return '(' . join(' || ', @params) . ')';
}
+sub sql_string_until {
+ my ($self, $string, $substring) = @_;
+ return "SUBSTRING($string FROM 1 FOR " .
+ $self->sql_position($substring, $string) . " - 1)";
+}
+
sub sql_in {
my ($self, $column_name, $in_list_ref) = @_;
return " $column_name IN (" . join(',', @$in_list_ref) . ") ";
=back
+=item C<sql_string_until>
+
+=over
+
+=item B<Description>
+
+Returns SQL for truncating a string at the first occurrence of a certain
+substring.
+
+=item B<Params>
+
+Note that both parameters need to be sql-quoted.
+
+=item C<$string> The string we're truncating
+
+=item C<$substring> The substring we're truncating at.
+
+=back
+
=item C<sql_fulltext_search>
=over
html_light => \&Bugzilla::Util::html_light_quote,
+ email => \&Bugzilla::Util::email_filter,
+
# iCalendar contentline filter
ics => [ sub {
my ($context, @args) = @_;
use DateTime;
use DateTime::TimeZone;
use Digest;
+use Email::Address;
use Scalar::Util qw(tainted);
use Text::Wrap;
}
}
+sub email_filter {
+ my ($toencode) = @_;
+ if (!Bugzilla->user->id) {
+ my @emails = Email::Address->parse($toencode);
+ if (scalar @emails) {
+ my @hosts = map { quotemeta($_->host) } @emails;
+ my $hosts_re = join('|', @hosts);
+ $toencode =~ s/\@(?:$hosts_re)//g;
+ return $toencode;
+ }
+ }
+ return $toencode;
+}
+
# This originally came from CGI.pm, by Lincoln D. Stein
sub url_quote {
my ($toencode) = (@_);
html_quote($var);
url_quote($var);
xml_quote($var);
+ email_filter($var);
# Functions for decoding
$rv = url_decode($var);
Converts the %xx encoding from the given URL back to its original form.
+=item C<email_filter>
+
+Removes the hostname from email addresses in the string, if the user
+currently viewing Bugzilla is logged out. If the user is logged-in,
+this filter just returns the input string.
+
=back
=head2 Environment and Location
my $name = 'bugs.' . $field->name;
if ($id eq 'assigned_to' || $id eq 'reporter' || $id eq 'qa_contact') {
$name = 'map_' . $field->name . '.login_name';
+ if (!Bugzilla->user->id) {
+ $name = $dbh->sql_string_until($name, $dbh->quote('@'));
+ }
}
elsif ($id eq 'product' || $id eq 'component' || $id eq 'classification') {
$name = 'map_' . $field->name . 's.name';
$columns->{$id} = { 'name' => $name, 'title' => $field->description };
}
-if ($format->{'extension'} eq 'html') {
- $columns->{assigned_to_realname} = { name => "CASE WHEN map_assigned_to.realname = '' THEN map_assigned_to.login_name ELSE map_assigned_to.realname END AS assigned_to_realname", title => "Assignee" };
- $columns->{reporter_realname} = { name => "CASE WHEN map_reporter.realname = '' THEN map_reporter.login_name ELSE map_reporter.realname END AS reporter_realname", title => "Reporter" };
- $columns->{qa_contact_realname} = { name => "CASE WHEN map_qa_contact.realname = '' THEN map_qa_contact.login_name ELSE map_qa_contact.realname END AS qa_contact_realname", title => "QA Contact" };
-} else {
- $columns->{assigned_to_realname} = { name => "map_assigned_to.realname AS assigned_to_realname", title => "Assignee" };
- $columns->{reporter_realname} = { name => "map_reporter.realname AS reporter_realname", title => "Reporter" };
- $columns->{qa_contact_realname} = { name => "map_qa_contact.realname AS qa_contact_realname", title => "QA Contact" };
+foreach my $col (qw(assigned_to reporter qa_contact)) {
+ my $colname = "${col}_realname";
+ if ($format->{'extension'} eq 'html') {
+ my $login = "map_${col}.login_name";
+ if (!Bugzilla->user->id) {
+ $login = $dbh->sql_string_until($login, $dbh->quote('@'));
+ }
+ $columns->{$colname}->{name} =
+ "CASE WHEN map_${col}.realname = ''
+ THEN $login ELSE map_${col}.realname
+ END AS $colname";
+ }
+ else {
+ $columns->{$colname}->{name} = "map_${col}.realname AS $colname";
+ }
}
+$columns->{assigned_to_realname}->{title} = "Assignee";
+$columns->{reporter_realname}->{title} = "Reporter";
+$columns->{qa_contact_realname}->{title} = "QA Contact";
Bugzilla::Hook::process("buglist-columns", {'columns' => $columns} );
