mozilla
/
pjs
зеркало из https://github.com/mozilla/pjs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 304075: Eliminate use of $::userid from Bugzilla - Patch by Fr�d�ric Buclin <LpSolit@gmail.com> r=wicked a=justdave

This commit is contained in:
lpsolit%gmail.com 2005-10-30 21:31:29 +00:00
Родитель 1589614fd7
Коммит 84026eaa8e
19 изменённых файлов: 95 добавлений и 224 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

4
webtools/bugzilla/Bugzilla.pm
Просмотреть файл

@ -145,7 +145,6 @@ sub sudo_request {
$_user = $new_user;
$_sudoer = $new_sudoer;
$::userid = $new_user->id;
# NOTE: If you want to log the start of an sudo session, do it here.
@ -177,7 +176,6 @@ sub login {
{
$_user = $sudo_target;
$_sudoer = $authenticated_user;
$::userid = $sudo_target->id;
# NOTE: If you want to do any special logging, do it here.
}
@ -216,8 +214,6 @@ sub logout_user_by_id {
sub logout_request {
undef $_user;
undef $_sudoer;
# XXX clean this up eventually
$::userid = 0;
# We can't delete from $cgi->cookie, so logincookie data will remain
# there. Don't rely on it: use Bugzilla->user->login instead!
}

115
webtools/bugzilla/Bugzilla/Auth/Login/WWW.pm
Просмотреть файл

@ -1,115 +0,0 @@
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Bugzilla Bug Tracking System.
#
# The Initial Developer of the Original Code is Netscape Communications
# Corporation. Portions created by Netscape are
# Copyright (C) 1998 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s): Erik Stambaugh <erik@dasbistro.com>
package Bugzilla::Auth::Login::WWW;
use strict;
use Bugzilla::Constants;
use Bugzilla::Config;
# $current_login_class stores the name of the login style that succeeded.
my $current_login_class = undef;
sub login_class {
my ($class, $type) = @_;
if ($type) {
$current_login_class = $type;
}
return $current_login_class;
}
# can_logout determines if a user may log out
sub can_logout {
return 1 if (login_class && login_class->can_logout);
return 0;
}
sub login {
my ($class, $type) = @_;
my $user = Bugzilla->user;
# Avoid double-logins, which may confuse the auth code
# (double cookies, odd compat code settings, etc)
return $user if $user->id;
$type = LOGIN_REQUIRED if Bugzilla->cgi->param('GoAheadAndLogIn');
$type = LOGIN_NORMAL unless defined $type;
# Log in using whatever methods are defined in user_info_class.
# Please note the particularly strange way require() and the function
# calls are being done, because we're calling a module that's named in
# a string. I assure you it works, and it avoids the need for an eval().
my $userid;
for my $login_class (split(/,\s*/, Param('user_info_class'))) {
require "Bugzilla/Auth/Login/WWW/" . $login_class . ".pm";
$userid = "Bugzilla::Auth::Login::WWW::$login_class"->login($type);
if ($userid) {
$class->login_class("Bugzilla::Auth::Login::WWW::$login_class");
last;
}
}
if ($userid) {
$user = new Bugzilla::User($userid);
# Redirect to SSL if required
if (Param('sslbase') ne '' and Param('ssl') ne 'never') {
Bugzilla->cgi->require_https(Param('sslbase'));
}
$user->set_flags('can_logout' => $class->can_logout);
# Compat stuff
$::userid = $userid;
} else {
Bugzilla->logout_request();
}
return $user;
}
sub logout {
my ($class, $user, $option) = @_;
if (can_logout) {
$class->login_class->logout($user, $option);
}
}
1;
__END__
=head1 NAME
Bugzilla::Auth::Login::WWW - WWW login information gathering module
=head1 METHODS
=over
=item C<login>
Passes C<login> calls to each class defined in the param C<user_info_class>
and returns a C<Bugzilla::User> object from the first one that successfully
gathers user login information.
=back

