summaryrefslogtreecommitdiffstats
path: root/buglist.cgi
diff options
context:
space:
mode:
authormkanat%bugzilla.org <>2009-08-21 23:33:07 +0200
committermkanat%bugzilla.org <>2009-08-21 23:33:07 +0200
commita2336d70faed66049c4c7fb8d51e044aa34fb205 (patch)
treeadc9d1813341cb00ca87903debcb398abfbb3028 /buglist.cgi
parent4f9f364e9fbbdc6cf3eccd2c59372b9ff49e2a27 (diff)
downloadbugzilla-a2336d70faed66049c4c7fb8d51e044aa34fb205.tar.gz
bugzilla-a2336d70faed66049c4c7fb8d51e044aa34fb205.tar.xz
Bug 449705: Make buglist.cgi's LookupNamedQuery use Bugzilla::Search::Saved
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
Diffstat (limited to 'buglist.cgi')
-rwxr-xr-xbuglist.cgi65
1 files changed, 13 insertions, 52 deletions
diff --git a/buglist.cgi b/buglist.cgi
index 47e1f4ba5..641cbdb37 100755
--- a/buglist.cgi
+++ b/buglist.cgi
@@ -229,64 +229,25 @@ sub DiffDate {
sub LookupNamedQuery {
my ($name, $sharer_id, $query_type, $throw_error) = @_;
- my $user = Bugzilla->login(LOGIN_REQUIRED);
- my $dbh = Bugzilla->dbh;
- my $owner_id;
$throw_error = 1 unless defined $throw_error;
- # $name and $sharer_id are safe -- we only use them below in SELECT
- # placeholders and then in error messages (which are always HTML-filtered).
- $name || ThrowUserError("query_name_missing");
- trick_taint($name);
- if ($sharer_id) {
- $owner_id = $sharer_id;
- detaint_natural($owner_id);
- $owner_id || ThrowUserError('illegal_user_id', {'userid' => $sharer_id});
- }
- else {
- $owner_id = $user->id;
- }
+ Bugzilla->login(LOGIN_REQUIRED);
- my @args = ($owner_id, $name);
- my $extra = '';
- # If $query_type is defined, then we restrict our search.
- if (defined $query_type) {
- $extra = ' AND query_type = ? ';
- detaint_natural($query_type);
- push(@args, $query_type);
- }
- my ($id, $result) = $dbh->selectrow_array("SELECT id, query
- FROM namedqueries
- WHERE userid = ? AND name = ?
- $extra",
- undef, @args);
-
- # Some DBs (read: Oracle) incorrectly mark this string as UTF-8
- # even though it has no UTF-8 characters in it, which prevents
- # Bugzilla::CGI from later reading it correctly.
- utf8::downgrade($result) if utf8::is_utf8($result);
-
- if (!defined($result)) {
- return 0 unless $throw_error;
- ThrowUserError("missing_query", {'queryname' => $name,
- 'sharer_id' => $sharer_id});
- }
+ my $constructor = $throw_error ? 'check' : 'new';
+ my $query = Bugzilla::Search::Saved->$constructor(
+ { user => $sharer_id, name => $name });
- if ($sharer_id) {
- my $group = $dbh->selectrow_array('SELECT group_id
- FROM namedquery_group_map
- WHERE namedquery_id = ?',
- undef, $id);
- if (!grep { $_->id == $group } @{ $user->groups }) {
- ThrowUserError("missing_query", {'queryname' => $name,
- 'sharer_id' => $sharer_id});
- }
+ return $query if (!$query and !$throw_error);
+
+ if (defined $query_type and $query->type != $query_type) {
+ ThrowUserError("missing_query", { queryname => $name,
+ sharer_id => $sharer_id });
}
-
- $result
- || ThrowUserError("buglist_parameters_required", {'queryname' => $name});
- return wantarray ? ($result, $id) : $result;
+ $query->url
+ || ThrowUserError("buglist_parameters_required", { queryname => $name });
+
+ return wantarray ? ($query->url, $query->id) : $query->url;
}
# Inserts a Named Query (a "Saved Search") into the database, or