Bug 303704: Eliminate deprecated Bugzilla::DB routines from editgroups.cgi - Patch...

diff --git a/editgroups.cgi b/editgroups.cgi
index b9759910ba83682df4d59881116a8299522dddef..62519fc54636335a91c274e3496f46b32556c59e 100755 (executable)
--- a/editgroups.cgi
+++ b/editgroups.cgi
@@ -41,7 +41,7 @@ use vars qw($template $vars);
 
 Bugzilla->login(LOGIN_REQUIRED);
 
-print Bugzilla->cgi->header();
+print $cgi->header();
 
 UserInGroup("creategroups")
   || ThrowUserError("auth_failure", {group  => "creategroups",
@@ -148,13 +148,14 @@ sub CheckGroupRegexp {
 unless ($action) {
     my @groups;
 
-    SendSQL("SELECT id,name,description,userregexp,isactive,isbuggroup " .
-            "FROM groups " .
-            "ORDER BY isbuggroup, name");
+    my $group_list =
+      $dbh->selectall_arrayref('SELECT id, name, description,
+                                       userregexp, isactive, isbuggroup
+                                  FROM groups
+                                 ORDER BY isbuggroup, name');
 
-    while (MoreSQLData()) {
-        my ($id, $name, $description, $regexp, $isactive, $isbuggroup)
-            = FetchSQLData();
+    foreach (@$group_list) {
+        my ($id, $name, $description, $regexp, $isactive, $isbuggroup) = @$_;
         my $group = {};
         $group->{'id'}          = $id;
         $group->{'name'}        = $name;
@@ -168,7 +169,7 @@ unless ($action) {
 
     $vars->{'groups'} = \@groups;
     
-    print Bugzilla->cgi->header();
+    print $cgi->header();
     $template->process("admin/groups/list.html.tmpl", $vars)
       || ThrowTemplateError($template->error());
 
@@ -195,29 +196,34 @@ if ($action eq 'changeform') {
     # this one
 
     my @groups;
-    SendSQL("SELECT groups.id, groups.name, groups.description," .
-             " CASE WHEN group_group_map.member_id IS NOT NULL THEN 1 ELSE 0 END," .
-             " CASE WHEN B.member_id IS NOT NULL THEN 1 ELSE 0 END," .
-             " CASE WHEN C.member_id IS NOT NULL THEN 1 ELSE 0 END" .
-             " FROM groups" .
-             " LEFT JOIN group_group_map" .
-             " ON group_group_map.member_id = groups.id" .
-             " AND group_group_map.grantor_id = $group_id" .
-             " AND group_group_map.grant_type = " . GROUP_MEMBERSHIP .
-             " LEFT JOIN group_group_map as B" .
-             " ON B.member_id = groups.id" .
-             " AND B.grantor_id = $group_id" .
-             " AND B.grant_type = " . GROUP_BLESS .
-             " LEFT JOIN group_group_map as C" .
-             " ON C.member_id = groups.id" .
-             " AND C.grantor_id = $group_id" .
-             " AND C.grant_type = " . GROUP_VISIBLE .
-             " ORDER by name");
-
-    while (MoreSQLData()) {
-        my ($grpid, $grpnam, $grpdesc, $grpmember, $blessmember, $membercansee) 
-            = FetchSQLData();
-
+    my $group_list =
+      $dbh->selectall_arrayref('SELECT groups.id, groups.name, groups.description,
+                                       CASE WHEN group_group_map.member_id IS NOT NULL
+                                            THEN 1 ELSE 0 END,
+                                       CASE WHEN B.member_id IS NOT NULL
+                                            THEN 1 ELSE 0 END,
+                                       CASE WHEN C.member_id IS NOT NULL
+                                            THEN 1 ELSE 0 END
+                                  FROM groups
+                                  LEFT JOIN group_group_map
+                                    ON group_group_map.member_id = groups.id
+                                   AND group_group_map.grantor_id = ?
+                                   AND group_group_map.grant_type = ?
+                                  LEFT JOIN group_group_map as B
+                                    ON B.member_id = groups.id
+                                   AND B.grantor_id = ?
+                                   AND B.grant_type = ?
+                                  LEFT JOIN group_group_map as C
+                                    ON C.member_id = groups.id
+                                   AND C.grantor_id = ?
+                                   AND C.grant_type = ?
+                                 ORDER by name',
+                                undef, ($group_id, GROUP_MEMBERSHIP,
+                                        $group_id, GROUP_BLESS,
+                                        $group_id, GROUP_VISIBLE));
+
+    foreach (@$group_list) {
+        my ($grpid, $grpnam, $grpdesc, $grpmember, $blessmember, $membercansee) = @$_;
         my $group = {};
         $group->{'grpid'}       = $grpid;
         $group->{'grpnam'}      = $grpnam;
@@ -236,7 +242,7 @@ if ($action eq 'changeform') {
     $vars->{'isbuggroup'}  = $isbuggroup;
     $vars->{'groups'}      = \@groups;
 
