->process("global/message.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
}
@@ -200,14 +202,14 @@ sub changePassword {
$vars->{'message'} = "password_changed";
- print "Content-Type: text/html\n\n";
+ print Bugzilla->cgi->header();
$template->process("global/message.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
}
sub confirmChangeEmail {
# Return HTTP response headers.
- print "Content-Type: text/html\n\n";
+ print Bugzilla->cgi->header();
$vars->{'token'} = $::token;
@@ -249,7 +251,7 @@ sub changeEmail {
DeriveGroup($userid);
# Return HTTP response headers.
- print "Content-Type: text/html\n\n";
+ print Bugzilla->cgi->header();
# Let the user know their email address has been changed.
@@ -300,7 +302,7 @@ sub cancelChangeEmail {
SendSQL("UNLOCK TABLES");
# Return HTTP response headers.
- print "Content-Type: text/html\n\n";
+ print Bugzilla->cgi->header();
$template->process("global/message.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
diff --git a/userprefs.cgi b/userprefs.cgi
index fa340f50f..206a115a9 100755
--- a/userprefs.cgi
+++ b/userprefs.cgi
@@ -24,6 +24,8 @@ use strict;
use lib qw(.);
+use Bugzilla;
+
require "CGI.pl";
use RelationSet;
@@ -354,6 +356,8 @@ confirm_login();
GetVersionTable();
+my $cgi = Bugzilla->cgi;
+
$vars->{'login'} = $::COOKIE{'Bugzilla_login'};
$vars->{'changes_saved'} = $::FORM{'dosave'};
@@ -390,7 +394,7 @@ SWITCH: for ($current_tab_name) {
}
# Generate and return the UI (HTML page) from the appropriate template.
-print "Content-type: text/html\n\n";
+print $cgi->header();
$template->process("account/prefs/prefs.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
diff --git a/votes.cgi b/votes.cgi
index e386d5422..aa2352f4a 100755
--- a/votes.cgi
+++ b/votes.cgi
@@ -26,14 +26,17 @@
use strict;
use lib ".";
-require "CGI.pl";
+use Bugzilla;
+require "CGI.pl";
# Use global template variables
use vars qw($template $vars);
ConnectToDatabase();
+my $cgi = Bugzilla->cgi;
+
# If the action is show_bug, you need a bug_id.
# If the action is show_user, you can supply a userid to show the votes for
# another user, otherwise you see your own.
@@ -86,6 +89,8 @@ exit;
# Display the names of all the people voting for this one bug.
sub show_bug {
+ my $cgi = Bugzilla->cgi;
+
my $bug_id = $::FORM{'bug_id'}
|| ThrowCodeError("missing_bug_id");
@@ -107,7 +112,7 @@ sub show_bug {
$vars->{'users'} = \@users;
$vars->{'total'} = $total;
- print "Content-type: text/html\n\n";
+ print $cgi->header();
$template->process("bug/votes/list-for-bug.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
}
@@ -117,6 +122,8 @@ sub show_bug {
sub show_user {
GetVersionTable();
+ my $cgi = Bugzilla->cgi;
+
# If a bug_id is given, and we're editing, we'll add it to the votes list.
my $bug_id = $::FORM{'bug_id'} || "";
@@ -213,7 +220,7 @@ sub show_user {
$vars->{'voting_user'} = { "login" => $name };
$vars->{'products'} = \@products;
- print "Content-type: text/html\n\n";
+ print $cgi->header();
$template->process("bug/votes/list-for-user.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
}
@@ -224,6 +231,8 @@ sub record_votes {
# Begin Data/Security Validation
############################################################################
+ my $cgi = Bugzilla->cgi;
+
# Build a list of bug IDs for which votes have been submitted. Votes
# are submitted in form fields in which the field names are the bug
# IDs and the field values are the number of votes.
@@ -233,13 +242,13 @@ sub record_votes {
# that their votes will get nuked if they continue.
if (scalar(@buglist) == 0) {
if (!defined($::FORM{'delete_all_votes'})) {
- print "Content-type: text/html\n\n";
+ print $cgi->header();
$template->process("bug/votes/delete-all.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
exit();
}
elsif ($::FORM{'delete_all_votes'} == 0) {
- print "Location: votes.cgi\n\n";
+ print $cgi->redirect("votes.cgi");
exit();
}
}