From 0133e0b65b1d73d87604b9f94b92c712206137e3 Mon Sep 17 00:00:00 2001 From: Frédéric Buclin Date: Fri, 9 Dec 2011 00:19:07 +0100 Subject: Bug 644281: When the sort order of a buglist is modified, the "Show next bug in my list" user pref still uses the original sort order to decide which bug to display next r=glob a=LpSolit --- Bugzilla/User.pm | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) (limited to 'Bugzilla') diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm index 849c1d915..8455e64c1 100644 --- a/Bugzilla/User.pm +++ b/Bugzilla/User.pm @@ -516,26 +516,21 @@ sub save_last_search { return if !@$bug_ids; + my $search; if ($self->id) { on_main_db { - my $search; if ($list_id) { - # Use eval so that people can still use old search links or - # links that don't belong to them. - $search = eval { Bugzilla::Search::Recent->check( - { id => $list_id }) }; + $search = Bugzilla::Search::Recent->check_quietly({ id => $list_id }); } if ($search) { - # We only update placeholders. (Placeholders are - # Saved::Search::Recent objects with empty bug lists.) - # Otherwise, we could just keep creating new searches - # for the same refreshed list over and over. - if (!@{ $search->bug_list }) { - $search->set_list_order($order); + if (join(',', @{$search->bug_list}) ne join(',', @$bug_ids)) { $search->set_bug_list($bug_ids); - $search->update(); } + if (!$search->list_order || $order ne $search->list_order) { + $search->set_list_order($order); + } + $search->update(); } else { # If we already have an existing search with a totally @@ -548,11 +543,14 @@ sub save_last_search { user_id => $self->id, bug_list => $list_string }); if (!scalar(@$existing_search)) { - Bugzilla::Search::Recent->create({ + $search = Bugzilla::Search::Recent->create({ user_id => $self->id, bug_list => $bug_ids, list_order => $order }); } + else { + $search = $existing_search->[0]; + } } }; delete $self->{recent_searches}; @@ -574,6 +572,7 @@ sub save_last_search { $vars->{'toolong'} = 1; } } + return $search; } sub settings { -- cgit v1.2.3-24-g4f1b From a6aa75fc6f96527f01e8b4f0da414d9fa8ad8ce1 Mon Sep 17 00:00:00 2001 From: Reed Loden Date: Tue, 13 Dec 2011 14:30:07 -0800 Subject: Bug 705474 - CSRF vulnerability in createaccount.cgi allows possible unauthorized account creation e-mail request [r=mkanat a=mkanat] --- Bugzilla/Token.pm | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'Bugzilla') diff --git a/Bugzilla/Token.pm b/Bugzilla/Token.pm index 86220aa29..2bb68e721 100644 --- a/Bugzilla/Token.pm +++ b/Bugzilla/Token.pm @@ -176,9 +176,14 @@ sub issue_hash_token { $data ||= []; $time ||= time(); + # For the user ID, use the actual ID if the user is logged in. + # Otherwise, use the remote IP, in case this is for something + # such as creating an account or logging in. + my $user_id = Bugzilla->user->id || remote_ip(); + # The concatenated string is of the form - # token creation time + site-wide secret + user ID + data - my @args = ($time, Bugzilla->localconfig->{'site_wide_secret'}, Bugzilla->user->id, @$data); + # token creation time + site-wide secret + user ID (either ID or remote IP) + data + my @args = ($time, Bugzilla->localconfig->{'site_wide_secret'}, $user_id, @$data); my $token = join('*', @args); # Wide characters cause md5_hex() to die. -- cgit v1.2.3-24-g4f1b