From add735039c2d148077d5a7baca1a36f50f5bfab3 Mon Sep 17 00:00:00 2001 From: "lpsolit%gmail.com" <> Date: Sun, 10 Apr 2005 06:12:11 +0000 Subject: Bug 289372: Remove %FORM from editflagtypes.cgi - Patch by Teemu Mannermaa r=LpSolit a=myk --- editflagtypes.cgi | 223 ++++++++++++++++++++++++++++-------------------------- 1 file changed, 116 insertions(+), 107 deletions(-) (limited to 'editflagtypes.cgi') diff --git a/editflagtypes.cgi b/editflagtypes.cgi index 8ae3a7408..ed80a0130 100755 --- a/editflagtypes.cgi +++ b/editflagtypes.cgi @@ -50,6 +50,7 @@ UserInGroup("editcomponents") # Suppress "used only once" warnings. use vars qw(@legal_product @legal_components %components); +my $cgi = Bugzilla->cgi; my $product_id; my $component_id; @@ -62,10 +63,10 @@ my $component_id; # that variable and runs the appropriate code. # Determine whether to use the action specified by the user or the default. -my $action = $::FORM{'action'} || 'list'; +my $action = $cgi->param('action') || 'list'; my @categoryActions; -if (@categoryActions = grep(/^categoryAction-.+/, keys(%::FORM))) { +if (@categoryActions = grep(/^categoryAction-.+/, $cgi->param())) { $categoryActions[0] =~ s/^categoryAction-//; processCategoryChange($categoryActions[0]); exit; @@ -94,13 +95,13 @@ sub list { # Define the variables and functions that will be passed to the UI template. $vars->{'bug_types'} = Bugzilla::FlagType::match({ 'target_type' => 'bug', - 'group' => $::FORM{'group'} }, 1); + 'group' => scalar $cgi->param('group') }, 1); $vars->{'attachment_types'} = Bugzilla::FlagType::match({ 'target_type' => 'attachment', - 'group' => $::FORM{'group'} }, 1); + 'group' => scalar $cgi->param('group') }, 1); # Return the appropriate HTTP response headers. - print Bugzilla->cgi->header(); + print $cgi->header(); # Generate and return the UI (HTML page) from the appropriate template. $template->process("admin/flag-type/list.html.tmpl", $vars) @@ -109,7 +110,7 @@ sub list { sub edit { - $action eq 'enter' ? validateTargetType() : validateID(); + $action eq 'enter' ? validateTargetType() : (my $id = validateID()); # Get this installation's products and components. GetVersionTable(); @@ -121,8 +122,8 @@ sub edit { $vars->{'components'} = \@::legal_components; $vars->{'components_by_product'} = \%::components; - $vars->{'last_action'} = $::FORM{'action'}; - if ($::FORM{'action'} eq 'enter' || $::FORM{'action'} eq 'copy') { + $vars->{'last_action'} = $cgi->param('action'); + if ($cgi->param('action') eq 'enter' || $cgi->param('action') eq 'copy') { $vars->{'action'} = "insert"; } else { @@ -130,10 +131,10 @@ sub edit { } # If copying or editing an existing flag type, retrieve it. - if ($::FORM{'action'} eq 'copy' || $::FORM{'action'} eq 'edit') { - $vars->{'type'} = Bugzilla::FlagType::get($::FORM{'id'}); - $vars->{'type'}->{'inclusions'} = Bugzilla::FlagType::get_inclusions($::FORM{'id'}); - $vars->{'type'}->{'exclusions'} = Bugzilla::FlagType::get_exclusions($::FORM{'id'}); + if ($cgi->param('action') eq 'copy' || $cgi->param('action') eq 'edit') { + $vars->{'type'} = Bugzilla::FlagType::get($id); + $vars->{'type'}->{'inclusions'} = Bugzilla::FlagType::get_inclusions($id); + $vars->{'type'}->{'exclusions'} = Bugzilla::FlagType::get_exclusions($id); # Users want to see group names, not IDs foreach my $group ("grant_gid", "request_gid") { my $gid = $vars->{'type'}->{$group}; @@ -146,12 +147,12 @@ sub edit { # that the template needs to know) from the URL parameter and default # the list of inclusions to all categories. else { - $vars->{'type'} = { 'target_type' => $::FORM{'target_type'} , + $vars->{'type'} = { 'target_type' => scalar $cgi->param('target_type'), 'inclusions' => ["__Any__:__Any__"] }; } # Return the appropriate HTTP response headers. - print