Checking milestone validity to detaint it

Barns ycombarnous at
Fri Sep 8 13:19:16 UTC 2006

I would like to know the Perl code to check a milestone value is existing
(known variables: product_id and milestone value).
I found below code for checking a product is existing in reports.cgi.

Any help?

my @myproducts;
push( @myproducts, map { $_->name } @{$user->get_selectable_products} );

if (! defined $cgi->param('product')) {


} else {
    my $product = $cgi->param('product');

    # For security and correctness, validate the value of the "product" form
    # Valid values are those products for which the user has permissions
which appear
    # in the "product" drop-down menu on the report generation form.
    grep($_ eq $product, @myproducts)
      || ThrowUserError("invalid_product_name", {product => $product});
View this message in context:
Sent from the Bugzilla - Dev forum at

More information about the developers mailing list