From a48e37063734dd5748433a0dd8a9c8e2b32e41c0 Mon Sep 17 00:00:00 2001 From: "dmose%mozilla.org" <> Date: Wed, 29 Mar 2000 05:30:23 +0000 Subject: allow users to watch the bugs of other users --- process_bug.cgi | 67 +++++++++++++++++++++++++++++---------------------------- 1 file changed, 34 insertions(+), 33 deletions(-) (limited to 'process_bug.cgi') diff --git a/process_bug.cgi b/process_bug.cgi index 4559af8b3..913ff8f18 100755 --- a/process_bug.cgi +++ b/process_bug.cgi @@ -28,6 +28,7 @@ my $UserInEditGroupSet = -1; my $UserInCanConfirmGroupSet = -1; require "CGI.pl"; +use RelationSet; # Shut up misguided -w warnings about "used only once": @@ -373,24 +374,21 @@ if (defined $::FORM{'qa_contact'}) { ConnectToDatabase(); -my %ccids; -my $origcclist = ""; +my $formCcSet = new RelationSet; +my $origCcSet = new RelationSet; +my $origCcString; # We make sure to check out the CC list before we actually start touching any -# bugs. +# bugs. mergeFromString() ultimately searches the database using a quoted +# form of the data it gets from $::FORM{'cc'}, so anything bogus from a +# security standpoint should trigger an abort there. +# if (defined $::FORM{'cc'} && defined $::FORM{'id'}) { - $origcclist = ShowCcList($::FORM{'id'}); - if ($origcclist ne $::FORM{'cc'}) { - foreach my $person (split(/[ ,]/, $::FORM{'cc'})) { - if ($person ne "") { - my $cid = DBNameToIdAndCheck($person); - $ccids{$cid} = 1; - } - } - } + $origCcSet->mergeFromDB("select who from cc where bug_id = $::FORM{'id'}"); + $origCcString = $origCcSet->toString(); # cache a copy of the string vers + $formCcSet->mergeFromString($::FORM{'cc'}); } - if ( Param('strictvaluechecks') ) { CheckFormFieldDefined(\%::FORM, 'knob'); } @@ -759,22 +757,25 @@ The changes made were: AppendComment($id, $::FORM{'who'}, $::FORM{'comment'}); } - if (defined $::FORM{'cc'} && $origcclist ne $::FORM{'cc'}) { - SendSQL("delete from cc where bug_id = $id"); - foreach my $ccid (keys %ccids) { - SendSQL("insert into cc (bug_id, who) values ($id, $ccid)"); - } - my $newcclist = ShowCcList($id); - if ($newcclist ne $origcclist) { - my $col = GetFieldID('cc'); - my $origq = SqlQuote($origcclist); - my $newq = SqlQuote($newcclist); - SendSQL("INSERT INTO bugs_activity " . - "(bug_id,who,bug_when,fieldid,oldvalue,newvalue) VALUES " . - "($id,$whoid,'$timestamp',$col,$origq,$newq)"); - } - } - + if (defined $::FORM{'cc'} && defined $::FORM{'id'} + && ! $origCcSet->isEqual($formCcSet) ) { + + # update the database to look like the form + # + my @CCDELTAS = $origCcSet->generateSqlDeltas($formCcSet, "cc", + "bug_id", $::FORM{'id'}, + "who"); + $CCDELTAS[0] eq "" || SendSQL($CCDELTAS[0]); + $CCDELTAS[1] eq "" || SendSQL($CCDELTAS[1]); + + my $col = GetFieldID('cc'); + my $origq = SqlQuote($origCcString); + my $newq = SqlQuote($::FORM{'cc'}); + SendSQL("INSERT INTO bugs_activity " . + "(bug_id,who,bug_when,fieldid,oldvalue,newvalue) VALUES " . + "($id,$whoid,'$timestamp',$col,$origq,$newq)"); + } + if (defined $::FORM{'dependson'}) { my $me = "blocked"; @@ -850,9 +851,9 @@ The changes made were: if ($col eq 'assigned_to' || $col eq 'qa_contact') { $old = DBID_to_name($old) if $old != 0; $new = DBID_to_name($new) if $new != 0; - $origcclist .= ",$old"; # make sure to send mail to people - # if they are going to no longer get - # updates about this bug. + $origCcString .= ",$old"; # make sure to send mail to people + # if they are going to no longer get + # updates about this bug. } if ($col eq 'product') { RemoveVotes($id, 0, @@ -869,7 +870,7 @@ The changes made were: print "

Changes to bug $id submitted

\n"; SendSQL("unlock tables"); - system("./processmail", "-forcecc", $origcclist, $id, $::FORM{'who'}); + system("./processmail", "-forcecc", $origCcString, $id, $::FORM{'who'}); print "		Back To BUG# $id
\n"; foreach my $k (keys(%dependencychanged)) { -- cgit v1.2.3-24-g4f1b