diff options
Diffstat (limited to 'buglist.cgi')
| -rwxr-xr-x | buglist.cgi | 182 |
1 files changed, 72 insertions, 110 deletions
diff --git a/buglist.cgi b/buglist.cgi index a7eb98df5..f2cc0a53c 100755 --- a/buglist.cgi +++ b/buglist.cgi @@ -56,18 +56,19 @@ my $cgi = Bugzilla->cgi; my $dbh = Bugzilla->dbh; my $template = Bugzilla->template; my $vars = {}; -my $buffer = $cgi->query_string(); # We have to check the login here to get the correct footer if an error is # thrown and to prevent a logged out user to use QuickSearch if 'requirelogin' # is turned 'on'. my $user = Bugzilla->login(); +$cgi->redirect_search_url(); + +my $buffer = $cgi->query_string(); if (length($buffer) == 0) { ThrowUserError("buglist_parameters_required"); } -$cgi->redirect_search_url(); # Determine whether this is a quicksearch query. my $searchstring = $cgi->param('quicksearch'); @@ -315,23 +316,6 @@ sub GetGroups { return [values %legal_groups]; } -sub _close_standby_message { - my ($contenttype, $disposition, $serverpush) = @_; - my $cgi = Bugzilla->cgi; - - # Close the "please wait" page, then open the buglist page - if ($serverpush) { - print $cgi->multipart_end(); - print $cgi->multipart_start(-type => $contenttype, - -content_disposition => $disposition); - } - else { - print $cgi->header(-type => $contenttype, - -content_disposition => $disposition); - } -} - - ################################################################################ # Command Execution ################################################################################ @@ -359,17 +343,10 @@ $params ||= new Bugzilla::CGI($cgi); # if available. We have to do this now, even though we return HTTP headers # at the end, because the fact that there is a remembered query gets # forgotten in the process of retrieving it. -my @time = localtime(time()); -my $date = sprintf "%04d-%02d-%02d", 1900+$time[5],$time[4]+1,$time[3]; -my $filename = "bugs-$date.$format->{extension}"; +my $disp_prefix = "bugs"; if ($cmdtype eq "dorem" && $remaction =~ /^run/) { - $filename = $cgi->param('namedcmd') . "-$date.$format->{extension}"; - # Remove white-space from the filename so the user cannot tamper - # with the HTTP headers. - $filename =~ s/\s/_/g; + $disp_prefix = $cgi->param('namedcmd'); } -$filename =~ s/\\/\\\\/g; # escape backslashes -$filename =~ s/"/\\"/g; # escape quotes # Take appropriate action based on user's request. if ($cmdtype eq "dorem") { @@ -382,7 +359,7 @@ if ($cmdtype eq "dorem") { # so that it can be modified easily. $vars->{'searchname'} = $cgi->param('namedcmd'); if (!$cgi->param('sharer_id') || - $cgi->param('sharer_id') == Bugzilla->user->id) { + $cgi->param('sharer_id') == $user->id) { $vars->{'searchtype'} = "saved"; $vars->{'search_id'} = $query_id; } @@ -442,6 +419,7 @@ if ($cmdtype eq "dorem") { $dbh->do('DELETE FROM namedquery_group_map WHERE namedquery_id = ?', undef, $query_id); + Bugzilla->memcached->clear({ table => 'namedqueries', id => $query_id }); } # Now reset the cached queries @@ -490,14 +468,16 @@ elsif (($cmdtype eq "doit") && defined $cgi->param('remtype')) { or ThrowUserError('no_tag_to_edit', {action => $action}); my @buglist; - # Validate all bug IDs before editing tags in any of them. - foreach my $bug_id (split(/[\s,]+/, $cgi->param('bug_ids'))) { - next unless $bug_id; - push(@buglist, Bugzilla::Bug->check($bug_id)); - } + if ($cgi->param('bug_ids')) { + # Validate all bug IDs before editing tags in any of them. + foreach my $bug_id (split(/[\s,]+/, $cgi->param('bug_ids'))) { + next unless $bug_id; + push(@buglist, Bugzilla::Bug->check($bug_id)); + } - foreach my $bug (@buglist) { - $bug->$method($query_name); + foreach my $bug (@buglist) { + $bug->$method($query_name); + } } $vars->{'message'} = 'tag_updated'; @@ -697,69 +677,39 @@ if (!