From 36e61c478bec0b298cbce1698eb1ccaaa8f79c12 Mon Sep 17 00:00:00 2001 From: "jocuri%softhome.net" <> Date: Sun, 7 Mar 2004 08:35:54 +0000 Subject: Patch for bug 235278: eliminate %::FORM from userprefs.cgi; r=kiko, a=justdave. --- userprefs.cgi | 48 ++++++++++++++++++++++++++---------------------- 1 file changed, 26 insertions(+), 22 deletions(-) (limited to 'userprefs.cgi') diff --git a/userprefs.cgi b/userprefs.cgi index 9a1a93717..3b320fa74 100755 --- a/userprefs.cgi +++ b/userprefs.cgi @@ -19,6 +19,7 @@ # David Miller # Christopher Aillon # Gervase Markham +# Vlad Dascalu use strict; @@ -78,18 +79,20 @@ sub DoAccount { } sub SaveAccount { - my $pwd1 = $::FORM{'new_password1'}; - my $pwd2 = $::FORM{'new_password2'}; + my $cgi = Bugzilla->cgi; - if ($::FORM{'Bugzilla_password'} ne "" || + my $pwd1 = $cgi->param('new_password1'); + my $pwd2 = $cgi->param('new_password2'); + + if ($cgi->param('Bugzilla_password') ne "" || $pwd1 ne "" || $pwd2 ne "") { - my $old = SqlQuote($::FORM{'Bugzilla_password'}); + my $old = SqlQuote($cgi->param('Bugzilla_password')); SendSQL("SELECT cryptpassword FROM profiles WHERE userid = $userid"); my $oldcryptedpwd = FetchOneColumn(); $oldcryptedpwd || ThrowCodeError("unable_to_retrieve_password"); - if (crypt($::FORM{'Bugzilla_password'}, $oldcryptedpwd) ne + if (crypt($cgi->param('Bugzilla_password'), $oldcryptedpwd) ne $oldcryptedpwd) { ThrowUserError("old_password_incorrect"); @@ -97,7 +100,8 @@ sub SaveAccount { if ($pwd1 ne "" || $pwd2 ne "") { - $::FORM{'new_password1'} || ThrowUserError("new_password_missing"); + $cgi->param('new_password1') + || ThrowUserError("new_password_missing"); ValidatePassword($pwd1, $pwd2); my $cryptedpassword = SqlQuote(Crypt($pwd1)); @@ -105,16 +109,16 @@ sub SaveAccount { SET cryptpassword = $cryptedpassword WHERE userid = $userid"); # Invalidate all logins except for the current one - InvalidateLogins($userid, $::COOKIE{"Bugzilla_logincookie"}); + InvalidateLogins($userid, $cgi->cookie("Bugzilla_logincookie")); } } - if(Param("allowemailchange") && $::FORM{'new_login_name'}) { - my $old_login_name = $::FORM{'Bugzilla_login'}; - my $new_login_name = trim($::FORM{'new_login_name'}); + if(Param("allowemailchange") && $cgi->param('new_login_name')) { + my $old_login_name = $cgi->param('Bugzilla_login'); + my $new_login_name = trim($cgi->param('new_login_name')); if($old_login_name ne $new_login_name) { - $::FORM{'Bugzilla_password'} + $cgi->param('Bugzilla_password') || ThrowCodeError("old_password_required"); use Token; @@ -137,7 +141,7 @@ sub SaveAccount { } SendSQL("UPDATE profiles SET " . - "realname = " . SqlQuote(trim($::FORM{'realname'})) . + "realname = " . SqlQuote(trim($cgi->param('realname'))) . " WHERE userid = $userid"); } @@ -207,15 +211,16 @@ sub DoEmail { # Note: we no longer store "off" values in the database. sub SaveEmail { my $updateString = ""; + my $cgi = Bugzilla->cgi; - if (defined $::FORM{'ExcludeSelf'}) { + if (defined $cgi->param('ExcludeSelf')) { $updateString .= 'ExcludeSelf~on'; } else { $updateString .= 'ExcludeSelf~'; } foreach my $flag (qw(FlagRequestee FlagRequester)) { - $updateString .= "~$flag~" . (defined($::FORM{$flag}) ? "on" : ""); + $updateString .= "~$flag~" . (defined $cgi->param($flag) ? "on" : ""); } foreach my $role (@roles) { @@ -226,14 +231,14 @@ sub SaveEmail { # If the form field for this preference is defined, then we # know the checkbox was checked, so set the value to "on". - $updateString .= "on" if defined $::FORM{"email$role$reason"}; + $updateString .= "on" if defined $cgi->param("email$role$reason"); } } SendSQL("UPDATE profiles SET emailflags = " . SqlQuote($updateString) . " WHERE userid = $userid"); - if (Param("supportwatchers") && exists $::FORM{'watchedusers'}) { + if (Param("supportwatchers") && defined $cgi->param('watchedusers')) { # Just in case. Note that this much locking is actually overkill: # we don't really care if anyone reads the watch table. So # some small amount of contention could be gotten rid of by @@ -246,7 +251,7 @@ sub SaveEmail { " watcher=$userid"); # Update the database to look like the form - my $newWatchedUsers = new RelationSet($::FORM{'watchedusers'}); + my $newWatchedUsers = new RelationSet($cgi->param('watchedusers')); my @CCDELTAS = $origWatchedUsers->generateSqlDeltas( $newWatchedUsers, "watch", @@ -300,10 +305,9 @@ GetVersionTable(); my $cgi = Bugzilla->cgi; -$vars->{'login'} = $::COOKIE{'Bugzilla_login'}; -$vars->{'changes_saved'} = $::FORM{'dosave'}; +$vars->{'changes_saved'} = $cgi->param('dosave'); -my $current_tab_name = $::FORM{'tab'} || "account"; +my $current_tab_name = $cgi->param('tab') || "account"; # The SWITCH below makes sure that this is valid trick_taint($current_tab_name); @@ -313,12 +317,12 @@ $vars->{'current_tab_name'} = $current_tab_name; # Do any saving, and then display the current tab. SWITCH: for ($current_tab_name) { /^account$/ && do { - SaveAccount() if $::FORM{'dosave'}; + SaveAccount() if $cgi->param('dosave'); DoAccount(); last SWITCH; }; /^email$/ && do { - SaveEmail() if $::FORM{'dosave'}; + SaveEmail() if $cgi->param('dosave'); DoEmail(); last SWITCH; }; -- cgit v1.2.3-24-g4f1b