diff options
| author | lpsolit%gmail.com <> | 2006-12-30 11:02:00 +0100 |
|---|---|---|
| committer | lpsolit%gmail.com <> | 2006-12-30 11:02:00 +0100 |
| commit | 56a98b2af24af47f667dd290b2be102755fd634f (patch) | |
| tree | dc20e7ba27635c716569b3b293f0bbf0b1bce45b /buglist.cgi | |
| parent | 80617c837c0e843d455cc5dfe6d3925937bea7f6 (diff) | |
| download | bugzilla-56a98b2af24af47f667dd290b2be102755fd634f.tar.gz bugzilla-56a98b2af24af47f667dd290b2be102755fd634f.tar.xz | |
Bug 365352: Lists of bugs (a.k.a tags) may be overwritten or deleted when tagging a new bug - Patch by Frédéric Buclin <LpSolit@gmail.com> r=bkor a=justdave
Diffstat (limited to 'buglist.cgi')
| -rwxr-xr-x | buglist.cgi | 23 |
1 files changed, 17 insertions, 6 deletions
diff --git a/buglist.cgi b/buglist.cgi index 0cab4fad7..e32a17dda 100755 --- a/buglist.cgi +++ b/buglist.cgi @@ -212,7 +212,7 @@ sub DiffDate { } sub LookupNamedQuery { - my ($name, $sharer_id) = @_; + my ($name, $sharer_id, $query_type) = @_; my $user = Bugzilla->login(LOGIN_REQUIRED); my $dbh = Bugzilla->dbh; my $owner_id; @@ -230,10 +230,19 @@ sub LookupNamedQuery { $owner_id = $user->id; } - my ($id, $result) = $dbh->selectrow_array('SELECT id, query + my @args = ($owner_id, $name); + my $extra = ''; + # If $query_type is defined, then we restrict our search. + if (defined $query_type) { + $extra = ' AND query_type = ? '; + detaint_natural($query_type); + push(@args, $query_type); + } + my ($id, $result) = $dbh->selectrow_array("SELECT id, query FROM namedqueries - WHERE userid = ? AND name = ?', - undef, ($owner_id, $name)); + WHERE userid = ? AND name = ? + $extra", + undef, @args); defined($result) || ThrowUserError("missing_query", {'queryname' => $name, 'sharer_id' => $sharer_id}); @@ -494,8 +503,10 @@ elsif (($cgi->param('cmdtype') eq "doit") && defined $cgi->param('remtype')) { # No new query name has been given. We retrieve bug IDs # currently set in the selected saved search. $query_name = $cgi->param('oldqueryname'); - my $old_query = LookupNamedQuery($query_name); - foreach my $bug_id (split(/[\s,=]+/, $old_query)) { + my $old_query = LookupNamedQuery($query_name, undef, LIST_OF_BUGS); + # We get the encoded query. We need to decode it. + my $old_cgi = new Bugzilla::CGI($old_query); + foreach my $bug_id (split /[\s,]+/, scalar $old_cgi->param('bug_id')) { $bug_ids{$bug_id} = 1 if detaint_natural($bug_id); } } |