Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-06 00:55:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
6d6d593ffb
gecko-dev/webtools/bugzilla/sanitycheck.cgi

700 lines
20 KiB
Plaintext
Raw Normal View History

Fix for bug 108982: enable taint mode for all user-facing CGI files. Patch by Brad Baetz <bbaetz@student.usyd.edu.au> r= jake, justdave
2002-01-20 01:44:52 +00:00
#!/usr/bonsaitools/bin/perl -wT
Everything has been ported to now run under Perl.
1998-09-15 21:49:26 +00:00
# -*- Mode: perl; indent-tabs-mode: nil -*-
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
#
updated license boilerplate
1999-11-01 23:33:56 +00:00
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
# The Original Code is the Bugzilla Bug Tracking System.
updated license boilerplate
1999-11-01 23:33:56 +00:00
#
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
# The Initial Developer of the Original Code is Netscape Communications
updated license boilerplate
1999-11-01 23:33:56 +00:00
# Corporation. Portions created by Netscape are
# Copyright (C) 1998 Netscape Communications Corporation. All
# Rights Reserved.
#
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
# Contributor(s): Terry Weissman <terry@mozilla.org>
Fix for bug 91808: Additional sanitycheck tests for the duplicates table. Patch by Matthew Tuck <matty@chariot.net.au> r= jake@acutex.net, caillon@returnzero.com
2001-09-03 01:08:05 +00:00
# Matthew Tuck <matty@chariot.net.au>
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
Everything has been ported to now run under Perl.
1998-09-15 21:49:26 +00:00
use strict;
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
Fix for bug 108982: enable taint mode for all user-facing CGI files. Patch by Brad Baetz <bbaetz@student.usyd.edu.au> r= jake, justdave
2002-01-20 01:44:52 +00:00
use lib qw(.);
Everything has been ported to now run under Perl.
1998-09-15 21:49:26 +00:00
require "CGI.pl";
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
Added a "votes" field to the bugs table, which caches the total number of votes that have been cast for that bug. This let me simplify the SQL in buglist.cgi, which makes things more efficient and fixes several strange bugs.
1999-10-11 17:14:32 +00:00
use vars %::FORM;
sanitycheck.cgi was able to be run by anybody - even people without Bugzilla accounts. It is now restricted to only people with the editbugs permission (bug 54556). Patch by Myk Melez <myk@mozilla.org> r= jake@acutex.net
2001-06-02 14:24:45 +00:00
ConnectToDatabase();
confirm_login();
# Make sure the user is authorized to access sanitycheck.cgi. Access
# is restricted to logged-in users who have "editbugs" privileges,
# which is a reasonable compromise between allowing all users to access
# the script (creating the potential for denial of service attacks)
# and restricting access to this installation's administrators (which
# prevents users with a legitimate interest in Bugzilla integrity
# from accessing the script).
UserInGroup("editbugs")
|| DisplayError("You are not authorized to access this script,
which is reserved for users with the ability to edit bugs.")
&& exit;
Everything has been ported to now run under Perl.
1998-09-15 21:49:26 +00:00
print "Content-type: text/html\n";
print "\n";
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
Added a "votes" field to the bugs table, which caches the total number of votes that have been cast for that bug. This let me simplify the SQL in buglist.cgi, which makes things more efficient and fixes several strange bugs.
1999-10-11 17:14:32 +00:00
my $offervotecacherebuild = 0;
Everything has been ported to now run under Perl.
1998-09-15 21:49:26 +00:00
sub Status {
my ($str) = (@_);
Bug 148488 - more HTML validation fixes r=jouni, gerv
2002-06-28 00:18:32 +00:00
print "$str <p>\n";
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
}
Everything has been ported to now run under Perl.
1998-09-15 21:49:26 +00:00
sub Alert {
my ($str) = (@_);
Bug 148488 - more HTML validation fixes r=jouni, gerv
2002-06-28 00:18:32 +00:00
Status("<font color=\"red\">$str</font>");
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
}
Everything has been ported to now run under Perl.
1998-09-15 21:49:26 +00:00
sub BugLink {
my ($id) = (@_);
Bug 148488 - more HTML validation fixes r=jouni, gerv
2002-06-28 00:18:32 +00:00
return "<a href=\"show_bug.cgi?id=$id\">$id</a>";
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
}
Added a "votes" field to the bugs table, which caches the total number of votes that have been cast for that bug. This let me simplify the SQL in buglist.cgi, which makes things more efficient and fixes several strange bugs.
1999-10-11 17:14:32 +00:00
sub AlertBadVoteCache {
my ($id) = (@_);
Alert("Bad vote cache for bug " . BugLink($id));
$offervotecacherebuild = 1;
}
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
sub CrossCheck {
my $table = shift @_;
my $field = shift @_;
Status("Checking references to $table.$field");
SendSQL("SELECT DISTINCT $field FROM $table");
my %valid;
while (MoreSQLData()) {
$valid{FetchOneColumn()} = 1;
}
while (@_) {
my $ref = shift @_;
Landing Adam Spiers' contributions for security and small functional issues
2000-07-25 18:58:54 +00:00
my ($t2, $f2, $key2, $exceptions) = @$ref;
$exceptions ||= [];
my %exceptions = map { $_ => 1 } @$exceptions;
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
Status("... from $t2.$f2");
Landing Adam Spiers' contributions for security and small functional issues
2000-07-25 18:58:54 +00:00
Fix for bug 76140 - Adding some more sanity checks. Patch by Matthew Tuck <matty@chariot.net.au> r= caillon@returnzero.com, jake@acutex.net
2001-09-10 15:20:11 +00:00
SendSQL("SELECT DISTINCT $f2" . ($key2 ? ", $key2" : '') ." FROM $t2 "
. "WHERE $f2 IS NOT NULL");
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
while (MoreSQLData()) {
Landing Adam Spiers' contributions for security and small functional issues
2000-07-25 18:58:54 +00:00
my ($value, $key) = FetchSQLData();
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
if (!$valid{$value} && !$exceptions{$value}) {
Landing Adam Spiers' contributions for security and small functional issues
2000-07-25 18:58:54 +00:00
my $alert = "Bad value $value found in $t2.$f2";
if ($key2) {
if ($key2 eq 'bug_id') {
$alert .= qq{ (<a href="show_bug.cgi?id=$key">bug $key</a>)};
}
else {
$alert .= " ($key2 == '$key')";
}
}
Oops! This was changed a couple of months ago in such a way that a large class of problems wouldn't be reported. (It wouldn't show most cases where a table had an invalid ID pointing into another table.)