Bugzilla->cgi->header(); + print $cgi->header(); # Generate and return the UI (HTML page) from the appropriate template. $template->process("admin/flag-type/edit.html.tmpl", $vars) @@ -165,25 +166,25 @@ sub processCategoryChange { validateIsRequesteeble(); validateAllowMultiple(); - my @inclusions = $::MFORM{'inclusions'} ? @{$::MFORM{'inclusions'}} : (); - my @exclusions = $::MFORM{'exclusions'} ? @{$::MFORM{'exclusions'}} : (); + my @inclusions = $cgi->param('inclusions'); + my @exclusions = $cgi->param('exclusions'); if ($categoryAction eq 'include') { validateProduct(); validateComponent(); - my $category = ($::FORM{'product'} || "__Any__") . ":" . ($::FORM{'component'} || "__Any__"); + my $category = ($cgi->param('product') || "__Any__") . ":" . ($cgi->param('component') || "__Any__"); push(@inclusions, $category) unless grep($_ eq $category, @inclusions); } elsif ($categoryAction eq 'exclude') { validateProduct(); validateComponent(); - my $category = ($::FORM{'product'} || "__Any__") . ":" . ($::FORM{'component'} || "__Any__"); + my $category = ($cgi->param('product') || "__Any__") . ":" . ($cgi->param('component') || "__Any__"); push(@exclusions, $category) unless grep($_ eq $category, @exclusions); } elsif ($categoryAction eq 'removeInclusion') { - @inclusions = map(($_ eq $::FORM{'inclusion_to_remove'} ? () : $_), @inclusions); + @inclusions = map(($_ eq $cgi->param('inclusion_to_remove') ? () : $_), @inclusions); } elsif ($categoryAction eq 'removeExclusion') { - @exclusions = map(($_ eq $::FORM{'exclusion_to_remove'} ? () : $_), @exclusions); + @exclusions = map(($_ eq $cgi->param('exclusion_to_remove') ? () : $_), @exclusions); } # Get this installation's products and components. @@ -195,15 +196,15 @@ sub processCategoryChange { $vars->{'components'} = \@::legal_components; $vars->{'components_by_product'} = \%::components; - $vars->{'action'} = $::FORM{'action'}; + $vars->{'action'} = $cgi->param('action'); my $type = {}; - foreach my $key (keys %::FORM) { $type->{$key} = $::FORM{$key} } + foreach my $key ($cgi->param()) { $type->{$key} = $cgi->param($key) } $type->{'inclusions'} = \@inclusions; $type->{'exclusions'} = \@exclusions; $vars->{'type'} = $type; # Return the appropriate HTTP response headers. - print Bugzilla->cgi->header(); + print $cgi->header(); # Generate and return the UI (HTML page) from the appropriate template. $template->process("admin/flag-type/edit.html.tmpl", $vars) @@ -224,10 +225,10 @@ sub insert { my $dbh = Bugzilla->dbh; - my $name = SqlQuote($::FORM{'name'}); - my $description = SqlQuote($::FORM{'description'}); - my $cc_list = SqlQuote($::FORM{'cc_list'}); - my $target_type = $::FORM{'target_type'} eq "bug" ? "b" : "a"; + my $name = SqlQuote($cgi->param('name')); + my $description = SqlQuote($cgi->param('description')); + my $cc_list = SqlQuote($cgi->param('cc_list')); + my $target_type = $cgi->param('target_type') eq "bug" ? "b" : "a"; $dbh->bz_lock_tables('flagtypes WRITE', 'products READ', 'components READ', 'flaginclusions WRITE', @@ -242,15 +243,18 @@ sub insert { target_type, sortkey, is_active, is_requestable, is_requesteeble, is_multiplicable, grant_group_id, request_group_id) - VALUES ($id, $name, $description, $cc_list, '$target_type', - $::FORM{'sortkey'}, $::FORM{'is_active'}, - $::FORM{'is_requestable'}, $::FORM{'is_requesteeble'}, - $::FORM{'is_multiplicable'}, $::FORM{'grant_gid'}, - $::FORM{'request_gid'})"); + VALUES ($id, $name, $description, $cc_list, '$target_type', " . + $cgi->param('sortkey') . ", " . + $cgi->param('is_active') . ", " . + $cgi->param('is_requestable') . ", " . + $cgi->param('is_requesteeble') . ", " . + $cgi->param('is_multiplicable') . ", " . + $cgi->param('grant_gid') . ", " . + $cgi->param('request_gid') . ")"); # Populate the list of