1999-10-08 03:54:52 +04:00
|
|
|
#!/usr/bonsaitools/bin/perl -w
|
|
|
|
# -*- Mode: perl; indent-tabs-mode: nil -*-
|
|
|
|
#
|
1999-11-02 02:33:56 +03:00
|
|
|
# The contents of this file are subject to the Mozilla Public
|
|
|
|
# License Version 1.1 (the "License"); you may not use this file
|
|
|
|
# except in compliance with the License. You may obtain a copy of
|
|
|
|
# the License at http://www.mozilla.org/MPL/
|
|
|
|
#
|
|
|
|
# Software distributed under the License is distributed on an "AS
|
|
|
|
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
|
|
|
# implied. See the License for the specific language governing
|
|
|
|
# rights and limitations under the License.
|
|
|
|
#
|
1999-10-08 03:54:52 +04:00
|
|
|
# The Original Code is the Bugzilla Bug Tracking System.
|
1999-11-02 02:33:56 +03:00
|
|
|
#
|
1999-10-08 03:54:52 +04:00
|
|
|
# The Initial Developer of the Original Code is Netscape Communications
|
1999-11-02 02:33:56 +03:00
|
|
|
# Corporation. Portions created by Netscape are
|
|
|
|
# Copyright (C) 1998 Netscape Communications Corporation. All
|
|
|
|
# Rights Reserved.
|
|
|
|
#
|
1999-10-08 03:54:52 +04:00
|
|
|
# Contributor(s): Terry Weissman <terry@mozilla.org>
|
2001-01-24 05:41:41 +03:00
|
|
|
# Stephan Niemz <st.n@gmx.net>
|
1999-10-08 03:54:52 +04:00
|
|
|
|
|
|
|
use diagnostics;
|
|
|
|
use strict;
|
|
|
|
|
|
|
|
require "CGI.pl";
|
|
|
|
|
2001-05-10 06:53:22 +04:00
|
|
|
ConnectToDatabase();
|
|
|
|
|
2001-05-31 19:52:25 +04:00
|
|
|
if (defined $::FORM{'voteon'} || (!defined $::FORM{'bug_id'} &&
|
|
|
|
!defined $::FORM{'user'})) {
|
|
|
|
confirm_login();
|
|
|
|
$::FORM{'user'} = DBNameToIdAndCheck($::COOKIE{'Bugzilla_login'});
|
|
|
|
} else {
|
|
|
|
# Check whether or not the user is currently logged in without throwing
|
|
|
|
# an error if the user is not logged in. This function sets the value
|
|
|
|
# of $::usergroupset, the binary number that records the set of groups
|
|
|
|
# to which the user belongs and which gets used in ValidateBugID below
|
|
|
|
# to determine whether or not the user is authorized to access the bug
|
|
|
|
# whose votes are being shown or which is being voted on.
|
|
|
|
quietly_check_login();
|
|
|
|
}
|
|
|
|
|
2001-05-10 06:53:22 +04:00
|
|
|
################################################################################
|
2001-05-31 19:52:25 +04:00
|
|
|
# Begin Data/Security Validation
|
2001-05-10 06:53:22 +04:00
|
|
|
################################################################################
|
|
|
|
|
2001-05-31 19:52:25 +04:00
|
|
|
# Make sure the bug ID is a positive integer representing an existing
|
|
|
|
# bug that the user is authorized to access.
|
|
|
|
if (defined $::FORM{'bug_id'}) {
|
|
|
|
ValidateBugID($::FORM{'bug_id'});
|
2001-05-10 06:53:22 +04:00
|
|
|
}
|
|
|
|
|
2001-05-31 19:52:25 +04:00
|
|
|
# Make sure the bug ID being voted on is a positive integer representing
|
|
|
|
# an existing bug that the user is authorized to access.
|
|
|
|
if (defined $::FORM{'voteon'}) {
|
|
|
|
ValidateBugID($::FORM{'voteon'});
|
2001-05-10 06:53:22 +04:00
|
|
|
}
|
|
|
|
|
2001-05-31 19:52:25 +04:00
|
|
|
# Make sure the user ID is a positive integer representing an existing user.
|
2001-05-10 06:53:22 +04:00
|
|
|
if (defined $::FORM{'user'}) {
|
2001-05-31 19:52:25 +04:00
|
|
|
$::FORM{'user'} =~ /^([1-9][0-9]*)$/
|
|
|
|
|| DisplayError("The user number is invalid.")
