Bug 297794: initBug's verification of user_id being an email is bogus - Patch by...

diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm
index 7cfd1b3824eccd756eab1d8d2fe814becaab7f57..39864d252a41fd8883a9d9c2160ebab533f4a306 100755 (executable)
--- a/Bugzilla/Bug.pm
+++ b/Bugzilla/Bug.pm
@@ -137,14 +137,14 @@ sub initBug  {
       return $self;
   }
 
-# default userid 0, or get DBID if you used an email address
-  unless (defined $user_id) {
+  # If the user is not logged in, sets $user_id to 0.
+  # Else gets $user_id from the user login name if this
+  # argument is not numeric.
+  my $stored_user_id = $user_id;
+  if (!defined $user_id) {
     $user_id = 0;
-  }
-  else {
-     if ($user_id =~ /^\@/) {
-        $user_id = login_to_id($user_id); 
-     }
+  } elsif (!detaint_natural($user_id)) {
+    $user_id = login_to_id($stored_user_id); 
   }
 
   $self->{'who'} = new Bugzilla::User($user_id);