From 6a51c4c39e8ced6f808d5517d52c041d9305c2c0 Mon Sep 17 00:00:00 2001
From: "mkanat%bugzilla.org" <>
Date: Tue, 7 Jul 2009 11:53:39 +0000
Subject: Bug 502641: Fix various problems that would occur when you would log
 in from buglist.cgi Patch by Max Kanat-Alexander <mkanat@bugzilla.org>
 r=LpSolit, a=LpSolit

---
 Bugzilla/CGI.pm | 16 +++++++++++++++-
 buglist.cgi     | 22 +++++++++++-----------
 2 files changed, 26 insertions(+), 12 deletions(-)

diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm
index 6fb986aa5..1a1a1ac74 100644
--- a/Bugzilla/CGI.pm
+++ b/Bugzilla/CGI.pm
@@ -141,7 +141,7 @@ sub canonicalise_query {
 
 sub clean_search_url {
     my $self = shift;
-    # Delete any empty URL parameter
+    # Delete any empty URL parameter.
     my @cgi_params = $self->param;
 
     foreach my $param (@cgi_params) {
@@ -161,6 +161,9 @@ sub clean_search_url {
     # Delete certain parameters if the associated parameter is empty.
     $self->delete('bugidtype')  if !$self->param('bug_id');
 
+    # Delete leftovers from the login form
+    $self->delete('Bugzilla_remember', 'GoAheadAndLogIn');
+
     foreach my $num (1,2) {
         # If there's no value in the email field, delete the related fields.
         if (!$self->param("email$num")) {
@@ -299,6 +302,17 @@ sub param {
 
         return wantarray ? @result : $result[0];
     }
+    # And for various other functions in CGI.pm, we need to correctly
+    # return the URL parameters in addition to the POST parameters when
+    # asked for the list of parameters.
+    elsif (!scalar(@_) && $self->request_method 
+           && $self->request_method eq 'POST') 
+    {
+        my @post_params = $self->SUPER::param;
+        my @url_params  = $self->url_param;
+        my %params = map { $_ => 1 } (@post_params, @url_params);
+        return keys %params;
+    }
 
     return $self->SUPER::param(@_);
 }
diff --git a/buglist.cgi b/buglist.cgi
index 531d1500c..edee13bde 100755
--- a/buglist.cgi
+++ b/buglist.cgi
@@ -407,14 +407,14 @@ sub _close_standby_message {
 # Command Execution
 ################################################################################
 
-$cgi->param('cmdtype', "") if !defined $cgi->param('cmdtype');
-$cgi->param('remaction', "") if !defined $cgi->param('remaction');
+my $cmdtype   = $cgi->param('cmdtype')   || '';
+my $remaction = $cgi->param('remaction') || '';
 
 # Backwards-compatibility - the old interface had cmdtype="runnamed" to run
 # a named command, and we can't break this because it's in bookmarks.
-if ($cgi->param('cmdtype') eq "runnamed") {  
-    $cgi->param('cmdtype', "dorem");
-    $cgi->param('remaction', "run");
+if ($cmdtype eq "runnamed") {  
+    $cmdtype = "dorem";
+    $remaction = "run";
 }
 
 # Now we're going to be running, so ensure that the params object is set up,
@@ -432,7 +432,7 @@ $params ||= new Bugzilla::CGI($cgi);
 my @time = localtime(time());
 my $date = sprintf "%04d-%02d-%02d", 1900+$time[5],$time[4]+1,$time[3];
 my $filename = "bugs-$date.$format->{extension}";
-if ($cgi->param('cmdtype') eq "dorem" && $cgi->param('remaction') =~ /^run/) {
+if ($cmdtype eq "dorem" && $remaction =~ /^run/) {
     $filename = $cgi->param('namedcmd') . "-$date.$format->{extension}";
     # Remove white-space from the filename so the user cannot tamper
     # with the HTTP headers.
@@ -442,8 +442,8 @@ $filename =~ s/\\/\\\\/g; # escape backslashes
 $filename =~ s/"/\\"/g; # escape quotes
 
 # Take appropriate action based on user's request.
-if ($cgi->param('cmdtype') eq "dorem") {  
-    if ($cgi->param('remaction') eq "run") {
+if ($cmdtype eq "dorem") {  
+    if ($remaction eq "run") {
         my $query_id;
         ($buffer, $query_id) = LookupNamedQuery(scalar $cgi->param("namedcmd"),
                                                 scalar $cgi->param('sharer_id'));
@@ -459,14 +459,14 @@ if ($cgi->param('cmdtype') eq "dorem") {
         $order = $params->param('order') || $order;
 
     }
-    elsif ($cgi->param('remaction') eq "runseries") {
+    elsif ($remaction eq "runseries") {
         $buffer = LookupSeries(scalar $cgi->param("series_id"));
         $vars->{'searchname'} = $cgi->param('namedcmd');
         $vars->{'searchtype'} = "series";
         $params = new Bugzilla::CGI($buffer);
         $order = $params->param('order') || $order;
     }
-    elsif ($cgi->param('remaction') eq "forget") {
+    elsif ($remaction eq "forget") {
         my $user = Bugzilla->login(LOGIN_REQUIRED);
         # Copy the name into a variable, so that we can trick_taint it for
         # the DB. We know it's safe, because we're using placeholders in 
@@ -530,7 +530,7 @@ if ($cgi->param('cmdtype') eq "dorem") {
         exit;
     }
 }
-elsif (($cgi->param('cmdtype') eq "doit") && defined $cgi->param('remtype')) {
+elsif (($cmdtype eq "doit") && defined $cgi->param('remtype')) {
     if ($cgi->param('remtype') eq "asdefault") {
         my $user = Bugzilla->login(LOGIN_REQUIRED);
         InsertNamedQuery(DEFAULT_QUERY_NAME, $buffer);
-- 
cgit v1.2.3-24-g4f1b