# The Original Code are the Bugzilla Tests.
#
# The Initial Developer of the Original Code is Zach Lipton
-# Portions created by Zach Lipton are
-# Copyright (C) 2002 Zach Lipton. All
-# Rights Reserved.
+# Portions created by Zach Lipton are Copyright (C) 2002 Zach Lipton.
+# All Rights Reserved.
#
# Contributor(s): Zach Lipton <zach@zachlipton.com>
+# Max Kanat-Alexander <mkanat@bugzilla.org>
#################
use lib 't';
use Support::Files;
+use Test::More tests => 16;
BEGIN {
- use Test::More tests => 12;
- use_ok(Bugzilla);
- use_ok(Bugzilla::Util);
+ use_ok(Bugzilla);
+ use_ok(Bugzilla::Util);
}
# We need to override user preferences so we can get an expected value when
is(format_time("2002.11.24 00:05:56"), "2002-11-24 00:05:56 $tz",'format_time("2002.11.24 00:05:56")');
is(format_time("2002.11.24 00:05:56", "%Y-%m-%d %R"), '2002-11-24 00:05', 'format_time("2002.11.24 00:05:56", "%Y-%m-%d %R") (with no timezone)');
is(format_time("2002.11.24 00:05:56", "%Y-%m-%d %R %Z"), "2002-11-24 00:05 $tz", 'format_time("2002.11.24 00:05:56", "%Y-%m-%d %R %Z") (with timezone)');
+
+# email_filter
+my %email_strings = (
+ 'somebody@somewhere.com' => 'somebody',
+ 'Somebody <somebody@somewhere.com>' => 'Somebody <somebody>',
+ 'One Person <one@person.com>, Two Person <two@person.com>'
+ => 'One Person <one>, Two Person <two>',
+ 'This string contains somebody@somewhere.com and also this@that.com'
+ => 'This string contains somebody and also this',
+);
+foreach my $input (keys %email_strings) {
+ is(Bugzilla::Util::email_filter($input), $email_strings{$input},
+ "email_filter('$input')");
+}
title="Go to the comment associated with the attachment">
[%- attachment.attached FILTER time %]</a>,
- <a href="mailto:[% attachment.attacher.email FILTER html %]"
- title="Write an email to the creator of the attachment">
- [% attachment.attacher.name || attachment.attacher.login FILTER html %]
- </a>
+ [% INCLUDE global/user.html.tmpl who = attachment.attacher %]
</span>
</td>
[% FOREACH operation = operations %]
<tr>
<td rowspan="[% operation.changes.size %]" valign="top">
- [% operation.who FILTER html %]
+ [% operation.who FILTER email FILTER html %]
</td>
<td rowspan="[% operation.changes.size %]" valign="top">
[% operation.when FILTER time %]
change.fieldname == 'dependson' %]
[% change.removed FILTER bug_list_link FILTER none %]
[% ELSE %]
- [% change.removed FILTER html %]
+ [% change.removed FILTER email FILTER html %]
[% END %]
[% ELSE %]
change.fieldname == 'dependson' %]
[% change.added FILTER bug_list_link FILTER none %]
[% ELSE %]
- [% change.added FILTER html %]
+ [% change.added FILTER email FILTER html %]
[% END %]
[% ELSE %]
</span>
<span class="bz_comment_user">
- <span class="vcard">
- <a class="fn email"
- href="mailto:[% comment.author.email FILTER html %]">
- [% (comment.author.name || comment.author.login) FILTER html %]</a>
- </span>
+ [% INCLUDE global/user.html.tmpl who = comment.author %]
</span>
<span class="bz_comment_user_images">
[% END %]
<pre class="bz_comment_text"
[% ' id="comment_text_' _ count _ '"' IF mode == "edit" %]>