16
webtools/bugzilla/Bugzilla/Flag.pm
Просмотреть файл

@ -492,6 +492,7 @@ sub process {
sub update_activity {
my ($bug_id, $attach_id, $timestamp, $old_summaries, $new_summaries) = @_;
my $dbh = Bugzilla->dbh;
my $user_id = Bugzilla->user->id;
$attach_id ||= 'NULL';
$old_summaries = join(", ", @$old_summaries);
@ -503,7 +504,7 @@ sub update_activity {
my $field_id = get_field_id('flagtypes.name');
$dbh->do("INSERT INTO bugs_activity
(bug_id, attach_id, who, bug_when, fieldid, removed, added)
VALUES ($bug_id, $attach_id, $::userid, $timestamp,
VALUES ($bug_id, $attach_id, $user_id, $timestamp,
$field_id, $sql_removed, $sql_added)");
$dbh->do("UPDATE bugs SET delta_ts = $timestamp WHERE bug_id = ?",
@ -603,6 +604,7 @@ attachment.cgi midairs. See bug 223878 for details.
sub modify {
my ($cgi, $timestamp) = @_;
my $setter = Bugzilla->user;
# Use the date/time we were given if possible (allowing calling code
# to synchronize the comment's timestamp with those of other records).
@ -621,7 +623,6 @@ sub modify {
my $status = $cgi->param("flag-$id");
# If the user entered more than one name into the requestee field
# (i.e. they want more than one person to set the flag) we can reuse
# the existing flag for the first person (who may well be the existing
@ -639,7 +640,7 @@ sub modify {
foreach my $login (@requestees) {
create({ type => $flag->{type} ,
target => $flag->{target} ,
setter => new Bugzilla::User($::userid),
setter => $setter,
status => "?",
requestee => new Bugzilla::User(login_to_id($login)) },
$timestamp);
@ -678,7 +679,7 @@ sub modify {
if ($status eq '+' || $status eq '-') {
&::SendSQL("UPDATE flags
SET setter_id = $::userid ,
SET setter_id = " . $setter->id . ",
requestee_id = NULL ,
status = '$status' ,
modification_date = $sql_timestamp ,
@ -703,7 +704,7 @@ sub modify {
# Update the database with the changes.
&::SendSQL("UPDATE flags
SET setter_id = $::userid ,
SET setter_id = " . $setter->id . ",
requestee_id = $requestee_id ,
status = '$status' ,
modification_date = $sql_timestamp ,
@ -778,8 +779,8 @@ array of flag objects. This array is then passed to Flag::create().
sub FormToNewFlags {
my ($target, $cgi) = @_;
my $dbh = Bugzilla->dbh;
my $setter = Bugzilla->user;
# Extract a list of flag type IDs from field names.
my @type_ids = map(/^flag_type-(\d+)$/ ? $1 : (), $cgi->param());
@ -787,9 +788,6 @@ sub FormToNewFlags {
return () unless scalar(@type_ids);
# Get information about the setter to add to each flag.
my $setter = new Bugzilla::User($::userid);
# Get a list of active flag types available for this target.
my $flag_types = Bugzilla::FlagType::match(
{ 'target_type' => $target->{'type'},

4
webtools/bugzilla/Bugzilla/Search.pm
Просмотреть файл

@ -30,10 +30,6 @@
use strict;
# The caller MUST require globals.pl before using this module.
use vars qw($userid);
package Bugzilla::Search;
use base qw(Exporter);
@Bugzilla::Search::EXPORT = qw(IsValidQueryType);

