Commit 6ce5f4a8 authored by lpsolit%gmail.com's avatar lpsolit%gmail.com

Bug 303696: Eliminate deprecated Bugzilla::DB routines from process_bug.cgi -…

Bug 303696: Eliminate deprecated Bugzilla::DB routines from process_bug.cgi - Patch by André Batosti <batosti@async.com.br> r=LpSolit a=justdave
parent dfcc2146
...@@ -229,9 +229,9 @@ $vars->{'title_tag'} = "bug_processed"; ...@@ -229,9 +229,9 @@ $vars->{'title_tag'} = "bug_processed";
# negatives, but never false positives, and should catch the majority of cases. # negatives, but never false positives, and should catch the majority of cases.
# It only works at all in the single bug case. # It only works at all in the single bug case.
if (defined $cgi->param('id')) { if (defined $cgi->param('id')) {
SendSQL("SELECT delta_ts FROM bugs WHERE bug_id = " . my $delta_ts = $dbh->selectrow_array(
$cgi->param('id')); q{SELECT delta_ts FROM bugs WHERE bug_id = ?},
my $delta_ts = FetchOneColumn(); undef, $cgi->param('id'));
if (defined $cgi->param('delta_ts') && $cgi->param('delta_ts') ne $delta_ts) if (defined $cgi->param('delta_ts') && $cgi->param('delta_ts') ne $delta_ts)
{ {
...@@ -285,10 +285,10 @@ sub CheckonComment { ...@@ -285,10 +285,10 @@ sub CheckonComment {
# and bug groups if so. # and bug groups if so.
my $oldproduct = ''; my $oldproduct = '';
if (defined $cgi->param('id')) { if (defined $cgi->param('id')) {
SendSQL("SELECT name FROM products INNER JOIN bugs " . $oldproduct = $dbh->selectrow_array(
"ON products.id = bugs.product_id WHERE bug_id = " . q{SELECT name FROM products INNER JOIN bugs
$cgi->param('id')); ON products.id = bugs.product_id WHERE bug_id = ?},
$oldproduct = FetchSQLData(); undef, $cgi->param('id'));
} }
if (((defined $cgi->param('id') && $cgi->param('product') ne $oldproduct) if (((defined $cgi->param('id') && $cgi->param('product') ne $oldproduct)
...@@ -376,9 +376,10 @@ if (((defined $cgi->param('id') && $cgi->param('product') ne $oldproduct) ...@@ -376,9 +376,10 @@ if (((defined $cgi->param('id') && $cgi->param('product') ne $oldproduct)
if ($mok) { if ($mok) {
$defaults{'target_milestone'} = $cgi->param('target_milestone'); $defaults{'target_milestone'} = $cgi->param('target_milestone');
} else { } else {
SendSQL("SELECT defaultmilestone FROM products " . $defaults{'target_milestone'} = $dbh->selectrow_array(
"WHERE name = " . SqlQuote($prod)); q{SELECT defaultmilestone FROM products
$defaults{'target_milestone'} = FetchOneColumn(); WHERE name = ?}, undef, $prod);
;
} }
} }
else { else {
...@@ -504,11 +505,11 @@ sub CheckCanChangeField { ...@@ -504,11 +505,11 @@ sub CheckCanChangeField {
# $reporterid, $ownerid and $qacontactid are caches of the results of # $reporterid, $ownerid and $qacontactid are caches of the results of
# the call to find out the assignee, reporter and qacontact of the current bug. # the call to find out the assignee, reporter and qacontact of the current bug.
if ($lastbugid != $bugid) { if ($lastbugid != $bugid) {
SendSQL("SELECT reporter, assigned_to, qa_contact FROM bugs ($reporterid, $ownerid, $qacontactid) = $dbh->selectrow_array(
WHERE bug_id = $bugid"); q{SELECT reporter, assigned_to, qa_contact FROM bugs
($reporterid, $ownerid, $qacontactid) = (FetchSQLData()); WHERE bug_id = ? }, undef, $bugid);
$lastbugid = $bugid; $lastbugid = $bugid;
