diff options
-rwxr-xr-x | editproducts.cgi | 523 |
1 files changed, 261 insertions, 262 deletions
diff --git a/editproducts.cgi b/editproducts.cgi index 23d212a9c..9195dfe09 100755 --- a/editproducts.cgi +++ b/editproducts.cgi @@ -197,46 +197,40 @@ if ($action eq 'new') { } my $milestoneurl = trim($cgi->param('milestoneurl') || ''); - my $disallownew = 0; - $disallownew = 1 if $cgi->param('disallownew'); - my $votesperuser = $cgi->param('votesperuser'); - $votesperuser ||= 0; - my $maxvotesperbug = $cgi->param('maxvotesperbug'); - $maxvotesperbug = 10000 if !defined $maxvotesperbug; - my $votestoconfirm = $cgi->param('votestoconfirm'); - $votestoconfirm ||= 0; + my $disallownew = $cgi->param('disallownew') ? 1 : 0; + my $votesperuser = $cgi->param('votesperuser') || 0; + my $maxvotesperbug = defined($cgi->param('maxvotesperbug')) ? + $cgi->param('maxvotesperbug') : 10000; + my $votestoconfirm = $cgi->param('votestoconfirm') || 0; my $defaultmilestone = $cgi->param('defaultmilestone') || "---"; + # The following variables are used in placeholders only. + trick_taint($product_name); + trick_taint($version); + trick_taint($description); + trick_taint($milestoneurl); + trick_taint($defaultmilestone); + detaint_natural($disallownew); + detaint_natural($votesperuser); + detaint_natural($maxvotesperbug); + detaint_natural($votestoconfirm); + # Add the new product. - SendSQL("INSERT INTO products ( " . - "name, description, milestoneurl, disallownew, votesperuser, " . - "maxvotesperbug, votestoconfirm, defaultmilestone, classification_id" . - " ) VALUES ( " . - SqlQuote($product_name) . "," . - SqlQuote($description) . "," . - SqlQuote($milestoneurl) . "," . - # had tainting issues under cygwin, IIS 5.0, perl -T %s %s - # see bug 208647. http://bugzilla.mozilla.org/show_bug.cgi?id=208647 - # had to de-taint $disallownew, $votesperuser, $maxvotesperbug, - # and $votestoconfirm w/ SqlQuote() - # - jpyeron@pyerotechnics.com - SqlQuote($disallownew) . "," . - SqlQuote($votesperuser) . "," . - SqlQuote($maxvotesperbug) . "," . - SqlQuote($votestoconfirm) . "," . - SqlQuote($defaultmilestone) . "," . - SqlQuote($classification_id) . ")"); + $dbh->do('INSERT INTO products + (name, description, milestoneurl, disallownew, votesperuser, + maxvotesperbug, votestoconfirm, defaultmilestone, classification_id) + VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)', + undef, ($product_name, $description, $milestoneurl, $disallownew, + $votesperuser, $maxvotesperbug, $votestoconfirm, $defaultmilestone, + $classification_id)); $product = new Bugzilla::Product({name => $product_name}); - SendSQL("INSERT INTO versions ( " . - "value, product_id" . - " ) VALUES ( " . - SqlQuote($version) . "," . - $product->id . ")" ); + $dbh->do('INSERT INTO versions (value, product_id) VALUES (?, ?)', + undef, ($version, $product->id)); - SendSQL("INSERT INTO milestones (product_id, value) VALUES (" . - $product->id . ", " . SqlQuote($defaultmilestone) . ")"); + $dbh->do('INSERT INTO milestones (product_id, value) VALUES (?, ?)', + undef, ($product->id, $defaultmilestone)); # If we're using bug groups, then we need to create a group for this # product as well. -JMR, 2/16/00 @@ -246,31 +240,35 @@ if ($action eq 'new') { while (GroupExists($productgroup)) { $productgroup .