diff options
| author |   lpsolit%gmail.com <> | 2005-10-19 00:48:07 +0000 |
|---|---|---|
| committer | lpsolit%gmail.com <> | 2005-10-19 00:48:07 +0000 |
| commit | ed68872c4207f4b879fcdbfc15b38a7085a3c03b (patch) | |
| tree | 2d48b1333e4ea6efe752368439da61d7e7e9d7a9 /attachment.cgi | |
| parent | Bug 305807: Fix some incorrect template filtering types - Patch by GavinS <bu... (diff) | |
| download | bugzilla-ed68872c4207f4b879fcdbfc15b38a7085a3c03b.tar.gz bugzilla-ed68872c4207f4b879fcdbfc15b38a7085a3c03b.tar.bz2 bugzilla-ed68872c4207f4b879fcdbfc15b38a7085a3c03b.zip | |
Bug 302936: Reject the requestee if he cannot access private attachments - Patch by Frédéric Buclin <LpSolit@gmail.com> r=jouni a=justdave
Diffstat (limited to 'attachment.cgi')
| -rwxr-xr-x | attachment.cgi | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/attachment.cgi b/attachment.cgi index e4cbe8eed..f87f378d5 100755 --- a/attachment.cgi +++ b/attachment.cgi @@ -913,11 +913,11 @@ sub insert $vars->{'message'} = 'user_match_multiple'; } - # Flag::validate() should not detect any reference to existing - # flags when creating a new attachment. Setting the third param - # to -1 will force this function to check this point. + # FlagType::validate() and Flag::validate() should not detect + # any reference to existing flags when creating a new attachment. + # Setting the third param to -1 will force this function to check this point. Bugzilla::Flag::validate($cgi, $bugid, -1); - Bugzilla::FlagType::validate($cgi, $bugid); + Bugzilla::FlagType::validate($cgi, $bugid, -1); # Escape characters in strings that will be used in SQL statements. my $sql_filename = SqlQuote($filename); |