- [%- wrapped_comment FILTER quoteUrls(bug.bug_id, comment.already_wrapped) -%]
+ [%- wrapped_comment FILTER email
+ FILTER quoteUrls(bug.bug_id, comment.already_wrapped) -%]
</pre>
</div>
[% END %]
[% BLOCK buginfo %]
[% get_status(bug.bug_status) FILTER html -%] [%+ get_resolution(bug.resolution) FILTER html %];
- [%-%] assigned to [% bug.assigned_to.login FILTER html %]
+ [%-%] assigned to [% bug.assigned_to.login FILTER email FILTER html %]
[%-%][% "; Target: " _ bug.target_milestone IF bug.target_milestone %]
[% END %]
[% IF bug.check_can_change_field("assigned_to", 0, 1) %]
<div id="bz_assignee_edit_container" class="bz_default_hidden">
<span>
- [% INCLUDE user_identity user=> bug.assigned_to %]
+ [% INCLUDE global/user.html.tmpl who = bug.assigned_to %]
(<a href="#" id="bz_assignee_edit_action">edit</a>)
</span>
</div>
initDefaultCheckbox('assignee');
</script>
[% ELSE %]
- [% INCLUDE user_identity user => bug.assigned_to %]
+ [% INCLUDE global/user.html.tmpl who = bug.assigned_to %]
[% END %]
</td>
</tr>
<label for="qa_contact" accesskey="q"><b><u>Q</u>A Contact</b></label>:
</td>
<td>
-
[% IF bug.check_can_change_field("qa_contact", 0, 1) %]
[% IF bug.qa_contact != "" %]
<div id="bz_qa_contact_edit_container" class="bz_default_hidden">
<span>
<span id="bz_qa_contact_edit_display">
- [% INCLUDE user_identity user=> bug.qa_contact %]</span>
+ [% INCLUDE global/user.html.tmpl who = bug.qa_contact %]</span>
(<a href="#" id="bz_qa_contact_edit_action">edit</a>)
</span>
</div>
initDefaultCheckbox('qa_contact');
</script>
[% ELSE %]
- [% INCLUDE user_identity user => bug.qa_contact %]
+ [% INCLUDE global/user.html.tmpl who = bug.qa_contact %]
[% END %]
</td>
</tr>
<b>Reported</b>:
</td>
<td>
- [% bug.creation_ts FILTER time %] by [% INCLUDE user_identity user => bug.reporter %]
+ [% bug.creation_ts FILTER time %] by [% INCLUDE global/user.html.tmpl who = bug.reporter %]
</td>
</tr>
[%# Block for CC LIST #%]
[%############################################################################%]
[% BLOCK section_cclist %]
- [% IF user.id %]
<tr>
- <td class="field_label">
- <label for="newcc" accesskey="a"><b>CC List</b>:</label>
- </td>
+ <td class="field_label">
+ <label for="newcc" accesskey="a"><b>CC List</b>:</label>
+ </td>
<td>
[% IF user.id %]
[% IF NOT bug.cc || NOT bug.cc.contains(user.login) %]
[% END %]
[% END %]
<span id="cc_edit_area_showhide_container" class="bz_default_hidden">
- (<a href="#" id="cc_edit_area_showhide">edit</a>)
+ (<a href="#" id="cc_edit_area_showhide">[% IF user.id %]edit[% ELSE %]show[% END %]</a>)
</span>
<div id="cc_edit_area">
- <div>
+ <br>
+ [% IF user.id %]
<div>
- <label for="cc">
- <b>Add</b>
- </label>
+ <div><label for="cc"><b>Add</b></label></div>
+ [% INCLUDE global/userselect.html.tmpl
+ id => "newcc"
+ name => "newcc"
+ size => 30
+ multiple => 5
+ %]
</div>
- [% INCLUDE global/userselect.html.tmpl
- id => "newcc"
- name => "newcc"
- size => 30
- multiple => 5
- %]
- </div>
- [% IF bug.cc %]
- <select id="cc" name="cc" multiple="multiple" size="5">
- [% FOREACH c = bug.cc %]
