{
// force email or name?? make a distinction?
// more elegant way to do this? probably
- $user = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "user WHERE email LIKE '%" . str_replace('%', '\%', $bugsys->input_escape('reporter')) . "' OR displayname LIKE '%" . str_replace('%', '\%', $bugsys->input_escape('reporter')) . "%'");
+ $user = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "user WHERE email LIKE '%" . str_replace('%', '\%', $input->inputEscape('reporter')) . "' OR displayname LIKE '%" . str_replace('%', '\%', $input->inputEscape('reporter')) . "%'");
if ($user['userid'])
{
$querybuild['reporter'] = "AND bug.userid = $user[userid] OR comment.userid = $user[userid]";
continue;
}
- $api = new BugApi($bugsys);
+ $api = new BugApi();
$api->set('bugid', $bug['bugid']);
$api->values = $bug;