From cf9b4ba2e757925eeb18bb63411ae30c8600c643 Mon Sep 17 00:00:00 2001 From: "justdave%syndicomm.com" <> Date: Sat, 21 Sep 2002 23:57:07 +0000 Subject: Fix for bug 63601: Recommend filename when downloading attachments (except in IE4, which chokes on the Content-Disposition header) Patch by Daniel Raichle and Dave Miller r= bbaetz, gerv --- attachment.cgi | 39 ++++++++++++++++++++++++++++++--------- 1 file changed, 30 insertions(+), 9 deletions(-) (limited to 'attachment.cgi') diff --git a/attachment.cgi b/attachment.cgi index fcbe86a78..3b29a321e 100755 --- a/attachment.cgi +++ b/attachment.cgi @@ -20,6 +20,8 @@ # # Contributor(s): Terry Weissman # Myk Melez +# Daniel Raichle +# Dave Miller ################################################################################ # Script Initialization @@ -338,13 +340,23 @@ sub view # Display an attachment. # Retrieve the attachment content and its content type from the database. - SendSQL("SELECT mimetype, thedata FROM attachments WHERE attach_id = $::FORM{'id'}"); - my ($contenttype, $thedata) = FetchSQLData(); + SendSQL("SELECT mimetype, filename, thedata FROM attachments WHERE attach_id = $::FORM{'id'}"); + my ($contenttype, $filename, $thedata) = FetchSQLData(); + + # Determine if the browser supports the Content-Disposition header or not + my $usedisposition = 1; # assume yes, unless we discover otherwise + if ($::ENV{HTTP_USER_AGENT} =~ /^Mozilla.*MSIE (\d+)/) { + if ($1 < 5) { $usedisposition = 0; } # MSIE < 5.0 chokes on it + } # Return the appropriate HTTP response headers. - print "Content-Type: $contenttype\n\n"; + $filename =~ s/^.*[\/\\]//; + my $filesize = length($thedata); + print qq{Content-Type: $contenttype; name="$filename"\n}; + print qq{Content-Disposition: attachment; filename=$filename\n} if $usedisposition; + print qq{Content-Length: $filesize\n}; + print qq{\n$thedata}; - print $thedata; } @@ -529,9 +541,9 @@ sub edit # Users cannot edit the content of the attachment itself. # Retrieve the attachment from the database. - SendSQL("SELECT description, mimetype, bug_id, ispatch, isobsolete, isprivate + SendSQL("SELECT description, mimetype, filename, bug_id, ispatch, isobsolete, isprivate FROM attachments WHERE attach_id = $::FORM{'id'}"); - my ($description, $contenttype, $bugid, $ispatch, $isobsolete, $isprivate) = FetchSQLData(); + my ($description, $contenttype, $filename, $bugid, $ispatch, $isobsolete, $isprivate) = FetchSQLData(); # Flag attachment as to whether or not it can be viewed (as opposed to # being downloaded). Currently I decide it is viewable if its content @@ -577,6 +589,7 @@ sub edit $vars->{'attachid'} = $::FORM{'id'}; $vars->{'description'} = $description; $vars->{'contenttype'} = $contenttype; + $vars->{'filename'} = $filename; $vars->{'bugid'} = $bugid; $vars->{'bugsummary'} = $bugsummary; $vars->{'ispatch'} = $ispatch; @@ -614,10 +627,10 @@ sub update attachstatusdefs READ , fielddefs READ , bugs_activity WRITE"); # Get a copy of the attachment record before we make changes # so we can record those changes in the activity table. - SendSQL("SELECT description, mimetype, ispatch, isobsolete, isprivate + SendSQL("SELECT description, mimetype, filename, ispatch, isobsolete, isprivate FROM attachments WHERE attach_id = $::FORM{'id'}"); - my ($olddescription, $oldcontenttype, $oldispatch, $oldisobsolete, - $oldisprivate ) = FetchSQLData(); + my ($olddescription, $oldcontenttype, $oldfilename, $oldispatch, + $oldisobsolete, $oldisprivate) = FetchSQLData(); # Get the list of old status flags. SendSQL("SELECT attachstatusdefs.name @@ -657,12 +670,14 @@ sub update # Quote the description and content type for use in the SQL UPDATE statement. my $quoteddescription = SqlQuote($::FORM{'description'}); my $quotedcontenttype = SqlQuote($::FORM{'contenttype'}); + my $quotedfilename = SqlQuote($::FORM{'filename'}); # Update the attachment record in the database. # Sets the creation timestamp to itself to avoid it being updated automatically. SendSQL("UPDATE attachments SET description = $quoteddescription , mimetype = $quotedcontenttype , + filename = $quotedfilename , ispatch = $::FORM{'ispatch'} , isobsolete = $::FORM{'isobsolete'} , isprivate = $::FORM{'isprivate'} @@ -682,6 +697,12 @@ sub update SendSQL("INSERT INTO bugs_activity (bug_id, attach_id, who, bug_when, fieldid, removed, added) VALUES ($bugid, $::FORM{'id'}, $::userid, NOW(), $fieldid, $quotedoldcontenttype, $quotedcontenttype)"); } + if ($oldfilename ne $::FORM{'filename'}) { + my $quotedoldfilename = SqlQuote($oldfilename); + my $fieldid = GetFieldID('attachments.filename'); + SendSQL("INSERT INTO bugs_activity (bug_id, attach_id, who, bug_when, fieldid, removed, added) + VALUES ($bugid, $::FORM{'id'}, $::userid, NOW(), $fieldid, $quotedoldfilename, $quotedfilename)"); + } if ($oldispatch ne $::FORM{'ispatch'}) { my $fieldid = GetFieldID('attachments.ispatch'); SendSQL("INSERT INTO bugs_activity (bug_id, attach_id, who, bug_when, fieldid, removed, added) -- cgit v1.2.3-24-g4f1b