diff options
| author | Perl Tidy <perltidy@bugzilla.org> | 2018-12-05 21:38:52 +0100 |
|---|---|---|
| committer | Dylan William Hardison <dylan@hardison.net> | 2018-12-05 23:49:08 +0100 |
| commit | 8ec8da0491ad89604700b3e29a227966f6d84ba1 (patch) | |
| tree | 9d270f173330ca19700e0ba9f2ee931300646de1 /editwhines.cgi | |
| parent | a7bb5a65b71644d9efce5fed783ed545b9336548 (diff) | |
| download | bugzilla-8ec8da0491ad89604700b3e29a227966f6d84ba1.tar.gz bugzilla-8ec8da0491ad89604700b3e29a227966f6d84ba1.tar.xz | |
no bug - reformat all the code using the new perltidy rules
Diffstat (limited to 'editwhines.cgi')
| -rwxr-xr-x | editwhines.cgi | 550 |
1 files changed, 277 insertions, 273 deletions
diff --git a/editwhines.cgi b/editwhines.cgi index 31b3dcfaf..1ad1292f5 100755 --- a/editwhines.cgi +++ b/editwhines.cgi @@ -39,9 +39,9 @@ my $template = Bugzilla->template; my $vars = {}; my $dbh = Bugzilla->dbh; -my $userid = $user->id; -my $token = $cgi->param('token'); -my $sth; # database statement handle +my $userid = $user->id; +my $token = $cgi->param('token'); +my $sth; # database statement handle # $events is a hash ref of Bugzilla::Whine objects keyed by event id, # that stores the active user's events. @@ -64,9 +64,8 @@ my $events = get_events($userid); # First see if this user may use whines $user->in_group('bz_canusewhines') - || ThrowUserError("auth_failure", {group => "bz_canusewhines", - action => "schedule", - object => "reports"}); + || ThrowUserError("auth_failure", + {group => "bz_canusewhines", action => "schedule", object => "reports"}); # May this user send mail to other users? my $can_mail_others = Bugzilla->user->in_group('bz_canusewhineatothers'); @@ -75,240 +74,245 @@ my $can_mail_others = Bugzilla->user->in_group('bz_canusewhineatothers'); # removed, then what was altered. if ($cgi->param('update')) { - check_token_data($token, 'edit_whine'); - - if ($cgi->param("add_event")) { - # we create a new event - $sth = $dbh->prepare("INSERT INTO whine_events " . - "(owner_userid) " . - "VALUES (?)"); - $sth->execute($userid); - } - else { - for my $eventid (keys %{$events}) { - # delete an entire event - if ($cgi->param("remove_event_$eventid")) { - # We need to make sure these belong to the same user, - # otherwise we could simply delete whatever matched that ID. - # - # schedules - my $schedules = Bugzilla::Whine::Schedule->match({ eventid => $eventid }); - $sth = $dbh->prepare("DELETE FROM whine_schedules " - . "WHERE id=?"); - foreach my $schedule (@$schedules) { - $sth->execute($schedule->id); - } - - # queries - $sth = $dbh->prepare("SELECT whine_queries.id " . - "FROM whine_queries " . - "LEFT JOIN whine_events " . - "ON whine_events.id = " . - "whine_queries.eventid " . - "WHERE whine_events.id = ? " . - "AND whine_events.owner_userid = ?"); - $sth->execute($eventid, $userid); - my @ids = @{$sth->fetchall_arrayref}; - $sth = $dbh->prepare("DELETE FROM whine_queries " . - "WHERE id=?"); - for (@ids) { - my $delete_id = $_->[0]; - $sth->execute($delete_id); - } - - # events - $sth = $dbh->prepare("DELETE FROM whine_events " . - "WHERE id=? AND owner_userid=?"); - $sth->execute($eventid, $userid); - } - else { - # check the subject, body and mailifnobugs for changes - my $subject = ($cgi->param("event_${eventid}_subject") or ''); - my $body = ($cgi->param("event_${eventid}_body") or ''); - my $mailifnobugs = $cgi->param("event_${eventid}_mailifnobugs") ? 