From 323763170be72166fd3b0e97f302d0966f9a7b8f Mon Sep 17 00:00:00 2001
From: "cyeh%bluemartini.com" <>
Date: Fri, 1 Sep 2000 05:56:21 +0000
Subject: fix for 45583: all users get added to a group if userregexp is null
 in editproducts.cgi patch by jmrobins@tgix.com

---
 editproducts.cgi | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

(limited to 'editproducts.cgi')

diff --git a/editproducts.cgi b/editproducts.cgi
index bb42c89f9..f5486f37b 100755
--- a/editproducts.cgi
+++ b/editproducts.cgi
@@ -378,18 +378,18 @@ if ($action eq 'new') {
         # one by one if they match.  Furthermore, I need to do it with two
         # separate loops, since opening a new SQL statement to do the update
         # seems to clobber the previous one.
-        SendSQL("SELECT login_name FROM profiles");
-        my @login_list = ();
-        my $this_login;
-        while($this_login = FetchOneColumn()) {
-            push @login_list, $this_login;
-        }
-        foreach $this_login (@login_list) {
-            if($this_login =~ /$userregexp/i) {
-                SendSQL("UPDATE profiles " .
-                        "SET groupset = groupset | " . $bit . " " .
-                        "WHERE login_name = " . SqlQuote($this_login));
-            }
+
+        # Modified, 7/17/00, Joe Robins
+        # If the userregexp is left empty, then no users should be added to
+        # the bug group.  As is, it was adding all users, since they all
+        # matched the empty pattern.
+        # In addition, I've replaced the rigamarole I was going through to
+        # find matching users with a much simpler statement that lets the
+        # mySQL database do the work.
+        unless($userregexp eq "") {
+            SendSQL("UPDATE profiles ".
+                    "SET groupset = groupset | " . $bit . " " .
+                    "WHERE LOWER(login_name) REGEXP LOWER(" . SqlQuote($userregexp) . ")");
         }
     }
 
-- 
cgit v1.2.3-24-g4f1b