From ac8796ba2733be5e0e618148ee12488cc567d34e Mon Sep 17 00:00:00 2001 From: "jocuri%softhome.net" <> Date: Tue, 13 Jul 2004 12:12:29 +0000 Subject: Patch for bug 190222: templatize editgroups.cgi; r=joel, a=justdave. --- editgroups.cgi | 655 +++++++++++++++++---------------------------------------- 1 file changed, 196 insertions(+), 459 deletions(-) (limited to 'editgroups.cgi') diff --git a/editgroups.cgi b/editgroups.cgi index 1b2f0d3df..29e28dd9a 100755 --- a/editgroups.cgi +++ b/editgroups.cgi @@ -32,22 +32,17 @@ use Bugzilla; use Bugzilla::Constants; require "CGI.pl"; +my $cgi = Bugzilla->cgi; + use vars qw($template $vars); Bugzilla->login(LOGIN_REQUIRED); print Bugzilla->cgi->header(); -if (!UserInGroup("creategroups")) { - PutHeader("Not Authorized","Edit Groups","","Not Authorized for this function!"); - print "

Sorry, you aren't a member of the 'creategroups' group.

\n"; - print "And so, you aren't allowed to edit the groups.\n"; - print "

\n"; - PutFooter(); - exit; -} +ThrowUserError("auth_cant_edit_groups") unless UserInGroup("creategroups"); -my $action = trim($::FORM{action} || ''); +my $action = trim($cgi->param('action') || ''); # RederiveRegexp: update user_group_map with regexp-based grants sub RederiveRegexp ($$) @@ -85,108 +80,40 @@ sub TestGroup ($) return FetchOneColumn(); } -sub ShowError ($) -{ - my $msgtext = shift; - print "
"; - print "$msgtext"; - print "

"; - return 1; -} - -# -# Displays a text like "a.", "a or b.", "a, b or c.", "a, b, c or d." -# - -sub PutTrailer (@) -{ - my (@links) = ("Back to the index", @_); - - my $count = $#links; - my $num = 0; - print "

\n"; - foreach (@links) { - print $_; - if ($num == $count) { - print ".\n"; - } - elsif ($num == $count-1) { - print " or "; - } - else { - print ", "; - } - $num++; - } - PutFooter(); -} - # # action='' -> No action specified, get a list. # unless ($action) { - PutHeader("Edit Groups","Edit Groups","This lets you edit the groups available to put users in."); - - print "\n"; - print ""; - print ""; - print ""; - print ""; - print ""; - print ""; - print ""; - print "\n"; + my @groups; SendSQL("SELECT id,name,description,userregexp,isactive,isbuggroup " . "FROM groups " . "ORDER BY isbuggroup, name"); while (MoreSQLData()) { - my ($groupid, $name, $desc, $regexp, $isactive, $isbuggroup) = FetchSQLData(); - print "\n"; - print "\n"; - print "\n"; - print "\n"; - print "\n"; - print "\n"; - print "\n"; + my ($id, $name, $description, $regexp, $isactive, $isbuggroup) + = FetchSQLData(); + my $group = {}; + $group->{'id'} = $id; + $group->{'name'} = $name; + $group->{'description'} = $description; + $group->{'regexp'} = $regexp; + $group->{'isactive'} = $isactive; + $group->{'isbuggroup'} = $isbuggroup; + + push(@groups, $group); } - print "\n"; - print "\n"; - print "\n"; - print "\n"; - print "
NameDescriptionUser RegExpUse For BugsTypeAction
" . html_quote($name) . "" . html_quote($desc) . "" . html_quote($regexp) . " "; - print "X" if (($isactive != 0) && ($isbuggroup != 0)); - print "    "; - print (($isbuggroup == 0 ) ? "system" : "user"); - print "  - Edit"; - print " | Delete" if ($isbuggroup != 0); - print "
Add Group
\n"; - print "

"; - print "Name is what is used with the UserInGroup() function in any -customized cgi files you write that use a given group. It can also be used by -people submitting bugs by email to limit a bug to a certain set of groups.