-    print Bugzilla->cgi->header();
+    print $cgi->header();
     $template->process("admin/groups/edit.html.tmpl", $vars)
       || ThrowTemplateError($template->error());
 
@@ -250,7 +256,7 @@ if ($action eq 'changeform') {
 #
 
 if ($action eq 'add') {
-    print Bugzilla->cgi->header();
+    print $cgi->header();
     $template->process("admin/groups/create.html.tmpl", $vars)
       || ThrowTemplateError($template->error());
     
@@ -273,37 +279,35 @@ if ($action eq 'new') {
     my $isactive = $cgi->param('isactive') ? 1 : 0;
 
     # Add the new group
-    SendSQL("INSERT INTO groups ( " .
-            "name, description, isbuggroup, userregexp, isactive, last_changed " .
-            " ) VALUES ( " .
-            SqlQuote($name) . ", " .
-            SqlQuote($desc) . ", " .
-            "1," .
-            SqlQuote($regexp) . ", " . 
-            $isactive . ", NOW())" );
+    $dbh->do('INSERT INTO groups
+              (name, description, isbuggroup,
+               userregexp, isactive, last_changed)
+              VALUES (?, ?, 1, ?, ?, NOW())',
+              undef, ($name, $desc, $regexp, $isactive));
+
     my $gid = $dbh->bz_last_key('groups', 'id');
     my $admin = GroupNameToId('admin');
     # Since we created a new group, give the "admin" group all privileges
     # initially.
-    SendSQL("INSERT INTO group_group_map (member_id, grantor_id, grant_type)
-             VALUES ($admin, $gid, " . GROUP_MEMBERSHIP . ")");
-    SendSQL("INSERT INTO group_group_map (member_id, grantor_id, grant_type)
-             VALUES ($admin, $gid, " . GROUP_BLESS . ")");
-    SendSQL("INSERT INTO group_group_map (member_id, grantor_id, grant_type)
-             VALUES ($admin, $gid, " . GROUP_VISIBLE . ")");
+    my $sth = $dbh->prepare('INSERT INTO group_group_map
+                             (member_id, grantor_id, grant_type)
+                             VALUES (?, ?, ?)');
+
+    $sth->execute($admin, $gid, GROUP_MEMBERSHIP);
+    $sth->execute($admin, $gid, GROUP_BLESS);
+    $sth->execute($admin, $gid, GROUP_VISIBLE);
+
     # Permit all existing products to use the new group if makeproductgroups.
     if ($cgi->param('insertnew')) {
-        SendSQL("INSERT INTO group_control_map " .
-                "(group_id, product_id, entry, membercontrol, " .
-                "othercontrol, canedit) " .
-                "SELECT $gid, products.id, 0, " .
-                CONTROLMAPSHOWN . ", " .
-                CONTROLMAPNA . ", 0 " .
-                "FROM products");
+        $dbh->do('INSERT INTO group_control_map
+                  (group_id, product_id, entry, membercontrol,
+                   othercontrol, canedit)
+                  SELECT ?, products.id, 0, ?, ?, 0 FROM products',
+                  undef, ($gid, CONTROLMAPSHOWN, CONTROLMAPNA));
     }
     RederiveRegexp($regexp, $gid);
 
