Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: mantisbt/mantisbt
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: e48ce93
Choose a base ref
...
head repository: mantisbt/mantisbt
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 1c9c8e2
Choose a head ref
  • 2 commits
  • 4 files changed
  • 1 contributor

Commits on May 29, 2012

  1. Fix PostgreSQL errors with boolean fields 

    PostgreSQL triggers an error when comparing a boolean field with an
integer value. This happens frequently in MantisBT as AdoDB stores
boolean fields as integers for most RDBMS.

This could prevent for example manage_user_page.php from loading.

To fix the problem, db_prepare_bool() has been modified to return 'true'
or 'false' as appropriate when the DB is PostgreSQL, through use of
AdoDB qstr() function. Behavior for other RDMBS is unchanged.

The where clause condition in manage_user_page.php has been modified to
use db_prepare_bool() instead of hardcoding 'enabled = 1'.

Following code cleanup was also performed:
- Uses of db_prepare_bool() in filter_api.php and mc_api.php that
  would have caused incorrect behavior with the modified function have
  been removed
- Removed non-existant 2nd parameter in call to db_prepare_bool() in
  filter_api.php
- Fix whitespace in mc_api.php

Fixes #14288
    @dregad
    dregad committed May 29, 2012
    Copy the full SHA
    b8d4b50 View commit details

  2. Optimize filter_db_get_available_queries() 

    This function was retrieving a list of filters then, through a for
loop, keeping only the records visible by the current user.

The revised code performs the filtering directly in the SQL.

The same correction was made to mci_filter_db_get_available_queries()
    @dregad
    dregad committed May 29, 2012
    Copy the full SHA
    1c9c8e2 View commit details
Showing with 45 additions and 34 deletions.
  1. +26 −26 api/soap/mc_api.php
  2. +6 −1 core/database_api.php
  3. +8 −6 core/filter_api.php
  4. +5 −1 manage_user_page.php
52 changes: 26 additions & 26 deletions api/soap/mc_api.php
View file
Original file line number Diff line number Diff line change
@@ -177,7 +177,7 @@ function mci_null_if_empty( $p_value ) {
* @return MantisBT URL terminated by a /.
*/
function mci_get_mantis_path() {

return config_get( 'path' );
}

@@ -260,26 +260,26 @@ function mci_filter_db_get_available_queries( $p_project_id = null, $p_user_id =
# first, we can override any query that has the same name as a private query
# with that private one
$query = "SELECT * FROM $t_filters_table
WHERE (project_id='$t_project_id'
OR project_id='0')
AND name!=''
ORDER BY is_public DESC, name ASC";
$result = db_query( $query );
WHERE (project_id=" . db_param() . "
OR project_id=0)
AND name!=''
AND (is_public = " . db_prepare_bool(true) . "
OR user_id = " . db_param() . ")
ORDER BY is_public DESC, name ASC";
$result = db_query_bound( $query, Array( $t_project_id, $t_user_id ) );
$query_count = db_num_rows( $result );

for( $i = 0;$i < $query_count;$i++ ) {
$row = db_fetch_array( $result );
if(( $row['user_id'] == $t_user_id ) || db_prepare_bool( $row['is_public'] ) ) {

$t_filter_detail = explode( '#', $row['filter_string'], 2 );
if ( !isset($t_filter_detail[1]) ) {
continue;
}
$t_filter = unserialize( $t_filter_detail[1] );
$t_filter = filter_ensure_valid_filter( $t_filter );
$row['url'] = filter_get_url( $t_filter );
$t_overall_query_arr[$row['name']] = $row;

$t_filter_detail = explode( '#', $row['filter_string'], 2 );
if ( !isset($t_filter_detail[1]) ) {
continue;
}
$t_filter = unserialize( $t_filter_detail[1] );
$t_filter = filter_ensure_valid_filter( $t_filter );
$row['url'] = filter_get_url( $t_filter );
$t_overall_query_arr[$row['name']] = $row;
}

return array_values( $t_overall_query_arr );
@@ -300,11 +300,11 @@ function mci_category_as_array_by_id( $p_category_id ) {

/**
* Transforms a version array into an array suitable for marshalling into ProjectVersionData
*
*
* @param array $p_version
*/
function mci_project_version_as_array( $p_version ) {

return array(
'id' => $p_version['id'],
'name' => $p_version['version'],
@@ -318,20 +318,20 @@ function mci_project_version_as_array( $p_version ) {