2000-09-19 15:42:53 +00:00
Alert($alert);
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
}
}
}
}
bug 157756 - Groups_20020716_Branch Tracking : > 55 groups now supported r=bbaetz, gerv
2002-09-22 17:15:13 +00:00
sub DateCheck {
my $table = shift @_;
my $field = shift @_;
Status("Checking dates in $table.$field");
SendSQL("SELECT COUNT( $field ) FROM $table WHERE $field > NOW()");
my $c = FetchOneColumn();
if ($c) {
Alert("Found $c dates in future");
}
}
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
Fix for bug 91808: Additional sanitycheck tests for the duplicates table. Patch by Matthew Tuck <matty@chariot.net.au> r= jake@acutex.net, caillon@returnzero.com
2001-09-03 01:08:05 +00:00
my @badbugs;
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
Everything has been ported to now run under Perl.
1998-09-15 21:49:26 +00:00
Added a "component/product" sanity check.
1999-03-03 22:55:36 +00:00
my @row;
Add check to make sure versions table is OK.
1999-03-05 17:55:45 +00:00
my @checklist;
Added a "votes" field to the bugs table, which caches the total number of votes that have been cast for that bug. This let me simplify the SQL in buglist.cgi, which makes things more efficient and fixes several strange bugs.
1999-10-11 17:14:32 +00:00
PutHeader("Bugzilla Sanity Check");
Bug 93667: Add comments to uncommented sections of sanitycheck.cgi
2002-05-22 09:21:35 +00:00
###########################################################################
# Fix vote cache
###########################################################################
Added a "votes" field to the bugs table, which caches the total number of votes that have been cast for that bug. This let me simplify the SQL in buglist.cgi, which makes things more efficient and fixes several strange bugs.
1999-10-11 17:14:32 +00:00
if (exists $::FORM{'rebuildvotecache'}) {
Status("OK, now rebuilding vote cache.");
SendSQL("lock tables bugs write, votes read");
Updating the vote cache should not update the date-last-changed field in the bug.
1999-10-12 11:18:29 +00:00
SendSQL("update bugs set votes = 0, delta_ts=delta_ts");
Added a "votes" field to the bugs table, which caches the total number of votes that have been cast for that bug. This let me simplify the SQL in buglist.cgi, which makes things more efficient and fixes several strange bugs.
1999-10-11 17:14:32 +00:00
SendSQL("select bug_id, sum(count) from votes group by bug_id");
my %votes;
while (@row = FetchSQLData()) {
my ($id, $v) = (@row);
$votes{$id} = $v;
}
foreach my $id (keys %votes) {
Updating the vote cache should not update the date-last-changed field in the bug.
1999-10-12 11:18:29 +00:00
SendSQL("update bugs set votes = $votes{$id}, delta_ts=delta_ts where bug_id = $id");
Added a "votes" field to the bugs table, which caches the total number of votes that have been cast for that bug. This let me simplify the SQL in buglist.cgi, which makes things more efficient and fixes several strange bugs.
1999-10-11 17:14:32 +00:00
}
SendSQL("unlock tables");
Updating the vote cache should not update the date-last-changed field in the bug.
1999-10-12 11:18:29 +00:00
Status("Vote cache has been rebuilt.");
Added a "votes" field to the bugs table, which caches the total number of votes that have been cast for that bug. This let me simplify the SQL in buglist.cgi, which makes things more efficient and fixes several strange bugs.
1999-10-11 17:14:32 +00:00
}
bug 157756 - Groups_20020716_Branch Tracking : > 55 groups now supported r=bbaetz, gerv
2002-09-22 17:15:13 +00:00
if (exists $::FORM{'rederivegroups'}) {
Status("OK, All users' inherited permissions will be rechecked when " .
"they next access Bugzilla.");
SendSQL("UPDATE groups SET last_changed = NOW() LIMIT 1");
}
# rederivegroupsnow is REALLY only for testing.
if (exists $::FORM{'rederivegroupsnow'}) {
Status("OK, now rederiving groups.");
SendSQL("SELECT userid FROM profiles");
while ((my $id) = FetchSQLData()) {
DeriveGroup($id);
Status("Group $id");
}
}
if (exists $::FORM{'cleangroupsnow'}) {
Status("OK, now cleaning stale groups.");
# Only users that were out of date already long ago should be cleaned
# and the cleaning is done with tables locked. This is require in order
# to keep another session from proceeding with permission checks
# after the groups have been cleaned unless it first had an opportunity
# to get the groups up to date.
# If any page starts taking longer than one hour to load, this interval
# should be revised.
SendSQL("SELECT MAX(last_changed) FROM groups WHERE last_changed < NOW() - INTERVAL 1 HOUR");
(my $cutoff) = FetchSQLData();
Status("Cutoff is $cutoff");
SendSQL("SELECT COUNT(*) FROM user_group_map");
(my $before) = FetchSQLData();
SendSQL("LOCK TABLES user_group_map WRITE, profiles WRITE");
SendSQL("SELECT userid FROM profiles " .
