summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xeditusers.cgi22
-rw-r--r--template/en/default/admin/users/userdata.html.tmpl19
2 files changed, 7 insertions, 34 deletions
diff --git a/editusers.cgi b/editusers.cgi
index caea2186b..0ce3a95ce 100755
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -195,7 +195,7 @@ if ($action eq 'search') {
my $password = $cgi->param('password');
my $realname = trim($cgi->param('name') || '');
my $disabledtext = trim($cgi->param('disabledtext') || '');
- my $disable_mail = $cgi->param('disable_mail') =~ /^(0|1)$/ ? $1 : 0;
+ my $disable_mail = $cgi->param('disable_mail') ? 1 : 0;
# Lock tables during the check+creation session.
$dbh->bz_lock_tables('profiles WRITE', 'profiles_activity WRITE',
@@ -235,7 +235,6 @@ if ($action eq 'search') {
} elsif ($action eq 'update') {
my $otherUser = check_user($otherUserID, $otherUserLogin);
$otherUserID = $otherUser->id;
- my $oldprofile = new Bugzilla::User($otherUserID);
my $logoutNeeded = 0;
my @changedFields;
@@ -256,25 +255,18 @@ if ($action eq 'search') {
action => "modify",
object => "user"});
- # Cleanups
- my $loginold = $cgi->param('loginold') || '';
- my $realnameold = $cgi->param('nameold') || '';
- my $disabledtextold = $cgi->param('disabledtextold') || '';
- my $disable_mail_old = $cgi->param('disable_mail_old') =~ /^(0|1)$/ ?
- $1 : $oldprofile->email_disabled;
-
my $login = $cgi->param('login');
my $password = $cgi->param('password');
my $realname = trim($cgi->param('name') || '');
my $disabledtext = trim($cgi->param('disabledtext') || '');
- my $disable_mail = $cgi->param('disable_mail') =~ /^(0|1)$/ ? $1 : 0;
+ my $disable_mail = $cgi->param('disable_mail') ? 1 : 0;
# Update profiles table entry; silently skip doing this if the user
# is not authorized.
if ($editusers) {
my @values;
- if ($login ne $loginold) {
+ if ($login ne $otherUser->login) {
# Validate, then trick_taint.
$login || ThrowUserError('user_login_required');
validate_email_syntax($login)
@@ -290,7 +282,7 @@ if ($action eq 'search') {
# Since we change the login, silently delete any tokens.
$dbh->do('DELETE FROM tokens WHERE userid = ?', {}, $otherUserID);
}
- if ($realname ne $realnameold) {
+ if ($realname ne $otherUser->name) {
# The real name may be anything; we use a placeholder for our
# INSERT, and we rely on displaying code to FILTER html.
trick_taint($realname);
@@ -305,7 +297,7 @@ if ($action eq 'search') {
push(@values, bz_crypt($password));
$logoutNeeded = 1;
}
- if ($disabledtext ne $disabledtextold) {
+ if ($disabledtext ne $otherUser->disabledtext) {
# The disable text may be anything; we use a placeholder for our
# INSERT, and we rely on displaying code to FILTER html.
trick_taint($disabledtext);
@@ -313,7 +305,7 @@ if ($action eq 'search') {
push(@values, $disabledtext);
$logoutNeeded = 1;
}
- if ($disable_mail != $disable_mail_old) {
+ if ($disable_mail != $otherUser->email_disabled) {
trick_taint($disable_mail);
push(@changedFields, 'disable_mail');
push(@values, $disable_mail);
@@ -419,7 +411,7 @@ if ($action eq 'search') {
userDataToVars($otherUserID);
$vars->{'message'} = 'account_updated';
- $vars->{'loginold'} = $loginold;
+ $vars->{'loginold'} = $otherUser->login;
$vars->{'changed_fields'} = \@changedFields;
$vars->{'groups_added_to'} = \@groupsAddedTo;
$vars->{'groups_removed_from'} = \@groupsRemovedFrom;
diff --git a/template/en/default/admin/users/userdata.html.tmpl b/template/en/default/admin/users/userdata.html.tmpl
index be29a1b4b..f495eb0f1 100644
--- a/template/en/default/admin/users/userdata.html.tmpl
+++ b/template/en/default/admin/users/userdata.html.tmpl
@@ -28,8 +28,6 @@
<input size="64" maxlength="255" name="login"
id="login" value="[% otheruser.login FILTER html %]" />
[% IF editform %]
- <input type="hidden" name="loginold"
- value="[% otheruser.login FILTER html %]" />
[% IF !otheruser.groups.bz_sudo_protect %]
<br />
<a href="relogin.cgi?action=prepare-sudo&amp;target_login=
@@ -48,10 +46,6 @@
<input size="64" maxlength="255" name="name"
autocomplete="off"
id="name" value="[% otheruser.name FILTER html %]" />
- [% IF editform %]
- <input type="hidden" name="nameold"
- value="[% otheruser.name FILTER html %]" />
- [% END %]
[% ELSE %]
[% otheruser.name FILTER html %]
[% END %]
@@ -76,15 +70,6 @@
[% IF otheruser.email_disabled %] checked="checked" [% END %] />
(This affects bugmail and whinemail, not password-reset or other
non-bug-related emails)
- [% IF editform %]
- <input type="hidden" name="disable_mail_old"
- [% IF otheruser.email_disabled %]
- value="1"
- [% ELSE %]
- value="0"
- [% END %]
- />
- [% END %]
</td>
</tr>
<tr>
@@ -101,10 +86,6 @@
%]<br>
(If non-empty, then the account will be disabled, and this text should
explain why.)
- [% IF editform %]
- <input type="hidden" name="disabledtextold"
- value="[% otheruser.disabledtext FILTER html %]" />
- [% END %]
</td>
</tr>
[% END %]