diff options
-rwxr-xr-x | editproducts.cgi | 23 | ||||
-rwxr-xr-x | editusers.cgi | 7 | ||||
-rw-r--r-- | globals.pl | 7 | ||||
-rwxr-xr-x | post_bug.cgi | 4 |
4 files changed, 22 insertions, 19 deletions
diff --git a/editproducts.cgi b/editproducts.cgi index ac54ab517..be0842912 100755 --- a/editproducts.cgi +++ b/editproducts.cgi @@ -336,14 +336,14 @@ if (!$action && !$product) { FROM products"; if (Param('useclassification')) { - $query .= ", classifications"; + $query .= " INNER JOIN classifications " . + "ON classifications.id = products.classification_id"; } $query .= " LEFT JOIN bugs ON products.id = bugs.product_id"; if (Param('useclassification')) { - $query .= " WHERE classifications.name = ? " . - " AND classifications.id = products.classification_id"; + $query .= " WHERE classifications.name = ? "; # trick_taint is OK because we use this in a placeholder in a SELECT trick_taint($classification); @@ -1038,14 +1038,15 @@ if ($action eq 'updategroupcontrols') { my @mandatory_groups = (); if (@now_mandatory) { SendSQL("SELECT groups.name, COUNT(bugs.bug_id) - FROM bugs, groups - LEFT JOIN bug_group_map - ON bug_group_map.group_id = groups.id - AND bug_group_map.bug_id = bugs.bug_id - WHERE groups.id IN(" . join(', ', @now_mandatory) . ") - AND bugs.product_id = $product_id - AND bug_group_map.bug_id IS NULL " . - $dbh->sql_group_by('groups.name')); + FROM bugs + LEFT JOIN bug_group_map + ON bug_group_map.bug_id = bugs.bug_id + INNER JOIN groups + ON bug_group_map.group_id = groups.id + WHERE groups.id IN(" . join(', ', @now_mandatory) . ") + AND bugs.product_id = $product_id + AND bug_group_map.bug_id IS NULL " . + $dbh->sql_group_by('groups.name')); while (MoreSQLData()) { my ($groupname, $bugcount) = FetchSQLData(); my %g = (); diff --git a/editusers.cgi b/editusers.cgi index 9c7a79397..74ad463fd 100755 --- a/editusers.cgi +++ b/editusers.cgi @@ -622,13 +622,14 @@ sub groupsUserMayBless { $connector = 'WHERE'; } else { $query = qq{SELECT DISTINCT $fieldList - FROM groups, user_group_map AS ugm + FROM groups + LEFT JOIN user_group_map AS ugm + ON groups.id = ugm.group_id LEFT JOIN group_group_map AS ggm ON ggm.member_id = ugm.group_id AND ggm.grant_type = ? WHERE user_id = ? - AND ((id = group_id AND isbless = 1) OR - (id = grantor_id)) + AND (ugm.isbless = 1 OR groups.id = ggm.grantor_id) }; @bindValues = (GROUP_BLESS, $userid); $connector = 'AND'; diff --git a/globals.pl b/globals.pl index 273f677d4..d0e819f02 100644 --- a/globals.pl +++ b/globals.pl @@ -171,13 +171,14 @@ sub GenerateVersionTable { my $mpart = $dotargetmilestone ? ", milestoneurl" : ""; - SendSQL("select name, description from classifications ORDER BY name"); + SendSQL("SELECT name, description FROM classifications ORDER BY name"); while (@line = FetchSQLData()) { my ($n, $d) = (@line); $::classdesc{$n} = $d; } - SendSQL("select name, description, votesperuser, disallownew$mpart from products ORDER BY name"); + SendSQL("SELECT name, description, votesperuser, disallownew$mpart " . + "FROM products ORDER BY name"); while (@line = FetchSQLData()) { my ($p, $d, $votesperuser, $dis, $u) = (@line); $::proddesc{$p} = $d; @@ -604,7 +605,7 @@ sub DBID_to_name { } if (!defined $::cachedNameArray{$id}) { PushGlobalSQLState(); - SendSQL("select login_name from profiles where userid = $id"); + SendSQL("SELECT login_name FROM profiles WHERE userid = $id"); my $r = FetchOneColumn(); PopGlobalSQLState(); if (!defined $r || $r eq "") { diff --git a/post_bug.cgi b/post_bug.cgi index 0233fad83..9bc87e593 100755 --- a/post_bug.cgi +++ b/post_bug.cgi @@ -288,7 +288,7 @@ if (UserInGroup("editbugs") && defined($cgi->param('dependson'))) { my @stack = @{$deps{$target}}; while (@stack) { my $i = shift @stack; - SendSQL("select $target from dependencies where $me = " . + SendSQL("SELECT $target FROM dependencies WHERE $me = " . SqlQuote($i)); while (MoreSQLData()) { my $t = FetchOneColumn(); @@ -439,7 +439,7 @@ if (Param("insidergroup") && UserInGroup(Param("insidergroup"))) { } SendSQL("INSERT INTO longdescs (bug_id, who, bug_when, thetext, isprivate) - VALUES ($id, " . SqlQuote($user->id) . ", $sql_timestamp, " .
+ VALUES ($id, " . SqlQuote($user->id) . ", $sql_timestamp, " . SqlQuote($comment) . ", $privacy)"); # Insert the cclist into the database |