} }
# END DO_NOT_CHANGE # END DO_NOT_CHANGE
# Allow the assignee to change anything else. # Allow the assignee to change anything else.
...@@ -574,8 +575,8 @@ sub DuplicateUserConfirm { ...@@ -574,8 +575,8 @@ sub DuplicateUserConfirm {
my $dupe = $cgi->param('id'); my $dupe = $cgi->param('id');
my $original = $cgi->param('dup_id'); my $original = $cgi->param('dup_id');
SendSQL("SELECT reporter FROM bugs WHERE bug_id = $dupe"); my $reporter = $dbh->selectrow_array(
my $reporter = FetchOneColumn(); q{SELECT reporter FROM bugs WHERE bug_id = ?}, undef, $dupe);
my $rep_user = Bugzilla::User->new($reporter); my $rep_user = Bugzilla::User->new($reporter);
if ($rep_user->can_see_bug($original)) { if ($rep_user->can_see_bug($original)) {
...@@ -583,8 +584,9 @@ sub DuplicateUserConfirm { ...@@ -583,8 +584,9 @@ sub DuplicateUserConfirm {
return; return;
} }
SendSQL("SELECT cclist_accessible FROM bugs WHERE bug_id = $original"); $vars->{'cclist_accessible'} = $dbh->selectrow_array(
$vars->{'cclist_accessible'} = FetchOneColumn(); q{SELECT cclist_accessible FROM bugs WHERE bug_id = ?},
undef, $original);
# Once in this part of the subroutine, the user has not been auto-validated # Once in this part of the subroutine, the user has not been auto-validated
# and the duper has not chosen whether or not to add to CC list, so let's # and the duper has not chosen whether or not to add to CC list, so let's
...@@ -734,8 +736,9 @@ if ($action eq Param('move-button-text')) { ...@@ -734,8 +736,9 @@ if ($action eq Param('move-button-text')) {
} }
$::query = "update bugs\nset"; $::query = "UPDATE bugs SET";
$::comma = ""; $::comma = "";
my @values;
umask(0); umask(0);
sub _remove_remaining_time { sub _remove_remaining_time {
...@@ -778,7 +781,7 @@ sub ChangeStatus { ...@@ -778,7 +781,7 @@ sub ChangeStatus {
# When reopening, we need to check whether the bug was ever # When reopening, we need to check whether the bug was ever
# confirmed or not # confirmed or not
$::query .= "bug_status = CASE WHEN everconfirmed = 1 THEN " . $::query .= "bug_status = CASE WHEN everconfirmed = 1 THEN " .
SqlQuote($str) . " ELSE 'UNCONFIRMED' END"; $dbh->quote($str) . " ELSE 'UNCONFIRMED' END";
} elsif (is_open_state($str)) { } elsif (is_open_state($str)) {
# Note that we cannot combine this with the above branch - here we # Note that we cannot combine this with the above branch - here we
# need to check if bugs.bug_status is open, (since we don't want to # need to check if bugs.bug_status is open, (since we don't want to
...@@ -805,12 +808,12 @@ sub ChangeStatus { ...@@ -805,12 +808,12 @@ sub ChangeStatus {
# This also relies on the fact that confirming and accepting have # This also relies on the fact that confirming and accepting have
# already called DoConfirm before this is called # already called DoConfirm before this is called
my @open_state = map(SqlQuote($_), BUG_STATE_OPEN); my @open_state = map($dbh->quote($_), BUG_STATE_OPEN);
my $open_state = join(", ", @open_state); my $open_state = join(", ", @open_state);
# If we are changing everconfirmed to 1, we have to take this change # If we are changing everconfirmed to 1, we have to take this change
# into account and the new bug status is given by $str. # into account and the new bug status is given by $str.
my $cond = SqlQuote($str); my $cond = $dbh->quote($str);
# If we are not setting everconfirmed, the new bug status depends on # If we are not setting everconfirmed, the new bug status depends on
# the actual value of everconfirmed, which is bug-specific. # the actual value of everconfirmed, which is bug-specific.
unless ($everconfirmed) { unless ($everconfirmed) {
...@@ -820,7 +823,8 @@ sub ChangeStatus { ...@@ -820,7 +823,8 @@ sub ChangeStatus {
$::query .= "bug_status = CASE WHEN bug_status IN($open_state) THEN " . $::query .= "bug_status = CASE WHEN bug_status IN($open_state) THEN " .
$cond . " ELSE bug_status END"; $cond . " ELSE bug_status END";
} else { } else {
$::query .= "bug_status = " . SqlQuote($str); $::query .= "bug_status = ?";
push(@values, $str);
} }
# If bugs are reassigned and their status is "UNCONFIRMED", they # If bugs are reassigned and their status is "UNCONFIRMED", they
# should keep this status instead of "NEW" as suggested here. # should keep this status instead of "NEW" as suggested here.
...@@ -835,7 +839,9 @@ sub ChangeResolution { ...@@ -835,7 +839,9 @@ sub ChangeResolution {
|| $str ne $cgi->param('dontchange')) || $str ne $cgi->param('dontchange'))
{ {
DoComma(); DoComma();
$::query .= "resolution = " . SqlQuote($str); $::query .= "resolution = ?";
trick_taint($str);
push(@values, $str);
# We define this variable here so that customized installations # We define this variable here so that customized installations
# may set rules based on the resolution in CheckCanChangeField. # may set rules based on the resolution in CheckCanChangeField.