"WHERE refreshed_when > 0 " .
"AND refreshed_when < " . SqlQuote($cutoff) .
" LIMIT 1000");
my $count = 0;
while ((my $id) = FetchSQLData()) {
$count++;
PushGlobalSQLState();
SendSQL("DELETE FROM user_group_map WHERE " .
"user_id = $id AND isderived = 1 AND isbless = 0");
SendSQL("UPDATE profiles SET refreshed_when = 0 WHERE userid = $id");
PopGlobalSQLState();
}
SendSQL("UNLOCK TABLES");
SendSQL("SELECT COUNT(*) FROM user_group_map");
(my $after) = FetchSQLData();
Status("Cleaned table for $count users " .
"- reduced from $before records to $after records");
}
Bug 148488 - more HTML validation fixes r=jouni, gerv
2002-06-28 00:18:32 +00:00
print "OK, now running sanity checks.<p>\n";
Added a "votes" field to the bugs table, which caches the total number of votes that have been cast for that bug. This let me simplify the SQL in buglist.cgi, which makes things more efficient and fixes several strange bugs.
1999-10-11 17:14:32 +00:00
Bug 126883 - bugzilla.dtd isn't quite correct r=gerv, justdave
2002-04-04 04:19:58 +00:00
# This one goes first, because if this is wrong, then the below tests
# will probably fail too
# This isn't extensible. Thats OK; we're not adding any more enum fields
Status("Checking for invalid enumeration values");
foreach my $field (("bug_severity", "bug_status", "op_sys",
"priority", "rep_platform", "resolution")) {
# undefined enum values in mysql are an empty string which equals 0
SendSQL("SELECT bug_id FROM bugs WHERE $field=0 ORDER BY bug_id");
my @invalid;
while (MoreSQLData()) {
push (@invalid, FetchOneColumn());
}
if (@invalid) {
Alert("Bug(s) found with invalid $field value: ".join(', ',@invalid));
}
}
Bug 93667: Add comments to uncommented sections of sanitycheck.cgi
2002-05-22 09:21:35 +00:00
###########################################################################
# Perform referential (cross) checks
###########################################################################
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
CrossCheck("keyworddefs", "id",
["keywords", "keywordid"]);
CrossCheck("fielddefs", "fieldid",
["bugs_activity", "fieldid"]);
Fix for bug 76140 - Adding some more sanity checks. Patch by Matthew Tuck <matty@chariot.net.au> r= caillon@returnzero.com, jake@acutex.net
2001-09-10 15:20:11 +00:00
CrossCheck("attachments", "attach_id",
Fix for bug 98801: Implementation of the request tracker, a set of enhancements to attachment statuses. r=gerv,bbaetz
2002-09-28 18:42:54 +00:00
["flags", "attach_id"],
Fix for bug 76140 - Adding some more sanity checks. Patch by Matthew Tuck <matty@chariot.net.au> r= caillon@returnzero.com, jake@acutex.net
2001-09-10 15:20:11 +00:00
["bugs_activity", "attach_id"]);
Fix for bug 98801: Implementation of the request tracker, a set of enhancements to attachment statuses. r=gerv,bbaetz
2002-09-28 18:42:54 +00:00
CrossCheck("flagtypes", "id",
["flags", "type_id"]);
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
CrossCheck("bugs", "bug_id",
["bugs_activity", "bug_id"],
bug 157756 - Groups_20020716_Branch Tracking : > 55 groups now supported r=bbaetz, gerv
2002-09-22 17:15:13 +00:00
["bug_group_map", "bug_id"],
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
["attachments", "bug_id"],
["cc", "bug_id"],
["longdescs", "bug_id"],
["dependencies", "blocked"],
["dependencies", "dependson"],
["votes", "bug_id"],
Fix for bug 76140 - Adding some more sanity checks. Patch by Matthew Tuck <matty@chariot.net.au> r= caillon@returnzero.com, jake@acutex.net
2001-09-10 15:20:11 +00:00
["keywords", "bug_id"],
["duplicates", "dupe_of", "dupe"],
["duplicates", "dupe", "dupe_of"]);
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
bug 157756 - Groups_20020716_Branch Tracking : > 55 groups now supported r=bbaetz, gerv
2002-09-22 17:15:13 +00:00
CrossCheck("groups", "id",
["bug_group_map", "group_id"],
["group_group_map", "grantor_id"],
["group_group_map", "member_id"],
["user_group_map", "group_id"]);
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
CrossCheck("profiles", "userid",
Landing Adam Spiers' contributions for security and small functional issues
2000-07-25 18:58:54 +00:00
["bugs", "reporter", "bug_id"],
["bugs", "assigned_to", "bug_id"],
["bugs", "qa_contact", "bug_id", ["0"]],
["attachments", "submitter_id", "bug_id"],
["bugs_activity", "who", "bug_id"],
["cc", "who", "bug_id"],
["votes", "who", "bug_id"],
["longdescs", "who", "bug_id"],
Fix for bug 76140 - Adding some more sanity checks. Patch by Matthew Tuck <matty@chariot.net.au> r= caillon@returnzero.com, jake@acutex.net
2001-09-10 15:20:11 +00:00
["logincookies", "userid"],
fix for 66876: Using userids (mediumint) for initialowner and initialqacontact based on patch submitted by baulig@suse.de (Martin Baulig).