inclusions/exclusions for this flag type. foreach my $category_type ("inclusions", "exclusions") { - foreach my $category (@{$::MFORM{$category_type}}) { + foreach my $category ($cgi->param($category_type)) { my ($product, $component) = split(/:/, $category); my $product_id = get_product_id($product) || "NULL"; my $component_id = @@ -262,11 +266,11 @@ sub insert { $dbh->bz_unlock_tables(); - $vars->{'name'} = $::FORM{'name'}; + $vars->{'name'} = $cgi->param('name'); $vars->{'message'} = "flag_type_created"; # Return the appropriate HTTP response headers. - print Bugzilla->cgi->header(); + print $cgi->header(); # Generate and return the UI (HTML page) from the appropriate template. $template->process("global/message.html.tmpl", $vars) @@ -275,7 +279,7 @@ sub insert { sub update { - validateID(); + my $id = validateID(); validateName(); validateDescription(); validateCCList(); @@ -289,9 +293,9 @@ sub update { my $dbh = Bugzilla->dbh; - my $name = SqlQuote($::FORM{'name'}); - my $description = SqlQuote($::FORM{'description'}); - my $cc_list = SqlQuote($::FORM{'cc_list'}); + my $name = SqlQuote($cgi->param('name')); + my $description = SqlQuote($cgi->param('description')); + my $cc_list = SqlQuote($cgi->param('cc_list')); $dbh->bz_lock_tables('flagtypes WRITE', 'products READ', 'components READ', 'flaginclusions WRITE', @@ -300,26 +304,25 @@ sub update { SET name = $name , description = $description , cc_list = $cc_list , - sortkey = $::FORM{'sortkey'} , - is_active = $::FORM{'is_active'} , - is_requestable = $::FORM{'is_requestable'} , - is_requesteeble = $::FORM{'is_requesteeble'} , - is_multiplicable = $::FORM{'is_multiplicable'} , - grant_group_id = $::FORM{'grant_gid'} , - request_group_id = $::FORM{'request_gid'} - WHERE id = $::FORM{'id'}"); + sortkey = " . $cgi->param('sortkey') . ", + is_active = " . $cgi->param('is_active') . ", + is_requestable = " . $cgi->param('is_requestable') . ", + is_requesteeble = " . $cgi->param('is_requesteeble') . ", + is_multiplicable = " . $cgi->param('is_multiplicable') . ", + grant_group_id = " . $cgi->param('grant_gid') . ", + request_group_id = " . $cgi->param('request_gid') . " + WHERE id = $id"); # Update the list of inclusions/exclusions for this flag type. foreach my $category_type ("inclusions", "exclusions") { - SendSQL("DELETE FROM flag$category_type WHERE type_id = $::FORM{'id'}"); - foreach my $category (@{$::MFORM{$category_type}}) { + SendSQL("DELETE FROM flag$category_type WHERE type_id = $id"); + foreach my $category ($cgi->param($category_type)) { my ($product, $component) = split(/:/, $category); my $product_id = get_product_id($product) || "NULL"; my $component_id = get_component_id($product_id, $component) || "NULL"; SendSQL("INSERT INTO flag$category_type (type_id, product_id, " . - "component_id) VALUES ($::FORM{'id'}, $product_id, " . - "$component_id)"); + "component_id) VALUES ($id, $product_id, $component_id)"); } } @@ -336,7 +339,7 @@ sub update { ON (flags.type_id = i.type_id AND (bugs.product_id = i.product_id OR i.product_id IS NULL) AND (bugs.component_id = i.component_id OR i.component_id IS NULL)) - WHERE flags.type_id = $::FORM{'id'} + WHERE flags.type_id = $id AND flags.is_active = 1 AND i.type_id IS NULL "); @@ -349,18 +352,18 @@ sub update { ON flags.bug_id = bugs.bug_id INNER JOIN flagexclusions AS e ON flags.type_id = e.type_id - WHERE flags.type_id = $::FORM{'id'} + WHERE flags.type_id = $id AND flags.is_active = 1 AND (bugs.product_id = e.product_id OR e.product_id IS NULL) AND (bugs.component_id = e.component_id OR e.component_id IS NULL) "); Bugzilla::Flag::clear(FetchOneColumn()) while MoreSQLData(); - $vars->{'name'} = $::FORM{'name'}; + $vars->{'name'} = $cgi->param('name'); $vars->{'message'} = "flag_type_changes_saved"; # Return the appropriate