$cgi->param('resolution', $str); $cgi->param('resolution', $str);
...@@ -852,10 +858,11 @@ sub ChangeResolution { ...@@ -852,10 +858,11 @@ sub ChangeResolution {
my @groupAdd = (); my @groupAdd = ();
my @groupDel = (); my @groupDel = ();
SendSQL("SELECT groups.id, isactive FROM groups " . my $groups = $dbh->selectall_arrayref(
"WHERE id IN($grouplist) " . qq{SELECT groups.id, isactive FROM groups
"AND isbuggroup = 1"); WHERE id IN($grouplist) AND isbuggroup = 1});
while (my ($b, $isactive) = FetchSQLData()) { foreach my $group (@$groups) {
my ($b, $isactive) = @$group;
# The multiple change page may not show all groups a bug is in # The multiple change page may not show all groups a bug is in
# (eg product groups when listing more than one product) # (eg product groups when listing more than one product)
# Only consider groups which were present on the form. We can't do this # Only consider groups which were present on the form. We can't do this
...@@ -878,7 +885,10 @@ foreach my $field ("rep_platform", "priority", "bug_severity", ...@@ -878,7 +885,10 @@ foreach my $field ("rep_platform", "priority", "bug_severity",
if (!$cgi->param('dontchange') if (!$cgi->param('dontchange')
|| $cgi->param($field) ne $cgi->param('dontchange')) { || $cgi->param($field) ne $cgi->param('dontchange')) {
DoComma(); DoComma();
$::query .= "$field = " . SqlQuote(trim($cgi->param($field))); $::query .= "$field = ?";
my $value = trim($cgi->param($field));
trick_taint($value);
push(@values, $value);
} }
} }
} }
...@@ -890,7 +900,10 @@ foreach my $field (Bugzilla->custom_field_names) { ...@@ -890,7 +900,10 @@ foreach my $field (Bugzilla->custom_field_names) {
|| $cgi->param($field) ne $cgi->param('dontchange'))) || $cgi->param($field) ne $cgi->param('dontchange')))
{ {
DoComma(); DoComma();
$::query .= "$field = " . SqlQuote(trim($cgi->param($field))); $::query .= "$field = ?";
my $value = $cgi->param($field);
trick_taint($value);
push(@values, $value);
} }
} }
...@@ -905,9 +918,10 @@ if ($cgi->param('product') ne $cgi->param('dontchange')) { ...@@ -905,9 +918,10 @@ if ($cgi->param('product') ne $cgi->param('dontchange')) {
{product => $cgi->param('product')}); {product => $cgi->param('product')});
DoComma(); DoComma();
$::query .= "product_id = ?";
push(@values, $prod_id);
@newprod_ids = ($prod_id); @newprod_ids = ($prod_id);
$prod_changed = 1; $prod_changed = 1;
$::query .= "product_id = $prod_id";
} else { } else {
@newprod_ids = @{$dbh->selectcol_arrayref("SELECT DISTINCT product_id @newprod_ids = @{$dbh->selectcol_arrayref("SELECT DISTINCT product_id
FROM bugs FROM bugs
...@@ -932,7 +946,8 @@ if ($cgi->param('component') ne $cgi->param('dontchange')) { ...@@ -932,7 +946,8 @@ if ($cgi->param('component') ne $cgi->param('dontchange')) {
$cgi->param('component_id', $comp_id); $cgi->param('component_id', $comp_id);
DoComma(); DoComma();
$::query .= "component_id = $comp_id"; $::query .= "component_id = ?";
push(@values, $comp_id);
} }
# If this installation uses bug aliases, and the user is changing the alias, # If this installation uses bug aliases, and the user is changing the alias,
...@@ -949,12 +964,12 @@ if (Param("usebugaliases") && defined $cgi->param('alias')) { ...@@ -949,12 +964,12 @@ if (Param("usebugaliases") && defined $cgi->param('alias')) {
# Otherwise, if the field contains a value, update the record # Otherwise, if the field contains a value, update the record
# with that value. # with that value.
DoComma(); DoComma();
$::query .= "alias = ";
if ($alias ne "") { if ($alias ne "") {
ValidateBugAlias($alias, $idlist[0]); ValidateBugAlias($alias, $idlist[0]);
$::query .= $dbh->quote($alias); $::query .= "alias = ?";
push(@values, $alias);
} else { } else {
$::query .= "NULL"; $::query .= "alias = NULL";
} }
} }
} }
...@@ -965,20 +980,21 @@ if (Param("usebugaliases") && defined $cgi->param('alias')) { ...@@ -965,20 +980,21 @@ if (Param("usebugaliases") && defined $cgi->param('alias')) {
# and cc list can see the bug even if they are not members of all groups # and cc list can see the bug even if they are not members of all groups