= '_'; } - SendSQL("INSERT INTO groups " . - "(name, description, isbuggroup, last_changed) " . - "VALUES (" . - SqlQuote($productgroup) . ", " . - SqlQuote("Access to bugs in the " . $product->name . - " product") . ", 1, NOW())"); + my $group_description = "Access to bugs in the " . + $product->name . " product"; + + $dbh->do('INSERT INTO groups + (name, description, isbuggroup, last_changed) + VALUES (?, ?, ?, NOW())', + undef, ($productgroup, $group_description, 1)); + my $gid = $dbh->bz_last_key('groups', 'id'); - my $admin = GroupNameToId('admin'); + # If we created a new group, give the "admin" group priviledges # initially. - SendSQL("INSERT INTO group_group_map (member_id, grantor_id, grant_type) - VALUES ($admin, $gid," . GROUP_MEMBERSHIP .")"); - SendSQL("INSERT INTO group_group_map (member_id, grantor_id, grant_type) - VALUES ($admin, $gid," . GROUP_BLESS .")"); - SendSQL("INSERT INTO group_group_map (member_id, grantor_id, grant_type) - VALUES ($admin, $gid," . GROUP_VISIBLE .")"); + my $admin = GroupNameToId('admin'); + + my $sth = $dbh->prepare('INSERT INTO group_group_map + (member_id, grantor_id, grant_type) + VALUES (?, ?, ?)'); + + $sth->execute($admin, $gid, GROUP_MEMBERSHIP); + $sth->execute($admin, $gid, GROUP_BLESS); + $sth->execute($admin, $gid, GROUP_VISIBLE); # Associate the new group and new product. - SendSQL("INSERT INTO group_control_map " . - "(group_id, product_id, entry, " . - "membercontrol, othercontrol, canedit) VALUES " . - "($gid, " . $product->id . ", " . - Param("useentrygroupdefault") . - ", " . CONTROLMAPDEFAULT . ", " . - CONTROLMAPNA . ", 0)"); + $dbh->do('INSERT INTO group_control_map + (group_id, product_id, entry, membercontrol, + othercontrol, canedit) + VALUES (?, ?, ?, ?, ?, ?)', + undef, ($gid, $product->id, Param('useentrygroupdefault'), + CONTROLMAPDEFAULT, CONTROLMAPNA, 0)); } if ($cgi->param('createseries')) { @@ -493,57 +491,53 @@ if ($action eq 'updategroupcontrols') { } } if (!defined $cgi->param('confirmed')) { - my @na_groups = (); + my $na_groups; if (@now_na) { - SendSQL("SELECT groups.name, COUNT(bugs.bug_id) - FROM bugs, bug_group_map, groups - WHERE groups.id IN(" . join(', ', @now_na) . ") - AND bug_group_map.group_id = groups.id - AND bug_group_map.bug_id = bugs.bug_id - AND bugs.product_id = " . $product->id . " " . - $dbh->sql_group_by('groups.name')); - while (MoreSQLData()) { - my ($groupname, $bugcount) = FetchSQLData(); - my %g = (); - $g{'name'} = $groupname; - $g{'count'} = $bugcount; - push @na_groups,\%g; - } + $na_groups = $dbh->selectall_arrayref( + 'SELECT groups.name, COUNT(bugs.bug_id) AS count + FROM bugs + INNER JOIN bug_group_map + ON bug_group_map.bug_id = bugs.bug_id + INNER JOIN groups + ON bug_group_map.group_id = groups.id + WHERE groups.id IN (' . join(', ', @now_na) . ') + AND bugs.product_id = ? ' . + $dbh->sql_group_by('groups.name'), + {'Slice' => {}}, $product->id); } - my @mandatory_groups = (); + my $mandatory_groups; if (@now_mandatory) { - SendSQL("SELECT groups.name, COUNT(bugs.bug_id) + $mandatory_groups = $dbh->selectall_arrayref( + 'SELECT groups.name, COUNT(bugs.bug_id) AS count FROM bugs LEFT JOIN bug_group_map ON bug_group_map.bug_id = bugs.bug_id INNER JOIN groups ON bug_group_map.group_id = groups.id - WHERE groups.id IN(" . join(', ', @now_mandatory) . ") - AND bugs.product_id = " . $product->id . " - AND bug_group_map.bug_id IS NULL " . - $dbh->sql_group_by('groups.name')); - while (MoreSQLData()) { - my ($groupname, $bugcount) = FetchSQLData(); - my %g = (); - $g{'name'} = $groupname; - $g{'count'} = $bugcount; - push @mandatory_groups,\%g; - } + WHERE groups.id IN (' . join(', ', @now_mandatory) . ') + AND bugs.product_id = ? + AND bug_group_map.bug_id IS NULL ' . + $dbh->sql_group_by('groups.name'), + {'Slice' => {}}, $product->id); } - if ((@na_groups) || (@mandatory_groups)) { + if (($na_groups && scalar(@$na_groups)) + || ($mandatory_groups && scalar(@$mandatory_groups))) + { $vars->{'product'} = $product; - $vars->{'na_groups'} = \@na_groups; - $vars->{'mandatory_groups'} = \@mandatory_groups; + $vars->{'na_groups'} = $na_groups; + $vars->{'mandatory_groups'} = $mandatory_groups; $template->process("admin/products/groupcontrol/confirm-edit.html.tmpl", $vars) || ThrowTemplateError($template->error()); exit; } } - SendSQL("SELECT id, name FROM groups " . - "WHERE isbuggroup != 0 AND isactive != 0"); - while (MoreSQLData()){ - my ($groupid, $groupname) = FetchSQLData(); + + my $groups = $dbh->selectall_arrayref('SELECT id, name FROM groups + WHERE isbuggroup != 0 + AND isactive != 0'); + foreach my $group (@$groups) { + my ($groupid, $groupname) = @$group; my $newmembercontrol = $cgi->param("membercontrol_$groupid") || 0; my $newothercontrol = $cgi->param("othercontrol_$groupid") || 0; # Legality of control combination is a function of @@ -567,14 +561,33 @@ if ($action eq 'updategroupcontrols') { 'bugs_activity WRITE', 'bug_group_map WRITE', 'fielddefs READ'); - SendSQL("SELECT id, name, entry, membercontrol, othercontrol, canedit " . - "FROM groups " . - "LEFT JOIN group_control_map " . - "ON group_control_map.group_id = id AND product_id = " . - $product->id . " WHERE isbuggroup != 0 AND isactive != 0"); - while (MoreSQLData()) { + + my $sth_Insert = $dbh->prepare('INSERT INTO group_control_map + (group_id, product_id, entry, membercontrol, + othercontrol, canedit) + VALUES (?, ?, ?, ?, ?, ?)'); + + my $sth_Update = $dbh->prepare('UPDATE group_control_map + SET entry = ?, membercontrol = ?, + othercontrol = ?, canedit = ? + WHERE group_id = ? AND product_id = ?'); + + my $sth_Delete = $dbh->prepare('DELETE FROM group_control_map + WHERE group_id = ? AND product_id = ?'); + + $groups = $dbh->selectall_arrayref('SELECT id, name, entry, membercontrol, + othercontrol, canedit + FROM groups + LEFT JOIN group_control_map + ON group_control_map.group_id = id + AND product_id = ? + WHERE isbuggroup != 0 + AND isactive != 0', + undef, $product->id); + + foreach my $group (@$groups) { my ($groupid, $groupname, $entry, $membercontrol, - $othercontrol, $canedit) = FetchSQLData(); + $othercontrol, $canedit) = @$group; my $newentry = $cgi->param("entry_$groupid") || 0; my $newmembercontrol = $cgi->param("membercontrol_$groupid") || 0; my $newothercontrol = $cgi->param("othercontrol_$groupid") || 0; @@ -590,65 +603,63 @@ if ($action eq 'updategroupcontrols') { detaint_natural($newcanedit); if ((!defined($oldentry)) && (($newentry) || ($newmembercontrol) || ($newcanedit))) { - PushGlobalSQLState(); - SendSQL("INSERT INTO group_control_map " . - "(group_id, product_id, entry, " . - "membercontrol, othercontrol, canedit) " . - "VALUES " . - "($groupid, " . $product->id . ", $newentry, " . - "$newmembercontrol, $newothercontrol, $newcanedit)"); - PopGlobalSQLState(); + $sth_Insert->execute($groupid, $product->id, $newentry, + $newmembercontrol, $newothercontrol, $newcanedit); } elsif (($newentry != $entry) || ($newmembercontrol != $membercontrol) || ($newothercontrol != $othercontrol) || ($newcanedit != $canedit)) { - PushGlobalSQLState(); - SendSQL("UPDATE group_control_map " . - "SET entry = $newentry, " . - "membercontrol = $newmembercontrol, " . - "othercontrol = $newothercontrol, " . - "canedit = $newcanedit " . - "WHERE group_id = $groupid " . - "AND product_id = " . $product->id); - PopGlobalSQLState(); + $sth_Update->execute($newentry, $newmembercontrol, $newothercontrol, + $newcanedit, $groupid, $product->id); } if (($newentry == 0) && ($newmembercontrol == 0) && ($newothercontrol == 0) && ($newcanedit == 0)) { - PushGlobalSQLState(); - SendSQL("DELETE FROM group_control_map " . - "WHERE group_id = $groupid " . - "AND product_id = " . $product->id); - PopGlobalSQLState(); + $sth_Delete->execute($groupid, $product->id); } } + my $sth_Select = $dbh->prepare( + 'SELECT bugs.bug_id, + CASE WHEN (lastdiffed >= delta_ts) THEN 1 ELSE 0 END + FROM bugs + INNER JOIN bug_group_map + ON bug_group_map.bug_id = bugs.bug_id + WHERE group_id = ? + AND bugs.product_id = ? + ORDER BY bugs.bug_id'); + + my $sth_Select2 = $dbh->prepare('SELECT name, NOW() FROM groups WHERE id = ?'); + + $sth_Update = $dbh->prepare('UPDATE bugs SET delta_ts = ? WHERE bug_id = ?'); + + my $sth_Update2 = $dbh->prepare('UPDATE bugs SET delta_ts = ?, lastdiffed = ? + WHERE bug_id = ?'); + + $sth_Delete = $dbh->prepare('DELETE FROM bug_group_map + WHERE bug_id = ? AND group_id = ?'); + my @removed_na; foreach my $groupid (@now_na) { my $count = 0; - SendSQL("SELECT bugs.bug_id, - CASE WHEN (lastdiffed >= delta_ts) THEN 1 ELSE 0 END - FROM bugs, bug_group_map - WHERE group_id = $groupid - AND bug_group_map.bug_id = bugs.bug_id - AND bugs.product_id = " . $product->id . " - ORDER BY bugs.bug_id"); - while (MoreSQLData()) { - my ($bugid, $mailiscurrent) = FetchSQLData(); - PushGlobalSQLState(); - SendSQL("DELETE FROM bug_group_map WHERE - bug_id = $bugid AND group_id = $groupid"); - SendSQL("SELECT name, NOW() FROM groups WHERE id = $groupid"); - my ($removed, $timestamp) = FetchSQLData(); + my $bugs = $dbh->selectall_arrayref($sth_Select, undef, + ($groupid, $product->id)); + + foreach my $bug (@$bugs) { + my ($bugid, $mailiscurrent) = @$bug; + $sth_Delete->execute($bugid, $groupid); + my ($removed, $timestamp) = + $dbh->selectrow_array($sth_Select2, undef, $groupid); + LogActivityEntry($bugid, "bug_group", $removed, "", $::userid, $timestamp); - my $diffed = ""; + if ($mailiscurrent) { - $diffed = ", lastdiffed = " . SqlQuote($timestamp); + $sth_Update2->execute($timestamp, $timestamp, $bugid); + } + else { + $sth_Update->execute($timestamp, $bugid); } - SendSQL("UPDATE bugs SET delta_ts = " . SqlQuote($timestamp) . - $diffed . " WHERE bug_id = $bugid"); - PopGlobalSQLState(); $count++; } my %group = (name => GroupIdToName($groupid), @@ -657,34 +668,41 @@ if ($action eq 'updategroupcontrols') { push(@removed_na, \%group); } + $sth_Select = $dbh->prepare( + 'SELECT bugs.bug_id, + CASE WHEN (lastdiffed >= delta_ts) THEN 1 ELSE 0 END + FROM bugs + LEFT JOIN bug_group_map + ON bug_group_map.bug_id = bugs.bug_id + AND group_id = ? + WHERE bugs.product_id = ? + AND bug_group_map.bug_id IS NULL + ORDER BY bugs.bug_id'); + + $sth_Insert = $dbh->prepare('INSERT INTO bug_group_map + (bug_id, group_id) VALUES (?, ?)'); + my @added_mandatory; foreach my $groupid (@now_mandatory) { my $count = 0; - SendSQL("SELECT bugs.bug_id, - CASE WHEN (lastdiffed >= delta_ts) THEN 1 ELSE 0 END - FROM bugs - LEFT JOIN bug_group_map - ON bug_group_map.bug_id = bugs.bug_id - AND group_id = $groupid - WHERE bugs.product_id = " . $product->id . " - AND bug_group_map.bug_id IS NULL - ORDER BY bugs.bug_id"); - while (MoreSQLData()) { - my ($bugid, $mailiscurrent) = FetchSQLData(); - PushGlobalSQLState(); - SendSQL("INSERT INTO bug_group_map (bug_id, group_id) - VALUES ($bugid, $groupid)"); - SendSQL("SELECT name, NOW() FROM groups WHERE id = $groupid"); - my ($added, $timestamp) = FetchSQLData(); + my $bugs = $dbh->selectall_arrayref($sth_Select, undef, + ($groupid, $product->id)); + + foreach my $bug (@$bugs) { + my ($bugid, $mailiscurrent) = @$bug; + $sth_Insert->execute($bugid, $groupid); + my ($added, $timestamp) = + $dbh->selectrow_array($sth_Select2, undef, $groupid); + LogActivityEntry($bugid, "bug_group", "", $added, $::userid, $timestamp); - my $diffed = ""; + if ($mailiscurrent) { - $diffed = ", lastdiffed = " . SqlQuote($timestamp); + $sth_Update2->execute($timestamp, $timestamp, $bugid); + } + else { + $sth_Update->execute($timestamp, $bugid); } - SendSQL("UPDATE bugs SET delta_ts = " . SqlQuote($timestamp) . - $diffed . " WHERE bug_id = $bugid"); - PopGlobalSQLState(); $count++; } my %group = (name => GroupIdToName($groupid), @@ -794,63 +812,53 @@ if ($action eq 'update') { $disallownew = $disallownew ? 1 : 0; if ($disallownew ne $product_old->disallow_new) { - SendSQL("UPDATE products - SET disallownew=$disallownew - WHERE id = " . $product_old->id); + $dbh->do('UPDATE products SET disallownew = ? WHERE id = ?', + undef, ($disallownew, $product_old->id)); } if ($description ne $product_old->description) { - SendSQL("UPDATE products - SET description=" . SqlQuote($description) . " - WHERE id = " . $product_old->id); + trick_taint($description); + $dbh->do('UPDATE products SET description = ? WHERE id = ?', + undef, ($description, $product_old->id)); } if (Param('usetargetmilestone') && ($milestoneurl ne $product_old->milestone_url)) { - SendSQL("UPDATE products - SET milestoneurl=" . SqlQuote($milestoneurl) . " - WHERE id = " . $product_old->id); + trick_taint($milestoneurl); + $dbh->do('UPDATE products SET milestoneurl = ? WHERE id = ?', + undef, ($milestoneurl, $product_old->id)); } - if ($votesperuser ne $product_old->votes_per_user) { - SendSQL("UPDATE products - SET votesperuser=$votesperuser - WHERE id = " . $product_old->id); + $dbh->do('UPDATE products SET votesperuser = ? WHERE id = ?', + undef, ($votesperuser, $product_old->id)); $checkvotes = 1; } - if ($maxvotesperbug ne $product_old->max_votes_per_bug) { - SendSQL("UPDATE products - SET maxvotesperbug=$maxvotesperbug - WHERE id = " . $product_old->id); + $dbh->do('UPDATE products SET maxvotesperbug = ? WHERE id = ?', + undef, ($maxvotesperbug, $product_old->id)); $checkvotes = 1; } - if ($votestoconfirm ne $product_old->votes_to_confirm) { - SendSQL("UPDATE products - SET votestoconfirm=$votestoconfirm - WHERE id = " . $product_old->id); - + $dbh->do('UPDATE products SET votestoconfirm = ? WHERE id = ?', + undef, ($votestoconfirm, $product_old->id)); $checkvotes = 1; } - if ($defaultmilestone ne $product_old->default_milestone) { - SendSQL("UPDATE products " . - "SET defaultmilestone = " . SqlQuote($defaultmilestone) . - "WHERE id = " . $product_old->id); - + trick_taint($defaultmilestone); + $dbh->do('UPDATE products SET defaultmilestone = ? WHERE id = ?', + undef, ($defaultmilestone, $product_old->id)); } - my $qp = SqlQuote($product_name); - if ($product_name ne $product_old->name) { - SendSQL("UPDATE products SET name=$qp WHERE id= ".