From 18e93f46330e29c0dd8defc196c026adbed50c2f Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Sat, 14 May 2005 00:52:39 +0000 Subject: [PATCH] r123: Attachment viewing code has been moved to viewattachment.php so we don't get it confuzzeled with the insert/update/kill code. --- attachment.php | 45 ++--------------- templates/default/showreport_attachment.tpl | 2 +- viewattachment.php | 53 +++++++++++++++++++++ 3 files changed, 58 insertions(+), 42 deletions(-) create mode 100755 viewattachment.php diff --git a/attachment.php b/attachment.php index d5539db..a4f6c22 100755 --- a/attachment.php +++ b/attachment.php @@ -29,20 +29,11 @@ if (isset($bugsys->in['attachmentid'])) } } -// ################################################################### - -if (empty($_REQUEST['do'])) -{ - $_REQUEST['do'] = 'modify'; -} -else +$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . intval($bugsys->in['bugid'])); +if (!$bug) { - $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . intval($bugsys->in['bugid'])); - if (!$bug) - { - echo 'alert: bad bug'; - exit; - } + echo 'alert: bad bug'; + exit; } // ################################################################### @@ -187,34 +178,6 @@ if ($_REQUEST['do'] == 'edit') // display form to edit item } -// ################################################################### - -if ($_REQUEST['do'] == 'modify') -{ - if (!can_perform('cangetattach')) - { - echo 'alert: no permission'; - exit; - } - - ob_clean(); - ob_end_clean(); - - if ($funct->fetch_extension($attachment['filename']) != 'txt') - { - header("Content-Disposition: inline; filename=$attachment[filename]"); - header("Content-transfer-encoding: binary"); - } - else - { - header("Content-Disposition: attachment; filename=$attachment[filename]"); - } - header("Content-Length: " . strlen($attachment['attachment'])); - header("Content-Type: $attachment[mimetype]"); - - print($attachment['attachment']); -} - /*=====================================================================*\ || ################################################################### || # $HeadURL$ diff --git a/templates/default/showreport_attachment.tpl b/templates/default/showreport_attachment.tpl index 83596a4..77473d0 100644 --- a/templates/default/showreport_attachment.tpl +++ b/templates/default/showreport_attachment.tpl @@ -1,6 +1,6 @@ - style="text-decoration: line-through">$attachment[filename] posted by $attachment[user] ($attachment[date]) + style="text-decoration: line-through">$attachment[filename] posted by $attachment[user] ($attachment[date])
$attachment[description]
\ No newline at end of file diff --git a/viewattachment.php b/viewattachment.php new file mode 100755 index 0000000..ffac1df --- /dev/null +++ b/viewattachment.php @@ -0,0 +1,53 @@ +query_first("SELECT * FROM " . TABLE_PREFIX . "attachment WHERE attachmentid = " . intval($bugsys->in['attachmentid'])); +if (!$attachment) +{ + echo 'alert: bad attachment'; + exit; +} + +if (!can_perform('cangetattach')) +{ + echo 'alert: no permission'; + exit; +} + +ob_clean(); +ob_end_clean(); + +if ($funct->fetch_extension($attachment['filename']) != 'txt') +{ + header("Content-Disposition: inline; filename=$attachment[filename]"); + header("Content-transfer-encoding: binary"); +} +else +{ + header("Content-Disposition: attachment; filename=$attachment[filename]"); +} +header("Content-Length: " . strlen($attachment['attachment'])); +header("Content-Type: $attachment[mimetype]"); + +print($attachment['attachment']); + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file -- 2.43.5