From 80293c235a20d406de7e764bf20e4d8bf854eb8b Mon Sep 17 00:00:00 2001
From: Robert Sesek <rsesek@bluestatic.org>
Date: Sat, 19 Sep 2020 14:41:05 -0400
Subject: [PATCH] Fix un-quoted constant keys in eval expressions.

---
 newreport.php  | 2 +-
 search.php     | 6 +++---
 showreport.php | 6 +++---
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/newreport.php b/newreport.php
index f66f265..13a75aa 100644
--- a/newreport.php
+++ b/newreport.php
@@ -167,7 +167,7 @@ if ($_REQUEST['do'] == 'add')
 			$value = $dev['userid'];
 			$label = construct_user_display($dev, false);
 			$selected = ($bugsys->in['assignedto'] ? ($bugsys->in['assignedto'] == $dev['userid']) : ($dev['userid'] == $bugsys->options['defaultassign']));
-			eval('$select[dev] .= "' . $template->fetch('selectoption') . '";');
+			eval('$select["dev"] .= "' . $template->fetch('selectoption') . '";');
 		}
 	}
 
diff --git a/search.php b/search.php
index d04b40b..1e61c1e 100644
--- a/search.php
+++ b/search.php
@@ -161,7 +161,7 @@ if ($_REQUEST['do'] == 'search')
 		{
 			$value = $dev['userid'];
 			$label = construct_user_display($dev, false);
-			eval('$select[dev] .= "' . $template->fetch('selectoption') . '";');
+			eval('$select["dev"] .= "' . $template->fetch('selectoption') . '";');
 		}
 
 		eval('$template->flush("' . $template->fetch('search') . '");');
@@ -479,13 +479,13 @@ if ($_REQUEST['do'] == 'update')
 	$value = '0';
 	$label = '';
 	$selected = true;
-	eval('$select[dev] .= "' . $template->fetch('selectoption') . '";');
+	eval('$select["dev"] .= "' . $template->fetch('selectoption') . '";');
 	$selected = false;
 	foreach (bugdar::$datastore['assignto'] AS $dev)
 	{
 		$value = $dev['userid'];
 		$label = construct_user_display($dev, false);
-		eval('$select[dev] .= "' . $template->fetch('selectoption') . '";');
+		eval('$select["dev"] .= "' . $template->fetch('selectoption') . '";');
 	}
 
 	eval('$template->flush("' . $template->fetch('search_update') . '");');
diff --git a/showreport.php b/showreport.php
index fe3e51d..051fceb 100644
--- a/showreport.php
+++ b/showreport.php
@@ -112,7 +112,7 @@ if ($show['edit'])
 			$value = $dev['userid'];
 			$selected = (($dev['userid'] == $bug['assignedto']) ? true : false);
 			$label = construct_user_display($dev, false);
-			eval('$select[dev] .= "' . $template->fetch('selectoption') . '";');
+			eval('$select["dev"] .= "' . $template->fetch('selectoption') . '";');
 		}
 	}
 
@@ -143,7 +143,7 @@ if ($show['edit'])
 			$label = $action['name'];
 			$value = $action['actionid'];
 			$selected = false;
-			eval('$select[automation] .= "' . $template->fetch('selectoption') . '";');
+			eval('$select["automation"] .= "' . $template->fetch('selectoption') . '";');
 			$show['automations'] = true;
 		}
 		if ($show['automations'])
@@ -151,7 +151,7 @@ if ($show['edit'])
 			$label = '';
 			$value = 0;
 			$selected = true;
-			eval('$select[automation] = "' . $template->fetch('selectoption') . '" . $select[automation];');
+			eval('$select["automation"] = "' . $template->fetch('selectoption') . '" . $select["automation"];');
 		}
 	}
 }
-- 
2.22.5