diff options
| author |   Christian Ruppert <idl0r@gentoo.org> | 2011-03-08 15:47:39 +0100 |
|---|---|---|
| committer | Christian Ruppert <idl0r@gentoo.org> | 2011-03-08 15:47:39 +0100 |
| commit | f41f347577bc9925af54d1a9c7d0257a37491733 (patch) | |
| tree | 65111fde4b95fe14dc1a1e171f34b0aa87357aba /custom_userhistory.cgi | |
| parent | Add X-Bugzilla-CC back, bug 357913 (diff) | |
| download | bugzilla-f41f347577bc9925af54d1a9c7d0257a37491733.tar.gz bugzilla-f41f347577bc9925af54d1a9c7d0257a37491733.tar.bz2 bugzilla-f41f347577bc9925af54d1a9c7d0257a37491733.zip | |
Improve custom_userhistory.cgi
Diffstat (limited to 'custom_userhistory.cgi')
| -rwxr-xr-x | custom_userhistory.cgi | 38 |
1 files changed, 27 insertions, 11 deletions
diff --git a/custom_userhistory.cgi b/custom_userhistory.cgi index b21e5e674..6a4557c17 100755 --- a/custom_userhistory.cgi +++ b/custom_userhistory.cgi @@ -16,23 +16,39 @@ my @bindValues; my $query; print $cgi->header(); + my $matchstr = $cgi->param('matchstr'); -exit 0 if !defined($matchstr); +my $userid = $cgi->param('userid'); +exit 0 if !defined($matchstr) and !defined($userid); + my $limit = $cgi->param('limit'); $limit = 50 unless defined($limit) and $limit =~ /^\d+$/; -$query = 'SELECT DISTINCT userid '. + +trick_taint($matchstr) if defined($matchstr); +trick_taint($userid) if defined($userid); +trick_taint($limit); + +if($matchstr) { + $query = 'SELECT DISTINCT userid, login_name '. 'FROM profiles '. 'WHERE profiles.login_name = ?'; -trick_taint($matchstr); -trick_taint($limit); -push(@bindValues, $matchstr); +} +else { + $query = 'SELECT DISTINCT userid, login_name '. + 'FROM profiles '. + 'WHERE profiles.userid = ?'; +} + +push(@bindValues, $matchstr ? $matchstr : $userid); $vars->{'users'} = $dbh->selectall_arrayref($query, {'Slice' => {}}, @bindValues); if(!defined($vars->{'users'}[0])) { print "Bad user!<br>"; exit 0; } -my $userid = $vars->{'users'}[0]->{'userid'}; + +$userid = $vars->{'users'}[0]->{'userid'} ? $vars->{'users'}[0]->{'userid'} : $userid; +my $login_name = $vars->{'users'}[0]->{'login_name'}; my @bindValues2; $query = sprintf @@ -55,7 +71,7 @@ push(@bindValues2, $userid); push(@bindValues2, $userid); #print Dumper($vars); -printf "%s<br>",$matchstr; +printf "%s<br>",$login_name; my $actions = $dbh->selectall_arrayref( $query, { Slice => {} }, @@ -86,13 +102,13 @@ $actions = $dbh->selectall_arrayref( @bindValues3 ); -printf "Applied to %s:<br>",$matchstr; +printf "Applied to %s:<br>",$login_name; foreach my $row (@$actions) { printf "%s: by %s: %s%s %s%s<br>", $row->{'profiles_when'}, $row->{'grantor'}, $row->{'oldvalue'} ? '-' : '', $row->{'oldvalue'}, $row->{'newvalue'}? '+' : '', $row->{'newvalue'} if $row->{'grantee_id'} == $userid; } printf "<br>"; -printf "Applied by %s:<br>",$matchstr; +printf "Applied by %s:<br>",$login_name; foreach my $row (@$actions) { printf "%s: to %s: %s%s %s%s<br>", $row->{'profiles_when'}, $row->{'grantee'}, $row->{'oldvalue'} ? '-' : '', $row->{'oldvalue'}, $row->{'newvalue'}? '+' : '', $row->{'newvalue'} if $row->{'grantor_id'} == $userid; } @@ -110,13 +126,13 @@ $actions = $dbh->selectall_arrayref( $query, { Slice => {} }, ); -printf "Watchers of %s:<br>", $matchstr; +printf "Watchers of %s:<br>", $login_name; foreach my $row (@$actions) { printf "%s<br>", $row->{'watcher'} if $row->{'watched_id'} == $userid; } printf "<br>"; -printf "Watched by %s:<br>", $matchstr; +printf "Watched by %s:<br>", $login_name; foreach my $row (@$actions) { printf "%s<br>", $row->{'watched'} if $row->{'watcher_id'} == $userid; } |