1 files changed, 42 insertions, 48 deletions

diff --git a/buglist.cgi b/buglist.cgi
index faeb56176..9c7281822 100755
--- a/buglist.cgi
+++ b/buglist.cgi
@@ -316,22 +316,20 @@ sub GetGroups {
 }
 
 sub _close_standby_message {
-    my ($contenttype, $disposition, $serverpush) = @_;
+    my ($contenttype, $disp, $disp_prefix, $extension, $serverpush) = @_;
     my $cgi = Bugzilla->cgi;
+    $cgi->set_dated_content_disp($disp, $disp_prefix, $extension);
 
     # Close the "please wait" page, then open the buglist page
     if ($serverpush) {
         print $cgi->multipart_end();
-        print $cgi->multipart_start(-type                => $contenttype,
-                                    -content_disposition => $disposition);
+        print $cgi->multipart_start(-type => $contenttype);
     }
     else {
-        print $cgi->header(-type                => $contenttype,
-                           -content_disposition => $disposition);
+        print $cgi->header($contenttype);
     }
 }
 
-
 ################################################################################
 # Command Execution
 ################################################################################
@@ -359,17 +357,10 @@ $params ||= new Bugzilla::CGI($cgi);
 # if available.  We have to do this now, even though we return HTTP headers 
 # at the end, because the fact that there is a remembered query gets 
 # forgotten in the process of retrieving it.
-my @time = localtime(time());
-my $date = sprintf "%04d-%02d-%02d", 1900+$time[5],$time[4]+1,$time[3];
-my $filename = "bugs-$date.$format->{extension}";
+my $disp_prefix = "bugs";
 if ($cmdtype eq "dorem" && $remaction =~ /^run/) {
-    $filename = $cgi->param('namedcmd') . "-$date.$format->{extension}";
-    # Remove white-space from the filename so the user cannot tamper
-    # with the HTTP headers.
-    $filename =~ s/\s/_/g;
+    $disp_prefix = $cgi->param('namedcmd');
 }
-$filename =~ s/\\/\\\\/g; # escape backslashes
-$filename =~ s/"/\\"/g; # escape quotes
 
 # Take appropriate action based on user's request.
 if ($cmdtype eq "dorem") {  
@@ -490,14 +481,16 @@ elsif (($cmdtype eq "doit") && defined $cgi->param('remtype')) {
               or ThrowUserError('no_tag_to_edit', {action => $action});
 
             my @buglist;
-            # Validate all bug IDs before editing tags in any of them.
-            foreach my $bug_id (split(/[\s,]+/, $cgi->param('bug_ids'))) {
-                next unless $bug_id;
-                push(@buglist, Bugzilla::Bug->check($bug_id));
-            }
+            if ($cgi->param('bug_ids')) {
+                # Validate all bug IDs before editing tags in any of them.
+                foreach my $bug_id (split(/[\s,]+/, $cgi->param('bug_ids'))) {
+                    next unless $bug_id;
+                    push(@buglist, Bugzilla::Bug->check($bug_id));
+                }
 
-            foreach my $bug (@buglist) {
-                $bug->$method($query_name);
+                foreach my $bug (@buglist) {
+                    $bug->$method($query_name);
+                }
             }
 
             $vars->{'message'} = 'tag_updated';
@@ -775,8 +768,6 @@ my $search = new Bugzilla::Search('fields' => \@selectcolumns,
                                   'params' => scalar $params->Vars,
                                   'order'  => \@orderstrings,
                                   'sharer' => $sharer_id);
-my $query = $search->sql;
-$vars->{'search_description'} = $search->search_description;
 
 # We don't want saved searches and other buglist things to save
 # our default limit.
@@ -786,21 +777,6 @@ $params->delete('limit') if $vars->{'default_limited'};
 # Query Execution
 ################################################################################
 
-if ($cgi->param('debug')
-    && Bugzilla->params->{debug_group}
-    && $user->in_group(Bugzilla->params->{debug_group})
-) {
-    $vars->{'debug'} = 1;
-    $vars->{'query'} = $query;
-    # Explains are limited to admins because you could use them to figure
-    # out how many hidden bugs are in a particular product (by doing
-    # searches and looking at the number of rows the explain says it's
-    # examining).
-    if (Bugzilla->user->in_group('admin')) {
-        $vars->{'query_explain'} = $dbh->bz_explain($query);
-    }
-}
-
 # Time to use server push to display an interim message to the user until
 # the query completes and we can display the bug list.
 if ($serverpush) {
@@ -833,9 +809,28 @@ $::SIG{TERM} = 'DEFAULT';
 $::SIG{PIPE} = 'DEFAULT';
 
 # Execute the query.
-my $buglist_sth = $dbh->prepare($query);
-$buglist_sth->execute();
+my ($data, $extra_data) = $search->data;
+$vars->{'search_description'} = $search->search_description;
 
+if ($cgi->param('debug')
+    && Bugzilla->params->{debug_group}
+    && $user->in_group(Bugzilla->params->{debug_group})
+) {
+    $vars->{'debug'} = 1;
+    $vars->{'queries'} = $extra_data;
+    my $query_time = 0;
+    $query_time += $_->{'time'} foreach @$extra_data;
+    $vars->{'query_time'} = $query_time;
+    # Explains are limited to admins because you could use them to figure
+    # out how many hidden bugs are in a particular product (by doing
+    # searches and looking at the number of rows the explain says it's
+    # examining).
+    if ($user->in_group('admin')) {
+        foreach my $query (@$extra_data) {
+            $query->{explain} = $dbh->bz_explain($query->{sql});
+        }
+    }
+}
 
 ################################################################################
 # Results Retrieval
@@ -867,14 +862,14 @@ my @bugidlist;
 
 my @bugs; # the list of records
 
-while (my @row = $buglist_sth->fetchrow_array()) {
+foreach my $row (@$data) {
     my $bug = {}; # a record
 
     # Slurp the row of data into the record.
     # The second from last column in the record is the number of groups
     # to which the bug is restricted.
     foreach my $column (@selectcolumns) {
-        $bug->{$column} = shift @row;
+        $bug->{$column} = shift @$row;
     }
 
     # Process certain values further (i.e. date format conversion).
@@ -1026,7 +1021,8 @@ if ($one_product && Bugzilla->user->can_enter_product($one_product)) {
 # The following variables are used when the user is making changes to multiple bugs.
 if ($dotweak && scalar @bugs) {
     if (!$vars->{'caneditbugs'}) {
-        _close_standby_message('text/html', 'inline', $serverpush);
+        _close_standby_message('text/html',
+                               'inline', "error", "html", $serverpush);
         ThrowUserError('auth_failure', {group  => 'editbugs',
                                         action => 'modify',
                                         object => 'multiple_bugs'});
@@ -1133,10 +1129,8 @@ if ($format->{'extension'} eq "csv") {
     $vars->{'human'} = $cgi->param('human');
 }
 
-# Suggest a name for the bug list if the user wants to save it as a file.
-$disposition .= "; filename=\"$filename\"";
-
-_close_standby_message($contenttype, $disposition, $serverpush);
+_close_standby_message($contenttype, $disposition, $disp_prefix,
+                       $format->{'extension'}, $serverpush);
 
 ################################################################################
 # Content Generation