1 : 0; - - trick_taint($subject) if $subject; - trick_taint($body) if $body; - - if ( ($subject ne $events->{$eventid}->subject) - || ($mailifnobugs != $events->{$eventid}->mail_if_no_bugs) - || ($body ne $events->{$eventid}->body) ) { - - $sth = $dbh->prepare("UPDATE whine_events " . - "SET subject=?, body=?, mailifnobugs=? " . - "WHERE id=?"); - $sth->execute($subject, $body, $mailifnobugs, $eventid); - } - - # add a schedule - if ($cgi->param("add_schedule_$eventid")) { - # the schedule table must be locked before altering - $sth = $dbh->prepare("INSERT INTO whine_schedules " . - "(eventid, mailto_type, mailto, " . - "run_day, run_time) " . - "VALUES (?, ?, ?, 'Sun', 2)"); - $sth->execute($eventid, MAILTO_USER, $userid); - } - # add a query - elsif ($cgi->param("add_query_$eventid")) { - $sth = $dbh->prepare("INSERT INTO whine_queries " - . "(eventid) " - . "VALUES (?)"); - $sth->execute($eventid); - } - } + check_token_data($token, 'edit_whine'); + + if ($cgi->param("add_event")) { + + # we create a new event + $sth = $dbh->prepare( + "INSERT INTO whine_events " . "(owner_userid) " . "VALUES (?)"); + $sth->execute($userid); + } + else { + for my $eventid (keys %{$events}) { + + # delete an entire event + if ($cgi->param("remove_event_$eventid")) { + + # We need to make sure these belong to the same user, + # otherwise we could simply delete whatever matched that ID. + # + # schedules + my $schedules = Bugzilla::Whine::Schedule->match({eventid => $eventid}); + $sth = $dbh->prepare("DELETE FROM whine_schedules " . "WHERE id=?"); + foreach my $schedule (@$schedules) { + $sth->execute($schedule->id); + } + + # queries + $sth + = $dbh->prepare("SELECT whine_queries.id " + . "FROM whine_queries " + . "LEFT JOIN whine_events " + . "ON whine_events.id = " + . "whine_queries.eventid " + . "WHERE whine_events.id = ? " + . "AND whine_events.owner_userid = ?"); + $sth->execute($eventid, $userid); + my @ids = @{$sth->fetchall_arrayref}; + $sth = $dbh->prepare("DELETE FROM whine_queries " . "WHERE id=?"); + for (@ids) { + my $delete_id = $_->[0]; + $sth->execute($delete_id); + } - # now check all of the schedules and queries to see if they need - # to be altered or deleted + # events + $sth = $dbh->prepare( + "DELETE FROM whine_events " . "WHERE id=? AND owner_userid=?"); + $sth->execute($eventid, $userid); + } + else { + # check the subject, body and mailifnobugs for changes + my $subject = ($cgi->param("event_${eventid}_subject") or ''); + my $body = ($cgi->param("event_${eventid}_body") or ''); + my $mailifnobugs = $cgi->param("event_${eventid}_mailifnobugs") ? 1 : 0; + + trick_taint($subject) if $subject; + trick_taint($body) if $body; + + if ( ($subject ne $events->{$eventid}->subject) + || ($mailifnobugs != $events->{$eventid}->mail_if_no_bugs) + || ($body ne $events->{$eventid}->body)) + { + + $sth + = $dbh->prepare("UPDATE whine_events " + . "SET subject=?, body=?, mailifnobugs=? " + . "WHERE id=?"); + $sth->execute($subject, $body, $mailifnobugs, $eventid); + } - # Check schedules for changes - my $schedules = Bugzilla::Whine::Schedule->match({ eventid => $eventid }); - my @scheduleids = (); - foreach my $schedule (@$schedules) { - push @scheduleids, $schedule->id; - } + # add a schedule + if ($cgi->param("add_schedule_$eventid")) { - # we need to double-check all of the user IDs in mailto to make - # sure they exist - my $arglist = {}; # args for match_field - for my $sid (@scheduleids) { - if ($cgi->param("mailto_type_$sid") == MAILTO_USER) { - $arglist->{"mailto_$sid"} = { - 'type' => 'single', - }; - } - } - if (scalar %{$arglist}) { - Bugzilla::User::match_field($arglist); - } + # the schedule table must be locked before altering + $sth + = $dbh->prepare("INSERT INTO whine_schedules " + . "(eventid, mailto_type, mailto, " + . "run_day, run_time) " + . "VALUES (?, ?, ?, 'Sun', 2)"); + $sth->execute($eventid, MAILTO_USER, $userid); + } - for my $sid (@scheduleids) { - if ($cgi->param("remove_schedule_$sid")) { - # having the assignee id in here is a security failsafe - $sth = $dbh->prepare("SELECT whine_schedules.id " . - "FROM whine_schedules " . - "LEFT JOIN whine_events " . - "ON whine_events.id = " . - "whine_schedules.eventid " . - "WHERE whine_events.owner_userid=? " . - "AND whine_schedules.id =?"); - $sth->execute($userid, $sid); - - my @ids = @{$sth->fetchall_arrayref}; - for (@ids) { - $sth = $dbh->prepare("DELETE FROM whine_schedules " . - "WHERE id=?"); - $sth->execute($_->[0]); - } - } - else { - my $o_day = $cgi->param("orig_day_$sid") || ''; - my $day = $cgi->param("day_$sid") || ''; - my $o_time = $cgi->param("orig_time_$sid") || 0; - my $time = $cgi->param("time_$sid") || 0; - my $o_mailto = $cgi->param("orig_mailto_$sid") || ''; - my $mailto = $cgi->param("mailto_$sid") || ''; - my $o_mailto_type = $cgi->param("orig_mailto_type_$sid") || 0; - my $mailto_type = $cgi->param("mailto_type_$sid") || 0; - - my $mailto_id = $userid; - - # get an id for the mailto address - if ($can_mail_others && $mailto) { - if ($mailto_type == MAILTO_USER) { - $mailto_id = login_to_id($mailto); - } - elsif ($mailto_type == MAILTO_GROUP) { - # The group name is used in a placeholder. - trick_taint($mailto); - $mailto_id = Bugzilla::Group::ValidateGroupName($mailto, ($user)) - || ThrowUserError('invalid_group_name', { name => $mailto }); - } - else { - # bad value, so it will just mail to the whine - # owner. $mailto_id was already set above. - $mailto_type = MAILTO_USER; - } - } - - detaint_natural($mailto_type); - - if ( ($o_day ne $day) || - ($o_time ne $time) || - ($o_mailto ne $mailto) || - ($o_mailto_type != $mailto_type) ){ - - trick_taint($day); - trick_taint($time); - - # the schedule table must be locked - $sth = $dbh->prepare("UPDATE whine_schedules " . - "SET run_day=?, run_time=?, " . - "mailto_type=?, mailto=?, " . - "run_next=NULL " . - "WHERE id=?"); - $sth->execute($day, $time, $mailto_type, - $mailto_id, $sid); - } - } + # add a query + elsif ($cgi->param("add_query_$eventid")) { + $sth + = $dbh->prepare("INSERT INTO whine_queries " . "(eventid) " . "VALUES (?)"); + $sth->execute($eventid); + } + } + + # now check all of the schedules and queries to see if they need + # to be altered or deleted + + # Check schedules for changes + my $schedules = Bugzilla::Whine::Schedule->match({eventid => $eventid}); + my @scheduleids = (); + foreach my $schedule (@$schedules) { + push @scheduleids, $schedule->id; + } + + # we need to double-check all of the user IDs in mailto to make + # sure they exist + my $arglist = {}; # args for match_field + for my $sid (@scheduleids) { + if ($cgi->param("mailto_type_$sid") == MAILTO_USER) { + $arglist->{"mailto_$sid"} = {'type' => 'single',}; + } + } + if (scalar %{$arglist}) { + Bugzilla::User::match_field($arglist); + } + + for my $sid (@scheduleids) { + if ($cgi->param("remove_schedule_$sid")) { + + # having the assignee id in here is a security failsafe + $sth + = $dbh->prepare("SELECT whine_schedules.id " + . "FROM whine_schedules " + . "LEFT JOIN whine_events " + . "ON whine_events.id = " + . "whine_schedules.eventid " + . "WHERE whine_events.owner_userid=? " + . "AND whine_schedules.id =?"); + $sth->execute($userid, $sid); + + my @ids = @{$sth->fetchall_arrayref}; + for (@ids) { + $sth = $dbh->prepare("DELETE FROM whine_schedules " . "WHERE id=?"); + $sth->execute($_->[0]); + } + } + else { + my $o_day = $cgi->param("orig_day_$sid") || ''; + my $day = $cgi->param("day_$sid") || ''; + my $o_time = $cgi->param("orig_time_$sid") || 0; + my $time = $cgi->param("time_$sid") || 0; + my $o_mailto = $cgi->param("orig_mailto_$sid") || ''; + my $mailto = $cgi->param("mailto_$sid") || ''; + my $o_mailto_type = $cgi->param("orig_mailto_type_$sid") || 0; + my $mailto_type = $cgi->param("mailto_type_$sid") || 