From 8d67e86a56de870d2a76f0bc5d0dfa53af664a73 Mon Sep 17 00:00:00 2001 From: "lpsolit%gmail.com" <> Date: Wed, 19 Oct 2005 00:45:47 +0000 Subject: Bug 302936: Reject the requestee if he cannot access private attachments - Patch by Frédéric Buclin r=jouni a=justdave MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- attachment.cgi | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'attachment.cgi') diff --git a/attachment.cgi b/attachment.cgi index 6670e6325..3aa1a68d6 100755 --- a/attachment.cgi +++ b/attachment.cgi @@ -937,11 +937,11 @@ sub insert $vars->{'message'} = 'user_match_multiple'; } - # Flag::validate() should not detect any reference to existing - # flags when creating a new attachment. Setting the third param - # to -1 will force this function to check this point. + # FlagType::validate() and Flag::validate() should not detect + # any reference to existing flags when creating a new attachment. + # Setting the third param to -1 will force this function to check this point. Bugzilla::Flag::validate($cgi, $bugid, -1); - Bugzilla::FlagType::validate($cgi, $bugid); + Bugzilla::FlagType::validate($cgi, $bugid, -1); # Escape characters in strings that will be used in SQL statements. my $sql_filename = SqlQuote($filename); -- cgit v1.2.3-24-g4f1b