Closed
Bug 214457
Opened 21 years ago
Closed 20 years ago
Updated user page is useless
Categories
(Bugzilla :: Administration, task)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.18
People
(Reporter: timeless, Assigned: timeless)
References
Details
Attachments
(1 file, 1 obsolete file)
4.10 KB,
patch
|
justdave
:
review+
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/3.0 (BeOS R4.5;US) Opera 3.60 [en] Steps: Revoke privs from someone Quit (Opera3) Run Opera3 click 'users' near 'Edit' in the bugzilla footer Get: Bugzilla Version 2.17.1 Updated user Dropped user from group editbugs Dropped user from group canconfirm Back to the index, Add a new user or edit more users. Problems: 1. No information about what user i edited 2. For some reason Opera keeps giving me this page instead of the edit users page. which means i can't edit the user 3. I can't quickly from this page edit the user i just edited. (i'd like to restore his privs) 4. I can't easily search for another user (because of 2 and this interface)
Attachment #131110 -
Flags: review?(justdave)
Comment on attachment 131110 [details] [diff] [review] edit user again, delete user, indicate what was edited >- PutHeader("Delete user"); >+ PutHeader("Delete user " . html_quote($user)); Doesn't this cause the <title> to be doubly html quoted? i.e. once here, and then again in the global template? When I did the patch for bug#206037, I found that I had to change the global header template a bit, to correctly filter stuff coming from PutHeader(). The patch for bug#206037 also contains much of the fix for this bug. > print "</FORM>"; >+ if ($candelete) { >+ print "<FORM METHOD=POST ACTION=editusers.cgi>\n"; >+ print "<INPUT TYPE=SUBMIT VALUE=\"Delete User\">\n"; >+ print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"del\">\n"; >+ print "<INPUT TYPE=HIDDEN NAME=\"user\" VALUE=\"$user\">\n"; >+ print "</FORM>"; >+ } Should the user be value_quoted()?
the delete user code was copied from elsewhere. i could change both if asked.
Assignee: justdave → timeless
Comment 4•20 years ago
|
||
Comment on attachment 131110 [details] [diff] [review] edit user again, delete user, indicate what was edited I agree with Gavin's review comments. PutHeader gets quoted, so you don't have to quote stuff going into it. And yes, the failure to quote $user in that one value is covered on a another bug, so we can skip that for now (you're just moving existing code).
Attachment #131110 -
Flags: review?(justdave) → review-
Attachment #131110 -
Attachment is obsolete: true
Attachment #143472 -
Flags: review?(justdave)
Updated•20 years ago
|
Attachment #143472 -
Flags: review?(justdave) → review+
Updated•20 years ago
|
Flags: approval+
mozilla/webtools/bugzilla/editusers.cgi 1.49
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
Updated•20 years ago
|
Target Milestone: --- → Bugzilla 2.18
Updated•12 years ago
|
QA Contact: matty_is_a_geek → default-qa
You need to log in
before you can comment on or make changes to this bug.
Description
•