summaryrefslogtreecommitdiffstats
path: root/editusers.cgi
diff options
context:
space:
mode:
Diffstat (limited to 'editusers.cgi')
-rwxr-xr-xeditusers.cgi18
1 files changed, 14 insertions, 4 deletions
diff --git a/editusers.cgi b/editusers.cgi
index 4d7292391..1809101d6 100755
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -195,6 +195,7 @@ if ($action eq 'search') {
my $password = $cgi->param('password');
my $realname = trim($cgi->param('name') || '');
my $disabledtext = trim($cgi->param('disabledtext') || '');
+ my $disable_mail = $cgi->param('disable_mail') =~ /^(0|1)$/ ? $1 : 0;
# Lock tables during the check+creation session.
$dbh->bz_lock_tables('profiles WRITE', 'profiles_activity WRITE',
@@ -216,7 +217,7 @@ if ($action eq 'search') {
trick_taint($password);
trick_taint($disabledtext);
- insert_new_user($login, $realname, $password, $disabledtext);
+ insert_new_user($login, $realname, $password, $disabledtext, $disable_mail);
my $new_user_id = $dbh->bz_last_key('profiles', 'userid');
$dbh->bz_unlock_tables();
userDataToVars($new_user_id);
@@ -234,6 +235,7 @@ if ($action eq 'search') {
} elsif ($action eq 'update') {
my $otherUser = check_user($otherUserID, $otherUserLogin);
$otherUserID = $otherUser->id;
+ my $oldprofile = new Bugzilla::User($otherUserID);
my $logoutNeeded = 0;
my @changedFields;
@@ -255,14 +257,17 @@ if ($action eq 'search') {
object => "user"});
# Cleanups
- my $loginold = $cgi->param('loginold') || '';
- my $realnameold = $cgi->param('nameold') || '';
- my $disabledtextold = $cgi->param('disabledtextold') || '';
+ my $loginold = $cgi->param('loginold') || '';
+ my $realnameold = $cgi->param('nameold') || '';
+ my $disabledtextold = $cgi->param('disabledtextold') || '';
+ my $disable_mail_old = $cgi->param('disable_mail_old') =~ /^(0|1)$/ ?
+ $1 : $oldprofile->email_disabled;
my $login = $cgi->param('login');
my $password = $cgi->param('password');
my $realname = trim($cgi->param('name') || '');
my $disabledtext = trim($cgi->param('disabledtext') || '');
+ my $disable_mail = $cgi->param('disable_mail') =~ /^(0|1)$/ ? $1 : 0;
# Update profiles table entry; silently skip doing this if the user
# is not authorized.
@@ -308,6 +313,11 @@ if ($action eq 'search') {
push(@values, $disabledtext);
$logoutNeeded = 1;
}
+ if ($disable_mail != $disable_mail_old) {
+ trick_taint($disable_mail);
+ push(@changedFields, 'disable_mail');
+ push(@values, $disable_mail);
+ }
if (@changedFields) {
push (@values, $otherUserID);
$logoutNeeded && Bugzilla->logout_user($otherUser);