2001-02-22 18:11:29 +00:00
["namedqueries", "userid"],
Fix for bug 76140 - Adding some more sanity checks. Patch by Matthew Tuck <matty@chariot.net.au> r= caillon@returnzero.com, jake@acutex.net
2001-09-10 15:20:11 +00:00
["watch", "watcher"],
["watch", "watched"],
["tokens", "userid"],
Bug 43600 - Convert products/components to use ids instead of names. Initial attempt by jake@bugzilla.org, updated by me r=joel, preed
2002-08-12 05:43:05 +00:00
["components", "initialowner", "name"],
bug 157756 - Groups_20020716_Branch Tracking : > 55 groups now supported r=bbaetz, gerv
2002-09-22 17:15:13 +00:00
["user_group_map", "user_id"],
Bug 43600 - Convert products/components to use ids instead of names. Initial attempt by jake@bugzilla.org, updated by me r=joel, preed
2002-08-12 05:43:05 +00:00
["components", "initialqacontact", "name", ["0"]]);
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
Bug 43600 - Convert products/components to use ids instead of names. Initial attempt by jake@bugzilla.org, updated by me r=joel, preed
2002-08-12 05:43:05 +00:00
CrossCheck("products", "id",
["bugs", "product_id", "bug_id"],
["components", "product_id", "name"],
["milestones", "product_id", "value"],
["versions", "product_id", "value"],
Fix for bug 98801: Implementation of the request tracker, a set of enhancements to attachment statuses. r=gerv,bbaetz
2002-09-28 18:42:54 +00:00
["flagtypes", "product_id", "name"]);
Fix for bug 76140 - Adding some more sanity checks. Patch by Matthew Tuck <matty@chariot.net.au> r= caillon@returnzero.com, jake@acutex.net
2001-09-10 15:20:11 +00:00
bug 157756 - Groups_20020716_Branch Tracking : > 55 groups now supported r=bbaetz, gerv
2002-09-22 17:15:13 +00:00
DateCheck("groups", "last_changed");
DateCheck("profiles", "refreshed_when");
Check for and rebuild busted password stuff.
2000-01-18 14:26:16 +00:00
Added 'groups' stuff, where we have different group bits that we can put on a person or on a bug. Some of the group bits control access to bugzilla features. And a person can't access a bug unless he has every group bit set that is also set on the bug.
1999-03-11 16:30:54 +00:00
Bug 93667: Add comments to uncommented sections of sanitycheck.cgi
2002-05-22 09:21:35 +00:00
###########################################################################
# Perform product specific field checks
###########################################################################
Added 'groups' stuff, where we have different group bits that we can put on a person or on a bug. Some of the group bits control access to bugzilla features. And a person can't access a bug unless he has every group bit set that is also set on the bug.
1999-03-11 16:30:54 +00:00
Add check to make sure versions table is OK.
1999-03-05 17:55:45 +00:00
Status("Checking version/products");
Bug 43600 - Convert products/components to use ids instead of names. Initial attempt by jake@bugzilla.org, updated by me r=joel, preed
2002-08-12 05:43:05 +00:00
SendSQL("select distinct product_id, version from bugs");
Add check to make sure versions table is OK.
1999-03-05 17:55:45 +00:00
while (@row = FetchSQLData()) {
my @copy = @row;
push(@checklist, \@copy);
}
foreach my $ref (@checklist) {
Bug 43600 - Convert products/components to use ids instead of names. Initial attempt by jake@bugzilla.org, updated by me r=joel, preed
2002-08-12 05:43:05 +00:00
my ($product_id, $version) = (@$ref);
SendSQL("select count(*) from versions where product_id = $product_id and value = " . SqlQuote($version));
Add check to make sure versions table is OK.
1999-03-05 17:55:45 +00:00
if (FetchOneColumn() != 1) {
Bug 43600 - Convert products/components to use ids instead of names. Initial attempt by jake@bugzilla.org, updated by me r=joel, preed
2002-08-12 05:43:05 +00:00
Alert("Bug(s) found with invalid product ID/version: $product_id/$version");
Add check to make sure versions table is OK.
1999-03-05 17:55:45 +00:00
}
}
Patch by "Matt Masson" <matthew@zeroknowledge.com> -- allow definition of different target milestones by product.
2000-03-21 16:47:06 +00:00
# Adding check for Target Milestones / products - matthew@zeroknowledge.com
Status("Checking milestone/products");
@checklist = ();
Bug 43600 - Convert products/components to use ids instead of names. Initial attempt by jake@bugzilla.org, updated by me r=joel, preed
2002-08-12 05:43:05 +00:00
SendSQL("select distinct product_id, target_milestone from bugs");
Patch by "Matt Masson" <matthew@zeroknowledge.com> -- allow definition of different target milestones by product.
2000-03-21 16:47:06 +00:00
while (@row = FetchSQLData()) {
my @copy = @row;
push(@checklist, \@copy);
}
foreach my $ref (@checklist) {
Bug 43600 - Convert products/components to use ids instead of names. Initial attempt by jake@bugzilla.org, updated by me r=joel, preed
2002-08-12 05:43:05 +00:00
my ($product_id, $milestone) = (@$ref);
SendSQL("SELECT count(*) FROM milestones WHERE product_id = $product_id AND value = " . SqlQuote($milestone));
Patch by "Matt Masson" <matthew@zeroknowledge.com> -- allow definition of different target milestones by product.
2000-03-21 16:47:06 +00:00
if(FetchOneColumn() != 1) {
Bug 43600 - Convert products/components to use ids instead of names. Initial attempt by jake@bugzilla.org, updated by me r=joel, preed
2002-08-12 05:43:05 +00:00
Alert("Bug(s) found with invalid product ID/milestone: $product_id/$milestone");
Patch by "Matt Masson" <matthew@zeroknowledge.com> -- allow definition of different target milestones by product.