30
webtools/bugzilla/buglist.cgi
Просмотреть файл

@ -44,8 +44,7 @@ use Bugzilla::Bug;
# Include the Bugzilla CGI and general utility library.
require "globals.pl";
use vars qw($db_name
@components
use vars qw(@components
@legal_keywords
@legal_platform
@legal_priority
@ -53,7 +52,6 @@ use vars qw($db_name
@legal_severity
@settable_resolution
@target_milestone
$userid
@versions);
my $cgi = Bugzilla->cgi;
@ -204,7 +202,7 @@ sub DiffDate {
sub LookupNamedQuery {
my ($name) = @_;
Bugzilla->login(LOGIN_REQUIRED);
my $user = Bugzilla->login(LOGIN_REQUIRED);
my $dbh = Bugzilla->dbh;
# $name is safe -- we only use it below in a SELECT placeholder and then
# in error messages (which are always HTML-filtered).
@ -212,7 +210,7 @@ sub LookupNamedQuery {
trick_taint($name);
my $result = $dbh->selectrow_array("SELECT query FROM namedqueries"
. " WHERE userid = ? AND name = ?"
, undef, (Bugzilla->user->id, $name));
, undef, ($user->id, $name));
defined($result) || ThrowUserError("missing_query", {'queryname' => $name});
$result
@ -316,11 +314,12 @@ sub GetQuip {
sub GetGroups {
my $dbh = Bugzilla->dbh;
my $user = Bugzilla->user;
# Create an array where each item is a hash. The hash contains
# as keys the name of the columns, which point to the value of
# the columns for that row.
my $grouplist = Bugzilla->user->groups_as_string;
my $grouplist = $user->groups_as_string;
my $groups = $dbh->selectall_arrayref(
"SELECT id, name, description, isactive
FROM groups
@ -387,7 +386,7 @@ if ($cgi->param('cmdtype') eq "dorem") {
$order = $params->param('order') || $order;
}
elsif ($cgi->param('remaction') eq "forget") {
Bugzilla->login(LOGIN_REQUIRED);
my $user = Bugzilla->login(LOGIN_REQUIRED);
# Copy the name into a variable, so that we can trick_taint it for
# the DB. We know it's safe, because we're using placeholders in
# the SQL, and the SQL is only a DELETE.
@ -405,7 +404,7 @@ if ($cgi->param('cmdtype') eq "dorem") {
= ?
AND whine_queries.query_name
= ?
', undef, Bugzilla->user->id, $qname);
', undef, $user->id, $qname);
if (scalar(@$whines_in_use)) {
ThrowUserError('saved_search_used_by_whines',
{ subjects => join(',', @$whines_in_use),
@ -416,10 +415,10 @@ if ($cgi->param('cmdtype') eq "dorem") {
# If we are here, then we can safely remove the saved search
$dbh->do("DELETE FROM namedqueries"
. " WHERE userid = ? AND name = ?"
, undef, ($userid, $qname));
, undef, ($user->id, $qname));
# Now reset the cached queries
Bugzilla->user->flush_queries_cache();
$user->flush_queries_cache();
print $cgi->header();
# Generate and return the UI (HTML page) from the appropriate template.
@ -433,13 +432,12 @@ if ($cgi->param('cmdtype') eq "dorem") {
}
elsif (($cgi->param('cmdtype') eq "doit") && defined $cgi->param('remtype')) {
if ($cgi->param('remtype') eq "asdefault") {
Bugzilla->login(LOGIN_REQUIRED);
InsertNamedQuery(Bugzilla->user->id, DEFAULT_QUERY_NAME, $buffer);
my $user = Bugzilla->login(LOGIN_REQUIRED);
InsertNamedQuery($user->id, DEFAULT_QUERY_NAME, $buffer);
$vars->{'message'} = "buglist_new_default_query";
}
elsif ($cgi->param('remtype') eq "asnamed") {
Bugzilla->login(LOGIN_REQUIRED);
my $userid = Bugzilla->user->id;
my $user = Bugzilla->login(LOGIN_REQUIRED);
my $query_name = $cgi->param('newqueryname');
my $new_query = $cgi->param('newquery');
my $query_type = QUERY_LIST;
@ -468,7 +466,7 @@ elsif (($cgi->param('cmdtype') eq "doit") && defined $cgi->param('remtype')) {
$query_type = LIST_OF_BUGS;
}
my $tofooter = 1;
my $existed_before = InsertNamedQuery($userid, $query_name, $new_query,
my $existed_before = InsertNamedQuery($user->id, $query_name, $new_query,
$tofooter, $query_type);
if ($existed_before) {
$vars->{'message'} = "buglist_updated_named_query";
@ -479,7 +477,7 @@ elsif (($cgi->param('cmdtype') eq "doit") && defined $cgi->param('remtype')) {
# Make sure to invalidate any cached query data, so that the footer is
# correctly displayed
Bugzilla->user->flush_queries_cache();
$user->flush_queries_cache();
$vars->{'queryname'} = $query_name;

