Skip to content

bugzilla
bugzilla
Commit 4478ac2d authored by kiko%async.com.br's avatar kiko%async.com.br
Browse files
Options

Fix for bug 251937: Remove $COOKIE from buglist.cgi. r=burnus, a=myk.

parent 7afde703
Hide whitespace changes
Inline Side-by-side
Showing with 13 additions and 13 deletions
buglist.cgi
View file @ 4478ac2d
...@@ -121,7 +121,7 @@ my $serverpush = ...@@ -121,7 +121,7 @@ my $serverpush =
|| $::FORM{'serverpush'}; || $::FORM{'serverpush'};
my $order = $::FORM{'order'} || ""; my $order = $::FORM{'order'} || "";
my $order_from_cookie = 0; # True if $order set using $::COOKIE{'LASTORDER'} my $order_from_cookie = 0; # True if $order set using the LASTORDER cookie
# The params object to use for the actual query itself # The params object to use for the actual query itself
my $params; my $params;
...@@ -129,13 +129,13 @@ my $params; ...@@ -129,13 +129,13 @@ my $params;
# If the user is retrieving the last bug list they looked at, hack the buffer # If the user is retrieving the last bug list they looked at, hack the buffer
# storing the query string so that it looks like a query retrieving those bugs. # storing the query string so that it looks like a query retrieving those bugs.
if ($::FORM{'regetlastlist'}) { if ($::FORM{'regetlastlist'}) {
$::COOKIE{'BUGLIST'} || ThrowUserError("missing_cookie"); $cgi->cookie('BUGLIST') || ThrowUserError("missing_cookie");
$order = "reuse last sort" unless $order; $order = "reuse last sort" unless $order;
# set up the params for this new query # set up the params for this new query
$params = new Bugzilla::CGI({ $params = new Bugzilla::CGI({
bug_id => [split(/:/, $::COOKIE{'BUGLIST'})], bug_id => [split(/:/, $cgi->cookie('BUGLIST'))],
order => $order, order => $order,
}); });
} }
...@@ -195,7 +195,7 @@ sub iCalendarDateTime { ...@@ -195,7 +195,7 @@ sub iCalendarDateTime {
sub LookupNamedQuery { sub LookupNamedQuery {
my ($name) = @_; my ($name) = @_;
Bugzilla->login(LOGIN_REQUIRED); Bugzilla->login(LOGIN_REQUIRED);
my $userid = DBNameToIdAndCheck($::COOKIE{"Bugzilla_login"}); my $userid = DBNameToIdAndCheck(Bugzilla->user->login);
my $qname = SqlQuote($name); my $qname = SqlQuote($name);
SendSQL("SELECT query FROM namedqueries WHERE userid = $userid AND name = $qname"); SendSQL("SELECT query FROM namedqueries WHERE userid = $userid AND name = $qname");
my $result = FetchOneColumn(); my $result = FetchOneColumn();
...@@ -318,7 +318,7 @@ if ($::FORM{'cmdtype'} eq "dorem") { ...@@ -318,7 +318,7 @@ if ($::FORM{'cmdtype'} eq "dorem") {
} }
elsif ($::FORM{'remaction'} eq "forget") { elsif ($::FORM{'remaction'} eq "forget") {
Bugzilla->login(LOGIN_REQUIRED); Bugzilla->login(LOGIN_REQUIRED);
my $userid = DBNameToIdAndCheck($::COOKIE{"Bugzilla_login"}); my $userid = DBNameToIdAndCheck(Bugzilla->user->login);
my $qname = SqlQuote($::FORM{'namedcmd'}); my $qname = SqlQuote($::FORM{'namedcmd'});
SendSQL("DELETE FROM namedqueries WHERE userid = $userid AND name = $qname"); SendSQL("DELETE FROM namedqueries WHERE userid = $userid AND name = $qname");
...@@ -338,7 +338,7 @@ if ($::FORM{'cmdtype'} eq "dorem") { ...@@ -338,7 +338,7 @@ if ($::FORM{'cmdtype'} eq "dorem") {
elsif (($::FORM{'cmdtype'} eq "doit") && $::FORM{'remtype'}) { elsif (($::FORM{'cmdtype'} eq "doit") && $::FORM{'remtype'}) {
if ($::FORM{'remtype'} eq "asdefault") { if ($::FORM{'remtype'} eq "asdefault") {
Bugzilla->login(LOGIN_REQUIRED); Bugzilla->login(LOGIN_REQUIRED);
my $userid = DBNameToIdAndCheck($::COOKIE{"Bugzilla_login"}); my $userid = DBNameToIdAndCheck(Bugzilla->user->login);
