<?php
/*=====================================================================*\
-|| ################################################################### ||
-|| # Bugdar [#]version[#]
-|| # --------------------------------------------------------------- # ||
-|| # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
-|| # This file may not be reproduced in any way without permission. # ||
-|| # --------------------------------------------------------------- # ||
-|| # User License Agreement at http://www.iris-studios.com/license/ # ||
-|| ################################################################### ||
+|| ###################################################################
+|| # Bugdar
+|| # Copyright (c)2004-2009 Blue Static
+|| #
+|| # This program is free software; you can redistribute it and/or modify
+|| # it under the terms of the GNU General Public License as published by
+|| # the Free Software Foundation; version 2 of the License.
+|| #
+|| # This program is distributed in the hope that it will be useful, but
+|| # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+|| # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+|| # more details.
+|| #
+|| # You should have received a copy of the GNU General Public License along
+|| # with this program; if not, write to the Free Software Foundation, Inc.,
+|| # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+|| ###################################################################
\*=====================================================================*/
ob_start();
-define('SVN', '$Id$');
$focus['showreport'] = 'focus';
require_once('./global.php');
-$attachment = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "attachment WHERE attachmentid = " . intval($bugsys->in['attachmentid']));
+$attachment = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "attachment WHERE attachmentid = " . $input->inputClean('attachmentid', TYPE_UINT));
if (!$attachment)
{
- $message->error($lang->getlex('error_invalid_id'));
+ $message->error(L_INVALID_ID);
}
-$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $attachment[bugid]");
-if (($bug['hidden'] AND !can_perform('canviewhidden', $bug['productid'])) OR !can_perform('canviewbugs', $bug['productid']))
+$bug = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $attachment[bugid]");
+if (!check_bug_permissions($bug))
{
- $message->error_permission();
+ $message->errorPermission();
}
-if (!can_perform('cangetattach', $bug['productid']))
+if (!can_perform('cangetattach', $bug['product']))
{
- $message->error_permission();
+ $message->errorPermission();
}
ob_clean();
ob_end_clean();
-
-if ($funct->fetch_extension($attachment['filename']) != 'txt')
+
+// only allow certain images to be displayed inline because all other types are a potential XSS issue waiting to happen
+if (in_array(strtolower(BSFunctions::fetch_extension($attachment['filename'])), array('jpg', 'jpeg', 'png', 'gif')))
{
header("Content-Disposition: inline; filename=$attachment[filename]");
header("Content-transfer-encoding: binary");
print($attachment['attachment']);
-/*=====================================================================*\
-|| ###################################################################
-|| # $HeadURL$
-|| # $Id$
-|| ###################################################################
-\*=====================================================================*/
?>
\ No newline at end of file
https://src.bluestatic.org / bugdar.git / blobdiff