diff options
author | dkl%redhat.com <> | 2004-07-08 09:19:42 +0000 |
---|---|---|
committer | dkl%redhat.com <> | 2004-07-08 09:19:42 +0000 |
commit | a46c91543e36ebf4644e022453b47d381220df2e (patch) | |
tree | 7b1ecc46a6878f9123f18909dc2a1d86104e83d2 /buglist.cgi | |
parent | Patch for bug 250259: Fix taint error on disallownew field in editproducts.cg... (diff) | |
download | bugzilla-a46c91543e36ebf4644e022453b47d381220df2e.tar.gz bugzilla-a46c91543e36ebf4644e022453b47d381220df2e.tar.bz2 bugzilla-a46c91543e36ebf4644e022453b47d381220df2e.zip |
Patch for bug 190432; saving a named query uses REPLACE INTO (not ANSI); patch by David Lawrence <dkl@redhat.com>; r=vladd; a=justdave
Diffstat (limited to 'buglist.cgi')
-rwxr-xr-x | buglist.cgi | 25 |
1 files changed, 21 insertions, 4 deletions
diff --git a/buglist.cgi b/buglist.cgi index 2607628d0..caf094312 100755 --- a/buglist.cgi +++ b/buglist.cgi @@ -341,9 +341,22 @@ elsif (($::FORM{'cmdtype'} eq "doit") && $::FORM{'remtype'}) { my $userid = DBNameToIdAndCheck($::COOKIE{"Bugzilla_login"}); my $qname = SqlQuote($::defaultqueryname); my $qbuffer = SqlQuote($::buffer); - SendSQL("REPLACE INTO namedqueries (userid, name, query) - VALUES ($userid, $qname, $qbuffer)"); - + + SendSQL("LOCK TABLES namedqueries WRITE"); + + SendSQL("SELECT userid FROM namedqueries WHERE userid = $userid " . + "AND name = $qname"); + my $result = FetchOneColumn(); + if ($result) { + SendSQL("UPDATE namedqueries SET query = $qbuffer " . + "WHERE userid = $userid AND name = $qname"); + } else { + SendSQL("INSERT INTO namedqueries (userid, name, query, linkinfooter) VALUES " . + "($userid, $qname, $qbuffer, 0)"); + } + + SendSQL("UNLOCK TABLES"); + $vars->{'message'} = "buglist_new_default_query"; } elsif ($::FORM{'remtype'} eq "asnamed") { @@ -369,6 +382,8 @@ elsif (($::FORM{'cmdtype'} eq "doit") && $::FORM{'remtype'}) { $vars->{'message'} = "buglist_updated_named_query"; } + SendSQL("LOCK TABLES namedqueries WRITE"); + SendSQL("SELECT query FROM namedqueries WHERE userid = $userid AND name = $qname"); if (FetchOneColumn()) { SendSQL("UPDATE namedqueries @@ -376,10 +391,12 @@ elsif (($::FORM{'cmdtype'} eq "doit") && $::FORM{'remtype'}) { WHERE userid = $userid AND name = $qname"); } else { - SendSQL("REPLACE INTO namedqueries (userid, name, query, linkinfooter) + SendSQL("INSERT INTO namedqueries (userid, name, query, linkinfooter) VALUES ($userid, $qname, $qbuffer, $tofooter)"); } + SendSQL("UNLOCK TABLES"); + # Make sure to invalidate any cached query data, so that the footer is # correctly displayed Bugzilla->user->flush_queries_cache(); |