![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png){kind=small}
[dw-free] Prohibit Conditional Declarations (backend cleanup)
[commit: http://hg.dwscoalition.org/dw-free/rev/e4a5fc6f26b1]
http://bugs.dwscoalition.org/show_bug.cgi?id=2270
Avoid potential pitfall: top-level htdocs.
Patch by![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
kareila.
Files modified:
http://bugs.dwscoalition.org/show_bug.cgi?id=2270
Avoid potential pitfall: top-level htdocs.
Patch by
kareila.Files modified:
- htdocs/accountstatus.bml
- htdocs/changeemail.bml
- htdocs/create.bml
- htdocs/editjournal.bml
- htdocs/editpics.bml
- htdocs/export_do.bml
- htdocs/login.bml
- htdocs/logout.bml
- htdocs/update.bml
- htdocs/userinfo.bml
--------------------------------------------------------------------------------
diff -r acb313f4fcd7 -r e4a5fc6f26b1 htdocs/accountstatus.bml
--- a/htdocs/accountstatus.bml Wed Jan 20 15:29:24 2010 -0600
+++ b/htdocs/accountstatus.bml Thu Jan 21 13:22:38 2010 +0000
@@ -160,7 +160,8 @@ body<=
$ret .= LJ::make_authas_select($remote, { 'authas' => $GET{'authas'}, 'showall' => 1}) . "\n";
$ret .= "</form>\n\n";
- my $getextra = "?authas=$authas" unless $authas eq $remote->{'user'};
+ my $getextra;
+ $getextra = "?authas=$authas" unless $authas eq $remote->{'user'};
$ret .= "<form method='post' action='accountstatus$getextra'>\n";
$ret .= LJ::form_auth();
diff -r acb313f4fcd7 -r e4a5fc6f26b1 htdocs/changeemail.bml
--- a/htdocs/changeemail.bml Wed Jan 20 15:29:24 2010 -0600
+++ b/htdocs/changeemail.bml Thu Jan 21 13:22:38 2010 +0000
@@ -82,7 +82,8 @@ body<=
};
if ($POST{'mode'} eq 'submit' && ($POST{'email'} || $POST{'password'})) {
- my $password = $POST{'password'} unless $remote->is_identity;
+ my $password;
+ $password = $POST{'password'} unless $remote->is_identity;
my $email = LJ::trim($POST{'email'});
my @errors = ();
diff -r acb313f4fcd7 -r e4a5fc6f26b1 htdocs/create.bml
--- a/htdocs/create.bml Wed Jan 20 15:29:24 2010 -0600
+++ b/htdocs/create.bml Thu Jan 21 13:22:38 2010 +0000
@@ -27,7 +27,8 @@ body<=
push @getargs, "from=$GET{from}" if $GET{from};
push @getargs, "user=$GET{user}" if $GET{user};
push @getargs, "code=$GET{code}" if $GET{code};
- my $getextra = '?' . join( '&', @getargs ) if @getargs;
+ my $getextra;
+ $getextra = '?' . join( '&', @getargs ) if @getargs;
if ( $LJ::USE_SSL && !$LJ::IS_SSL && $GET{ssl} ne 'no' ) {
return BML::redirect( "$LJ::SSLROOT/create$getextra" );
diff -r acb313f4fcd7 -r e4a5fc6f26b1 htdocs/editjournal.bml
--- a/htdocs/editjournal.bml Wed Jan 20 15:29:24 2010 -0600
+++ b/htdocs/editjournal.bml Thu Jan 21 13:22:38 2010 +0000
@@ -19,7 +19,8 @@ body<=
if ($GET{'itemid'} || $POST{'itemid'}) { $mode = "edit"; }
my $ret;
- my $getextra = "?authas=$GET{'authas'}" if $GET{'authas'};
+ my $getextra;
+ $getextra = "?authas=$GET{'authas'}" if $GET{'authas'};
LJ::need_res('stc/entry.css', 'js/inputcomplete.js');
diff -r acb313f4fcd7 -r e4a5fc6f26b1 htdocs/editpics.bml
