summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xBugzilla/Bug.pm33
-rw-r--r--globals.pl29
2 files changed, 33 insertions, 29 deletions
diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm
index 2a4375081..4e494b8a6 100755
--- a/Bugzilla/Bug.pm
+++ b/Bugzilla/Bug.pm
@@ -47,6 +47,7 @@ use Bugzilla::Error;
use base qw(Exporter);
@Bugzilla::Bug::EXPORT = qw(
+ AppendComment
bug_alias_to_id
ValidateComment
);
@@ -603,6 +604,38 @@ sub bug_alias_to_id ($) {
# Subroutines
#####################################################################
+sub AppendComment ($$$;$$$) {
+ my ($bugid, $who, $comment, $isprivate, $timestamp, $work_time) = @_;
+ $work_time ||= 0;
+ my $dbh = Bugzilla->dbh;
+
+ ValidateTime($work_time, "work_time") if $work_time;
+ trick_taint($work_time);
+
+ # Use the date/time we were given if possible (allowing calling code
+ # to synchronize the comment's timestamp with those of other records).
+ $timestamp = "NOW()" unless $timestamp;
+
+ $comment =~ s/\r\n/\n/g; # Handle Windows-style line endings.
+ $comment =~ s/\r/\n/g; # Handle Mac-style line endings.
+
+ if ($comment =~ /^\s*$/) { # Nothin' but whitespace
+ return;
+ }
+
+ # Comments are always safe, because we always display their raw contents,
+ # and we use them in a placeholder below.
+ trick_taint($comment);
+ my $whoid = &::DBNameToIdAndCheck($who);
+ my $privacyval = $isprivate ? 1 : 0 ;
+ $dbh->do(q{INSERT INTO longdescs
+ (bug_id, who, bug_when, thetext, isprivate, work_time)
+ VALUES (?,?,?,?,?,?)}, undef,
+ ($bugid, $whoid, $timestamp, $comment, $privacyval, $work_time));
+ $dbh->do("UPDATE bugs SET delta_ts = ? WHERE bug_id = ?",
+ undef, $timestamp, $bugid);
+}
+
sub EmitDependList {
my ($myfield, $targetfield, $bug_id) = (@_);
my $dbh = Bugzilla->dbh;
diff --git a/globals.pl b/globals.pl
index 13542dcac..b0a8feca8 100644
--- a/globals.pl
+++ b/globals.pl
@@ -109,35 +109,6 @@ $::SIG{PIPE} = 'IGNORE';
#}
#$::SIG{__DIE__} = \&die_with_dignity;
-sub AppendComment {
- my ($bugid, $who, $comment, $isprivate, $timestamp, $work_time) = @_;
- $work_time ||= 0;
-
- if ($work_time) {
- require Bugzilla::Bug;
- Bugzilla::Bug::ValidateTime($work_time, "work_time");
- }
-
- # Use the date/time we were given if possible (allowing calling code
- # to synchronize the comment's timestamp with those of other records).
- $timestamp = ($timestamp ? SqlQuote($timestamp) : "NOW()");
-
- $comment =~ s/\r\n/\n/g; # Get rid of windows-style line endings.
- $comment =~ s/\r/\n/g; # Get rid of mac-style line endings.
-
- if ($comment =~ /^\s*$/) { # Nothin' but whitespace
- return;
- }
-
- my $whoid = DBNameToIdAndCheck($who);
- my $privacyval = $isprivate ? 1 : 0 ;
- SendSQL("INSERT INTO longdescs (bug_id, who, bug_when, thetext, isprivate, work_time) " .
- "VALUES($bugid, $whoid, $timestamp, " . SqlQuote($comment) . ", " .
- $privacyval . ", " . SqlQuote($work_time) . ")");
-
- SendSQL("UPDATE bugs SET delta_ts = $timestamp WHERE bug_id = $bugid");
-}
-
sub GetFieldID {
my ($f) = (@_);
SendSQL("SELECT fieldid FROM fielddefs WHERE name = " . SqlQuote($f));