diff options
| author | endico%mozilla.org <> | 2001-03-13 07:35:50 +0100 |
|---|---|---|
| committer | endico%mozilla.org <> | 2001-03-13 07:35:50 +0100 |
| commit | f9ad36979ee316009fe69972da97702ec14110ce (patch) | |
| tree | db3b7d3ae96630345dc9f738b7c48433dddbc1e8 /duplicates.cgi | |
| parent | 771e38ec238c4814bfbe756d80e991eda60f294b (diff) | |
| download | bugzilla-f9ad36979ee316009fe69972da97702ec14110ce.tar.gz bugzilla-f9ad36979ee316009fe69972da97702ec14110ce.tar.xz | |
Checking in Jake's <jake@acutex.net> interim patches from bug 30694. Bugzilla was showing bug summaries to everyone, even if they didn't have permission to view the bug. Jake's quick solution is to not display the bug at all if it is in a group no matter who is viewing it. The correct solution would be display the summary if the viewer had the proper permissions.
Diffstat (limited to 'duplicates.cgi')
| -rwxr-xr-x | duplicates.cgi | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/duplicates.cgi b/duplicates.cgi index c9c692ca3..6bb4e20ab 100755 --- a/duplicates.cgi +++ b/duplicates.cgi @@ -139,9 +139,10 @@ my $i = 0; foreach (@sortedcount) { my $id = $_; - SendSQL("SELECT component, bug_severity, op_sys, target_milestone, short_desc FROM " . - "bugs WHERE bug_id = $id"); - my ($component, $severity, $op_sys, $milestone, $summary) = FetchSQLData(); + SendSQL("SELECT component, bug_severity, op_sys, target_milestone, short_desc, groupset " . + " FROM bugs WHERE bug_id = $id"); + my ($component, $severity, $op_sys, $milestone, $summary, $groupset) = FetchSQLData(); + next unless $groupset == 0; $summary = html_quote($summary); print "<tr>"; print '<td><center><A HREF="show_bug.cgi?id=' . $id . '">'; |