0; + + my $mailto_id = $userid; + + # get an id for the mailto address + if ($can_mail_others && $mailto) { + if ($mailto_type == MAILTO_USER) { + $mailto_id = login_to_id($mailto); } + elsif ($mailto_type == MAILTO_GROUP) { - # Check queries for changes - my $queries = Bugzilla::Whine::Query->match({ eventid => $eventid }); - for my $query (@$queries) { - my $qid = $query->id; - if ($cgi->param("remove_query_$qid")) { - - $sth = $dbh->prepare("SELECT whine_queries.id " . - "FROM whine_queries " . - "LEFT JOIN whine_events " . - "ON whine_events.id = " . - "whine_queries.eventid " . - "WHERE whine_events.owner_userid=? " . - "AND whine_queries.id =?"); - $sth->execute($userid, $qid); - - for (@{$sth->fetchall_arrayref}) { - $sth = $dbh->prepare("DELETE FROM whine_queries " . - "WHERE id=?"); - $sth->execute($_->[0]); - } - } - else { - my $o_sort = $cgi->param("orig_query_sort_$qid") || 0; - my $sort = $cgi->param("query_sort_$qid") || 0; - my $o_queryname = $cgi->param("orig_query_name_$qid") || ''; - my $queryname = $cgi->param("query_name_$qid") || ''; - my $o_title = $cgi->param("orig_query_title_$qid") || ''; - my $title = $cgi->param("query_title_$qid") || ''; - my $o_onemailperbug = - $cgi->param("orig_query_onemailperbug_$qid") || 0; - my $onemailperbug = - $cgi->param("query_onemailperbug_$qid") ? 1 : 0; - - if ( ($o_sort != $sort) || - ($o_queryname ne $queryname) || - ($o_onemailperbug != $onemailperbug) || - ($o_title ne $title) ){ - - detaint_natural($sort); - trick_taint($queryname); - trick_taint($title); - - $sth = $dbh->prepare("UPDATE whine_queries " . - "SET sortkey=?, " . - "query_name=?, " . - "title=?, " . - "onemailperbug=? " . - "WHERE id=?"); - $sth->execute($sort, $queryname, $title, - $onemailperbug, $qid); - } - } + # The group name is used in a placeholder. + trick_taint($mailto); + $mailto_id = Bugzilla::Group::ValidateGroupName($mailto, ($user)) + || ThrowUserError('invalid_group_name', {name => $mailto}); } + else { + # bad value, so it will just mail to the whine + # owner. $mailto_id was already set above. + $mailto_type = MAILTO_USER; + } + } + + detaint_natural($mailto_type); + + if ( ($o_day ne $day) + || ($o_time ne $time) + || ($o_mailto ne $mailto) + || ($o_mailto_type != $mailto_type)) + { + + trick_taint($day); + trick_taint($time); + + # the schedule table must be locked + $sth + = $dbh->prepare("UPDATE whine_schedules " + . "SET run_day=?, run_time=?, " + . "mailto_type=?, mailto=?, " + . "run_next=NULL " + . "WHERE id=?"); + $sth->execute($day, $time, $mailto_type, $mailto_id, $sid); + } + } + } + + # Check queries for changes + my $queries = Bugzilla::Whine::Query->match({eventid => $eventid}); + for my $query (@$queries) { + my $qid = $query->id; + if ($cgi->param("remove_query_$qid")) { + + $sth + = $dbh->prepare("SELECT whine_queries.id " + . "FROM whine_queries " + . "LEFT JOIN whine_events " + . "ON whine_events.id = " + . "whine_queries.eventid " + . "WHERE whine_events.owner_userid=? " + . "AND whine_queries.id =?"); + $sth->execute($userid, $qid); + + for (@{$sth->fetchall_arrayref}) { + $sth = $dbh->prepare("DELETE FROM whine_queries " . "WHERE id=?"); + $sth->execute($_->[0]); + } } + else { + my $o_sort = $cgi->param("orig_query_sort_$qid") || 0; + my $sort = $cgi->param("query_sort_$qid") || 0; + my $o_queryname = $cgi->param("orig_query_name_$qid") || ''; + my $queryname = $cgi->param("query_name_$qid") || ''; + my $o_title = $cgi->param("orig_query_title_$qid") || ''; + my $title = $cgi->param("query_title_$qid") || ''; + my $o_onemailperbug = $cgi->param("orig_query_onemailperbug_$qid") || 0; + my $onemailperbug = $cgi->param("query_onemailperbug_$qid") ? 