-    print Bugzilla->cgi->header();
+    print $cgi->header();
     $template->process("admin/groups/created.html.tmpl", $vars)
       || ThrowTemplateError($template->error());
     exit;
@@ -327,38 +331,24 @@ if ($action eq 'del') {
         ThrowUserError("system_group_not_deletable", { name => $name });
     }
 
-    my $hasusers = 0;
-    SendSQL("SELECT user_id FROM user_group_map 
-             WHERE group_id = $gid AND isbless = 0");
-    if (FetchOneColumn()) {
-        $hasusers = 1;
-    }
-
-    my $hasbugs = 0;
-    my $buglist = "0";
-    SendSQL("SELECT bug_id FROM bug_group_map WHERE group_id = $gid");
+    my $hasusers = $dbh->selectrow_array('SELECT 1 FROM user_group_map 
+                                          WHERE group_id = ? AND isbless = 0 ' .
+                                          $dbh->sql_limit(1),
+                                          undef, $gid) || 0;
 
-    if (MoreSQLData()) {
-        $hasbugs = 1;
+    my $bug_ids = $dbh->selectcol_arrayref('SELECT bug_id FROM bug_group_map
+                                            WHERE group_id = ?', undef, $gid);
 
-        while (MoreSQLData()) {
-            my ($bug) = FetchSQLData();
-            $buglist .= "," . $bug;
-        }
-    }
+    my $hasbugs = scalar(@$bug_ids) ? 1 : 0;
+    my $buglist = join(',', @$bug_ids);
 
-    my $hasproduct = 0;
-    SendSQL("SELECT name FROM products WHERE name=" . SqlQuote($name));
-    if (MoreSQLData()) {
-        $hasproduct = 1;
-    }
+    my $hasproduct = get_product_id($name) ? 1 : 0;
 
-    my $hasflags = 0;
-    SendSQL("SELECT id FROM flagtypes 
-             WHERE grant_group_id = $gid OR request_group_id = $gid");
-    if (FetchOneColumn()) {
-        $hasflags = 1;
-    }
+    my $hasflags = $dbh->selectrow_array('SELECT 1 FROM flagtypes 
+                                           WHERE grant_group_id = ?
+                                              OR request_group_id = ? ' .
+                                          $dbh->sql_limit(1),
+                                          undef, ($gid, $gid)) || 0;
 
     $vars->{'gid'}         = $gid;
     $vars->{'name'}        = $name;
@@ -369,7 +359,7 @@ if ($action eq 'del') {
     $vars->{'hasflags'}    = $hasflags;
     $vars->{'buglist'}     = $buglist;
 
-    print Bugzilla->cgi->header();
+    print $cgi->header();
     $template->process("admin/groups/delete.html.tmpl", $vars)
       || ThrowTemplateError($template->error());
     
@@ -394,53 +384,62 @@ if ($action eq 'delete') {
 
     my $cantdelete = 0;
 
-    SendSQL("SELECT user_id FROM user_group_map 
-             WHERE group_id = $gid AND isbless = 0");
-    if (FetchOneColumn()) {
-        if (!defined $cgi->param('removeusers')) {
-            $cantdelete = 1;
-        }
+    my $hasusers = $dbh->selectrow_array('SELECT 1 FROM user_group_map 
+                                          WHERE group_id = ? AND isbless = 0 ' .
+                                          $dbh->sql_limit(1),
+                                          undef, $gid) || 0;
+    if ($hasusers && !defined $cgi->param('removeusers')) {
+        $cantdelete = 1;
     }
-    SendSQL("SELECT bug_id FROM bug_group_map WHERE group_id = $gid");
-    if (FetchOneColumn()) {
-        if (!defined $cgi->param('removebugs')) {
-            $cantdelete = 1;
-        }
+
+    my $hasbugs = $dbh->selectrow_array('SELECT 1 FROM bug_group_map
+                                         WHERE group_id = ? ' .
+                                         $dbh->sql_limit(1),
+                                         undef, $gid) || 0;
+    if ($hasbugs && !defined $cgi->param('removebugs')) {
+        $cantdelete = 1;
     }
-    SendSQL("SELECT name FROM products WHERE name=" . SqlQuote($name));
-    if (FetchOneColumn()) {
-        if (!defined $cgi->param('unbind')) {
-            $cantdelete = 1;
-        }
+
+    if (get_product_id($name) && !defined $cgi->param('unbind')) {
+        $cantdelete = 1;
     }
-    SendSQL("SELECT id FROM flagtypes 
-             WHERE grant_group_id = $gid OR request_group_id = $gid");
-    if (FetchOneColumn()) {
-        if (!defined $cgi->param('removeflags')) {
-            $cantdelete = 1;
-        }
+
+    my $hasflags = $dbh->selectrow_array('SELECT 1 FROM flagtypes 
+                                           WHERE grant_group_id = ?
+                                              OR request_group_id = ? ' .
+                                          $dbh->sql_limit(1),
+                                          undef, ($gid, $gid)) || 0;
+    if ($hasflags && !defined $cgi->param('removeflags')) {
+        $cantdelete = 1;
     }
 
