aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordkl%redhat.com <>2004-07-08 09:19:42 +0000
committerdkl%redhat.com <>2004-07-08 09:19:42 +0000
commita46c91543e36ebf4644e022453b47d381220df2e (patch)
tree7b1ecc46a6878f9123f18909dc2a1d86104e83d2 /buglist.cgi
parentPatch for bug 250259: Fix taint error on disallownew field in editproducts.cg... (diff)
downloadbugzilla-a46c91543e36ebf4644e022453b47d381220df2e.tar.gz
bugzilla-a46c91543e36ebf4644e022453b47d381220df2e.tar.bz2
bugzilla-a46c91543e36ebf4644e022453b47d381220df2e.zip
Patch for bug 190432; saving a named query uses REPLACE INTO (not ANSI); patch by David Lawrence <dkl@redhat.com>; r=vladd; a=justdave
Diffstat (limited to 'buglist.cgi')
-rwxr-xr-xbuglist.cgi25
1 files changed, 21 insertions, 4 deletions
diff --git a/buglist.cgi b/buglist.cgi
index 2607628d0..caf094312 100755
--- a/buglist.cgi
+++ b/buglist.cgi
@@ -341,9 +341,22 @@ elsif (($::FORM{'cmdtype'} eq "doit") && $::FORM{'remtype'}) {
my $userid = DBNameToIdAndCheck($::COOKIE{"Bugzilla_login"});
my $qname = SqlQuote($::defaultqueryname);
my $qbuffer = SqlQuote($::buffer);
- SendSQL("REPLACE INTO namedqueries (userid, name, query)
- VALUES ($userid, $qname, $qbuffer)");
-
+
+ SendSQL("LOCK TABLES namedqueries WRITE");
+
+ SendSQL("SELECT userid FROM namedqueries WHERE userid = $userid " .
+ "AND name = $qname");
+ my $result = FetchOneColumn();
+ if ($result) {
+ SendSQL("UPDATE namedqueries SET query = $qbuffer " .
+ "WHERE userid = $userid AND name = $qname");
+ } else {
+ SendSQL("INSERT INTO namedqueries (userid, name, query, linkinfooter) VALUES " .
+ "($userid, $qname, $qbuffer, 0)");
+ }
+
+ SendSQL("UNLOCK TABLES");
+
$vars->{'message'} = "buglist_new_default_query";
}
elsif ($::FORM{'remtype'} eq "asnamed") {
@@ -369,6 +382,8 @@ elsif (($::FORM{'cmdtype'} eq "doit") && $::FORM{'remtype'}) {
$vars->{'message'} = "buglist_updated_named_query";
}
+ SendSQL("LOCK TABLES namedqueries WRITE");
+
SendSQL("SELECT query FROM namedqueries WHERE userid = $userid AND name = $qname");
if (FetchOneColumn()) {
SendSQL("UPDATE namedqueries
@@ -376,10 +391,12 @@ elsif (($::FORM{'cmdtype'} eq "doit") && $::FORM{'remtype'}) {
WHERE userid = $userid AND name = $qname");
}
else {
- SendSQL("REPLACE INTO namedqueries (userid, name, query, linkinfooter)
+ SendSQL("INSERT INTO namedqueries (userid, name, query, linkinfooter)
VALUES ($userid, $qname, $qbuffer, $tofooter)");
}
+ SendSQL("UNLOCK TABLES");
+
# Make sure to invalidate any cached query data, so that the footer is
# correctly displayed
Bugzilla->user->flush_queries_cache();