61
71
$vars->{'form'} = \%::FORM;
63
# We can't use ValidateOutputFormat here because it defaults to HTML.
64
my $template_name = "bug/create/comment";
65
$template_name .= ($::FORM{'format'} ? "-$::FORM{'format'}" : "");
73
my $format = GetFormat("bug/create/comment", $::FORM{'format'}, "txt");
67
$template->process("$template_name.txt.tmpl", $vars, \$comment)
75
$template->process($format->{'template'}, $vars, \$comment)
68
76
|| ThrowTemplateError($template->error());
70
78
ValidateComment($comment);
80
# Check that the product exists and that the user
81
# is allowed to enter bugs into this product.
72
82
my $product = $::FORM{'product'};
83
CanEnterProductOrWarn($product);
85
my $product_id = get_product_id($product);
75
88
my $cookiepath = Param("cookiepath");
76
89
if (exists $::FORM{'product'}) {
77
if (exists $::FORM{'version'}) {
78
print "Set-Cookie: VERSION-$product=$::FORM{'version'} ; " .
79
"path=$cookiepath ; expires=Sat, 30-Jun-2029 00:00:00 GMT\n";
90
if (exists $::FORM{'version'}) {
91
$cgi->send_cookie(-name => "VERSION-$product",
92
-value => $cgi->param('version'),
93
-expires => "Fri, 01-Jan-2038 00:00:00 GMT");
83
97
if (defined $::FORM{'maketemplate'}) {
84
98
$vars->{'url'} = $::buffer;
86
print "Content-type: text/html\n\n";
100
print $cgi->header();
87
101
$template->process("bug/create/make-template.html.tmpl", $vars)
88
102
|| ThrowTemplateError($template->error());
212
219
my $ccid = DBNameToIdAndCheck($person);
213
220
if ($ccid && !$ccids{$ccid}) {
214
221
$ccids{$ccid} = 1;
215
# if we got here, the DB has already verified that the email
216
# is legit. Unless the admin has screwed with the emailregexp
218
trick_taint($person);
219
222
push(@cc, $person);
227
# Check for valid keywords and create list of keywords to be added to db
228
# (validity routine copied from process_bug.cgi)
232
if ($::FORM{'keywords'} && UserInGroup("editbugs")) {
233
foreach my $keyword (split(/[\s,]+/, $::FORM{'keywords'})) {
234
if ($keyword eq '') {
237
my $i = GetKeywordIdFromName($keyword);
239
ThrowUserError("unknown_keyword",
240
{ keyword => $keyword });
242
if (!$keywordseen{$i}) {
243
push(@keywordlist, $i);
244
$keywordseen{$i} = 1;
249
# Check for valid dependency info.
250
foreach my $field ("dependson", "blocked") {
251
if (UserInGroup("editbugs") && defined($::FORM{$field}) &&
252
$::FORM{$field} ne "") {
254
foreach my $id (split(/[\s,]+/, $::FORM{$field})) {
256
ValidateBugID($id, $field);
257
push(@validvalues, $id);
259
$::FORM{$field} = join(",", @validvalues);
262
# Gather the dependecy list, and make sure there are no circular refs
264
if (UserInGroup("editbugs") && defined($::FORM{'dependson'})) {
266
my $target = "dependson";
269
$deptree{$target} = [];
271
foreach my $i (split('[\s,]+', $::FORM{$target})) {
272
if (!exists $seen{$i}) {
273
push(@{$deptree{$target}}, $i);
277
# populate $deps{$target} as first-level deps only.
278
# and find remainder of dependency tree in $deptree{$target}
279
@{$deps{$target}} = @{$deptree{$target}};
280
my @stack = @{$deps{$target}};
282
my $i = shift @stack;
283
SendSQL("select $target from dependencies where $me = " .
285
while (MoreSQLData()) {
286
my $t = FetchOneColumn();
287
if (!exists $seen{$t}) {
288
push(@{$deptree{$target}}, $t);
295
if ($me eq 'dependson') {
296
my @deps = @{$deptree{'dependson'}};
297
my @blocks = @{$deptree{'blocked'}};
302
foreach my $b (@deps, @blocks) { $union{$b}++ && $isect{$b}++ }
303
@union = keys %union;
304
@isect = keys %isect;
307
foreach my $i (@isect) {
308
$both = $both . GetBugLink($i, "#" . $i) . " ";
311
ThrowUserError("dependency_loop_multi",
225
322
# Build up SQL string to add bug.
323
# creation_ts will only be set when all other fields are defined.
226
324
my $sql = "INSERT INTO bugs " .
