diff options
Diffstat (limited to 'createattachment.cgi')
| -rwxr-xr-x | createattachment.cgi | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/createattachment.cgi b/createattachment.cgi index 619abbd26..d665e4498 100755 --- a/createattachment.cgi +++ b/createattachment.cgi @@ -84,8 +84,9 @@ What kind of file is this? if ($mimetype eq "other") { $mimetype = $::FORM{'othertype'}; } - if ($mimetype !~ m@^(\w|-|\+|\.)+/(\w|-|\+|\.)+$@) { - PuntTryAgain("You must select a legal mime type. '<tt>$mimetype</tt>' simply will not do."); + if ($mimetype !~ m@^(\w|-|\+|\.)+/(\w|-|\+|\.)+(;.*)?$@) { + PuntTryAgain("You must select a legal mime type. '<tt>" . + html_quote($mimetype) . "</tt>' simply will not do."); } SendSQL("insert into attachments (bug_id, filename, description, mimetype, ispatch, submitter_id, thedata) values ($id," . SqlQuote($::FILENAME{'data'}) . ", " . SqlQuote($desc) . ", " . |