# to which the bug is restricted. # to which the bug is restricted.
if (defined $cgi->param('id')) { if (defined $cgi->param('id')) {
SendSQL("SELECT group_id FROM bug_group_map WHERE bug_id = " . my ($havegroup) = $dbh->selectrow_array(
$cgi->param('id')); q{SELECT group_id FROM bug_group_map WHERE bug_id = ?},
my ($havegroup) = FetchSQLData(); undef, $cgi->param('id'));
if ( $havegroup ) { if ( $havegroup ) {
DoComma(); DoComma();
$cgi->param('reporter_accessible', $cgi->param('reporter_accessible',
$cgi->param('reporter_accessible') ? '1' : '0'); $cgi->param('reporter_accessible') ? '1' : '0');
$::query .= 'reporter_accessible = ' . $::query .= "reporter_accessible = ?";
$cgi->param('reporter_accessible'); push(@values, $cgi->param('reporter_accessible'));
DoComma(); DoComma();
$cgi->param('cclist_accessible', $cgi->param('cclist_accessible',
$cgi->param('cclist_accessible') ? '1' : '0'); $cgi->param('cclist_accessible') ? '1' : '0');
$::query .= 'cclist_accessible = ' . $cgi->param('cclist_accessible'); $::query .= "cclist_accessible = ?";
push(@values, $cgi->param('cclist_accessible'));
} }
} }
...@@ -1090,7 +1106,8 @@ if (defined $cgi->param('qa_contact') ...@@ -1090,7 +1106,8 @@ if (defined $cgi->param('qa_contact')
$qacontact_checked = 1; $qacontact_checked = 1;
DoComma(); DoComma();
if($qacontact) { if($qacontact) {
$::query .= "qa_contact = $qacontact"; $::query .= "qa_contact = ?";
push(@values, $qacontact);
} }
else { else {
$::query .= "qa_contact = NULL"; $::query .= "qa_contact = NULL";
...@@ -1174,8 +1191,9 @@ SWITCH: for ($cgi->param('knob')) { ...@@ -1174,8 +1191,9 @@ SWITCH: for ($cgi->param('knob')) {
} else { } else {
ThrowUserError("reassign_to_empty"); ThrowUserError("reassign_to_empty");
} }
$::query .= "assigned_to = ?";
push(@values, $assignee);
$assignee_checked = 1; $assignee_checked = 1;
$::query .= "assigned_to = $assignee";
last SWITCH; last SWITCH;
}; };
/^reassignbycomponent$/ && CheckonComment( "reassignbycomponent" ) && do { /^reassignbycomponent$/ && CheckonComment( "reassignbycomponent" ) && do {
...@@ -1300,21 +1318,25 @@ if (UserInGroup(Param('timetrackinggroup'))) { ...@@ -1300,21 +1318,25 @@ if (UserInGroup(Param('timetrackinggroup'))) {
my $er_time = trim($cgi->param($field)); my $er_time = trim($cgi->param($field));
if ($er_time ne $cgi->param('dontchange')) { if ($er_time ne $cgi->param('dontchange')) {
DoComma(); DoComma();
$::query .= "$field = " . SqlQuote($er_time); $::query .= "$field = ?";
trick_taint($er_time);
push(@values, $er_time);
} }
} }
} }
if (defined $cgi->param('deadline')) { if (defined $cgi->param('deadline')) {
DoComma(); DoComma();
$::query .= "deadline = ";
if ($cgi->param('deadline')) { if ($cgi->param('deadline')) {
validate_date($cgi->param('deadline')) validate_date($cgi->param('deadline'))
|| ThrowUserError('illegal_date', {date => $cgi->param('deadline'), || ThrowUserError('illegal_date', {date => $cgi->param('deadline'),
format => 'YYYY-MM-DD'}); format => 'YYYY-MM-DD'});
$::query .= SqlQuote($cgi->param('deadline')); $::query .= "deadline = ?";
my $deadline = $cgi->param('deadline');
trick_taint($deadline);
push(@values, $deadline);
} else { } else {
$::query .= "NULL" ; $::query .= "deadline = NULL";
} }
} }
} }
...@@ -1325,9 +1347,9 @@ my $delta_ts; ...@@ -1325,9 +1347,9 @@ my $delta_ts;
sub SnapShotBug { sub SnapShotBug {
my ($id) = (@_); my ($id) = (@_);
SendSQL("SELECT delta_ts, " . join(',', @::log_columns) . my @row = $dbh->selectrow_array(q{SELECT delta_ts, } .
" FROM bugs WHERE bug_id = $id"); join(',', @::log_columns).q{ FROM bugs WHERE bug_id = ?},
my @row = FetchSQLData(); undef, $id);
$delta_ts = shift @row; $delta_ts = shift @row;
return @row; return @row;
...@@ -1336,12 +1358,10 @@ sub SnapShotBug { ...@@ -1336,12 +1358,10 @@ sub SnapShotBug {
sub SnapShotDeps { sub SnapShotDeps {
my ($i, $target, $me) = (@_); my ($i, $target, $me) = (@_);
SendSQL("SELECT $target FROM dependencies WHERE $me = $i ORDER BY $target"); my $list = $dbh->selectcol_arrayref(qq{SELECT $target FROM dependencies
my @list; WHERE $me = ? ORDER BY $target},
while (MoreSQLData()) { undef, $i);
push(@list, FetchOneColumn()); return join(',', @$list);
}
return join(',', @list);
} }
...@@ -1350,14 +1370,14 @@ my $bug_changed; ...@@ -1350,14 +1370,14 @@ my $bug_changed;
sub LogDependencyActivity { sub LogDependencyActivity {
my ($i, $oldstr, $target, $me, $timestamp) = (@_); my ($i, $oldstr, $target, $me, $timestamp) = (@_);
my $sql_timestamp = SqlQuote($timestamp);
my $newstr = SnapShotDeps($i, $target, $me); my $newstr = SnapShotDeps($i, $target, $me);