11
webtools/bugzilla/chart.cgi
Просмотреть файл

@ -86,7 +86,7 @@ if ($action eq "search") {
exit;
}
Bugzilla->login(LOGIN_REQUIRED);
my $user = Bugzilla->login(LOGIN_REQUIRED);
UserInGroup(Param("chartgroup"))
|| ThrowUserError("auth_failure", {group => Param("chartgroup"),
@ -103,7 +103,7 @@ if ($action =~ /^(assemble|add|remove|sum|subscribe|unsubscribe)$/) {
if ($action =~ /^subscribe|unsubscribe$/) {
detaint_natural($series_id) || ThrowCodeError("invalid_series_id");
my $series = new Bugzilla::Series($series_id);
$series->$action($::userid);
$series->$action($user->id);
}
my $chart = new Bugzilla::Chart($cgi);
@ -203,14 +203,15 @@ sub getSelectedLines {
# Check if the user is the owner of series_id or is an admin.
sub assertCanEdit {
my ($series_id) = @_;
return if UserInGroup("admin");
my $user = Bugzilla->user;
return if $user->in_group('admin');
my $dbh = Bugzilla->dbh;
my $iscreator = $dbh->selectrow_array("SELECT CASE WHEN creator = ? " .
"THEN 1 ELSE 0 END FROM series " .
"WHERE series_id = ?", undef,
$::userid, $series_id);
$user->id, $series_id);
$iscreator || ThrowUserError("illegal_series_edit");
}

11
webtools/bugzilla/checksetup.pl
Просмотреть файл

@ -3427,10 +3427,6 @@ if (!$series_exists) {
my $all_name = "-All-";
my $open_name = "All Open";
# We can't give the Series we create a meaningful owner; that's not a big
# problem. But we do need to set this global, otherwise Series.pm objects.
$::userid = 0;
my $products = $dbh->selectall_arrayref("SELECT name FROM products");
foreach my $product ((map { $_->[0] } @$products), "-All-") {
@ -3448,9 +3444,10 @@ if (!$series_exists) {
$queries{$_} = ($query_prod . "resolution=$_") foreach (@resolutions);
foreach my $field (@fields) {
# Create a Series for each field in this product
# Create a Series for each field in this product.
# user ID = 0 is used.
my $series = new Bugzilla::Series(undef, $product, $all_name,
$field, $::userid, 1,
$field, 0, 1,
$queries{$field}, 1);
$series->writeToDatabase();
$seriesids{$field} = $series->{'series_id'};
@ -3461,7 +3458,7 @@ if (!$series_exists) {
my @openedstatuses = ("UNCONFIRMED", "NEW", "ASSIGNED", "REOPENED");
my $query = join("&", map { "bug_status=$_" } @openedstatuses);
my $series = new Bugzilla::Series(undef, $product, $all_name,
$open_name, $::userid, 1,
$open_name, 0, 1,
$query_prod . $query, 1);
$series->writeToDatabase();
$seriesids{$open_name} = $series->{'series_id'};

2
webtools/bugzilla/duplicates.cgi
Просмотреть файл

@ -68,7 +68,7 @@ else {
Bugzilla->switch_to_shadow_db();
use vars qw ($userid @legal_product);
use vars qw (@legal_product);
my %dbmcount;
my %count;

2
webtools/bugzilla/editcomponents.cgi
Просмотреть файл

@ -204,7 +204,7 @@ if ($action eq 'new') {
foreach my $sdata (@series) {
my $series = new Bugzilla::Series(undef, $product->name,
$comp_name, $sdata->[0],
$::userid, 1, $sdata->[1], 1);
$whoid, 1, $sdata->[1], 1);
$series->writeToDatabase();
}

