1998-09-16 01:49:26 +04:00
|
|
|
# -*- Mode: perl; indent-tabs-mode: nil -*-
|
|
|
|
#
|
1999-11-02 02:33:56 +03:00
|
|
|
# The contents of this file are subject to the Mozilla Public
|
|
|
|
# License Version 1.1 (the "License"); you may not use this file
|
|
|
|
# except in compliance with the License. You may obtain a copy of
|
|
|
|
# the License at http://www.mozilla.org/MPL/
|
|
|
|
#
|
|
|
|
# Software distributed under the License is distributed on an "AS
|
|
|
|
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
|
|
|
# implied. See the License for the specific language governing
|
|
|
|
# rights and limitations under the License.
|
|
|
|
#
|
1998-09-16 01:49:26 +04:00
|
|
|
# The Original Code is the Bugzilla Bug Tracking System.
|
1999-11-02 02:33:56 +03:00
|
|
|
#
|
1998-09-16 01:49:26 +04:00
|
|
|
# The Initial Developer of the Original Code is Netscape Communications
|
1999-11-02 02:33:56 +03:00
|
|
|
# Corporation. Portions created by Netscape are
|
|
|
|
# Copyright (C) 1998 Netscape Communications Corporation. All
|
|
|
|
# Rights Reserved.
|
|
|
|
#
|
1998-09-16 01:49:26 +04:00
|
|
|
# Contributor(s): Terry Weissman <terry@mozilla.org>
|
2000-03-29 01:31:24 +04:00
|
|
|
# Dan Mosedale <dmose@mozilla.org>
|
2000-12-23 02:01:30 +03:00
|
|
|
# Jake <jake@acutex.net>
|
2001-10-23 19:44:53 +04:00
|
|
|
# Bradley Baetz <bbaetz@cs.mcgill.ca>
|
2001-11-17 13:29:55 +03:00
|
|
|
# Christopher Aillon <christopher@aillon.com>
|
1998-09-16 01:49:26 +04:00
|
|
|
|
|
|
|
# Contains some global variables and routines used throughout bugzilla.
|
|
|
|
|
|
|
|
use diagnostics;
|
|
|
|
use strict;
|
1999-10-19 03:57:58 +04:00
|
|
|
|
|
|
|
# Shut up misguided -w warnings about "used only once". For some reason,
|
|
|
|
# "use vars" chokes on me when I try it here.
|
|
|
|
|
|
|
|
sub globals_pl_sillyness {
|
|
|
|
my $zz;
|
2001-06-01 06:14:23 +04:00
|
|
|
$zz = @main::SqlStateStack;
|
1999-10-19 03:57:58 +04:00
|
|
|
$zz = @main::chooseone;
|
|
|
|
$zz = @main::default_column_list;
|
2000-01-29 23:22:44 +03:00
|
|
|
$zz = $main::defaultqueryname;
|
1999-10-19 03:57:58 +04:00
|
|
|
$zz = @main::dontchange;
|
2000-01-15 01:35:49 +03:00
|
|
|
$zz = %main::keywordsbyname;
|
1999-10-19 03:57:58 +04:00
|
|
|
$zz = @main::legal_bug_status;
|
|
|
|
$zz = @main::legal_components;
|
2000-01-15 01:35:49 +03:00
|
|
|
$zz = @main::legal_keywords;
|
1999-10-19 03:57:58 +04:00
|
|
|
$zz = @main::legal_opsys;
|
|
|
|
$zz = @main::legal_platform;
|
|
|
|
$zz = @main::legal_priority;
|
|
|
|
$zz = @main::legal_product;
|
|
|
|
$zz = @main::legal_severity;
|
|
|
|
$zz = @main::legal_target_milestone;
|
|
|
|
$zz = @main::legal_versions;
|
|
|
|
$zz = @main::milestoneurl;
|
|
|
|
$zz = @main::prodmaxvotes;
|
2001-06-01 06:14:23 +04:00
|
|
|
$zz = $main::superusergroupset;
|
2001-10-25 00:33:49 +04:00
|
|
|
$zz = $main::userid;
|
1999-10-19 03:57:58 +04:00
|
|
|
}
|
|
|
|
|
2000-01-29 23:22:44 +03:00
|
|
|
#
|
|
|
|
# Here are the --LOCAL-- variables defined in 'localconfig' that we'll use
|
|
|
|
# here
|
|
|
|
#
|
|
|
|
|
2000-10-30 22:17:43 +03:00
|
|
|
$::db_host = "localhost";
|
2002-01-22 09:49:22 +03:00
|
|
|
$::db_port = 3306;
|
2000-10-30 22:17:43 +03:00
|
|
|
$::db_name = "bugs";
|
|
|
|
$::db_user = "bugs";
|
|
|
|
$::db_pass = "";
|
2000-01-29 23:22:44 +03:00
|
|
|
|
|
|
|
do 'localconfig';
|
|
|
|
|
2000-05-20 05:22:07 +04:00
|
|
|
use DBI;
|
1998-09-16 01:49:26 +04:00
|
|
|
|
|
|
|
use Date::Format; # For time2str().
|
2000-01-21 00:31:22 +03:00
|
|
|
use Date::Parse; # For str2time().
|
2001-07-04 09:28:39 +04:00
|
|
|
#use Carp; # for confess
|
2000-03-29 01:31:24 +04:00
|
|
|
use RelationSet;
|
1998-09-16 01:49:26 +04:00
|
|
|
|
2001-10-23 19:44:53 +04:00
|
|
|
# Some environment variables are not taint safe
|
2001-11-17 10:57:25 +03:00
|
|
|
delete @::ENV{'PATH', 'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
|
2001-07-04 08:41:27 +04:00
|
|
|
|
1998-09-19 08:38:12 +04:00
|
|
|
# Contains the version string for the current running Bugzilla.
|
2001-08-30 01:41:50 +04:00
|
|
|
$::param{'version'} = '2.15';
|
1998-09-19 08:38:12 +04:00
|
|
|
|
1998-09-16 01:49:26 +04:00
|
|
|
$::dontchange = "--do_not_change--";
|
|
|
|
$::chooseone = "--Choose_one:--";
|
2000-01-25 10:54:57 +03:00
|
|
|
$::defaultqueryname = "(Default query)";
|
2000-02-17 08:15:23 +03:00
|
|
|
$::unconfirmedstate = "UNCONFIRMED";
|
2000-02-18 00:41:39 +03:00
|
|
|
$::dbwritesallowed = 1;
|
1998-09-16 01:49:26 +04:00
|
|
|
|
2000-09-16 02:20:55 +04:00
|
|
|
# Adding a global variable for the value of the superuser groupset.
|
|
|
|
# Joe Robins, 7/5/00
|
|
|
|
$::superusergroupset = "9223372036854775807";
|
|
|
|
|
2001-07-04 09:28:39 +04:00
|
|
|
#sub die_with_dignity {
|
|
|
|
# my ($err_msg) = @_;
|
|
|
|
# print $err_msg;
|
|
|
|
# confess($err_msg);
|
|
|
|
#}
|
|
|
|
#$::SIG{__DIE__} = \&die_with_dignity;
|
2001-07-04 08:41:27 +04:00
|
|
|
|
1998-09-16 01:49:26 +04:00
|
|
|
sub ConnectToDatabase {
|
2000-02-18 00:41:39 +03:00
|
|
|
my ($useshadow) = (@_);
|
1998-09-16 01:49:26 +04:00
|
|
|
if (!defined $::db) {
|
2000-10-30 22:17:43 +03:00
|
|
|
my $name = $::db_name;
|
2000-03-20 21:48:59 +03:00
|
|
|
if ($useshadow && Param("shadowdb") && Param("queryagainstshadowdb")) {
|
2000-02-18 00:41:39 +03:00
|
|
|
$name = Param("shadowdb");
|
|
|
|
$::dbwritesallowed = 0;
|
|
|
|
}
|
2002-01-22 09:49:22 +03:00
|
|
|
$::db = DBI->connect("DBI:mysql:host=$::db_host;database=$name;port=$::db_port", $::db_user, $::db_pass)
|
2001-10-13 05:36:17 +04:00
|
|
|
|| die "Bugzilla is currently broken. Please try again later. " .
|
2001-03-08 02:59:15 +03:00
|
|
|
"If the problem persists, please contact " . Param("maintainer") .
|
|
|
|
". The error you should quote is: " . $DBI::errstr;
|
1998-09-16 01:49:26 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2000-02-18 03:50:25 +03:00
|
|
|
sub ReconnectToShadowDatabase {
|
2000-03-20 21:48:59 +03:00
|
|
|
if (Param("shadowdb") && Param("queryagainstshadowdb")) {
|
2000-02-18 03:50:25 +03:00
|
|
|
SendSQL("USE " . Param("shadowdb"));
|
|
|
|
$::dbwritesallowed = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2000-02-19 00:38:23 +03:00
|
|
|
my $shadowchanges = 0;
|
|
|
|
sub SyncAnyPendingShadowChanges {
|
|
|
|
if ($shadowchanges) {
|
2001-06-07 01:17:42 +04:00
|
|
|
my $pid;
|
|
|
|
FORK: {
|
|
|
|
if ($pid = fork) { # create a fork
|
|
|
|
# parent code runs here
|
|
|
|
$shadowchanges = 0;
|
|
|
|
return;
|
|
|
|
} elsif (defined $pid) {
|
|
|
|
# child process code runs here
|
2001-06-10 21:15:56 +04:00
|
|
|
exec("./syncshadowdb","--") or die "Unable to exec syncshadowdb: $!";
|
|
|
|
# the idea was that passing the second parameter tricks it into
|
|
|
|
# using execvp instead of running a shell. Not really necessary since
|
|
|
|
# there are no shell meta-characters, but it passes our tinderbox
|
|
|
|
# test that way. :) http://bugzilla.mozilla.org/show_bug.cgi?id=21253
|
2001-06-07 01:17:42 +04:00
|
|
|
} elsif ($! =~ /No more process/) {
|
|
|
|
# recoverable fork error, try again in 5 seconds
|
|
|
|
sleep 5;
|
|
|
|
redo FORK;
|
|
|
|
} else {
|
|
|
|
# something weird went wrong
|
|
|
|
die "Can't create background process to run syncshadowdb: $!";
|
|
|
|
}
|
|
|
|
}
|
2000-02-19 00:38:23 +03:00
|
|
|
}
|
|
|
|
}
|
2000-07-14 00:04:15 +04:00
|
|
|
|
2000-02-19 00:38:23 +03:00
|
|
|
|
2000-12-12 06:47:40 +03:00
|
|
|
# This is used to manipulate global state used by SendSQL(),
|
|
|
|
# MoreSQLData() and FetchSQLData(). It provides a way to do another
|
|
|
|
# SQL query without losing any as-yet-unfetched data from an existing
|
|
|
|
# query. Just push the current global state, do your new query and fetch
|
|
|
|
# any data you need from it, then pop the current global state.
|
|
|
|
#
|
|
|
|
@::SQLStateStack = ();
|
|
|
|
|
|
|
|
sub PushGlobalSQLState() {
|
|
|
|
push @::SQLStateStack, $::currentquery;
|
|
|
|
push @::SQLStateStack, [ @::fetchahead ];
|
|
|
|
}
|
|
|
|
|
|
|
|
sub PopGlobalSQLState() {
|
|
|
|
die ("PopGlobalSQLState: stack underflow") if ( $#::SQLStateStack < 1 );
|
|
|
|
@::fetchahead = @{pop @::SQLStateStack};
|
|
|
|
$::currentquery = pop @::SQLStateStack;
|
|
|
|
}
|
|
|
|
|
|
|
|
sub SavedSQLStates() {
|
|
|
|
return ($#::SqlStateStack + 1) / 2;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2000-01-27 00:47:55 +03:00
|
|
|
my $dosqllog = (-e "data/sqllog") && (-w "data/sqllog");
|
|
|
|
|
|
|
|
sub SqlLog {
|
|
|
|
if ($dosqllog) {
|
|
|
|
my ($str) = (@_);
|
|
|
|
open(SQLLOGFID, ">>data/sqllog") || die "Can't write to data/sqllog";
|
|
|
|
if (flock(SQLLOGFID,2)) { # 2 is magic 'exclusive lock' const.