HTTP response headers. - print Bugzilla->cgi->header(); + print $cgi->header(); # Generate and return the UI (HTML page) from the appropriate template. $template->process("global/message.html.tmpl", $vars) @@ -370,18 +373,19 @@ sub update { sub confirmDelete { - validateID(); + my $id = validateID(); + # check if we need confirmation to delete: - my $count = Bugzilla::Flag::count({ 'type_id' => $::FORM{'id'}, + my $count = Bugzilla::Flag::count({ 'type_id' => $id, 'is_active' => 1 }); if ($count > 0) { - $vars->{'flag_type'} = Bugzilla::FlagType::get($::FORM{'id'}); + $vars->{'flag_type'} = Bugzilla::FlagType::get($id); $vars->{'flag_count'} = scalar($count); # Return the appropriate HTTP response headers. - print Bugzilla->cgi->header(); + print $cgi->header(); # Generate and return the UI (HTML page) from the appropriate template. $template->process("admin/flag-type/confirm-delete.html.tmpl", $vars) @@ -394,8 +398,7 @@ sub confirmDelete sub deleteType { - validateID(); - + my $id = validateID(); my $dbh = Bugzilla->dbh; $dbh->bz_lock_tables('flagtypes WRITE', 'flags WRITE', @@ -403,19 +406,19 @@ sub deleteType { # Get the name of the flag type so we can tell users # what was deleted. - SendSQL("SELECT name FROM flagtypes WHERE id = $::FORM{'id'}"); + SendSQL("SELECT name FROM flagtypes WHERE id = $id"); $vars->{'name'} = FetchOneColumn(); - SendSQL("DELETE FROM flags WHERE type_id = $::FORM{'id'}"); - SendSQL("DELETE FROM flaginclusions WHERE type_id = $::FORM{'id'}"); - SendSQL("DELETE FROM flagexclusions WHERE type_id = $::FORM{'id'}"); - SendSQL("DELETE FROM flagtypes WHERE id = $::FORM{'id'}"); + SendSQL("DELETE FROM flags WHERE type_id = $id"); + SendSQL("DELETE FROM flaginclusions WHERE type_id = $id"); + SendSQL("DELETE FROM flagexclusions WHERE type_id = $id"); + SendSQL("DELETE FROM flagtypes WHERE id = $id"); $dbh->bz_unlock_tables(); $vars->{'message'} = "flag_type_deleted"; # Return the appropriate HTTP response headers. - print Bugzilla->cgi->header(); + print $cgi->header(); # Generate and return the UI (HTML page) from the appropriate template. $template->process("global/message.html.tmpl", $vars) @@ -424,20 +427,20 @@ sub deleteType { sub deactivate { - validateID(); + my $id = validateID(); validateIsActive(); my $dbh = Bugzilla->dbh; $dbh->bz_lock_tables('flagtypes WRITE'); - SendSQL("UPDATE flagtypes SET is_active = 0 WHERE id = $::FORM{'id'}"); + SendSQL("UPDATE flagtypes SET is_active = 0 WHERE id = $id"); $dbh->bz_unlock_tables(); $vars->{'message'} = "flag_type_deactivated"; - $vars->{'flag_type'} = Bugzilla::FlagType::get($::FORM{'id'}); + $vars->{'flag_type'} = Bugzilla::FlagType::get($id); # Return the appropriate HTTP response headers. - print Bugzilla->cgi->header(); + print $cgi->header(); # Generate and return the UI (HTML page) from the appropriate template. $template->process("global/message.html.tmpl", $vars) @@ -450,102 +453,108 @@ sub deactivate { ################################################################################ sub validateID { - # $::FORM{'id'} is destroyed if detaint_natural fails. - my $flagtype_id = $::FORM{'id'}; - detaint_natural($::FORM{'id'}) - || ThrowCodeError("flag_type_id_invalid", { id => $flagtype_id }); + # $flagtype_id is destroyed if detaint_natural fails. + my $flagtype_id = $cgi->param('id'); + detaint_natural($flagtype_id) + || ThrowCodeError("flag_type_id_invalid", + { id => scalar $cgi->param('id') }); - SendSQL("SELECT 1 FROM flagtypes WHERE id = $::FORM{'id'}"); + SendSQL("SELECT 1 FROM flagtypes WHERE id = $flagtype_id"); FetchOneColumn() - || ThrowCodeError("flag_type_nonexistent", { id => $::FORM{'id'} }); + || ThrowCodeError("flag_type_nonexistent", { id => $flagtype_id }); + + return $flagtype_id; } sub validateName { - $::FORM{'name'} - && $::FORM{'name'} !