- <option value="[% c FILTER html %]">[% c FILTER html %]</option>
[% END %]
- </select>
- [% IF user.id %]
- <br>
- <input type="checkbox" id="removecc" name="removecc">
- [%%]<label for="removecc">Remove selected CCs</label>
- <br>
+ [% IF bug.cc %]
+ <select id="cc" name="cc" multiple="multiple" size="5">
+ [% FOREACH c = bug.cc %]
+ <option value="[% c FILTER email FILTER html %]">
+ [% c FILTER email FILTER html %]</option>
+ [% END %]
+ </select>
+ [% IF user.id %]
+ <br>
+ <input type="checkbox" id="removecc" name="removecc">
+ [%%]<label for="removecc">Remove selected CCs</label>
+ <br>
+ [% END %]
[% END %]
- [% END %]
</div>
<script type="text/javascript">
hideEditableField( 'cc_edit_area_showhide_container',
</script>
</td>
</tr>
- [% END %]
[% END %]
[%############################################################################%]
[% value = undef %]
[% spellcheck = undef %]
[% END %]
-
-[%############################################################################%]
-[%# Block for user identities. Wraps the information inside of an hCard. #%]
-[%############################################################################%]
-
-[% BLOCK user_identity %]
- <span class="vcard">
- [% FILTER collapse %]
- [% IF user.name %]
- <a class="email" href="mailto:[% user.email FILTER html %]"
- title="[% user.email FILTER html %]"
- ><span class="fn">[% user.name FILTER html %]</span
- ></a>
- [% ELSE %]
- <a class="fn email" href="mailto:[% user.email FILTER html %]">
- [% user.email FILTER html %]</a>
- [% END %]
- [% END %]</span>
-[% END %]
-
<th class="rightcell">[% field_descs.cc FILTER html %]:</th>
<td>
[% FOREACH c = bug.cc %]
- [% c FILTER html %][% ", " IF not loop.last() %]
+ [% c FILTER email FILTER html %][% ", " IF not loop.last() %]
[% END %]
[% ELSIF name == "reporter" || name == "assigned_to"
|| name == "qa_contact" %]
<th class="rightcell">[% field_descs.${name} FILTER html %]:</th>
- <td>[% bug.${name}.identity FILTER html %]</td>
+ <td>[% bug.${name}.identity FILTER email FILTER html %]</td>
[% ELSIF name == "flags" %]
<th class="rightcell">Flags:</th>
<td>
<bugzilla version="[% constants.BUGZILLA_VERSION %]"
urlbase="[% urlbase FILTER xml %]"
+ [%# Note that the maintainer's email is not filtered,
+ # intentionally. Even logged-out users should be able
+ # to see that, since it will be in error messages anyway.
+ %]
maintainer="[% Param('maintainer') FILTER xml %]"
[% IF user.id %]
- exporter="[% user.email FILTER xml %]"
+ exporter="[% user.email FILTER email FILTER xml %]"
[% END %]
>
<flag name="[% type.name FILTER xml %]"
id="[% flag.id FILTER xml %]"
status="[% flag.status FILTER xml %]"
- setter="[% flag.setter.login FILTER xml %]"
+ setter="[% flag.setter.login FILTER email FILTER xml %]"
[% IF flag.requestee %]
- requestee="[% flag.requestee.login FILTER xml %]"
+ requestee="[% flag.requestee.login FILTER email FILTER xml %]"
[% END %]
/>
[% END %]
[% FOREACH c = bug.longdescs %]
[% NEXT IF c.isprivate && !user.in_group(Param("insidergroup")) %]
<long_desc isprivate="[% c.isprivate FILTER xml %]">
- <who name="[% c.author.name FILTER xml %]">[% c.author.email FILTER xml %]</who>
