Bug 130373 - sorting by target milestone genreated bogus error

patch by ddkilzer@theracingworld.com, r=bbaetz, justdave
author: bbaetz%student.usyd.edu.au <> 2002-04-04 14:28:27 +0200
committer: bbaetz%student.usyd.edu.au <> 2002-04-04 14:28:27 +0200
commit: 2cdfeb466e078648201b104f8f3f8fe539e37e02 (patch)
tree: 2f057ef59391098880054c489655d33ce6ca8fa4 /buglist.cgi
parent: ad66df6731224f96d51010c5b7da0e020425899f (diff)
download: bugzilla-2cdfeb466e078648201b104f8f3f8fe539e37e02.tar.gz
bugzilla-2cdfeb466e078648201b104f8f3f8fe539e37e02.tar.xz
1 files changed, 26 insertions, 11 deletions
diff --git a/buglist.cgi b/buglist.cgi
index e4e4bbb56..2895ddd81 100755
--- a/buglist.cgi
+++ b/buglist.cgi
@@ -92,6 +92,7 @@ my $serverpush =
             || $::FORM{'serverpush'};
 
 my $order = $::FORM{'order'} || "";
+my $order_from_cookie = 0;  # True if $order set using $::COOKIE{'LASTORDER'}
 
 # If the user is retrieving the last bug list they looked at, hack the buffer
 # storing the query string so that it looks like a query retrieving those bugs.
@@ -1270,9 +1271,12 @@ my $query = GenerateSQL(\@selectnames, $::buffer);
 # Add to the query some instructions for sorting the bug list.
 if ($::COOKIE{'LASTORDER'} && !$order || $order =~ /^reuse/i) {
     $order = url_decode($::COOKIE{'LASTORDER'});
+    $order_from_cookie = 1;
 }
 
 if ($order) {
+    my $db_order;  # Modified version of $order for use with SQL query
+
     # Convert the value of the "order" form field into a list of columns
     # by which to sort the results.
     ORDER: for ($order) {
@@ -1283,9 +1287,16 @@ if ($order) {
                 my @columnnames = map($columns->{lc($_)}->{'name'}, keys(%$columns));
                 if (!grep($_ eq $fragment, @columnnames)) {
                     my $qfragment = html_quote($fragment);
-                    DisplayError("The custom sort order you specified in your
-                                  form submission or cookie contains an invalid
-                                  column name <em>$qfragment</em>.");
+                    my $error = "The custom sort order you specified in your "
+                              . "form submission contains an invalid column "
+                              . "name <em>$qfragment</em>.";
+                    if ($order_from_cookie) {
+                        my $cookiepath = Param("cookiepath");
+                        print "Set-Cookie: LASTORDER= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT\n";
+                        $error =~ s/form submission/cookie/;
+                        $error .= "  The cookie has been cleared.";
+                    }
+                    DisplayError($error);
                     exit;
                 }
             }
@@ -1314,19 +1325,21 @@ if ($order) {
         $order = "bugs.bug_status, bugs.priority, map_assigned_to.login_name, bugs.bug_id";
     }
 
+    $db_order = $order;  # Copy $order into $db_order for use with SQL query
+
     # Extra special disgusting hack: if we are ordering by target_milestone,
     # change it to order by the sortkey of the target_milestone first.
-    if ($order =~ /bugs.target_milestone/) {
-        $order =~ s/bugs.target_milestone/ms_order.sortkey,ms_order.value/;
+    if ($db_order =~ /bugs.target_milestone/) {
+        $db_order =~ s/bugs.target_milestone/ms_order.sortkey,ms_order.value/;
         $query =~ s/\sWHERE\s/ LEFT JOIN milestones ms_order ON ms_order.value = bugs.target_milestone AND ms_order.product = bugs.product WHERE /;
     }
 
     # If we are sorting by votes, sort in descending order.
-    if ($order =~ /bugs.votes\s+(asc|desc){0}/i) {
-        $order =~ s/bugs.votes/bugs.votes desc/i;
+    if ($db_order =~ /bugs.votes\s+(asc|desc){0}/i) {
+        $db_order =~ s/bugs.votes/bugs.votes desc/i;
     }
 
-    $query .= " ORDER BY $order ";
+    $query .= " ORDER BY $db_order ";
 }
 
 
@@ -1519,18 +1532,20 @@ print "\n--thisrandomstring\n" if $serverpush;
 print "Content-Disposition: inline; filename=$filename\n" unless $serverpush;
 
 if ($format->{'extension'} eq "html") {
+    my $cookiepath = Param("cookiepath");
     print "Content-Type: text/html\n";
 
     if ($order) {
         my $qorder = url_quote($order);
-        print "Set-Cookie: LASTORDER=$qorder ; path=/; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
+        print "Set-Cookie: LASTORDER=$qorder ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
     }
     my $bugids = join(":", map( $_->{'id'}, @bugs));
+    # See also Bug 111999
     if (length($bugids) < 4000) {
-        print "Set-Cookie: BUGLIST=$bugids\n";
+        print "Set-Cookie: BUGLIST=$bugids ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
     }
     else {
-        print "Set-Cookie: BUGLIST=\n";
+        print "Set-Cookie: BUGLIST= ; path=$cookiepath; expires=Sun, 30-Jun-2029 00:00:00 GMT\n";
         $vars->{'toolong'} = 1;
     }
 }
author	bbaetz%student.usyd.edu.au <>	2002-04-04 14:28:27 +0200
committer	bbaetz%student.usyd.edu.au <>	2002-04-04 14:28:27 +0200
commit	2cdfeb466e078648201b104f8f3f8fe539e37e02 (patch)
tree	2f057ef59391098880054c489655d33ce6ca8fa4 /buglist.cgi
parent	ad66df6731224f96d51010c5b7da0e020425899f (diff)
download	bugzilla-2cdfeb466e078648201b104f8f3f8fe539e37e02.tar.gz bugzilla-2cdfeb466e078648201b104f8f3f8fe539e37e02.tar.xz