~ /[ ,]/ - && length($::FORM{'name'}) <= 50 - || ThrowUserError("flag_type_name_invalid", { name => $::FORM{'name'} }); + $cgi->param('name') + && $cgi->param('name') !~ /[ ,]/ + && length($cgi->param('name')) <= 50 + || ThrowUserError("flag_type_name_invalid", + { name => scalar $cgi->param('name') }); } sub validateDescription { - length($::FORM{'description'}) < 2**16-1 + length($cgi->param('description')) < 2**16-1 || ThrowUserError("flag_type_description_invalid"); } sub validateCCList { - length($::FORM{'cc_list'}) <= 200 + length($cgi->param('cc_list')) <= 200 || ThrowUserError("flag_type_cc_list_invalid", - { cc_list => $::FORM{'cc_list'} }); + { cc_list => $cgi->param('cc_list') }); - my @addresses = split(/[, ]+/, $::FORM{'cc_list'}); + my @addresses = split(/[, ]+/, $cgi->param('cc_list')); foreach my $address (@addresses) { CheckEmailSyntax($address) } } sub validateProduct { - return if !$::FORM{'product'}; + return if !$cgi->param('product'); - $product_id = get_product_id($::FORM{'product'}); + $product_id = get_product_id($cgi->param('product')); defined($product_id) || ThrowCodeError("flag_type_product_nonexistent", - { product => $::FORM{'product'} }); + { product => $cgi->param('product') }); } sub validateComponent { - return if !$::FORM{'component'}; + return if !$cgi->param('component'); $product_id || ThrowCodeError("flag_type_component_without_product"); - $component_id = get_component_id($product_id, $::FORM{'component'}); + $component_id = get_component_id($product_id, $cgi->param('component')); defined($component_id) || ThrowCodeError("flag_type_component_nonexistent", - { product => $::FORM{'product'}, - name => $::FORM{'component'} }); + { product => $cgi->param('product'), + name => $cgi->param('component') }); } sub validateSortKey { - # $::FORM{'sortkey'} is destroyed if detaint_natural fails. - my $sortkey = $::FORM{'sortkey'}; - detaint_natural($::FORM{'sortkey'}) - && $::FORM{'sortkey'} < 32768 + # $sortkey is destroyed if detaint_natural fails. + my $sortkey = $cgi->param('sortkey'); + detaint_natural($sortkey) + && $sortkey < 32768 || ThrowUserError("flag_type_sortkey_invalid", - { sortkey => $sortkey }); + { sortkey => scalar $cgi->param('sortkey') }); + $cgi->param('sortkey', $sortkey); } sub validateTargetType { - grep($::FORM{'target_type'} eq $_, ("bug", "attachment")) + grep($cgi->param('target_type') eq $_, ("bug", "attachment")) || ThrowCodeError("flag_type_target_type_invalid", - { target_type => $::FORM{'target_type'} }); + { target_type => scalar $cgi->param('target_type') }); } sub validateIsActive { - $::FORM{'is_active'} = $::FORM{'is_active'} ? 1 : 0; + $cgi->param('is_active', $cgi->param('is_active') ? 1 : 0); } sub validateIsRequestable { - $::FORM{'is_requestable'} = $::FORM{'is_requestable'} ? 1 : 0; + $cgi->param('is_requestable', $cgi->param('is_requestable') ? 1 : 0); } sub validateIsRequesteeble { - $::FORM{'is_requesteeble'} = $::FORM{'is_requesteeble'} ? 1 : 0; + $cgi->param('is_requesteeble', $cgi->param('is_requesteeble') ? 1 : 0); } sub validateAllowMultiple { - $::FORM{'is_multiplicable'} = $::FORM{'is_multiplicable'} ? 1 : 0; + $cgi->param('is_multiplicable', $cgi->param('is_multiplicable') ? 1 : 0); } sub validateGroups { # Convert group names to group IDs foreach my $col ("grant_gid", "request_gid") { - my $name = $::FORM{$col}; - $::FORM{$col} ||= "NULL"; + my $name = $cgi->param($col); + $cgi->param($col, "NULL") unless $name; next if (!$name); SendSQL("SELECT id FROM groups WHERE name = " . SqlQuote($name)); - $::FORM{$col} = FetchOneColumn(); - if (!$::FORM{$col}) { + my $gid = FetchOneColumn(); + if (!$gid) { ThrowUserError("group_unknown", { name => $name }); } + $cgi->param($col, $gid); } } -- cgit v1.2.3-24-g4f1b