1 : 0; + + if ( ($o_sort != $sort) + || ($o_queryname ne $queryname) + || ($o_onemailperbug != $onemailperbug) + || ($o_title ne $title)) + { + + detaint_natural($sort); + trick_taint($queryname); + trick_taint($title); + + $sth + = $dbh->prepare("UPDATE whine_queries " + . "SET sortkey=?, " + . "query_name=?, " + . "title=?, " + . "onemailperbug=? " + . "WHERE id=?"); + $sth->execute($sort, $queryname, $title, $onemailperbug, $qid); + } + } + } } - delete_token($token); + } + delete_token($token); } $vars->{'mail_others'} = $can_mail_others; @@ -334,44 +338,43 @@ $events = get_events($userid); # # build the whine list by event id for my $event_id (keys %{$events}) { - $events->{$event_id}->{'schedule'} = []; - $events->{$event_id}->{'queries'} = []; - - # schedules - my $schedules = Bugzilla::Whine::Schedule->match({ eventid => $event_id }); - foreach my $schedule (@$schedules) { - my $mailto_type = $schedule->mailto_is_group ? MAILTO_GROUP - : MAILTO_USER; - my $mailto = ''; - if ($mailto_type == MAILTO_USER) { - $mailto = $schedule->mailto->login; - } - elsif ($mailto_type == MAILTO_GROUP) { - $mailto = $schedule->mailto->name; - } - - push @{$events->{$event_id}->{'schedule'}}, - { - 'day' => $schedule->run_day, - 'time' => $schedule->run_time, - 'mailto_type' => $mailto_type, - 'mailto' => $mailto, - 'id' => $schedule->id, - }; + $events->{$event_id}->{'schedule'} = []; + $events->{$event_id}->{'queries'} = []; + + # schedules + my $schedules = Bugzilla::Whine::Schedule->match({eventid => $event_id}); + foreach my $schedule (@$schedules) { + my $mailto_type = $schedule->mailto_is_group ? MAILTO_GROUP : MAILTO_USER; + my $mailto = ''; + if ($mailto_type == MAILTO_USER) { + $mailto = $schedule->mailto->login; } - - # queries - my $queries = Bugzilla::Whine::Query->match({ eventid => $event_id }); - for my $query (@$queries) { - push @{$events->{$event_id}->{'queries'}}, - { - 'name' => $query->name, - 'title' => $query->title, - 'sort' => $query->sortkey, - 'id' => $query->id, - 'onemailperbug' => $query->one_email_per_bug, - }; + elsif ($mailto_type == MAILTO_GROUP) { + $mailto = $schedule->mailto->name; } + + push @{$events->{$event_id}->{'schedule'}}, + { + 'day' => $schedule->run_day, + 'time' => $schedule->run_time, + 'mailto_type' => $mailto_type, + 'mailto' => $mailto, + 'id' => $schedule->id, + }; + } + + # queries + my $queries = Bugzilla::Whine::Query->match({eventid => $event_id}); + for my $query (@$queries) { + push @{$events->{$event_id}->{'queries'}}, + { + 'name' => $query->name, + 'title' => $query->title, + 'sort' => $query->sortkey, + 'id' => $query->id, + 'onemailperbug' => $query->one_email_per_bug, + }; + } } $vars->{'events'} = $events; @@ -382,10 +385,11 @@ $sth->execute($userid); $vars->{'available_queries'} = []; while (my ($query) = $sth->fetchrow_array) { - push @{$vars->{'available_queries'}}, $query; + push @{$vars->{'available_queries'}}, $query; } $vars->{'token'} = issue_session_token('edit_whine'); -$vars->{'local_timezone'} = Bugzilla->local_timezone->short_name_for_datetime(DateTime->now()); +$vars->{'local_timezone'} + = Bugzilla->local_timezone->short_name_for_datetime(DateTime->now()); $template->process("whine/schedule.html.tmpl", $vars) || ThrowTemplateError($template->error()); @@ -393,10 +397,10 @@ $template->process("whine/schedule.html.tmpl", $vars) # get_events takes a userid and returns a hash of # Bugzilla::Whine objects keyed by event ID. sub get_events { - my $userid = shift; - my $event_rows = Bugzilla::Whine->match({ owner_userid => $userid }); - my %events = map { $_->{id} => $_ } @$event_rows; + my $userid = shift; + my $event_rows = Bugzilla::Whine->match({owner_userid => $userid}); + my %events = map { $_->{id} => $_ } @$event_rows; - return \%events; + return \%events; } |