"; - print "Description is what will be shown in the bug reports to -members of the group where they can choose whether the bug will be restricted -to others in the same group.

"; - print "User RegExp is optional, and if filled in, will automatically -grant membership to this group to anyone with an -email address that matches this perl regular expression. Do not forget the trailing \'\$\'. Example \'\@mycompany\\.com\$\'

"; - print "The Use For Bugs flag determines whether or not the group is eligible to be used for bugs. -If you remove this flag, it will no longer be possible for users to add bugs -to this group, although bugs already in the group will remain in the group. -Doing so is a much less drastic way to stop a group from growing -than deleting the group as well as a way to maintain lists of users without cluttering the lists of groups used for bug restrictions.

"; - print "The Type field identifies system groups.

"; - - PutFooter(); + $vars->{'groups'} = \@groups; + + print Bugzilla->cgi->header(); + $template->process("admin/groups/list.html.tmpl", $vars) + || ThrowTemplateError($template->error()); + exit; } -# # # action='changeform' -> present form for altering an existing group # @@ -194,75 +121,21 @@ than deleting the group as well as a way to maintain lists of users without clut # if ($action eq 'changeform') { - PutHeader("Change Group"); - - my $gid = trim($::FORM{group} || ''); + my $gid = trim($cgi->param('group') || ''); + ThrowUserError("group_not_specified") unless ($gid); detaint_natural($gid); - unless ($gid) { - ShowError("No group specified.
" . - "Click the Back button and try again."); - PutFooter(); - exit; - } SendSQL("SELECT id, name, description, userregexp, isactive, isbuggroup - FROM groups WHERE id=$gid"); + FROM groups WHERE id = $gid"); my ($group_id, $name, $description, $rexp, $isactive, $isbuggroup) = FetchSQLData(); - print "

\n"; - print ""; - print " - "; - if ($isbuggroup == 1) { - print " - "; - } - print "
Group:"; - if ($isbuggroup == 0) { - print html_quote($name); - } else { - print " - "; - } - print "
Description:"; - if ($isbuggroup == 0) { - print html_quote($description); - } else { - print " - "; - } - print "
User Regexp:"; - print " -
Use For Bugs: - - -
-
- Users become members of this group in one of three ways: -
- - by being explicity included when the user is edited -
- - by matching the user regexp above -
- - by being a member of one of the groups included in this group - by checking the boxes - below.

\n"; - - print ""; - print ""; - print ""; - print ""; - # For each group, we use left joins to establish the existence of # a record making that group a member of this group # and the existence of a record permitting that group to bless # this one + + my @groups; SendSQL("SELECT groups.id, groups.name, groups.description," . " group_group_map.member_id IS NOT NULL," . " B.member_id IS NOT NULL" . @@ -279,47 +152,28 @@ if ($action eq 'changeform') { while (MoreSQLData()) { my ($grpid, $grpnam, $grpdesc, $grpmember, $blessmember) = FetchSQLData(); - my $grpchecked = $grpmember ? "CHECKED" : ""; - my $blesschecked = $blessmember ? "CHECKED" : ""; - print ""; - print ""; - print ""; - print ""; - print ""; - print "\n"; + + my $group = {}; + $group->{'grpid'} = $grpid; + $group->{'grpnam'} = $grpnam; + $group->{'grpdesc'} = $grpdesc; + $group->{'grpmember'} = $grpmember; + $group->{'blessmember'} = $blessmember; + push(@groups, $group); } - print "
Members of these groups can grant membership to this group
|Members of these groups are included in this group
||
"; - print ""; - print "" . html_quote($grpnam) . "" . html_quote($grpdesc) . "

"; - print "\n"; - print < - -

Conversion of groups created with Bugzilla versions 2.16 and - prior:

