From a666b2a74f565a5ebb38f0ce0b400d04b1ea7ca4 Mon Sep 17 00:00:00 2001
From: Gervase Markham <gerv@gerv.net>
Date: Fri, 4 Sep 2015 10:56:00 +0100
Subject: Make editusers.cgi list users properly when is_enabled is not
 defined. r=LpSolit, a=simon

---
 editusers.cgi | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'editusers.cgi')

diff --git a/editusers.cgi b/editusers.cgi
index a38195a4b..37665b12d 100755
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -70,7 +70,8 @@ if ($action eq 'search') {
     my $matchstr      = trim($cgi->param('matchstr'));
     my $matchtype     = $cgi->param('matchtype');
     my $grouprestrict = $cgi->param('grouprestrict') || '0';
-    my $is_enabled    = scalar $cgi->param('is_enabled');
+    # 0 = disabled only, 1 = enabled only, 2 = everyone
+    my $is_enabled    = $cgi->param('is_enabled') // 2;
     my $query = 'SELECT DISTINCT userid, login_name, realname, is_enabled, ' .
                 $dbh->sql_date_format('last_seen_date', '%Y-%m-%d') . ' AS last_seen_date ' .
                 'FROM profiles';
@@ -163,11 +164,12 @@ if ($action eq 'search') {
         }
 
         detaint_natural($is_enabled);
-        if ($is_enabled == 0 || $is_enabled == 1) {
+        if ($is_enabled && ($is_enabled == 0 || $is_enabled == 1)) {
             $query .= " $nextCondition profiles.is_enabled = ?";
             $nextCondition = 'AND';
             push(@bindValues, $is_enabled);
         }
+
         $query .= ' ORDER BY profiles.login_name';
 
         $vars->{'users'} = $dbh->selectall_arrayref($query,
-- 
cgit v1.2.3-24-g4f1b