$product_old->id); - + trick_taint($product_name); + $dbh->do('UPDATE products SET name = ? WHERE id = ?', + undef, ($product_name, $product_old->id)); } + $dbh->bz_unlock_tables(); unlink "$datadir/versioncache"; @@ -862,44 +870,44 @@ if ($action eq 'update') { # 1. too many votes for a single user on a single bug. my @toomanyvotes_list = (); if ($maxvotesperbug < $votesperuser) { - - SendSQL("SELECT votes.who, votes.bug_id " . - "FROM votes, bugs " . - "WHERE bugs.bug_id = votes.bug_id " . - " AND bugs.product_id = " . $product->id . - " AND votes.vote_count > $maxvotesperbug"); - my @list; - while (MoreSQLData()) { - my ($who, $id) = (FetchSQLData()); - push(@list, [$who, $id]); - } - - - foreach my $ref (@list) { - my ($who, $id) = (@$ref); - RemoveVotes($id, $who, "The rules for voting on this product has changed;\nyou had too many votes for a single bug."); + my $votes = $dbh->selectall_arrayref( + 'SELECT votes.who, votes.bug_id + FROM votes + INNER JOIN bugs + ON bugs.bug_id = votes.bug_id + WHERE bugs.product_id = ? + AND votes.vote_count > ?', + undef, ($product->id, $maxvotesperbug)); + + foreach my $vote (@$votes) { + my ($who, $id) = (@$vote); + RemoveVotes($id, $who, "The rules for voting on this product " . + "has changed;\nyou had too many votes " . + "for a single bug."); my $name = DBID_to_name($who); push(@toomanyvotes_list, {id => $id, name => $name}); } - } - $vars->{'toomanyvotes'} = \@toomanyvotes_list; - # 2. too many total votes for a single user. # This part doesn't work in the general case because RemoveVotes # doesn't enforce votesperuser (except per-bug when it's less - # than maxvotesperbug). See RemoveVotes in globals.pl. + # than maxvotesperbug). See Bugzilla::Bug::RemoveVotes(). + + my $votes = $dbh->selectall_arrayref( + 'SELECT votes.who, votes.vote_count + FROM votes + INNER JOIN bugs + ON bugs.bug_id = votes.bug_id + WHERE bugs.product_id = ?', + undef, $product->id); - SendSQL("SELECT votes.who, votes.vote_count FROM votes, bugs " . - "WHERE bugs.bug_id = votes.bug_id " . - " AND bugs.product_id = " . $product->id); my %counts; - while (MoreSQLData()) { - my ($who, $count) = (FetchSQLData()); + foreach my $vote (@$votes) { + my ($who, $count) = @$vote; if (!defined $counts{$who}) { $counts{$who} = $count; } else { @@ -909,29 +917,36 @@ if ($action eq 'update') { my @toomanytotalvotes_list = (); foreach my $who (keys(%counts)) { if ($counts{$who} > $votesperuser) { - SendSQL("SELECT votes.bug_id FROM votes, bugs " . - "WHERE bugs.bug_id = votes.bug_id " . - " AND bugs.product_id = " . $product->id . - " AND votes.who = $who"); - while (MoreSQLData()) { - my ($id) = FetchSQLData(); - RemoveVotes($id, $who, - "The rules for voting on this product has changed; you had too many\ntotal votes, so all votes have been removed."); + my $bug_ids = $dbh->selectcol_arrayref( + 'SELECT votes.bug_id + FROM votes + INNER JOIN bugs + ON bugs.bug_id = votes.bug_id + WHERE bugs.product_id = ? + AND votes.who = ?', + undef, ($product->id, $who)); + + foreach