From f4e4f12e5c9ba5c0d6e86d46e369c82ba78f96fc Mon Sep 17 00:00:00 2001
From: Kenzaburo Ito <prescience@users.sourceforge.net>
Date: Mon, 4 Dec 2000 04:34:18 +0000
Subject: [PATCH] Incorrectely reported "no user exists" for reporter on update
 pages

git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/trunk@10 f5dc347c-c33d-0410-90a0-b07cc1902cb9
---
 bug_update_advanced_page.php3 | 35 ++++++++++++++++++----------
 bug_update_page.php3          | 43 +++++++++++++++++++++--------------
 2 files changed, 49 insertions(+), 29 deletions(-)

diff --git a/bug_update_advanced_page.php3 b/bug_update_advanced_page.php3
index 96a21355ca..137524d6ce 100644
--- a/bug_update_advanced_page.php3
+++ b/bug_update_advanced_page.php3
@@ -49,8 +49,20 @@
     		FROM $g_mantis_user_table
     		WHERE id='$v_handler_id'";
     $result = db_mysql_query( $query );
-    if ( mysql_num_rows( $result ) > 0 ) {
-		$t_handler_name = mysql_result( $result, 0 );
+    if ( $result ) {
+   		$row = mysql_fetch_array( $result );
+		$t_handler_name		= $row["username"];
+		$t_handler_email	= $row["email"];
+	}
+
+    $query = "SELECT username, email
+    		FROM $g_mantis_user_table
+    		WHERE id='$v_reporter_id'";
+    $result = db_mysql_query( $query );
+    if ( $result ) {
+   		$row = mysql_fetch_array( $result );
+		$t2_handler_name		= $row["username"];
+		$t2_handler_email	= $row["email"];
 	}
 
     $query = "SELECT *
@@ -62,14 +74,12 @@
 	$row = mysql_fetch_array( $result );
 	extract( $row, EXTR_PREFIX_ALL, "v2" );
 
-	$fbcolor = "4444aa";
-	$v_summary = stripslashes( $v_summary );
-	$v_description = stripslashes( $v_description );
-	$v_steps_to_reproduce = stripslashes( $v_steps_to_reproduce );
-	$v_additional_information = stripslashes( $v_additional_information );
-	$v_date_submitted = date( "m-d H:i", $v_date_submitted );
-	$v_last_updated = date( "m-d H:i", $v_last_updated );
-	$v_eta = date( "m-d H:i", $v_eta );
+	$v_summary = string_unsafe( $v_summary );
+	$v_description = string_unsafe( $v_description );
+	$v_steps_to_reproduce = string_unsafe( $v_steps_to_reproduce );
+	$v_additional_information = string_unsafe( $v_additional_information );
+	$v_date_submitted = date( "m-d H:i", sql_to_unix_time( $v_date_submitted ) );
+	$v_last_updated = date( "m-d H:i", sql_to_unix_time( $v_last_updated ) );
 ?>
 
 <p>
@@ -147,8 +157,8 @@
 		</td>
 		<td bgcolor=<? echo $g_primary_color_dark ?> colspan=5>
 			<?
-				if ( $v_reporter_id==$u_id ) {
-					echo "<a href=\"mailto:$u_email\">".$u_username."</a>";
+				if ( isset( $t2_handler_name ) ) {
+					echo "<a href=\"mailto:$t2_handler_email\">".$t2_handler_name."</a>";
 				}
 				else {
 					echo "user no longer exists";
@@ -162,6 +172,7 @@
 		</td>
 		<td bgcolor=<? echo $g_primary_color_light ?> colspan=5>
 			<select name=f_handler_id>
+				<option value=""></option>
 			<?
 			    $query = "SELECT id, username
 			    		FROM $g_mantis_user_table
diff --git a/bug_update_page.php3 b/bug_update_page.php3
index cf8768faec..b0b1177d72 100644
--- a/bug_update_page.php3
+++ b/bug_update_page.php3
@@ -30,18 +30,16 @@
     $query = "SELECT *
     		FROM $g_mantis_user_table
 			WHERE cookie_string='$g_string_cookie_val'";
-    $result = mysql_query($query);
-    if ( $result ) {
-		$row = mysql_fetch_array($result);
-		if ( $row ) {
-			extract( $row, EXTR_PREFIX_ALL, "u" );
-		}
+    $result = db_mysql_query($query);
+	$row = mysql_fetch_array($result);
+	if ( $row ) {
+		extract( $row, EXTR_PREFIX_ALL, "u" );
 	}
 
     $query = "SELECT *
     		FROM $g_mantis_bug_table
     		WHERE id='$f_id'";
-    $result = mysql_query( $query );
+    $result = db_mysql_query( $query );
 	$row_count = mysql_num_rows( $result );
 
 	$row = mysql_fetch_array( $result );
@@ -50,28 +48,38 @@
     $query = "SELECT username, email
     		FROM $g_mantis_user_table
     		WHERE id='$v_handler_id'";
-    $result = mysql_query( $query );
-    if ( mysql_num_rows( $result ) > 0 ) {
-		$t_handler_name = mysql_result( $result, 0 );
+    $result = db_mysql_query( $query );
+    if ( $result ) {
+   		$row = mysql_fetch_array( $result );
+		$t_handler_name		= $row["username"];
+		$t_handler_email	= $row["email"];
+	}
+
+    $query = "SELECT username, email
+    		FROM $g_mantis_user_table
+    		WHERE id='$v_reporter_id'";
+    $result = db_mysql_query( $query );
+    if ( $result ) {
+   		$row = mysql_fetch_array( $result );
+		$t2_handler_name		= $row["username"];
+		$t2_handler_email	= $row["email"];
 	}
 
     $query = "SELECT *
     		FROM $g_mantis_bug_text_table
     		WHERE id='$v_bug_text_id'";
-    $result = mysql_query( $query );
+    $result = db_mysql_query( $query );
 	$row_count = mysql_num_rows( $result );
 
 	$row = mysql_fetch_array( $result );
 	extract( $row, EXTR_PREFIX_ALL, "v2" );
 
-	$fbcolor = "4444aa";
 	$v_summary = string_unsafe( $v_summary );
 	$v_description = string_unsafe( $v_description );
 	$v_steps_to_reproduce = string_unsafe( $v_steps_to_reproduce );
 	$v_additional_information = string_unsafe( $v_additional_information );
-	$v_date_submitted = date( "m-d H:i", $v_date_submitted );
-	$v_last_updated = date( "m-d H:i", $v_last_updated );
-	$v_eta = date( "m-d H:i", $v_eta );
+	$v_date_submitted = date( "m-d H:i", sql_to_unix_time( $v_date_submitted ) );
+	$v_last_updated = date( "m-d H:i", sql_to_unix_time( $v_last_updated ) );
 ?>
 
 <p>
@@ -149,8 +157,8 @@
 		</td>
 		<td bgcolor=<? echo $g_primary_color_dark ?> colspan=5>
 			<?
-				if ( $v_reporter_id==$u_id ) {
-					echo "<a href=\"mailto:$u_email\">".$u_username."</a>";
+				if ( isset( $t2_handler_name ) ) {
+					echo "<a href=\"mailto:$t2_handler_email\">".$t2_handler_name."</a>";
 				}
 				else {
 					echo "user no longer exists";
@@ -164,6 +172,7 @@
 		</td>
 		<td bgcolor=<? echo $g_primary_color_light ?> colspan=5>
 			<select name=f_handler_id>
+				<option value=""></option>
 			<?
 			    $query = "SELECT id, username
 			    		FROM $g_mantis_user_table