6
webtools/bugzilla/editproducts.cgi
Просмотреть файл

@ -304,7 +304,7 @@ if ($action eq 'new') {
foreach my $sdata (@series) {
my $series = new Bugzilla::Series(undef, $product->name,
scalar $cgi->param('subcategory'),
$sdata->[0], $::userid, 1,
$sdata->[0], $whoid, 1,
$sdata->[1] . "&product=" .
url_quote($product->name), 1);
$series->writeToDatabase();
@ -652,7 +652,7 @@ if ($action eq 'updategroupcontrols') {
$dbh->selectrow_array($sth_Select2, undef, $groupid);
LogActivityEntry($bugid, "bug_group", $removed, "",
$::userid, $timestamp);
$whoid, $timestamp);
if ($mailiscurrent) {
$sth_Update2->execute($timestamp, $timestamp, $bugid);
@ -695,7 +695,7 @@ if ($action eq 'updategroupcontrols') {
$dbh->selectrow_array($sth_Select2, undef, $groupid);
LogActivityEntry($bugid, "bug_group", "", $added,
$::userid, $timestamp);
$whoid, $timestamp);
if ($mailiscurrent) {
$sth_Update2->execute($timestamp, $timestamp, $bugid);

3
webtools/bugzilla/enter_bug.cgi
Просмотреть файл

@ -50,7 +50,6 @@ use vars qw(
@legal_priority
@legal_severity
@legal_keywords
$userid
%versions
%target_milestone
$proddesc
@ -323,7 +322,7 @@ $cloned_bug_id = $cgi->param('cloned_bug_id');
if ($cloned_bug_id) {
ValidateBugID($cloned_bug_id);
$cloned_bug = new Bugzilla::Bug($cloned_bug_id, $userid);
$cloned_bug = new Bugzilla::Bug($cloned_bug_id, Bugzilla->user->id);
}
# We need to check and make sure

2
webtools/bugzilla/globals.pl
Просмотреть файл

@ -44,7 +44,6 @@ use Bugzilla::Error;
sub globals_pl_sillyness {
my $zz;
$zz = @main::default_column_list;
$zz = @main::enterable_products;
$zz = %main::keywordsbyname;
$zz = @main::legal_bug_status;
@ -60,7 +59,6 @@ sub globals_pl_sillyness {
$zz = @main::milestoneurl;
$zz = %main::proddesc;
$zz = @main::prodmaxvotes;
$zz = $main::userid;
}
#

2
webtools/bugzilla/index.cgi
Просмотреть файл

@ -32,7 +32,7 @@ use strict;
use lib ".";
require "globals.pl";
# Check whether or not the user is logged in and, if so, set the $::userid
# Check whether or not the user is logged in
use Bugzilla::Constants;
Bugzilla->login(LOGIN_OPTIONAL);

6
webtools/bugzilla/post_bug.cgi
Просмотреть файл

@ -298,7 +298,7 @@ $comment = trim($comment);
# OK except for the fact that it causes e-mail to be suppressed.
$comment = $comment ? $comment : " ";
$sql .= "$::userid, $sql_timestamp, ";
$sql .= $user->id . ", $sql_timestamp, ";
# Time Tracking
if (UserInGroup(Param("timetrackinggroup")) &&
@ -443,10 +443,10 @@ $dbh->do("UPDATE bugs SET creation_ts = ? WHERE bug_id = ?",
$dbh->bz_unlock_tables();
# Email everyone the details of the new bug
$vars->{'mailrecipients'} = {'changer' => Bugzilla->user->login};
$vars->{'mailrecipients'} = {'changer' => $user->login};
$vars->{'id'} = $id;
my $bug = new Bugzilla::Bug($id, $::userid);
my $bug = new Bugzilla::Bug($id, $user->id);
$vars->{'bug'} = $bug;
ThrowCodeError("bug_error", { bug => $bug }) if $bug->error;

6
webtools/bugzilla/quips.cgi
Просмотреть файл

@ -25,15 +25,13 @@
use strict;
use vars qw($userid);
use lib qw(.);
require "globals.pl";
use Bugzilla::Constants;
Bugzilla->login(LOGIN_REQUIRED);
my $user = Bugzilla->login(LOGIN_REQUIRED);
my $cgi = Bugzilla->cgi;
my $dbh = Bugzilla->dbh;
@ -82,7 +80,7 @@ if ($action eq "add") {
trick_taint($comment); # Used in a placeholder below
$dbh->do("INSERT INTO quips (userid, quip, approved) VALUES (?, ?, ?)",
undef, ($userid, $comment, $approved));
undef, ($user->id, $comment, $approved));
$vars->{'added_quip'} = $comment;
}

