[Rt-commit] r5189 - in RT-Extension-TimeWorked: . html/Reports/TimeWorked lib/RT/Extension

[alexmv at bestpractical.com]

Author: alexmv
Date: Tue May  9 12:45:09 2006
New Revision: 5189

Modified:
   RT-Extension-TimeWorked/   (props changed)
   RT-Extension-TimeWorked/html/Callbacks/TimeWorked/Search/Results.html/SearchActions
   RT-Extension-TimeWorked/html/Reports/TimeWorked/index.html
   RT-Extension-TimeWorked/lib/RT/Extension/TimeWorked.pm

Log:
 r12908 at zoq-fot-pik:  chmrr | 2006-05-09 12:44:14 -0400
  * Bugfixes
  * Also, better error reporting


Modified: RT-Extension-TimeWorked/html/Callbacks/TimeWorked/Search/Results.html/SearchActions
==============================================================================
--- RT-Extension-TimeWorked/html/Callbacks/TimeWorked/Search/Results.html/SearchActions	(original)
+++ RT-Extension-TimeWorked/html/Callbacks/TimeWorked/Search/Results.html/SearchActions	Tue May  9 12:45:09 2006
@@ -1,4 +1,4 @@
-<a href="<% $RT::WebPath %>/Reports/TimeWorked/index.html?queue=<% $Query %>">Generate reports</a>
+<a href="<% $RT::WebPath %>/Reports/TimeWorked/index.html?queue=<% $Queue %>">Generate reports</a>
 <%init>
 use YAML;
 my %args = $m->caller_args(2);

Modified: RT-Extension-TimeWorked/html/Reports/TimeWorked/index.html
==============================================================================
--- RT-Extension-TimeWorked/html/Reports/TimeWorked/index.html	(original)
+++ RT-Extension-TimeWorked/html/Reports/TimeWorked/index.html	Tue May  9 12:45:09 2006
@@ -114,6 +114,10 @@
 $end   => undef
 </%args>
 <%init>
+
+# Untaint the queue, to avoid SQL injection
+$queue =~ s/\D//g;
+
 unless ($start) {
     my $then = RT::Date->new($session{'CurrentUser'});
     $then->Set(Format => 'Unix', Value => time - (86400*7));
@@ -126,7 +130,7 @@
     $end = substr($now->ISO,0,10);
 }
 
-my $query = "GROUP BY Tickets.Queue";
+my $query = "";
 $query = "AND Tickets.Queue = '$queue'" if $queue;
 
 my $startDate = RT::Date->new($session{'CurrentUser'});
@@ -163,7 +167,9 @@
    AND Tickets.Status != 'deleted'
    AND Queues.Disabled = 0
    $query
+ GROUP BY Tickets.Queue
 EOSQL
+
 $queue{$_->{queue}}{created}{tickets} = $_->{created} while $_ = $sth->fetchrow_hashref;
 
 $sth = $RT::Handle->SimpleQuery(<<"EOSQL");
@@ -183,7 +189,9 @@
    AND Tickets.Created <= '$end'
    AND Queues.Disabled = 0
    $query
+ GROUP BY Tickets.Queue
 EOSQL
+die $sth->error_message unless $sth;
 while ($_ = $sth->fetchrow_hashref) {
     $queue{$_->{queue}}{created}{resolves} = $_->{resolves};
     $queue{$_->{queue}}{created}{24} = $_->{one_day};
@@ -202,7 +210,9 @@
      OR Tickets.Status = 'open')
    AND Queues.Disabled = 0
    $query
+ GROUP BY Tickets.Queue
 EOSQL
+die $sth->error_message unless $sth;
 $queue{$_->{queue}}{created}{open} = $_->{open} while $_ = $sth->fetchrow_hashref;
 
 
@@ -222,7 +232,9 @@
    AND Transactions.Created <= '$end'
    AND Queues.Disabled = 0
    $query
+ GROUP BY Tickets.Queue
 EOSQL
+die $sth->error_message unless $sth;
 while ($_ = $sth->fetchrow_hashref) {
     $queue{$_->{queue}}{resolved}{tickets} = $_->{all_tickets};
     $queue{$_->{queue}}{resolved}{resolves} = $_->{resolves};
@@ -246,11 +258,11 @@
      OR Tickets.Status = 'open')
    AND Queues.Disabled = 0
    $query
+ GROUP BY Tickets.Queue
 EOSQL
+die $sth->error_message unless $sth;
 $queue{$_->{queue}}{resolved}{open} = $_->{open} while $_ = $sth->fetchrow_hashref;
 
-$query = "" unless $queue;
-
 $sth = $RT::Handle->SimpleQuery(<<"EOSQL");
 SELECT Users.Name as name,
        Tickets.Queue as queue,
@@ -271,6 +283,7 @@
      $query
 GROUP BY Users.Name, Tickets.Queue;
 EOSQL
+die $sth->error_message unless $sth;
 while ($_ = $sth->fetchrow_hashref) {
     $user{$_->{name}}{$_->{queue}}{tickets} = $_->{tickets};
     $user{$_->{name}}{$_->{queue}}{resolves} = $_->{more};
@@ -295,6 +308,7 @@
      $query
 GROUP BY Users.Name, Tickets.Queue;
 EOSQL
+die $sth->error_message unless $sth;
 $user{$_->{name}}{$_->{queue}}{time} = $_->{worked} while $_ = $sth->fetchrow_hashref;
 
 # Set up miniplots

Modified: RT-Extension-TimeWorked/lib/RT/Extension/TimeWorked.pm
==============================================================================
--- RT-Extension-TimeWorked/lib/RT/Extension/TimeWorked.pm	(original)
+++ RT-Extension-TimeWorked/lib/RT/Extension/TimeWorked.pm	Tue May  9 12:45:09 2006
@@ -1,3 +1,3 @@
 package RT::Extension::TimeWorked;
 
-our $VERSION = '0.1';
+our $VERSION = '0.2';