diff options
author | David Lawrence <dkl@mozilla.com> | 2016-10-27 05:18:12 +0200 |
---|---|---|
committer | David Lawrence <dkl@mozilla.com> | 2016-10-27 05:18:12 +0200 |
commit | ee119fdcac682c80ac056ab74cf3db0264a5ed5b (patch) | |
tree | 0d80e20c0449cc1ffb0bac12a7b5013a52c040a1 /extensions/BMO/Extension.pm | |
parent | 96fc28e859ed50cbef822ce14e60d53e9ebd2936 (diff) | |
download | bugzilla-ee119fdcac682c80ac056ab74cf3db0264a5ed5b.tar.gz bugzilla-ee119fdcac682c80ac056ab74cf3db0264a5ed5b.tar.xz |
Bug 1306637 - add checkbox to page.cgi?id=query_database.html to dump results as csv instead of rendering html table
Diffstat (limited to 'extensions/BMO/Extension.pm')
-rw-r--r-- | extensions/BMO/Extension.pm | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/extensions/BMO/Extension.pm b/extensions/BMO/Extension.pm index 8d7301f8b..34af43892 100644 --- a/extensions/BMO/Extension.pm +++ b/extensions/BMO/Extension.pm @@ -2258,9 +2258,11 @@ sub forced_format { sub query_database { my ($vars) = @_; + my $cgi = Bugzilla->cgi; + my $user = Bugzilla->user; + my $template = Bugzilla->template; # validate group membership - my $user = Bugzilla->user; $user->in_group('query_database') || ThrowUserError('auth_failure', { group => 'query_database', action => 'access', @@ -2272,6 +2274,12 @@ sub query_database { $vars->{query} = $query; if ($query) { + # Only allow POST requests + if ($cgi->request_method ne 'POST') { + ThrowCodeError('illegal_request_method', + { method => $cgi->request_method, accepted => ['POST'] }); + } + check_hash_token($input->{token}, ['query_database']); trick_taint($query); $vars->{executed} = 1; @@ -2308,6 +2316,14 @@ sub query_database { # return results $vars->{columns} = $columns; $vars->{rows} = $rows; + + if ($input->{csv}) { + print $cgi->header(-type=> 'text/csv', + -content_disposition=> "attachment; filename=\"query_database.csv\""); + $template->process("pages/query_database.csv.tmpl", $vars) + || ThrowTemplateError($template->error()); + exit; + } } } |