Bug 292718: LOCATE is not ANSI SQL (prevents user account creation)

Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=joel, a=justdave

Bug 292718: LOCATE is not ANSI SQL (prevents user account creation)
ca07b6eb · mkanat%kerio.com · 3dabf17d · ca07b6eb
Commit ca07b6eb authored May 21, 2005 by mkanat%kerio.com
Show whitespace changes
Inline Side-by-side

Showing with 8 additions and 5 deletions

User.pm Bugzilla/User.pm +8 -5

No files found.
--- a/Bugzilla/User.pm
+++ b/Bugzilla/User.pm
@@ -1091,8 +1091,9 @@ sub insert_new_user ($$;$$) {
    # Insert the new user record into the database.
    $dbh->do("INSERT INTO profiles 
-                          (login_name, realname, cryptpassword, disabledtext) 
+                          (login_name, realname, cryptpassword, disabledtext,
-                   VALUES (?, ?, ?, ?)",
+                           refreshed_when) 
+                   VALUES (?, ?, ?, ?, '1901-01-01 00:00:00')",
             undef, 
             ($username, $realname, $cryptpassword, $disabledtext));
@@ -1133,12 +1134,14 @@ sub is_available_username ($;$) {
    #
    # substring/locate stuff: bug 165221; this used to use regexes, but that
    # was unsafe and required weird escaping; using substring to pull out
-    # the new/old email addresses and locate() to find the delimeter (':')
+    # the new/old email addresses and sql_position() to find the delimiter (':')
    # is cleaner/safer
    my $sth = $dbh->prepare(
        "SELECT eventdata FROM tokens WHERE tokentype = 'emailold'
-        AND SUBSTRING(eventdata, 1, (LOCATE(':', eventdata) - 1)) = ?
+        AND SUBSTRING(eventdata, 1, (" 
-        OR SUBSTRING(eventdata, (LOCATE(':', eventdata) + 1)) = ?");
+        . $dbh->sql_position(q{':'}, 'eventdata') . "-  1)) = ?
+        OR SUBSTRING(eventdata, (" 
+        . $dbh->sql_position(q{':'}, 'eventdata') . "+ 1)) = ?");
    $sth->execute($username, $username);
    if (my ($eventdata) = $sth->fetchrow_array()) {