Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
bugzilla
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Ivan Ivlev
bugzilla
Commits
11a6e0fe
Commit
11a6e0fe
authored
Apr 16, 2005
by
lpsolit%gmail.com
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Bug 285153: editusers.cgi cleanliness re-do - Patch by Marc Schumann…
Bug 285153: editusers.cgi cleanliness re-do - Patch by Marc Schumann <wurblzap@gmail.com> r=LpSolit a=justdave
parent
666d1f4b
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
24 additions
and
10 deletions
+24
-10
editusers.cgi
editusers.cgi
+24
-10
No files found.
editusers.cgi
View file @
11a6e0fe
...
@@ -81,24 +81,33 @@ if ($action eq 'search') {
...
@@ -81,24 +81,33 @@ if ($action eq 'search') {
'FROM profiles'
;
'FROM profiles'
;
my
@bindValues
;
my
@bindValues
;
my
$nextCondition
;
my
$nextCondition
;
my
$visibleGroups
;
if
(
Param
(
'usevisibilitygroups'
))
{
if
(
Param
(
'usevisibilitygroups'
))
{
# Show only users in visible groups.
# Show only users in visible groups.
my
$visibleGroups
=
visibleGroupsAsString
();
$visibleGroups
=
visibleGroupsAsString
();
if
(
$visibleGroups
)
{
$query
.=
qq{, user_group_map AS ugm
$query
.=
qq{, user_group_map AS ugm
WHERE ugm.user_id = profiles.userid
WHERE ugm.user_id = profiles.userid
AND ugm.isbless = 0
AND ugm.isbless = 0
AND ugm.group_id IN ($visibleGroups)
AND ugm.group_id IN ($visibleGroups)
}
;
}
;
$nextCondition
=
'AND'
;
$nextCondition
=
'AND'
;
}
}
else
{
}
else
{
$visibleGroups
=
1
;
if
(
$grouprestrict
eq
'1'
)
{
if
(
$grouprestrict
eq
'1'
)
{
$query
.=
', user_group_map AS ugm'
;
$query
.=
', user_group_map AS ugm'
;
}
}
$nextCondition
=
'WHERE'
;
$nextCondition
=
'WHERE'
;
}
}
# Selection by user name.
if
(
!
$visibleGroups
)
{
$vars
->
{
'users'
}
=
{};
}
else
{
# Handle selection by user name.
if
(
defined
(
$matchtype
))
{
if
(
defined
(
$matchtype
))
{
$query
.=
" $nextCondition profiles.login_name "
;
$query
.=
" $nextCondition profiles.login_name "
;
if
(
$matchtype
eq
'regexp'
)
{
if
(
$matchtype
eq
'regexp'
)
{
...
@@ -112,18 +121,18 @@ if ($action eq 'search') {
...
@@ -112,18 +121,18 @@ if ($action eq 'search') {
$matchstr
=
"%$matchstr%"
;
$matchstr
=
"%$matchstr%"
;
}
}
$nextCondition
=
'AND'
;
$nextCondition
=
'AND'
;
# We can trick_taint because we use the value in a SELECT only, using
# We can trick_taint because we use the value in a SELECT only,
#
a placeholder.
# using
a placeholder.
trick_taint
(
$matchstr
);
trick_taint
(
$matchstr
);
push
(
@bindValues
,
$matchstr
);
push
(
@bindValues
,
$matchstr
);
}
}
# S
election by group.
# Handle s
election by group.
if
(
$grouprestrict
eq
'1'
)
{
if
(
$grouprestrict
eq
'1'
)
{
$query
.=
" $nextCondition profiles.userid = ugm.user_id "
.
$query
.=
" $nextCondition profiles.userid = ugm.user_id "
.
'AND ugm.group_id = ?'
;
'AND ugm.group_id = ?'
;
# We can trick_taint because we use the value in a SELECT only, using
# We can trick_taint because we use the value in a SELECT only,
#
a placeholder.
# using
a placeholder.
trick_taint
(
$groupid
);
trick_taint
(
$groupid
);
push
(
@bindValues
,
$groupid
);
push
(
@bindValues
,
$groupid
);
}
}
...
@@ -132,6 +141,8 @@ if ($action eq 'search') {
...
@@ -132,6 +141,8 @@ if ($action eq 'search') {
$vars
->
{
'users'
}
=
$dbh
->
selectall_arrayref
(
$query
,
$vars
->
{
'users'
}
=
$dbh
->
selectall_arrayref
(
$query
,
{
'Slice'
=>
{}},
{
'Slice'
=>
{}},
@bindValues
);
@bindValues
);
}
$template
->
process
(
'admin/users/list.html.tmpl'
,
$vars
)
$template
->
process
(
'admin/users/list.html.tmpl'
,
$vars
)
||
ThrowTemplateError
(
$template
->
error
());
||
ThrowTemplateError
(
$template
->
error
());
...
@@ -591,7 +602,7 @@ sub mirrorListSelectionValues {
...
@@ -591,7 +602,7 @@ sub mirrorListSelectionValues {
# Give a list of IDs of groups the user can see.
# Give a list of IDs of groups the user can see.
sub
visibleGroupsAsString
{
sub
visibleGroupsAsString
{
return
join
(
', '
,
-
1
,
@
{
$user
->
visible_groups_direct
()});
return
join
(
', '
,
@
{
$user
->
visible_groups_direct
()});
}
}
# Give a list of IDs of groups the user may bless.
# Give a list of IDs of groups the user may bless.
...
@@ -623,7 +634,8 @@ sub groupsUserMayBless {
...
@@ -623,7 +634,8 @@ sub groupsUserMayBless {
# If visibilitygroups are used, restrict the set of groups.
# If visibilitygroups are used, restrict the set of groups.
if
(
Param
(
'usevisibilitygroups'
))
{
if
(
Param
(
'usevisibilitygroups'
))
{
my
$visibleGroups
=
visibleGroupsAsString
();
# Users need to see a group in order to bless it.
my
$visibleGroups
=
visibleGroupsAsString
()
||
return
{};
$query
.=
" $connector id in ($visibleGroups)"
;
$query
.=
" $connector id in ($visibleGroups)"
;
}
}
...
@@ -638,7 +650,9 @@ sub canSeeUser {
...
@@ -638,7 +650,9 @@ sub canSeeUser {
my
$query
;
my
$query
;
if
(
Param
(
'usevisibilitygroups'
))
{
if
(
Param
(
'usevisibilitygroups'
))
{
my
$visibleGroups
=
visibleGroupsAsString
();
# If the user can see no groups, then no users are visible either.
my
$visibleGroups
=
visibleGroupsAsString
()
||
return
0
;
$query
=
qq{SELECT COUNT(DISTINCT userid)
$query
=
qq{SELECT COUNT(DISTINCT userid)
FROM profiles, user_group_map
FROM profiles, user_group_map
WHERE userid = ?
WHERE userid = ?
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