if ($oldstr ne $newstr) { if ($oldstr ne $newstr) {
# Figure out what's really different... # Figure out what's really different...
my ($removed, $added) = diff_strings($oldstr, $newstr); my ($removed, $added) = diff_strings($oldstr, $newstr);
LogActivityEntry($i,$target,$removed,$added,$whoid,$timestamp); LogActivityEntry($i,$target,$removed,$added,$whoid,$timestamp);
# update timestamp on target bug so midairs will be triggered # update timestamp on target bug so midairs will be triggered
SendSQL("UPDATE bugs SET delta_ts = $sql_timestamp WHERE bug_id = $i"); $dbh->do(q{UPDATE bugs SET delta_ts = ? WHERE bug_id = ?},
undef, $timestamp, $i);
$bug_changed = 1; $bug_changed = 1;
return 1; return 1;
} }
...@@ -1451,14 +1471,16 @@ foreach my $id (@idlist) { ...@@ -1451,14 +1471,16 @@ foreach my $id (@idlist) {
FROM components FROM components
WHERE components.id = ?', WHERE components.id = ?',
undef, $new_comp_id); undef, $new_comp_id);
$query .= ", assigned_to = $assignee"; $query .= ", assigned_to = ?";
push(@values, $assignee);
if (Param("useqacontact")) { if (Param("useqacontact")) {
$qacontact = $dbh->selectrow_array('SELECT initialqacontact $qacontact = $dbh->selectrow_array('SELECT initialqacontact
FROM components FROM components
WHERE components.id = ?', WHERE components.id = ?',
undef, $new_comp_id); undef, $new_comp_id);
if ($qacontact) { if ($qacontact) {
$query .= ", qa_contact = $qacontact"; $query .= ", qa_contact = ?";
push(@values, $qacontact);
} }
else { else {
$query .= ", qa_contact = NULL"; $query .= ", qa_contact = NULL";
...@@ -1617,9 +1639,7 @@ foreach my $id (@idlist) { ...@@ -1617,9 +1639,7 @@ foreach my $id (@idlist) {
# Start updating the relevant database entries # Start updating the relevant database entries
# #
SendSQL("select now()"); $timestamp = $dbh->selectrow_array(q{SELECT NOW()});
$timestamp = FetchOneColumn();
my $sql_timestamp = SqlQuote($timestamp);
my $work_time; my $work_time;
if (UserInGroup(Param('timetrackinggroup'))) { if (UserInGroup(Param('timetrackinggroup'))) {
...@@ -1649,46 +1669,51 @@ foreach my $id (@idlist) { ...@@ -1649,46 +1669,51 @@ foreach my $id (@idlist) {
# For delete, we just delete things on the list. # For delete, we just delete things on the list.
my $changed = 0; my $changed = 0;
if ($keywordaction eq "makeexact") { if ($keywordaction eq "makeexact") {
SendSQL("DELETE FROM keywords WHERE bug_id = $id"); $dbh->do(q{DELETE FROM keywords WHERE bug_id = ?},
undef, $id);
$changed = 1; $changed = 1;
} }
my $sth_delete = $dbh->prepare(q{DELETE FROM keywords
WHERE bug_id = ?
AND keywordid = ?});
my $sth_insert =
$dbh->prepare(q{INSERT INTO keywords (bug_id, keywordid)
VALUES (?, ?)});
foreach my $keyword (@keywordlist) { foreach my $keyword (@keywordlist) {
if ($keywordaction ne "makeexact") { if ($keywordaction ne "makeexact") {
SendSQL("DELETE FROM keywords $sth_delete->execute($id, $keyword);
WHERE bug_id = $id AND keywordid = $keyword");
$changed = 1; $changed = 1;
} }
if ($keywordaction ne "delete") { if ($keywordaction ne "delete") {
SendSQL("INSERT INTO keywords $sth_insert->execute($id, $keyword);
(bug_id, keywordid) VALUES ($id, $keyword)");
$changed = 1; $changed = 1;
} }
} }
if ($changed) { if ($changed) {
SendSQL("SELECT keyworddefs.name my $list = $dbh->selectcol_arrayref(
FROM keyworddefs INNER JOIN keywords q{SELECT keyworddefs.name
ON keyworddefs.id = keywords.keywordid FROM keyworddefs
WHERE keywords.bug_id = $id INNER JOIN keywords
ORDER BY keyworddefs.name"); ON keyworddefs.id = keywords.keywordid
my @list; WHERE keywords.bug_id = ?
while (MoreSQLData()) { ORDER BY keyworddefs.name},
push(@list, FetchOneColumn()); undef, $id);
}
$dbh->do("UPDATE bugs SET keywords = ? WHERE bug_id = ?", $dbh->do("UPDATE bugs SET keywords = ? WHERE bug_id = ?",
undef, join(', ', @list), $id); undef, join(', ', @$list), $id);
} }
} }
$query .= " where bug_id = $id"; $query .= " WHERE bug_id = ?";
push(@values, $id);
if ($::comma ne "") { if ($::comma ne "") {
SendSQL($query); $dbh->do($query, undef, @values);
} }
# Check for duplicates if the bug is [re]open or its resolution is changed. # Check for duplicates if the bug is [re]open or its resolution is changed.