|
|
|
|
&& exit;
|
|
|
|
SendSQL("SELECT 1 FROM profiles WHERE userid = $::FORM{'user'}");
|
2001-05-10 06:53:22 +04:00
|
|
|
FetchSQLData()
|
2001-05-31 19:52:25 +04:00
|
|
|
|| DisplayError("User #$::FORM{'user'} does not exist.")
|
|
|
|
&& exit;
|
2001-05-10 06:53:22 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
################################################################################
|
2001-05-31 19:52:25 +04:00
|
|
|
# End Data/Security Validation
|
2001-05-10 06:53:22 +04:00
|
|
|
################################################################################
|
|
|
|
|
1999-10-08 03:54:52 +04:00
|
|
|
print "Content-type: text/html\n\n";
|
|
|
|
|
|
|
|
if (defined $::FORM{'bug_id'}) {
|
|
|
|
my $id = $::FORM{'bug_id'};
|
|
|
|
my $linkedid = qq{<a href="show_bug.cgi?id=$id">$id</a>};
|
|
|
|
PutHeader("Show votes", "Show votes", "Bug $linkedid");
|
|
|
|
SendSQL("select profiles.login_name, votes.who, votes.count from votes, profiles where votes.bug_id = " . SqlQuote($id) . " and profiles.userid = votes.who");
|
|
|
|
print "<table>\n";
|
|
|
|
print "<tr><th>Who</th><th>Number of votes</th></tr>\n";
|
|
|
|
my $sum = 0;
|
|
|
|
while (MoreSQLData()) {
|
|
|
|
my ($name, $userid, $count) = (FetchSQLData());
|
|
|
|
print qq{<tr><td><a href="showvotes.cgi?user=$userid">$name</a></td><td align=right>$count</td></tr>\n};
|
|
|
|
$sum += $count;
|
|
|
|
}
|
|
|
|
print "</table>";
|
|
|
|
print "<p>Total votes: $sum<p>\n";
|
|
|
|
} elsif (defined $::FORM{'user'}) {
|
|
|
|
quietly_check_login();
|
|
|
|
GetVersionTable();
|
|
|
|
my $who = $::FORM{'user'};
|
|
|
|
my $name = DBID_to_name($who);
|
|
|
|
PutHeader("Show votes", "Show votes", $name);
|
|
|
|
print qq{<form action="doeditvotes.cgi">\n};
|
|
|
|
print "<table><tr><td></td><th>Bug \#</th><th>Summary</th><th>Votes</th></tr>\n";
|
2001-01-24 05:41:41 +03:00
|
|
|
SendSQL("lock tables bugs read, products read, votes write");