2000-03-21 16:47:06 +00:00
}
}
Fix for bug 76140 - Adding some more sanity checks. Patch by Matthew Tuck <matty@chariot.net.au> r= caillon@returnzero.com, jake@acutex.net
2001-09-10 15:20:11 +00:00
Status("Checking default milestone/products");
@checklist = ();
Bug 43600 - Convert products/components to use ids instead of names. Initial attempt by jake@bugzilla.org, updated by me r=joel, preed
2002-08-12 05:43:05 +00:00
SendSQL("select id, defaultmilestone from products");
Fix for bug 76140 - Adding some more sanity checks. Patch by Matthew Tuck <matty@chariot.net.au> r= caillon@returnzero.com, jake@acutex.net
2001-09-10 15:20:11 +00:00
while (@row = FetchSQLData()) {
my @copy = @row;
push(@checklist, \@copy);
}
foreach my $ref (@checklist) {
Bug 43600 - Convert products/components to use ids instead of names. Initial attempt by jake@bugzilla.org, updated by me r=joel, preed
2002-08-12 05:43:05 +00:00
my ($product_id, $milestone) = (@$ref);
SendSQL("SELECT count(*) FROM milestones WHERE product_id = $product_id AND value = " . SqlQuote($milestone));
Fix for bug 76140 - Adding some more sanity checks. Patch by Matthew Tuck <matty@chariot.net.au> r= caillon@returnzero.com, jake@acutex.net
2001-09-10 15:20:11 +00:00
if(FetchOneColumn() != 1) {
Bug 43600 - Convert products/components to use ids instead of names. Initial attempt by jake@bugzilla.org, updated by me r=joel, preed
2002-08-12 05:43:05 +00:00
Alert("Product(s) found with invalid default milestone: $product_id/$milestone");
Fix for bug 76140 - Adding some more sanity checks. Patch by Matthew Tuck <matty@chariot.net.au> r= caillon@returnzero.com, jake@acutex.net
2001-09-10 15:20:11 +00:00
}
}
Added a "component/product" sanity check.
1999-03-03 22:55:36 +00:00
Status("Checking components/products");
Add check to make sure versions table is OK.
1999-03-05 17:55:45 +00:00
@checklist = ();
Bug 43600 - Convert products/components to use ids instead of names. Initial attempt by jake@bugzilla.org, updated by me r=joel, preed
2002-08-12 05:43:05 +00:00
SendSQL("select distinct product_id, component_id from bugs");
Added a "component/product" sanity check.
1999-03-03 22:55:36 +00:00
while (@row = FetchSQLData()) {
my @copy = @row;
push(@checklist, \@copy);
}
foreach my $ref (@checklist) {
Bug 43600 - Convert products/components to use ids instead of names. Initial attempt by jake@bugzilla.org, updated by me r=joel, preed
2002-08-12 05:43:05 +00:00
my ($product_id, $component_id) = (@$ref);
SendSQL("select count(*) from components where product_id = $product_id and id = $component_id");
Added a "component/product" sanity check.
1999-03-03 22:55:36 +00:00
if (FetchOneColumn() != 1) {
Bug 43600 - Convert products/components to use ids instead of names. Initial attempt by jake@bugzilla.org, updated by me r=joel, preed
2002-08-12 05:43:05 +00:00
Alert(qq{Bug(s) found with invalid product/component ID: $product_id/$component_id});
Added a "component/product" sanity check.
1999-03-03 22:55:36 +00:00
}
}
Bug 93667: Add comments to uncommented sections of sanitycheck.cgi
2002-05-22 09:21:35 +00:00
###########################################################################
# Perform login checks
###########################################################################
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
Status("Checking profile logins");
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
Honor the emailregexp param when checking email addresses.
2000-01-22 22:19:05 +00:00
my $emailregexp = Param("emailregexp");
Landing Adam Spiers' contributions for security and small functional issues
2000-07-25 18:58:54 +00:00
$emailregexp =~ s/'/\\'/g;
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
SendSQL("SELECT userid, login_name FROM profiles " .
Landing Adam Spiers' contributions for security and small functional issues
2000-07-25 18:58:54 +00:00
"WHERE login_name NOT REGEXP '" . $emailregexp . "'");
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
while (my ($id,$email) = (FetchSQLData())) {
Alert "Bad profile email address, id=$id, &lt;$email&gt;."
}
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
Bug 93667: Add comments to uncommented sections of sanitycheck.cgi
2002-05-22 09:21:35 +00:00
###########################################################################
# Perform vote/keyword cache checks
###########################################################################
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
SendSQL("SELECT bug_id,votes,keywords FROM bugs " .
"WHERE votes != 0 OR keywords != ''");
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
Added a "votes" field to the bugs table, which caches the total number of votes that have been cast for that bug. This let me simplify the SQL in buglist.cgi, which makes things more efficient and fixes several strange bugs.
1999-10-11 17:14:32 +00:00
my %votes;
Everything has been ported to now run under Perl.
1998-09-15 21:49:26 +00:00
my %bugid;
Added a "keywords" field to a bug, which is a cached string-based copy of all the keywords assigned to the bug. Right now, we only have code that generates and maintains this field; soon will come code that actually uses it.
2000-01-17 11:38:41 +00:00
my %keyword;
Everything has been ported to now run under Perl.
1998-09-15 21:49:26 +00:00
while (@row = FetchSQLData()) {
Added much more crosschecks, and simplified a lot of the code.
2000-01-23 04:37:40 +00:00
my($id, $v, $k) = (@row);
Added a "votes" field to the bugs table, which caches the total number of votes that have been cast for that bug. This let me simplify the SQL in buglist.cgi, which makes things more efficient and fixes several strange bugs.
1999-10-11 17:14:32 +00:00
if ($v != 0) {
$votes{$id} = $v;
}
Added a "keywords" field to a bug, which is a cached string-based copy of all the keywords assigned to the bug. Right now, we only have code that generates and maintains this field; soon will come code that actually uses it.
