From 9da939ba2a70fbecacab5a3e7f7221aed49ff2fa Mon Sep 17 00:00:00 2001 From: Jeroen Latour Date: Mon, 12 Aug 2002 23:11:24 +0000 Subject: [PATCH] When input validation was added to core_history_API.php, bug_update.php was changed to reflect the standard of passing unescaped data to functions (to prevent double-escaping). This however caused problems when the old value and the new value of integer fields were compared; '' used to be equal to 0000000, but it no longer was. This commit fixes this by passing casted/checked integer values. String values are still handled the same. (This commit also removes a duplicate assignment of ). git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/trunk@1189 f5dc347c-c33d-0410-90a0-b07cc1902cb9 --- bug_update.php | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/bug_update.php b/bug_update.php index 98b3e0b4ac..3462817e1f 100644 --- a/bug_update.php +++ b/bug_update.php @@ -68,7 +68,6 @@ $c_eta = (integer)$f_eta; $c_priority = (integer)$f_priority; $c_reproducibility = (integer)$f_reproducibility; - $c_status = (integer)$f_status; $c_duplicate_id = (integer)$f_duplicate_id; $c_handler_id = (integer)$f_handler_id; $c_reporter_id = (integer)$f_reporter_id; @@ -114,23 +113,23 @@ # log changes $t_user_id = get_current_user_field( 'id' ); history_log_event_direct( $c_id, 'category', $h_category, $f_category, $t_user_id ); - history_log_event_direct( $c_id, 'severity', $h_severity, $f_severity, $t_user_id ); - history_log_event_direct( $c_id, 'reproducibility', $h_reproducibility, $f_reproducibility, $t_user_id ); - history_log_event_direct( $c_id, 'priority', $h_priority, $f_priority, $t_user_id ); - history_log_event_direct( $c_id, 'status', $h_status, $f_status, $t_user_id ); + history_log_event_direct( $c_id, 'severity', $h_severity, $c_severity, $t_user_id ); + history_log_event_direct( $c_id, 'reproducibility', $h_reproducibility, $c_reproducibility, $t_user_id ); + history_log_event_direct( $c_id, 'priority', $h_priority, $c_priority, $t_user_id ); + history_log_event_direct( $c_id, 'status', $h_status, $c_status, $t_user_id ); history_log_event_direct( $c_id, 'projection', $h_projection, $f_projection, $t_user_id ); - history_log_event_direct( $c_id, 'duplicate_id', $h_duplicate_id, $f_duplicate_id, $t_user_id ); - history_log_event_direct( $c_id, 'resolution', $h_resolution, $f_resolution, $t_user_id ); - history_log_event_direct( $c_id, 'handler_id', $h_handler_id, $f_handler_id, $t_user_id ); - history_log_event_direct( $c_id, 'reporter_id', $h_reporter_id, $f_reporter_id, $t_user_id ); - history_log_event_direct( $c_id, 'eta', $h_eta, $f_eta, $t_user_id ); + history_log_event_direct( $c_id, 'duplicate_id', $h_duplicate_id, $c_duplicate_id, $t_user_id ); + history_log_event_direct( $c_id, 'resolution', $h_resolution, $c_resolution, $t_user_id ); + history_log_event_direct( $c_id, 'handler_id', $h_handler_id, $c_handler_id, $t_user_id ); + history_log_event_direct( $c_id, 'reporter_id', $h_reporter_id, $c_reporter_id, $t_user_id ); + history_log_event_direct( $c_id, 'eta', $h_eta, $c_eta, $t_user_id ); history_log_event_direct( $c_id, 'summary', $h_summary, $f_summary, $t_user_id ); history_log_event_direct( $c_id, 'os', $h_os, $f_os, $t_user_id ); history_log_event_direct( $c_id, 'os_build', $h_os_build, $f_os_build, $t_user_id ); history_log_event_direct( $c_id, 'platform', $h_platform, $f_platform, $t_user_id ); history_log_event_direct( $c_id, 'build', $h_build, $f_build, $t_user_id ); history_log_event_direct( $c_id, 'version', $h_version, $f_version, $t_user_id ); - history_log_event_direct( $c_id, 'view_state', $h_view_state, $f_view_state, $t_user_id ); + history_log_event_direct( $c_id, 'view_state', $h_view_state, $c_view_state, $t_user_id ); if ( $h_description != $c_description ) { history_log_event_special( $c_id, DESCRIPTION_UPDATED );