-


-

-

- - -
-EOF - print "\n"; - print "\n"; - print "
"; - - - - PutTrailer("back to the group list"); + $vars->{'group_id'} = $group_id; + $vars->{'name'} = $name; + $vars->{'description'} = $description; + $vars->{'rexp'} = $rexp; + $vars->{'isactive'} = $isactive; + $vars->{'isbuggroup'} = $isbuggroup; + $vars->{'groups'} = \@groups; + + print Bugzilla->cgi->header(); + $template->process("admin/groups/edit.html.tmpl", $vars) + || ThrowTemplateError($template->error()); + exit; } @@ -331,7 +185,6 @@ EOF if ($action eq 'add') { print Bugzilla->cgi->header(); - $template->process("admin/groups/create.html.tmpl", $vars) || ThrowTemplateError($template->error()); @@ -345,42 +198,32 @@ if ($action eq 'add') { # if ($action eq 'new') { - PutHeader("Adding new group"); - # Cleanups and valididy checks - my $name = trim($::FORM{name} || ''); - my $desc = trim($::FORM{desc} || ''); - my $regexp = trim($::FORM{regexp} || ''); + my $name = trim($cgi->param('name') || ''); + my $desc = trim($cgi->param('desc') || ''); + my $regexp = trim($cgi->param('regexp') || ''); # convert an undefined value in the inactive field to zero # (this occurs when the inactive checkbox is not checked # and the browser does not send the field to the server) - my $isactive = $::FORM{isactive} ? 1 : 0; + my $isactive = $cgi->param('isactive') ? 1 : 0; + + # At this point $isactive is either 0 or 1 so we can mark it safe + trick_taint($isactive); + + ThrowUserError("empty_group_name") unless $name; + ThrowUserError("empty_group_description") unless $desc; - unless ($name) { - ShowError("You must enter a name for the new group.
" . - "Please click the Back button and try again."); - PutFooter(); - exit; - } - unless ($desc) { - ShowError("You must enter a description for the new group.
" . - "Please click the Back button and try again."); - PutFooter(); - exit; - } if (TestGroup($name)) { - ShowError("The group '" . $name . "' already exists.
" . - "Please click the Back button and try again."); - PutFooter(); - exit; + ThrowUserError("group_exists", { name => $name }); } - if (!eval {qr/$regexp/}) { - ShowError("The regular expression you entered is invalid. " . - "Please click the Back button and try again."); - PutFooter(); - exit; - } + ThrowUserError("invalid_regexp") unless (eval {qr/$regexp/}); + + # We use SqlQuote and FILTER html on name, description and regexp. + # So they are safe to be detaint + trick_taint($name); + trick_taint($desc); + trick_taint($regexp); # Add the new group SendSQL("INSERT INTO groups ( " . @@ -399,7 +242,7 @@ if ($action eq 'new') { SendSQL("INSERT INTO group_group_map (member_id, grantor_id, isbless) VALUES ($admin, $gid, 1)"); # Permit all existing products to use the new group if makeproductgroups. - if ($::FORM{insertnew}) { + if ($cgi->param('insertnew')) { SendSQL("INSERT INTO group_control_map " . "(group_id, product_id, entry, membercontrol, " . "othercontrol, canedit) " . @@ -409,9 +252,10 @@ if ($action eq 'new') { "FROM products"); } RederiveRegexp($regexp, $gid); - print "OK, done.

\n"; - PutTrailer("add another group", - "back to the group list"); + + print Bugzilla->cgi->header(); + $template->process("admin/groups/created.html.tmpl", $vars) + || ThrowTemplateError($template->error()); exit; } @@ -422,96 +266,58 @@ if ($action eq 'new') { # if ($action eq 'del') { - PutHeader("Delete group"); - my $gid = trim($::FORM{group} || ''); + my $gid = trim($cgi->param('group') || ''); + ThrowUserError("group_not_specified") unless ($gid); detaint_natural($gid); - unless ($gid) { - ShowError("No group specified.
" . - "Click the Back button and try again."); - PutFooter(); - exit; - } + SendSQL("SELECT id FROM groups WHERE id=$gid"); - if (!FetchOneColumn()) { - ShowError("That group doesn't exist.
" . - "Click the Back button and try again."); - PutFooter(); - exit; - } + ThrowUserError("invalid_group_ID") unless FetchOneColumn(); + SendSQL("SELECT name,description " . "FROM groups " . - "WHERE id=$gid"); + "WHERE id = $gid"); my ($name, $desc) = FetchSQLData(); - print "\n"; - print ""; - print ""; - print ""; - print ""; - print "\n"; - print "\n"; - print "\n"; - print "\n"; - print "\n"; - print "\n"; - print "
IdNameDescription
$gid$name$desc
\n"; - - print "

