summaryrefslogtreecommitdiffstats
path: root/quips.cgi
diff options
context:
space:
mode:
authorlpsolit%gmail.com <>2005-10-27 01:15:48 +0200
committerlpsolit%gmail.com <>2005-10-27 01:15:48 +0200
commitf4915acec3dc0f746d068ba5c8019ed58df8bdfe (patch)
tree8914f41d7e2040beb5c962d2b9cfcff6bf7fdb55 /quips.cgi
parentba7c33a6c05815453f8ca694f8aec3a6907720c9 (diff)
downloadbugzilla-f4915acec3dc0f746d068ba5c8019ed58df8bdfe.tar.gz
bugzilla-f4915acec3dc0f746d068ba5c8019ed58df8bdfe.tar.xz
Bug 303693: Eliminate deprecated Bugzilla::DB routines from describe*.cgi, duplicates.cgi, quips.cgi, report.cgi, request.cgi and showdependency*.cgi - Patch by Teemu Mannermaa <wicked@etlicon.fi> r=LpSolit a=myk
Diffstat (limited to 'quips.cgi')
-rwxr-xr-xquips.cgi36
1 files changed, 20 insertions, 16 deletions
diff --git a/quips.cgi b/quips.cgi
index f661d5476..c7dadee5d 100755
--- a/quips.cgi
+++ b/quips.cgi
@@ -36,6 +36,7 @@ use Bugzilla::Constants;
Bugzilla->login(LOGIN_REQUIRED);
my $cgi = Bugzilla->cgi;
+my $dbh = Bugzilla->dbh;
my $template = Bugzilla->template;
my $vars = {};
@@ -43,23 +44,24 @@ my $action = $cgi->param('action') || "";
if ($action eq "show") {
# Read in the entire quip list
- SendSQL("SELECT quipid, userid, quip, approved FROM quips");
+ my $quipsref = $dbh->selectall_arrayref(
+ "SELECT quipid, userid, quip, approved FROM quips");
my $quips;
my @quipids;
- while (MoreSQLData()) {
- my ($quipid, $userid, $quip, $approved) = FetchSQLData();
+ foreach my $quipref (@$quipsref) {
+ my ($quipid, $userid, $quip, $approved) = @$quipref;
$quips->{$quipid} = {'userid' => $userid, 'quip' => $quip,
'approved' => $approved};
push(@quipids, $quipid);
}
my $users;
+ my $sth = $dbh->prepare("SELECT login_name FROM profiles WHERE userid = ?");
foreach my $quipid (@quipids) {
my $userid = $quips->{$quipid}{'userid'};
if ($userid && not defined $users->{$userid}) {
- SendSQL("SELECT login_name FROM profiles WHERE userid = $userid");
- $users->{$userid} = FetchOneColumn();
+ ($users->{$userid}) = $dbh->selectrow_array($sth, undef, $userid);
}
}
$vars->{'quipids'} = \@quipids;
@@ -77,20 +79,21 @@ if ($action eq "add") {
(Param('quip_list_entry_control') eq "open") || (UserInGroup('admin')) || 0;
my $comment = $cgi->param("quip");
$comment || ThrowUserError("need_quip");
+ trick_taint($comment); # Used in a placeholder below
- SendSQL("INSERT INTO quips (userid, quip, approved) VALUES " .
- '(' . $userid . ', ' . SqlQuote($comment) . ', ' . $approved . ')');
+ $dbh->do("INSERT INTO quips (userid, quip, approved) VALUES (?, ?, ?)",
+ undef, ($userid, $comment, $approved));
$vars->{'added_quip'} = $comment;
}
if ($action eq 'approve') {
# Read in the entire quip list
- SendSQL("SELECT quipid, approved FROM quips");
-
+ my $quipsref = $dbh->selectall_arrayref("SELECT quipid, approved FROM quips");
+
my %quips;
- while (MoreSQLData()) {
- my ($quipid, $approved) = FetchSQLData();
+ foreach my $quipref (@$quipsref) {
+ my ($quipid, $approved) = @$quipref;
$quips{$quipid} = $approved;
}
@@ -103,9 +106,9 @@ if ($action eq 'approve') {
else { push(@unapproved, $quipid); }
}
}
- SendSQL("UPDATE quips SET approved = 1 WHERE quipid IN (" .
+ $dbh->do("UPDATE quips SET approved = 1 WHERE quipid IN (" .
join(",", @approved) . ")") if($#approved > -1);
- SendSQL("UPDATE quips SET approved = 0 WHERE quipid IN (" .
+ $dbh->do("UPDATE quips SET approved = 0 WHERE quipid IN (" .
join(",", @unapproved) . ")") if($#unapproved > -1);
$vars->{ 'approved' } = \@approved;
$vars->{ 'unapproved' } = \@unapproved;
@@ -120,9 +123,10 @@ if ($action eq "delete") {
ThrowCodeError("need_quipid") unless $quipid =~ /(\d+)/;
$quipid = $1;
- SendSQL("SELECT quip FROM quips WHERE quipid = $quipid");
- $vars->{'deleted_quip'} = FetchSQLData();
- SendSQL("DELETE FROM quips WHERE quipid = $quipid");
+ ($vars->{'deleted_quip'}) = $dbh->selectrow_array(
+ "SELECT quip FROM quips WHERE quipid = ?",
+ undef, $quipid);
+ $dbh->do("DELETE FROM quips WHERE quipid = ?", undef, $quipid);
}
print $cgi->header();