From c6c54c2e4235783544c44c08e4e55d4057556588 Mon Sep 17 00:00:00 2001
From: Koosha Khajeh Moogahi <koosha.khajeh@gmail.com>
Date: Sat, 18 Aug 2012 19:06:44 +0200
Subject: Bug 187753: Specify a maximum length for quips (512 characters)
 r/a=LpSolit

---
 Bugzilla/Constants.pm                           |  4 ++++
 Bugzilla/DB/Schema.pm                           |  2 +-
 Bugzilla/Install/DB.pm                          | 25 +++++++++++++++++++++++--
 quips.cgi                                       |  4 ++++
 template/en/default/global/user-error.html.tmpl |  6 ++++++
 template/en/default/list/quips.html.tmpl        |  2 +-
 6 files changed, 39 insertions(+), 4 deletions(-)

diff --git a/Bugzilla/Constants.pm b/Bugzilla/Constants.pm
index 63242ba8a..f1141195c 100644
--- a/Bugzilla/Constants.pm
+++ b/Bugzilla/Constants.pm
@@ -161,6 +161,7 @@ use Memoize;
     MAX_BUG_URL_LENGTH
     MAX_POSSIBLE_DUPLICATES
     MAX_ATTACH_FILENAME_LENGTH
+    MAX_QUIP_LENGTH
 
     PASSWORD_DIGEST_ALGORITHM
     PASSWORD_SALT_LENGTH
@@ -556,6 +557,9 @@ use constant MAX_POSSIBLE_DUPLICATES => 25;
 # necessary schema changes to store longer names.
 use constant MAX_ATTACH_FILENAME_LENGTH => 255;
 
+# Maximum length of a quip.
+use constant MAX_QUIP_LENGTH => 512;
+
 # This is the name of the algorithm used to hash passwords before storing
 # them in the database. This can be any string that is valid to pass to
 # Perl's "Digest" module. Note that if you change this, it won't take
diff --git a/Bugzilla/DB/Schema.pm b/Bugzilla/DB/Schema.pm
index 728176684..eabee07c3 100644
--- a/Bugzilla/DB/Schema.pm
+++ b/Bugzilla/DB/Schema.pm
@@ -1484,7 +1484,7 @@ use constant ABSTRACT_SCHEMA => {
                          REFERENCES => {TABLE  => 'profiles', 
                                         COLUMN => 'userid',
                                         DELETE => 'SET NULL'}},
-            quip     => {TYPE => 'MEDIUMTEXT', NOTNULL => 1},
+            quip     => {TYPE => 'varchar(512)', NOTNULL => 1},
             approved => {TYPE => 'BOOLEAN', NOTNULL => 1,
                          DEFAULT => 'TRUE'},
         ],
diff --git a/Bugzilla/Install/DB.pm b/Bugzilla/Install/DB.pm
index 5d0f61672..e04766f24 100644
--- a/Bugzilla/Install/DB.pm
+++ b/Bugzilla/Install/DB.pm
@@ -697,6 +697,9 @@ sub update_table_definitions {
     # 2012-08-02 dkl@mozilla.com - Bug 756953
     _fix_dependencies_dupes();
 
+    # 2012-08-01 koosha.khajeh@gmail.com - Bug 187753
+    _shorten_long_quips();
+
     ################################################################
     # New --TABLE-- changes should go *** A B O V E *** this point #
     ################################################################
@@ -3164,8 +3167,6 @@ sub _change_text_types {
         { TYPE => 'TINYTEXT', NOTNULL => 1 });
     $dbh->bz_alter_column('groups', 'description',
         { TYPE => 'MEDIUMTEXT', NOTNULL => 1 });
-    $dbh->bz_alter_column('quips', 'quip',
-        { TYPE => 'MEDIUMTEXT', NOTNULL => 1 });
     $dbh->bz_alter_column('namedqueries', 'query',
         { TYPE => 'LONGTEXT', NOTNULL => 1 });
 
@@ -3753,6 +3754,26 @@ sub _fix_dependencies_dupes {
     }   
 }
 
+sub _shorten_long_quips {
+    my $dbh = Bugzilla->dbh;
+    my $quips = $dbh->selectall_arrayref("SELECT quipid, quip FROM quips
+                                          WHERE CHAR_LENGTH(quip) > 512");
+
+    if (@$quips) {
+        print "Shortening quips longer than 512 characters:";
+
+        my $query = $dbh->prepare("UPDATE quips SET quip = ? WHERE quipid = ?");
+
+        foreach my $quip (@$quips) {
+            my ($quipid, $quip_str) = @$quip;
+            $quip_str = substr($quip_str, 0, 509) . "...";
+            print " $quipid";
+            $query->execute($quip_str, $quipid);
+        }
+    }
+    $dbh->bz_alter_column('quips', 'quip', { TYPE => 'varchar(512)', NOTNULL => 1});
+}
+
 1;
 
 __END__
diff --git a/quips.cgi b/quips.cgi
index 565056a6e..266ed516f 100755
--- a/quips.cgi
+++ b/quips.cgi
@@ -65,6 +65,10 @@ if ($action eq "add") {
                    || $user->in_group('bz_quip_moderators') || 0;
     my $comment = $cgi->param("quip");
     $comment || ThrowUserError("need_quip");
+    
+    ThrowUserError("quip_too_long", { length => length($comment) }) 
+        if length($comment) > MAX_QUIP_LENGTH;
+
     trick_taint($comment); # Used in a placeholder below
 
     $dbh->do("INSERT INTO quips (userid, quip, approved) VALUES (?, ?, ?)",
diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl
index 8f4d7d21c..2d79bf851 100644
--- a/template/en/default/global/user-error.html.tmpl
+++ b/template/en/default/global/user-error.html.tmpl
@@ -1479,6 +1479,12 @@
         <a href="page.cgi?id=quicksearch.html#fields">listed here</a>.</p>
     [% END %]
 
+  [% ELSIF error == "quip_too_long" %]
+    [% title = "Quip Too Long" %]
+    You entered a quip with a length of [% length FILTER none %] characters, 
+    but the maximum allowed length is [% constants.MAX_QUIP_LENGTH FILTER none %] 
+    characters.
+
   [% ELSIF error == "reassign_to_empty" %]
     [% title = "Illegal Reassignment" %]
     To reassign [% terms.abug %], you must provide an address for
diff --git a/template/en/default/list/quips.html.tmpl b/template/en/default/list/quips.html.tmpl
index f38d98221..31e766a9b 100644
--- a/template/en/default/list/quips.html.tmpl
+++ b/template/en/default/list/quips.html.tmpl
@@ -61,7 +61,7 @@
     <input type="hidden" name="action" value="add">
     <input type="hidden" name="token"
            value="[% issue_hash_token(['create-quips']) FILTER html %]">
-    <input size="80" name="quip">
+    <input size="80" name="quip" maxlength="512">
     <p>
       <input type="submit" id="add" value="Add This Quip">
     </p>
-- 
cgit v1.2.3-24-g4f1b