diff options
author | jake%acutex.net <> | 2001-06-07 03:36:25 +0200 |
---|---|---|
committer | jake%acutex.net <> | 2001-06-07 03:36:25 +0200 |
commit | ce9c76ebbd1a699ce89cdead5f7ba427b62d9844 (patch) | |
tree | 764df019db99019aa24edfc2c20f8962e2f91145 | |
parent | d0f18b8747f261fa2ff5229735ee96b6d06dc745 (diff) | |
download | bugzilla-ce9c76ebbd1a699ce89cdead5f7ba427b62d9844.tar.gz bugzilla-ce9c76ebbd1a699ce89cdead5f7ba427b62d9844.tar.xz |
Users should only be able to view attachments if they can view the bug that the file is attached to (bug 70189)
r=tara
-rwxr-xr-x | showattachment.cgi | 26 |
1 files changed, 17 insertions, 9 deletions
diff --git a/showattachment.cgi b/showattachment.cgi index 22cfa9087..ae81117e5 100755 --- a/showattachment.cgi +++ b/showattachment.cgi @@ -19,6 +19,7 @@ # Rights Reserved. # # Contributor(s): Terry Weissman <terry@mozilla.org> +# Jacob Steenhagen <jake@acutex.net> use diagnostics; use strict; @@ -27,17 +28,24 @@ require "CGI.pl"; ConnectToDatabase(); -my @row; -if (defined $::FORM{'attach_id'}) { - SendSQL("select mimetype, thedata from attachments where attach_id =".SqlQuote($::FORM{'attach_id'})); - @row = FetchSQLData(); +quietly_check_login(); + +if ($::FORM{attach_id} !~ /^[1-9][0-9]*$/) { + DisplayError("Attachment ID should be numeric."); + exit; } -if (!@row) { - print "Content-type: text/html\n\n"; - PutHeader("Bad ID"); - print "Please hit back and try again.\n"; + +SendSQL("select bug_id, mimetype, thedata from attachments where attach_id = $::FORM{'attach_id'}"); +my ($bug_id, $mimetype, $thedata) = FetchSQLData(); + +if (!$bug_id) { + DisplayError("Attachment $::FORM{attach_id} does not exist."); exit; } -print qq{Content-type: $row[0]\n\n$row[1]}; + +# Make sure the user can see the bug to which this file is attached +ValidateBugID($bug_id); + +print qq{Content-type: $mimetype\n\n$thedata}; |