     if (!$cantdelete) {
-        SendSQL("UPDATE flagtypes SET grant_group_id = NULL 
-                 WHERE grant_group_id = $gid");
-        SendSQL("UPDATE flagtypes SET request_group_id = NULL 
-                 WHERE request_group_id = $gid");
-        SendSQL("DELETE FROM user_group_map WHERE group_id = $gid");
-        SendSQL("DELETE FROM group_group_map WHERE grantor_id = $gid");
-        SendSQL("DELETE FROM bug_group_map WHERE group_id = $gid");
-        SendSQL("DELETE FROM group_control_map WHERE group_id = $gid");
-        SendSQL("DELETE FROM whine_schedules WHERE " .
-                "mailto_type = " . MAILTO_GROUP . " " .
-                "AND mailto = $gid");
-        SendSQL("DELETE FROM groups WHERE id = $gid");
+        $dbh->do('UPDATE flagtypes SET grant_group_id = ?
+                   WHERE grant_group_id = ?',
+                  undef, (undef, $gid));
+        $dbh->do('UPDATE flagtypes SET request_group_id = ?
+                   WHERE request_group_id = ?',
+                  undef, (undef, $gid));
+        $dbh->do('DELETE FROM user_group_map WHERE group_id = ?',
+                  undef, $gid);
+        $dbh->do('DELETE FROM group_group_map WHERE grantor_id = ?',
+                  undef, $gid);
+        $dbh->do('DELETE FROM bug_group_map WHERE group_id = ?',
+                  undef, $gid);
+        $dbh->do('DELETE FROM group_control_map WHERE group_id = ?',
+                  undef, $gid);
+        $dbh->do('DELETE FROM whine_schedules
+                   WHERE mailto_type = ? AND mailto = ?',
+                  undef, (MAILTO_GROUP, $gid));
+        $dbh->do('DELETE FROM groups WHERE id = ?',
+                  undef, $gid);
     }
 
     $vars->{'gid'}        = $gid;
     $vars->{'name'}       = $name;
     $vars->{'cantdelete'} = $cantdelete;
 
-    print Bugzilla->cgi->header();
+    print $cgi->header();
     $template->process("admin/groups/deleted.html.tmpl", $vars)
       || ThrowTemplateError($template->error());
 
@@ -474,7 +473,7 @@ if ($action eq 'postchanges') {
         $vars->{'regexp'} = $regexp;
     }
     
-    print Bugzilla->cgi->header();
+    print $cgi->header();
     $template->process("admin/groups/change.html.tmpl", $vars)
       || ThrowTemplateError($template->error());
     exit;
@@ -487,19 +486,20 @@ if (($action eq 'remove_all_regexp') || ($action eq 'remove_all')) {
 
     my $gid = CheckGroupID($cgi->param('group'));
 
