Bug 42946: Bugs filed at same time causing one to be duplicated - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave

5 files changed, 94 insertions, 0 deletions

diff --git a/enter_bug.cgi b/enter_bug.cgi
index 4b39cb750..e4adb8fb7 100755
--- a/enter_bug.cgi
+++ b/enter_bug.cgi
@@ -45,6 +45,7 @@ use Bugzilla::Hook;
 use Bugzilla::Product;
 use Bugzilla::Classification;
 use Bugzilla::Keyword;
+use Bugzilla::Token;
 require "globals.pl";
 
 use vars qw(
@@ -358,6 +359,8 @@ $vars->{'qa_contact_disabled'}  = !UserInGroup('editbugs');
 
 $vars->{'cloned_bug_id'}         = $cloned_bug_id;
 
+$vars->{'token'}             = Bugzilla::Token::IssueSessionToken('createbug:');
+
 if ($cloned_bug_id) {
 
     $default{'component_'}    = $cloned_bug->{'component'};
diff --git a/post_bug.cgi b/post_bug.cgi
index 4258251b5..5f3f91c3b 100755
--- a/post_bug.cgi
+++ b/post_bug.cgi
@@ -35,6 +35,7 @@ use Bugzilla::User;
 use Bugzilla::Field;
 use Bugzilla::Product;
 use Bugzilla::Keyword;
+use Bugzilla::Token;
 
 # Shut up misguided -w warnings about "used only once". For some reason,
 # "use vars" chokes on me when I try it here.
@@ -73,6 +74,33 @@ sub GroupIsActive {
 # Main Script
 ######################################################################
 
+# Detect if the user already used the same form to submit a bug
+my $token = trim($cgi->param('token'));
+if ($token) {
+    my ($creator_id, $date, $old_bug_id) = Bugzilla::Token::GetTokenData($token);
+    unless ($creator_id
+              && ($creator_id == $user->id)
+              && ($old_bug_id =~ "^createbug:"))
+    {
+        # The token is invalid.
+        ThrowUserError('token_inexistent');
+    }
+
+    $old_bug_id =~ s/^createbug://;
+
+    if ($old_bug_id && (!$cgi->param('ignore_token')
+                        || ($cgi->param('ignore_token') != $old_bug_id)))
+    {
+        $vars->{'bugid'} = $old_bug_id;
+        $vars->{'allow_override'} = defined $cgi->param('ignore_token') ? 0 : 1;
+
+        print $cgi->header();
+        $template->process("bug/create/confirm-create-dupe.html.tmpl", $vars)
+           || ThrowTemplateError($template->error());
+        exit;
+    }
+}    
+
 # do a match on the fields if applicable
 
 &Bugzilla::User::match_field ($cgi, {
@@ -544,6 +572,12 @@ if ($cgi->cookie("BUGLIST")) {
 $vars->{'bug_list'} = \@bug_list;
 $vars->{'use_keywords'} = 1 if Bugzilla::Keyword::keyword_count();
 
+if ($token) {
+    trick_taint($token);
+    $dbh->do('UPDATE tokens SET eventdata = ? WHERE token = ?', undef, 
+             ("createbug:$id", $token));
+}
+
 print $cgi->header();
 $template->process("bug/create/created.html.tmpl", $vars)
   || ThrowTemplateError($template->error());
diff --git a/template/en/default/bug/create/confirm-create-dupe.html.tmpl b/template/en/default/bug/create/confirm-create-dupe.html.tmpl
new file mode 100644
index 000000000..ef3d1ff23
--- /dev/null
+++ b/template/en/default/bug/create/confirm-create-dupe.html.tmpl
@@ -0,0 +1,55 @@
+[%# 1.0@bugzilla.org %]
+[%# The contents of this file are subject to the Mozilla Public
+  # License Version 1.1 (the "License"); you may not use this file
+  # except in compliance with the License. You may obtain a copy of
+  # the License at http://www.mozilla.org/MPL/
+  #
+  # Software distributed under the License is distributed on an "AS
+  # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+  # implied. See the License for the specific language governing
+  # rights and limitations under the License.
+  #
+  # The Original Code is the Bugzilla Bug Tracking System.
+  #
+  # The Initial Developer of the Original Code is Olav Vitters.
+  #
+  # Contributor(s): Olav Vitters <olav@bkor.dhs.org>
+  #%]
+
+[%# INTERFACE:
+  # bugid: integer. ID of the bug previously used to create a bug.
+  # allow_override: boolean int. Is 1 if the user may submit the bug again.
+  #%]
+
+[% PROCESS "global/field-descs.none.tmpl" %]
+
+[% PROCESS global/header.html.tmpl
+  title = "Already filed $terms.bug"
+%]
+
+<table cellpadding="20">
+  <tr>
+    <td bgcolor="#ff0000">
+      <font size="+2">
+        You already used the form to file [% "$terms.bug $bugid" FILTER bug_link(bugid) FILTER none %].
+      </font>
+    </td>
+  </tr>
+</table>
+
+<p><font size="big">You are highly encouraged to visit [% "$terms.bug $bugid"
+FILTER bug_link(bugid) FILTER none %].</font></p>
+
+[% IF allow_override %]
+  <p>If you are sure you used the same form to submit a new [% terms.bug %],
+  click 'File [% terms.bug %] again'.<p>
+
+  <form name="create" id="create" method="post" action="post_bug.cgi">
+    [% PROCESS "global/hidden-fields.html.tmpl"
+               exclude="^(Bugzilla_login|Bugzilla_password|ignore_token)$" %]
+    <input type="hidden" name="ignore_token" value="[% bugid FILTER html %]">
+    <input type="submit" value="File [% terms.bug %] again">
+  </form>
+[% END %]
+
+[% PROCESS global/footer.html.tmpl %]
diff --git a/template/en/default/bug/create/create-guided.html.tmpl b/template/en/default/bug/create/create-guided.html.tmpl
index 1e41c07ef..fc15e5ce5 100644
--- a/template/en/default/bug/create/create-guided.html.tmpl
+++ b/template/en/default/bug/create/create-guided.html.tmpl
@@ -185,6 +185,7 @@ function PutDescription() {
          value="[% default.priority FILTER html %]">
   <input type="hidden" name="version"
          value="[% default.version FILTER html %]">
+  <input type="hidden" name="token" value="[% token FILTER html %]">
 
 <table valign="top" cellpadding="5" cellspacing="5" border="0">
 
diff --git a/template/en/default/bug/create/create.html.tmpl b/template/en/default/bug/create/create.html.tmpl
index ca400d31c..eddb8bc68 100644
--- a/template/en/default/bug/create/create.html.tmpl
+++ b/template/en/default/bug/create/create.html.tmpl
@@ -94,6 +94,7 @@ function set_assign_to() {
 
 <form name="Create" id="Create" method="post" action="post_bug.cgi">
 <input type="hidden" name="product" value="[% product FILTER html %]">
+<input type="hidden" name="token" value="[% token FILTER html %]">
 
 <table cellspacing="2" cellpadding="0" border="0">