2000-01-17 11:38:41 +00:00
if ($k) {
$keyword{$id} = $k;
}
Added a "votes" field to the bugs table, which caches the total number of votes that have been cast for that bug. This let me simplify the SQL in buglist.cgi, which makes things more efficient and fixes several strange bugs.
1999-10-11 17:14:32 +00:00
}
Status("Checking cached vote counts");
SendSQL("select bug_id, sum(count) from votes group by bug_id");
while (@row = FetchSQLData()) {
my ($id, $v) = (@row);
if ($v <= 0) {
Alert("Bad vote sum for bug $id");
} else {
if (!defined $votes{$id} || $votes{$id} != $v) {
AlertBadVoteCache($id);
}
delete $votes{$id};
}
}
foreach my $id (keys %votes) {
AlertBadVoteCache($id);
Do some simple sanity checks.
1998-09-01 01:20:36 +00:00
}
Added a "votes" field to the bugs table, which caches the total number of votes that have been cast for that bug. This let me simplify the SQL in buglist.cgi, which makes things more efficient and fixes several strange bugs.
1999-10-11 17:14:32 +00:00
if ($offervotecacherebuild) {
print qq{<a href="sanitycheck.cgi?rebuildvotecache=1">Click here to rebuild the vote cache</a><p>\n};
}
Added a "keywords" field to a bug, which is a cached string-based copy of all the keywords assigned to the bug. Right now, we only have code that generates and maintains this field; soon will come code that actually uses it.
2000-01-17 11:38:41 +00:00
Status("Checking keywords table");
my %keywordids;
SendSQL("SELECT id, name FROM keyworddefs");
while (@row = FetchSQLData()) {
my ($id, $name) = (@row);
if ($keywordids{$id}) {
Alert("Duplicate entry in keyworddefs for id $id");
}
$keywordids{$id} = 1;
Let's outlaw whitespace in keywords.
2000-01-19 19:26:37 +00:00
if ($name =~ /[\s,]/) {
Added a "keywords" field to a bug, which is a cached string-based copy of all the keywords assigned to the bug. Right now, we only have code that generates and maintains this field; soon will come code that actually uses it.
2000-01-17 11:38:41 +00:00
Alert("Bogus name in keyworddefs for id $id");
}
}
SendSQL("SELECT bug_id, keywordid FROM keywords ORDER BY bug_id, keywordid");
my $lastid;
my $lastk;
while (@row = FetchSQLData()) {
my ($id, $k) = (@row);
if (!$keywordids{$k}) {
Alert("Bogus keywordids $k found in keywords table");
}
if (defined $lastid && $id eq $lastid && $k eq $lastk) {
Alert("Duplicate keyword ids found in bug " . BugLink($id));
}
$lastid = $id;
$lastk = $k;
}
Status("Checking cached keywords");
my %realk;
if (exists $::FORM{'rebuildkeywordcache'}) {
SendSQL("LOCK TABLES bugs write, keywords read, keyworddefs read");
}
SendSQL("SELECT keywords.bug_id, keyworddefs.name " .
Fix for bug 71664 - Don't complain about a bad keyword cache for a bug that doesn't exist. Patch by Matthew Tuck <matty@chariot.net.au> r= afranke@ags.uni-sb.de, jake@acutex.net
2001-09-10 14:12:10 +00:00
"FROM keywords, keyworddefs, bugs " .
Added a "keywords" field to a bug, which is a cached string-based copy of all the keywords assigned to the bug. Right now, we only have code that generates and maintains this field; soon will come code that actually uses it.
2000-01-17 11:38:41 +00:00
"WHERE keyworddefs.id = keywords.keywordid " .
Fix for bug 71664 - Don't complain about a bad keyword cache for a bug that doesn't exist. Patch by Matthew Tuck <matty@chariot.net.au> r= afranke@ags.uni-sb.de, jake@acutex.net
2001-09-10 14:12:10 +00:00
" AND keywords.bug_id = bugs.bug_id " .
Added a "keywords" field to a bug, which is a cached string-based copy of all the keywords assigned to the bug. Right now, we only have code that generates and maintains this field; soon will come code that actually uses it.
2000-01-17 11:38:41 +00:00
"ORDER BY keywords.bug_id, keyworddefs.name");
my $lastb;
my @list;
while (1) {
my ($b, $k) = (FetchSQLData());
if (!defined $b || $b ne $lastb) {
if (@list) {
$realk{$lastb} = join(', ', @list);
}
if (!$b) {
last;
}
$lastb = $b;
@list = ();
}
push(@list, $k);
}
Fix for bug 91808: Additional sanitycheck tests for the duplicates table. Patch by Matthew Tuck <matty@chariot.net.au> r= jake@acutex.net, caillon@returnzero.com
2001-09-03 01:08:05 +00:00
@badbugs = ();
Added a "keywords" field to a bug, which is a cached string-based copy of all the keywords assigned to the bug. Right now, we only have code that generates and maintains this field; soon will come code that actually uses it.
2000-01-17 11:38:41 +00:00
foreach my $b (keys(%keyword)) {
if (!exists $realk{$b} || $realk{$b} ne $keyword{$b}) {
Fix for bug 91808: Additional sanitycheck tests for the duplicates table. Patch by Matthew Tuck <matty@chariot.net.au> r= jake@acutex.net, caillon@returnzero.com
2001-09-03 01:08:05 +00:00
push(@badbugs, $b);
Added a "keywords" field to a bug, which is a cached string-based copy of all the keywords assigned to the bug. Right now, we only have code that generates and maintains this field; soon will come code that actually uses it.
