]> git.ipfire.org Git - thirdparty/bugzilla.git/commitdiff
projects / thirdparty / bugzilla.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 49b9c2a)
Bug 244272: Remove editusers 'query' parameter
authorbugreport%peshkin.net <>
Sat, 10 Jul 2004 14:53:18 +0000 (14:53 +0000)
committerbugreport%peshkin.net <>
Sat, 10 Jul 2004 14:53:18 +0000 (14:53 +0000)
patch by jouni
r=justdave
a=justdave

editgroups.cgi patch | blob | blame | history
editusers.cgi patch | blob | blame | history

diff --git a/editgroups.cgi b/editgroups.cgi
index 9c93363c00b272b8568f5fd0f4c363daeeb3fad6..b00b508534ab89160ceed25f45c5fc29dea1832c 100755 (executable)
--- a/editgroups.cgi
+++ b/editgroups.cgi
@@ -398,8 +398,9 @@ if ($action eq 'del') {
        print "
 <B>One or more users belong to this group. You cannot delete this group while
 there are users in it.</B><BR>
-<A HREF=\"editusers.cgi?action=list&query=" .
-url_quote("(groupset & $bit) OR (blessgroupset & $bit)") . "\">Show me which users.</A> - <INPUT TYPE=CHECKBOX NAME=\"removeusers\">Remove all users from
+<A HREF=\"editusers.cgi?action=list&amp;group=$bit\">
+Show me which users.</A> - 
+<INPUT TYPE=CHECKBOX NAME=\"removeusers\">Remove all users from
 this group for me<P>
 ";
     }
diff --git a/editusers.cgi b/editusers.cgi
index a6c358d554a477b7c57bdd0ed5fe7cea40645232..be5eca2decfd7c42f959aefd795932baafca525c 100755 (executable)
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -314,9 +314,14 @@ if ($action eq 'list') {
           die "Unknown match type";
       }
       $query .= SqlQuote($matchstr) . " ORDER BY login_name";
-    } elsif (exists $::FORM{'query'}) {
+    } elsif (exists $::FORM{'group'}) {
+      my $group = $::FORM{'group'};
+      detaint_natural($group);
+      die "Invalid group" unless $group;
       $query = "SELECT login_name,realname,disabledtext " .
-          "FROM profiles WHERE " . $::FORM{'query'} . " ORDER BY login_name";
+               "FROM profiles WHERE ((groupset & $group) " .
+               "                     OR (blessgroupset & $group)) " .
+               "ORDER BY login_name";
     } else {
       die "Missing parameters";
     }
Mirror of https://github.com/bugzilla/bugzilla.git