-    my $sth = $dbh->prepare("SELECT name, userregexp FROM groups
-                             WHERE id = ?");
-    $sth->execute($gid);
-    my ($name, $regexp) = $sth->fetchrow_array();
+    my ($name, $regexp) =
+      $dbh->selectrow_array('SELECT name, userregexp FROM groups
+                             WHERE id = ?', undef, $gid);
+
     $dbh->bz_lock_tables('groups WRITE', 'profiles READ',
                          'user_group_map WRITE');
-    $sth = $dbh->prepare("SELECT user_group_map.user_id, profiles.login_name
-                            FROM user_group_map
-                      INNER JOIN profiles
-                              ON user_group_map.user_id = profiles.userid
-                           WHERE user_group_map.group_id = ?
-                             AND grant_type = ?
-                             AND isbless = 0");
+
+    my $sth = $dbh->prepare("SELECT user_group_map.user_id, profiles.login_name
+                               FROM user_group_map
+                         INNER JOIN profiles
+                                 ON user_group_map.user_id = profiles.userid
+                              WHERE user_group_map.group_id = ?
+                                AND grant_type = ?
+                                AND isbless = 0");
     $sth->execute($gid, GRANT_DIRECT);
 
     my @users;
@@ -507,11 +507,12 @@ if (($action eq 'remove_all_regexp') || ($action eq 'remove_all')) {
                               WHERE user_id = ?
                               AND isbless = 0
                               AND group_id = ?");
+
     while ( my ($userid, $userlogin) = $sth->fetchrow_array() ) {
         if ((($regexp =~ /\S/) && ($userlogin =~ m/$regexp/i))
             || ($action eq 'remove_all'))
         {
-            $sth2->execute($userid,$gid);
+            $sth2->execute($userid, $gid);
 
             my $user = {};
             $user->{'login'} = $userlogin;
@@ -519,10 +520,8 @@ if (($action eq 'remove_all_regexp') || ($action eq 'remove_all')) {
         }
     }
 
-    $sth = $dbh->prepare("UPDATE groups
-             SET last_changed = NOW()
-             WHERE id = ?");
-    $sth->execute($gid);
+    $dbh->do('UPDATE groups SET last_changed = NOW()
+              WHERE id = ?', undef, $gid);
     $dbh->bz_unlock_tables();
 
     $vars->{'users'}      = \@users;
@@ -531,7 +530,7 @@ if (($action eq 'remove_all_regexp') || ($action eq 'remove_all')) {
     $vars->{'remove_all'} = ($action eq 'remove_all');
     $vars->{'gid'}        = $gid;
     
-    print Bugzilla->cgi->header();
+    print $cgi->header();
     $template->process("admin/groups/remove.html.tmpl", $vars)
       || ThrowTemplateError($template->error());
 
@@ -550,7 +549,6 @@ ThrowCodeError("action_unrecognized", $vars);
 sub doGroupChanges {
     my $cgi = Bugzilla->cgi;
     my $dbh = Bugzilla->dbh;
-    my $sth;
 
     $dbh->bz_lock_tables('groups WRITE', 'group_group_map WRITE',
                          'user_group_map WRITE', 'profiles READ',
@@ -563,8 +561,8 @@ sub doGroupChanges {
 
     # The name and the description of system groups cannot be edited.
     # We then need to know if the group being edited is a system group.
-    SendSQL("SELECT isbuggroup FROM groups WHERE id = $gid");
-    my ($isbuggroup) = FetchSQLData();
+    my $isbuggroup = $dbh->selectrow_array('SELECT isbuggroup FROM groups
+                                            WHERE id = ?', undef, $gid);
     my $name;
     my $desc;
     my $isactive;
@@ -583,27 +581,36 @@ sub doGroupChanges {
 
