# first try wildcards
my $wildstr = $str;
- if ($wildstr =~ s/\*/\%/g) { # don't do wildcards if no '*' in the string
+ # Do not do wildcards if there is no '*' in the string.
+ if ($wildstr =~ s/\*/\%/g && $user->id) {
# Build the query.
trick_taint($wildstr);
my $query = "SELECT DISTINCT userid FROM profiles ";
}
# then try substring search
- if (!scalar(@users) && length($str) >= 3) {
+ if (!scalar(@users) && length($str) >= 3 && $user->id) {
trick_taint($str);
my $query = "SELECT DISTINCT userid FROM profiles ";
[% IF matchsuccess == 1 %]
[% PROCESS global/header.html.tmpl title="Confirm Match" %]
-[% USE Bugzilla %]
+ [% USE Bugzilla %]
<form method="post"
[% IF script -%]
[% PROCESS global/header.html.tmpl title="Match Failed" %]
<p>
[% terms.Bugzilla %] was unable to make any match at all for one or more of
- the names and/or email addresses you entered on the previous page.<br>
- Please go back and try other names or email addresses.
+ the names and/or email addresses you entered on the previous page.
+ [% IF !user.id %]
+ <b>Note: You are currently logged out. Only exact matches against e-mail
+ addresses will be performed.</b>
+ [% END %]
</p>
+ <p>Please go back and try other names or email addresses.</p>
[% END %]
<table border="0">
projects / thirdparty / bugzilla.git / commitdiff