+ <who name="[% c.author.name FILTER xml %]">[% c.author.email FILTER email FILTER xml %]</who>
<bug_when>[% c.time FILTER time FILTER xml %]</bug_when>
[% IF user.in_group(Param('timetrackinggroup')) && (c.work_time - 0 != 0) %]
<work_time>[% PROCESS formattimeunit time_unit = c.work_time FILTER xml %]</work_time>
[% END %]
- <thetext>[% c.body FILTER xml %]</thetext>
+ <thetext>[% c.body FILTER email FILTER xml %]</thetext>
</long_desc>
[% END %]
[% END %]
<filename>[% a.filename FILTER xml %]</filename>
<type>[% a.contenttype FILTER xml %]</type>
<size>[% a.datasize FILTER xml %]</size>
- <attacher>[% a.attacher.email FILTER xml %]</attacher>
+ <attacher>[% a.attacher.email FILTER email FILTER xml %]</attacher>
[% IF displayfields.attachmentdata %]
<data encoding="base64">[% a.data FILTER base64 %]</data>
[% END %]
<flag name="[% flag.type.name FILTER xml %]"
id="[% flag.id FILTER xml %]"
status="[% flag.status FILTER xml %]"
- setter="[% flag.setter.email FILTER xml %]"
+ setter="[% flag.setter.email FILTER email FILTER xml %]"
[% IF flag.status == "?" && flag.requestee %]
- requestee="[% flag.requestee.email FILTER xml %]"
+ requestee="[% flag.requestee.email FILTER email FILTER xml %]"
[% END %]
/>
[% END %]
[% IF field == 'reporter' OR field == 'assigned_to' OR
field == 'qa_contact' %]
[% name = val.name %]
- [% val = val.email %]
+ [% val = val.email FILTER email %]
+ [% ELSIF field == 'cc' %]
+ [% val = val FILTER email %]
[% ELSIF field == 'creation_ts' OR field == 'delta_ts' %]
[% val = val FILTER time %]
[% END %]
- <[% field %][% IF name != '' %] name="[% name FILTER xml %]"[% END -%]>[% val FILTER xml %]</[% field %]>
+ <[% field %][% IF name != '' %] name="[% name FILTER xml %]"[% END -%]>
+ [%- val FILTER xml %]</[% field %]>
[% END %]
[% END %]
[% total = total + voter.vote_count %]
<tr>
<td>
- <a href="votes.cgi?action=show_user&user=[% voter.login_name FILTER url_quote %]">
- [% voter.login_name FILTER html %]
+ <a href="votes.cgi?action=show_user&user_id=
+ [%- voter.id FILTER url_quote %]">
+ [% voter.login_name FILTER email FILTER html %]
</a>
</td>
<td align="right">
--- /dev/null
+[%# The contents of this file are subject to the Mozilla Public
+ # License Version 1.1 (the "License"); you may not use this file
+ # except in compliance with the License. You may obtain a copy of
+ # the License at http://www.mozilla.org/MPL/
+ #
+ # Software distributed under the License is distributed on an "AS
+ # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ # implied. See the License for the specific language governing
+ # rights and limitations under the License.
+ #
+ # The Original Code is the Bugzilla Bug Tracking System.
+ #
+ # The Initial Developer of the Original Code is Daniel Brooks.
+ # Portions created by the Initial Developer are Copyright (C) 2007
+ # the Initial Developer. All Rights Reserved.
+ #
+ # Contributor(s):
+ # Daniel Brooks <db48x@db48x.net>
+ # Max Kanat-Alexander <mkanat@bugzilla.org>
+ #%]
+
+[%# INTERFACE:
+ # who: A Bugzilla::User object that we are going to represent.