|
2000-12-12 06:47:40 +03:00
|
|
|
|
|
|
|
# if we're a subquery (ie there's pushed global state around)
|
|
|
|
# indent to indicate the level of subquery-hood
|
|
|
|
#
|
|
|
|
for (my $i = SavedSQLStates() ; $i > 0 ; $i--) {
|
|
|
|
print SQLLOGFID "\t";
|
|
|
|
}
|
|
|
|
|
2000-01-27 00:47:55 +03:00
|
|
|
print SQLLOGFID time2str("%D %H:%M:%S $$", time()) . ": $str\n";
|
|
|
|
}
|
|
|
|
flock(SQLLOGFID,8); # '8' is magic 'unlock' const.
|
|
|
|
close SQLLOGFID;
|
|
|
|
}
|
|
|
|
}
|
2000-12-12 06:47:40 +03:00
|
|
|
|
2002-01-20 04:44:52 +03:00
|
|
|
# This is from the perlsec page, slightly modifed to remove a warning
|
|
|
|
# From that page:
|
|
|
|
# This function makes use of the fact that the presence of
|
|
|
|
# tainted data anywhere within an expression renders the
|
|
|
|
# entire expression tainted.
|
|
|
|
# Don't ask me how it works...
|
|
|
|
sub is_tainted {
|
|
|
|
return not eval { my $foo = join('',@_), kill 0; 1; };
|
|
|
|
}
|
|
|
|
|
1998-09-16 01:49:26 +04:00
|
|
|
sub SendSQL {
|
2000-02-18 00:41:39 +03:00
|
|
|
my ($str, $dontshadow) = (@_);
|
2002-01-20 04:44:52 +03:00
|
|
|
|
|
|
|
# Don't use DBI's taint stuff yet, because:
|
|
|
|
# a) We don't want out vars to be tainted (yet)
|
|
|
|
# b) We want to know who called SendSQL...
|
|
|
|
# Is there a better way to do b?
|
|
|
|
if (is_tainted($str)) {
|
2002-01-22 18:12:11 +03:00
|
|
|
die "Attempted to send tainted string '$str' to the database";
|
2002-01-20 04:44:52 +03:00
|
|
|
}
|
|
|
|
|
2000-02-18 00:41:39 +03:00
|
|
|
my $iswrite = ($str =~ /^(INSERT|REPLACE|UPDATE|DELETE)/i);
|
|
|
|
if ($iswrite && !$::dbwritesallowed) {
|
|
|
|
die "Evil code attempted to write stuff to the shadow database.";
|
|
|
|
}
|
2000-03-20 21:48:59 +03:00
|
|
|
if ($str =~ /^LOCK TABLES/i && $str !~ /shadowlog/ && $::dbwritesallowed) {
|
2000-02-18 03:43:56 +03:00
|
|
|
$str =~ s/^LOCK TABLES/LOCK TABLES shadowlog WRITE, /i;
|
2000-02-18 00:41:39 +03:00
|
|
|
}
|
2001-08-13 23:11:35 +04:00
|
|
|
# If we are shutdown, we don't want to run queries except in special cases
|
|
|
|
if (Param('shutdownhtml')) {
|
2001-08-15 06:38:02 +04:00
|
|
|
if ($0 =~ m:[\\/]((do)?editparams.cgi|syncshadowdb)$:) {
|
2001-08-13 23:11:35 +04:00
|
|
|
$::ignorequery = 0;
|
|
|
|
} else {
|
|
|
|
$::ignorequery = 1;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
2000-01-27 00:47:55 +03:00
|
|
|
SqlLog($str);
|
2000-05-20 05:22:07 +04:00
|
|
|
$::currentquery = $::db->prepare($str);
|
2001-10-12 01:58:07 +04:00
|
|
|
if (!$::currentquery->execute) {
|
2001-10-13 05:36:17 +04:00
|
|
|
my $errstr = $::db->errstr;
|
|
|
|
# Cut down the error string to a reasonable.size
|
2001-10-14 05:34:08 +04:00
|
|
|
$errstr = substr($errstr, 0, 2000) . ' ... ' . substr($errstr, -2000)
|
|
|
|
if length($errstr) > 4000;
|
2001-10-13 05:36:17 +04:00
|
|
|
die "$str: " . $errstr;
|
2001-10-12 01:58:07 +04:00
|
|
|
}
|
2000-01-27 00:47:55 +03:00
|
|
|
SqlLog("Done");
|
2000-02-18 00:41:39 +03:00
|
|
|
if (!$dontshadow && $iswrite && Param("shadowdb")) {
|
|
|
|
my $q = SqlQuote($str);
|
|
|
|
my $insertid;
|
|
|
|
if ($str =~ /^(INSERT|REPLACE)/i) {
|
|
|
|
SendSQL("SELECT LAST_INSERT_ID()");
|
|
|
|
$insertid = FetchOneColumn();
|
|
|
|
}
|
|
|
|
SendSQL("INSERT INTO shadowlog (command) VALUES ($q)", 1);
|
|
|
|
if ($insertid) {
|
|
|
|
SendSQL("SET LAST_INSERT_ID = $insertid");
|
|
|
|
}
|
2000-02-19 00:38:23 +03:00
|
|
|
$shadowchanges++;
|
2000-02-18 00:41:39 +03:00
|
|
|
}
|
1998-09-16 01:49:26 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
sub MoreSQLData {
|
2001-08-13 23:11:35 +04:00
|
|
|
# $::ignorequery is set in SendSQL
|
|
|
|
if ($::ignorequery) {
|
|
|
|
return 0;
|
|
|
|
}
|
1998-09-16 01:49:26 +04:00
|
|
|
if (defined @::fetchahead) {
|
2001-10-13 05:36:17 +04:00
|
|
|
return 1;
|
1998-09-16 01:49:26 +04:00
|
|
|
}
|
2000-05-20 05:22:07 +04:00
|
|
|
if (@::fetchahead = $::currentquery->fetchrow_array) {
|
2001-10-13 05:36:17 +04:00
|
|
|
return 1;
|
1998-09-16 01:49:26 +04:00
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
sub FetchSQLData {
|
2001-08-13 23:11:35 +04:00
|
|
|
# $::ignorequery is set in SendSQL
|
|
|
|
if ($::ignorequery) {
|
|
|
|
return;
|
|
|
|
}
|
1998-09-16 01:49:26 +04:00
|
|
|
if (defined @::fetchahead) {
|
2001-10-13 05:36:17 +04:00
|
|
|
my @result = @::fetchahead;
|
|
|
|
undef @::fetchahead;
|
|
|
|
return @result;
|
1998-09-16 01:49:26 +04:00
|
|
|
}
|
2000-05-20 05:22:07 +04:00
|
|
|
return $::currentquery->fetchrow_array;
|
1998-09-16 01:49:26 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
sub FetchOneColumn {
|
|
|
|
my @row = FetchSQLData();
|
|
|
|
return $row[0];
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@::default_column_list = ("severity", "priority", "platform", "owner",
|
|
|
|
"status", "resolution", "summary");
|
|
|
|
|
|
|
|
sub AppendComment {
|
|
|
|
my ($bugid,$who,$comment) = (@_);
|
1999-04-21 21:45:22 +04:00
|
|
|
$comment =~ s/\r\n/\n/g; # Get rid of windows-style line endings.
|
|
|
|
$comment =~ s/\r/\n/g; # Get rid of mac-style line endings.
|
1998-09-16 01:49:26 +04:00
|
|
|
if ($comment =~ /^\s*$/) { # Nothin' but whitespace.
|
|
|
|
return;
|
|
|
|
}
|
2000-01-21 00:31:22 +03:00
|
|
|
|
|
|
|
my $whoid = DBNameToIdAndCheck($who);
|
|
|
|
|
|
|
|
SendSQL("INSERT INTO longdescs (bug_id, who, bug_when, thetext) " .
|
|
|
|
"VALUES($bugid, $whoid, now(), " . SqlQuote($comment) . ")");
|
2000-01-21 00:42:23 +03:00
|
|
|
|
|
|
|
SendSQL("UPDATE bugs SET delta_ts = now() WHERE bug_id = $bugid");
|
1998-09-16 01:49:26 +04:00
|
|
|
}
|
|
|
|
|
2000-01-22 07:24:42 +03:00
|
|
|
sub GetFieldID {
|
|
|
|
my ($f) = (@_);
|
|
|
|
SendSQL("SELECT fieldid FROM fielddefs WHERE name = " . SqlQuote($f));
|
|
|
|
my $fieldid = FetchOneColumn();
|
|
|
|
if (!$fieldid) {
|
|
|
|
my $q = SqlQuote($f);
|
|
|
|
SendSQL("REPLACE INTO fielddefs (name, description) VALUES ($q, $q)");
|
|
|
|
SendSQL("SELECT LAST_INSERT_ID()");
|
|
|
|
$fieldid = FetchOneColumn();
|
|
|
|
}
|
|
|
|
return $fieldid;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1998-09-16 01:49:26 +04:00
|
|
|
sub lsearch {
|
|
|
|
my ($list,$item) = (@_);
|
|
|
|
my $count = 0;
|
|
|
|
foreach my $i (@$list) {
|
|
|
|
if ($i eq $item) {
|
|
|
|
return $count;
|
|
|
|
}
|
|
|
|
$count++;
|
|
|
|
}
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
sub Product_element {
|
|
|
|
my ($prod,$onchange) = (@_);
|
|
|
|
return make_popup("product", keys %::versions, $prod, 1, $onchange);
|
|
|
|
}
|
|
|
|
|
|
|
|
sub Component_element {
|
|
|
|
my ($comp,$prod,$onchange) = (@_);
|
|
|
|
my $componentlist;
|
|
|
|
if (! defined $::components{$prod}) {
|
|
|
|
$componentlist = [];
|
|
|
|
} else {
|
|
|
|
$componentlist = $::components{$prod};
|
|
|
|
}
|
|
|
|
my $defcomponent;
|
|
|
|
if ($comp ne "" && lsearch($componentlist, $comp) >= 0) {
|
|
|
|
$defcomponent = $comp;
|
|
|
|
} else {
|
|
|
|
$defcomponent = $componentlist->[0];
|
|
|
|
}
|
|
|
|
return make_popup("component", $componentlist, $defcomponent, 1, "");
|
|
|
|
}
|
|
|
|
|
|
|
|
sub Version_element {
|
|
|
|
my ($vers, $prod, $onchange) = (@_);
|
|
|
|
my $versionlist;
|
|
|
|
if (!defined $::versions{$prod}) {
|
|
|
|
$versionlist = [];
|
|
|
|
} else {
|
|
|
|
$versionlist = $::versions{$prod};
|
|
|
|
}
|
|
|
|
my $defversion = $versionlist->[0];
|
|
|
|
if (lsearch($versionlist,$vers) >= 0) {
|
|
|
|
$defversion = $vers;
|
|
|
|
}
|
|
|
|
return make_popup("version", $versionlist, $defversion, 1, $onchange);
|
|
|
|
}
|
|
|
|
|
2000-03-21 19:47:06 +03:00
|
|
|
sub Milestone_element {
|
|
|
|
my ($tm, $prod, $onchange) = (@_);
|
|
|
|
my $tmlist;
|
|
|
|
if (!defined $::target_milestone{$prod}) {
|
|
|
|
$tmlist = [];
|
|
|
|
} else {
|
|
|
|
$tmlist = $::target_milestone{$prod};
|
|
|
|
}
|
1998-09-16 01:49:26 +04:00
|
|
|
|
2000-03-21 19:47:06 +03:00
|
|
|
my $deftm = $tmlist->[0];
|
|
|
|
|
|
|
|
if (lsearch($tmlist, $tm) >= 0) {
|
|
|
|
$deftm = $tm;
|
|
|
|
}
|
|
|
|
|
|
|
|
return make_popup("target_milestone", $tmlist, $deftm, 1, $onchange);