\n"; - my $cantdelete = 0; + + my $hasusers = 0; SendSQL("SELECT user_id FROM user_group_map WHERE group_id = $gid AND isbless = 0"); - if (!FetchOneColumn()) {} else { - $cantdelete = 1; - print " -One or more users belong to this group. You cannot delete this group while -there are users in it.
-Show me which users. - Remove all users from -this group for me

-"; + if (FetchOneColumn()) { + $hasusers = 1; } + + my $hasbugs = 0; + my $buglist = ""; SendSQL("SELECT bug_id FROM bug_group_map WHERE group_id = $gid"); - my $buglist=""; + if (MoreSQLData()) { - $cantdelete = 1; + $hasbugs = 1; my $buglist = "0"; + while (MoreSQLData()) { my ($bug) = FetchSQLData(); $buglist .= "," . $bug; } - print " -One or more bug reports are visible only to this group. -You cannot delete this group while any bugs are using it.
-Show me which bugs. - -Remove all bugs from this group -restriction for me
-NOTE: It's quite possible to make confidential bugs public by checking -this box. It is strongly suggested that you review the bugs in this -group before checking the box.

-"; } + + my $hasproduct = 0; SendSQL("SELECT name FROM products WHERE name=" . SqlQuote($name)); if (MoreSQLData()) { - $cantdelete = 1; - print " -This group is tied to the $name product. -You cannot delete this group while it is tied to a product.
-Delete this group anyway, and make the -$name product publicly visible.
-"; + $hasproduct = 1; } - print "

Confirmation

\n"; - print "

Do you really want to delete this group?\n"; - if ($cantdelete) { - print "
You must check all of the above boxes or correct the " . - "indicated problems first before you can proceed."; - } - print "

\n"; - print "\n"; - print "\n"; - print "