+ #%]
+
+<span class="vcard">
+ [% FILTER collapse %]
+ [% IF user.id %]
+ <a class="email" href="mailto:[% who.email FILTER html %]"
+ title="[% who.identity FILTER html %]">
+ [%- END -%]
+ [% IF who.name %]
+ <span class="fn">[% who.name FILTER html %]</span>
+ [% ELSE %]
+ [% who.login FILTER email FILTER html %]
+ [% END %]
+ [% '</a>' IF user.id %]
+ [% END %]
+</span>
|
[% END %]
- [% IF bugowners %]
+ [% IF bugowners && user.id %]
<a href="mailto:
[% bugowners FILTER html %]">Send Mail to [% terms.Bug %] Assignees</a> |
[% END %]
<a name="[% comp.name FILTER html %]">[% comp.name FILTER html %]</a>
</td>
<td>
- <a href="mailto:[% comp.default_assignee.email FILTER html %]">
- [% comp.default_assignee.login FILTER html %]</a>
+ [% INCLUDE global/user.html.tmpl who = comp.default_assignee %]
</td>
[% IF Param("useqacontact") %]
<td>
- <a href="mailto:[% comp.default_qa_contact.email FILTER html %]">
- [% comp.default_qa_contact.login FILTER html %]</a>
+ [% INCLUDE global/user.html.tmpl who = comp.default_qa_contact %]
</td>
[% END %]
</tr>
[% row_field_disp = field_descs.$row_field || row_field %]
[% IF tbl_field %]
- [% tbl_field_disp FILTER csv %]: [% tbl FILTER csv %]
+ [% IF tbl_field == 'assigned_to' OR tbl_field == 'reporter'
+ OR tbl_field == 'qa_contact'
+ %]
+ [% tbl_disp = tbl FILTER email %]
+ [% ELSE %]
+ [% tbl_disp = tbl %]
+ [% END %]
+ [% tbl_field_disp FILTER csv %]: [% tbl_disp FILTER csv %]
[% END %]
[% IF row_field %]
[% row_field_disp FILTER csv %]
[% IF col_field -%]
[% FOREACH col = col_names -%]
[% colsepchar %]
- [% IF col_field == 'bug_status' %]
- [% get_status(col) FILTER csv -%]
- [% ELSIF col_field == 'resolution' %]
- [% get_resolution(col) FILTER csv -%]
- [% ELSE %]
- [% col FILTER csv -%]
- [% END %]
+ [% PROCESS value_display value = col field = col_field %]
[% END -%]
[% ELSE -%]
[% colsepchar %][% num_bugs FILTER csv %]
[% END %]
[% FOREACH row = row_names %]
- [% IF row_field == 'bug_status' %]
- [% get_status(row) FILTER csv -%]
- [% ELSIF row_field == 'resolution' %]
- [% get_resolution(row) FILTER csv -%]
- [% ELSE %]
- [% row FILTER csv -%]
- [% END %]
+ [% PROCESS value_display value = row field = row_field %]
[% FOREACH col = col_names %]
[% colsepchar %]
[% IF data.$tbl AND data.$tbl.$col AND data.$tbl.$col.$row %]
[% END %]
[% END %]
+
+[% BLOCK value_display %]
+ [% SET disp_value = value %]
+ [% IF field == 'bug_status' %]
+ [% SET disp_value = get_status(value) %]
+ [% ELSIF field == 'resolution' %]
+ [% SET disp_value = get_resolution(value) %]
+ [% ELSIF field == 'assigned_to' OR field == 'reporter'
+ OR field == 'qa_contact'
+ %]
+ [% disp_value = value FILTER email %]
+ [% END %]
+ [% disp_value FILTER csv %]
+[% END %]
[% END %]
[% IF tbl_field %]
- <h2>[% tbl_disp FILTER html %]</h2>
+ <h2>[% tbl_disp FILTER email FILTER html %]</h2>
[% END %]
<table>
[% col_idx = 1 - col_idx %]
<td class="[% classes.$row_idx.$col_idx %]">
- [% IF col_field == 'bug_status' %]
- [% get_status(col) FILTER html FILTER replace('^ $',' ') %]
- [% ELSIF col_field == 'resolution' %]
- [% get_resolution(col) FILTER html FILTER replace('^ $',' ') %]
- [% ELSE %]
- [% col FILTER html FILTER replace('^ $',' ') %]
- [% END %]
+ [% PROCESS value_display value = col field = col_field %]
</td>
[% END %]
<td class="ttotal">
[% row_idx = 1 - row_idx %]
<tr>
<td class="[% classes.$row_idx.$col_idx %]" align="right">
- [% IF row_field == 'bug_status' %]
- [% get_status(row) FILTER html FILTER replace('^ $',' ') %]
- [% ELSIF row_field == 'resolution' %]