         if ($name ne $cgi->param('oldname')) {
             $chgs = 1;
-            $sth = $dbh->do("UPDATE groups SET name = ? WHERE id = ?",
-                            undef, $name, $gid);
+            $dbh->do('UPDATE groups SET name = ? WHERE id = ?',
+                      undef, ($name, $gid));
         }
         if ($desc ne $cgi->param('olddesc')) {
             $chgs = 1;
-            $sth = $dbh->do("UPDATE groups SET description = ? WHERE id = ?",
-                            undef, $desc, $gid);
+            $dbh->do('UPDATE groups SET description = ? WHERE id = ?',
+                      undef, ($desc, $gid));
         }
         if ($isactive ne $cgi->param('oldisactive')) {
             $chgs = 1;
-            $sth = $dbh->do("UPDATE groups SET isactive = ? WHERE id = ?",
-                            undef, $isactive, $gid);
+            $dbh->do('UPDATE groups SET isactive = ? WHERE id = ?',
+                      undef, ($isactive, $gid));
         }
     }
     if ($regexp ne $cgi->param('oldregexp')) {
         $chgs = 1;
-        $sth = $dbh->do("UPDATE groups SET userregexp = ? WHERE id = ?",
-                        undef, $regexp, $gid);
+        $dbh->do('UPDATE groups SET userregexp = ? WHERE id = ?',
+                  undef, ($regexp, $gid));
         RederiveRegexp($regexp, $gid);
     }
 
+    my $sthInsert = $dbh->prepare('INSERT INTO group_group_map
+                                   (member_id, grantor_id, grant_type)
+                                   VALUES (?, ?, ?)');
+
+    my $sthDelete = $dbh->prepare('DELETE FROM group_group_map
+                                    WHERE member_id = ?
+                                      AND grantor_id = ?
+                                      AND grant_type = ?');
+
     foreach my $b (grep {/^oldgrp-\d*$/} $cgi->param()) {
         if (defined($cgi->param($b))) {
             $b =~ /^oldgrp-(\d+)$/;
@@ -612,13 +619,9 @@ sub doGroupChanges {
             if (($v != $gid) && ($cgi->param("oldgrp-$v") != $grp)) {
                 $chgs = 1;
                 if ($grp != 0) {
-                    SendSQL("INSERT INTO group_group_map 
-                             (member_id, grantor_id, grant_type)
-                             VALUES ($v, $gid," . GROUP_MEMBERSHIP . ")");
+                    $sthInsert->execute($v, $gid, GROUP_MEMBERSHIP);
                 } else {
-                    SendSQL("DELETE FROM group_group_map
-                             WHERE member_id = $v AND grantor_id = $gid
-                             AND grant_type = " . GROUP_MEMBERSHIP);
+                    $sthDelete->execute($v, $gid, GROUP_MEMBERSHIP);
                 }
             }
 
@@ -627,13 +630,9 @@ sub doGroupChanges {
             if ((defined $oldbless) and ($oldbless != $bless)) {
                 $chgs = 1;
                 if ($bless != 0) {
-                    SendSQL("INSERT INTO group_group_map 
-                             (member_id, grantor_id, grant_type)
-                             VALUES ($v, $gid," . GROUP_BLESS . ")");
+                    $sthInsert->execute($v, $gid, GROUP_BLESS);
                 } else {
-                    SendSQL("DELETE FROM group_group_map
-                             WHERE member_id = $v AND grantor_id = $gid
-                             AND grant_type = " . GROUP_BLESS);
+                    $sthDelete->execute($v, $gid, GROUP_BLESS);
                 }
             }
 
@@ -642,22 +641,19 @@ sub doGroupChanges {
                && ($cgi->param("oldcansee-$v") != $cansee)) {
                 $chgs = 1;
                 if ($cansee != 0) {
-                    SendSQL("INSERT INTO group_group_map 
-                             (member_id, grantor_id, grant_type)
-                             VALUES ($v, $gid," . GROUP_VISIBLE . ")");
+                    $sthInsert->execute($v, $gid, GROUP_VISIBLE);
                 } else {
-                    SendSQL("DELETE FROM group_group_map
-                             WHERE member_id = $v AND grantor_id = $gid
-                             AND grant_type = " . GROUP_VISIBLE);
+                    $sthDelete->execute($v, $gid, GROUP_VISIBLE);
                 }
             }
 
         }
     }
-    
+
     if ($chgs) {
         # mark the changes
-        SendSQL("UPDATE groups SET last_changed = NOW() WHERE id = $gid");
+        $dbh->do('UPDATE groups SET last_changed = NOW()
+                  WHERE id = ?', undef, $gid);
     }
     $dbh->bz_unlock_tables();
     return $gid, $chgs, $name, $regexp;