2000-01-17 11:38:41 +00:00
}
}
foreach my $b (keys(%realk)) {
if (!exists $keyword{$b}) {
Fix for bug 91808: Additional sanitycheck tests for the duplicates table. Patch by Matthew Tuck <matty@chariot.net.au> r= jake@acutex.net, caillon@returnzero.com
2001-09-03 01:08:05 +00:00
push(@badbugs, $b);
Added a "keywords" field to a bug, which is a cached string-based copy of all the keywords assigned to the bug. Right now, we only have code that generates and maintains this field; soon will come code that actually uses it.
2000-01-17 11:38:41 +00:00
}
}
Fix for bug 91808: Additional sanitycheck tests for the duplicates table. Patch by Matthew Tuck <matty@chariot.net.au> r= jake@acutex.net, caillon@returnzero.com
2001-09-03 01:08:05 +00:00
if (@badbugs) {
@badbugs = sort {$a <=> $b} @badbugs;
Added a "keywords" field to a bug, which is a cached string-based copy of all the keywords assigned to the bug. Right now, we only have code that generates and maintains this field; soon will come code that actually uses it.
2000-01-17 11:38:41 +00:00
Alert("Bug(s) found with incorrect keyword cache: " .
Fix for bug 91808: Additional sanitycheck tests for the duplicates table. Patch by Matthew Tuck <matty@chariot.net.au> r= jake@acutex.net, caillon@returnzero.com
2001-09-03 01:08:05 +00:00
join(', ', @badbugs));
Added a "keywords" field to a bug, which is a cached string-based copy of all the keywords assigned to the bug. Right now, we only have code that generates and maintains this field; soon will come code that actually uses it.
2000-01-17 11:38:41 +00:00
if (exists $::FORM{'rebuildkeywordcache'}) {
Status("OK, now fixing keyword cache.");
Fix for bug 91808: Additional sanitycheck tests for the duplicates table. Patch by Matthew Tuck <matty@chariot.net.au> r= jake@acutex.net, caillon@returnzero.com
2001-09-03 01:08:05 +00:00
foreach my $b (@badbugs) {
Added a "keywords" field to a bug, which is a cached string-based copy of all the keywords assigned to the bug. Right now, we only have code that generates and maintains this field; soon will come code that actually uses it.
2000-01-17 11:38:41 +00:00
my $k = '';
if (exists($realk{$b})) {
$k = $realk{$b};
}
SendSQL("UPDATE bugs SET delta_ts = delta_ts, keywords = " .
SqlQuote($k) .
" WHERE bug_id = $b");
}
Status("Keyword cache fixed.");
} else {
print qq{<a href="sanitycheck.cgi?rebuildkeywordcache=1">Click here to rebuild the keyword cache</a><p>\n};
}
}
Fix for bug 83474 - The tables were not being unlocked properly when rebuilding the keyword cache if there were no keywords to rebuild. Patch by Lukasz Engel <Lukasz.Engel@softax.pl> r= matty@chariot.net.au
2001-10-05 15:18:12 +00:00
if (exists $::FORM{'rebuildkeywordcache'}) {
SendSQL("UNLOCK TABLES");
}
Added a "keywords" field to a bug, which is a cached string-based copy of all the keywords assigned to the bug. Right now, we only have code that generates and maintains this field; soon will come code that actually uses it.
2000-01-17 11:38:41 +00:00
Fix for bug 91808: Additional sanitycheck tests for the duplicates table. Patch by Matthew Tuck <matty@chariot.net.au> r= jake@acutex.net, caillon@returnzero.com
2001-09-03 01:08:05 +00:00
###########################################################################
# Perform duplicates table checks
###########################################################################
Status("Checking duplicates table");
SendSQL("SELECT bugs.bug_id " .
refix for bug 91808: previous patch for this bug used an INNER JOIN construct in the SQL, which is not supported by the minimum version of MySQL that we require. Patch by Matthew Tuck <matty@chariot.net.au> r= justdave x2
2001-09-07 01:32:13 +00:00
"FROM bugs, duplicates " .
Fix for bug 91808: Additional sanitycheck tests for the duplicates table. Patch by Matthew Tuck <matty@chariot.net.au> r= jake@acutex.net, caillon@returnzero.com
2001-09-03 01:08:05 +00:00
"WHERE bugs.resolution != 'DUPLICATE' " .
refix for bug 91808: previous patch for this bug used an INNER JOIN construct in the SQL, which is not supported by the minimum version of MySQL that we require. Patch by Matthew Tuck <matty@chariot.net.au> r= justdave x2
2001-09-07 01:32:13 +00:00
" AND bugs.bug_id = duplicates.dupe " .
Fix for bug 91808: Additional sanitycheck tests for the duplicates table. Patch by Matthew Tuck <matty@chariot.net.au> r= jake@acutex.net, caillon@returnzero.com
2001-09-03 01:08:05 +00:00
"ORDER BY bugs.bug_id");
@badbugs = ();
while (@row = FetchSQLData()) {
my ($id) = (@row);
push (@badbugs, $id);
}
if (@badbugs) {
Alert("Bug(s) found on duplicates table that are not marked duplicate: " .
join(', ', @badbugs));
}
SendSQL("SELECT bugs.bug_id " .
"FROM bugs LEFT JOIN duplicates ON bugs.bug_id = duplicates.dupe " .
"WHERE bugs.resolution = 'DUPLICATE' AND duplicates.dupe IS NULL " .
"ORDER BY bugs.bug_id");
@badbugs = ();
while (@row = FetchSQLData()) {
my ($id) = (@row);
push (@badbugs, $id);
}
if (@badbugs) {
Alert("Bug(s) found marked resolved duplicate and not on duplicates " .
