Switch the 'modify' code of admin/field.php to use templates

[bugdar.git] / viewattachment.php

diff --git a/viewattachment.php b/viewattachment.php
index 4307fe888ba9e03a3d74fab88995108f32466b7d..3bfda9f1b67f0778e3821d8fdae5c1260f1ae4d2 100755 (executable)
--- a/viewattachment.php
+++ b/viewattachment.php
@@ -1,12 +1,12 @@
 <?php
 /*=====================================================================*\
 || ###################################################################
-|| # Bugdar [#]version[#]
-|| # Copyright ©2002-[#]year[#] Iris Studios, Inc.
+|| # Bugdar
+|| # Copyright (c)2004-2009 Blue Static
 || #
 || # This program is free software; you can redistribute it and/or modify
 || # it under the terms of the GNU General Public License as published by
-|| # the Free Software Foundation; version [#]gpl[#] of the License.
+|| # the Free Software Foundation; version 2 of the License.
 || #
 || # This program is distributed in the hope that it will be useful, but
 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
@@ -21,33 +21,33 @@
 
 ob_start();
 
-define('SVN', '$Id$');
 
 $focus['showreport'] = 'focus';
 
 require_once('./global.php');
 
-$attachment = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "attachment WHERE attachmentid = " . intval($bugsys->in['attachmentid']));
+$attachment = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "attachment WHERE attachmentid = " . $input->inputClean('attachmentid', TYPE_UINT));
 if (!$attachment)
 {
-       $message->error($lang->getlex('error_invalid_id'));
+       $message->error(L_INVALID_ID);
 }
 
-$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $attachment[bugid]");
-if (($bug['hidden'] AND !can_perform('canviewhidden', $bug['productid'])) OR !can_perform('canviewbugs', $bug['productid']))
+$bug = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $attachment[bugid]");
+if (!check_bug_permissions($bug))
 {
-       $message->error_permission();
+       $message->errorPermission();
 }
 
-if (!can_perform('cangetattach', $bug['productid']))
+if (!can_perform('cangetattach', $bug['product']))
 {
-       $message->error_permission();
+       $message->errorPermission();
 }
 
 ob_clean();
 ob_end_clean();
-       
-if ($funct->fetch_extension($attachment['filename']) != 'txt')
+
+// only allow certain images to be displayed inline because all other types are a potential XSS issue waiting to happen
+if (in_array(strtolower(BSFunctions::fetch_extension($attachment['filename'])), array('jpg', 'jpeg', 'png', 'gif')))
 {
        header("Content-Disposition: inline; filename=$attachment[filename]");
        header("Content-transfer-encoding: binary");
@@ -61,10 +61,4 @@ header("Content-Type: $attachment[mimetype]");
 
 print($attachment['attachment']);
 
-/*=====================================================================*\
-|| ###################################################################
-|| # $HeadURL$
-|| # $Id$
-|| ###################################################################
-\*=====================================================================*/
 ?>
\ No newline at end of file