|
|
|
|
}
|
1998-09-16 01:49:26 +04:00
|
|
|
|
|
|
|
# Generate a string which, when later interpreted by the Perl compiler, will
|
|
|
|
# be the same as the given string.
|
|
|
|
|
|
|
|
sub PerlQuote {
|
|
|
|
my ($str) = (@_);
|
|
|
|
return SqlQuote($str);
|
|
|
|
|
|
|
|
# The below was my first attempt, but I think just using SqlQuote makes more
|
|
|
|
# sense...
|
|
|
|
# $result = "'";
|
|
|
|
# $length = length($str);
|
|
|
|
# for (my $i=0 ; $i<$length ; $i++) {
|
|
|
|
# my $c = substr($str, $i, 1);
|
|
|
|
# if ($c eq "'" || $c eq '\\') {
|
|
|
|
# $result .= '\\';
|
|
|
|
# }
|
|
|
|
# $result .= $c;
|
|
|
|
# }
|
|
|
|
# $result .= "'";
|
|
|
|
# return $result;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
# Given the name of a global variable, generate Perl code that, if later
|
|
|
|
# executed, would restore the variable to its current value.
|
|
|
|
|
|
|
|
sub GenerateCode {
|
|
|
|
my ($name) = (@_);
|
|
|
|
my $result = $name . " = ";
|
|
|
|
if ($name =~ /^\$/) {
|
|
|
|
my $value = eval($name);
|
|
|
|
if (ref($value) eq "ARRAY") {
|
|
|
|
$result .= "[" . GenerateArrayCode($value) . "]";
|
|
|
|
} else {
|
|
|
|
$result .= PerlQuote(eval($name));
|
|
|
|
}
|
|
|
|
} elsif ($name =~ /^@/) {
|
|
|
|
my @value = eval($name);
|
|
|
|
$result .= "(" . GenerateArrayCode(\@value) . ")";
|
|
|
|
} elsif ($name =~ '%') {
|
|
|
|
$result = "";
|
|
|
|
foreach my $k (sort { uc($a) cmp uc($b)} eval("keys $name")) {
|
|
|
|
$result .= GenerateCode("\$" . substr($name, 1) .
|
2001-09-01 03:51:35 +04:00
|
|
|
"{" . PerlQuote($k) . "}");
|
1998-09-16 01:49:26 +04:00
|
|
|
}
|
|
|
|
return $result;
|
|
|
|
} else {
|
|
|
|
die "Can't do $name -- unacceptable variable type.";
|
|
|
|
}
|
|
|
|
$result .= ";\n";
|
|
|
|
return $result;
|
|
|
|
}
|
|
|
|
|
|
|
|
sub GenerateArrayCode {
|
|
|
|
my ($ref) = (@_);
|
|
|
|
my @list;
|
|
|
|
foreach my $i (@$ref) {
|
|
|
|
push @list, PerlQuote($i);
|
|
|
|
}
|
|
|
|
return join(',', @list);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
sub GenerateVersionTable {
|
|
|
|
ConnectToDatabase();
|
|
|
|
SendSQL("select value, program from versions order by value");
|
|
|
|
my @line;
|
|
|
|
my %varray;
|
|
|
|
my %carray;
|
|
|
|
while (@line = FetchSQLData()) {
|
|
|
|
my ($v,$p1) = (@line);
|
|
|
|
if (!defined $::versions{$p1}) {
|
|
|
|
$::versions{$p1} = [];
|
|
|
|
}
|
|
|
|
push @{$::versions{$p1}}, $v;
|
|
|
|
$varray{$v} = 1;
|
|
|
|
}
|
1999-06-11 21:39:38 +04:00
|
|
|
SendSQL("select value, program from components order by value");
|
1998-09-16 01:49:26 +04:00
|
|
|
while (@line = FetchSQLData()) {
|
|
|
|
my ($c,$p) = (@line);
|
|
|
|
if (!defined $::components{$p}) {
|
|
|
|
$::components{$p} = [];
|
|
|
|
}
|
|
|
|
my $ref = $::components{$p};
|
|
|
|
push @$ref, $c;
|
|
|
|
$carray{$c} = 1;
|
|
|
|
}
|
|
|
|
|
2000-03-24 03:43:40 +03:00
|
|
|
my $dotargetmilestone = 1; # This used to check the param, but there's
|
|
|
|
# enough code that wants to pretend we're using
|
|
|
|
# target milestones, even if they don't get
|
|
|
|
# shown to the user. So we cache all the data
|
|
|
|
# about them anyway.
|
1999-02-03 05:46:51 +03:00
|
|
|
|
|
|
|
my $mpart = $dotargetmilestone ? ", milestoneurl" : "";
|
1999-10-08 03:54:52 +04:00
|
|
|
SendSQL("select product, description, votesperuser, disallownew$mpart from products");
|
2000-01-24 08:41:40 +03:00
|
|
|
$::anyvotesallowed = 0;
|
1998-10-07 00:23:40 +04:00
|
|
|
while (@line = FetchSQLData()) {
|
1999-10-08 03:54:52 +04:00
|
|
|
my ($p, $d, $votesperuser, $dis, $u) = (@line);
|
1998-10-07 00:23:40 +04:00
|
|
|
$::proddesc{$p} = $d;
|
1999-03-03 21:16:24 +03:00
|
|
|
if ($dis) {
|
|
|
|
# Special hack. Stomp on the description and make it "0" if we're
|
|
|
|
# not supposed to allow new bugs against this product. This is
|
|
|
|
# checked for in enter_bug.cgi.
|
|
|
|
$::proddesc{$p} = "0";
|
|
|
|
}
|
1999-02-03 05:46:51 +03:00
|
|
|
if ($dotargetmilestone) {
|
|
|
|
$::milestoneurl{$p} = $u;
|
|
|
|
}
|
1999-10-08 03:54:52 +04:00
|
|
|
$::prodmaxvotes{$p} = $votesperuser;
|
2000-01-24 08:41:40 +03:00
|
|
|
if ($votesperuser > 0) {
|
|
|
|
$::anyvotesallowed = 1;
|
|
|
|
}
|
1998-10-07 00:23:40 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
1998-09-16 01:49:26 +04:00
|
|
|
my $cols = LearnAboutColumns("bugs");
|
|
|
|
|
|
|
|
@::log_columns = @{$cols->{"-list-"}};
|
2000-01-22 07:24:42 +03:00
|
|
|
foreach my $i ("bug_id", "creation_ts", "delta_ts", "lastdiffed") {
|
1998-09-16 01:49:26 +04:00
|
|
|
my $w = lsearch(\@::log_columns, $i);
|
|
|
|
if ($w >= 0) {
|
|
|
|
splice(@::log_columns, $w, 1);
|
|
|
|
}
|
|
|
|
}
|
1999-03-24 01:32:21 +03:00
|
|
|
@::log_columns = (sort(@::log_columns));
|
1998-09-16 01:49:26 +04:00
|
|
|
|
|
|
|
@::legal_priority = SplitEnumType($cols->{"priority,type"});
|
|
|
|
@::legal_severity = SplitEnumType($cols->{"bug_severity,type"});
|
|
|
|
@::legal_platform = SplitEnumType($cols->{"rep_platform,type"});
|
1998-12-03 19:10:52 +03:00
|
|
|
@::legal_opsys = SplitEnumType($cols->{"op_sys,type"});
|
1998-09-16 01:49:26 +04:00
|
|
|
@::legal_bug_status = SplitEnumType($cols->{"bug_status,type"});
|
|
|
|
@::legal_resolution = SplitEnumType($cols->{"resolution,type"});