6
webtools/bugzilla/show_bug.cgi
Просмотреть файл

@ -30,8 +30,6 @@ use Bugzilla::User;
require "globals.pl";
use vars qw($userid);
use Bugzilla::Bug;
my $cgi = Bugzilla->cgi;
@ -69,7 +67,7 @@ if ($single) {
# Its a bit silly to do the validation twice - that functionality should
# probably move into Bug.pm at some point
ValidateBugID($id);
push @bugs, new Bugzilla::Bug($id, $userid);
push @bugs, new Bugzilla::Bug($id, Bugzilla->user->id);
if (defined $cgi->param('mark')) {
foreach my $range (split ',', $cgi->param('mark')) {
if ($range =~ /^(\d+)-(\d+)$/) {
@ -83,7 +81,7 @@ if ($single) {
}
} else {
foreach my $id ($cgi->param('id')) {
my $bug = new Bugzilla::Bug($id, $userid);
my $bug = new Bugzilla::Bug($id, Bugzilla->user->id);
push @bugs, $bug;
}
}

2
webtools/bugzilla/showdependencygraph.cgi
Просмотреть файл

@ -44,8 +44,6 @@ my $vars = {};
# performance.
Bugzilla->switch_to_shadow_db();
use vars qw($userid);
my %seen;
my %edgesdone;
my %bugtitles; # html title attributes for imagemap areas

3
webtools/bugzilla/showdependencytree.cgi
Просмотреть файл

@ -41,9 +41,6 @@ my $vars = {};
# performance.
Bugzilla->switch_to_shadow_db();
# More warning suppression silliness.
$::userid = $::userid;
################################################################################
# Data/Security Validation #
################################################################################