|
1999-10-08 03:54:52 +04:00
|
|
|
if (defined($::FORM{'voteon'})) {
|
|
|
|
# Oh, boy, what a hack. Make sure there is an entry for this bug
|
|
|
|
# in the vote table, just so that things display right.
|
|
|
|
# Yuck yuck yuck.###
|
|
|
|
SendSQL("select votes.count from votes where votes.bug_id = $::FORM{'voteon'} and votes.who = $who");
|
|
|
|
if (!MoreSQLData()) {
|
|
|
|
SendSQL("insert into votes (who, bug_id, count) values ($who, $::FORM{'voteon'}, 0)");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
my $canedit = (defined $::COOKIE{'Bugzilla_login'} &&
|
|
|
|
$::COOKIE{'Bugzilla_login'} eq $name);
|
2001-01-24 05:41:41 +03:00
|
|
|
my %maxvotesperbug;
|
|
|
|
if( $canedit ) {
|
|
|
|
SendSQL("SELECT products.product, products.maxvotesperbug FROM products");
|
|
|
|
while (MoreSQLData()) {
|
|
|
|
my ($prod, $max) = (FetchSQLData());
|
|
|
|
$maxvotesperbug{$prod}= $max;
|
|
|
|
}
|
|
|
|
}
|
1999-10-08 03:54:52 +04:00
|
|
|
foreach my $product (sort(keys(%::prodmaxvotes))) {
|
|
|
|
if ($::prodmaxvotes{$product} <= 0) {
|
|
|
|
next;
|
|
|
|
}
|
|
|
|
my $qprod = value_quote($product);
|
|
|
|
SendSQL("select votes.bug_id, votes.count, bugs.short_desc, bugs.bug_status from votes, bugs where votes.who = $who and votes.bug_id = bugs.bug_id and bugs.product = " . SqlQuote($product) . "order by votes.bug_id");
|
2001-01-24 05:41:41 +03:00
|
|
|
next if !MoreSQLData(); # don't show products without any votes
|
1999-10-08 03:54:52 +04:00
|
|
|
my $sum = 0;
|
|
|
|
print "<tr><th>$product</th></tr>";
|
|
|
|
while (MoreSQLData()) {
|
|
|
|
my ($id, $count, $summary, $status) = (FetchSQLData());
|
1999-10-20 18:12:43 +04:00
|
|
|
if (!defined $status) {
|
|
|
|
next;
|
|
|
|
}
|
2000-02-17 08:15:23 +03:00
|
|
|
my $opened = IsOpenedState($status);
|
1999-10-08 03:54:52 +04:00
|
|
|
my $strike = $opened ? "" : "<strike>";
|
|
|
|
my $endstrike = $opened ? "" : "</strike>";
|
|
|
|
$summary = html_quote($summary);
|
|
|
|
$sum += $count;
|
|
|
|
if ($canedit) {
|
2001-01-24 05:41:41 +03:00
|
|
|
my $min = $maxvotesperbug{$product}; # minimum of these two
|
|
|
|
$min = $::prodmaxvotes{$product} if $::prodmaxvotes{$product} < $min;
|
|
|
|
if( $min < 2 ) { # checkbox
|
|
|
|
my $checked = $count ? ' checked' : '';
|
|
|
|
$count = qq{<input type="checkbox" name="$id" value="1"$checked>};
|
|
|
|
}else { # normal input
|
|
|
|
$count = qq{<input name="$id" value="$count" size="5">};
|
|
|
|
}
|
1999-10-08 03:54:52 +04:00
|
|
|
}
|
|
|
|
print qq{
|
|
|
|
<tr>
|
|
|
|
<td></td>
|
2000-08-28 22:52:14 +04:00
|
|
|
<td>$strike<a href="showvotes.cgi?bug_id=$id">$id</a>$endstrike</td>
|
|
|
|
<td><a href="show_bug.cgi?id=$id">$summary</a></td>
|
2001-01-24 05:41:41 +03:00
|
|
|
<td align="right">$count</td>
|
1999-10-08 03:54:52 +04:00
|
|
|
</tr>
|
|
|
|
};
|
|
|
|
}
|
|
|
|
my $plural = (($sum == 1) ? "" : "s");
|
|
|
|
print "<td colspan=3>$sum vote$plural used out of\n";
|
|
|
|
print "$::prodmaxvotes{$product} allowed.</td>\n";
|
|
|
|
}
|
|
|
|
print "</table>\n";
|
|
|
|
if ($canedit) {
|
|
|
|
print qq{<input type=submit value="Submit">\n};
|
|
|
|
print "<br>To change your votes, type in new numbers (using zero to\n";
|
2001-01-24 05:41:41 +03:00
|
|
|
print "mean no votes) or change the checkbox, and then click <b>Submit</b>.\n";
|
1999-10-08 03:54:52 +04:00
|
|
|
}
|
|
|
|
print "<input type=hidden name=who value=$who>";
|
|
|
|
print "</form>\n";
|
|
|
|
SendSQL("delete from votes where count <= 0");
|
|
|
|
SendSQL("unlock tables");
|
|
|
|
}
|
2001-01-24 05:41:41 +03:00
|
|
|
|
1999-10-08 03:54:52 +04:00
|
|
|
print qq{<a href="votehelp.html">Help! I don't understand this voting stuff</a>};
|
|
|
|
|
2000-01-15 01:35:49 +03:00
|
|
|
PutFooter();
|