|
2000-07-14 07:20:17 +04:00
|
|
|
|
|
|
|
# 'settable_resolution' is the list of resolutions that may be set
|
|
|
|
# directly by hand in the bug form. Start with the list of legal
|
|
|
|
# resolutions and remove 'MOVED' and 'DUPLICATE' because setting
|
|
|
|
# bugs to those resolutions requires a special process.
|
|
|
|
#
|
|
|
|
@::settable_resolution = @::legal_resolution;
|
|
|
|
my $w = lsearch(\@::settable_resolution, "DUPLICATE");
|
1998-09-16 01:49:26 +04:00
|
|
|
if ($w >= 0) {
|
2000-07-14 07:20:17 +04:00
|
|
|
splice(@::settable_resolution, $w, 1);
|
|
|
|
}
|
|
|
|
my $z = lsearch(\@::settable_resolution, "MOVED");
|
|
|
|
if ($z >= 0) {
|
|
|
|
splice(@::settable_resolution, $z, 1);
|
1998-09-16 01:49:26 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
my @list = sort { uc($a) cmp uc($b)} keys(%::versions);
|
|
|
|
@::legal_product = @list;
|
|
|
|
mkdir("data", 0777);
|
|
|
|
chmod 0777, "data";
|
|
|
|
my $tmpname = "data/versioncache.$$";
|
|
|
|
open(FID, ">$tmpname") || die "Can't create $tmpname";
|
|
|
|
|
2001-10-20 03:49:37 +04:00
|
|
|
print FID "#\n";
|
|
|
|
print FID "# DO NOT EDIT!\n";
|
|
|
|
print FID "# This file is automatically generated at least once every\n";
|
|
|
|
print FID "# hour by the GenerateVersionTable() sub in globals.pl.\n";
|
|
|
|
print FID "# Any changes you make will be overwritten.\n";
|
|
|
|
print FID "#\n";
|
|
|
|
|
1998-09-16 01:49:26 +04:00
|
|
|
print FID GenerateCode('@::log_columns');
|
|
|
|
print FID GenerateCode('%::versions');
|
|
|
|
|
|
|
|
foreach my $i (@list) {
|
|
|
|
if (!defined $::components{$i}) {
|
2001-07-01 06:00:56 +04:00
|
|
|
$::components{$i} = [];
|
1998-09-16 01:49:26 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
@::legal_versions = sort {uc($a) cmp uc($b)} keys(%varray);
|
|
|
|
print FID GenerateCode('@::legal_versions');
|
|
|
|
print FID GenerateCode('%::components');
|
|
|
|
@::legal_components = sort {uc($a) cmp uc($b)} keys(%carray);
|
|
|
|
print FID GenerateCode('@::legal_components');
|
1998-12-03 19:10:52 +03:00
|
|
|
foreach my $i('product', 'priority', 'severity', 'platform', 'opsys',
|
2000-07-14 07:20:17 +04:00
|
|
|
'bug_status', 'resolution') {
|
1998-09-16 01:49:26 +04:00
|
|
|
print FID GenerateCode('@::legal_' . $i);
|
|
|
|
}
|
2000-07-14 07:20:17 +04:00
|
|
|
print FID GenerateCode('@::settable_resolution');
|
1998-10-07 00:23:40 +04:00
|
|
|
print FID GenerateCode('%::proddesc');
|
1999-10-08 03:54:52 +04:00
|
|
|
print FID GenerateCode('%::prodmaxvotes');
|
2000-01-24 08:41:40 +03:00
|
|
|
print FID GenerateCode('$::anyvotesallowed');
|
1998-09-16 01:49:26 +04:00
|
|
|
|
1999-02-03 05:46:51 +03:00
|
|
|
if ($dotargetmilestone) {
|
2000-03-21 19:47:06 +03:00
|
|
|
# reading target milestones in from the database - matthew@zeroknowledge.com
|
|
|
|
SendSQL("SELECT value, product FROM milestones ORDER BY sortkey, value");
|
|
|
|
my @line;
|
|
|
|
my %tmarray;
|
|
|
|
@::legal_target_milestone = ();
|
|
|
|
while(@line = FetchSQLData()) {
|
|
|
|
my ($tm, $pr) = (@line);
|
|
|
|
if (!defined $::target_milestone{$pr}) {
|
|
|
|
$::target_milestone{$pr} = [];
|
|
|
|
}
|
|
|
|
push @{$::target_milestone{$pr}}, $tm;
|
|
|
|
if (!exists $tmarray{$tm}) {
|
|
|
|
$tmarray{$tm} = 1;
|
|
|
|
push(@::legal_target_milestone, $tm);
|
|
|
|
}
|
1999-01-28 00:17:10 +03:00
|
|
|
}
|
2000-03-21 19:47:06 +03:00
|
|
|
|
|
|
|
print FID GenerateCode('%::target_milestone');
|
1999-01-28 00:17:10 +03:00
|
|
|
print FID GenerateCode('@::legal_target_milestone');
|
1999-02-03 05:46:51 +03:00
|
|
|
print FID GenerateCode('%::milestoneurl');
|
1999-01-28 00:17:10 +03:00
|
|
|
}
|
2000-01-07 00:16:15 +03:00
|
|
|
|
|
|
|
SendSQL("SELECT id, name FROM keyworddefs ORDER BY name");
|
|
|
|
while (MoreSQLData()) {
|
|
|
|
my ($id, $name) = FetchSQLData();
|
2000-07-14 19:31:43 +04:00
|
|
|
push(@::legal_keywords, $name);
|
2000-07-14 00:04:15 +04:00
|
|
|
$name = lc($name);
|
2000-01-07 00:16:15 +03:00
|
|
|
$::keywordsbyname{$name} = $id;
|
|
|
|
}
|
|
|
|
print FID GenerateCode('@::legal_keywords');
|
|
|
|
print FID GenerateCode('%::keywordsbyname');
|
|
|
|
|
1998-09-16 01:49:26 +04:00
|
|
|
print FID "1;\n";
|
|
|
|
close FID;
|
|
|
|
rename $tmpname, "data/versioncache" || die "Can't rename $tmpname to versioncache";
|
|
|
|
chmod 0666, "data/versioncache";
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2000-07-14 00:04:15 +04:00
|
|
|
sub GetKeywordIdFromName {
|
|
|
|
my ($name) = (@_);
|
|
|
|
$name = lc($name);
|
|
|
|
return $::keywordsbyname{$name};
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
1998-09-16 01:49:26 +04:00
|
|
|
|
|
|
|
# Returns the modification time of a file.
|
|
|
|
|
|
|
|
sub ModTime {
|
|
|
|
my ($filename) = (@_);
|
|
|
|
my ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,
|
|
|
|
$atime,$mtime,$ctime,$blksize,$blocks)
|
|
|
|
= stat($filename);
|
|
|
|
return $mtime;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# This proc must be called before using legal_product or the versions array.
|
|
|
|
|
2001-06-08 01:26:49 +04:00
|
|
|
$::VersionTableLoaded = 0;
|
1998-09-16 01:49:26 +04:00
|
|
|
sub GetVersionTable {
|
2001-06-08 01:26:49 +04:00
|
|
|
return if $::VersionTableLoaded;
|
1998-09-16 01:49:26 +04:00
|
|
|
my $mtime = ModTime("data/versioncache");
|
|
|
|
if (!defined $mtime || $mtime eq "") {
|
|
|
|
$mtime = 0;
|
|
|
|
}
|
|
|
|
if (time() - $mtime > 3600) {
|
|
|
|
GenerateVersionTable();
|
|
|
|
}
|
|
|
|
require 'data/versioncache';
|
|
|
|
if (!defined %::versions) {
|
|
|
|
GenerateVersionTable();
|
|
|
|
do 'data/versioncache';
|
|
|
|
|
|
|
|
if (!defined %::versions) {
|
1999-06-15 08:29:05 +04:00
|
|
|
die "Can't generate file data/versioncache";
|
1998-09-16 01:49:26 +04:00
|
|
|
}
|
|
|
|
}
|
2001-06-08 01:26:49 +04:00
|
|
|
$::VersionTableLoaded = 1;
|
1998-09-16 01:49:26 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
sub InsertNewUser {
|
1999-08-19 04:06:01 +04:00
|
|
|
my ($username, $realname) = (@_);
|
2000-12-23 02:01:30 +03:00
|
|
|
|
2001-07-11 09:29:21 +04:00
|
|
|
# Generate a new random password for the user.
|
|
|
|
my $password = GenerateRandomPassword();
|
|
|
|
my $cryptpassword = Crypt($password);
|
|
|
|
|
|
|
|
# Determine what groups the user should be in by default
|
|
|
|
# and add them to those groups.
|
2001-03-20 00:03:52 +03:00
|
|
|
PushGlobalSQLState();
|
1999-03-11 19:30:54 +03:00
|
|
|
SendSQL("select bit, userregexp from groups where userregexp != ''");
|
|
|
|
my $groupset = "0";
|
|
|
|
while (MoreSQLData()) {
|
|
|
|
my @row = FetchSQLData();
|
2001-07-11 09:29:21 +04:00
|
|
|
# Modified -Joe Robins, 2/17/00
|
|
|
|
# Making this case insensitive, since usernames are email addresses,
|
|
|
|
# and could be any case.
|
2000-03-10 19:25:03 +03:00
|
|
|
if ($username =~ m/$row[1]/i) {
|
1999-03-11 19:30:54 +03:00
|
|
|
$groupset .= "+ $row[0]"; # Silly hack to let MySQL do the math,
|
|
|
|
# not Perl, since we're dealing with 64
|
|
|
|
# bit ints here, and I don't *think* Perl
|
|
|
|
# does that.
|
|
|
|
}
|
|
|
|
}
|
2001-07-11 09:29:21 +04:00
|
|
|
|
|
|
|
# Insert the new user record into the database.
|
1999-08-19 04:06:01 +04:00
|
|
|
$username = SqlQuote($username);
|
|
|
|
$realname = SqlQuote($realname);
|
2001-07-11 09:29:21 +04:00
|
|
|
$cryptpassword = SqlQuote($cryptpassword);
|
|
|
|
SendSQL("INSERT INTO profiles (login_name, realname, cryptpassword, groupset)
|
|
|
|
VALUES ($username, $realname, $cryptpassword, $groupset)");
|
2001-03-20 00:03:52 +03:00
|
|
|
PopGlobalSQLState();
|
2001-07-11 09:29:21 +04:00
|
|
|
|
|
|
|
# Return the password to the calling code so it can be included
|
|
|
|
# in an email sent to the user.
|
|
|
|
return $password;
|
|
|
|
}
|
|
|
|
|
|
|
|
sub GenerateRandomPassword {
|
|
|
|
my ($size) = @_;
|
|
|
|
|
|
|
|
# Generated passwords are eight characters long by default.
|
|
|
|
$size ||= 8;
|
|
|
|
|
2001-08-11 05:51:05 +04:00
|
|
|
# The list of characters that can appear in a randomly generated password.
|
|
|
|
# Note that users can put any character into a password they choose themselves.
|
|
|
|
my @pwchars = (0..9, 'A'..'Z', 'a'..'z', '-', '_', '!', '@', '#', '$', '%', '^', '&', '*');
|
2001-07-11 09:29:21 +04:00
|
|
|
|
|
|
|
# The number of characters in the list.
|
|
|
|
my $pwcharslen = scalar(@pwchars);
|
|
|
|
|
|
|
|
# Generate the password.
|
|
|
|
my $password = "";
|
|
|
|
for ( my $i=0 ; $i<$size ; $i++ ) {
|
|
|
|
$password .= $pwchars[rand($pwcharslen)];
|
|
|
|
}
|
|
|
|
|
|
|
|
# Return the password.
|
1998-09-16 01:49:26 +04:00
|
|
|
return $password;
|
|
|
|
}
|
|
|
|
|
2001-10-23 19:44:53 +04:00
|
|
|
sub SelectVisible {
|
|
|
|
my ($query, $userid, $usergroupset) = @_;
|
|
|
|
|
|
|
|
# Run the SQL $query with the additional restriction that
|
|
|
|
# the bugs can be seen by $userid. $usergroupset is provided
|
|
|
|
# as an optimisation when this is already known, eg from CGI.pl
|
|
|
|
# If not present, it will be obtained from the db.
|
|
|
|
# Assumes that 'bugs' is mentioned as a table name. You should
|
|
|
|
# also make sure that bug_id is qualified bugs.bug_id!
|
|
|
|
# Your query must have a WHERE clause. This is unlikely to be a problem.
|
|
|
|
|
|
|
|
# Also, note that mySQL requires aliases for tables to be locked, as well
|
|
|
|
# This means that if you change the name from selectVisible_cc (or add
|
|
|
|
# additional tables), you will need to update anywhere which does a
|
|
|
|
# LOCK TABLE, and then calls routines which call this
|
|
|
|
|
|
|
|
$usergroupset = 0 unless $userid;
|
|
|
|
|
|
|
|
unless (defined($usergroupset)) {
|
|
|
|
PushGlobalSQLState();
|
|
|
|
SendSQL("SELECT groupset FROM profiles WHERE userid = $userid");
|
|
|
|
$usergroupset = FetchOneColumn();
|
|
|
|
PopGlobalSQLState();
