From 8d67e86a56de870d2a76f0bc5d0dfa53af664a73 Mon Sep 17 00:00:00 2001
From: "lpsolit%gmail.com" <>
Date: Wed, 19 Oct 2005 00:45:47 +0000
Subject: Bug 302936: Reject the requestee if he cannot access private
 attachments - Patch by Frédéric Buclin <LpSolit@gmail.com> r=jouni a=justdave
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 attachment.cgi | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'attachment.cgi')

diff --git a/attachment.cgi b/attachment.cgi
index 6670e6325..3aa1a68d6 100755
--- a/attachment.cgi
+++ b/attachment.cgi
@@ -937,11 +937,11 @@ sub insert
         $vars->{'message'} = 'user_match_multiple';
     }
 
-    # Flag::validate() should not detect any reference to existing
-    # flags when creating a new attachment. Setting the third param
-    # to -1 will force this function to check this point.
+    # FlagType::validate() and Flag::validate() should not detect
+    # any reference to existing flags when creating a new attachment.
+    # Setting the third param to -1 will force this function to check this point.
     Bugzilla::Flag::validate($cgi, $bugid, -1);
-    Bugzilla::FlagType::validate($cgi, $bugid);
+    Bugzilla::FlagType::validate($cgi, $bugid, -1);
 
     # Escape characters in strings that will be used in SQL statements.
     my $sql_filename = SqlQuote($filename);
-- 
cgit v1.2.3-24-g4f1b