$order || $order =~ /^reuse/i) { } } +my @order_columns; if ($order) { # Convert the value of the "order" form field into a list of columns # by which to sort the results. ORDER: for ($order) { /^Bug Number$/ && do { - $order = "bug_id"; + @order_columns = ("bug_id"); last ORDER; }; /^Importance$/ && do { - $order = "priority,bug_severity"; + @order_columns = ("priority", "bug_severity"); last ORDER; }; /^Assignee$/ && do { - $order = "assigned_to,bug_status,priority,bug_id"; + @order_columns = ("assigned_to", "bug_status", "priority", + "bug_id"); last ORDER; }; /^Last Changed$/ && do { - $order = "changeddate,bug_status,priority,assigned_to,bug_id"; + @order_columns = ("changeddate", "bug_status", "priority", + "assigned_to", "bug_id"); last ORDER; }; do { - my (@order, @invalid_fragments); - - # A custom list of columns. Make sure each column is valid. - foreach my $fragment (split(/,/, $order)) { - $fragment = trim($fragment); - next unless $fragment; - my ($column_name, $direction) = split_order_term($fragment); - $column_name = translate_old_column($column_name); - - # Special handlings for certain columns - next if $column_name eq 'relevance' && !$fulltext; - - if (exists $columns->{$column_name}) { - $direction = " $direction" if $direction; - push(@order, "$column_name$direction"); - } - else { - push(@invalid_fragments, $fragment); - } - } - if (scalar @invalid_fragments) { - $vars->{'message'} = 'invalid_column_name'; - $vars->{'invalid_fragments'} = \@invalid_fragments; - } - - $order = join(",", @order); - # Now that we have checked that all columns in the order are valid, - # detaint the order string. - trick_taint($order) if $order; + # A custom list of columns. Bugzilla::Search will validate items. + @order_columns = split(/\s*,\s*/, $order); }; } } -if (!$order) { +if (!scalar @order_columns) { # DEFAULT - $order = "bug_status,priority,assigned_to,bug_id"; -} - -my @orderstrings = split(/,\s*/, $order); - -if ($fulltext and grep { /^relevance/ } @orderstrings) { - $vars->{'message'} = 'buglist_sorted_by_relevance' + @order_columns = ("bug_status", "priority", "assigned_to", "bug_id"); } # In the HTML interface, by default, we limit the returned results, @@ -773,10 +723,19 @@ if ($format->{'extension'} eq 'html' && !defined $params->param('limit')) { # Generate the basic SQL query that will be used to generate the bug list. my $search = new Bugzilla::Search('fields' => \@selectcolumns, 'params' => scalar $params->Vars, - 'order' => \@orderstrings, + 'order' => \@order_columns, 'sharer' => $sharer_id); -my $query = $search->sql; -$vars->{'search_description'} = $search->search_description; + +$order = join(',', $search->order); + +if (scalar @{$search->invalid_order_columns}) { + $vars->{'message'} = 'invalid_column_name'; + $vars->{'invalid_fragments'} = $search->invalid_order_columns; +} + +if ($fulltext and grep { /^relevance/ } $search->order) { + $vars->{'message'} = 'buglist_sorted_by_relevance' +} # We don't want saved searches and other buglist things to save # our default limit. @@ -786,21 +745,6 @@ $params->delete('limit') if $vars->{'default_limited'}; # Query Execution ################################################################################ -if ($cgi->param('debug') - && Bugzilla->params->{debug_group} - && $user->in_group(Bugzilla->params->{debug_group}) -) { - $vars->{'debug'} = 1; - $vars->{'query'} = $query; - # Explains are limited to admins because you could use them to figure - # out how many hidden bugs are in a particular product (by doing - # searches and looking at the number of rows the explain says it's - # examining). - if (Bugzilla->user->in_group('admin')) { - $vars->{'query_explain'} = $dbh->bz_explain($query); - } -} - # Time to use server push to display an interim message to the user until # the query completes and we can display the bug list. if ($serverpush) { @@ -833,9 +777,28 @@ $::SIG{TERM} = 'DEFAULT'; $::SIG{PIPE} = 'DEFAULT'; # Execute the query. -my $buglist_sth = $dbh->prepare($query); -$buglist_sth->execute(); +my ($data, $extra_data) = $search->data; +$vars->{'search_description'} = $search->search_description; +if ($cgi->param('debug') + && Bugzilla->params->{debug_group} + && $user->in_group(Bugzilla->params->{debug_group}) +) { + $vars->{'debug'} = 1; + $vars->{'queries'} = $extra_data; + my $query_time = 0; + $query_time += $_->{'time'} foreach @$extra_data; + $vars->{'query_time'} = $query_time; + # Explains are limited to admins because you could use them to figure + # out how many hidden bugs are in a particular product (by doing + # searches and looking at the number of rows the explain says it's + # examining). + if ($user->in_group('admin')) { + foreach my $query (@$extra_data) { + $query->{explain} = $dbh->bz_explain($query->{sql}); + } + } +} ################################################################################ # Results Retrieval @@ -867,14 +830,14 @@ my @bugidlist; my @bugs; # the list of records -while (my @row = $buglist_sth->fetchrow_array()) { +foreach my $row (@$data) { my $bug = {}; # a record # Slurp the row of data into the record. # The second from last column in the record is the number of groups # to which the bug is restricted. foreach my $column (@selectcolumns) { - $bug->{$column} = shift @row; + $bug->{$column} = shift @$row; } # Process certain values further (i.e. date format conversion). @@ -979,10 +942,10 @@ $vars->{'order'} = $order; $vars->{'caneditbugs'} = 1; $vars->{'time_info'} = $time_info; -if (!Bugzilla->user->in_group('editbugs')) { +if (!$user->in_group('editbugs')) { foreach my $product (keys %$bugproducts) { my $prod = new Bugzilla::Product({name => $product}); - if (!Bugzilla->user->in_group('editbugs', $prod->id)) { + if (!$user->in_group('editbugs', $prod->id)) { $vars->{'caneditbugs'} = 0; last; } @@ -990,7 +953,7 @@ if (!Bugzilla->user->in_group('editbugs')) { } my @bugowners = keys %$bugowners; -if (scalar(@bugowners) > 1 && Bugzilla->user->in_group('editbugs')) { +if (scalar(@bugowners) > 1 && $user->in_group('editbugs')) { my $suffix = Bugzilla->params->{'emailsuffix'}; map(s/$/$suffix/, @bugowners) if $suffix; my $bugowners = join(",", @bugowners); @@ -1001,7 +964,10 @@ if (scalar(@bugowners) > 1 && Bugzilla->user->in_group('editbugs')) { # the list more compact. $vars->{'splitheader'} = $cgi->cookie('SPLITHEADER') ? 1 : 0; -$vars->{'quip'} = GetQuip(); +if ($user->settings->{'display_quips'}->{'value'} eq 'on') { + $vars->{'quip'} = GetQuip(); +} + $vars->{'currenttime'} = localtime(time()); # See if there's only one product in all the results (or only one product @@ -1019,14 +985,13 @@ elsif (my @product_input = $cgi->param('product')) { } # We only want the template to use it if the user can actually # enter bugs against it. -if ($one_product && Bugzilla->user->can_enter_product($one_product)) { +if ($one_product && $user->can_enter_product($one_product)) { $vars->{'one_product'} = $one_product; } # The following variables are used when the user is making changes to multiple bugs. if ($dotweak && scalar @bugs) { if (!$vars->{'caneditbugs'}) { - _close_standby_message('text/html', 'inline', $serverpush); ThrowUserError('auth_failure', {group => 'editbugs', action => 'modify', object => 'multiple_bugs'}); @@ -1038,7 +1003,7 @@ if ($dotweak && scalar @bugs) { $vars->{'token'} = issue_session_token('buglist_mass_change'); Bugzilla->switch_to_shadow_db(); - $vars->{'products'} = Bugzilla->user->get_enterable_products; + $vars->{'products'} = $user->get_enterable_products; $vars->{'platforms'} = get_legal_field_values('rep_platform'); $vars->{'op_sys'} = get_legal_field_values('op_sys'); $vars->{'priorities'} = get_legal_field_values('priority'); @@ -1133,10 +1098,7 @@ if ($format->{'extension'} eq "csv") { $vars->{'human'} = $cgi->param('human'); } -# Suggest a name for the bug list if the user wants to save it as a file. -$disposition .= "; filename=\"$filename\""; - -_close_standby_message($contenttype, $disposition, $serverpush); +$cgi->close_standby_message($contenttype, $disposition); ################################################################################ # Content Generation |