|
|
|
|
}
|
|
|
|
|
|
|
|
# Users are authorized to access bugs if they are a member of all
|
|
|
|
# groups to which the bug is restricted. User group membership and
|
|
|
|
# bug restrictions are stored as bits within bitsets, so authorization
|
|
|
|
# can be determined by comparing the intersection of the user's
|
|
|
|
# bitset with the bug's bitset. If the result matches the bug's bitset
|
|
|
|
# the user is a member of all groups to which the bug is restricted
|
|
|
|
# and is authorized to access the bug.
|
|
|
|
|
|
|
|
# A user is also authorized to access a bug if she is the reporter,
|
|
|
|
# assignee, QA contact, or member of the cc: list of the bug and the bug
|
|
|
|
# allows users in those roles to see the bug. The boolean fields
|
|
|
|
# reporter_accessible, assignee_accessible, qacontact_accessible, and
|
|
|
|
# cclist_accessible identify whether or not those roles can see the bug.
|
|
|
|
|
|
|
|
# Bit arithmetic is performed by MySQL instead of Perl because bitset
|
|
|
|
# fields in the database are 64 bits wide (BIGINT), and Perl installations
|
|
|
|
# may or may not support integers larger than 32 bits. Using bitsets
|
|
|
|
# and doing bitset arithmetic is probably not cross-database compatible,
|
|
|
|
# however, so these mechanisms are likely to change in the future.
|
|
|
|
|
|
|
|
my $replace = " ";
|
|
|
|
|
|
|
|
if ($userid) {
|
|
|
|
$replace .= "LEFT JOIN cc selectVisible_cc ON
|
|
|
|
bugs.bug_id = selectVisible_cc.bug_id AND
|
|
|
|
selectVisible_cc.who = $userid "
|
|
|
|
}
|
|
|
|
|
|
|
|
$replace .= "WHERE ((bugs.groupset & $usergroupset) = bugs.groupset ";
|
|
|
|
|
|
|
|
if ($userid) {
|
|
|
|
# There is a mysql bug affecting v3.22 and 3.23 (at least), where this will
|
|
|
|
# cause all rows to be returned! We work arround this by adding an not isnull
|
|
|
|
# test to the JOINed cc table. See http://lists.mysql.com/cgi-ez/ezmlm-cgi?9:mss:11417
|
|
|
|
# Its needed, even though it shouldn't be
|
|
|
|
$replace .= "OR (bugs.reporter_accessible = 1 AND bugs.reporter = $userid)
|
|
|
|
OR (bugs.assignee_accessible = 1 AND bugs.assigned_to = $userid)
|
|
|
|
OR (bugs.qacontact_accessible = 1 AND bugs.qa_contact = $userid)
|
|
|
|
OR (bugs.cclist_accessible = 1 AND selectVisible_cc.who = $userid AND not isnull(selectVisible_cc.who))";
|
|
|
|
}
|
|
|
|
|
|
|
|
$replace .= ") AND ";
|
|
|
|
|
|
|
|
$query =~ s/\sWHERE\s/$replace/i;
|
|
|
|
|
|
|
|
return $query;
|
|
|
|
}
|
|
|
|
|
|
|
|
sub CanSeeBug {
|
|
|
|
# Note that we pass in the usergroupset, since this is known
|
|
|
|
# in most cases (ie viewing bugs). Maybe make this an optional
|
|
|
|
# parameter?
|
|
|
|
|
|
|
|
my ($id, $userid, $usergroupset) = @_;
|
|
|
|
|
|
|
|
# Query the database for the bug, retrieving a boolean value that
|
|
|
|
# represents whether or not the user is authorized to access the bug.
|
|
|
|
|
|
|
|
PushGlobalSQLState();
|
|
|
|
SendSQL(SelectVisible("SELECT bugs.bug_id FROM bugs WHERE bugs.bug_id = $id",
|
|
|
|
$userid, $usergroupset));
|
|
|
|
|
|
|
|
my $ret = defined(FetchSQLData());
|
|
|
|
PopGlobalSQLState();
|
|
|
|
|
|
|
|
return $ret;
|
|
|
|
}
|
2001-07-11 09:29:21 +04:00
|
|
|
|
|
|
|
sub ValidatePassword {
|
|
|
|
# Determines whether or not a password is valid (i.e. meets Bugzilla's
|
|
|
|
# requirements for length and content). If the password is valid, the
|
|
|
|
# function returns boolean false. Otherwise it returns an error message
|
|
|
|
# (synonymous with boolean true) that can be displayed to the user.
|
|
|
|
|
|
|
|
# If a second password is passed in, this function also verifies that
|
|
|
|
# the two passwords match.
|
|
|
|
|
|
|
|
my ($password, $matchpassword) = @_;
|
|
|
|
|
2001-08-11 05:51:05 +04:00
|
|
|
if ( length($password) < 3 ) {
|
2001-07-11 09:29:21 +04:00
|
|
|
return "The password is less than three characters long. It must be at least three characters.";
|
|
|
|
} elsif ( length($password) > 16 ) {
|
|
|
|
return "The password is more than 16 characters long. It must be no more than 16 characters.";
|
|
|
|
} elsif ( $matchpassword && $password ne $matchpassword ) {
|
|
|
|
return "The two passwords do not match.";
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
sub Crypt {
|
|
|
|
# Crypts a password, generating a random salt to do it.
|
|
|
|
# Random salts are generated because the alternative is usually
|
|
|
|
# to use the first two characters of the password itself, and since
|
|
|
|
# the salt appears in plaintext at the beginning of the crypted
|
|
|
|
# password string this has the effect of revealing the first two
|
|
|
|
# characters of the password to anyone who views the crypted version.
|
|
|
|
|
|
|
|
my ($password) = @_;
|
|
|
|
|
|
|
|
# The list of characters that can appear in a salt. Salts and hashes
|
|
|
|
# are both encoded as a sequence of characters from a set containing
|
|
|
|
# 64 characters, each one of which represents 6 bits of the salt/hash.
|
|
|
|
# The encoding is similar to BASE64, the difference being that the
|
|
|
|
# BASE64 plus sign (+) is replaced with a forward slash (/).
|
|
|
|
my @saltchars = (0..9, 'A'..'Z', 'a'..'z', '.', '/');
|
|
|
|
|
|
|
|
# Generate the salt. We use an 8 character (48 bit) salt for maximum
|
|
|
|
# security on systems whose crypt uses MD5. Systems with older
|
|
|
|
# versions of crypt will just use the first two characters of the salt.
|
|
|
|
my $salt = '';
|
|
|
|
for ( my $i=0 ; $i < 8 ; ++$i ) {
|
|
|
|
$salt .= $saltchars[rand(64)];
|
|
|
|
}
|
|
|
|
|
|
|
|
# Crypt the password.
|
|
|
|
my $cryptedpassword = crypt($password, $salt);
|
|
|
|
|
|
|
|
# Return the crypted password.
|
|
|
|
return $cryptedpassword;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2000-04-26 05:44:28 +04:00
|
|
|
sub DBID_to_real_or_loginname {
|
2000-04-21 22:45:55 +04:00
|
|
|
my ($id) = (@_);
|
2001-03-20 00:03:52 +03:00
|
|
|
PushGlobalSQLState();
|
2000-04-26 05:44:28 +04:00
|
|
|
SendSQL("SELECT login_name,realname FROM profiles WHERE userid = $id");
|
|
|
|
my ($l, $r) = FetchSQLData();
|
2001-03-20 00:03:52 +03:00
|
|
|
PopGlobalSQLState();
|
2000-05-08 22:23:55 +04:00
|
|
|
if (!defined $r || $r eq "") {
|
2000-04-26 05:44:28 +04:00
|
|
|
return $l;
|
2000-04-21 22:45:55 +04:00
|
|
|
} else {
|
2000-04-26 05:44:28 +04:00
|
|
|
return "$l ($r)";
|
2000-04-21 22:45:55 +04:00
|
|
|
}
|
|
|
|
}
|
1998-09-16 01:49:26 +04:00
|
|
|
|
|
|
|
sub DBID_to_name {
|
|
|
|
my ($id) = (@_);
|
2001-07-04 08:41:27 +04:00
|
|
|
# $id should always be a positive integer
|
|
|
|
if ($id =~ m/^([1-9][0-9]*)$/) {
|
|
|
|
$id = $1;
|
|
|
|
} else {
|
|
|
|
$::cachedNameArray{$id} = "__UNKNOWN__";
|
|
|
|
}
|
1998-09-16 01:49:26 +04:00
|
|
|
if (!defined $::cachedNameArray{$id}) {
|
2001-03-20 00:03:52 +03:00
|
|
|
PushGlobalSQLState();
|
1998-09-16 01:49:26 +04:00
|
|
|
SendSQL("select login_name from profiles where userid = $id");
|
|
|
|
my $r = FetchOneColumn();
|
2001-03-20 00:03:52 +03:00
|
|
|
PopGlobalSQLState();
|
2000-05-08 22:23:55 +04:00
|
|
|
if (!defined $r || $r eq "") {
|
1998-09-16 01:49:26 +04:00
|
|
|
$r = "__UNKNOWN__";
|
|
|
|
}
|
|
|
|
$::cachedNameArray{$id} = $r;
|
|
|
|
}
|
|
|
|
return $::cachedNameArray{$id};
|
|
|
|
}
|
|
|
|
|
|
|
|
sub DBname_to_id {
|
|
|
|
my ($name) = (@_);
|
2001-03-20 00:03:52 +03:00
|
|
|
PushGlobalSQLState();
|
1998-09-16 01:49:26 +04:00
|
|
|
SendSQL("select userid from profiles where login_name = @{[SqlQuote($name)]}");
|
|
|
|
my $r = FetchOneColumn();
|
2001-03-20 00:03:52 +03:00
|
|
|
PopGlobalSQLState();
|
2001-07-04 08:41:27 +04:00
|
|
|
# $r should be a positive integer, this makes Taint mode happy
|
|
|
|
if (defined $r && $r =~ m/^([1-9][0-9]*)$/) {
|
|
|
|
return $1;
|
|
|
|
} else {
|
1998-09-16 01:49:26 +04:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
sub DBNameToIdAndCheck {
|
|
|
|
my ($name, $forceok) = (@_);
|
2001-07-04 11:06:00 +04:00
|
|
|
$name = html_quote($name);
|
1998-09-16 01:49:26 +04:00
|
|
|
my $result = DBname_to_id($name);
|
|
|
|
if ($result > 0) {
|
|
|
|
return $result;
|
|
|
|
}
|
|
|
|
if ($forceok) {
|
1999-08-19 04:06:01 +04:00
|
|
|
InsertNewUser($name, "");
|
1998-09-16 01:49:26 +04:00
|
|
|
$result = DBname_to_id($name);
|
|
|
|
if ($result > 0) {
|
|
|
|
return $result;
|
|
|
|
}
|
|
|
|
print "Yikes; couldn't create user $name. Please report problem to " .