SendSQL("SELECT resolution FROM bugs WHERE bug_id = $id"); my $resolution = $dbh->selectrow_array(
my $resolution = FetchOneColumn(); q{SELECT resolution FROM bugs WHERE bug_id = ?}, undef, $id);
if ($resolution ne 'DUPLICATE') { if ($resolution ne 'DUPLICATE') {
SendSQL("DELETE FROM duplicates WHERE dupe = $id"); $dbh->do(q{DELETE FROM duplicates WHERE dupe = ?}, undef, $id);
} }
my $newproduct_id = $oldhash{'product_id'}; my $newproduct_id = $oldhash{'product_id'};
...@@ -1698,12 +1723,16 @@ foreach my $id (@idlist) { ...@@ -1698,12 +1723,16 @@ foreach my $id (@idlist) {
my %groupsrequired = (); my %groupsrequired = ();
my %groupsforbidden = (); my %groupsforbidden = ();
SendSQL("SELECT id, membercontrol my $group_controls =
FROM groups LEFT JOIN group_control_map $dbh->selectall_arrayref(q{SELECT id, membercontrol
ON id = group_id FROM groups
AND product_id = $newproduct_id WHERE isactive != 0"); LEFT JOIN group_control_map
while (MoreSQLData()) { ON id = group_id
my ($group, $control) = FetchSQLData(); AND product_id = ?
WHERE isactive != 0},
undef, $newproduct_id);
foreach my $group_control (@$group_controls) {
my ($group, $control) = @$group_control;
$control ||= 0; $control ||= 0;
unless ($control > &::CONTROLMAPNA) { unless ($control > &::CONTROLMAPNA) {
$groupsforbidden{$group} = 1; $groupsforbidden{$group} = 1;
...@@ -1715,25 +1744,27 @@ foreach my $id (@idlist) { ...@@ -1715,25 +1744,27 @@ foreach my $id (@idlist) {
my @groupAddNames = (); my @groupAddNames = ();
my @groupAddNamesAll = (); my @groupAddNamesAll = ();
my $sth = $dbh->prepare(q{INSERT INTO bug_group_map (bug_id, group_id)
VALUES (?, ?)});
foreach my $grouptoadd (@groupAdd, keys %groupsrequired) { foreach my $grouptoadd (@groupAdd, keys %groupsrequired) {
next if $groupsforbidden{$grouptoadd}; next if $groupsforbidden{$grouptoadd};
push(@groupAddNamesAll, GroupIdToName($grouptoadd)); push(@groupAddNamesAll, GroupIdToName($grouptoadd));
if (!BugInGroupId($id, $grouptoadd)) { if (!BugInGroupId($id, $grouptoadd)) {
push(@groupAddNames, GroupIdToName($grouptoadd)); push(@groupAddNames, GroupIdToName($grouptoadd));
SendSQL("INSERT INTO bug_group_map (bug_id, group_id) $sth->execute($id, $grouptoadd);
VALUES ($id, $grouptoadd)");
} }
} }
my @groupDelNames = (); my @groupDelNames = ();
my @groupDelNamesAll = (); my @groupDelNamesAll = ();
$sth = $dbh->prepare(q{DELETE FROM bug_group_map
WHERE bug_id = ? AND group_id = ?});
foreach my $grouptodel (@groupDel, keys %groupsforbidden) { foreach my $grouptodel (@groupDel, keys %groupsforbidden) {
push(@groupDelNamesAll, GroupIdToName($grouptodel)); push(@groupDelNamesAll, GroupIdToName($grouptodel));
next if $groupsrequired{$grouptodel}; next if $groupsrequired{$grouptodel};
if (BugInGroupId($id, $grouptodel)) { if (BugInGroupId($id, $grouptodel)) {
push(@groupDelNames, GroupIdToName($grouptodel)); push(@groupDelNames, GroupIdToName($grouptodel));
} }
SendSQL("DELETE FROM bug_group_map $sth->execute($id, $grouptodel);
WHERE bug_id = $id AND group_id = $grouptodel");
} }
my $groupDelNames = join(',', @groupDelNames); my $groupDelNames = join(',', @groupDelNames);
...@@ -1752,25 +1783,30 @@ foreach my $id (@idlist) { ...@@ -1752,25 +1783,30 @@ foreach my $id (@idlist) {
|| defined $cgi->param('masscc')) { || defined $cgi->param('masscc')) {
# Get the current CC list for this bug # Get the current CC list for this bug
my %oncc; my %oncc;
SendSQL("SELECT who FROM cc WHERE bug_id = $id"); my $cc_list = $dbh->selectcol_arrayref(
while (MoreSQLData()) { q{SELECT who FROM cc WHERE bug_id = ?}, undef, $id);
$oncc{FetchOneColumn()} = 1; foreach my $who (@$cc_list) {
$oncc{$who} = 1;
} }
my (@added, @removed) = (); my (@added, @removed) = ();
my $sth_insert = $dbh->prepare(q{INSERT INTO cc (bug_id, who)
VALUES (?, ?)});
foreach my $pid (keys %cc_add) { foreach my $pid (keys %cc_add) {
# If this person isn't already on the cc list, add them # If this person isn't already on the cc list, add them
if (! $oncc{$pid}) { if (! $oncc{$pid}) {
SendSQL("INSERT INTO cc (bug_id, who) VALUES ($id, $pid)"); $sth_insert->execute($id, $pid);
push (@added, $cc_add{$pid}); push (@added, $cc_add{$pid});
$oncc{$pid} = 1; $oncc{$pid} = 1;
} }
} }
my $sth_delete = $dbh->prepare(q{DELETE FROM cc
WHERE bug_id = ? AND who = ?});