my $bug_id (@$bug_ids) { + RemoveVotes($bug_id, $who, "The rules for voting on this " . + "product has changed; you had " . + "too many\ntotal votes, so all " . + "votes have been removed."); my $name = DBID_to_name($who); push(@toomanytotalvotes_list, - {id => $id, name => $name}); + {id => $bug_id, name => $name}); } } } $vars->{'toomanytotalvotes'} = \@toomanytotalvotes_list; # 3. enough votes to confirm - my $bug_list = $dbh->selectcol_arrayref("SELECT bug_id FROM bugs - WHERE product_id = ? - AND bug_status = 'UNCONFIRMED' - AND votes >= ?", - undef, ($product->id, $votestoconfirm)); + my $bug_list = $dbh->selectcol_arrayref( + "SELECT bug_id FROM bugs + WHERE product_id = ? + AND bug_status = 'UNCONFIRMED' + AND votes >= ?", + undef, ($product->id, $votestoconfirm)); my @updated_bugs = (); foreach my $bug_id (@$bug_list) { @@ -941,7 +956,6 @@ if ($action eq 'update') { $vars->{'confirmedbugs'} = \@updated_bugs; $vars->{'changer'} = $whoid; - } $vars->{'old_product'} = $product_old; @@ -949,7 +963,6 @@ if ($action eq 'update') { $template->process("admin/products/updated.html.tmpl", $vars) || ThrowTemplateError($template->error()); - exit; } @@ -960,41 +973,27 @@ if ($action eq 'update') { if ($action eq 'editgroupcontrols') { my $product = Bugzilla::Product::check_product($product_name); # Display a group if it is either enabled or has bugs for this product. - SendSQL("SELECT id, name, entry, membercontrol, othercontrol, canedit, " . - "isactive, COUNT(bugs.bug_id) " . - "FROM groups " . - "LEFT JOIN group_control_map " . - "ON group_control_map.group_id = id " . - "AND group_control_map.product_id = " . $product->id . - " LEFT JOIN bug_group_map " . - "ON bug_group_map.group_id = groups.id " . - "LEFT JOIN bugs " . - "ON bugs.bug_id = bug_group_map.bug_id " . - "AND bugs.product_id = " . $product->id . - " WHERE isbuggroup != 0 " . - "AND (isactive != 0 OR entry IS NOT NULL " . - "OR bugs.bug_id IS NOT NULL) " . - $dbh->sql_group_by('name', 'id, entry, membercontrol, - othercontrol, canedit, isactive')); - my @groups = (); - while (MoreSQLData()) { - my %group = (); - my ($groupid, $groupname, $entry, $membercontrol, $othercontrol, - $canedit, $isactive, $bugcount) = FetchSQLData(); - $group{'id'} = $groupid; - $group{'name'} = $groupname; - $group{'entry'} = $entry; - $group{'membercontrol'} = $membercontrol; - $group{'othercontrol'} = $othercontrol; - $group{'canedit'} = $canedit; - $group{'isactive'} = $isactive; - $group{'bugcount'} = $bugcount; - push @groups,\%group; - } + my $groups = $dbh->selectall_arrayref( + 'SELECT id, name, entry, membercontrol, othercontrol, canedit, + isactive, COUNT(bugs.bug_id) AS bugcount + FROM groups + LEFT JOIN group_control_map + ON group_control_map.group_id = groups.id + AND group_control_map.product_id = ? + LEFT JOIN bug_group_map + ON bug_group_map.group_id = groups.id + LEFT JOIN bugs + ON bugs.bug_id = bug_group_map.bug_id + AND bugs.product_id = ? + WHERE isbuggroup != 0 + AND (isactive != 0 OR entry IS NOT NULL OR bugs.bug_id IS NOT NULL) ' . + $dbh->sql_group_by('name', 'id, entry, membercontrol, + othercontrol, canedit, isactive'), + {'Slice' => {}}, ($product->id, $product->id)); + $vars->{'product'} = $product; + $vars->{'groups'} = $groups; - $vars->{'groups'} = \@groups; - $vars->{'const'} = { 'CONTROLMAPNA' => CONTROLMAPNA, 'CONTROLMAPSHOWN' => CONTROLMAPSHOWN, |