|
|
|
|
Param("maintainer") ."\n";
|
|
|
|
} else {
|
2001-05-10 22:16:51 +04:00
|
|
|
print "\n"; # http://bugzilla.mozilla.org/show_bug.cgi?id=80045
|
2000-01-14 01:55:45 +03:00
|
|
|
print "The name <TT>$name</TT> is not a valid username. Either you\n";
|
|
|
|
print "misspelled it, or the person has not registered for a\n";
|
|
|
|
print "Bugzilla account.\n";
|
|
|
|
print "<P>Please hit the <B>Back</B> button and try again.\n";
|
1998-09-16 01:49:26 +04:00
|
|
|
}
|
|
|
|
exit(0);
|
|
|
|
}
|
|
|
|
|
2001-10-23 19:44:53 +04:00
|
|
|
# Use trick_taint() when you know that there is no way that the data
|
2001-07-04 08:41:27 +04:00
|
|
|
# in a scalar can be tainted, but taint mode still bails on it.
|
|
|
|
# WARNING!! Using this routine on data that really could be tainted
|
|
|
|
# defeats the purpose of taint mode. It should only be
|
|
|
|
# used on variables that cannot be touched by users.
|
|
|
|
|
2001-10-23 19:44:53 +04:00
|
|
|
sub trick_taint {
|
|
|
|
$_[0] =~ /^(.*)$/s;
|
|
|
|
$_[0] = $1;
|
|
|
|
return (defined($_[0]));
|
|
|
|
}
|
|
|
|
|
|
|
|
sub detaint_natural {
|
|
|
|
$_[0] =~ /^(\d+)$/;
|
|
|
|
$_[0] = $1;
|
|
|
|
return (defined($_[0]));
|
2001-07-04 08:41:27 +04:00
|
|
|
}
|
|
|
|
|
2000-03-10 21:01:32 +03:00
|
|
|
# This routine quoteUrls contains inspirations from the HTML::FromText CPAN
|
|
|
|
# module by Gareth Rees <garethr@cre.canon.co.uk>. It has been heavily hacked,
|
|
|
|
# all that is really recognizable from the original is bits of the regular
|
|
|
|
# expressions.
|
|
|
|
|
|
|
|
sub quoteUrls {
|
|
|
|
my ($knownattachments, $text) = (@_);
|
|
|
|
return $text unless $text;
|
2000-12-12 06:47:40 +03:00
|
|
|
|
2000-03-10 21:01:32 +03:00
|
|
|
my $base = Param('urlbase');
|
|
|
|
|
|
|
|
my $protocol = join '|',
|
|
|
|
qw(afs cid ftp gopher http https mid news nntp prospero telnet wais);
|
|
|
|
|
|
|
|
my %options = ( metachars => 1, @_ );
|
|
|
|
|
|
|
|
my $count = 0;
|
|
|
|
|
|
|
|
# Now, quote any "#" characters so they won't confuse stuff later
|
|
|
|
$text =~ s/#/%#/g;
|
|
|
|
|
|
|
|
# Next, find anything that looks like a URL or an email address and
|
|
|
|
# pull them out the the text, replacing them with a "##<digits>##
|
|
|
|
# marker, and writing them into an array. All this confusion is
|
|
|
|
# necessary so that we don't match on something we've already replaced,
|
|
|
|
# which can happen if you do multiple s///g operations.
|
|
|
|
|
|
|
|
my @things;
|
|
|
|
while ($text =~ s%((mailto:)?([\w\.\-\+\=]+\@[\w\-]+(?:\.[\w\-]+)+)\b|
|
|
|
|
(\b((?:$protocol):[^ \t\n<>"]+[\w/])))%"##$count##"%exo) {
|
|
|
|
my $item = $&;
|
|
|
|
|
|
|
|
$item = value_quote($item);
|
|
|
|
|
|
|
|
if ($item !~ m/^$protocol:/o && $item !~ /^mailto:/) {
|
|
|
|
# We must have grabbed this one because it looks like an email
|
|
|
|
# address.
|
|
|
|
$item = qq{<A HREF="mailto:$item">$item</A>};
|
|
|
|
} else {
|
|
|
|
$item = qq{<A HREF="$item">$item</A>};
|
|
|
|
}
|
|
|
|
|
|
|
|
$things[$count++] = $item;
|
|
|
|
}
|
2001-10-20 17:03:14 +04:00
|
|
|
# Either a comment string or no comma and a compulsory #.
|
|
|
|
while ($text =~ s/\bbug(\s|%\#)*(\d+),?\s*comment\s*(\s|%\#)(\d+)/"##$count##"/ei) {
|
|
|
|
my $item = $&;
|
|
|
|
my $bugnum = $2;
|
|
|
|
my $comnum = $4;
|
|
|
|
$item = GetBugLink($bugnum, $item);
|
|
|
|
$item =~ s/(id=\d+)/$1#c$comnum/;
|
|
|
|
$things[$count++] = $item;
|
|
|
|
}
|
|
|
|
while ($text =~ s/\bcomment(\s|%\#)*(\d+)/"##$count##"/ei) {
|
|
|
|
my $item = $&;
|
|
|
|
my $num = $2;
|
|
|
|
$item = value_quote($item);
|
|
|
|
$item = qq{<A HREF="#c$num">$item</A>};
|
|
|
|
$things[$count++] = $item;
|
|
|
|
}
|
2000-03-10 21:01:32 +03:00
|
|
|
while ($text =~ s/\bbug(\s|%\#)*(\d+)/"##$count##"/ei) {
|
|
|
|
my $item = $&;
|
|
|
|
my $num = $2;
|
2001-01-25 01:24:06 +03:00
|
|
|
$item = GetBugLink($num, $item);
|
2000-03-10 21:01:32 +03:00
|
|
|
$things[$count++] = $item;
|
|
|
|
}
|
2001-02-21 00:49:59 +03:00
|
|
|
while ($text =~ s/\battachment(\s|%\#)*(\d+)/"##$count##"/ei) {
|
|
|
|
my $item = $&;
|
|
|
|
my $num = $2;
|
|
|
|
$item = value_quote($item); # Not really necessary, since we know
|
|
|
|
# there's no special chars in it.
|
2002-01-30 17:14:12 +03:00
|
|
|
$item = qq{<A HREF="attachment.cgi?id=$num&action=view">$item</A>};
|
2001-02-21 00:49:59 +03:00
|
|
|
$things[$count++] = $item;
|
|
|
|
}
|
2000-03-10 21:01:32 +03:00
|
|
|
while ($text =~ s/\*\*\* This bug has been marked as a duplicate of (\d+) \*\*\*/"##$count##"/ei) {
|
|
|
|
my $item = $&;
|
|
|
|
my $num = $1;
|
2001-01-25 01:24:06 +03:00
|
|
|
my $bug_link;
|
|
|
|
$bug_link = GetBugLink($num, $num);
|
|
|
|
$item =~ s@\d+@$bug_link@;
|
2000-03-10 21:01:32 +03:00
|
|
|
$things[$count++] = $item;
|
|
|
|
}
|
|
|
|
while ($text =~ s/Created an attachment \(id=(\d+)\)/"##$count##"/e) {
|
|
|
|
my $item = $&;
|
|
|
|
my $num = $1;
|
|
|
|
if ($knownattachments->{$num}) {
|
2002-01-30 17:14:12 +03:00
|
|
|
$item = qq{<A HREF="attachment.cgi?id=$num&action=view">$item</A>};
|
2000-03-10 21:01:32 +03:00
|
|
|
}
|
|
|
|
$things[$count++] = $item;
|
|
|
|
}
|
|
|
|
|
|
|
|
$text = value_quote($text);
|
2001-10-03 11:49:19 +04:00
|
|
|
$text =~ s/\
/\n/g;
|
2000-03-10 21:01:32 +03:00
|
|
|
|
|
|
|
# Stuff everything back from the array.
|
|
|
|
for (my $i=0 ; $i<$count ; $i++) {
|
|
|
|
$text =~ s/##$i##/$things[$i]/e;
|
|
|
|
}
|
|
|
|
|
|
|
|
# And undo the quoting of "#" characters.
|
|
|
|
$text =~ s/%#/#/g;
|
|
|
|
|
2001-01-25 01:24:06 +03:00
|
|
|
return $text;
|
|
|
|
}
|
|
|
|
|
|
|
|
# This is a new subroutine written 12/20/00 for the purpose of processing a
|
|
|
|
# link to a bug. It can be called using "GetBugLink (<BugNumber>, <LinkText>);"
|
|
|
|
# Where <BugNumber> is the number of the bug and <LinkText> is what apprears
|
|
|
|
# between '<a>' and '</a>'.
|
|
|
|
|
|
|
|
sub GetBugLink {
|
|
|
|
my ($bug_num, $link_text) = (@_);
|
2001-11-12 16:43:59 +03:00
|
|
|
detaint_natural($bug_num) || die "GetBugLink() called with non-integer bug number";
|
|
|
|
|
|
|
|
# If we've run GetBugLink() for this bug number before, %::buglink
|
|
|
|
# will contain an anonymous array ref of relevent values, if not
|
|
|
|
# we need to get the information from the database.
|
|
|
|
if (! defined $::buglink{$bug_num}) {
|
|
|
|
# Make sure any unfetched data from a currently running query
|
|
|
|
# is saved off rather than overwritten
|
|
|
|
PushGlobalSQLState();
|
2001-01-25 01:24:06 +03:00
|
|
|
|
2001-11-12 16:43:59 +03:00
|
|
|
SendSQL("SELECT bugs.bug_status, resolution, short_desc, groupset " .
|
|
|
|
"FROM bugs WHERE bugs.bug_id = $bug_num");
|
|
|
|
|
|
|
|
# If the bug exists, save its data off for use later in the sub
|
|
|
|
if (MoreSQLData()) {
|
|
|
|
my ($bug_state, $bug_res, $bug_desc, $bug_grp) = FetchSQLData();
|
|
|
|
# Initialize these variables to be "" so that we don't get warnings
|
|
|
|
# if we don't change them below (which is highly likely).
|
|
|
|
my ($pre, $title, $post) = ("", "", "");
|
2000-12-12 06:47:40 +03:00
|
|
|
|
2001-11-12 16:43:59 +03:00
|
|
|
$title = $bug_state;
|
|
|
|
if ($bug_state eq $::unconfirmedstate) {
|
|
|
|
$pre = "<i>";
|
|
|
|
$post = "</i>";
|
|
|
|
}
|
|
|
|
elsif (! IsOpenedState($bug_state)) {
|
|
|
|
$pre = "<strike>";
|
|
|
|
$title .= " $bug_res";
|
|
|
|
$post = "</strike>";
|
|
|
|
}
|
|
|
|
if ($bug_grp == 0 || CanSeeBug($bug_num, $::userid, $::usergroupset)) {
|
|
|
|
$title .= " - $bug_desc";
|
|
|
|
}
|
|
|
|
$::buglink{$bug_num} = [$pre, value_quote($title), $post];
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
# Even if there's nothing in the database, we want to save a blank
|
|
|
|
# anonymous array in the %::buglink hash so the query doesn't get
|
|
|
|
# run again next time we're called for this bug number.
|
|
|
|
$::buglink{$bug_num} = [];
|
|
|
|
}
|
|
|
|
# All done with this sidetrip
|
|
|
|
PopGlobalSQLState();
|
|
|
|
}
|
2001-01-25 01:24:06 +03:00
|
|
|
|
2001-11-12 16:43:59 +03:00
|
|
|
# Now that we know we've got all the information we're gonna get, let's
|
|
|
|
# return the link (which is the whole reason we were called :)
|
|
|
|
my ($pre, $title, $post) = @{$::buglink{$bug_num}};
|
|
|
|
# $title will be undefined if the bug didn't exist in the database.
|
|
|
|
if (defined $title) {
|
|
|
|
return qq{$pre<a href="show_bug.cgi?id=$bug_num" title="$title">$link_text</a>$post};
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return qq{$link_text};
|
|
|
|
}
|
2000-03-10 21:01:32 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
sub GetLongDescriptionAsText {
|
2000-01-22 07:24:42 +03:00
|
|
|
my ($id, $start, $end) = (@_);
|
2000-01-21 00:31:22 +03:00
|
|
|
my $result = "";
|
|
|
|
my $count = 0;
|
2000-01-22 07:24:42 +03:00
|
|
|
my ($query) = ("SELECT profiles.login_name, longdescs.bug_when, " .
|
|
|
|
" longdescs.thetext " .
|
|
|
|
"FROM longdescs, profiles " .
|
|
|
|
"WHERE profiles.userid = longdescs.who " .