88
webtools/bugzilla/userprefs.cgi
Просмотреть файл

@ -34,9 +34,6 @@ use Bugzilla::User;
require "globals.pl";
# Use global template variables.
use vars qw($userid);
my $template = Bugzilla->template;
my $vars = {};
@ -48,8 +45,10 @@ my $vars = {};
###############################################################################
sub DoAccount {
my $dbh = Bugzilla->dbh;
my $user = Bugzilla->user;
($vars->{'realname'}) = $dbh->selectrow_array(
"SELECT realname FROM profiles WHERE userid = ?", undef, $userid);
"SELECT realname FROM profiles WHERE userid = ?", undef, $user->id);
if(Param('allowemailchange')) {
my @token = $dbh->selectrow_array(
@ -58,7 +57,7 @@ sub DoAccount {
FROM tokens
WHERE userid = ?
AND tokentype LIKE 'email%'
ORDER BY tokentype ASC " . $dbh->sql_limit(1), undef, $userid);
ORDER BY tokentype ASC " . $dbh->sql_limit(1), undef, $user->id);
if (scalar(@token) > 0) {
my ($tokentype, $change_date, $eventdata) = @token;
$vars->{'login_change_date'} = $change_date;
@ -74,6 +73,7 @@ sub DoAccount {
sub SaveAccount {
my $cgi = Bugzilla->cgi;
my $dbh = Bugzilla->dbh;
my $user = Bugzilla->user;
my $pwd1 = $cgi->param('new_password1');
my $pwd2 = $cgi->param('new_password2');
@ -83,7 +83,7 @@ sub SaveAccount {
{
my ($oldcryptedpwd) = $dbh->selectrow_array(
q{SELECT cryptpassword FROM profiles WHERE userid = ?},
undef, $userid);
undef, $user->id);
$oldcryptedpwd || ThrowCodeError("unable_to_retrieve_password");
if (crypt(scalar($cgi->param('Bugzilla_password')), $oldcryptedpwd) ne
@ -103,7 +103,7 @@ sub SaveAccount {
$dbh->do(q{UPDATE profiles
SET cryptpassword = ?
WHERE userid = ?},
undef, ($cryptedpassword, $userid));
undef, ($cryptedpassword, $user->id));
# Invalidate all logins except for the current one
Bugzilla->logout(LOGOUT_KEEP_CURRENT);
@ -120,7 +120,7 @@ sub SaveAccount {
use Bugzilla::Token;
# Block multiple email changes for the same user.
if (Bugzilla::Token::HasEmailChangeToken($userid)) {
if (Bugzilla::Token::HasEmailChangeToken($user->id)) {
ThrowUserError("email_change_in_progress");
}
@ -131,8 +131,8 @@ sub SaveAccount {
is_available_username($new_login_name)
|| ThrowUserError("account_exists", {email => $new_login_name});
Bugzilla::Token::IssueEmailChangeToken($userid,$old_login_name,
$new_login_name);
Bugzilla::Token::IssueEmailChangeToken($user->id, $old_login_name,
$new_login_name);
$vars->{'email_changes_saved'} = 1;
}
@ -141,12 +141,14 @@ sub SaveAccount {
my $realname = trim($cgi->param('realname'));
trick_taint($realname); # Only used in a placeholder
$dbh->do("UPDATE profiles SET realname = ? WHERE userid = ?",
undef, ($realname, $userid));
undef, ($realname, $user->id));
}
sub DoSettings {
my $settings = Bugzilla->user->settings;
my $user = Bugzilla->user;
my $settings = $user->settings;
$vars->{'settings'} = $settings;
my @setting_list = keys %$settings;
@ -165,9 +167,10 @@ sub DoSettings {
sub SaveSettings {
my $cgi = Bugzilla->cgi;
my $user = Bugzilla->user;
my $settings = Bugzilla->user->settings;
my @setting_list = keys %{Bugzilla->user->settings};
my $settings = $user->settings;
my @setting_list = keys %$settings;
foreach my $name (@setting_list) {
next if ! ($settings->{$name}->{'is_enabled'});
@ -184,11 +187,12 @@ sub SaveSettings {
$settings->{$name}->set($value);
}
}
$vars->{'settings'} = Bugzilla->user->settings(1);
$vars->{'settings'} = $user->settings(1);
}
sub DoEmail {
my $dbh = Bugzilla->dbh;
my $user = Bugzilla->user;
###########################################################################
# User watching
@ -198,12 +202,12 @@ sub DoEmail {
"SELECT profiles.login_name FROM watch INNER JOIN profiles" .
" ON watch.watched = profiles.userid" .
" WHERE watcher = ?",
undef, $userid);
undef, $user->id);
$vars->{'watchedusers'} = join(',', @$watched_ref);
my $watcher_ids = $dbh->selectcol_arrayref(
"SELECT watcher FROM watch WHERE watched = ?",
undef, $userid);
undef, $user->id);
my @watchers;
foreach my $watcher_id (@$watcher_ids) {
@ -218,10 +222,10 @@ sub DoEmail {
###########################################################################
# Role-based preferences
###########################################################################
my $sth = Bugzilla->dbh->prepare("SELECT relationship, event " .
"FROM email_setting " .
"WHERE user_id = $userid");
$sth->execute();
my $sth = $dbh->prepare("SELECT relationship, event " .