- [% get_resolution(row) FILTER html FILTER replace('^ $',' ') %]
- [% ELSE %]
- [% row FILTER html FILTER replace('^ $',' ') %]
- [% END %]
+ [% PROCESS value_display value = row field = row_field %]
</td>
[% FOREACH col = col_names %]
[% row_total = row_total + data.$tbl.$col.$row %]
</td>
</tr>
-</table>
+</table>
+
+[% BLOCK value_display %]
+ [% SET disp_value = value %]
+ [% IF field == 'bug_status' %]
+ [% SET disp_value = get_status(value) %]
+ [% ELSIF field == 'resolution' %]
+ [% SET disp_value = get_resolution(value) %]
+ [% ELSIF field == 'assigned_to' OR field == 'reporter'
+ OR field == 'qa_contact'
+ %]
+ [% disp_value = value FILTER email %]
+ [% END %]
+ [% disp_value FILTER html FILTER replace('^ $',' ') %]
+[% END %]
[% PROCESS "reports/report-table.html.tmpl" %]
[% ELSE %]
[% IF tbl %]
- <h2>[% tbl_disp FILTER html %]</h2>
+ <h2>[% tbl_disp FILTER email FILTER html %]</h2>
[% END %]
[% imageurl = BLOCK %]report.cgi?[% imagebase FILTER html %]&format=
[% PROCESS global/footer.html.tmpl %]
[% BLOCK start_new_table %]
- <h3>[% column_headers.$group_field %]: [% (request.$group_field || "None") FILTER html %]</h3>
+ <h3>[% column_headers.$group_field %]:
+ [%+ (request.$group_field || "None") FILTER email FILTER html %]</h3>
<table class="requests" cellspacing="0" cellpadding="4" border="1">
<tr>
[% FOREACH column = display_columns %]
[% END %]
[% BLOCK display_requestee %]
- [% request.requestee FILTER html %]
+ [% request.requestee FILTER email FILTER html %]
[% END %]
[% BLOCK display_requester %]
- [% request.requester FILTER html %]
+ [% request.requester FILTER email FILTER html %]
[% END %]
[% BLOCK display_created %]
my $action = $cgi->param('action') || ($bug_id ? "show_bug" : "show_user");
if ($action eq "show_bug" ||
- ($action eq "show_user" && defined $cgi->param('user')))
+ ($action eq "show_user" && defined $cgi->param('user_id')))
{
Bugzilla->login();
}
$vars->{'bug_id'} = $bug_id;
$vars->{'users'} =
- $dbh->selectall_arrayref('SELECT profiles.login_name, votes.vote_count
+ $dbh->selectall_arrayref('SELECT profiles.login_name,
+ profiles.userid AS id,
+ votes.vote_count
FROM votes
INNER JOIN profiles
ON profiles.userid = votes.who
# If a bug_id is given, and we're editing, we'll add it to the votes list.
$bug_id ||= "";
- my $name = $cgi->param('user') || $user->login;
- my $who = login_to_id($name, THROW_ERROR);
- my $userid = $user->id;
+ my $who_id = $cgi->param('user_id') || $user->id;
+ my $who = Bugzilla::User->check({ id => $who_id });
- my $canedit = (Bugzilla->params->{'usevotes'} && $userid == $who) ? 1 : 0;
+ my $canedit = (Bugzilla->params->{'usevotes'} && $user->id == $who->id)
+ ? 1 : 0;
$dbh->bz_start_transaction();
# in the vote table, just so that things display right.
my $has_votes = $dbh->selectrow_array('SELECT vote_count FROM votes
WHERE bug_id = ? AND who = ?',
- undef, ($bug_id, $who));
+ undef, ($bug_id, $who->id));
if (!$has_votes) {
$dbh->do('INSERT INTO votes (who, bug_id, vote_count)
- VALUES (?, ?, 0)', undef, ($who, $bug_id));
+ VALUES (?, ?, 0)', undef, ($who->id, $bug_id));
}
}
WHERE votes.who = ?
AND bugs.product_id = ?
ORDER BY votes.bug_id',
- undef, ($who, $product->id));
+ undef, ($who->id, $product->id));
foreach (@$vote_list) {
my ($id, $count, $summary) = @$_;
$dbh->bz_commit_transaction();
$vars->{'canedit'} = $canedit;
- $vars->{'voting_user'} = { "login" => $name };
+ $vars->{'voting_user'} = { "login" => $who->name };
$vars->{'products'} = \@products;
$vars->{'bug_id'} = $bug_id;
$vars->{'all_bug_ids'} = \@all_bug_ids;
projects / thirdparty / bugzilla.git / commitdiff