"; + $vars->{'gid'} = $gid; + $vars->{'name'} = $name; + $vars->{'description'} = $desc; + $vars->{'hasusers'} = $hasusers; + $vars->{'hasbugs'} = $hasbugs; + $vars->{'hasproduct'} = $hasproduct; + $vars->{'buglist'} = $buglist; - PutTrailer("No, go back to the group list"); + print Bugzilla->cgi->header(); + $template->process("admin/groups/delete.html.tmpl", $vars) + || ThrowTemplateError($template->error()); + exit; } @@ -520,18 +326,11 @@ You cannot delete this group while it is tied to a product.
# if ($action eq 'delete') { - PutHeader("Deleting group"); - my $gid = trim($::FORM{group} || ''); + my $gid = trim($cgi->param('group') || ''); + ThrowUserError("group_not_specified") unless ($gid); detaint_natural($gid); - unless ($gid) { - ShowError("No group specified.
" . - "Click the Back button and try again."); - PutFooter(); - exit; - } - SendSQL("SELECT name " . - "FROM groups " . - "WHERE id = $gid"); + + SendSQL("SELECT name FROM groups WHERE id = $gid"); my ($name) = FetchSQLData(); my $cantdelete = 0; @@ -539,43 +338,39 @@ if ($action eq 'delete') { SendSQL("SELECT user_id FROM user_group_map WHERE group_id = $gid AND isbless = 0"); if (FetchOneColumn()) { - if (!defined $::FORM{'removeusers'}) { - $cantdelete = 1; - } + if (!defined $cgi->param('removeusers')) { + $cantdelete = 1; + } } SendSQL("SELECT bug_id FROM bug_group_map WHERE group_id = $gid"); if (FetchOneColumn()) { - if (!defined $::FORM{'removebugs'}) { - $cantdelete = 1; - } + if (!defined $cgi->param('removebugs')) { + $cantdelete = 1; + } } SendSQL("SELECT name FROM products WHERE name=" . SqlQuote($name)); if (FetchOneColumn()) { - if (!defined $::FORM{'unbind'}) { - $cantdelete = 1; - } + if (!defined $cgi->param('unbind')) { + $cantdelete = 1; + } } - if ($cantdelete == 1) { - ShowError("This group cannot be deleted because there are " . - "records in the database which refer to it. All such records " . - "must be removed or altered to remove the reference to this " . - "group before the group can be deleted."); - print "" . - "View the list of which records are affected.
"; - PutTrailer("back to the group list"); - exit; + if (!$cantdelete) { + SendSQL("DELETE FROM user_group_map WHERE group_id = $gid"); + SendSQL("DELETE FROM group_group_map WHERE grantor_id = $gid"); + SendSQL("DELETE FROM bug_group_map WHERE group_id = $gid"); + SendSQL("DELETE FROM group_control_map WHERE group_id = $gid"); + SendSQL("DELETE FROM groups WHERE id = $gid"); } - SendSQL("DELETE FROM user_group_map WHERE group_id = $gid"); - SendSQL("DELETE FROM group_group_map WHERE grantor_id = $gid"); - SendSQL("DELETE FROM bug_group_map WHERE group_id = $gid"); - SendSQL("DELETE FROM group_control_map WHERE group_id = $gid"); - SendSQL("DELETE FROM groups WHERE id = $gid"); - print "Group $gid has been deleted.
"; + $vars->{'gid'} = $gid; + $vars->{'name'} = $name; + $vars->{'cantdelete'} = $cantdelete; + print Bugzilla->cgi->header(); + $template->process("admin/groups/deleted.html.tmpl", $vars) + || ThrowTemplateError($template->error()); - PutTrailer("back to the group list"); exit; } @@ -584,64 +379,48 @@ if ($action eq 'delete') { # if ($action eq 'postchanges') { - # ZLL: Bug 181589: we need to have something to remove explictly listed users from # groups in order for the conversion to 2.18 groups to work - if ($::FORM{remove_explicit_members}) { - PutHeader("Confirm: Remove All Explicit Members?"); - my ($gid, $chgs) = doGroupChanges(); - print "

\n"; - if ($chgs) { - print "Group updated, please confirm removal:

\n"; - } - confirmRemove(0,$gid); - PutFooter(); - exit; - } elsif ($::FORM{remove_explicit_members_regexp}) { - PutHeader("Confirm: Remove Explicit Members in the Regular Expression?"); - my ($gid, $chgs, $rexp) = doGroupChanges(); - print "

\n"; - if ($chgs) { - print "Group updated, please confirm removal:

\n"; - } - confirmRemove(1, $gid, $rexp); - PutFooter(); - exit; + my $action; + + if ($cgi->param('remove_explicit_members')) { + $action = 1; + } elsif ($cgi->param('remove_explicit_members_regexp')) { + $action = 2; + } else { + $action = 3; } - # if we got this far, the admin doesn't want to convert, so just save their changes - - PutHeader("Updating group hierarchy"); my ($gid, $chgs) = doGroupChanges(); - if (!$chgs) { - print "You didn't change anything!
\n"; - print "If you really meant it, hit the Back button and try again.

\n"; - } else { - print "Done.