--- a/htdocs/editpics.bml Wed Jan 20 15:29:24 2010 -0600
+++ b/htdocs/editpics.bml Thu Jan 21 13:22:38 2010 +0000
@@ -301,7 +301,8 @@ use strict;
# redirect back to ourselves
$returl = LJ::CleanHTML::canonical_url($POST{'ret'});
if ($returl) {
- my $redir_host = $1 if $returl =~ m!^http://([\.:\w-]+)!i;
+ my $redir_host;
+ $redir_host = $1 if $returl =~ m!^http://([\.:\w-]+)!i;
return BML::redirect($returl) if $LJ::REDIRECT_ALLOWED{$redir_host};
}
}
diff -r acb313f4fcd7 -r e4a5fc6f26b1 htdocs/export_do.bml
--- a/htdocs/export_do.bml Wed Jan 20 15:29:24 2010 -0600
+++ b/htdocs/export_do.bml Thu Jan 21 13:22:38 2010 +0000
@@ -138,7 +138,8 @@
$e->{'current_music'} = $eprops->{'current_music'};
$e->{'current_mood'} = $eprops->{'current_mood'};
if ($eprops->{'current_moodid'}) {
- my $mood = LJ::mood_name($eprops->{'current_moodid'})
+ my $mood;
+ $mood = LJ::mood_name($eprops->{'current_moodid'})
if $eprops->{'current_moodid'};
$e->{'current_mood'} = $mood if $mood;
}
diff -r acb313f4fcd7 -r e4a5fc6f26b1 htdocs/login.bml
--- a/htdocs/login.bml Wed Jan 20 15:29:24 2010 -0600
+++ b/htdocs/login.bml Thu Jan 21 13:22:38 2010 +0000
@@ -61,7 +61,8 @@
# Redirect to offsite uri if allowed, and not an internal LJ redirect. ('ret' == 1)
if ($POST{ret} && $POST{ret} != 1) {
- my $redir_host = $1 if $POST{ret} =~ m#^http://([\.:\w-]+)#i;
+ my $redir_host;
+ $redir_host = $1 if $POST{ret} =~ m#^http://([\.:\w-]+)#i;
if ($LJ::REDIRECT_ALLOWED{$redir_host} || $redir_host eq $LJ::DOMAIN_WEB) {
LJ::Hooks::run_hook('login_redirect_extra', $redir_host);
diff -r acb313f4fcd7 -r e4a5fc6f26b1 htdocs/logout.bml
--- a/htdocs/logout.bml Wed Jan 20 15:29:24 2010 -0600
+++ b/htdocs/logout.bml Thu Jan 21 13:22:38 2010 +0000
@@ -39,7 +39,8 @@
return;
}
- my $cursess = $u->session if $u;
+ my $cursess;
+ $cursess = $u->session if $u;
if ($cursess &&
$user eq $u->{'user'} &&
@@ -57,7 +58,8 @@
# Redirect to offsite uri if allowed.
if ($POST{'ret'}) {
- my $redir_host = $1 if $POST{'ret'} =~ m#^http://([\.:\w-]+)#i;
+ my $redir_host;
+ $redir_host = $1 if $POST{'ret'} =~ m#^http://([\.:\w-]+)#i;
return BML::redirect($POST{'ret'}) if $LJ::REDIRECT_ALLOWED{$redir_host};
}
diff -r acb313f4fcd7 -r e4a5fc6f26b1 htdocs/update.bml
--- a/htdocs/update.bml Wed Jan 20 15:29:24 2010 -0600
+++ b/htdocs/update.bml Thu Jan 21 13:22:38 2010 +0000
@@ -103,7 +103,8 @@
# if a QotD id was passed in, fill in the fields with that QotD
my $qid = $GET{qotd}+0;
- my $qotd = LJ::QotD->get_single_question($qid) if $qid;
+ my $qotd;
+ $qotd = LJ::QotD->get_single_question($qid) if $qid;
if ($qotd) {
$subject = LJ::Widget::QotD->subject_text($qotd, user => $remote);
$event = LJ::Widget::QotD->embed_text($qotd);
diff -r acb313f4fcd7 -r e4a5fc6f26b1 htdocs/userinfo.bml
--- a/htdocs/userinfo.bml Wed Jan 20 15:29:24 2010 -0600
+++ b/htdocs/userinfo.bml Thu Jan 21 13:22:38 2010 +0000
@@ -361,7 +361,8 @@ body<=
my $title = $u->prop( "journaltitle" ) ?