"table: " . join(', ', @badbugs));
}
Fix for bug 97971 - Sanity check should check statuses, resolutions, everconfirmed & number of votes. Patch by Matthew Tuck <matty@chariot.net.au> r= jake@acutex.net
2001-09-19 15:06:43 +00:00
###########################################################################
# Perform status/resolution checks
###########################################################################
Status("Checking statuses/resolutions");
my @open_states = map(SqlQuote($_), OpenStates());
my $open_states = join(', ', @open_states);
@badbugs = ();
SendSQL("SELECT bug_id FROM bugs " .
"WHERE bug_status IN ($open_states) " .
"AND resolution != '' " .
"ORDER BY bug_id");
while (@row = FetchSQLData()) {
my ($id) = (@row);
push(@badbugs, $id);
}
if (@badbugs > 0) {
Alert("Bugs with open status and a resolution: " .
join (", ", @badbugs));
}
@badbugs = ();
SendSQL("SELECT bug_id FROM bugs " .
"WHERE bug_status NOT IN ($open_states) " .
"AND resolution = '' " .
"ORDER BY bug_id");
while (@row = FetchSQLData()) {
my ($id) = (@row);
push(@badbugs, $id);
}
if (@badbugs > 0) {
Alert("Bugs with non-open status and no resolution: " .
join (", ", @badbugs));
}
###########################################################################
# Perform status/everconfirmed checks
###########################################################################
Status("Checking statuses/everconfirmed");
@badbugs = ();
SendSQL("SELECT bug_id FROM bugs " .
"WHERE bug_status = " . SqlQuote($::unconfirmedstate) . ' ' .
"AND everconfirmed = 1 " .
"ORDER BY bug_id");
Fix for bug 91808: Additional sanitycheck tests for the duplicates table. Patch by Matthew Tuck <matty@chariot.net.au> r= jake@acutex.net, caillon@returnzero.com
2001-09-03 01:08:05 +00:00
Fix for bug 97971 - Sanity check should check statuses, resolutions, everconfirmed & number of votes. Patch by Matthew Tuck <matty@chariot.net.au> r= jake@acutex.net
2001-09-19 15:06:43 +00:00
while (@row = FetchSQLData()) {
my ($id) = (@row);
push(@badbugs, $id);
}
if (@badbugs > 0) {
Alert("Bugs that are UNCONFIRMED but have everconfirmed set: " .
join (", ", @badbugs));
}
@badbugs = ();
SendSQL("SELECT bug_id FROM bugs " .
"WHERE bug_status IN ('NEW', 'ASSIGNED', 'REOPENED') " .
"AND everconfirmed = 0 " .
"ORDER BY bug_id");
Added a "keywords" field to a bug, which is a cached string-based copy of all the keywords assigned to the bug. Right now, we only have code that generates and maintains this field; soon will come code that actually uses it.
2000-01-17 11:38:41 +00:00
Fix for bug 97971 - Sanity check should check statuses, resolutions, everconfirmed & number of votes. Patch by Matthew Tuck <matty@chariot.net.au> r= jake@acutex.net
2001-09-19 15:06:43 +00:00
while (@row = FetchSQLData()) {
my ($id) = (@row);
push(@badbugs, $id);
}
if (@badbugs > 0) {
Alert("Bugs with confirmed status but don't have everconfirmed set: " .
join (", ", @badbugs));
}
###########################################################################
# Perform vote/everconfirmed checks
###########################################################################
Status("Checking votes/everconfirmed");
@badbugs = ();
SendSQL("SELECT bug_id FROM bugs, products " .
Bug 43600 - Convert products/components to use ids instead of names. Initial attempt by jake@bugzilla.org, updated by me r=joel, preed
2002-08-12 05:43:05 +00:00
"WHERE bugs.product_id = products.id " .
Fix for bug 97971 - Sanity check should check statuses, resolutions, everconfirmed & number of votes. Patch by Matthew Tuck <matty@chariot.net.au> r= jake@acutex.net
2001-09-19 15:06:43 +00:00
"AND bug_status = " . SqlQuote($::unconfirmedstate) . ' ' .
"AND votestoconfirm <= votes " .
"ORDER BY bug_id");
while (@row = FetchSQLData()) {
my ($id) = (@row);
push(@badbugs, $id);
}
if (@badbugs > 0) {
Alert("Bugs that have enough votes to be confirmed but haven't been: " .
join (", ", @badbugs));
}
Bug 106377 - processmail rescanall should use lastdiffed r=justdave, ddkilzer@theracingworld.com
2002-03-03 22:06:20 +00:00
###########################################################################
# Unsent mail
###########################################################################
Status("Checking for unsent mail");
@badbugs = ();
SendSQL("SELECT bug_id " .
"FROM bugs WHERE lastdiffed < delta_ts AND ".
"delta_ts < date_sub(now(), INTERVAL 30 minute) ".
"ORDER BY bug_id");
while (@row = FetchSQLData()) {
my ($id) = (@row);
push(@badbugs, $id);
}
if (@badbugs > 0) {
Alert("Bugs that have changes but no mail sent for at least half an hour: " .
join (", ", @badbugs));
print("Run <code>processmail rescanall</code> to fix this<p>\n");
}
Fix for bug 97971 - Sanity check should check statuses, resolutions, everconfirmed & number of votes. Patch by Matthew Tuck <matty@chariot.net.au> r= jake@acutex.net
2001-09-19 15:06:43 +00:00
###########################################################################
# End
###########################################################################
Added simple sanity checking of the dependencies table.
1999-06-01 20:52:15 +00:00
Status("Sanity check completed.");
Patch by Ramon Felciano <felciano@ingenuity.com>, with many tweaks by me. Added a footer to every page. Add some options to do things like display checkboxes instead of scrolling lists, and a new formatting for email diffs, and show list items capitalized instead of all upper case.
2000-01-14 22:35:49 +00:00
PutFooter();
Reference in New Issue Copy Permalink