\n"; + $vars->{'action'} = $action; + $vars->{'changes'} = $chgs; + $vars->{'gid'} = $gid; + $vars->{'name'} = $cgi->param('name'); + if ($action == 2) { + $vars->{'regexp'} = $cgi->param("rexp"); } - PutTrailer("back to the group list"); + + print Bugzilla->cgi->header(); + $template->process("admin/groups/change.html.tmpl", $vars) + || ThrowTemplateError($template->error()); exit; } if (($action eq 'remove_all_regexp') || ($action eq 'remove_all')) { - # remove all explicit users from the group with gid $::FORM{group} - # that match the regexp stored in the db for that group + # remove all explicit users from the group with gid $cgi->param('group') + # that match the regexp stored in the DB for that group # or all of them period - my $dbh = Bugzilla->dbh; - my $gid = $::FORM{group}; + + my $gid = $cgi->param('group'); + ThrowUserError("group_not_specified") unless ($gid); detaint_natural($gid); + + my $dbh = Bugzilla->dbh; my $sth = $dbh->prepare("SELECT name, userregexp FROM groups WHERE id = ?"); $sth->execute($gid); my ($name, $regexp) = $sth->fetchrow_array(); - if ($action eq 'remove_all_regexp') { - PutHeader("Removing All Explicit Group Memberships Matching " - . "Group RegExp from \'" . html_quote($name) . "\'"); - } else { - PutHeader("Removing All Explicit Group Memberships from \'" - . html_quote($name) . "\'"); - } $dbh->do("LOCK TABLES groups WRITE, profiles READ, @@ -653,157 +432,115 @@ if (($action eq 'remove_all_regexp') || ($action eq 'remove_all')) { AND grant_type = ? AND isbless = 0"); $sth->execute($gid, GRANT_DIRECT); + + my @users; my $sth2 = $dbh->prepare("DELETE FROM user_group_map WHERE user_id = ? AND isbless = 0 AND group_id = ?"); - if ($action eq 'remove_all_regexp') { - print "
Removing explicit memberships of users matching \'" - . html_quote($regexp) . "\'...
\n"; - } else { - print "
Removing explicit membership
\n"; - } while ( my ($userid, $userlogin) = $sth->fetchrow_array() ) { if ((($regexp =~ /\S/) && ($userlogin =~ m/$regexp/i)) || ($action eq 'remove_all')) { $sth2->execute($userid,$gid); - print html_quote($userlogin) . " removed
\n"; + + my $user = {}; + $user->{'login'} = $userlogin; + push(@users, $user); } } - print "
Done
"; $sth = $dbh->prepare("UPDATE groups SET last_changed = NOW() WHERE id = ?"); $sth->execute($gid); $dbh->do("UNLOCK TABLES"); - PutTrailer("back to the group list"); - exit; -} + $vars->{'users'} = \@users; + $vars->{'name'} = $name; + $vars->{'regexp'} = $regexp; + $vars->{'remove_all'} = ($action eq 'remove_all'); + $vars->{'gid'} = $gid; + + print Bugzilla->cgi->header(); + $template->process("admin/groups/remove.html.tmpl", $vars) + || ThrowTemplateError($template->error()); + exit; +} # # No valid action found # -PutHeader("Error"); -print "I don't have a clue what you want.
\n"; +ThrowCodeError("action_unrecognized", $vars); -PutTrailer("Try the group list"); - -# confirm if the user wants to remove the explicit users -sub confirmRemove { - my ($remove_regexp_only, $group, $regexp) = @_; - - if (!$remove_regexp_only) { - print "This option will remove "; - print "all explicitly defined users "; - } elsif ($regexp =~ /\S/) { - print "This option will remove "; - print "all users included in the regular expression: " . - html_quote($regexp) . " "; - } else { - print "There is no regular expression defined.\n"; - print "No users will be removed

\n"; - print "return to the Edit Groups page\n"; - return; - } - print "from group $::FORM{name}.

\n"; - print "Generally, you will only need to do this when upgrading groups "; - print "created with Bugzilla versions 2.16 and prior. Use this option "; - print "with extreme care and consult the Bugzilla Guide for "; - print "further information.

\n"; - - print "

\n"; - print "\n"; - - if ($remove_regexp_only) { - print "\n"; - } else { - print "\n"; - } - - print "\n"; - print "

Or return to the Edit Groups page\n"; - print "

