summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbbaetz%student.usyd.edu.au <>2002-06-26 21:16:24 +0200
committerbbaetz%student.usyd.edu.au <>2002-06-26 21:16:24 +0200
commit0b729766ba6298c596b6f9e1e5452642306d5e3e (patch)
tree692beca945179c4ddf7ee7c02802002e51bcee83
parentb77ad821cb2fff20085e3d990148eec8b383df98 (diff)
downloadbugzilla-0b729766ba6298c596b6f9e1e5452642306d5e3e.tar.gz
bugzilla-0b729766ba6298c596b6f9e1e5452642306d5e3e.tar.xz
Bug 154036 - ccing an invalid user on a bug posts the bug anyway
r=jouni, gerv
-rwxr-xr-xpost_bug.cgi37
1 files changed, 21 insertions, 16 deletions
diff --git a/post_bug.cgi b/post_bug.cgi
index 9190ab1d7..8bba70d59 100755
--- a/post_bug.cgi
+++ b/post_bug.cgi
@@ -200,6 +200,24 @@ if (exists $::FORM{'bug_status'}
$::FORM{'everconfirmed'} = 1;
}
+my %ccids;
+my @cc;
+
+# Create the ccid hash for inserting into the db
+# and the list for passing to processmail
+# use a hash rather than a list to avoid adding users twice
+if (defined $::FORM{'cc'}) {
+ foreach my $person (split(/[ ,]/, $::FORM{'cc'})) {
+ if ($person ne "") {
+ my $ccid = DBNameToIdAndCheck($person);
+ if ($ccid && !$ccids{$ccid}) {
+ $ccids{$ccid} = 1;
+ push(@cc, $person);
+ }
+ }
+ }
+}
+
# Build up SQL string to add bug.
my $sql = "INSERT INTO bugs " .
"(" . join(",", @used_fields) . ", reporter, creation_ts, groupset) " .
@@ -256,22 +274,9 @@ my $id = FetchOneColumn();
SendSQL("INSERT INTO longdescs (bug_id, who, bug_when, thetext)
VALUES ($id, $::userid, now(), " . SqlQuote($comment) . ")");
-my %ccids;
-my $ccid;
-my @cc;
-
-# Add the CC list
-if (defined $::FORM{'cc'}) {
- foreach my $person (split(/[ ,]/, $::FORM{'cc'})) {
- if ($person ne "") {
- $ccid = DBNameToIdAndCheck($person);
- if ($ccid && !$ccids{$ccid}) {
- SendSQL("INSERT INTO cc (bug_id, who) VALUES ($id, $ccid)");
- $ccids{$ccid} = 1;
- push(@cc, $person);
- }
- }
- }
+# Insert the cclist into the database
+foreach my $ccid (keys(%ccids)) {
+ SendSQL("INSERT INTO cc (bug_id, who) VALUES ($id, $ccid)");
}
SendSQL("UNLOCK TABLES") if Param("shadowdb");