foreach my $pid (keys %cc_remove) { foreach my $pid (keys %cc_remove) {
# If the person is on the cc list, remove them # If the person is on the cc list, remove them
if ($oncc{$pid}) { if ($oncc{$pid}) {
SendSQL("DELETE FROM cc WHERE bug_id = $id AND who = $pid"); $sth_delete->execute($id, $pid);
push (@removed, $cc_remove{$pid}); push (@removed, $cc_remove{$pid});
$oncc{$pid} = 0; $oncc{$pid} = 0;
} }
...@@ -1826,9 +1862,13 @@ foreach my $id (@idlist) { ...@@ -1826,9 +1862,13 @@ foreach my $id (@idlist) {
my @keys = keys(%snapshot); my @keys = keys(%snapshot);
if (@keys) { if (@keys) {
my $oldsnap = SnapShotDeps($id, $target, $me); my $oldsnap = SnapShotDeps($id, $target, $me);
SendSQL("delete from dependencies where $me = $id"); $dbh->do(qq{DELETE FROM dependencies WHERE $me = ?},
undef, $id);
my $sth =
$dbh->prepare(qq{INSERT INTO dependencies ($me, $target)
VALUES (?, ?)});
foreach my $i (@{$deps{$target}}) { foreach my $i (@{$deps{$target}}) {
SendSQL("insert into dependencies ($me, $target) values ($id, $i)"); $sth->execute($id, $i);
} }
foreach my $k (@keys) { foreach my $k (@keys) {
LogDependencyActivity($k, $snapshot{$k}, $me, $target, $timestamp); LogDependencyActivity($k, $snapshot{$k}, $me, $target, $timestamp);
...@@ -1858,22 +1898,24 @@ foreach my $id (@idlist) { ...@@ -1858,22 +1898,24 @@ foreach my $id (@idlist) {
# - The control map value for the new product and this group # - The control map value for the new product and this group
# - Is the user in this group? # - Is the user in this group?
# - Is the bug in this group? # - Is the bug in this group?
SendSQL("SELECT DISTINCT groups.id, isactive, " . my $groups = $dbh->selectall_arrayref(
"oldcontrolmap.membercontrol, newcontrolmap.membercontrol, " . qq{SELECT DISTINCT groups.id, isactive,
"CASE WHEN groups.id IN ($grouplist) THEN 1 ELSE 0 END, " . oldcontrolmap.membercontrol,
"CASE WHEN bug_group_map.group_id IS NOT NULL " . newcontrolmap.membercontrol,
"THEN 1 ELSE 0 END " . CASE WHEN groups.id IN ($grouplist) THEN 1 ELSE 0 END,
"FROM groups " . CASE WHEN bug_group_map.group_id IS NOT NULL
"LEFT JOIN group_control_map AS oldcontrolmap " . THEN 1 ELSE 0 END
"ON oldcontrolmap.group_id = groups.id " . FROM groups
"AND oldcontrolmap.product_id = " . $oldhash{'product_id'} . LEFT JOIN group_control_map AS oldcontrolmap
" LEFT JOIN group_control_map AS newcontrolmap " . ON oldcontrolmap.group_id = groups.id
"ON newcontrolmap.group_id = groups.id " . AND oldcontrolmap.product_id = ?
"AND newcontrolmap.product_id = $newproduct_id " . LEFT JOIN group_control_map AS newcontrolmap
"LEFT JOIN bug_group_map " . ON newcontrolmap.group_id = groups.id
"ON bug_group_map.group_id = groups.id " . AND newcontrolmap.product_id = ?
"AND bug_group_map.bug_id = $id " LEFT JOIN bug_group_map
); ON bug_group_map.group_id = groups.id
AND bug_group_map.bug_id = ?},
undef, $oldhash{'product_id'}, $newproduct_id, $id);
my @groupstoremove = (); my @groupstoremove = ();
my @groupstoadd = (); my @groupstoadd = ();
my @defaultstoremove = (); my @defaultstoremove = ();
...@@ -1881,9 +1923,9 @@ foreach my $id (@idlist) { ...@@ -1881,9 +1923,9 @@ foreach my $id (@idlist) {
my @allgroups = (); my @allgroups = ();
my $buginanydefault = 0; my $buginanydefault = 0;
my $buginanychangingdefault = 0; my $buginanychangingdefault = 0;
while (MoreSQLData()) { foreach my $group (@$groups) {
my ($groupid, $isactive, $oldcontrol, $newcontrol, my ($groupid, $isactive, $oldcontrol, $newcontrol,
$useringroup, $bugingroup) = FetchSQLData(); $useringroup, $bugingroup) = @$group;
# An undefined newcontrol is none. # An undefined newcontrol is none.
$newcontrol = CONTROLMAPNA unless $newcontrol; $newcontrol = CONTROLMAPNA unless $newcontrol;
$oldcontrol = CONTROLMAPNA unless $oldcontrol; $oldcontrol = CONTROLMAPNA unless $oldcontrol;
...@@ -1932,17 +1974,21 @@ foreach my $id (@idlist) { ...@@ -1932,17 +1974,21 @@ foreach my $id (@idlist) {
# Now actually update the bug_group_map. # Now actually update the bug_group_map.
my @DefGroupsAdded = (); my @DefGroupsAdded = ();
my @DefGroupsRemoved = (); my @DefGroupsRemoved = ();
my $sth_insert =
$dbh->prepare(q{INSERT INTO bug_group_map (bug_id, group_id)
VALUES (?, ?)});
my $sth_delete = $dbh->prepare(q{DELETE FROM bug_group_map
WHERE bug_id = ?