227
"(" . join(",", @used_fields) . ", reporter, creation_ts, groupset) " .
325
"(" . join(",", @used_fields) . ", reporter, " .
326
"estimated_time, remaining_time) " .
230
329
foreach my $field (@used_fields) {
237
336
# OK except for the fact that it causes e-mail to be suppressed.
238
337
$comment = $comment ? $comment : " ";
240
$sql .= "$::userid, now(), (0";
339
$sql .= "$::userid, ";
342
if (UserInGroup(Param("timetrackinggroup")) &&
343
defined $::FORM{'estimated_time'}) {
345
my $est_time = $::FORM{'estimated_time'};
346
if ($est_time =~ /^(?:\d+(?:\.\d*)?|\.\d+)$/) {
347
$sql .= SqlQuote($est_time) . "," . SqlQuote($est_time);
349
ThrowUserError("need_positive_number",
350
{ field => 'estimated_time' });
358
my @groupstoadd = ();
243
359
foreach my $b (grep(/^bit-\d*$/, keys %::FORM)) {
244
360
if ($::FORM{$b}) {
245
361
my $v = substr($b, 4);
247
|| ThrowCodeError("One of the group bits submitted was invalid.",
363
|| ThrowCodeError("group_id_invalid", undef, "abort");
249
364
if (!GroupIsActive($v)) {
250
365
# Prevent the user from adding the bug to an inactive group.
251
366
# Should only happen if there is a bug in Bugzilla or the user
252
367
# hacked the "enter bug" form since otherwise the UI
253
368
# for adding the bug to the group won't appear on that form.
254
ThrowCodeError("Attempted to add bug to an inactive group, " .
255
"identified by the bit '$v'.", undef, "abort");
257
$sql .= " + $v"; # Carefully written so that the math is
258
# done by MySQL, which can handle 64-bit math,
259
# and not by Perl, which I *think* can not.
263
$sql .= ") & $::usergroupset)\n";
265
# Lock tables before inserting records for the new bug into the database
266
# if we are using a shadow database to prevent shadow database corruption
267
# when two bugs get created at the same time.
268
SendSQL("LOCK TABLES bugs WRITE, longdescs WRITE, cc WRITE, profiles READ") if Param("shadowdb");
370
ThrowCodeError("inactive_group", undef, "abort");
372
SendSQL("SELECT user_id FROM user_group_map
373
WHERE user_id = $::userid
376
my ($permit) = FetchSQLData();
378
SendSQL("SELECT othercontrol FROM group_control_map
379
WHERE group_id = $v AND product_id = $product_id");
380
my ($othercontrol) = FetchSQLData();
381
$permit = (($othercontrol == CONTROLMAPSHOWN)
382
|| ($othercontrol == CONTROLMAPDEFAULT));
385
push(@groupstoadd, $v)
390
SendSQL("SELECT DISTINCT groups.id, groups.name, " .
391
"membercontrol, othercontrol " .
392
"FROM groups LEFT JOIN group_control_map " .
393
"ON group_id = id AND product_id = $product_id " .
394
" WHERE isbuggroup != 0 AND isactive != 0 ORDER BY description");
395
while (MoreSQLData()) {
396
my ($id, $groupname, $membercontrol, $othercontrol ) = FetchSQLData();
397
$membercontrol ||= 0;
399
# Add groups required
400
if (($membercontrol == CONTROLMAPMANDATORY)
401
|| (($othercontrol == CONTROLMAPMANDATORY)
402
&& (!UserInGroup($groupname)))) {
403
# User had no option, bug needs to be in this group.
404
push(@groupstoadd, $id)
270
408
# Add the bug report to the DB.
409
SendSQL("LOCK TABLES bugs WRITE, bug_group_map WRITE, longdescs WRITE,
410
cc WRITE, keywords WRITE, dependencies WRITE,
411
bugs_activity WRITE, groups READ, user_group_map READ,
412
keyworddefs READ, fielddefs READ");
416
SendSQL("select now()");
417
my $timestamp = FetchOneColumn();
273
419
# Get the bug ID back.
274
420
SendSQL("select LAST_INSERT_ID()");
275
421
my $id = FetchOneColumn();
278
SendSQL("INSERT INTO longdescs (bug_id, who, bug_when, thetext)
279
VALUES ($id, $::userid, now(), " . SqlQuote($comment) . ")");
423
# Add the group restrictions
424
foreach my $grouptoadd (@groupstoadd) {
425
SendSQL("INSERT INTO bug_group_map (bug_id, group_id)
426
VALUES ($id, $grouptoadd)");
429
# Add the initial comment, allowing for the fact that it may be private
431
if (Param("insidergroup") && UserInGroup(Param("insidergroup"))) {
432
$privacy = $::FORM{'commentprivacy'} ? 1 : 0;
435
SendSQL("INSERT INTO longdescs (bug_id, who, bug_when, thetext, isprivate)
436
VALUES ($id, " . SqlQuote($user->id) . ", " . SqlQuote($timestamp) .
437
", " . SqlQuote($comment) . ", $privacy)");
281
439
# Insert the cclist into the database
282
440
foreach my $ccid (keys(%ccids)) {
283
441
SendSQL("INSERT INTO cc (bug_id, who) VALUES ($id, $ccid)");
286
SendSQL("UNLOCK TABLES") if Param("shadowdb");
288
# Assemble the -force* strings so this counts as "Added to this capacity"
291
push (@ARGLIST, "-forcecc", join(",", @cc));
445
if (UserInGroup("editbugs")) {
446
foreach my $keyword (@keywordlist) {
447
SendSQL("INSERT INTO keywords (bug_id, keywordid)
448
VALUES ($id, $keyword)");
451
# Make sure that we have the correct case for the kw
452
SendSQL("SELECT name FROM keyworddefs WHERE id IN ( " .
453
join(',', @keywordlist) . ")");
455
while (MoreSQLData()) {
456
push (@list, FetchOneColumn());
458
SendSQL("UPDATE bugs SET keywords = " .
459
SqlQuote(join(', ', @list)) .
460
" WHERE bug_id = $id");
462
if (defined $::FORM{'dependson'}) {
464
my $target = "dependson";
466
foreach my $i (@{$deps{$target}}) {
467
SendSQL("INSERT INTO dependencies ($me, $target) values " .
469
push(@all_deps, $i); # list for mailing dependent bugs
470
# Log the activity for the other bug:
471
LogActivityEntry($i, $me, "", $id, $user->id, $timestamp);
294
push (@ARGLIST, "-forceowner", DBID_to_name($::FORM{assigned_to}));
480
# All fields related to the newly created bug are set.
481
# The bug can now be made accessible.
482
SendSQL("UPDATE bugs SET creation_ts = " . SqlQuote($timestamp) .
483
" WHERE bug_id = $id");
485
SendSQL("UNLOCK TABLES");
487
# Gather everyone interested in the details of the new bug (forced recipients)
488
my $mailrecipients = { 'cc' => \@cc,
489
'owner' => DBID_to_name($::FORM{'assigned_to'}),
490
'reporter' => $::COOKIE{'Bugzilla_login'},
491
'changer' => $::COOKIE{'Bugzilla_login'} };
296
493
if (defined $::FORM{'qa_contact'}) {
297
push (@ARGLIST, "-forceqacontact", DBID_to_name($::FORM{'qa_contact'}));
494
$mailrecipients->{'qacontact'} = DBID_to_name($::FORM{'qa_contact'});
300
push (@ARGLIST, "-forcereporter", DBID_to_name($::userid));
302
push (@ARGLIST, $id, $::COOKIE{'Bugzilla_login'});
304
# Send mail to let people know the bug has been created.
305
# See attachment.cgi for explanation of why it's done this way.
306
my $mailresults = '';
307
open(PMAIL, "-|") or exec('/usr/share/bugzilla/lib/processmail', @ARGLIST);
308
$mailresults .= $_ while <PMAIL>;
311
# Tell the user all about it
312
497
$vars->{'id'} = $id;
313
$vars->{'mail'} = $mailresults;
314
$vars->{'type'} = "created";
316
print "Content-type: text/html\n\n";
498
my $bug = new Bugzilla::Bug($id, $::userid);
499
$vars->{'bug'} = $bug;
501
ThrowCodeError("bug_error", { bug => $bug }) if $bug->error;
503
$vars->{'sentmail'} = [];
505
push (@{$vars->{'sentmail'}}, { type => 'created',
507
mailrecipients => $mailrecipients
510
foreach my $i (@all_deps) {
511
push (@{$vars->{'sentmail'}}, { type => 'dep',
514
# Only force changer for dep BugMail
515
'changer' => $::COOKIE{'Bugzilla_login'}
521
if ($::COOKIE{"BUGLIST"}) {
522
@bug_list = split(/:/, $::COOKIE{"BUGLIST"});
524
$vars->{'bug_list'} = \@bug_list;
526
print $cgi->header();
317
527
$template->process("bug/create/created.html.tmpl", $vars)
318
528
|| ThrowTemplateError($template->error());
322
show_bug("header is already done");