"FROM email_setting " .
"WHERE user_id = ?");
$sth->execute($user->id);
my %mail;
while (my ($relationship, $event) = $sth->fetchrow_array()) {
@ -234,6 +238,7 @@ sub DoEmail {
sub SaveEmail {
my $dbh = Bugzilla->dbh;
my $cgi = Bugzilla->cgi;
my $user = Bugzilla->user;
###########################################################################
# Role-based preferences
@ -241,7 +246,7 @@ sub SaveEmail {
$dbh->bz_lock_tables("email_setting WRITE");
# Delete all the user's current preferences
$dbh->do("DELETE FROM email_setting WHERE user_id = $userid");
$dbh->do("DELETE FROM email_setting WHERE user_id = ?", undef, $user->id);
# Repopulate the table - first, with normal events in the
# relationship/event matrix.
@ -255,7 +260,8 @@ sub SaveEmail {
{
$dbh->do("INSERT INTO email_setting " .
"(user_id, relationship, event) " .
"VALUES ($userid, $rel, $event)");
"VALUES (?, ?, ?)",
undef, ($user->id, $rel, $event));
}
}
@ -266,7 +272,8 @@ sub SaveEmail {
{
$dbh->do("INSERT INTO email_setting " .
"(user_id, relationship, event) " .
"VALUES ($userid, $rel, $event)");
"VALUES (?, ?, ?)",
undef, ($user->id, $rel, $event));
}
}
}
@ -278,7 +285,8 @@ sub SaveEmail {
{
$dbh->do("INSERT INTO email_setting " .
"(user_id, relationship, event) " .
"VALUES ($userid, " . REL_ANY . ", $event)");
"VALUES (?, ?, ?)",
undef, ($user->id, REL_ANY, $event));
}
}
@ -297,7 +305,7 @@ sub SaveEmail {
# what the db looks like now
my $old_watch_ids =
$dbh->selectcol_arrayref("SELECT watched FROM watch"
. " WHERE watcher = ?", undef, $userid);
. " WHERE watcher = ?", undef, $user->id);
# The new information given to us by the user.
my @new_watch_names = split(/[,\s]+/, $cgi->param('watchedusers'));
@ -312,14 +320,14 @@ sub SaveEmail {
my $delete_sth = $dbh->prepare('DELETE FROM watch WHERE watched = ?'
. ' AND watcher = ?');
foreach my $remove_me (@$removed) {
$delete_sth->execute($remove_me, $userid);
$delete_sth->execute($remove_me, $user->id);
}
# Add people who were added.
my $insert_sth = $dbh->prepare('INSERT INTO watch (watched, watcher)'
. ' VALUES (?, ?)');
foreach my $add_me (@$added) {
$insert_sth->execute($add_me, $userid);
$insert_sth->execute($add_me, $user->id);
}
$dbh->bz_unlock_tables();
@ -329,11 +337,12 @@ sub SaveEmail {
sub DoPermissions {
my $dbh = Bugzilla->dbh;
my $user = Bugzilla->user;
my (@has_bits, @set_bits);
my $groups = $dbh->selectall_arrayref(
"SELECT DISTINCT name, description FROM groups WHERE id IN (" .
Bugzilla->user->groups_as_string . ") ORDER BY name");
$user->groups_as_string . ") ORDER BY name");
foreach my $group (@$groups) {
my ($nam, $desc) = @$group;
push(@has_bits, {"desc" => $desc, "name" => $nam});
@ -342,7 +351,7 @@ sub DoPermissions {
"SELECT DISTINCT name, description FROM groups ORDER BY name");
foreach my $group (@$groups) {
my ($nam, $desc) = @$group;
if (Bugzilla->user->can_bless($nam)) {
if ($user->can_bless($nam)) {
push(@set_bits, {"desc" => $desc, "name" => $nam});
}
}
@ -357,8 +366,9 @@ sub DoPermissions {
sub DoSavedSearches {
# 2004-12-13 - colin.ogilvie@gmail.com, bug 274397
# Need to work around the possibly missing query_format=advanced
$vars->{'user'} = Bugzilla->user;
my @queries = @{Bugzilla->user->queries};
my $user = Bugzilla->user;
my @queries = @{$user->queries};
my @newqueries;
foreach my $q (@queries) {
if ($q->{'query'} =~ /query_format=([^&]*)/) {
@ -382,22 +392,24 @@ sub DoSavedSearches {
sub SaveSavedSearches {
my $cgi = Bugzilla->cgi;
my $dbh = Bugzilla->dbh;
my @queries = @{Bugzilla->user->queries};
my $user = Bugzilla->user;
my @queries = @{$user->queries};
my $sth = $dbh->prepare("UPDATE namedqueries SET linkinfooter = ?
WHERE userid = ?
AND name = ?");
foreach my $q (@queries) {
my $linkinfooter =
defined($cgi->param("linkinfooter_$q->{'name'}")) ? 1 : 0;
$sth->execute($linkinfooter, $userid, $q->{'name'});
$sth->execute($linkinfooter, $user->id, $q->{'name'});
}
Bugzilla->user->flush_queries_cache;
$user->flush_queries_cache;
my $showmybugslink = defined($cgi->param("showmybugslink")) ? 1 : 0;
$dbh->do("UPDATE profiles SET mybugslink = $showmybugslink " .
"WHERE userid = " . Bugzilla->user->id);
Bugzilla->user->{'showmybugslink'} = $showmybugslink;
$dbh->do("UPDATE profiles SET mybugslink = ? WHERE userid = ?",
undef, ($showmybugslink, $user->id));
$user->{'showmybugslink'} = $showmybugslink;
}