AND group_id = ?});
foreach my $groupid (@allgroups) { foreach my $groupid (@allgroups) {
my $thisadd = grep( ($_ == $groupid), @groupstoadd); my $thisadd = grep( ($_ == $groupid), @groupstoadd);
my $thisdel = grep( ($_ == $groupid), @groupstoremove); my $thisdel = grep( ($_ == $groupid), @groupstoremove);
if ($thisadd) { if ($thisadd) {
push(@DefGroupsAdded, GroupIdToName($groupid)); push(@DefGroupsAdded, GroupIdToName($groupid));
SendSQL("INSERT INTO bug_group_map (bug_id, group_id) VALUES " . $sth_insert->execute($id, $groupid);
"($id, $groupid)");
} elsif ($thisdel) { } elsif ($thisdel) {
push(@DefGroupsRemoved, GroupIdToName($groupid)); push(@DefGroupsRemoved, GroupIdToName($groupid));
SendSQL("DELETE FROM bug_group_map WHERE bug_id = $id " . $sth_delete->execute($id, $groupid);
"AND group_id = $groupid");
} }
} }
if ((@DefGroupsAdded) || (@DefGroupsRemoved)) { if ((@DefGroupsAdded) || (@DefGroupsRemoved)) {
...@@ -2043,7 +2089,8 @@ foreach my $id (@idlist) { ...@@ -2043,7 +2089,8 @@ foreach my $id (@idlist) {
Bugzilla::Flag::process($id, undef, $timestamp, $cgi); Bugzilla::Flag::process($id, undef, $timestamp, $cgi);
if ($bug_changed) { if ($bug_changed) {
SendSQL("UPDATE bugs SET delta_ts = $sql_timestamp WHERE bug_id = $id"); $dbh->do(q{UPDATE bugs SET delta_ts = ? WHERE bug_id = ?},
undef, $timestamp, $id);
} }
$dbh->bz_unlock_tables(); $dbh->bz_unlock_tables();
...@@ -2059,23 +2106,22 @@ foreach my $id (@idlist) { ...@@ -2059,23 +2106,22 @@ foreach my $id (@idlist) {
undef, $cgi->param('id')); undef, $cgi->param('id'));
# Check to see if Reporter of this bug is reporter of Dupe # Check to see if Reporter of this bug is reporter of Dupe
SendSQL("SELECT reporter FROM bugs WHERE bug_id = " . my $reporter = $dbh->selectrow_array(
$cgi->param('id')); q{SELECT reporter FROM bugs WHERE bug_id = ?}, undef, $id);
my $reporter = FetchOneColumn(); my $isreporter = $dbh->selectrow_array(
SendSQL("SELECT reporter FROM bugs WHERE bug_id = " . q{SELECT reporter FROM bugs WHERE bug_id = ? AND reporter = ?},
"$duplicate and reporter = $reporter"); undef, $duplicate, $reporter);
my $isreporter = FetchOneColumn(); my $isoncc = $dbh->selectrow_array(q{SELECT who FROM cc
SendSQL("SELECT who FROM cc WHERE bug_id = " . WHERE bug_id = ? AND who = ?},
" $duplicate and who = $reporter"); undef, $duplicate, $reporter);
my $isoncc = FetchOneColumn();
unless ($isreporter || $isoncc unless ($isreporter || $isoncc
|| !$cgi->param('confirm_add_duplicate')) { || !$cgi->param('confirm_add_duplicate')) {
# The reporter is oblivious to the existence of the new bug and is permitted access # The reporter is oblivious to the existence of the new bug and is permitted access
# ... add 'em to the cc (and record activity) # ... add 'em to the cc (and record activity)
LogActivityEntry($duplicate,"cc","",DBID_to_name($reporter), LogActivityEntry($duplicate,"cc","",DBID_to_name($reporter),
$whoid,$timestamp); $whoid,$timestamp);
SendSQL("INSERT INTO cc (who, bug_id) " . $dbh->do(q{INSERT INTO cc (who, bug_id) VALUES (?, ?)},
"VALUES ($reporter, $duplicate)"); undef, $reporter, $duplicate);
} }
# Bug 171639 - Duplicate notifications do not need to be private. # Bug 171639 - Duplicate notifications do not need to be private.
AppendComment($duplicate, $whoid, AppendComment($duplicate, $whoid,
...@@ -2083,8 +2129,8 @@ foreach my $id (@idlist) { ...@@ -2083,8 +2129,8 @@ foreach my $id (@idlist) {
" has been marked as a duplicate of this bug. ***", " has been marked as a duplicate of this bug. ***",
0, $timestamp); 0, $timestamp);
SendSQL("INSERT INTO duplicates VALUES ($duplicate, " . $dbh->do(q{INSERT INTO duplicates VALUES (?, ?)}, undef,
$cgi->param('id') . ")"); $duplicate, $cgi->param('id'));
} }
# Now all changes to the DB have been made. It's time to email # Now all changes to the DB have been made. It's time to email
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment