Fix for bug 179494: prevents Bugzilla from thinking users have changed flags when...

r=bbaetz
a=myk

diff --git a/Bugzilla/Flag.pm b/Bugzilla/Flag.pm
index bb592f0064596119f1b07f5b9cbae276ace89529..31e80ab3f09143296821c751d4404f42eebdf3d8 100644 (file)
--- a/Bugzilla/Flag.pm
+++ b/Bugzilla/Flag.pm
@@ -312,16 +312,26 @@ sub modify {
         my $flag = get($id);
 
         my $status = $data->{"flag-$id"};
-        my $requestee_email = $data->{"requestee-$id"};
-
-        # Ignore flags the user didn't change.
-        next if ($status eq $flag->{'status'} && $flag->{'requestee'}
-                 && $requestee_email eq $flag->{'requestee'}->{'email'});
-
+        my $requestee_email = &::trim($data->{"requestee-$id"});
+        
+        # Ignore flags the user didn't change.  A flag hasn't changed
+        # if its status and requestee remain the same.  Status is easy;
+        # we just compare the existing status with the submitted one.
+        # For requestee, however, we have to be careful not to compare
+        # the two if the flag isn't specifically requestable or isn't 
+        # being requested, otherwise we'll get false positives and think 
+        # the user changed the flag when they didn't.
+        next if 
+          $status eq $flag->{'status'}    # the flag's status hasn't changed, and
+          && (!$flag->{'is_requesteeble'} # the flag isn't specifically requestable, or
+              || $status ne "?"           # the flag isn't being requested, or
+              || ($flag->{'requestee'}    # the requestee hasn't changed
+                  && ($requestee_email eq $flag->{'requestee'}->{'email'})));
+        
         # Since the status is validated, we know it's safe, but it's still
         # tainted, so we have to detaint it before using it in a query.
         &::trick_taint($status);
-                
+        
         if ($status eq '+' || $status eq '-') {
             &::SendSQL("UPDATE flags 
                         SET    setter_id = $::userid , 

diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm
index 7cf05d93585de3f7b8964ee2df89d49d066737fb..b12b5e135871b5aa91c764fead33ad8951ff1c13 100644 (file)
--- a/Bugzilla/User.pm
+++ b/Bugzilla/User.pm
@@ -314,8 +314,12 @@ sub match_field {
             if ((scalar(@{$users}) == 1)
                 && (@{$users}[0]->{'email'} eq $query))
             {
-                $vars->{'form'}->{$field} .= @{$users}[0]->{'email'} . " ";
-                push @{$vars->{'mform'}->{$field}}, @{$users}[0]->{'email'} . " ";
+                # delimit with spaces if necessary
+                if ($vars->{'form'}->{$field}) {
+                    $vars->{'form'}->{$field} .= " ";
+                }
+                $vars->{'form'}->{$field} .= @{$users}[0]->{'email'};
+                push @{$vars->{'mform'}->{$field}}, @{$users}[0]->{'email'};
                 next;
             }
 
@@ -324,10 +328,13 @@ sub match_field {
 
             # here is where it checks for multiple matches
 
-            if (scalar(@{$users}) == 1) {
-                # exactly one match
-                $vars->{'form'}->{$field} .= @{$users}[0]->{'email'} . " ";
-                push @{$vars->{'mform'}->{$field}}, @{$users}[0]->{'email'} . " ";
+            if (scalar(@{$users}) == 1) { # exactly one match
+                # delimit with spaces if necessary
+                if ($vars->{'form'}->{$field}) {
+                    $vars->{'form'}->{$field} .= " ";
+                }
+                $vars->{'form'}->{$field} .= @{$users}[0]->{'email'};
+                push @{$vars->{'mform'}->{$field}}, @{$users}[0]->{'email'};
                 $need_confirm = 1 if &::Param('confirmuniqueusermatch');
 
             }