my $qname = SqlQuote($::defaultqueryname); my $qname = SqlQuote($::defaultqueryname);
my $qbuffer = SqlQuote($::buffer); my $qbuffer = SqlQuote($::buffer);
...@@ -361,7 +361,7 @@ elsif (($::FORM{'cmdtype'} eq "doit") && $::FORM{'remtype'}) { ...@@ -361,7 +361,7 @@ elsif (($::FORM{'cmdtype'} eq "doit") && $::FORM{'remtype'}) {
} }
elsif ($::FORM{'remtype'} eq "asnamed") { elsif ($::FORM{'remtype'} eq "asnamed") {
Bugzilla->login(LOGIN_REQUIRED); Bugzilla->login(LOGIN_REQUIRED);
my $userid = DBNameToIdAndCheck($::COOKIE{"Bugzilla_login"}); my $userid = DBNameToIdAndCheck(Bugzilla->user->login);
my $name = trim($::FORM{'newqueryname'}); my $name = trim($::FORM{'newqueryname'});
$name || ThrowUserError("query_name_missing"); $name || ThrowUserError("query_name_missing");
...@@ -487,9 +487,9 @@ if (defined $params->param('columnlist')) { ...@@ -487,9 +487,9 @@ if (defined $params->param('columnlist')) {
@displaycolumns = split(/[ ,]+/, $params->param('columnlist')); @displaycolumns = split(/[ ,]+/, $params->param('columnlist'));
} }
} }
elsif (defined $::COOKIE{'COLUMNLIST'}) { elsif (defined $cgi->cookie('COLUMNLIST')) {
# 2002-10-31 Rename column names (see bug 176461) # 2002-10-31 Rename column names (see bug 176461)
my $columnlist = $::COOKIE{'COLUMNLIST'}; my $columnlist = $cgi->cookie('COLUMNLIST');
$columnlist =~ s/\bowner\b/assigned_to/; $columnlist =~ s/\bowner\b/assigned_to/;
$columnlist =~ s/\bowner_realname\b/assigned_to_realname/; $columnlist =~ s/\bowner_realname\b/assigned_to_realname/;
$columnlist =~ s/\bplatform\b/rep_platform/; $columnlist =~ s/\bplatform\b/rep_platform/;
...@@ -591,8 +591,8 @@ my @selectnames = map($columns->{$_}->{'name'}, @selectcolumns); ...@@ -591,8 +591,8 @@ my @selectnames = map($columns->{$_}->{'name'}, @selectcolumns);
################################################################################ ################################################################################
# Add to the query some instructions for sorting the bug list. # Add to the query some instructions for sorting the bug list.
if ($::COOKIE{'LASTORDER'} && (!$order || $order =~ /^reuse/i)) { if ($cgi->cookie('LASTORDER') && (!$order || $order =~ /^reuse/i)) {
$order = $::COOKIE{'LASTORDER'}; $order = $cgi->cookie('LASTORDER');
$order_from_cookie = 1; $order_from_cookie = 1;
} }
...@@ -842,7 +842,7 @@ $vars->{'urlquerypart'} =~ s/(order|cmdtype)=[^&]*&?//g; ...@@ -842,7 +842,7 @@ $vars->{'urlquerypart'} =~ s/(order|cmdtype)=[^&]*&?//g;
$vars->{'order'} = $order; $vars->{'order'} = $order;
# The user's login account name (i.e. email address). # The user's login account name (i.e. email address).
my $login = $::COOKIE{'Bugzilla_login'}; my $login = Bugzilla->user ? Bugzilla->user->login : "";
$vars->{'caneditbugs'} = UserInGroup('editbugs'); $vars->{'caneditbugs'} = UserInGroup('editbugs');
...@@ -862,7 +862,7 @@ if (scalar(@bugowners) > 1 && UserInGroup('editbugs')) { ...@@ -862,7 +862,7 @@ if (scalar(@bugowners) > 1 && UserInGroup('editbugs')) {
# Whether or not to split the column titles across two rows to make # Whether or not to split the column titles across two rows to make
# the list more compact. # the list more compact.
$vars->{'splitheader'} = $::COOKIE{'SPLITHEADER'} ? 1 : 0; $vars->{'splitheader'} = $cgi->cookie('SPLITHEADER') ? 1 : 0;
$vars->{'quip'} = GetQuip(); $vars->{'quip'} = GetQuip();
$vars->{'currenttime'} = time(); $vars->{'currenttime'} = time();
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment