From 0514605a98956216ded50969c26b2d78dcf2e260 Mon Sep 17 00:00:00 2001
From: "gerv%gerv.net" <>
Date: Fri, 19 Oct 2001 04:28:06 +0000
Subject: Bug 60818 - make Bugzilla cope with MIME types with parameters. Patch
by gerv, r=myk.
---
bug_form.pl | 1 +
createattachment.cgi | 5 +++--
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/bug_form.pl b/bug_form.pl
index 5938f3aea..d3311fee5 100644
--- a/bug_form.pl
+++ b/bug_form.pl
@@ -299,6 +299,7 @@ if (Param('useattachmenttracker')) {
}
my $link = "showattachment.cgi?attach_id=$attachid";
$desc = value_quote($desc);
+ $mimetype = html_quote($mimetype);
print qq{
$date | $desc ($mimetype) | | };
}
print "Create a new attachment (proposed patch, testcase, etc.) |
\n";
diff --git a/createattachment.cgi b/createattachment.cgi
index 619abbd26..d665e4498 100755
--- a/createattachment.cgi
+++ b/createattachment.cgi
@@ -84,8 +84,9 @@ What kind of file is this?
if ($mimetype eq "other") {
$mimetype = $::FORM{'othertype'};
}
- if ($mimetype !~ m@^(\w|-|\+|\.)+/(\w|-|\+|\.)+$@) {
- PuntTryAgain("You must select a legal mime type. '$mimetype' simply will not do.");
+ if ($mimetype !~ m@^(\w|-|\+|\.)+/(\w|-|\+|\.)+(;.*)?$@) {
+ PuntTryAgain("You must select a legal mime type. '" .
+ html_quote($mimetype) . "' simply will not do.");
}
SendSQL("insert into attachments (bug_id, filename, description, mimetype, ispatch, submitter_id, thedata) values ($id," .
SqlQuote($::FILENAME{'data'}) . ", " . SqlQuote($desc) . ", " .
--
cgit v1.2.3-24-g4f1b