LJ::ehtml( $u->prop( "journaltitle" ) ) :
BML::ml( '.details.title', { user => $u->display_username } );
- my $subtitle = LJ::ehtml( $u->prop( "journalsubtitle" ) )
+ my $subtitle;
+ $subtitle = LJ::ehtml( $u->prop( "journalsubtitle" ) )
if $u->prop( "journalsubtitle" );
$ret .= qq{
@@ -382,7 +383,8 @@ body<=
# account type
my $accttype = DW::Pay::get_account_type_name( $u );
if ( $accttype ) {
- my $expiretime = DW::Pay::get_account_expiration_time( $u )
+ my $expiretime;
+ $expiretime = DW::Pay::get_account_expiration_time( $u )
if $remote && $remote->can_manage( $u );
$ret .= "<p>";
@@ -442,7 +444,8 @@ body<=
};
if ( $bibody ) {
- my $links = [ { url => "$LJ::SITEROOT/manage/profile/?authas=" . $u->user, text => $ML{'.section.edit'} } ]
+ my $links;
+ $links = [ { url => "$LJ::SITEROOT/manage/profile/?authas=" . $u->user, text => $ML{'.section.edit'} } ]
if $remote && $remote->can_manage( $u );
$ret .= $content_block->(
section_name => 'basics',
@@ -496,7 +499,8 @@ body<=
$biobody .= $profile->bio;
if ( $biobody ) {
- my $links = [ { url => "$LJ::SITEROOT/manage/profile/?authas=" . $u->user . "#bio", text => $ML{'.section.edit'} } ]
+ my $links;
+ $links = [ { url => "$LJ::SITEROOT/manage/profile/?authas=" . $u->user . "#bio", text => $ML{'.section.edit'} } ]
if $remote && $remote->can_manage( $u );
$ret .= $content_block->(
section_name => 'bio',
@@ -562,9 +566,11 @@ body<=
$imlist .= "</tr>";
}
if ( $imlist ) {
- my $new_im_margin = " style='margin-top: 0;'" unless $intlist;
+ my $new_im_margin;
+ $new_im_margin = " style='margin-top: 0;'" unless $intlist;
$connectbody .= qq{ <div class="external_services"$new_im_margin> };
- my $links = [ { url => "$LJ::SITEROOT/manage/profile/?authas=" . $u->user . "#iminfo", text => $ML{'.section.edit'} } ]
+ my $links;
+ $links = [ { url => "$LJ::SITEROOT/manage/profile/?authas=" . $u->user . "#iminfo", text => $ML{'.section.edit'} } ]
if $remote && $remote->can_manage( $u );
$connectbody .= $content_inner_block->(
section_name_ml => '.im.header2',
@@ -616,7 +622,8 @@ body<=
}
if ( $maintbody || $modbody ) {
- my $links = [ { url => "$LJ::SITEROOT/community/members?authas=" . $u->user, text => $ML{'.section.edit'} } ]
+ my $links;
+ $links = [ { url => "$LJ::SITEROOT/community/members?authas=" . $u->user, text => $ML{'.section.edit'} } ]
if $remote && $remote->can_manage( $u );
$ret .= $content_block->(
section_name => 'admins',
@@ -662,10 +669,11 @@ body<=
( $u->prop( 'opt_hidefriendofs' ) && ( !$remote || !$remote->can_manage( $u ) ) );
}
- my @members_userids = $u->member_userids if $u->is_community;
- my @member_of_userids = $u->member_of_userids if $u->is_personal;
- my @posting_access_to_userids = @{LJ::load_rel_target( $u, 'P' )} if $u->is_personal;
- my @posting_access_from_userids = @{LJ::load_rel_user( $u, 'P' )} if $u->is_community;
+ my ( @members_userids, @member_of_userids, @posting_access_to_userids, @posting_access_from_userids );
+ @members_userids = $u->member_userids if $u->is_community;
+ @member_of_userids = $u->member_of_userids if $u->is_personal;
+ @posting_access_to_userids = @{LJ::load_rel_target( $u, 'P' )} if $u->is_personal;
+ @posting_access_from_userids = @{LJ::load_rel_user( $u, 'P' )} if $u->is_community;
my $us = LJ::load_userids(
@trusted_userids, @trusted_by_userids,
--------------------------------------------------------------------------------
no subject
no subject