"; -} # Helper sub to handle the making of changes to a group sub doGroupChanges { - my $gid = trim($::FORM{group} || ''); + my $cgi = Bugzilla->cgi; + + my $gid = trim($cgi->param('group') || ''); + ThrowUserError("group_not_specified") unless ($gid); detaint_natural($gid); - unless ($gid) { - ShowError("No group specified.
" . - "Click the Back button and try again."); - PutFooter(); - exit; - } + SendSQL("SELECT isbuggroup FROM groups WHERE id = $gid"); my ($isbuggroup) = FetchSQLData(); my $chgs = 0; - if (($isbuggroup == 1) && ($::FORM{"oldname"} ne $::FORM{"name"})) { + + if (($isbuggroup == 1) && ($cgi->param('oldname') ne $cgi->param("name"))) { $chgs = 1; SendSQL("UPDATE groups SET name = " . - SqlQuote($::FORM{"name"}) . " WHERE id = $gid"); + SqlQuote($cgi->param("name")) . " WHERE id = $gid"); } - if (($isbuggroup == 1) && ($::FORM{"olddesc"} ne $::FORM{"desc"})) { + if (($isbuggroup == 1) && ($cgi->param('olddesc') ne $cgi->param("desc"))) { $chgs = 1; SendSQL("UPDATE groups SET description = " . - SqlQuote($::FORM{"desc"}) . " WHERE id = $gid"); + SqlQuote($cgi->param("desc")) . " WHERE id = $gid"); } - if ($::FORM{"oldrexp"} ne $::FORM{"rexp"}) { + if ($cgi->param("oldrexp") ne $cgi->param("rexp")) { $chgs = 1; - if (!eval {qr/$::FORM{"rexp"}/}) { - ShowError("The regular expression you entered is invalid. " . - "Please click the Back button and try again."); - PutFooter(); - exit; - } + + my $rexp = $cgi->param('rexp'); + ThrowUserError("invalid_regexp") unless (eval {qr/$rexp/}); + SendSQL("UPDATE groups SET userregexp = " . - SqlQuote($::FORM{"rexp"}) . " WHERE id = $gid"); + SqlQuote($rexp) . " WHERE id = $gid"); RederiveRegexp($::FORM{"rexp"}, $gid); } - if (($isbuggroup == 1) && ($::FORM{"oldisactive"} ne $::FORM{"isactive"})) { + if (($isbuggroup == 1) && ($cgi->param("oldisactive") ne $cgi->param("isactive"))) { $chgs = 1; SendSQL("UPDATE groups SET isactive = " . - SqlQuote($::FORM{"isactive"}) . " WHERE id = $gid"); + SqlQuote($cgi->param("isactive")) . " WHERE id = $gid"); } - - print "Checking...."; - foreach my $b (grep(/^oldgrp-\d*$/, keys %::FORM)) { - if (defined($::FORM{$b})) { - my $v = substr($b, 7); - my $grp = $::FORM{"grp-$v"} || 0; - if ($::FORM{"oldgrp-$v"} != $grp) { + + foreach my $b (grep {/^oldgrp-\d*$/} $cgi->param()) { + if (defined($cgi->param($b))) { + $b =~ /^oldgrp-(\d+)$/; + my $v = $1; + my $grp = $cgi->param("grp-$v") || 0; + if ($cgi->param("oldgrp-$v") != $grp) { $chgs = 1; - print "changed"; if ($grp != 0) { - print " set "; SendSQL("INSERT INTO group_group_map (member_id, grantor_id, isbless) VALUES ($v, $gid, 0)"); } else { - print " cleared "; SendSQL("DELETE FROM group_group_map WHERE member_id = $v AND grantor_id = $gid AND isbless = 0"); } } - my $bless = $::FORM{"bless-$v"} || 0; - if ($::FORM{"oldbless-$v"} != $bless) { + my $bless = $cgi->param("bless-$v") || 0; + if ($cgi->param("oldbless-$v") != $bless) { $chgs = 1; - print "changed"; if ($bless != 0) { - print " set "; SendSQL("INSERT INTO group_group_map (member_id, grantor_id, isbless) VALUES ($v, $gid, 1)"); } else { - print " cleared "; SendSQL("DELETE FROM group_group_map WHERE member_id = $v AND grantor_id = $gid AND isbless = 1"); @@ -817,5 +554,5 @@ sub doGroupChanges { # mark the changes SendSQL("UPDATE groups SET last_changed = NOW() WHERE id = $gid"); } - return $gid, $chgs, $::FORM{"rexp"}; + return $gid, $chgs; } -- cgit v1.2.3-24-g4f1b