diff options
author | mkanat%bugzilla.org <> | 2009-01-29 22:22:19 +0100 |
---|---|---|
committer | mkanat%bugzilla.org <> | 2009-01-29 22:22:19 +0100 |
commit | fc293fbd39f14308fbccd0cf9b523664ae813761 (patch) | |
tree | 2eff5448dfbcf0fb0a0671fad80da0752db8f727 /votes.cgi | |
parent | 25e6018ac8a6cf1a99b299fe60ce6c5b1e1d61e6 (diff) | |
download | bugzilla-fc293fbd39f14308fbccd0cf9b523664ae813761.tar.gz bugzilla-fc293fbd39f14308fbccd0cf9b523664ae813761.tar.xz |
Bug 219021: Only display email addresses to logged-in users
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
Diffstat (limited to 'votes.cgi')
-rwxr-xr-x | votes.cgi | 22 |
1 files changed, 12 insertions, 10 deletions
@@ -52,7 +52,7 @@ my $bug_id = $cgi->param('bug_id'); my $action = $cgi->param('action') || ($bug_id ? "show_bug" : "show_user"); if ($action eq "show_bug" || - ($action eq "show_user" && defined $cgi->param('user'))) + ($action eq "show_user" && defined $cgi->param('user_id'))) { Bugzilla->login(); } @@ -103,7 +103,9 @@ sub show_bug { $vars->{'bug_id'} = $bug_id; $vars->{'users'} = - $dbh->selectall_arrayref('SELECT profiles.login_name, votes.vote_count + $dbh->selectall_arrayref('SELECT profiles.login_name, + profiles.userid AS id, + votes.vote_count FROM votes INNER JOIN profiles ON profiles.userid = votes.who @@ -127,11 +129,11 @@ sub show_user { # If a bug_id is given, and we're editing, we'll add it to the votes list. $bug_id ||= ""; - my $name = $cgi->param('user') || $user->login; - my $who = login_to_id($name, THROW_ERROR); - my $userid = $user->id; + my $who_id = $cgi->param('user_id') || $user->id; + my $who = Bugzilla::User->check({ id => $who_id }); - my $canedit = (Bugzilla->params->{'usevotes'} && $userid == $who) ? 1 : 0; + my $canedit = (Bugzilla->params->{'usevotes'} && $user->id == $who->id) + ? 1 : 0; $dbh->bz_start_transaction(); @@ -140,10 +142,10 @@ sub show_user { # in the vote table, just so that things display right. my $has_votes = $dbh->selectrow_array('SELECT vote_count FROM votes WHERE bug_id = ? AND who = ?', - undef, ($bug_id, $who)); + undef, ($bug_id, $who->id)); if (!$has_votes) { $dbh->do('INSERT INTO votes (who, bug_id, vote_count) - VALUES (?, ?, 0)', undef, ($who, $bug_id)); + VALUES (?, ?, 0)', undef, ($who->id, $bug_id)); } } @@ -168,7 +170,7 @@ sub show_user { WHERE votes.who = ? AND bugs.product_id = ? ORDER BY votes.bug_id', - undef, ($who, $product->id)); + undef, ($who->id, $product->id)); foreach (@$vote_list) { my ($id, $count, $summary) = @$_; @@ -206,7 +208,7 @@ sub show_user { $dbh->bz_commit_transaction(); $vars->{'canedit'} = $canedit; - $vars->{'voting_user'} = { "login" => $name }; + $vars->{'voting_user'} = { "login" => $who->name }; $vars->{'products'} = \@products; $vars->{'bug_id'} = $bug_id; $vars->{'all_bug_ids'} = \@all_bug_ids; |