|
|
|
|
" AND longdescs.bug_id = $id ");
|
|
|
|
|
|
|
|
if ($start && $start =~ /[1-9]/) {
|
|
|
|
# If the start is all zeros, then don't do this (because we want to
|
2000-03-10 21:26:23 +03:00
|
|
|
# not emit a leading "Additional Comments" line in that case.)
|
2000-01-22 07:24:42 +03:00
|
|
|
$query .= "AND longdescs.bug_when > '$start'";
|
|
|
|
$count = 1;
|
|
|
|
}
|
|
|
|
if ($end) {
|
|
|
|
$query .= "AND longdescs.bug_when <= '$end'";
|
|
|
|
}
|
|
|
|
|
|
|
|
$query .= "ORDER BY longdescs.bug_when";
|
|
|
|
SendSQL($query);
|
2000-01-21 00:31:22 +03:00
|
|
|
while (MoreSQLData()) {
|
|
|
|
my ($who, $when, $text) = (FetchSQLData());
|
|
|
|
if ($count) {
|
2000-09-13 21:45:48 +04:00
|
|
|
$result .= "\n\n------- Additional Comments From $who".Param('emailsuffix')." ".
|
2000-01-21 00:31:22 +03:00
|
|
|
time2str("%Y-%m-%d %H:%M", str2time($when)) . " -------\n";
|
|
|
|
}
|
|
|
|
$result .= $text;
|
|
|
|
$count++;
|
|
|
|
}
|
|
|
|
|
|
|
|
return $result;
|
1998-09-16 01:49:26 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2000-03-10 21:01:32 +03:00
|
|
|
sub GetLongDescriptionAsHTML {
|
|
|
|
my ($id, $start, $end) = (@_);
|
|
|
|
my $result = "";
|
|
|
|
my $count = 0;
|
|
|
|
my %knownattachments;
|
|
|
|
SendSQL("SELECT attach_id FROM attachments WHERE bug_id = $id");
|
|
|
|
while (MoreSQLData()) {
|
|
|
|
$knownattachments{FetchOneColumn()} = 1;
|
|
|
|
}
|
|
|
|
|
2000-04-21 22:45:55 +04:00
|
|
|
my ($query) = ("SELECT profiles.realname, profiles.login_name, longdescs.bug_when, " .
|
2000-03-10 21:01:32 +03:00
|
|
|
" longdescs.thetext " .
|
|
|
|
"FROM longdescs, profiles " .
|
|
|
|
"WHERE profiles.userid = longdescs.who " .
|
|
|
|
" AND longdescs.bug_id = $id ");
|
|
|
|
|
|
|
|
if ($start && $start =~ /[1-9]/) {
|
|
|
|
# If the start is all zeros, then don't do this (because we want to
|
2000-03-10 21:26:23 +03:00
|
|
|
# not emit a leading "Additional Comments" line in that case.)
|
2000-03-10 21:01:32 +03:00
|
|
|
$query .= "AND longdescs.bug_when > '$start'";
|
|
|
|
$count = 1;
|
|
|
|
}
|
|
|
|
if ($end) {
|
|
|
|
$query .= "AND longdescs.bug_when <= '$end'";
|
|
|
|
}
|
|
|
|
|
|
|
|
$query .= "ORDER BY longdescs.bug_when";
|
|
|
|
SendSQL($query);
|
|
|
|
while (MoreSQLData()) {
|
2000-04-21 22:45:55 +04:00
|
|
|
my ($who, $email, $when, $text) = (FetchSQLData());
|
2000-09-13 21:45:48 +04:00
|
|
|
$email .= Param('emailsuffix');
|
2000-03-10 21:01:32 +03:00
|
|
|
if ($count) {
|
2001-10-20 17:03:14 +04:00
|
|
|
$result .= qq|<BR><BR><I>------- Additional Comment <a name="c$count" href="#c$count">#$count</a> From |;
|
|
|
|
if ($who) {
|
|
|
|
$result .= qq{<A HREF="mailto:$email">$who</A> };
|
|
|
|
} else {
|
|
|
|
$result .= qq{<A HREF="mailto:$email">$email</A> };
|
|
|
|
}
|
|
|
|
|
|
|
|
$result .= time2str("%Y-%m-%d %H:%M", str2time($when)) . " -------</I><BR>\n";
|
2000-03-10 21:01:32 +03:00
|
|
|
}
|
|
|
|
$result .= "<PRE>" . quoteUrls(\%knownattachments, $text) . "</PRE>\n";
|
|
|
|
$count++;
|
|
|
|
}
|
|
|
|
|
|
|
|
return $result;
|
|
|
|
}
|
|
|
|
|
1998-09-16 01:49:26 +04:00
|
|
|
# Fills in a hashtable with info about the columns for the given table in the
|
|
|
|
# database. The hashtable has the following entries:
|
|
|
|
# -list- the list of column names
|
|
|
|
# <name>,type the type for the given name
|
|
|
|
|
|
|
|
sub LearnAboutColumns {
|
|
|
|
my ($table) = (@_);
|
|
|
|
my %a;
|
|
|
|
SendSQL("show columns from $table");
|
|
|
|
my @list = ();
|
|
|
|
my @row;
|
|
|
|
while (@row = FetchSQLData()) {
|
|
|
|
my ($name,$type) = (@row);
|
|
|
|
$a{"$name,type"} = $type;
|
|
|
|
push @list, $name;
|
|
|
|
}
|
|
|
|
$a{"-list-"} = \@list;
|
|
|
|
return \%a;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# If the above returned a enum type, take that type and parse it into the
|
|
|
|
# list of values. Assumes that enums don't ever contain an apostrophe!
|
|
|
|
|
|
|
|
sub SplitEnumType {
|
|
|
|
my ($str) = (@_);
|
|
|
|
my @result = ();
|
|
|
|
if ($str =~ /^enum\((.*)\)$/) {
|
|
|
|
my $guts = $1 . ",";
|
|
|
|
while ($guts =~ /^\'([^\']*)\',(.*)$/) {
|
|
|
|
push @result, $1;
|
|
|
|
$guts = $2;
|
2001-10-13 05:36:17 +04:00
|
|
|
}
|
1998-09-16 01:49:26 +04:00
|
|
|
}
|
|
|
|
return @result;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
# This routine is largely copied from Mysql.pm.
|
|
|
|
|
|
|
|
sub SqlQuote {
|
|
|
|
my ($str) = (@_);
|
1999-01-28 00:17:10 +03:00
|
|
|
# if (!defined $str) {
|
|
|
|
# confess("Undefined passed to SqlQuote");
|
|
|
|
# }
|
1998-09-16 01:49:26 +04:00
|
|
|
$str =~ s/([\\\'])/\\$1/g;
|
|
|
|
$str =~ s/\0/\\0/g;
|
2001-07-04 08:41:27 +04:00
|
|
|
# If it's been SqlQuote()ed, then it's safe, so we tell -T that.
|
2001-10-23 19:44:53 +04:00
|
|
|
trick_taint($str);
|
1998-09-16 01:49:26 +04:00
|
|
|
return "'$str'";
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
1999-03-11 19:30:54 +03:00
|
|
|
sub UserInGroup {
|
|
|
|
my ($groupname) = (@_);
|
|
|
|
if ($::usergroupset eq "0") {
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
ConnectToDatabase();
|
|
|
|
SendSQL("select (bit & $::usergroupset) != 0 from groups where name = " . SqlQuote($groupname));
|
|
|
|
my $bit = FetchOneColumn();
|
|
|
|
if ($bit) {
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2001-08-11 05:18:24 +04:00
|
|
|
sub BugInGroup {
|
|
|
|
my ($bugid, $groupname) = (@_);
|
|
|
|
my $groupbit = GroupNameToBit($groupname);
|
|
|
|
PushGlobalSQLState();
|
|
|
|
SendSQL("SELECT (bugs.groupset & $groupbit) != 0 FROM bugs WHERE bugs.bug_id = $bugid");
|
|
|
|
my $bugingroup = FetchOneColumn();
|
|
|
|
PopGlobalSQLState();
|
|
|
|
return $bugingroup;
|
|
|
|
}
|
|
|
|
|
2000-03-10 19:25:03 +03:00
|
|
|
sub GroupExists {
|
|
|
|
my ($groupname) = (@_);
|
|
|
|
ConnectToDatabase();
|
|
|
|
SendSQL("select count(*) from groups where name=" . SqlQuote($groupname));
|
|
|
|
my $count = FetchOneColumn();
|
|
|
|
return $count;
|
|
|
|
}
|
1999-03-11 19:30:54 +03:00
|
|
|
|
2001-08-11 05:18:24 +04:00
|
|
|
# Given the name of an existing group, returns the bit associated with it.
|
|
|
|
# If the group does not exist, returns 0.
|
|
|
|
# !!! Remove this function when the new group system is implemented!
|
|
|
|
sub GroupNameToBit {
|
|
|
|
my ($groupname) = (@_);
|
|
|
|
ConnectToDatabase();
|
|
|
|
PushGlobalSQLState();
|
|
|
|
SendSQL("SELECT bit FROM groups WHERE name = " . SqlQuote($groupname));
|
|
|
|
my $bit = FetchOneColumn() || 0;
|
|
|
|
PopGlobalSQLState();
|
|
|
|
return $bit;
|
|
|
|
}
|
|
|
|
|
2001-06-06 07:16:52 +04:00
|
|
|
# Determines whether or not a group is active by checking
|
|
|
|
# the "isactive" column for the group in the "groups" table.
|
|
|
|
# Note: This function selects groups by bit rather than by name.
|
|
|
|
sub GroupIsActive {
|
|
|
|
my ($groupbit) = (@_);
|
2001-08-11 05:18:24 +04:00
|
|
|
$groupbit ||= 0;
|
2001-06-06 07:16:52 +04:00
|
|
|
ConnectToDatabase();
|
|
|
|
SendSQL("select isactive from groups where bit=$groupbit");
|
|
|
|
my $isactive = FetchOneColumn();
|
|
|
|
return $isactive;
|
|
|
|
}
|
|
|
|
|
2000-01-23 04:03:15 +03:00
|
|
|
# Determines if the given bug_status string represents an "Opened" bug. This
|
|
|
|
# routine ought to be paramaterizable somehow, as people tend to introduce
|
|
|
|
# new states into Bugzilla.
|
|
|
|
|
|
|
|
sub IsOpenedState {
|
|
|
|
my ($state) = (@_);
|
2001-09-15 01:50:08 +04:00
|
|
|
if (grep($_ eq $state, OpenStates())) {
|
2000-01-23 04:03:15 +03:00
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2001-09-15 01:50:08 +04:00
|
|
|
# This sub will return an array containing any status that
|
|
|
|
# is considered an open bug.
|
|
|
|
|
|
|
|
sub OpenStates {
|
|
|
|
return ('NEW', 'REOPENED', 'ASSIGNED', $::unconfirmedstate);
|
|
|
|
}
|
|
|
|
|
2000-01-23 04:03:15 +03:00
|
|
|
|
1999-10-08 03:54:52 +04:00
|
|
|
sub RemoveVotes {
|
2000-02-17 08:15:23 +03:00
|
|
|
my ($id, $who, $reason) = (@_);
|
1999-10-08 03:54:52 +04:00
|
|
|
ConnectToDatabase();
|
2000-02-17 08:15:23 +03:00
|
|
|
my $whopart = "";
|
|
|
|
if ($who) {
|
|
|
|
$whopart = " AND votes.who = $who";
|
|
|
|
}
|
2001-08-16 06:46:15 +04:00
|
|
|
SendSQL("SELECT profiles.login_name, profiles.userid, votes.count, " .