/**
* Returns time tracking information from a bug note.
*
*
* @param int $p_issue_id The id of the issue
* @param Array $p_note A note as passed to the soap api methods
*
*
* @return String the string time entry to be added to the bugnote, in 'HH:mm' format
*/
function mci_get_time_tracking_from_note( $p_issue_id, $p_note) {

if ( !access_has_bug_level( config_get( 'time_tracking_view_threshold' ), $p_issue_id ) )
return '00:00';

if ( !isset( $p_note['time_tracking'] ))
return '00:00';

return db_minutes_to_hhmm($p_note['time_tracking']);
}

@@ -482,9 +482,9 @@ function error_get_stack_trace() {
}

/**
* Returns a soap_fault signalling corresponding to a failed login
* Returns a soap_fault signalling corresponding to a failed login
* situation
*
*
* @return soap_fault
*/
function mci_soap_fault_login_failed() {
@@ -494,7 +494,7 @@ function mci_soap_fault_login_failed() {
/**
* Returns a soap_fault signalling that the user does not have
* access rights for the specific action.
*
*
* @param int $p_user_id a valid user id
* @param string $p_detail The optional details to append to the error message
* @return soap_fault
@@ -504,6 +504,6 @@ function mci_soap_fault_access_denied( $p_user_id, $p_detail = '' ) {
$t_reason = 'Access denied for user '. $t_user_name . '.';
if ( !is_blank( $p_detail ))
$t_reason .= ' Reason: ' . $p_detail . '.';

return new soap_fault( 'Client', '', $t_reason );
}
7 changes: 6 additions & 1 deletion core/database_api.php
View file
Original file line number Diff line number Diff line change
@@ -790,7 +790,12 @@ function db_prepare_double( $p_double ) {
* @todo Use/Behaviour of this function should be reviewed before 1.2.0 final
*/
function db_prepare_bool( $p_bool ) {
return (int) (bool) $p_bool;
global $g_db;
if( db_is_pgsql() ) {
return $g_db->qstr( $p_bool );
} else {
return (int) (bool) $p_bool;
}
}

/**
14 changes: 8 additions & 6 deletions core/filter_api.php
View file
Original file line number Diff line number Diff line change
@@ -4398,7 +4398,7 @@ function filter_clear_cache( $p_filter_id = null ) {
function filter_db_set_for_current_user( $p_project_id, $p_is_public, $p_name, $p_filter_string ) {
$t_user_id = auth_get_current_user_id();
$c_project_id = db_prepare_int( $p_project_id );
$c_is_public = db_prepare_bool( $p_is_public, false );
$c_is_public = db_prepare_bool( $p_is_public );

$t_filters_table = db_get_table( 'mantis_filters_table' );

@@ -4632,6 +4632,8 @@ function filter_db_delete_current_filters() {
}

/**
* Note: any changes made in this function should be reflected in
* mci_filter_db_get_available_queries())
* @param int $p_project_id
* @param int $p_user_id
* @return mixed
@@ -4662,17 +4664,17 @@ function filter_db_get_available_queries( $p_project_id = null, $p_user_id = nul
# with that private one
$query = "SELECT * FROM $t_filters_table
WHERE (project_id=" . db_param() . "
OR project_id=0)
OR project_id=0)
AND name!=''
AND (is_public = " . db_prepare_bool(true) . "
OR user_id = " . db_param() . ")
ORDER BY is_public DESC, name ASC";
$result = db_query_bound( $query, Array( $t_project_id ) );
$result = db_query_bound( $query, Array( $t_project_id, $t_user_id ) );
$query_count = db_num_rows( $result );

for( $i = 0;$i < $query_count;$i++ ) {
$row = db_fetch_array( $result );
if(( $row['user_id'] == $t_user_id ) || db_prepare_bool( $row['is_public'] ) ) {
$t_overall_query_arr[$row['id']] = $row['name'];
}
$t_overall_query_arr[$row['id']] = $row['name'];
}

$t_overall_query_arr = array_unique( $t_overall_query_arr );
6 changes: 5 additions & 1 deletion manage_user_page.php
View file
Original file line number Diff line number Diff line change
@@ -176,7 +176,11 @@
# Get the user data in $c_sort order
$result = '';

$t_show_disabled_cond = ( 1 == $c_show_disabled ? '' : ' AND enabled = 1' );
if( 1 == $c_show_disabled ) {
$t_show_disabled_cond = '';
} else {
$t_show_disabled_cond = ' AND enabled = ' . db_prepare_bool(true);
}

if ( 0 == $c_hide_inactive ) {
$query = "SELECT count(*) as usercnt