summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--template/en/default/account/prefs/prefs.html.tmpl3
-rwxr-xr-xuserprefs.cgi48
2 files changed, 27 insertions, 24 deletions
diff --git a/template/en/default/account/prefs/prefs.html.tmpl b/template/en/default/account/prefs/prefs.html.tmpl
index 2b0d2b850..a6ff2c89c 100644
--- a/template/en/default/account/prefs/prefs.html.tmpl
+++ b/template/en/default/account/prefs/prefs.html.tmpl
@@ -20,7 +20,6 @@
#%]
[%# INTERFACE:
- # login: string. The user's Bugzilla login email address.
# tabs: List of hashes. May not be empty. Each hash has three members:
# name: string. Name of the tab (used internally.)
# description: string. Description of the tab (used in tab title.)
@@ -35,7 +34,7 @@
# message if required (which Perl still evaluates as True).
#%]
-[% filtered_login = login FILTER html %]
+[% filtered_login = user.login FILTER html %]
[% PROCESS global/header.html.tmpl
title = "User Preferences"
h2 = filtered_login
diff --git a/userprefs.cgi b/userprefs.cgi
index 9a1a93717..3b320fa74 100755
--- a/userprefs.cgi
+++ b/userprefs.cgi
@@ -19,6 +19,7 @@
# David Miller <justdave@syndicomm.com>
# Christopher Aillon <christopher@aillon.com>
# Gervase Markham <gerv@gerv.net>
+# Vlad Dascalu <jocuri@softhome.net>
use strict;
@@ -78,18 +79,20 @@ sub DoAccount {
}
sub SaveAccount {
- my $pwd1 = $::FORM{'new_password1'};
- my $pwd2 = $::FORM{'new_password2'};
+ my $cgi = Bugzilla->cgi;
- if ($::FORM{'Bugzilla_password'} ne "" ||
+ my $pwd1 = $cgi->param('new_password1');
+ my $pwd2 = $cgi->param('new_password2');
+
+ if ($cgi->param('Bugzilla_password') ne "" ||
$pwd1 ne "" || $pwd2 ne "")
{
- my $old = SqlQuote($::FORM{'Bugzilla_password'});
+ my $old = SqlQuote($cgi->param('Bugzilla_password'));
SendSQL("SELECT cryptpassword FROM profiles WHERE userid = $userid");
my $oldcryptedpwd = FetchOneColumn();
$oldcryptedpwd || ThrowCodeError("unable_to_retrieve_password");
- if (crypt($::FORM{'Bugzilla_password'}, $oldcryptedpwd) ne
+ if (crypt($cgi->param('Bugzilla_password'), $oldcryptedpwd) ne
$oldcryptedpwd)
{
ThrowUserError("old_password_incorrect");
@@ -97,7 +100,8 @@ sub SaveAccount {
if ($pwd1 ne "" || $pwd2 ne "")
{
- $::FORM{'new_password1'} || ThrowUserError("new_password_missing");
+ $cgi->param('new_password1')
+ || ThrowUserError("new_password_missing");
ValidatePassword($pwd1, $pwd2);
my $cryptedpassword = SqlQuote(Crypt($pwd1));
@@ -105,16 +109,16 @@ sub SaveAccount {
SET cryptpassword = $cryptedpassword
WHERE userid = $userid");
# Invalidate all logins except for the current one
- InvalidateLogins($userid, $::COOKIE{"Bugzilla_logincookie"});
+ InvalidateLogins($userid, $cgi->cookie("Bugzilla_logincookie"));
}
}
- if(Param("allowemailchange") && $::FORM{'new_login_name'}) {
- my $old_login_name = $::FORM{'Bugzilla_login'};
- my $new_login_name = trim($::FORM{'new_login_name'});
+ if(Param("allowemailchange") && $cgi->param('new_login_name')) {
+ my $old_login_name = $cgi->param('Bugzilla_login');
+ my $new_login_name = trim($cgi->param('new_login_name'));
if($old_login_name ne $new_login_name) {
- $::FORM{'Bugzilla_password'}
+ $cgi->param('Bugzilla_password')
|| ThrowCodeError("old_password_required");
use Token;
@@ -137,7 +141,7 @@ sub SaveAccount {
}
SendSQL("UPDATE profiles SET " .
- "realname = " . SqlQuote(trim($::FORM{'realname'})) .
+ "realname = " . SqlQuote(trim($cgi->param('realname'))) .
" WHERE userid = $userid");
}
@@ -207,15 +211,16 @@ sub DoEmail {
# Note: we no longer store "off" values in the database.
sub SaveEmail {
my $updateString = "";
+ my $cgi = Bugzilla->cgi;
- if (defined $::FORM{'ExcludeSelf'}) {
+ if (defined $cgi->param('ExcludeSelf')) {
$updateString .= 'ExcludeSelf~on';
} else {
$updateString .= 'ExcludeSelf~';
}
foreach my $flag (qw(FlagRequestee FlagRequester)) {
- $updateString .= "~$flag~" . (defined($::FORM{$flag}) ? "on" : "");
+ $updateString .= "~$flag~" . (defined $cgi->param($flag) ? "on" : "");
}
foreach my $role (@roles) {
@@ -226,14 +231,14 @@ sub SaveEmail {
# If the form field for this preference is defined, then we
# know the checkbox was checked, so set the value to "on".
- $updateString .= "on" if defined $::FORM{"email$role$reason"};
+ $updateString .= "on" if defined $cgi->param("email$role$reason");
}
}
SendSQL("UPDATE profiles SET emailflags = " . SqlQuote($updateString) .
" WHERE userid = $userid");
- if (Param("supportwatchers") && exists $::FORM{'watchedusers'}) {
+ if (Param("supportwatchers") && defined $cgi->param('watchedusers')) {
# Just in case. Note that this much locking is actually overkill:
# we don't really care if anyone reads the watch table. So
# some small amount of contention could be gotten rid of by
@@ -246,7 +251,7 @@ sub SaveEmail {
" watcher=$userid");
# Update the database to look like the form
- my $newWatchedUsers = new RelationSet($::FORM{'watchedusers'});
+ my $newWatchedUsers = new RelationSet($cgi->param('watchedusers'));
my @CCDELTAS = $origWatchedUsers->generateSqlDeltas(
$newWatchedUsers,
"watch",
@@ -300,10 +305,9 @@ GetVersionTable();
my $cgi = Bugzilla->cgi;
-$vars->{'login'} = $::COOKIE{'Bugzilla_login'};
-$vars->{'changes_saved'} = $::FORM{'dosave'};
+$vars->{'changes_saved'} = $cgi->param('dosave');
-my $current_tab_name = $::FORM{'tab'} || "account";
+my $current_tab_name = $cgi->param('tab') || "account";
# The SWITCH below makes sure that this is valid
trick_taint($current_tab_name);
@@ -313,12 +317,12 @@ $vars->{'current_tab_name'} = $current_tab_name;
# Do any saving, and then display the current tab.
SWITCH: for ($current_tab_name) {
/^account$/ && do {
- SaveAccount() if $::FORM{'dosave'};
+ SaveAccount() if $cgi->param('dosave');
DoAccount();
last SWITCH;
};
/^email$/ && do {
- SaveEmail() if $::FORM{'dosave'};
+ SaveEmail() if $cgi->param('dosave');
DoEmail();
last SWITCH;
};