|
|
|
|
"products.votesperuser, products.maxvotesperbug " .
|
|
|
|
"FROM profiles " .
|
|
|
|
"LEFT JOIN votes ON profiles.userid = votes.who " .
|
|
|
|
"LEFT JOIN bugs USING(bug_id) " .
|
|
|
|
"LEFT JOIN products USING(product)" .
|
2000-02-17 08:15:23 +03:00
|
|
|
"WHERE votes.bug_id = $id " .
|
|
|
|
$whopart);
|
1999-10-08 03:54:52 +04:00
|
|
|
my @list;
|
|
|
|
while (MoreSQLData()) {
|
2001-08-25 04:12:12 +04:00
|
|
|
my ($name, $userid, $oldvotes, $votesperuser, $maxvotesperbug) = (FetchSQLData());
|
|
|
|
push(@list, [$name, $userid, $oldvotes, $votesperuser, $maxvotesperbug]);
|
1999-10-08 03:54:52 +04:00
|
|
|
}
|
|
|
|
if (0 < @list) {
|
2000-02-17 08:15:23 +03:00
|
|
|
foreach my $ref (@list) {
|
2001-08-25 04:12:12 +04:00
|
|
|
my ($name, $userid, $oldvotes, $votesperuser, $maxvotesperbug) = (@$ref);
|
|
|
|
my $s;
|
|
|
|
|
|
|
|
$maxvotesperbug = $votesperuser if ($votesperuser < $maxvotesperbug);
|
2001-08-16 06:46:15 +04:00
|
|
|
|
|
|
|
# If this product allows voting and the user's votes are in
|
|
|
|
# the acceptable range, then don't do anything.
|
2001-08-25 04:12:12 +04:00
|
|
|
next if $votesperuser && $oldvotes <= $maxvotesperbug;
|
2001-08-16 06:46:15 +04:00
|
|
|
|
|
|
|
# If the user has more votes on this bug than this product
|
|
|
|
# allows, then reduce the number of votes so it fits
|
|
|
|
my $newvotes = $votesperuser ? $maxvotesperbug : 0;
|
2001-08-25 04:12:12 +04:00
|
|
|
|
|
|
|
my $removedvotes = $oldvotes - $newvotes;
|
|
|
|
|
|
|
|
$s = $oldvotes == 1 ? "" : "s";
|
|
|
|
my $oldvotestext = "You had $oldvotes vote$s on this bug.";
|
|
|
|
|
|
|
|
$s = $removedvotes == 1 ? "" : "s";
|
|
|
|
my $removedvotestext = "You had $removedvotes vote$s removed from this bug.";
|
|
|
|
|
|
|
|
my $newvotestext;
|
2001-08-16 06:46:15 +04:00
|
|
|
if ($newvotes) {
|
|
|
|
SendSQL("UPDATE votes SET count = $newvotes " .
|
|
|
|
"WHERE bug_id = $id AND who = $userid");
|
2001-08-25 04:12:12 +04:00
|
|
|
$s = $newvotes == 1 ? "" : "s";
|
|
|
|
$newvotestext = "You still have $newvotes vote$s on this bug."
|
2001-08-16 06:46:15 +04:00
|
|
|
} else {
|
|
|
|
SendSQL("DELETE FROM votes WHERE bug_id = $id AND who = $userid");
|
2001-08-25 04:12:12 +04:00
|
|
|
$newvotestext = "You have no more votes remaining on this bug.";
|
2001-08-16 06:46:15 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
# Notice that we did not make sure that the user fit within the $votesperuser
|
2001-08-25 04:12:12 +04:00
|
|
|
# range. This is considered to be an acceptable alternative to losing votes
|
2001-08-16 06:46:15 +04:00
|
|
|
# during product moves. Then next time the user attempts to change their votes,
|
|
|
|
# they will be forced to fit within the $votesperuser limit.
|
|
|
|
|
|
|
|
# Now lets send the e-mail to alert the user to the fact that their votes have
|
|
|
|
# been reduced or removed.
|
2000-09-12 20:29:38 +04:00
|
|
|
my $sendmailparm = '-ODeliveryMode=deferred';
|
|
|
|
if (Param('sendmailnow')) {
|
|
|
|
$sendmailparm = '';
|
|
|
|
}
|
|
|
|
if (open(SENDMAIL, "|/usr/lib/sendmail $sendmailparm -t")) {
|
2000-02-17 08:15:23 +03:00
|
|
|
my %substs;
|
2001-08-25 04:12:12 +04:00
|
|
|
|
2000-02-17 08:15:23 +03:00
|
|
|
$substs{"to"} = $name;
|
|
|
|
$substs{"bugid"} = $id;
|
|
|
|
$substs{"reason"} = $reason;
|
2001-08-25 04:12:12 +04:00
|
|
|
|
|
|
|
$substs{"votesremoved"} = $removedvotes;
|
|
|
|
$substs{"votesold"} = $oldvotes;
|
|
|
|
$substs{"votesnew"} = $newvotes;
|
|
|
|
|
|
|
|
$substs{"votesremovedtext"} = $removedvotestext;
|
|
|
|
$substs{"votesoldtext"} = $oldvotestext;
|
|
|
|
$substs{"votesnewtext"} = $newvotestext;
|
|
|
|
|
|
|
|
$substs{"count"} = $removedvotes . "\n " . $newvotestext;
|
|
|
|
|
2000-02-17 17:57:57 +03:00
|
|
|
my $msg = PerformSubsts(Param("voteremovedmail"),
|
|
|
|
\%substs);
|
|
|
|
print SENDMAIL $msg;
|
2000-02-17 08:15:23 +03:00
|
|
|
close SENDMAIL;
|
|
|
|
}
|
1999-10-08 03:54:52 +04:00
|
|
|
}
|
2000-02-17 08:15:23 +03:00
|
|
|
SendSQL("SELECT SUM(count) FROM votes WHERE bug_id = $id");
|
|
|
|
my $v = FetchOneColumn();
|
|
|
|
$v ||= 0;
|
|
|
|
SendSQL("UPDATE bugs SET votes = $v, delta_ts = delta_ts " .
|
|
|
|
"WHERE bug_id = $id");
|
1999-10-08 03:54:52 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2000-03-29 01:31:24 +04:00
|
|
|
sub Param ($) {
|
1998-09-16 01:49:26 +04:00
|
|
|
my ($value) = (@_);
|
|
|
|
if (defined $::param{$value}) {
|
|
|
|
return $::param{$value};
|
|
|
|
}
|
2000-01-15 01:35:49 +03:00
|
|
|
|
|
|
|
# See if it is a dynamically-determined param (can't be changed by user).
|
|
|
|
if ($value eq "commandmenu") {
|
|
|
|
return GetCommandMenu();
|
|
|
|
}
|
|
|
|
if ($value eq "settingsmenu") {
|
|
|
|
return GetSettingsMenu();
|
|
|
|
}
|
1998-09-16 01:49:26 +04:00
|
|
|
# Um, maybe we haven't sourced in the params at all yet.
|
|
|
|
if (stat("data/params")) {
|
1998-09-19 10:20:13 +04:00
|
|
|
# Write down and restore the version # here. That way, we get around
|
|
|
|
# anyone who maliciously tries to tweak the version number by editing
|
|
|
|
# the params file. Not to mention that in 2.0, there was a bug that
|
|
|
|
# wrote the version number out to the params file...
|
|
|
|
my $v = $::param{'version'};
|
1998-09-16 01:49:26 +04:00
|
|
|
require "data/params";
|
1998-09-19 10:20:13 +04:00
|
|
|
$::param{'version'} = $v;
|
1998-09-16 01:49:26 +04:00
|
|
|
}
|
|
|
|
if (defined $::param{$value}) {
|
|
|
|
return $::param{$value};
|
|
|
|
}
|
|
|
|
# Well, that didn't help. Maybe it's a new param, and the user
|
|
|
|
# hasn't defined anything for it. Try and load a default value
|
|
|
|
# for it.
|
|
|
|
require "defparams.pl";
|
|
|
|
WriteParams();
|
|
|
|
if (defined $::param{$value}) {
|
|
|
|
return $::param{$value};
|
|
|
|
}
|
|
|
|
# We're pimped.
|
|
|
|
die "Can't find param named $value";
|
|
|
|
}
|
|
|
|
|
2001-07-20 19:18:30 +04:00
|
|
|
# Take two comma or space separated strings and return what
|
|
|
|
# values were removed from or added to the new one.
|
|
|
|
sub DiffStrings {
|
|
|
|
my ($oldstr, $newstr) = @_;
|
|
|
|
|
2001-08-19 22:26:21 +04:00
|
|
|
# Split the old and new strings into arrays containing their values.
|
|
|
|
$oldstr =~ s/[\s,]+/ /g;
|
|
|
|
$newstr =~ s/[\s,]+/ /g;
|
|
|
|
my @old = split(" ", $oldstr);
|
|
|
|
my @new = split(" ", $newstr);
|
|
|
|
|
2001-07-20 19:18:30 +04:00
|
|
|
my (@remove, @add) = ();
|
|
|
|
|
|
|
|
# Find values that were removed
|
2001-08-19 22:26:21 +04:00
|
|
|
foreach my $value (@old) {
|
|
|
|
push (@remove, $value) if !grep($_ eq $value, @new);
|
2001-07-20 19:18:30 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
# Find values that were added
|
2001-08-19 22:26:21 +04:00
|
|
|
foreach my $value (@new) {
|
|
|
|
push (@add, $value) if !grep($_ eq $value, @old);
|
2001-07-20 19:18:30 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
my $removed = join (", ", @remove);
|
|
|
|
my $added = join (", ", @add);
|
|
|
|
|
|
|
|
return ($removed, $added);
|
|
|
|
}
|
|
|
|
|
1998-09-16 01:49:26 +04:00
|
|
|
sub PerformSubsts {
|
|
|
|
my ($str, $substs) = (@_);
|
|
|
|
$str =~ s/%([a-z]*)%/(defined $substs->{$1} ? $substs->{$1} : Param($1))/eg;
|
|
|
|
return $str;
|
|
|
|
}
|
|
|
|
|
2001-11-17 13:29:55 +03:00
|
|
|
# Min and max routines.
|
|
|
|
sub min {
|
|
|
|
my $min = shift(@_);
|
|
|
|
foreach my $val (@_) {
|
|
|
|
$min = $val if $val < $min;
|
|
|
|
}
|
|
|
|
return $min;
|
|
|
|
}
|
|
|
|
|
|
|
|
sub max {
|
|
|
|
my $max = shift(@_);
|
|
|
|
foreach my $val (@_) {
|
|
|
|
$max = $val if $val > $max;
|
|
|
|
}
|
|
|
|
return $max;
|
|
|
|
}
|
1998-09-16 01:49:26 +04:00
|
|
|
|
|
|
|
# Trim whitespace from front and back.
|
|
|
|
|
|
|
|
sub trim {
|
2001-12-17 04:29:52 +03:00
|
|
|
my ($str) = @_;
|
|
|
|
$str =~ s/^\s+//g;
|
|
|
|
$str =~ s/\s+$//g;
|
|
|
|
return $str;
|
1998-09-16 01:49:26 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
1;
|